More Random Thoughts, Observations, and Musings from RSA 2010

More quick hits from RSA as I get ready for the last day on the show floor:

  • Great traffic to our booth with great conversations about how we can help organizations plug gaps in their endpoint security.  Given we are such a different approach, it is always fun to watch people process how we approach endpoint security and configuration management.  My favorite is their parting words which are usually something like “thank you, that was interesting”, then there is a pause as they continue to process what they have seen and heard, followed by a “very interesting”.  I always like that response because they get it and now they are mentally extending what they have heard to the needs of their organization.  I think most people think the time at the booth is time well spent.
  • Triumfant will be included in an announcement by SRA today aboutTriumfant being part of the team for SRA’s One Vault Cyber Security Suite.  We are excited to be teaming with SRA and are looking forward to being a part of this exciting offering.  SRA is extremely progressive about finding new ways to help secure their customers and we are pleased to be part of that process.  More announcements about Triumfant and SRA to come.
  • We have been seeing a steady stream of vendors coming to the booth to learn about what we do.  This is a good indicator that the word is spreading about our capabilities and that these vendors have to answer their customers and prospects pointed questions about how they compare.  Some are open about working for a vendor, some try to sneak in.  Just walk up and shake hands, folks – we have nothing to hide.  Besides – it is for your own good: the more you know about what we do the less likely you will be to tell customers and prospects that you can do it when they hear about us.   Sorry, but true.
  • Not one person has come to the booth looking for a solution to the advanced persistent threat (APT).  Or any other phrases that get knocked around the press and the blogs.  Sure you hear some of the concepts, but at least the people coming to our booth don’t adopt the names such as APT.  I guess when you spend the day fighting it you don’t get caught up in what to call it.
  • RSA is a great show but it is very frustrating for a new vendor.  Getting a speaking slot is next to impossible, and the system for booth placement almost guarantees you a less than favorable slot.  Money in the form of a larger booth or an expensive sponsorship will of course fix a lot of that problem, but it is a huge bite of any smaller company’s budget.  I can see why the B-sides movement is gaining momentum.
  • I am always amazed at the amount of money companies will literally dump onto the floor at RSA.  I get marketing obviously, but I can’t imagine anyone altering a buying decision based on a room drop card, a beer tap at the booth, or some fabulous take-away trinket.  I must be getting old and either wise or jaded.
  • I was invited to Mitre’s celebration of the 10 year anniversary of CVE last night.  Great party full of the dedicated folks who tirelessly continue to promote standards for security.  Like I said in a previous blog – I have all the respect for the patience and perseverance of the people who continue to push for these standards.
  • Went to the bloggers meetup last night.  Thanks @RSABloggers2010 for the invite.  I normally stay along the back because the group is gracious enough to let me attend even with my two strikes: being a vendor makes me suspect, but having a Chief Marketing Officer title is the real kicker.  I am sure many of the bloggers feel a disturbance in the force when I enter the room.  So I see some familiar faces and make sure I don’t engage in anything resembling marketing speak.  It is a fun group and the reception is always lively and I always appreciate the invite.

This has been a great RSA, but I am ready to finish this last day of the exhibit hall and start packing for home.  Thanks to all who came by the booth.

Being a Friend of SCAP and the Continuing Emergence of Security Standards

I had the privilege last Thursday to attend an informal session on the Security Content Automation Protocol (SCAP) at the Information Assurance Expo held last week in Nashville.  Attendees included representatives from the NSA, the DoD and other federal agencies, and the vendor community.  It was a positive, productive session, and I am pleased that Triumfant is actively involved in the SCAP movement, because I believe strongly in the need for standards for security. 

When I first entered the security market in early 2005, I had just come from the integration space where standards were a crucial part of doing business.  I had teamed with others at webMethods to get staff onto such groups such as the World Wide Web Consortium (W3C) effective ensuring that webMethods was in the thick of the standards process.  When I arrived at Cybertrust and built my marketing plan, I looked to identify security standards groups and was shocked to find a lack of standards activity in the market. 

While Cybertrust was diverse and global, we did not do a lot of business with the federal government, so SCAP never caught my attention.  That changed when I joined Triumfant, who had already taken steps to be SCAP compliant and was one of the very early companies (third, I believe) to obtain FDCC validation.  I quickly ramped up on FDCC, but soon realized that the broader notion of SCAP as a common language for sharing and integrating security processes was a significant subject.

SCAP is critical to Triumfant, because beyond the what we do of enforcing security configurations and detecting and remediating malicious attacks, what we are is the most comprehensive sensor grid for endpoint machines coupled with some very innovative (and patented) analytics.  So the ability to share the content we create with other consumers of security data dramatically expands our reach and value.  And clearly the only real way to predictably and practically share that data is through content standards. 

The people who have been carrying the SCAP flag the longest have done so with remarkable patience and resolve, as standards are something people clamor for right until the moment they are asked to comply.  Their patience and resolve is especially important as I am not altogether sure the security market is all that eager for interoperability because it upsets the well established ecosystem of selling product layers to address specific needs.  Of course, maybe that is another reason I like SCAP because I do love being part of something constructively disruptive.

So the SCAP faithful have soldiered on and continue to make sure and steady progress.  You could see it on the faces of those persevering souls at the NIST Security Automation Conference in Baltimore last October, when they recalled that early meetings were held in NIST conference rooms and hallways and now they were filling large halls at the Baltimore Convention Center.  They also saw representatives from private industry pick up SCAP, bridging the standard from the federal space into the commercial world.

These folks have my admiration because they are forwarding these standards not for selfish reasons or monetary gain – they are doing it because it is the right thing to do, and in the long run it will help make sensitive data for our country more secure.  The forward looking early supporters of SCAP picked up a difficult rope and have pulled tirelessly.  We at Triumfant are excited about grabbing that rope and pulling where and when we can.  I hope others take the opportunity to do the same.