2020 will be remembered as the year the human element finally came to security. Credit: Thinkstock The world’s largest security show, RSA, was held last week in San Francisco. Over the week, tens of thousands of people flocked to the Moscone Center to check out the almost 800 vendors and hundreds of speakers to educate themselves on the latest and greatest in cybersecurity.The theme of the show was “The Human Element” and that tag line could be seen on signage all over the Market Street area. I thought it was a fitting message as most of what I saw from the vendor community was about making security technology easier to deploy and use. Five such examples are:Cisco SecureXLast year I wrote a blog post proclaiming endpoint detection and response (EDR) to be dead and replaced with XDR. My basic premise was that security technologies, such as EDR, can’t exist in isolation as they only see a small piece of the overall puzzle. Fellow CSO blogger John Oltsik has a similar view of the world, although he calls it SOAPA. Whatever the name, the point product approach is overly complicated, has many blind spots, and leaves organizations open to breaches. Cisco’s SecureX addresses the human element by taking a platform approach to simplify operations. In my blog post, I called out endpoint, cloud, and network as the three pillars of XDR. Cisco takes that a step further by adding in Talos threat intelligence and then uses machine learning to provide visibility and automate workflows across Cisco and third-party security tools. Security professionals understand that complexity is the enemy of security, and SecureX is intended to simplify operations. Fortinet FortiAISimilar to Cisco, Fortinet has taken a platform approach to security. At RSA, the company announced its FortiAI security appliance that can find and identify threats in real time. Fortinet’s differentiator is its Security Processing Unit (SPU), which is its own silicon, that brings feature consistency with better price / performance than off the shelf processors. FortiAI can be used as a standalone device to find threats but when used in conjunction with Fortinet technology such as FortiSandbox, FortiEDR and FortiSIEM, it can automate the response and perform security sweeps and can save engineers hours of time of manually intensive work.OneLogin Vigilance AIMulti-factor authentication (MFA) is the ultimate conundrum for businesses. It’s an obvious “must have” technology as weak passwords remain a huge source of breaches. I recently interviewed a well-known penetration tester and he told me he can breach 90% of the companies that hire him within an hour, typically with weak passwords. Despite the need, users generally despise MFA because it’s complicated, requires SMS pushes or RSA tokens, and generally gets in the way. OneLogin’s Vigilance AI Threat Engine uses a combination of user behavior, such as keyboard cadence and location information and combines that with other date to determine a “score” to make the process to make life easier for users. McAfee MVISION for cloudBusinesses are adopting cloud at a furious rate because it creates an unprecedented level of agility and simplifies IT. There is a dark side to the cloud, though, and that is it opens up a wide range of new security threats. There are ways to secure the cloud but it’s difficult to do using traditional manual methods. Humans just can’t work fast enough to keep up with the pace of change in the cloud. While I was at the McAfee booth, one of the presenters mentioned a Gartner data point that stated 99% of cloud security breaches are a result of misconfiguration.McAfee is best known for being an endpoint security vendor and has extended those capabilities to the edge and cloud. The fact the 800-pound gorilla in EDR has increased its reach off premises fully supports my thesis that EDR is indeed dead — or at least evolving. The technology used to power MVISION is from McAfee’s 2018 acquisition of cloud access security broker (CASB) vendor Skyhigh Networks. MVISION simplifies the process of creating policies from cloud to edge to device creating greater consistency of threat prevention.Palo Alto Networks Cortex XSOARAt RSA, shopaholic Palo Alto Networks announced Cortex XSOAR built on its half-a-billion dollar acquisition of Demisto. Demisto was one of six acquisitions the company made in 2019, and XSOAR is a great example of how Palo Alto Networks is using its purchases to beef up its own security platform. While there are many SOAR (security orchestration, automation and response) products on the market, Palo Alto brings in its threat intelligence feeds and displays it on the same console with data from the internal security system. The combination of external threat information with internal incidents enables security professionals to make faster and better response decisions. Historically, the correlation of information was done manually or not at all. The integration of the curated threat intel and AI based analytics should give security teams greater confidence in the response decision they make.While there was no new big thing at RSA this year, one could argue the big thing is enabling customers to finally get more value out of the security dollar already spent. Security vendors are waking up and realizing having the fastest or most technically advanced widget doesn’t matter if it can’t be deployed or it gets in the way. Related content opinion 5 things to look for in an XDR solution The XDR market is hot, with vendors large and small jumping on the bandwagon. Here are 5 key capabilities to look for when evaluating XDR solutions. By Zeus Kerravala Jan 14, 2021 5 mins Intrusion Detection Software Endpoint Protection Security opinion Why it's time to shift to extended validation certificates More than ever, a strong organizational identity is essential for building trust with users. By Zeus Kerravala Aug 27, 2020 4 mins Internet Security Security opinion Securing IoT requires a shift to a security fabric The IoT era and the expectation that everything will be connected, accelerates the need to move away from point products and toward the concept of a security fabric. By Zeus Kerravala May 21, 2020 6 mins Internet of Things Network Security Security feature Phishing has become the root of most cyber-evil Phishing has become the top cause of data breaches. But with employee education and the right tools, such breaches can be prevented. By Zeus Kerravala Feb 05, 2019 6 mins Phishing Analytics Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe