Business & Technology

Executive Insights: Digital Change Requires A New Approach to Security

By Michael Xie | February 27, 2018
Q. We are living in an era of hyperconnected systems, applications, devices, and data. Technologies such as IoT, mobile computing, cloud-based services, and multi-cloud infrastructures are not simply being added to the network. They are being interconnected in ways that are completely redefining not only business, but also the fabric of society itself. What is driving this change?

Michael Xie. Today, information technology no longer simply supports the business. Because of the value of information, and the need to meet new customer demands, in many important ways, IT is the business. And increasingly, its success is being measured in microseconds.

To meet new demands, today’s businesses are deploying a broad, dynamic, and highly elastic network of networks. If this isn’t complicated enough, the challenge is compounded by the volume and variety of interconnections between devices and resources. This is making networks both dense and complex. In security terms, this means that organizations are actively generating a large and growing digital attack surface that is constantly changing. 

Q. Many organizations are trying to secure their new digital networks using their legacy security infrastructure. What are the challenges with using this approach?

Michael. Today’s networks are dynamic and interconnected. Issues like speed and scalability mean that security is becoming more of a barrier to success than an enabler. Companies need new security solutions that are relevant to their new, extended, and complex infrastructures.

The fact is, siloed security tools that cannot communicate with security devices deployed in other parts of the network are part of the problem. They make things like collecting and correlating threat intelligence, detecting and responding to advanced threats hiding in your extended attack surface, and orchestrating policies and protocols across the distributed networked difficult if not impossible.

Q. Have the tactics that cybercriminals use changed as well?

Michael. Cybercriminals have risen to the challenge of digital transformation. New multi-vector attacks are designed to bypass traditional security tools that can’t correlate events or data. New malware and infiltration technologies exploit the seams between different networked systems, especially in multi-cloud environments. Advanced evasion techniques can now monitor and learn traffic patterns in order to mimic legitimate traffic.

Interestingly, many of these new techniques are being used to target vulnerable network resources, such as unpatched network or IoT devices. And they are successful because IT teams are stretched too thin to track and inventory the devices on their network, or even maintain basic security hygiene protocols, such as patch and replace.

Q. It sound like security needs to undergo the same sort of transformation that networks are going through. Is that right?

Michael. Exactly. As the speed and scale of cyber threats expand, and networks become more scalable and responsive to user and resource demands, security has to be transformed. This starts by deploying security solutions that are seamlessly integrated to each other, and also into all areas of the digital network, including applications, connected devices, and multi-cloud networks.

This level of integration allows security to protect the business data that is spread across the distributed network. Eventually, these security elements will be able to translate user or criminal intent into an automated business response. It will do this by leveraging broad visibility across the network, correlating integrated threat intelligence, and then automatically responding to events detected anywhere across a global network using all available security resources.

Q. What other features does a modern security solutions require to secure today’s networks?

Michael. Broad protection and visibility across the expanding attack surface is key. This enables things like orchestrating network segmentation to isolate a detected threat. It also enables continuous security assessments and audits to provide ongoing improvement to the network’s security posture.

This can only be achieved by replacing legacy security systems with solutions that can leverage open standards and a common operating system. This allows different security technologies to operate as a single, consistent system. Such a holistic approach enables unified visibility and integrated controls that can dynamically span and adapt to elastic networks.

Michael. Humans simply cannot keep up with the complexity of today’s networks and data. The days of monitoring multiple consoles and manually correlating threat feeds to detect and respond to threats are gone forever. That’s because the time between a network breach and the compromise of data is being reduced almost every day.

To protect those resources, threat responses needs to happen at digital speeds. That requires automation. Building a Security Fabric around an automated framework ensures that repetitive tasks are accurately duplicated. That means that fewer resources are spent on deployment, and human error is eliminated. In addition, it allows security to respond immediately to detected threats by marshaling advanced threat resources to combat an attack or malware, regardless of where it is detected across the network. 

Q. We’ve been reading a lot lately about advanced threats compromising networks that already had a lot of security solutions in place. Does the Security Fabric address those issues as well?

Michael. Yes, absolutely. This is the sort of problem that was the catalyst for developing the Security Fabric. The problem with most security strategies is that they are built using isolated security devices and platforms. At best, these tools only provide limited communications between similar devices. Discovering today’s sophisticated attacks, especially those that use a multi-vector strategy, requires that data and insight be collected and correlated from more network elements than ever before.

The challenge is that the speed and volume of data that needs to be correlated paralyzes most security devices and platforms, even those able to share some degree of data. A fabric-based approach, however, resolves this challenge by coordinating resources. It allows the harvesting of critical data from across the network and then analyzing it through a single, high performance point-of-inspection. The result is that top priorities and sophisticated threats can be easily identified, and integrated security systems can dynamically adapt to detected threats and shifting network requirements. 

Q. Any last thoughts on the need for security transformation?

Michael. The network’s potential attack surface is constantly changing. This means that network devices with unique vulnerabilities or special security requirements are constantly being added or removed. Securing this environment requires an innovative security solution that not only can see, but also automatically adapt to those changes. A Security Fabric provides widely distributed yet tightly integrated security functionality, combined with an automated response to cyber events. This is truly the only effective way to secure today’s networks. When security can operate as a single, integrated system, then scoping and analysis becomes accurate, resources are applied where they are effective, and new insights can be automatically discovered and applied anywhere across the network.

You can read the full news releases announcing Fortinet’s FortiOS 6.0 and FortiGuard AI in our newsroom.