RSAC 2024: How is Global Cybersecurity Market Evolving?
By Robin Campbell-Burt, CEO at Code Red
RSAC 2024 is complete, short recovery in the Redwood forests done, return flight to UK safely made. I can now post my thoughts on this year’s seminal event for cybersecurity. If I had to sum up the three key observations from this year, it would be:
- The level of product overlap and confusion in the market.
- The importance of networking, community and encouraging talent
- Vendor branding. Still lots of blue …. But more orange too.
Vendor overlap is causing a lot of headaches
Seeing the vendor landscape at RSAC 2024 reinforced how much noise there is in the market now. Vendors are trying to differentiate themselves using different languages and terms, but there is a good amount of overlap that creates confusion for security decision-makers.
Just one quick example would be navigating the distinctions between companies offering vulnerability management, exposure management, and attack surface management (or a combination of more than one of these) solutions.
While there are differences in these definitions, the reality when you speak to different vendors, their product range often covers parts of all these categories. Add a layer of marketing messaging too, and it can get even harder to figure companies out.
Practically everywhere in the market, there is a continuous diverging and converging range of approaches to cybersecurity that needs to be unpicked.
However, this challenge also creates opportunity.
According to Gartner, about half the time taken in the sales process is spent by security purchasers, and those who influence them, conducting independent research. Purchasers conduct the majority of this research online. So, vendors that create content to educate and explain as well as present their solutions will have the best chance to attract and win new customers.
The UK market needs to incubate more talent and collaboration
I was lucky enough to spend some solid time with the UK trade delegation (Dept of Business and Trade, Department for Science, Innovation and Technology and Plexal) and the Spanish National Cybersecurity Institute – INCIBE, during RSAC 2024. Both did a great job flying their respective flags for the European cybersecurity ecosystem.
At the UK trade reception, I had a spot-on conversation with another guest on the importance of community. By constantly helping with introductions and connecting with each other, we can all source what we need for success.
The British can be far too reserved at building relationships, both in asking and offering to help others.
We at Code Red are fully committed to deepening the UK ecosystem and supporting where we can and regularly mentor and support the start-up community through our partnership with Plexal. If you would like to chat, just book a meeting in Calendly.
Lessons to learn
I think the greatest thing we can do to propel the UK sector to greater heights is to nurture our greatest talent by creating a closer relationship between the British security services and the private sector.
Israel is a great example of this in action. Many young people join the IDF as part of their national service and then work for specialist cyber units. The time they spend exposed to the most advanced technology is invaluable for them to then go on and find successful cybersecurity companies.
We need a similar model here in the UK. The country would benefit from a strong skills base that protects national security, and innovation would be turbocharged. This would propel the UK to industry leader status.
So, it was heartening when I saw a recent House of Commons Defence Committee report mention that the Ministry of Defence is considering bursaries for 16-year-olds to join the service at 18, serve for seven years, and earn an in-service degree. Many would then enter the UK economy in their mid-20s with valuable skills, boosting the digital and cyber industries.
The next UK government needs to make this a top priority and realise how central this is to future innovation.
Sticking with the need for community for a moment; I was really pleased to see the Mind Over Cyber mindfulness workshop in full flow, the work of Jen Van Antwerp to promote sober in cyber, and as always, the sterling efforts of Gianna Whitver and the team with the Cyber Marketing Society.
Venture and private equity capital culturally steer this industry. Companies push at an (almost or actual?) inhuman pace for growth to win their area of the market.
The toll can be heavy, especially when economic factors are more challenging, and many have faced redundancy. So, these initiatives that help to build community deserve a salute from all of us at Code Red.
End on brand
My final point about RSAC 2024 concerns vendor branding. It’s a standing joke that every cybersecurity company chooses blue branding to differentiate itself in a crowded market.
Well, it is still the dominant colour, but I must say I have seen more orange this year. I predict an even bigger spread of colour at next years’ show. Let’s see the rainbow in all its diversity at RSAC 2025!