Sam Curry likes to call it “the annual running of the bulls” for the nation’s cybersecurity companies.
Curry, chief security officer for the Boston firm Cybereason, is referring to the annual RSA Conference in San Francisco next week. Hopefully no one will get trampled during what is a must-attend event for nearly 50,000 people in the cybersecurity industry.
Here’s what you can expect to see: a wicked strong Massachusetts presence, one that reflects the powerful cluster of cyber companies in Greater Boston.
And near the top of that list is none other than soon-to-be-independent RSA, the Bedford-based host of the conference.
In a strange bit of timing bound to cause some chatter at the Moscone Center, parent company Dell Technologies just unveiled a deal to sell RSA to a group led by a private equity firm, Symphony Technology Group, for $2.1 billion. Sounds like a lot? Maybe not, if you consider this: EMC, now a part of Dell, acquired RSA for essentially the same price nearly 14 years ago.
It’s hard to know what PE ownership might mean for RSA. Perhaps getting out from under a giant corporate umbrella will enable it to thrive, and spur more innovation. That’s essentially how RSA president Rohit Ghai put it in a blog post about the deal. Executives in the Boston-area cyber industry say they’re hopeful, but they’ve all seen things go the other way under private-equity ownership, too.
The sale shouldn’t affect the conference this year, aside from providing grist for the rumor mill. But the coronavirus might. RSA reported on Thursday that about 1 percent of expected attendees so far are staying away, including contingents from conference sponsors AT&T and IBM, due to concerns about the epidemic.
You can count Curry among the executives who are curious about RSA’s fate. After all, he worked there from 2007 to 2014. The conference was not as big then as it is now, but it was still a key part of RSA’s identity. Curry notes that the conference grew up in California, just like the parent company. Yes, RSA’s first technology was developed by three men at MIT — the company’s name contains the founders’ initials. But the business moved to Massachusetts only after a local company bought it and adopted its name.
Curry’s current company, Cybereason, also moved here, from Tel Aviv, another cyber hotbed. The Massachusetts Technology Collaborative says the cyber workforce tops 25,000 in the state, and more than 210 local companies focus on cyber. The quasi-public agency will host a Massachusetts-focused event Tuesday at a hotel near the Moscone Center.
Akamai Technologies will be among the biggest local companies at RSA next week. It was initially known as an online media-delivery business, but cybersecurity is now a major part of Akamai’s portfolio. (Nearly one-third of the Cambridge company’s $2.9 billion in revenue last year came from cloud security.) Akamai’s chief security officer, Andy Ellis, will give a keynote address at the RSA Conference that reflects on how the fundamental problems the industry faces haven’t changed all that much over the years.
Ellis sees Greater Boston as one of the world’s top cybersecurity hubs, probably only behind Silicon Valley and Tel Aviv. The Massachusetts Institute of Technology drives much of the sector’s success here. But Ellis said many other local institutions play key roles, as well: Northeastern, WPI, and Wentworth, to name just a few.
Then there’s the local defense industry, including all the IT work that happens at Hanscom Air Force Base and contractors such as Raytheon and its Forcepoint venture. That’s one reason Samuel Visner, head of a federally funded cyber center at the defense contractor MITRE in Bedford, considers Boston one of the best places on earth to be doing cyber research.
Lee Weiner, chief product officer at the local fast-riser Rapid7, sees Boston’s heritage in business-to-business technology as one reason for its cybersecurity dominance. The likes of Digital Equipment Corp., Lotus, and Wang begat a generation of companies focused on solving tough tech issues for major enterprises. Many of Boston’s venture capitalists come from that world, Weiner said, and are more likely to place bets on cyber startups.
Mohamad Ali ran Carbonite, one of the most well-known data security companies in Boston, before leaving last year to lead International Data Group. He points to MIT’s CSAIL artificial intelligence lab as another key factor in Boston’s prowess. MIT produced a long line of computer scientists skilled in the kinds of algorithms that make robots smart — and help businesses ward off cyberattacks.
Boston’s strengths, Ali notes, have helped draw other cyber companies here, creating a bit of a snowball effect. He cites the network security firm iBoss, which relocated from California a few years ago.
Now if we could only convince RSA to move its flagship conference here, one of these years. Maybe the new PE owners can put it on their to-do list.