10 Aug Black Hat 2017 Reflections
After a blistering week of meetings with prospects, customers and partners at Black Hat, and the barrage of follow-up work that created, I finally sat back to reflect on the Black Hat USA 2017 Conference. Here are my observations (I’m interested in your impressions, too):
Cybersecurity Funding and Energy is Perking Up
After a lull in funding, new companies and M&A in 2016, the cyber buzz is ratcheting back up and it showed at Black Hat. VC funding has rebounded in 2017, and you could feel the renewed energy from the record number of participants – practitioners, vendors, and market makers. Several market segments in particular seemed to stand out. The endpoint security segment, though widely criticized for capitalizing beyond the Total Addressable Market (TAM), remains a top of mind issue with CISOs. Many are deciding whether to stick with established players (e.g., Symantec or McAfee), or go with a free Anti-Virus solution augmented by an advanced endpoint protection player that also offers endpoint detection and response (EDR) software.
The space Syncurity plays in, Security Automation & Orchestration, appears poised for continued growth as CISOs look at the diminishing returns on more point solutions, while their security operations centers (SOCs) struggle with the ever-increasing barrages of alerts. The market’s relevance is evidenced by the recent exits and combination of firms all staking a claim to the space, including SIEM vendors, ticketing system vendors and adjacent market players (e.g., Rapid7, which recently acquired Komand).
Energy is Focused
While the industry seemed to up its mojo at Black Hat, it’s a noticeably down-to-earth vibe. Fundamentals like sound differentiation strategies, product-market fit, and the full tilt to subscription-based pricing are all in vogue. It seemed widely accepted that this surge of activity will result in a rash of consolidation vs. additional mega raises or IPOs. There just aren’t many open seats at the eco-system (think Apple, Android in mobile) table. I sensed a much more realistic view of where most of these firms would end up in two to three years. So, while Black Hat was ablaze with renewed innovation and energy, it was tempered by the reality of today’s capital markets and their zeal for real businesses, and practical expectations.
A Storm Cloud is Brewing
The one thing I didn’t see or hear much about at Black Hat was another cloud computing shockwave about to hit the market. In the last decade cloud clearly made its mark on how apps, data and services are delivered, but clouds are still not finished driving a wider security-specific makeover.
I spent the previous year and half in the cloud-delivered security space, and I saw first-hand how many CIOs are rationalizing infrastructure in favor of cloud solutions both SaaS and private, including security. I spoke with numerous CIOs who said their goal in five years was to have no more data centers, and some even sought to divest themselves of the network entirely. These CIOs say that all they want to own are the applications, the data, and the verification of identities for authorized users.
How do all these security solutions remain relevant in a world where the companies they’re selling to no longer own the computers or networks that they run on? Like many trends, it will take longer than expected to become a reality, but there’s no doubt it’s coming. Any firm planning to survive long-term must have a strategy for adapting to this trend. Fortunately, and unfortunately, the SOC will always have alerts to process, regardless of the source, and Syncurity is adapted to this new reality, already supporting our customers’ on-premise and cloud-delivered security solutions.