RSA Conference US 2019 – Wrap up

Contributed by Research Director’s Scott Crawford and Dan Kennedy

In case you missed it, the annual RSA Conference US – one of information security’s premier showcases – was held earlier this month in San Francisco. As per usual, our Info Security team was on site alongside the other 42,500 attendees.

Innovation was prominently highlighted at RSAC with the annual Innovation Sandbox startup competition. Analyst Pat Daly said the following about the competition, “At the startup end of the spectrum, the top two finalists at this year's Innovation Sandbox, Axonius and Duality Technologies, couldn't have been more different. Whereas Duality claims to have discovered the holy grail by solving the scale and performance issues of homomorphic encryption, Axonius focuses on the somewhat less glamorous problem of asset management by aggregating information from across an enterprise's IT and security architecture to generate an up-to-date asset inventory. It is very telling that, between these two vendors, it was the long-standing problem solved by Axonius that won out against Duality's shiny new offering. While the security industry is constantly looking ahead to the next disruptive technology, whether it is containers, serverless computing, IoT, zero-trust or (in this case) homomorphic encryption, the results of the sandbox show that there is still definite value to be created in solving difficult problems that have nagged at enterprises for decades.”

Despite RSAC’s continued focus on innovation, the sense we picked up from attendees on the show floor was a lot of 'more of the same.' While we find this a bit discouraging – given the increasingly critical role security needs to play in the growing penetration of digital transformation – there were some noteworthy exceptions. It may surprise some that a couple of these weren't the moves of startups, but of strategic vendors introducing a new sort of disruption to the market.

We see these disruptions as examples of an even larger trend, which was the central theme at the (well-attended) annual 451 Research RSA Conference breakfast: the 'innovator's dilemma' and how it threatens existing players in infosec. These players face a direct challenge, not from other vendors of stand-alone products in markets segmented from the rest of IT, but from the cloud hyperscalers and innovators about how IT is developed, deployed and run. These disruptors are redefining the very nature of technology and are incorporating security more directly into concepts from 'GitOps' to cloud-native techniques. This leaves many of security's incumbents facing a daunting choice: continue to cultivate what has succeeded up to now, at the risk being left behind in the future, or embrace today's disruption at the cost of further investment in a winning legacy strategy.

There were many key security trends covered at the RSA Conference such as security analytics, endpoint security, cloud security, zero-trust, managed services, network defense, DevSecOps, regulation and privacy. Our team provides more commentary on the 2019 RSA Conference in a Market Insight report, available through our Research Dashboard. Not a current subscriber? Apply for Trial.
1962 Hits

2018 Tech M&A Outlook

After accurately forecasting a slowdown in tech M&A last year, senior investment bankers are expecting a rebound in dealmaking in 2018. As they looked at their current pipeline for the coming year, nearly seven out of 10 respondents (69%) to the annual 451 Research Tech Banking Outlook Survey said it is fuller now than it was a year ago, on a dollar basis. The outlook for 2018 is more in line with typical forecasts than last year's survey, when a post-recession low of just half of the bankers indicated fuller pipelines.

To help you navigate this changing M&A landscape, join Brenon Daly, 451 Research’s Director of Financials, for a look ahead to activity in 2018. Drawing on data and insight from across 451 Research, our annual Tech M&A Outlook webinar will highlight specific trends in key enterprise IT markets – including information security, software, mobility and IoT -- that will shape dealflow and valuations in the coming year. Reserve your spot!

Banker pipeline 2018 copy
4069 Hits

Infographic: Changing Information Security Spending Landscape

The Voice of the Enterprise (VotE): Information Security, Budgets and Outlook survey represents the second in-depth look at security budgeting. A year-by-year comparison and predictive look into the future, shows security budgets increasing but also coming under various forms of stress that are currently shifting spending allocations and portend future changes. These shifts are taking the form of increased spending on software- over hardware-based security solutions, opex over capex and endpoint-based solutions over network-based ones. Interested in learning more about Voice of the Enterprise? Download the full infographic, or click here for more information.
7901 Hits

Consumer Mobile Payment Trends: Another Uptick in Demand for Mobile Payments

Consumer interest in mobile payment apps is increasing for the second consecutive survey. We’re also seeing greater confidence in the security of payment apps, though the issue of security remains a key obstacle to wider adoption by consumers.

The December 12-30 survey of 4,125 primarily North American consumers from 451 Research’s Leading Indicator panel also took a look at payment app preferences and customer satisfaction.

Excerpt of full report:

Consumer Demand for Mobile Payment Apps. Planned use of mobile payment apps has increased for the second survey in a row, reaching its highest level since we began asking this question back in 2014.  A total of 29% of smartphone owners say they‚Äôre likely to use mobile payment apps over the next 90 days (15% Very Likely; 14% Somewhat Likely) ‚Äì a 1 point increase since the previous survey in September and 5 points higher than six months ago.

2.17 vocul 1

Security is Key to Encouraging New Users.  We asked unlikely users what would drive them to adopt mobile payment apps.  Two-thirds (66%) cite Security Against Fraud that is Better Than Traditional Payment Cards as a factor.  A total of 35% say they want to Receive Discounted Offers, while 26% would use them if it helped Avoid Queuing at the Cash Register. 

2.17 vocul 2 apps

Report details also include:

• Consumer Demand for Mobile Payment Apps

• Competition Among Services

• Customer Satisfaction

• Most Important Factors Among Consumers

• Perceptions of Security

• Encouraging Wider Use of Mobile Payment Apps

• Corporate Market: Mobile Payment Trends

Learn more about Voice of the Connected User Landscape here. 

5824 Hits

When things attack: Mirai and the Dyn DDoS attack reveal a disturbing future

The October 21 attacks that knocked some of the internet's most-recognized brands offline in the largest recorded distributed denial of service to date reveal how little the world has taken seriously the threat of poorly secured consumer IoT. Will we be ready for what may come next?

The 451 Take

These attacks have only just begun to illustrate the level of exposure the world faces from what so far appears to be largely SMB products made for the Internet of Things. Indeed, this narrow focus says much about the potential scale of risk beyond the cameras and DVRs largely targeted in this case. While virtually everyone weighing in on the discussion agrees that something must be done to head off an even worse scenario, what remedies make the most sense? There are needs at virtually every level of IoT architecture, from the software and functionality built into devices to the networks and platforms that interconnect IoT's many moving parts. The recent attacks illustrate how easily poorly secured IoT can be made a platform for attacking the fundamental underpinnings of the internet that keep the entire digital world functioning. So far, most of the discussion around IoT security has revolved around protecting IoT itself, with considerable investment already having gone into securing industrial IoT, particularly in sectors where safety is a primary concern. The threat that vulnerable IoT poses in and to the larger world has been seriously underserved. The range of solutions proposed – from adopting the analog of building codes for software and hardware to sweeping regulation, and the inevitable arm wrestling each presents – makes it clear that resolving these vulnerabilities will not be easy. What concerns us most is that, as so often happens with security, it will take an incident of serious proportions to bring any real progress to a head. It would be wise for the industry to do what it can to address this before governments take a stab at it.

Read the full analysis by 451 Research analysts here.
2938 Hits