RSA has officially announced that it has promoted Jim Taylor to President, Chief Product and Strategy Officer. His old role was Chief Product and Technology Officer, so strategy has replaced technology in his formal title. No replacement Chief Technology Officer was named.
“That function is now subsumed within my current job,” Taylor told ChannelBuzz.
“There’s a broader kind of reshuffle going on,” Taylor explained. “RSA went through, what we’re describing as our first chapter or first phase of the company, which was, as you know, revitalizing the brand, reclaiming our heritage and broadening our scope to be more of an identity security vendor than just an authentication vendor. A little while back, we kind of entered Chapter Two, which impacted the new CEO [Greg Nelson] and created a new role for me. Greg and I came in together. We basically joined the RSA business at the same time. And together we will take the business through the next chapter, which is us returning to a much more product-led innovation organization. RSA is known as an authentication vendor, the RSA token. We were much more specialized in the authentication space. We see that that needs to be part of the bigger conversation, which is the identity space.”
Taylor emphasized that rethinking the company in this way was absolutely vital.
“You know, we really feel it’s important to double down on innovation and pioneering new capabilities given everything that’s going on in the world,” he said. “And so my change in role and title reflects that we’re investing more in the business around an innovation agenda. I’m focused around that strategy and innovation. So it’s a kind of a 1-2 punch, right? [with Nelson and himself]. It’s RSA really focusing on pioneering and innovating new technologies. We’ve added a lot of capabilities across identity. We’re not just authentication, we’re now identity management, access management, identity governance. We solve the full spectrum of the identity security problem – of which authentication remains a very important part, but it’s a broader identity security viewpoint.”
That’s why companies like Okta are competitors of RSA, but also targets for potential collaboration.
“They are competitors of ours as well, but you would find a lot of customers that would use a product from RSA and a product from Okta at the same time,” Taylor indicated. “So I would say the main difference between us and other vendors is that we have always been more security focused. If you are security sensitive, you’re a government, you’re a bank, you’re critical infrastructure. If security is higher up on the things that you really worry about, you’re more likely to talk to RSA. We focus in the security-sensitive arena. Those companies are those entities that really need to take security very seriously.”
The press release announcing Taylor’s promotion contained an important quote attributed to RSA CEO Greg Nelson – “RSA will continue to be innovation-led and product-led, with Jim driving an accelerated roadmap that keeps our customers ahead of evolving threats.”
“Part of Greg’s promotion and my promotion as well is us returning to be much more product led,” Taylor stressed. “It’s really important to double down there, and my changed role and title reflects that the company is adding additional investment.”
RSA will accelerate innovation in four key areas that will help organizations address critical security and operational needs,
“The first area that we’re really focusing on is passwordless,” Taylor said. “We see a need to accelerate passwordless to provide comprehensive, secure passwordless solutions really across the industry. A lot of vendors are claiming passwordless capability or are adding features and functions in this space. Every vendor has a slightly different take on it. So our focus is to deliver something that allows an enterprise to holistically and completely take that passwordless journey, and remove passwords from their environments. Our focus is to not just fill in all the gaps and offer a comprehensive passwordless solution, but make it one of the most innovative things like adding intelligence risk to really make it a complete and rich experience across the enterprise. So I would say that’s an area where. RSA is leading and you know we need to go faster. We need to do more. We need to enable more companies to get rid of passwords to become more secure.
“The second key area for us is around what we describe as highest assurance,” Taylor stated. “RSA is the industry leader in helping government, financial services, healthcare, energy, and other critical infrastructure stay secure, resilient, and operational, and we will expand and deepen our solutions to ensure essential services remain protected against evolving threats. Those governments, banks and financial institutions that really want something that’s much more secure than a normal run-of-the-mill vendor will offer them. They need the highest levels of redundancy, the highest levels of failover, the highest levels of security assurance. If you’re one of the world’s largest banks and you’ve got a trillion dollars or more flowing through you on a daily basis, you take security very seriously. You can’t afford to have any issues. Same if you’re a government agency. There are a lot of scenarios where failure is just not an option. Uptime is not a conversation. It needs to be working all the time, delivering the best possible security. So that’s an area that we’re putting a lot of innovation into.”
AI is the third area of intensified focus.
“How we use AI to build our products, how we use AI to help configure and become like a built-in assistant for our customers within the products itself, how we leverage AI to perform routine and mundane security tasks,” Taylor said. For more than 20 years, RSA Risk AI has leveraged machine learning to dynamically assess user risk and automate responses. RSA is adding new solutions that leverage that rich data set along with data from RSA identity and access management (IAM) and identity governance and administration (IGA) solutions, to create new solutions for our customers.
“We are doing a big doubling down as we see adversaries, the bad folks, starting to use AI more and more in their cyber attacks,” Taylor stated. “We need to use AI and be creative with AI more and more in our security defense. So that’s a big area for us.”
