RSA Conference 2020: cyber-security vendors are increasing their focus on end users’ requirements

Analysys Mason attended the 2020 RSA Conference in February, the official theme of which was ‘the human element’. Conference attendance was lower than that of last year’s gathering due to fears of the unexpected element affecting humans, COVID-19. Indeed, some big players such as AT&T, IBM and Verizon decided against attending. Cyber security remained the principal topic of conversation at the event, despite talk about COVID-19.

The main messages at this year’s event revolved around making cyber-security solutions more accessible and consequently driving their adoption. It was encouraging to hear that many security vendors are increasingly focusing on factoring the people element into the design of their solutions. Vendors’ focus is shifting to designing solutions that can be adopted by a wider range of personas within organisations, which is particularly relevant for the small and medium-sized business (SMB) market.

‘Democratising’ or ‘consumerising’ security should be the priority of all security vendors, and particularly of those that target SMBs

The keynote session delivered by Wendy Nather of Duo Security (which was acquired by Cisco in 2018) summarised the concept of ‘democratising’ security well.

• It is about collaboration and understanding that security is part of everyone’s job (and everyone’s responsibility) rather than that of only the IT or security professionals within an organisation.

• It requires vendors to design security software with a range of different types of users in mind, and to simplify tools so that they can be effectively used by stakeholders with little or no understanding of the technology behind them.

People’s expectations of security solutions are changing as the overlap between software used at work and that used at home grows. There is an increasing demand for a consumer-grade user experience, particularly from SMBs where the individual(s) in charge of security operations is/are not necessarily capable of effectively using solutions designed for specialists.

Another important and related point, voiced by multiple vendors, is that organisations are increasingly expressing concerns about the complexity of their security solution stacks. Businesses are looking to simplify the deployment, integration and management of their security tools, which has prompted many vendors to consolidate and ‘platformise’ their solutions. For example, Cisco used the RSA event to launch SecureX, a platform that organisations can use to improve their visibility of their security solution portfolios.¹

More vendors are turning their attention to managed detection and response (MDR) solutions

This includes many vendors that are active in the SMB security solutions market such as Bitdefender, BlackBerry Cylance and Trend Micro. Their growing focus on MDR is a sign that they are increasingly targeting large enterprises. For the time being, not many SMBs can afford an MDR solution because the associated costs are still too high.

A number of vendors highlighted their MDR solutions at the conference. For example, Trend Micro demonstrated its comprehensive XDR solution, and McAfee launched an MDR platform with DXC Technology as its strategic partner. This suggests that MDR is becoming a more-mainstream service rather than a differentiator, although definitions of MDR vary considerably by vendor.

Microsoft is increasing its investment in cyber security

Endpoint security vendors dominated the exhibition floor at the conference, and Microsoft’s increasing focus on cyber security is likely to damage the prospects for most of them, particularly those active in the SMB market. Just before the event, the company launched Microsoft Threat Protection, a single solution orchestrating the capabilities of Microsoft Defender Advanced Threat Protection (ATP) (for endpoints), Office 365 ATP (for email and collaboration software), Azure ATP (for identity-based threats) and Microsoft Cloud App Security. Pure-play security vendors will need to work hard to demonstrate to SMBs (particularly those with small numbers of employees) how their solutions add to or differentiate from Microsoft’s bundle of services, which will be the default choice for the IT managers of many such organisations.

Mobile threats are receiving an increasing amount of attention

Attackers are increasingly switching their focus to mobile devices because security solutions for other types of attack surfaces have become more effective. The media attention that business mobile phishing attacks have attracted recently has raised awareness among organisations about the importance of smartphone cyber security, and contributed to this being a more-prominent topic at the conference.

Vendors with a focus on mobile security are picking up on this new trend for mobile attacks; Lookout, for instance, demonstrated the addition of phishing and data protection capabilities to the Lookout Security Platform at the event. Blackberry announced the addition of a new security layer to its Spark platform, which can now protect a wider range of endpoints including mobile and IoT devices. Microsoft said that it will deliver new mobile security capabilities during 2020 through its Microsoft Defender ATP.

Lookout’s approach highlights the growing market for endpoint security solutions that encompass both mobile and ‘traditional’ endpoints. The vendor’s number of business customers in the fiscal year ending 31 January 2020 increased nearly 250% year-on-year, partly driven by the strategic integration that it announced with Microsoft Enterprise Mobility + Security (EMS) in 2019 that enables Office 365 users to secure their bring-your-own-devices (BYOD).

The focus of this year’s conference was on the demand side (rather than the supply side) of cyber security

This year, the focus shifted away from technology buzzwords such as automation and artificial intelligence and towards solution users, although these buzzwords were still used in abundance. Vendors are increasingly focusing on adapting their solutions to their channel partners’ and end users’ expectations and preferences, and on making them more accessible to a wider range of users within organisations. This is an encouraging sign, and reflects the results of our survey that show that SMBs need security solutions that are simple to use, even if this means that the technology behind them is not the most-advanced possible.

¹ For more information, see Analysys Mason’s Security providers should help SMBs to manage their existing products before selling them new solutions and VMware’s cyber-security offering will be strengthened by the purchase of Carbon Black.