Trends and observations from RSA Conference San Francisco 2019

As one of the world’s largest and highly-regarded cybersecurity conferences, the RSA Conference has steadily grown from its original form as a phone conference in 1991. Known as the RSA Data Security Conference, its first in-person event drew more than 200 attendees. Today, simply known as the RSA Conference, its events have spread over the globe in addition to their yearly San Francisco conference.

The 2019 RSA Conference in San Francisco took place March 4 through March 8 at the Moscone Center. And as in past years, RSA attracts bigger crowds of cybersecurity professionals each year. This year the event was bigger and better than ever before, and here are the numbers to prove it:

  • 42,500 attendees, 740 speakers and 700 exhibitors
  • Almost 10,000 more visitors attended RSA compared to 2017
  • 135 new companies were on the show floor
  • Nearly 500 presentations and 700 speakers

Utimaco’s observations from the 2019 RSA Conference

Utimaco was there. And during our visit to the 2019 RSA Conference, we made some observations. The conference is changing in response to the cyber-security industry itself going through some major changes.

Here are some of the show floor observations and trends that we would like to share:

  • The total cyber security market is growing with an expected growth of $1 trillion between 2017-2021
  • Industry experts expect that total breach cost size will grow by $6 trillion by 2021
  • CISOs and Market analysts expect to see major consolidations and some newcomers
  • Network – Securing the network is the action point that most CISOs have crossed off their list as ‘done.’ Securing endpoints is the next generation challenge taking its palace.
  • SIEM/SOAR – CISOs are unhappy and drowning in data. Some of the market leading offerings are very expensive, automation is not good enough, and the emergence of new market entrants like Google Chronicle raises high expectations for the future.
  • Identity & Key Management – It is a market that is still experiencing high growth, but different vendor offerings are fragmented between Identity, Privileged Access, Machine Identities, Key & Certificate Management.
  • CISOs see phishing & identity attacks still as the biggest attack vector. Key management in the cloud is extremely sensitive for CISOs. As one CISO from the finance industry put it: “Key Management is my biggest headache.” (Read more on Key Management at Utimaco)
  • Cloud – As a cross-vertical, the Cloud has an effect on all. Even though the Cloud Service Provider market is dominated by the few big players and multi-cloud is an old hat, it is still relevant in practice. CISOs still encounter many issues with ownership, liability share between user and cloud service provider, and policy enforcement problems.
  • CISOs are now realizing they are getting locked in by Cloud Service providers. Some find that inevitable, and others are looking for smart solutions and architectures to remain vendor independent – staying in control of their cryptographic material. The solution to that is not in any one product, but in best practice architectures.
  • The new kid on the CISO block is Post-Quantum Crypto – The bad news is, according to experts, only about 5 % of companies have understood to what extent this is relevant for their business.

How is Utimaco responding to new trends

Utimaco offers the only private HSM in the Cloud, CryptoServer Cloud, that allows you to set up this type of architecture. It is the only offering in the market that allows you to keep your keys separate – in your own private HSM and away from the Cloud Service Provider’s equipment on a global level. It provides organizations with a multi-cloud strategy and the flexibility to move high value assets into the Cloud, between Clouds and back out of the Cloud. 

Utimaco has recently become known as one of the enablers in the post-quantum cryptography (PQC) space – which is why a number of large IoT and PKI solution vendors such as LG Electronics, Microsoft Research and DigiCert have partnered with Utimaco (Read more on Utimaco's Research Network).

At RSA, we had the honor of hosting Avesta Hojjati, Head of R&D at DigiCert, to present their proof of concept implementation into a PKI. The DigiCert research project, which the presentation was based around, uses the quantum-safe algorithm “Picnic”, developed by the team lead by Microsoft Research, on a Utimaco HSM.

Looking for future


Looking to future

Utimaco plan to pre-announce the Applied PQC Expert Network in time for the November 2019 Applied Crypto Symposium in Silicon Valley. Stay tuned for updates on this exciting new technology.

About the author

Ulrich Scholten is an internationally active entrepreneur and scientist. He holds a PhD in information technology and owns several patents on cloud-based sensors. His research on cloud computing is regularly published in highly rated journals and conference papers. From 2008 - 2015, he was associated research scientist at the Karlsruhe Service Research Institute (KSRI), a partnership by KIT and IBM, where he researched network effects around web-platforms together with SAP Research.

To find more blog posts related with below topics, click on one of the keywords:

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.