RSA 2019 recap: What we learned

Every year, the RSA Conference grows in size, reflecting the ever-increasing prominence of the central topic it covers, cybersecurity. The cybersecurity extravaganza brings together thought leaders and companies from all around the globe for five days of keynote speeches and breakout sessions that provide seemingly endless opportunities to learn something new. As one of the largest security events in the United States, it helps attendees connect with cybersecurity luminaries, potential clients, and industry movers-and-shakers (perhaps over a happy hour drink or two).

Don’t worry if you weren’t able to attend or couldn’t digest all of the information presented -- with so many in-conference events, it’s practically impossible. The following are two top trends you can learn from RSA 2019:

Focusing on the present: User experience and vendor management

Looking for the ideal risk and compliance management technology for your company? During the examination process, it’s crucial to consider how easy it will be for your employees to use the new product. Poor user experience results in low adoption rates, leading to employee workarounds that negate the reason for adopting new technology in the first place. Risk and compliance professionals want technology to be as easy to use as apps on their iPhones. You can make employees happier and more productive by investing in user experience. A positive, cohesive user experience also has the added benefit of combating the issues of disparate data and shadow IT.

Another concern is data breaches by third-party vendors. This issue -- seen often in the news today -- occurs when information is shared between the organization and the vendor. Third parties provide essential opportunities for businesses to decrease costs and increase competitive advantage, but they can also create significant sources of risk. Organizations need to tighten vendor security and employ safeguards to help prevent these dangerous breaches.

Looking toward the future: Scalability and GDPR

Security software must match the company’s long-term vision in terms of capabilities and scalability. Essentially, how will it affect the company in the future as it grows? SaaS solutions make it easy to download, implement, and start experimenting with different platforms rapidly. While this is a great benefit over old-school legacy solutions, companies need to keep a long-term perspective on software acquisition.

As companies prepare for the future, they should also expect a version of GDPR to come to the US soon. The California Consumer Privacy Act (CCPA) will go into effect in 2020, becoming the first state law pertaining to data privacy in the nation. Several other states have also proposed similar consumer data protection legislation. As states follow California’s lead, it becomes increasingly likely that the federal government creates national standard to create unified governance throughout the country.

So, where is the cybersecurity industry heading next? Many have strategies and predictions, but it’s hard to know exactly where the technology will take us. New concepts are continually being created that improve upon the status quo. If we look back five years, it’d be hard to believe where we are today in terms of technology, spending, data breaches, and more. Organizations should continue to focus on compliance and operational efficiency, taking the other key takeaways listed in this article into consideration.

RSA continues to provide great insights for cybersecurity professionals to stay ahead of the curve. This year, the trends showed opportunities to increase trust in the industry. There are strategic opportunities to increase security in the present while preparing for the future and the changes it’s certain to bring.

Matt Kunkel is the co-founder and CEO of LogicGate. Prior to LogicGate, he spent over a decade in the management consulting space building technology solutions to operationalize regulatory, risk, and compliance programs for Fortune 100 companies. It was during this time he learned the skills to realize his true calling: building world-class companies that meaningfully affect the lives of others through user-friendly technology. Given his extensive background in the GRC space, Matt regularly speaks and consults on risk and compliance topics.