Ahead of the 9th Cyber Defence Summit we conducted an in-depth interview with Fortinet’s Territory Manager for Qatar, Abdullah Fares.
1. In your opinion, what are the top 3-5 cyber security challenges or gaps that are prevalent in the MEA region? Why do you think organisations find it difficult to address them?
There are a number of gaps and challenges that organisations have to avoid, if they want to properly secure their networks and data. Fortinet has identified three major particular challenges affecting customer’s networks.
The ever-increasing use of cloud technology: paradoxically, even though cloud adoption is significant, one of the biggest barriers to its adoption is concern over security.
The Internet of Things (IoT): this is not just confined to televisions, refrigerators and home energy management systems. IoT is also having an impact on the enterprise. The sheer volume of devices will have a significant impact the network’s access layer, wired but particularly wireless, and the lack of security in the majority of devices will acerbate the existing issue of the lack of a defined network perimeter.
Skills shortage: The third issue however is not about technology itself but about managing and understanding technology. Enterprises are facing a severe skill shortage when it comes to cyber security. Staff that have not been sufficiently trained and warned about how they can be used by hackers and nefarious individuals comprise another challenge that organisations have to overcome. Consistently training and engaging their staff to be watchful of what they do online, including when they are on the road, will make a huge difference to an organisation’s overall security.
Apart from the above, reliance on older security strategies is a major gap that can be exploited – just because a strategy worked in the past, it doesn’t mean that it will continue to deliver results in the future. Remember, threats are evolving on a day to day basis. Organisation that rely heavily on passing internal audits etc. are not safe from hackers, nor are organisations that are too risk-based and reactive. Organisations that pick and choose a mix of ‘best of breed’ solutions from multiple vendors, without checking to find out whether the solutions integrate properly with each other, are also at risk.
2. The region is embracing disruptive technologies such as cloud and mobility. This raises network and data security concerns, as well as the chances of advanced, persistent threats. How can your company help address these challenges?
We live in a highly connected digital world, and cloud and mobility are at the centre of it. These technologies have transformed the way people work and do business but it has also exposed organisations to threats. As a result, protecting assets and data is absolutely critical, and in this respect Fortinet is leading the market with class leading advanced threat protection solutions such as FortiSandbox – a solution that customers can either purchase on premise, as a device, or as a cloud subscription. One key advantage Fortinet offers, compared to its competitors, is that it can emulate a wide variety of operating systems on the same device simultaneously. NSS labs, an independent testing lab, issued a report in August 2016 ranking FortiSandbox as a highly recommended solution, and one of the best in the market.
3. Qatari businesses are taking cyber security even more seriously after the recent large scale attacks and the newly proposed data privacy laws. What are your key tips for the government and businesses to effectively plan and mitigate risks, threats, attacks, and ensure critical networks and sensitive data are secure?
In many cases human error is what opens organisations up to cyber attacks, security breaches and data leaks. These issues can be tackled by applying policies and training employees to avoid falling for traps set by hackers. Beyond this we would advise the Qatari government and enterprise organisations within Qatar to invest in solid security infrastructure. This is very important as networks become borderless with the advent of BYOD, cloud, and “work from home concepts”, in addition to the extended and expanded networks many organisations deal with. Without solid security infrastructure that protects every facet of the network perimeter, organisations are highly vulnerable to attacks, and this is especially true considering current political circumstances and the state of the global economy.
Regardless of your organisation’s security needs, Fortinet is the right security vendor to work with. Thanks to the fully integrated security Fabric that Fortinet offers, different solutions (NGFWs, WAF, MAIL Security Gateways, Endpoint clients, etc.) across different segments can fully integrate and interact, to provide a more secure shield for the organisation.
4. How can your company support Qatar’s national efforts of addressing cyber security? What are your plans for Qatar?
Fortinet began its investment in Qatar in 2015, along with resources from the account management team and the system engineering team. Those resources are tasked with addressing all the security concerns enterprise customers have, and they are also responsible for keeping customers up-to-date with all the new threats and innovations in the cyber security market. Additionally, Fortinet is participating in all the security summits that are being held in Qatar, to keep its customers updated with new trends and technologies in the industry.
5. How do you continue to bring value to your customers on such a consistent basis?
Fortinet is a market leader that can protect organisations from threats thanks to its dedicated FortiGuard Labs, which consists of more than 200 expert researchers and analysts around the world.
The researchers work with world class, in-house developed tools and technology to study, discover, and protect against the latest threats.
The team has dedicated experts studying every critical area including malware, botnets, and zero-day vulnerabilities. Service analysts study breaking code and develop mitigation signatures, while technology developers continually create new defense engines to combat continually evolving threats.
FortiGuard Labs uses data collected from more than two million sensors around the globe to protect more than 270,000 customers every day. Below are some results/statistics that shows how consistent Fortinet is in supporting its clients:
Per minute:
• 470,000 network intrusion are prevented
• 160,000 malicious websites blocked
• 32,000 botnet command-and-control thwarted
Additionally, Fortinet’s R&D team is constantly developing and enhancing its home grown FortiOS, as well a wide range of security solutions to position this solution as the best in the space.
