CISO on CISO Perspectives
Fortinet Field CISOs Courtney Radke, Joe Robertson and Renee Tarun joined us virtually for a discussion about the critical role that the convergence of networking and security will play in helping organizations keep pace with digital innovation and evolving cyberthreats through 2021 and beyond.
Courtney - Digital innovation and trends like remote work, increased adoption of IoT devices, 5G, and cloud migration—among others—have led to a complex and expansive digital attack surface that threat actors continue to take full advantage of. CISOs are aware of this, and especially considering the massive impact of remote work this year on how we think about cybersecurity and the network edge, we are seeing them lead with a security-driven networking strategy. By converging networking and security via the FortiGate with integrated Secure SD-WAN, CISOs can address these risks without impacting performance or productivity within their organization and while ensuring best user experience for employees and customers alike.
Renee - I am seeing organizations focus their strategy around the cloud, and while cloud security should be top of mind, I would also emphasize that the cloud is just one piece of the puzzle. Yes, enterprises are migrating data and applications to the cloud, but what we are seeing even more of is a hybrid approach. Enterprises have some of their data in the cloud, but for one reason or another, keep other workflows on-prem. In fact, a Fortinet survey found that, of 350 organizations surveyed, 74% had moved an application to the public cloud and then for a variety of reasons and circumstances, decided to move it back into their on-premises or private cloud infrastructure.
Joe - Agreed. While cloud migration is top of mind for many, organizations should not put all their eggs in that one basket. It is fine to have your head in the clouds, as long as you keep your feet firmly planted on the ground. That is exactly why the convergence of networking and security is so critical—it enables CISOs to prepare for anything, at any time, anywhere. I’ve always emphasized the need to break down networking and security silos to truly secure the entire digital attack surface. If we have learned anything this year, it is that organizations must be fully prepared to address evolving networking and security needs at the drop of a hat. By integrating security into every facet of the network, CISOs can ensure that their team dynamically adapts to challenges and remains agile in the face of adversity.
Courtney - The convergence of networking and security has been and will continue to be top of mind for retail CISOs in 2021, particularly as omni-channel experiences, contactless commerce, and multi-cloud are becoming more crucial for businesses looking to thrive in the new landscape. By taking an omni-channel approach, retailers can expand to new demographics and open up new revenue streams through technology, which is now required to remain competitive in today's market. Likewise, consumers expect safe and consistent contactless experiences without barriers or added friction. All of this is made possible through rapid digital transformation initiatives that were either accelerated or some being started for the first time. A renewed focus on multi-cloud and hybrid deployments means the traditional edges are becoming harder to define and even harder to secure and manage at scale. So, while this necessity to rapidly innovate has brought with it many benefits, rapid innovation also creates risk within organizations as technology is often times deployed without proper infrastructure or security controls in place. Breaking down the traditional walls between network and security and creating a more integrated and automated fabric ecosystem via SD-Branch and technologies like SOAR should be top of mind as we head into the new year.
Joe - I sometimes say, “when everything is an edge, there is no edge.” That means you need to find ways of securing everything as close as possible to the device. In the branch or small office that means integrating security and connectivity in the office gateway with secure SD-WAN. It means access control to actively identify each user, whether in the office or remote, using multi-factor authentication. It means identifying unmanaged devices, IoT or Industrial IoT, and automatically segmenting them off so if one becomes infected it does not compromise everything else. And it also means actively monitoring user devices with Endpoint Detection and Response tools that look for unusual behavior on the user’s device, such as multiple read/writes that could indicate encryption by a ransomware. This provides active protection to the device and prevents malware from spreading.
Joe - Today’s IT environment is one of cloud-native software and agile development, internet-facing applications, hybrid clouds, a mobile workforce, access from anywhere, and, above all, constant change. All of which creates a large and growing attack surface for the bad guys to target. What ties it all together is the network; what keeps it all safe is cybersecurity. Today, more than ever, networking and security have to come together, because every threat traverses the network at some phase. The network is the logical place to catch them, block them, and quarantine them. Fortinet has converged security and networking from the beginning, with our ASIC-based FortiGates running parallel security and networking stacks. We pioneered Security-Driven Networking, not just in the active devices, but in the management functions. Our Fabric Management Center is designed to integrate network and security configuration, management, analysis, and policy control in a single system. This gives the visibility and control required by a NOC, SOC, or, as we are seeing more and more, a combination of the two into a hybrid operations center.
Renee - Organizations are choosing to invest partially in the cloud for its agility, time to market advantages and potential cost savings. However, security can't be an afterthought. Organizations need to have the visibility and control – for both applications and infrastructure. Security architectures must be sufficiently agile to enable fast, secure, and compliant public, private, and hybrid cloud-based services while protecting traditional on-premises services at the same time, as on-prem services will not be going away and will remain a critical part of the network. Organizations should look for security solutions that are: 1: Comprehensive in safeguarding apps and data, 2: Integrated to reduce the complexity of managing multiple solutions and vendors, and 3: Agile, enabling IT to scale and adapt without compromise.
Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.