RSA Week: What to expect

A quick post before I get on with the festivities of Super Bowl Sunday. I do have to admit I'm pulling for the Colts (sorry all of my friends in Chi-town). It would be great to see Tony Dungy win the big one, and I think Peyton's time has come to enter the halls of the elite QBs of all time. But most of all I hope to see a fun, entertaining game and that the Gods of Heartburn don't come to visit after all the wings, pizza and beer I plan to shove down my gullet.

Tomorrow AM, I'm off to see the wonderful wizard of the RSA conference. So what should you expect to see? Here are a few thoughts. You can also check out Amrit's thinking here, which is pretty consistent with my own.

1. NAC - Network access control will be everywhere. For those vendors that don't have a strategy, they will by the end of next week. Everyone will be buddying up to Microsoft as well. All of this will make life much more confusing for folks trying to figure out which end is up.
   
   
2. Consumer - I think we will see a lot of noise about securing the consumers at this year's show. Whether it's phishing defense or dealing with bots or just the evolution of products that were formerly known as AV - the consumer is the next frontier for Big Security.
   
   
3. Data protection - I'm right here with Amrit on this one. There will be a lot of noise about back-end and data center security. I tend to all this "information security," and given all the privacy breaches - this will be big news. This is last year's NAC. By that I mean, we will hear a lot about it, but very few solutions. The noise will be deafening at the 2008 RSA show, and maybe we'll have something to buy by 2009.
   
   
4. PCI - The new new thing in compliance is PCI. A close second will be FFIEC, but that feels like old news. So all of those folks that were flogging the HIPAA and GLBA horses three years ago, and SarBox for the last two years - have a new love now. And its name is PCI. Of course, there is no product you can buy for PCI compliance, but that won't stop every vendor from saying their stuff is the silver bullet. Don't you just love RSA?!?!?
   
   
5. Risk Management - This year's catch-all category will be risk management. It's not clear what it means, but many vendors will be talking about it. They figure there is now some poor sap with the "risk" word in their title, thus they need to have a story and product around it. And folks like McAfee want to have their cake and eat it too, so they call what they do "security risk management," just to make sure they can appeal to anyone in any organization.
   

I'm not sure of much, but I'm sure the 1st day keynotes (Bill Gates, Art Coviello and John Thompson) will disappoint. None are very compelling speakers (where is John Chambers when you need him) and unless all of the above announce big deals - the big speeches will be ho-hum.

I also know that most end users that go to the show will leave more confused they they came. That's just the nature of the beast in a market where everyone sounds the same and you have 800 companies (over 300 will be at the conference) chasing after the same customers.

I'll do another post about where to see me at the show, and since I'll be in the air tomorrow (and it's Super Bowl Sunday) - there will be no Incite tomorrow. But I'll be back on Tuesday with a vengeance and I'll also provide my thoughts on the keynotes at some point on Tuesday as well.