RSA Takeaways & Security
June 15, 2018
As the Investment Team here at Mainsail continues to closely track trends in the cybersecurity SaaS market, deal team members make an effort to meet stakeholders face-to-face as often as possible. Emily Calkins, a Senior Associate, attended this year’s RSA conference and summarized the high-priority themes that emerged from discussions with entrepreneurs, salespeople, brokers, and product leaders during the tradeshow. Mainsail is excited by the pace of innovation in this industry, as evidenced most recently by our $60 million investment into data protection security leader, FairWarning.
1A signal through the noise
As with last year’s conference, a key theme in 2018 was massive & continually growing vendor volumes. For every hyper-niche security pain point, there are a handful of companies – established or startup – selling you software to fix it. CISOs & CIOs are fatigued by salesmanship and skeptical of ‘snake oil’ SaaS. Many enterprise CISOs are contending with multiple systems that do not communicate in unified portal. The more tools you have, the more incumbent upon you it is to implement, manage, and glean insight from them. There is increasing value in a “single pane of glass.”
2Segmentation of duties among security decision-makers
2016 & 2017 introduced the rise of the CISO as the decision-maker-in-chief for all things related to security. But, with key developments like GDPR, the aperture has been opened. Many companies said they must now pitch and sell to a CIO (what data is being collected & who can access it) and a CTO (where are our attack portals), even at a target sophisticated enough to have a CISO. This can raise the bar and lengthen the sales cycle for vendors. As these internal roles continue to evolve and congeal, they should unify under the CISO and work together without fissures. In the interim few years, though, friction is likely to continue and provide a hurdle for vendors in the market.
3Continued endpoint proliferation
Discussion on the trend of ‘a device for everyone and everything’ continued. The faster individuals and workplaces develop into constant demand for handheld devices, the faster the number of IoT endpoints grow, and the bigger the attack surface area gets. Per feedback from attendees and speakers, this isn’t going to taper anytime soon and vendors will have to find a way to pitch in a comprehensively ‘plugged in’ world. This difficulty to zero in on which devices can connect further sets the stage for the rise of Privileged Access Management (PAM) and Privileged Account Session Management (PASM), and Privileged Escalation and Delegation Management (PEDM).
4Acquisitive incumbents leverage M&A to maintain share of mind & wallet
Though 2017 was not a banner year for acquisition activity, many players (McAfee, Qualys, Symantec, Akamai, Optiv, others) made bets on strategic targets. Moving forward into 2018 it may be product, rather than customer or personnel driven, tuck-ins that pick up in pace – with larger players trying to make sure there are as few needs as possible that a customer needs to look elsewhere for. (ie: everyone should have an e-mail security plugin, everyone should have a DNS tool, everyone should have basic phishing & UAT services in place)
5The new frontier of data privacy regulation
We would be remiss to skip out on an opportunity to highlight the first wave of GDPR compliance and enforcement upcoming. This is the latest manifestation of what has been a years-long march of increasing granularity around data control. First, we had PII (PCI compliance), then PHI and audit trails (HIPAA compliance), and now “the right to be forgotten” (GDPR compliance). Each of these marks a ratcheting-up of intensity around protecting personal information and a corresponding lift in accountability for Architects, Data Scientists, and management teams. In each chapter, the market has gotten increasingly diligent and specific on the questions they ask about data – what is collected? Where is it being stored? Who can access it & for what purposes? How is it secured? And how can it can be systematically removed?
6Machine learning – the next big differentiator
We find that forward-looking security companies have identified machine learning capabilities as the most important lever in this market today – vendors that can do this well sprint past their competition on the pace of innovation. FairWarning, for example, has launched an ML program to augment the algorithm improvement processes already in place. Visibility into one-off errors, emerging patterns, and predictive analytics are in high-demand more than ever in this market.