Below is a snippet from a brief interaction team IT-Voice and Rajesh Maurya, Regional Vice President of India & SAARC region, Fortinet.
Prateek: What solutions does Fortinet offer to support remote and hybrid work?
Rajesh Maurya: As we emerge from the pandemic hybrid working has become the new normal and a holistic approach to security is increasingly critical. This is why COVID-19 may have put the final nail in the coffin of the “point product” approach to security solution selection. Fortinet’s holistic approach to security means building an entire architecture as a single unit, enabling organizations to accomplish both digital innovation and security at the same time by using native integrations. We should quickly note that holistic is not necessarily monopolistic, and organizations do not have to throw away their installed base to take advantage of an integrated cyber response. However, security elements should be chosen so that they natively work together.
Our holistic approach has a number of benefits that align with today’s requirement for rationalization. The perfect example is the massive adoption of secure software-defined wide-area networks (secure SD-WAN). The demand for secure SD-WAN is accelerating due to its increased agility and reduced cost coupled with full visibility into traffic. Smart companies are adopting a security-driven networking approach as they perceive the need for network innovation and advanced security to be addressed as one. This merges two previously siloed functions, improves the efficiency of both, and makes security an enabler of digital innovation.
Another element of the holistic view is adaptive cloud security. The cloud is one of the biggest IT trends of our generation, enabling incredible computing power without capital expenditures. Some enterprises have tried to focus on a single public cloud because security protection is more straightforward that way. But this also locks the enterprise into following a specific technology roadmap—and a future cost structure—that it may not control. On the other hand, if security sits on top of a distributed, multi-cloud infrastructure, the enterprise has the freedom to find the best cloud for every service.
The third pillar of our holistic approach is zero-trust network access. With this approach, access to resources is dynamically granted and re-evaluated based on the real-time context and behavior of the requestor. As billions of new devices are trying to access our connected world, we must permanently challenge all attempts to access the network and different resources within it.
Prateek: Please throw some light on Training Advancement Agenda (TAA) initiatives and Network Security Experts (NSE) Training Institute programs.
Rajesh Maurya: Fortinet has bolstered its commitment to address the cybersecurity skills gap by pledging to train 1 million people globally across the next 5 years through its Training Advancement Agenda (TAA) initiatives and Network Security Experts (NSE) Training Institute programs. The skills gap is a significant challenge for organizations of all sizes. According to an (ISC)2 report, in order to fill the cybersecurity skills gap worldwide, 3.12 million professionals are needed.
Fortinet’s TAA and NSE Training Institute programs provide cybersecurity training and certifications, career growth resources, and hiring opportunities to make a career in cyber attainable for all, including women, minorities, veterans, and students.
Cultivating partnerships with business leaders and the public sector: Fortinet collaborates with global leaders to foster a skilled, inclusive, and diverse cyber workforce, including IBM, Salesforce, and the World Economic Forum. Through our Education Outreach Program, partnerships extend to various sectors, including academia, government, and non-profits, to ensure all populations – such as women, minorities, and veterans – are provided with opportunities and resources for a career in cyber.
Momentum with the NSE Certification Program: The Certification Program is an eight-level training and certification program designed to provide technical professionals with independent validation of their network security skills and experience. With more than 680,000 certifications issued and more than 1 million hours of training consumed from the onset of the pandemic to now alone, the award-winning NSE Certification Program continues to gain traction by offering one of the industry’s top cybersecurity training programs. Through this program, Fortinet is helping professionals and others to learn new skills, reskill or upskill in cybersecurity.
Building a Cyber-Aware Workforce with the Information Security Awareness and Training Service: Fortinet is helping develop a cyber-aware workforce with its Information Security Awareness and Training Service, introduced in 2020 free of cost for organizations of all sizes. Fortinet’s Information Security Awareness and Training Service offer industry-leading cybersecurity awareness components to educate people about today’s cyber threats, such as phishing, social engineering, and ransomware attacks, and how to protect against them. The awareness and training service is suitable for the entire workforce, from technical to non-technical employees and contractors.
Developing OT Skills through Training and Career Pathways: With critical infrastructures being a target for many recent cyber attacks, it is crucial for OT organizations to have the proper security and skilled professionals to protect themselves. Fortinet has introduced a new OT security course as part of its NSE level 7 certification to expand technical skills for securing OT environments. OT security is also covered in NSE 4, NSE 5, and NSE 6 courses.
Prateek: The ransomware attacks have increased multifold in the last 12 months. What steps should enterprises take to prepare for such attacks?
Rajesh Maurya: Ransomware is plaguing organizations at an increasing rate. According to the recent 1H Global Threat Landscape Report from FortiGuard Labs, ransomware incidents have increased nearly 1100% over the past twelve months. And in a new global ransomware survey conducted by Fortinet, an astonishing 67% of organizations report having been a ransomware target—with nearly half saying they had been targeted more than once and almost one in six saying they had been attacked three or more times.
