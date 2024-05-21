



In a field that includes thousands of cybersecurity vendors, incremental innovations and feature products make up a significant share. But innovations that enable cybersecurity breakthroughs and advantages to meet challenges differently or address new challenges remain elusive. The RSA Conference (RSAC) offers two structured opportunities for security startups to differentiate themselves, and Forrester consistently reveals that it will tell which startups will survive. I feel that

Innovation Sandbox: There was one clear winner

In 2024, Aembit, Antimatter, Bedrock Security, Dropzone AI, Harmonic Security, Mitiga, P0 Security, RAD Security, Reality Defender, and VulnCheck competed in the Innovation Sandbox. This year marked the first in memory that RSAC added an enterprise CISO to its judging panel of veteran VCs, vendor CTOs, and startup founders, and she was a great addition to ask questions that potential customers would have. Winner: Reality Defender. Runner-up: Aembit.

But wait a minute. Another friendly competition is brewing among the audience. As a participant, Forrester's research directors and analysts create top picks to predict the winner. And this year, they both correctly predicted the judges' top picks, but missed out on the runner-up spot. The top five are:

Loras Top 5 Hidis Top 5 1. Reality Defender 1. Reality Defender 2. Dropzone AI 2. Antimatter 3. Antimatter 3. Harmonic Security 4. Aenbit 4. Mitiga 5. Harmonic Security 5. RAD Security

Here's why:

Deepfakes are a growing threat that can cause significant damage. Forrester lists deepfakes as one of his top five cybersecurity threats for 2024. Businesses face a variety of harmful outcomes, including fraud, ransomware execution, data and IP loss, stock price manipulation, reputation and brand damage, and amplification of misinformation. Tools to detect deepfakes are few and currently still in their infancy. Reality Defender is already tackling this pressing problem in television networks (to scan media before it's used on broadcast) and banks (to detect AI voice fraud in call centers). The use of generative AI changes the way we think about controlling and protecting data. Antimatter and Harmonic Security worked to enforce control over how large-scale language models can interact with data and how people can interact with genAI apps. It also includes using genAI in ways that fundamentally change the approach to data protection. Beyond data protection, the use of genAI across security tools is heating up. Proceed with caution to avoid getting caught up in the hype, as with some visions such as autonomous security operations centers (SOCs). Enabling access with least privilege and reducing friction provides clear and direct value. Four of the 10 finalists innovated here. Today, enterprises face many challenges in identity governance and access for both humans and machines across their systems and data environments. Top trends shaping identity and access management in 2024 include technical debt from maintaining legacy on-premises solutions and increased demand for fine-grained authorizations. Accelerating response requires increasing efficiency. Cybersecurity professionals still lack effective automation to run workflows confidently and consistently. However, we know that reducing the time it takes to detect, investigate, respond, and remediate reduces the impact of a breach. The need for speed permeating the industry was a recurring theme for these early-stage vendors. Rather than adding layers of tools, these innovators seek to increase the contextual understanding of the technology stack. A better understanding of our technology stack improves the analyst experience for the SOC and other members of the security team.Launch pad: Tamnoon is recommended

Launch Pad was like the reassuring, all-too-nice cousin of Innovation Sandbox. In 2024, Culminate, Knostic, and Tamnoon pitched their idea to a panel of experienced VC judges who are dedicated cheerleaders. The judges do not choose a winner. Instead, they each say whether they want to participate in the startup's proposal. This year, all three judges gave their approval to three startups. Launch Pad finalists had several things in common with Innovation Sandbox finalists, including the use of AI in security, enabling least privilege, and detection and response. Our view:

Culminate offered a version of its ubiquitous AI assistant or investigator for SOC analysts. Vendor-agnostic alert investigation tools reduce vendor lock-in and speed detection and response through contextualization and prioritization. Culminate may find demand in the sometimes ignored small business segment, but it may be difficult for companies currently trying to eliminate tools from their tech stacks. Knostic marketed itself as Okta to gain approval. Rather than blocking responses from generative AI tools or confusing users who don't understand how they went wrong, Knostic protects sensitive information, suggests alternative approaches, and degrades the user experience. We recommend alternative prompts that maintain data confidentiality without having to Tamnoon earns our vote thanks to its remediation simulation capabilities and as-a-service model. Simulate remediation to understand the potential impact on your cloud environment. When adopted by both security and IT, this reduces interaction between the two groups, speeds decision-making, and allows for faster mitigation and remediation. This provider will also launch as a service soon. This is wise. 1) Everything will eventually become a service, and 2) this should drive adoption and lead to faster growth. I'm interested in working with a startup, but is it really possible?

Yes, I can. Good startups offer agility and flexibility and can often be your design partner, but you must be able to invest time in engaging with the startup. An experienced CISO in an organization with vision, strategy, and fundamental security can do just that. Here are some things to keep in mind:

You have to give to get. We pay into the ecosystem by providing proof-of-concept opportunities to startups. This includes, for example, joining a customer advisory board and speaking up for feedback and constructive criticism. Use your authority to allocate funding and resources to use this innovation. For example, this includes building the ability within your team to proactively research the market to assess and evaluate cybersecurity startups. Additionally, you can celebrate successes by demonstrating how your investments deliver business value and help achieve your core security objectives. Startups gain the company's knowledge and trust, and you influence the early roadmap. Being a large client of an early-stage vendor gives you tremendous influence over the overall roadmap of your solution. The insights you share on how this works in enterprise environments, use cases, and how to overcome procurement and third-party risk management hurdles will be invaluable to vendors. Please use this power responsibly. However, recognize that it is an opportunity. They prioritize your due diligence. Take the time to assess feasibility in a production environment and review existing customer examples. They should be open about gaps in solutions. Whether you're the first major organization to use your product or the 20th, you should investigate details such as: 1) How it is financed. 2) Investor track record. 3) Startup team credentials. 4) What formal certifications have you obtained (or have not yet obtained) for your internal security practices?

Want to learn more about this year's RSAC experience? Forrester clients are invited to join us for a webinar on June 18th at 1:00 PM ET.

