I summarized RSA 2017 in the following way: It’s a bit like the supermarket; you’ll make far healthier choices if you stick to the outer aisles. Well, Las Vegas B-Sides, Black Hat, and DefCon are taking place this week, and since these events differ in tone, audience, and participants, I’ve updated my advice:

  1. We’ve gone from back office to center stage in a relatively short timeframe. As you prep for great talks, reunions with colleagues, and a chance to learn a ton about various topics in our industry, remember how fortunate we are that the industry has become critical to digital business in the 21st century. It’s easy for S&R pros to default to snark – heck, it is what most of us are best at – but our industry is right in the middle of a remarkable journey!
  2. The unholy union of small and midsize booths, boom mics, and speakers is why we can’t have nice things. Seriously, conference organizers, in-booth presentations might have to go due to noise pollution. The interesting talks are happening somewhere else. In other news, this sentiment confirms I am old.
  3. It takes courage to travel the show floor without a plan. Attendees: please don’t do this. Instead, study our research to create a battle plan on what vendors to visit based on your org’s needs. Check out my miniguide below:

The Big Topics Of 2017

We are seven (gasp! Almost eight) months into 2017, and these reports continue to provide pragmatic guidance for S&R pros in what has been a tumultuous year. These reports help security leaders understand what problems they need help solving in the short and near term, and the potential severity of the outcomes if those problems go unsolved. Listen for use cases that match the content of these reports for productive conversations.

Top Seven Recommendations For Your Security Program In 2017

The Top Security Technology Trends To Watch, 2017

Top Cybersecurity Threats In 2017

Some New Vendors, Products, And Services In 2017

Three brand new reports – just in time for Black Hat 2017 – on technologies and services CISOs should explore – along with recommendations on what maturity level and baseline needed to maximize the value of each one.

The Market For Managed Detection And Response Booms In 2017

Protect Your Digital Workforce With Browser Isolation Technology (BIT)

Honeypots 2.0: Deception Technology Lures Cybercriminals Into A Trap

Also, our Breakout Vendor reports. Use these to make connections this week that will prove productive in the future. If you do not know these vendors now, you will need to know them soon.

Breakout Vendors: Internet Of Things (IoT) Security

Breakout Vendors: Security Automation And Orchestration (SAO)

Breakout Vendors: Social Identity And Eligibility Verification (SIDEV)

And More!

In addition to this small sample, we also have our Forrester Wave™, Vendor Landscape, and TechRadar™. Those reports meet S&R pros on various stages of their customer journey. We also write plenty of them; to keep this blog relatively short, I will not link each one. I’ve listed the number of reports we’ve published since Black Hat 2016:

Report Type

Quantity Published

Vendor Landscape


The Forrester Wave™:




* DISCLAIMER: Our research does not cover booth giveaways or Black Hat parties; you’re on your own for swag.