Later than Hay: Incite's RSA 2009 Wrap-Up

Andrew Hay thought he'd be the last to post a wrap-up of RSA. How wrong you are my friend? There is no boundary to the lameness originating at Incite HQ nowadays. But enough of the self-inflicted beatdowns. Personally RSA was great this year. It's always great to see so many old friends, make some new ones and basically plug back into the security collective after spending lots of time in the wilderness over the past 6 months.

But that isn't really the right point to make. What were my general impressions of the big show this year? It gets back to the point that perception is reality. Always has been, always will be.

It's been entertaining to see what the pundits have been saying about this years RSA. Ahead of the show I made a statement about the show being indicative of the strength of the industry (link). Well I don't have much more clarity 3 weeks later, which is pretty indicative of the state of the industry. A few guys like Oltsik were largely pretty negative. Ogren and Stiennon were positive. And Pescatore (Post 1, Post 2) was right in the middle.

Me? I'm not as dour as Oltsik, but less optimistic than Pescatore. And Stiennon enjoyed too much of that vendor happy juice. Way too much. He's as excited as a 15 year old girl at a Jonas Brothers concert, which is horrifying.

Here were a few things of note that I noticed:

• Since when is authentication cool? There were a lot of new vendors showing multi-factor authentication. I kind of figured I stepped into a time machine.
• Less attendance is not a good thing. I saw a bunch of folks rationalizing the crappy attendance by saying there were fewer t-shirt hunters and more "buyers". Meh. We had our share of decent conversations, and our booth was packed for most of the show. But it's not like in past years, no amount of happy juice can get you there.
• Compliance is just there. In past years, we saw everyone talking up their compliance capabilities. I didn't get the impression that was a key theme this year. It probably has to do with the fact that EVERYONE says it, so it's as good as no one saying it.
• The death of TLA. That's right the three-letter acronym seems to be dead. Very little about DLP and NAC. Not too much on GRC also (since no one knows what the hell it means, it's a good thing). PKI? No where to be found. Thankfully SIEM is a four letter acronym, eh?
• New UTM vendors. WHAT? I saw a few new companies hawking UTM like devices. Wow. Good luck with that.
• Everything as a service. Yes, much of the conversation was around SaaS and the nebulous cloud. I have a lot to say about that, but it'll wait until later this week.

But most of all, I heard data points on both sides of the industry health discussion. If you wanted to hear happy thoughts, someone would tell you a happy thought. If you wanted to hear about the end of civilization, more than a few Chicken Little's were in the house.

The thing that I was most aware of was the underlying fear. Most of the folks I talked to thought things were getting better. But they weren't really sure. It was kind of like they were trying to convince themselves things were getting better. And if they clicked their heels together 3 times, they'd be taken back home. I've long said that optimism is good, but that doesn't mean it's justified or real.

Folks on the user side weren't sure if their projects were going to be funded, or if they'd even have a job when they got back. Not all of them, but a lot of them still were operating under a cloud of uncertainty. The vendors put on their happy faces and talked about how the 2nd half of the year looked strong. Of course, looking strong and being strong are totally different things, now aren't they?

Personally, I think the strong will be stronger and the one's that suck will suck more. Darwin is at work here. Some companies are announcing strong results and clearly taking share (see McAfee). Others, not so much (see SonicWall). The business environment is clearly accelerating the strengthening and weakening of many companies.

Even if we've hit the bottom from a macro standpoint (which a lot of folks are saying now), it makes me think we've still got some bumpiness ahead. For whatever that's worth.