RSA 2015: Does the Security Industry Need a Reality Check?

Thinkstock
Thinkstock
Thinkstock

Yes, it’s that time of year again: The RSA conference is the world’s flagship security technology tradeshow and later this month it will be back in San Francisco. To prepare for the event, the Blanc & Otus Analyst Relations team spoke with many prominent analysts regarding the likely hot topics at this year’s show. Several themes quickly emerged from those discussions – some of which vendors should be worried about:

Vendor marketing is increasingly diverging from reality: While powerful marketing is part and parcel of being a successful vendor, analysts are becoming increasingly fatigued with vendor hype within overcrowded segments. Expect to see more and more research notes countering vendor claims, especially on areas of contentious category creation. Many analysts told us that they increasingly see the show’s value as centering on various networking opportunities, rather than the content vendors provide during the show.

AR Recommendation: When approaching new narratives and messaging work, marketing and communications teams should be asking themselves: “How can we best tell compelling and useful stories?”

CISOs…sweating in the spotlight: The pace of high-profile breaches is increasing and security has never been higher up the boardroom agenda than it is today. While this attention may help the Chief Information Security Officer (CISO) secure much-needed funding for security initiatives and technologies, it also increases pressure on them to deliver. Some CISOs do a fine job of explaining their strategies to their boards, peers and the broader company, but too many revert to the comfort zone of ‘speeds and feeds’ speak, and as a result they don’t address business risk succinctly and compellingly enough. This ultimately leads to a failure to secure the necessary behavioral changes at the cultural level, which drastically impacts their ability to deliver in the long term. With growing numbers of ‘non-IT’ executives running their own shadow IT investments beyond IT’s control, this challenge is only increasing.

AR Recommendation: When framing up sales enablement materials prior to launch, sales teams should ask themselves: “How can I help my clients succeed in winning hearts and minds within the business?”

The user politics of digital transformation are unstoppable: Technology has always been successful based on user acceptance at a behavioral and cultural level. This has always been a particular challenge for security teams who have historically wanted to lock assets down. However, the shift towards digital business models – based on cloud, mobile, social and Internet of Things-based technologies – means that old ‘lock down’ style security models simply aren’t feasible (if they ever were). While pioneering vendors are improving the usability of their solutions, they often do a much less compelling job when it comes to addressing the cultural, political and procedural impact of security technologies – specifically how security teams and processes can work with (rather than against) the business. To succeed, security must become invisible.

AR Recommendation: When creating content to support a product launch, product management teams must consider: “How do I articulate how this new technology changes the way the business operates?”

There are no easy answers here. Standing out from the crowd in 2015 – without being excessive – is a real challenge. However, vendors should keep themselves honest by running regular reality checks as the year progresses. Remember:

  • Narrative Always Trumps Messaging – It’s great to have a well-crafted product message, but that hard work is wasted if the broader narrative it sits within isn’t also working. A great narrative generates interesting viral conversations by generating questions and answers that can play back to product strengths. Does the narrative gel with the end user’s experience and situation? Messages need roots.
  • Authenticity Has Never Mattered More – Yes, perceptions matter, but ultimately it is reality and the facts on the ground that makes or breaks careers. Be sure you can stand out with a smart idea, but you must also stand by your claim and own it. Does the excitement of the initial concept marry the possible with the probable?
  • Research Hard, Fail Fast and Re-iterate – Research can make all the difference, turning early adversity into future opportunity. Take a DevOps approach to your communications activities – use analyst inquiry and messaging sessions to quickly develop Kevlar for your Narrative prior to launch. Better to fail early, and then quickly re-iterate your way to success, than continue with an approach that’s not working.

So what’s got you excited about this year’s RSA? If you have an RSA story to share, or want to discuss how analysts can help bulletproof your story then drop me a line at tris.clark@blancandotus.com.