CDSA

Fortinet: How to Strengthen Security By Embracing Automation, Consolidation

Fortinet used its Jan. 31 webinar “How to Enhance Your Security Posture by Consolidating Vendors” to provide some practical recommendations on how media and entertainment companies can strengthen their security by embracing consolidation and automation.

Those recommendations included applying artificial intelligence and other advanced technologies to a consolidated tech stack to effectively address the accelerating threat landscape, integrating and automating security across multiple products, securing the expanded digital attack surface, and augmenting in-house staff with specialized outsourced services.

Looking back, it “seemed counterintuitive that one could have fewer security vendors on the one hand but actually have stronger security posture on the other,” recalled David Finger, VP of product marketing at Fortinet.

“We lived in a world where cybersecurity challenges would arise [and] we’d look around for new vendors [and] new products, new ways to reduce our risk, and then [we’d] add another one to the pile,” he said.

“That was modus operandi for a while and it absolutely helped manage risk,” he said.  But it also “raised additional challenges,” he noted.

Meanwhile, from talking with people at many organizations over the past 1-2 years, he said there was “a lot more interest in [starting] to bring the number”  of vendors “down rather than up,” he said. Companies also started “digging into how can we have fewer vendors and individual products, but actually come out with a stronger, more efficient security posture and security operation,” he noted.

With all of that in mind, “as we have these conversations, there are typically two factors that are at play and really make life challenging for security teams,” he went on to say, noting he is based in Tokyo.

“We know work from anywhere is the world that we’re living in,” he told viewers. After all, “we literally can be anywhere, effectively I hope, doing our jobs,” he said.

That has been “definitely a big shift in the way that work’s been performed,” he said, adding: “I think that that’s been one thing that has maybe helped some of us pull out our hair over the last 12 to 18 months. That’s hugely valuable.”

And, “going along with that, in order to work from anywhere means that we really need to transform our organizations away from things that might be physically present to wherever we happen to be, to things that are digital and available at any place, at any time,” he explained.

So that has “definitely been a shift in making that possible [being a] requirement for a lot of the infrastructure and, of course, supporting security teams” and the “digital infrastructure impacting the world in which we operate,” he said.

Meanwhile, “a big part of that has been leveraging the cloud,” along with Software-as-a-Service (SaaS) applications and public cloud infrastructure, “especially at a time that many of us couldn’t get in [a] physical data center, he pointed out.

“Being able to spin up and deliver application services and data from a whole variety of clouds and taking that journey [is] clearly changing the way that organizations” connect users, in different ways, with different types of devices,” he said.

“We just know that the infrastructure of today’s organization is very different. and definitely presents a whole set of drivers and challenges to be addressed internal to the organization, although internal is obviously a bit of a misnomer for sure,” he went on to say.

Additionally, he explained, there is the “whole external side of things in terms of the threat landscape that’s looking at this digital infrastructure change as an opportunity to find new ways to get in.”

But he said: “Unfortunately, we’re seeing that, whereas maybe there used to be two [or] more … types of threat actors: the nation states that had political [and]  economic agendas” and then “sort of the cyber criminals with financial goals, and they kind of were two different threat actors and operated two different ways.”

However, “more and more we’ve been seeing in the labs and, of course, within our customer organizations that that’s changing,” he said, adding: “Unfortunately, the financially motivated cyber criminals are becoming much more sophisticated in adopting more targeted, nation state, multi-stage types of attacks…. So there’s really a blurring of the lines between what used to be two pretty separate types of threat actors.”

What all of that means, he said, “from the infrastructure and the threat landscape perspective [is] there’s just a much broader attack surface” now than there used to be.

Moderating the discussion was Jon Speer, director of product marketing, automated SOC at Fortinet.