“And then the last big area for us is really around identity management, identity, government and assurance and ISPM is the industry acronym – Identity Security Posture Management,” Taylor stressed. “To bring additional ISPM features to the RSA Governance & Lifecycle platform – how do I reduce my risk surface? How do I move to a least privilege model? The less exposure I have, the easier it is to manage and secure that exposure. We have been in the IGA space for a while, which best aligns with ISPM. It’s simple things like Least Privilege – if it’s not being used, reduce it. This will dramatically reduce my cyberrisk.
“These are the four key areas where we’re really doubling down and investing,” Taylor said. “It involves a lot more time, money and resources to really innovate, much, much faster. That’s been the big shift for us.”
Taylor acknowledged that this new push in innovation is the result of RSA having taken their eye off the ball here somewhat in the past.
“It certainly slowed down innovation,” he said. “RSA went through a series of acquisitions. We had a period where we were acquired by EMC and then EMC was acquired by Dell. Then we separated from Dell and RSA had become a much broader entity with components like Netwitness, which is an XDR Archer, which is a governance GRC tool. So to some extent we felt like we had lost our focus through multiple acquisitions, and multiple different agendas and strategies and being a much broader cybersecurity company. When RSA came out of Dell and became a private company again, part of our agenda, part of our plan, was to really kind of refocus all of our energy, all of our resources back to doing what we consider to really be our core DNA, pioneering in the identity space. We definitely didn’t have the focus and the attention and the drive that we do today. We are 100% an identity company. We are 100% focused on solving problems like passwordless and we’re pouring our innovation and the engineering talent that we have into focusing on that. That’s really the big difference. It allows us to go much faster and we’re adding significant investment. We’re placing a big bet in terms of people, time and dollars to really attack this space. We feel like it’s an area where the industry at large is not doing as good a job as they should. RSA is a pioneer. We love new frontiers and that’s where we find ourselves.”
Taylor said that while literally dozens of vendors have been getting into adaptive AI, he sees RSA having an advantage here.
“There is a lot of similarity between those 30 or so new AI models, and I can use that to improve engagement with my technology, using our AI around data analytics,” he noted. “We have 40 years of experience, so our data is super rich. That’s another stream where you will see us innovating. Microsoft has successfully branded Copilot as a services person in a box. But AI SHOULD be a copilot that enhances those facilities. You have to see through the marketing hype to get to the real value. It will help with mundane tasks and things a human can’t see today. Our focus now is how do we make it practical? How do we bring value from AI? How do we have AI help make an individual or an entity more secure?”
Taylor emphasized that this is all a continuation of the work they have been doing since they went private.
“Since we separated from Dell, we’ve been on a journey,” he said. “We’re now moving into a core innovation phase. And how we accelerate that is quite simple. It’s really by doubling down, by adding more resources, more investment and accelerating our roadmap. We don’t just want to deliver just a Version One capability. We want to deliver a Version Two capability. We want to add more features, more functionality, more richness and deliver it in a much shorter time span.”
Where do RSA’s channel partners, who are their primary route to market, fit in all of this? Taylor stressed that they want the channel to be able to do even more, and that bringing in more strong partners is a priority for them.
“RSA is a channel driven company,” he said. “We’ve put 95% of our business through the channel. We are channel led, and channel through and through. As we add and bring new capabilities and we innovate more to some extent, that gives us a huge opportunity to win. Channel partners are in business to make money. They want to sell solutions that sell. They want to be associated with products that work. They want to represent the best interests of their customers too. So I think there’s a huge opportunity for us as we bring more capability and more innovation to not just add to our channel program, but to add additional channel partners. There are some channel partners that just don’t work out, but there is a natural kind of cycle there and you’re always looking moving away from those folks where it doesn’t make mutual sense, where there’s not mutual advantage. But overall I would say we want to add more partners, and take partners who want to be a part of that, and deepen those relationships. We want to provide value to our customers. We want to help our channel partners do that because that’s what they want too. So I think you’ll see more of a deepening, more of an expansion and more focus on the channel, I think beyond just channel partners.
“I think you’ll see that from us in the ecosystems as well,” Taylor added. “You’ll see us work with other technology vendors and do more technology partnerships. We’ve been pretty big in the press about our relationship with Microsoft, where we feel like that’s a 1 + 1 = 3 scenario. We add a lot of value to Microsoft solutions and we feel like they bring a lot of value to us as well. RSA is a partnership-based company channel. We like to say we partner with our customers on innovation. We like to say we partner with our channel in terms of go to market, and we partner with technology ecosystems. So I think this is only a positive for the channel.”
Taylor concluded by saying that many readers will wonder why RSA is doing this right now, and investing.
“We are seeing a lot of change and disruption across cybersecurity in general,” he said. “With everything that’s going on in the world, security became a lot more serious over the last couple of years. It became a lot more front and centre and focused. We see constant increases in attacks. So to me it’s kind of like it makes sense why a core native security company like RSA would be doubling down, would be placing big bets, would be investing a lot. So I think from a channel perspective. that’s an important point to consider – the world at large. and how the industry is moving and how it’s refocusing around a much more security-based mindset.”