Ten takeaways from the 2023 RSA Conference
By Emma Norchet
AI security, cloud security and consolidation/private equity M&As are top of mind for CISOs; Hectocorn on the horizon
At a glance
- Discussions at the 2023 RSA Conference, one of the premier conferences in the world on IT security, centred around consolidation, AI security and cloud security.
- As pressure to consolidate security vendors builds, companies that offer true private equity–backed platforms will continue to gain momentum.
- Experts at the conference peg the total addressable market for cloud security at $17 billion, with more CIOs listing it as a top priority.
- AI presents a real opportunity for Security Operations Centers (SOCs) by automating routine processes and improving efficiency through using language prompts instead of code.
What tech leaders are saying about the future of IT security
Going to the RSA Conference—one of the premier conferences in the world on IT security—always feels a little bit like peeking into a crystal ball.
From presentations to hosting a private dinner for several leading tech companies this year, we learned quite a bit. So what do we have to look forward to? For starters, the future may hold consolidation, an increased focus on AI security, cloud security becoming a priority and we may see our first hectocorn.
Read on to discover more about the top 10 themes evident at this year’s conference.
1. While budgets remain resilient, there is increasing pressure to consolidate vendors.
Chief Information Security Officers (CISOs) reported that while they’re not experiencing major budget pressures, they’re starting to explore opportunities to consolidate vendors. Morgan Stanley ’s research group said that they "didn't hear of a single CISO or CIO looking to cut their security budget,” but that they are looking to consolidate tools before taking on new vendors.
As consolidation becomes standard, new deals experience greater scrutiny, with CFOs becoming more actively involved in the decisioning process. Given this trend, we expect—and have already started to see—revised forecasts for many companies in the space as they adjust for longer sales cycles.
2. M&A activities are likely to increase, with private equity playing a key role.
As pressure to consolidate builds, companies that offer true platforms will continue to gain momentum, with buyer’s rigorously rationalizing their portfolios.
Private equity players will be eagerly waiting to get in on the action. As indicated during the Piper Sandler conference, “Given the large number of scaled, $100 million-plus ARR companies with limited exit options, we predict private-to-private M&A, including to private equity or private equity-backed platforms, will continue to increase in 2023.” This will also influence CISOs decisions as they are concerned about bolt-on acquisitions, and vendor lock-in.
3. Cloud security is gaining incredible traction.
We continue to see workloads shifting away from on-premise to cloud or multi-cloud environments.
According to Goldman Sachs, the Cloud Native Application Protection Platform (CNAPP) market—encompassing cloud security posture management, cloud workload protection, and cloud service network security—will reach ~$11 billion this year, assuming a 2.7% cloud spend penetration. They believe the penetration could reach 5% in addition to continued growth in the space.
Morgan Stanley is also heralding the rise of cloud security expenditures, predicting a $17 billion Total Addressable Market for cloud security by 2025, and according to their latest CIO survey, cloud security spend increased from the No. 4 priority to the No. 1 priority over the past year.
Given its importance, this is a segment where best-of-breed platforms could potentially win over larger platform vendors, although many of the emerging players are pushing to also become platforms.
4. Forget unicorns, we may see a ‘hectocorn’ by 2025.
Morgan Stanley predicted that we will see the first $100 billion cyber company—a “hectocorn”—emerge over the next two years. Given the large Total Addressable Market for CNAPP, we believe that the space will be a strong contender in the competition for the honor of the first hectocorn. This is especially likely as we see a convergence of DevSecOps and cloud security; as well as Cloud Security Posture Management and Cloud Workload Protection.
5. Hackers have discovered the power of AI, adding pressure to companies to adopt strong AI solutions.
We should expect to see more sophisticated attacks, but many cyber companies we spoke to at RSA are already developing antidote solutions, although we still haven’t seen broad adoption. Concerns around security, privacy, and accuracy appear to currently be limiting appetite for broader use.
