SAN FRANCISCO — About 30,000 enterprise and technical information security professionals are expected to attend the 25th annual RSA Conference here this week. United under the mantra of “Connect to Protect,” they are joining more than 500 sponsors and exhibitors to talk about the best technologies, trends and people to protect an increasingly digital world.

The event kicked off yesterday with seminars focused on topics such as risk practices and virtualization. There were also sessions on professional development and security basics, ending with a welcome reception at 5 p.m.

As the crowd of people notable for their black suits and purple lanyards at the Moscone Center swelled, so did the lines — and attendees had to wait just to take an escalator from floor to floor..

Hot Topics

According to Herbert (Hugh) Thompson, program chair for the RSA Conference and an expert on IT security, security concerns have evolved in the past 10 years.

The RSA conference receives some 2,000 submissions each year. And within the words of these submissions lies some interesting data that maps to what’s on practitioners’ minds, concerns among law and policy makers, where venture capitalists want to place bets, and how both new and established vendors are attacking the market, Thompson said.

Just a few years ago, most people were focused primarily on data and privacy. But last year cyber threats, mobile and cloud became more prevalent. This year, the hot topics include both cyber threats and cyber security, along with data, learning, and risk.

Security professionals are talking less about hacks and more about ways to manage risk, showing more interest in agile security and making less of a fuss about cloud, mobile and big data as the words become ubiquitous.

Other hot topics:

  • Internet of Things (IoT) security
  • Data sovereignty and legislative volatility
  • Cyber Insurance
  • Privacy versus Security
  • Data breaches and the implications of the theft of persistent personally identifiable information (PII)

rsa hot topics

Time to Innovate

Continuing a tradition since 2005, top security startups battled it out in the Innovation Sandbox Contest. The competition encourages out-of-the-box ideas and the exploration of new technologies that have the potential to transform the information security industry.

Despite a shortage of seats, hundreds gathered to hear 10 finalists — Bastille, Illusive, Menlo Security, Phantom, Prevoty, Protectwise, SafeBreach, Skyport Systems,Vera and Versa Networks — explain how they plan to bring solutions ranging from virtual hacking and sanitizing to cloud-based isolation and planting deceptions to market.

"To anyone who says the security industry is not innovating, I challenge them to say that after this afternoon," Thompson told a standing-room only audience. 

Each startup founder had three minutes to deliver pitch before the microphone was muted. Judges included Asheem Chandna, partner at Greylock Partners; Gerhard Eschelbeck, vice president of security and privacy engineering at Google; Renee Guttman, chief information security officer for Royal Caribbean International; Patrick Heim, head of trust and security at DropBox; and Paul Kocher, president and chief scientist of cryptography research division at Rambus.

Phantom, which CEO Oliver Friedrichs said "delivers a layer of connective tissue for the entire industry,” won the contest. The company offers a security automation and orchestration platform that integrates with existing security technologies to prevent cyberattacks and speeding up and improve operations, he said.