Last but not least is the enormous number of patents Fortinet engineers have achieved, with an equal number of patents still pending. This in particular shows how dedicated Fortinet is to focusing on innovation in the cyber security space.
6. What is your opinion on knowledge sharing and networking platforms such as the Cyber Defence Summit that address key challenges and provide tangible solutions? How do you look at leveraging these platforms to achieve its strategic and business objectives?
In regards to information sharing, there is a greater mission on the part of every security vendor to make the world safer and more secure for people to interact, do business, and to communicate ideas. It’s been a long tradition in the security world to share information on new malware, new botnets, and newly discovered threats or vulnerabilities in general. Security vendors have a responsibility with the global ecosystem to share threat findings with each other and end-user advocacy groups, because the best way to combat the creativity and negative impact of adversaries is to build security solutions based on data from wide and diverse sources.
Enterprises continue to struggle with limited defensive resources, a growing security skills shortage, and the proliferation of security tools that operate in isolation. Security teams monitor an average of 14 separate security consoles to try and manage, assess, and secure the expanding array of devices and technologies on their networks. Many times, they have to compare log files, hand correlate data, and manually change policies between devices in order to address threats, which means that many threats go undetected, and response times are too slow for attacks that operate at machine speeds. This is essentially a growing big data problem for cybersecurity today. Contextual information is very important, while safeguarding privacy and only sharing and correlating non personally identifiable information (PII). Indicators of compromise (IOC), traits related to an adversary, campaign or tactics often have a short shelf life. Sharing information promptly and proactively across all verticals is essential for moving forward. Security controls need to be able to digest automated threat intelligence and take action. The vast amount of threat intelligence that exists today and the new intelligence that will be cultivated tomorrow cannot be managed otherwise.
Public and private sector partnerships are a big opportunity. Fortinet is taking action not only via product innovation and our Fortinet Security Fabric, but also public and private sector relationships. Earlier this year Fortinet announced that within the framework of the NATO Industry Cyber Partnership (NICP), the NATO Communications and Information (NCI) Agency signed an industry partnership agreement with Fortinet. In addition, Fortinet is a founding member of the Cyber Threat Alliance (CTA), a group of leading cybersecurity solution providers who have come together to share threat intelligence on advanced attacks, their motivations, and the tactics of the malicious actors behind them. In addition, Fortinet is a member of the OASIS Cyber Threat Intelligence (CTI) technical committee which focuses on STIX and TAXII development.
This helps to define how, when, and with what methods or protocols security vendors and law enforcement will all share information. It is important since we are directing the future of threat intelligence standards and protocols as we pave the way forward. Actionable threat intelligence cannot be achieved without a well-thought-out methodology in place. We consider memberships in organisations like OASIS or CTA to be crucial for promoting awareness and standardization that brings everyone to the table to use the same language when talking about cyber security. Fortinet recently worked with Interpol on the arrest of key individuals, including the kingping of a 61 million USD crime ring. This was only possible due to Fortinet’s participation in Interpol’s expert cybercrime working group, the focus of which is to create meaningful public-private sector relationships with law enforcement. This is a key aspect to directing the future of cybercrime, and certainly sends a strong message to all cybercriminals at large.
7. Do you have any announcements on new projects or R&D that you would like to publicise? Please elaborate.
Fortinet consistently works on new projects and R&D. We previously made several announcements regarding our plans and achievements, but since they are very important, it’s worth highlighting them again:
• Fortinet has launched Worldwide Network Security Academy (FNSA) to create a global pipeline of cybersecurity talent. It has established initial partnerships with educational institutions, non-profits and veteran organisations to help train the next generation of cybersecurity experts.
• In terms of R&D, Fortinet has recently launched its FortiGate 6000E and 2000E series enterprise firewalls powered by its next generation FortiASIC CP9 content processor. This delivers unprecedented levels of network security performance across the Fabric.
• Last but not least, Fortinet announced its acquisition of AccelOps, a leading provider of network security monitoring and analytics solutions. The acquisition further extends Fortinet’s recently announced security fabric strategy by enhancing network security visibility, security data analytics and threat intelligence across multi-vendor solutions.
About Fortinet
Fortinet is a global cyber security leader with a mission to deliver the most innovative, highest performing solutions to secure and simplify your IT infrastructure, solutions that have been widely adopted across the carrier, enterprise, MSSP and SMB markets. Due to a combination of factors, including our extensive management capabilities, industry leading threat research, the constant innovation of our custom ASIC technology and the capabilities of FortiOS (the world’s most widely deployed security operating system) Fortinet has attracted a large and rapidly growing customer base including the majority of the Fortune Global 100.
This dedication has resulted in a highly satisfied end user community and allows Fortinet to set the pace in the cyber security market. Our market position and solution effectiveness has been widely validated by industry analysts, independent testing labs, business organisations and the media worldwide. Our broad product line goes beyond simple network security to help secure the extended enterprise.
Fortinet is headquartered in Sunnyvale, California with offices around the world. Founded in 2000 by Ken Xie, the visionary founder and former President and CEO of NetScreen, Fortinet is led by a strong and seasoned management team with deep experience in both networking and security.