6. Look for CISOs to add AI security to their portfolio's over the coming year.
With its recent accelerated adoption following the release of ChatGPT 3.5, AI security is one of the fastest-growing emerging spaces, with companies such as Austin, Texas based HiddenLayer winning the 2023 RSA Innovation Sandbox contest for the “most innovative startup.” The company’s security platform helps enterprises monitor machine learning algorithms for adversarial, machine learning attack techniques–an increasing threat for CISOs.
7. Automation is the “low-hanging fruit” to apply AI to security solutions.
Currently, a limited talent pool is one of the major challenges in the space. According to Piper Sandler, roughly 40% of cyber jobs remain unfilled. AI presents a real opportunity to automate areas such as Security Operations Centers (SOCs) by making it easier for SOC analysts—especially less experienced ones—to be more efficient by using language prompts instead of code. Today, more than 50% of cyber spend is attributed to services; AI automation may be able to reduce this significantly over the next five years, with better quality revenue.
Source: View from Morgan Stanley Research: The Bull Case For Cybersecurity (April 25, 2023)
8. Microsoft remains the giant to watch closely, thanks to its new Microsoft Security Copilot offering.
Microsoft Security Copilot has generated a lot of excitement. In fact, early access to Copilot was recently extended to over 600 customers, including Chevron, Goodyear, General Motors, and Dow. Copilot uses AI to provide responses to prompts that leverage internal and external data, making use of the 65 trillion daily signals collected by Microsoft via threat intelligence.
As one of the largest security companies of all time, with a meaningful share of network, endpoint, and identity, Microsoft is well-positioned with this new product to continue to be the platform of choice and stay ahead of trends.
9. SASE is growing and becoming an integral part of the broader Zero Trust Network Access framework (ZTNA).
Secure Access Service Edge (SASE), meaning securing access to the web, cloud, and private apps -regardless of the location of the user or device- continues to see tailwinds and accelerated adoption.
According to Gartner, by 2025, 70% of organizations that implement agent-based ZTNA will choose either a secure access service edge (SASE) or security service edge (SSE) provider for ZTNA, rather than a stand-alone offering. By 2026, 85% of organizations seeking to procure cloud access security broker, secure web gateway, or zero trust network access offerings will obtain these from a converged solution. By 2026, 45% of organizations will prioritize advanced data security features for inspection of data at rest and in motion as a selection criterion for SSE.
Netskope, one of Ontario Teachers' investments, now appears as the category leader in the SSE space according to the latest Gartner magic quadrant report released last month. From our discussions with buyers at RSA, we heard a few times that, if pushed on a choice to consolidate amongst vendors, they would shift to Netskope. Other private companies in the SASE space include Versa and Cato Networks.
We also expect to see more collaboration between SASE players, and emerging players in the enterprise browser category, such as Island and Talon, as CISOs continue to push the implementation of the ZTNA framework.
According to Gartner, by 2025, 70% of organizations that implement agent-based ZTNA will choose either a secure access service edge (SASE) or security service edge (SSE) provider for ZTNA, rather than a stand-alone offering.
10. API security is an increasing priority for CISOs.
The rapid increase in application developments has also been driving an increase in API ecosystem complexity. That results in a rising need for application and API security, especially as notable breaches occurred over the past year highlighted potential risks.
Our discussions with buyers at RSA confirmed that API security has become more important over the past year, with one large bank having over 150,000 APIs to protect for their wealth management business.
Today, Ontario Teachers’ holds four investments in the cyber sector as part of our Private Capital asset group portfolio: Netskope, Arctic Wolf, Tanium and RSA. Thanks to those from Ontario Teachers’ who attended the conference this year, including Ontario Teachers’ CISO, John Vespasiani, and members of our broader Teachers’ Venture Growth (TVG) team.
Emma Norchet is a Director at Teachers' Venture Growth (TVG), Ontario Teachers’ venture capital and growth equity arm. Based in San Francisco. She plays a key role in the execution of TVG’s direct investment strategy for North America, covering enterprise investments in segments such as cybersecurity and data infrastructure.