Asia's Source for Enterprise Network Knowledge

Thursday, March 21st, 2019

Security Without Compromise

Fabricate and NOT stitch your security for today's hostile threat landscape

When it comes to security, business organizations fall into three categories – those that have never been breached, have already been breached, and have been beached but are totally unaware of it.  The fact is, they are definitely fearful of becoming victims of the next cyberattack or cyber extortion, and turning up in the news for the wrong reasons. This is demonstrated in their increasing focus and more spending on cybersecurity solutions and services.  

According to IDC, global spending to combat cybercrime is expected to grow from $73.7 billion in 2016 to $101.6 billion in 2020, or at a compound annual growth rate (CAGR) of 8.3 percent. Comparably, Gartner’s estimate on global security spending is at 7.8 percent CAGR by 2019 – less than 5 percent of the projected $2.77 trillion worldwide IT spending for the same period. The Cyber Security Report’s estimate is at $1 trillion global spending on cybersecurity within a five-year period from 2017 to 2021.

With all that money invested into security, coupled with all the promises of advanced capabilities, businesses and even governments aren’t any more secure than they should be. So are businesses simply throwing money into a bottomless pit, or what could be causing them to be blind-sided when making such critical investments?

Cybercrime has become the second highest reported economic crime in the world, and its global cost is estimated to reach over $2 trillion by 2019, a threefold increase from the 2015 estimate of $500 billion. In Asia alone, the cost of cybercrime to private businesses topped $81 billion in 2015 – $20 billion more than both North America and the European Union.

But this is just the tip of the iceberg. The World Economic Forum’s The Global Risks Report 2016 underscores that a significant portion of cybercrime goes undetected, especially in the case of industrial espionage and the theft of intellectual property. The financial loss from the theft of trade secrets alone can range from $749 billion to $2.2 trillion annually – or one to three percent of an entire nation’s gross domestic product (GDP), according to IDG’s Global State of Information Security Survey 2016.

Security challenges in the evolving digital economy

The ongoing transformation by businesses is a crucial step in preparing themselves to be active participants in the evolving digital economy. This includes leveraging the cloud, mobility and other disruptive technologies, and adopting new business models with enhanced connectivity and data sharing capabilities – linking users, devices, data, goods, and services anywhere in the world – so they can become more agile and responsive to the needs of customers and the demands of a global marketplace.  

On the downside, today’s new way of doing business in a globally connected world is a magnet for cybercriminals to exploit any possible weak link or security gap within organizations’ increasingly complex networks – with the intention of stealing valuable assets or to cause crippling disruption to the business and achieving either monetary or some other form of gains in the process.

While security solutions and services have advanced over the years – both in numbers and sophistication – their designed capabilities are not optimised to tackle today’s increasingly complex and evolving security challenges. Security provider Fortinet identifies these key challenges.

  • Borderless network. The Internet, the proliferation of cloud technologies, wireless connectivity, as well as the onslaught of the Internet of things (IoT) have brought about a multitude of obscured entry and exit points across the network, not only exponentially expanding the attack surface, but also blurring the parameters of the network. This makes securing the network more difficult; and conversely, a lot easier for intruders to infiltrate. Even the seemingly harmless shadow IT, which includes the use of unauthorized applications such as Hightail or Dropbox is an added risk, making it easy for data to be exfiltrated or unwanted malicious threats to enter the network undetected, following a network intrusion.
  • Slow is broken. A security strategy that compromises on the speed and performance of the network is as good as broken; it is not acceptable in today’s business environment where speed and performance are key competitive differentiators. Such security implementation is not ideal for businesses looking to get ahead in the game. When it’s slow, it is broken.
  • Complexity is the enemy of security.  Businesses have been deploying an increasing number of security hardware and software, as well as a variety of monitoring tools to protect their brand, trade secrets, customers’ information, and other core business assets. This insatiable appetite for more security has caused further fragmentation, complications and incompatibilities across the network infrastructure. While each one of these tools may be effective in preventing and detection in their designated domains, they are incapable of taking on a proactive approach in collaboration and coordination with other security devices to form an effective security stance to intelligently protect the enterprise from advanced persistent attacks. The lack of a real-time threat intelligence necessary to keep all the security devices up to date further adds to the challenge, resulting in security gaps that can be exploited by cybercriminals. For example, malware that might be stopped by the firewall could pass undetected by an email or web application.

Security Fabric: Collaborative, coordinated and intelligent security at its best

In today’s borderless networks, data is everywhere and workloads run anywhere; and so are the threats, making them extremely difficult to detect, prevent, and mitigate.  This renders the archaic methodology of deploying point-based, uncoordinated security solutions obsolete.

“What is required is a collaborative, coordinated and intelligent security solution that can provide end-to-end security posture across the entire network – from IoT through to the data center and into the cloud with real- time visibility into the entire infrastructure – to provide that edge when dealing with threats of various complexity or sophistication,” said Matthew Kuan, director, Solutions Marketing Asia Pacific at Fortinet. “It must also be powerful, without compromising performance in any segment of the network – from the IoT through the datacenter and into the cloud; from the single user cell phone or tablet to the most sensitive proprietary database and everything in between.”

Notably, though they may work to their respective specifications and functions, there is one thing all network security tools require – access to network traffic. And that is what a security fabric provides.

But what is a Security Fabric? An example is the Fortinet Security Fabric, a vision that provides for a holistic security framework, enabling various security appliances, applications and services that are running across the distributed enterprise network. This facilitates the ease and speed to threat detection, analysis and scrutinizing security information, automatically transforming them into actionable insight that can then be used to initiate a collaborative, coordinated and intelligent response to counter the threats across the entire network.

This seamless collaboration and coordination between security appliances, applications and services across the entire network is the key to closing security gaps and visibility – managed through the security fabric’s unified management interface.

Fortinet, being the only security solutions provider so far to offer the vision of a Security Fabric, effectively addresses the challenges of today’s evolving digital economy, built around three attributes:

  • Broad. Covering the entire attack surface, the security fabric delivers security across the network, endpoints, access layer, applications, data center, content, and the cloud. Visibility is also extended to other security solutions from a different vendor.   
  • Powerful. The security fabric utilizes dedicated security processors to reduce the burden on infrastructure, allowing the deployment of a comprehensive security without affecting performance.
  • Automated. The security fabric enables a fast and coordinated response to threats – with all the security solutions within the fabric rapidly exchanging threat intelligence to quickly and effectively prevent, detect or mitigate the threat.

It is with these attributes that a security solution deployed over time continues to be capable of dynamically adapting to the demands of an evolving IT infrastructure and to effectively defend its rapidly changing attack surface. Last but not least, with security solutions within the fabric being aware of one another, sharing policies, threat intelligence, and application flow information enables them to collectively deliver the best possible response to combat malicious threats, anywhere on the network.

Business organizations looking to remain relevant and thrive in the evolving digital economy will do well to reconsider their security strategies to ensure they are well equipped to face the security challenges today and into the future. 

 

This is a QuestexAsia feature commissioned by Fortinet.