W2 Communications RSA banner

RSA Conference: More than Cryptography, Craft Beer and Comedians

Part 2 in a series on what RSA’s mammoth growth means for security industry communicators

In my last post, I broke down a few negative perceptions of the RSA Conference that I’m hearing a bit louder this year from media and industry contacts. In general I’m hearing more vocal opinions that the conference is too big physically, too expensive geographically (sorry, San Francisco) and overwhelming for even the most technical and experienced attendees, given the massive amount of concurrent talks on every dimension of security, privacy and compliance across entire city blocks at once.

At the same time, RSA isn’t going anywhere and I’ve been making appointments to catch up with a lot of friends and former colleagues there. The event is a major destination and force in the industry with a lot to offer attendees, if they take the time to plan ahead and maximize what is most important to them. I start these planning conversations with clients 3-6 months before RSA each year and so have to agree with the optimists, as well.

“Yes the show is huge – but the sky’s the limit”

Looking at things another way: Staggering growth is a problem anyone would love to have. There are few topics with as many overlapping business, societal and national security implications as cybersecurity today. We are still reconciling with how weaponized data leaks and information operations might have affected our elections. Scooters and armored combat vehicles alike have software vulnerabilities. Your sneakers might get bricked. Realities like IoT, cloud computing and unchecked third-party cyber risk make it feel like cybersecurity circa 1999. We’re back to sessions explaining how we find out which devices use the Internet and where important files are.

People affected by all these issues will be at RSA – as well as all the people who want to recruit attendees into new companies, invest in new start-ups or give legal, lobbying and other sage advice to companies facing an ever more complex landscape.

“Big tent security events help introduce others to our community”

If you can make it to RSA, the conference offers a ton of learning opportunities, particularly if you are a student interested in cyber risk fields or someone already in the field thinking of making a change. The flip side of having so many concurrent talks, competitions and fireside chats is that it offers a broad buffet of topics and opens eyes to where skills can be put to use.

“Remember – ROI from a conference depends on what you put in”

Whenever someone asks me if they should invest time and money at RSA my immediate reply is, What are you trying to achieve? Answers like “We know our competitors are there,” or “We want to make some noise,” are big red flags for me because they are so ill-defined and subjective. I counter with “Who is the buyer or go-to-market partner persona you are trying to reach? Is RSA the right place to reach them?” “What kind of research and customer/case-study connections do have that could shape a compelling panel session?” “How well-known is your company – are your expectations for booth traffic and marketing realistic?

Even RSA boosters will concede the event’s speaking sessions and booths no longer provide as much news cycle prominence and credibility compared to years past. Reporters constantly tell me they cannot get to all the sessions they circle weeks beforehand. Likewise, the show is generally a poor place to launch a company or expect big, earned media coverage of product news. You have to accept that products and “Solutions!” are what everyone is touting at RSA and find other ways to connect and build relationships with people you want to reach.

My advice is always focus on networking at shows like RSA. Do your homework, study your connections and target markets months before you register and reach out to people. LinkedIn is great for this. Because there is only so much you can realistically do in a packed RSA session, make sure you seek out a few side events for networking in more casual settings. Not every event is a deafening nightclub or concert.

Events like our CYBERTACOS meet-ups are productive gatherings where you can strike up conversations, catch-up with old contacts and meet new peers.

“The best conferences change with the times”

Like every incumbent, must-attend conference, RSA’s decision-makers have to keep doing what’s been working for them financially while trying to act on attendees’ changing tastes and preferences. RSA could part ways with San Francisco. It could decide it is time to trade deep cryptography panels for sessions aimed at corporate boards. It could offer exhibitors the option of branding bedding and furniture in temporary, pop-up hotels for journalists right on the expo floor (I’m only half-kidding – if this happens, you heard it here, first).

In any case, RSA’s future will be interesting to watch and those of us investing in the show – in every sense – will keep a keen eye on its audiences, impact and conversations.

What are you expecting at RSA this year? Share your thoughts with me on LinkedIn, or we can all get together over tacos.