The following best practices can help focus strategies to protect against this growing threat:
Know Your Risks and Plan Accordingly: There are several ransomware attack strategies that organizations need to prepare. Web-based attacks that target and compromise vulnerable systems are a significant attack vector, and Secure Web Gateways can help protect end-users. Fortunately, 52% of organizations include such technology in their ransomware plans. But the most common entry method reported by respondents was phishing, which combines social engineering and user manipulation with an infected email that includes malicious links or attachments. And while end-user training can go a long way towards preventing users from clicking on a malicious link or attachment, it only provides a partial solution. A modern secure email gateway should identify malicious links and attachments, analyze them in a sandbox, and ideally disarm them before they ever lure a user into downloading ransomware or (for those with a high-security concern) browse to links and files in an isolated browser environment.
Stop Known Threats: Organizations should also seek out a platform-based cybersecurity solution that stops known ransomware threats across all attack vectors. This requires a layered security model that includes network, endpoint, and data-center controls powered by proactive global threat intelligence. In addition to traditional security tools, it should also include behavioral analytics to quickly identify and stop a breach.
Detect New Threats: As existing ransomware is constantly morphing and new ransomware is being released, it is essential to implement sandboxing and other advanced detection techniques to pinpoint new variants across those same vectors. Similarly, real-time behavioral detection at the endpoint is just as critical as detecting malware on its way to the endpoint.
Protect Endpoints: And while new advanced endpoint technologies like EDR (endpoint detection and response) can identify malicious ransomware—based on behavior in addition to threat intelligence, organizations need to implement critical technologies like Secure Web Gateways, SASE, and ZTNA for secure application access to extend protections to their remote and mobile workers.
Prepare for the Unexpected: Dynamic network segmentation helps protect against ransomware’s worm-like behavior. With an effective segmentation strategy in place, a breach can be restricted to a small portion of the network. Likewise, data backup with offline storage and recovery is critically important.
Encryption is Critical: Although it can be time-consuming, encrypting all data at rest prevents criminals from threatening to expose data online or resell stolen information on the dark web if a ransom is not paid.
Secure the Entire Infrastructure: Traditional WAN connections are rapidly being replaced with SD-WAN because it is inherently smarter and more agile. But in many cases, SD-WAN is not necessarily more secure—which is why every organization with an SD-WAN strategy needs to be considering a secure SD-WAN solution (SD-WAN built on a security-based platform, like an NGFW) as their primary approach to replacing legacy remote connectivity to cloud and data center resources from branch offices and certain super-users.
Prateek: What will be your partnership strategy for the forthcoming year?
Rajesh Maurya: The Fortinet Engage Partner Program helps partners develop the expertise needed to deliver digital transformation through customizable programs with business opportunities as well as the programs and infrastructure in place to accelerate their growth. Partners are also provided flexibility to engage on three business levels: Integrator, MSSP, or Cloud, which provide multiple opportunities to grow different segments of their business, as well as multiple ways to differentiate their offerings with specializations.
Fortinet introduced four specializations last year for partners, including Secure SD-WAN, Data Center, Adaptive Cloud Security, and LAN Edge and SD-Branch. We are now adding three more specializations based on areas driving customer demand. The introduction of these new specializations is representative of the rapidly growing market areas that customers are searching for expertise in. Fortinet’s new specializations are focused on high growth areas with additions including Zero Trust Access, Operational Technology, and Security Operations. They will further enable partners to differentiate their skillsets and knowledge in these fast-growing areas and help customers to rely on them as trusted advisors.
Fortinet’s Security-driven networking strategy enables partners to offer customers greater levels of protection while growing their own businesses. Helping customers establish a security-driven networking strategy also gives partners a way to demonstrate value by providing guidance when addressing hybrid IT challenges.
Prateek: What are some of the key challenges enterprises face in cloud security? How the threats could be avoided?
Rajesh Maurya: A Fortinet 2021 Cloud Security Report survey found that cloud security concerns among cybersecurity professionals remain high as the adoption of public cloud computing continues to surge in the wake of the pandemic and the resulting massive shift to remote work.
Among the key barriers to faster cloud adoption, survey participants mentioned lack of visibility (53%), lack of control (46%), lack of staff resources or expertise (39%), and high cost (35%) as the most significant negative factors.
Misconfiguration of cloud security remains the biggest security risk according to 67% of cybersecurity professionals in the survey. This is followed by exfiltration of sensitive data (59%) and tied at 49% are unauthorized access and insecure interfaces/APIs.
Multi-cloud environments add complexity and security challenges as organizations are most concerned with data protection (58%) followed by a lack of security skills (57%) and understanding how different solutions fit together (52%).
Organizations are grappling with a diverse set of tools that deliver disparate controls and highly variable security posture, specific to each cloud platform. Deeply integrated, cloud-native solutions can bridge this complexity by providing visibility, protection, and control through consistent policies that span the diverse array of multi-cloud and hybrid cloud environments.
A common security framework not only delivers uniform security posture, but also simplifies cyber defense, compliance reporting, and data sharing. With this approach, organizations can freely adopt whichever cloud platform suits their particular needs, confident that their data and applications will be safe, resilient, and secure.
For any such interaction opportunities, you may write to us at [email protected].