Alain Penel, Regional Vice President, Middle East and Turkey, Fortinet talks cybersecurity solutions, data breaches and hybrid cloud.
Tell us about Fortinet’s Cybersecurity Mesh Architecture (CSMA)
The expanding attack surface, increasingly sophisticated cyber threats and network security complexity create challenges for organisations in virtually every industry. A cybersecurity mesh architecture is an approach that is designed to create a collaborative ecosystem of security tools operating across the digital infrastructure. Broad reach, native integration, and advanced, artificial intelligence-based automation are the key attributes of this mesh approach. They are precisely the core attributes of the Fortinet Security Fabric.
Our Fortinet Security Fabric mesh architecture has been available for a number of years now, and over time, customers keep adding to it. Organisations need security operations that can function at machine speed to keep up with the volume, sophistication, and speed of today’s cyber threats. AI and ML-powered prevention, detection, and response strategies based on a cybersecurity mesh architecture allow for much tighter integration, increased automation, as well as a more rapid, coordinated, and effective response to threats across the extended network.
With breaches becoming increasingly common, how is Fortinet’s Incident Response service helping companies remediate a security event?
Response time plays a critical role in determining the severity and repercussions of a cybersecurity incident. The longer a threat goes undetected within an organisation’s network, the more damage it can do and the more costly it will likely be to recover from.
FortiGuard Incident Response Services deliver critical services before/during/after a security incident. Our experts arm your team with fast detection, investigation, containment, and return to safe operation. To remediate a security event, we make some key determinations including how the attacker got into your network; whether they are still there; their entire footprint on your network; if they have achieved more access; what is needed to scope, contain, eradicate, and repair.
FortiGuard Labs experts have decades of first-hand investigatory and response experience. With unique skills, proven threat intelligence, cutting edge incident response/forensics technology, and established processes, our professionals deliver invaluable help to security teams. Examples of compromises we respond to include, but are not limited to ransomware attacks, Business Email Compromise (BEC), Advanced Persistent Threats (APTs), web application attacks.
Moreover, for the past 10 years, Fortinet’s FortiGuard Labs has been a FIRST Team that collaborates with the international confederation of trusted computer incident response teams. As an international, not-for-profit organisation composed of 600+ members from over 100 countries, FIRST’s membership is composed of both national CERT (Computer Emergency Response Teams) and CSIRT teams across, but not limited to, government agencies, academia, commercial enterprises, and financial corporations from a variety of industries. Together, Fortinet and FIRST have been cooperatively assisting with the managing of cybersecurity incidents and promoting incident prevention programs.
Hybrid Cloud is the latest trend. How is Fortinet stepping in to address cloud security?
According to the 2022 Cloud Security Report, most organisations are selecting either a hybrid-cloud (39%, up from 36% last year) or multi-cloud deployment approach (33%) to integrate multiple services, provide scalability, or ensure business continuity. And with most organisations choosing a hybrid or multi-cloud strategy, not surprisingly, they face increased complexity and security challenges. Lack of security skills becomes the top challenge (61%, up from 57% last year), followed by data protection, understanding how different solutions fit together, and loss of visibility and control.
With a holistic approach to security that converges networking and security as part of a security fabric, organisations can help reduce security risk and increase control over their hybrid, multi-cloud environments. A security fabric approach goes beyond traditional security models. Instead of adopting point solutions that can lead to security gaps, a security fabric approach uses open standards and protocols to integrate all security activities into a single platform. With all security routed to the same platform, organisations can more rapidly detect, investigate, and respond to threats. Additionally, if a security fabric approach leverages machine learning (ML), the system can become a self-healing security and networking system that protects devices, data, and applications across on-premises data centres and cloud services.