SierraConnect: Reflections from RSA Conference 2018

by Mark Fernandes

SIERRA VENTURES PERSPECTIVE – Mark Fernandes

Cybersecurity continues to be among the hottest topics in venture capital and the RSA Conference in San Francisco remains the feeding frenzy center of that world. The conference in April attracts the leading companies in the space (and then some). The signal-to-noise ratio is extremely low and is in stark contrast to my first show in 2002, when I ran into Marty Roesch, the founder of Sourcefire, literally walking the halls of Moscone. We were lucky to see the opportunity and be the first investor on his journey to an IPO and a $2.7B acquisition by Cisco. But coming back to 2018, we spent two days fighting the throngs of people trying to sift through the key themes and interesting companies. Here are my summary thoughts on what’s hot (does not include anything with the initials ML / AI / DL) and what’s not…

HOPE:

Security automation – There’s an increasing realization that automation is the only way to address the security skills gap. Gartner analyst Lawrence Pingree “In the past, security professionals have been fearful and skeptical of automation. This, however, is changing, because organizations are acknowledging that a human response cannot react fast enough, which is compounded by the fact that there are not enough security practitioners in end-user organizations to perform manual human responses to threats.”

Data privacy – GDPR is climbing to the top of enterprise priorities, but much of the buzz fails to capture even a fraction of the technical challenges ahead. In essence, much of it comes down to one fundamental problem: GDPR respects no silos, yet the world’s data architecture is overwhelmingly silo-based. To solve such issues, some large organizations are leveraging unified information governance functions on an enterprise scale.

Cloud security – While adoption of cloud computing continues to surge, security concerns are showing no signs of abating. 90% of cybersecurity professionals are concerned about cloud security, up 11% from last year’s cloud security survey. They are also struggling with visibility into cloud infrastructure security (43%), compliance (38%) and consistent security policies across cloud and on-premises environments (35%). And that’s before multi-cloud has even hit us!

HYPE (*in April 2018):

IoT – According to a Gartner survey, nearly one-fifth of organizations have observed at least one IoT-based attack in the past three years. Accordingly, worldwide spending on IoT security will reach $1.5 billion in 2018, the firm said. Ok, let’s put it in perspective… that’s less than 1% of the overall spend.

Blockchain – We believe that Blockchain technology can help eliminate the human factor from authentication and allow for decentralized storage and traceability. Start-ups will (note the tense) help secure data in private messaging, business and within popular user websites and applications in initial use cases.

As a sidebar, and for those curious about the VC world, we ran a quick analysis… The RSA Innovation Sandbox is a contest that picks the most promising early stage security companies at the show. We sorted through the finalists and listed the top 8 financed companies. $1.4B invested, no exits (yet).

Company Name Contest Year Funding Total
Skybox Security (Israel/US) 2005 $279,754,000
SumoLogic (US) 2012 $230,000,000
Cybereason 2015 $188,600,000
Cylance 2014 $177,000,000
Silent Circle 2013 $130,000,000
Pindrop Security (US) 2012 $122,799,996
Vectra Networks 2015 $122,540,000
Bromium 2013 $115,800,000

ENTREPRENEUR PERSPECTIVE – Varun Badhwar

This year at RSA Conference, we mostly stayed clear of the expos halls and focused on 1 on 1 meetings with security leaders of all different types of industries. The 3 key trends we noticed were related to 1) multi-cloud adoption becoming more and more of a reality 2) security leaders are getting serious AI / ML fatigue from vendors 3) security orchestration and automation within the SOC is becoming top of mind. Will break down all of these in more detail below.

Takeaway #1: Multi-cloud Adoption is Very Real

Multi-cloud is defined as having 2 or more public cloud providers. This is a very real and growing trend from the conversations we had on-site as RedLock works to identify and mitigate threats within these types of environments both within the F1000 and SMB business archetypes. For example, 8 out of the 10 prospects/customers we had the opportunity to interact with have more than one IaaS/PaaS cloud platform. One of those platforms still typically is 70-80% of the total cloud adoption.

Enterprises also seem to now take the approach whereby they determine which applications move to which platform based on merits of the platform, and the app specific needs. For example, Google’s wedge has been big-data analytics use cases.

Takeaway #2: Security Leaders are Getting AI / ML Fatigue

Unfortunately with a 1000+ security vendors sponsoring RSA, many of whom go back year after year, the marketing teams are constantly challenged to figure out how they’re different this year, and how they’re different from competitors. As a result, there’s a tendency to pick on the latest buzz words in industry and apply it in the context of security. This year the overwhelming buzz words centered around AI and ML. From the conversations I had with security leaders while there, it seemed that the majority of the booths they visited claimed to feature these capabilities at some level, which is something we were mindful of when having conversations and focusing on real use cases for what we are trying to solve.

Gartner analyst, Anton Chuvakin, however had a slightly different viewpoint from his blog post recapping the conference, "My #1 fear for RSA was that AI will stare at me from every booth, and it didn't happen. Hurrah! Machine Learning and AI were visible, but not overvwhelming."

Takeaway #3: Security Orchestration and Automation within SOC is Top of Mind

As we move to a world where we're seeing threat volumes and endpoints grow exponentially, SOCs are unable to keep up with the volume. Security leaders are now leveraging automation and orchestration tools to ensure their teams are able to process all the information, and tackle the serious threats. The large vendors are recognizing this as evidenced by Splunk acquiring Phantom Cyber for $350M.

Redlock enables effective cloud threat defense across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud environments as well as ensures compliance and enables security operations. The RedLock Cloud 360 platform uses a new AI-driven approach that provides a unified view of risks across fragmented cloud environments. https://redlock.io/

« All Posts