Quarterly insights: Cybersecurity
RSA 2024 and recent conversations: Key insights and takeaways

We present our key takeaways from the 2024 RSA cybersecurity conference and recent industry conversations.
In recent years, several factors have heightened concern about the fate of best-of-breed cybersecurity solutions. However, we see evidence that robust demand for both best-of-breed solutions and single-vendor platform solutions will persist for the foreseeable future.
The pace of cybersecurity M&A and financing remains incredibly robust, but we feel it is increasingly important to pursue capital strategies that align constituents around probable exit valuations rather than strategies premised on improbable unicorn valuations.
AI in cybersecurity was an even hotter topic at RSA in 2024 than in 2023. We see most cybersecurity companies adding AI capabilities to their existing solutions, but we are seeing more cybersecurity companies built from the ground up with AI engines at their core.
Looking at specific cybersecurity subsectors, data security stood out as seeing substantial innovation and winning much attention. Several factors appear to be driving this increased focus on data security.
TABLE OF CONTENTS
- Strong attendance suggests cybersecurity remains among the most active tech areas
- Best-of-breed vs. platform debate continues, but both do well
- Deal activity hype remains strong, yet unicorn valuation exits unlikely
- AI even more prominent, but levels of use vary widely
- Highly competitive data-security subsector garners meaningful attention and excitement
- Challenge of finding security professionals gets less air time
- Still an exceptionally fertile market
- Cybersecurity index: Strong one-year gain, but lost pace after January
- Cybersecurity M&A: Notable transactions include Darktrace, Venafi, and Noname Security
- Cybersecurity private placements: Notable transactions include Cyberhaven and ThreatLocker
Strong attendance suggests cybersecurity remains among the most active tech areas
While artificial intelligence (AI) has become the most topical area in tech over recent years, strong attendance at 2024’s RSA conference suggests cybersecurity remains among the most active tech ecosystems. This year, the buzz on the floor and at surrounding hotels and venues struck us as markedly greater than at the past two RSA conferences since the event resumed convening in person in 2022. The 2024 conference attracted over 41,000 attendees, over 650 speakers, and over 600 exhibitors, ranging from startups to large publicly traded companies. Conference attendance was up from the past few years and near 2017’s record 43,000 attendees. From presentations, meetings and discussions, it was evident that startup financing and merger and acquisition activity continue at a strong pace, indicating that despite the industry’s growing scale, opportunities for companies at all stages remain significant.
Best-of-breed vs. platform debate continues, but both do well
This year, like every year, we heard much debate over the appeal of best-of-breed solutions versus single-vendor platform solutions. In recent years, several factors have heightened concern about the fate of best-of-breed solutions. These include the success of massive platform players such as Palo Alto Networks (PANW), Fortinet (FTNT) and CrowdStrike (CRWD) and the fear that buyers struggling with the sector’s chronic talent shortage would increasingly be unable to take on the complexity inherent in running multiple best-of-breed solutions.
However, we have become convinced robust demand for both approaches will coexist for the foreseeable future, and our recent interactions have reinforced this view. Large enterprises with high cybersecurity risk profiles and large cybersecurity budgets continue to need and opt for best-of-breed solutions across subcategories, sustaining the kind of robust population of innovative cybersecurity startups that has characterized the broad cybersecurity market for decades. At the same time, many organizations have personnel, IT architecture, and other factors that make buying multiple cybersecurity functions in a unified, easy-to-use package more compelling and effective for addressing their cybersecurity needs.
Further, we’re seeing a trend that will likely make this debate less relevant in the future: an increased willingness of platform vendors to open their user interfaces to not only take feeds from smaller, best-of-breed vendors’ solutions, but also to integrate tightly enough to trigger actions on these best-of-breed vendors’ solutions. Our conversations indicate this shift is at least in part due to buyer demand. The change means buyers across the spectrum of company size and cybersecurity risk can better tap the advantages of both best-of-breed and single-platform solutions, supporting demand for both approaches. This may come with some shift in the locus of value in the cybersecurity ecosystem, but overall, it seems like a win for all constituents.

Request full report
To access the full report, please provide your contact information in the form below. Thank you for your interest in First Analysis research.