Joe Sarno, Fortinet, analyzes the threats and opportunities in the cybersecurity market.
Businesses across the world now have a new kind of adversary—the virtual enemy. The recent incident in which 90 ATMs across and 19 banks across India were hacked, affecting 3.2million people, shows how vulnerable organizations and individuals are in the face of cyber threats. Joe Sarno of Fortinet gives an insight into the challenges and opportunities in the global cybersecurity market.
Each new innovation is yet another opportunity or entry point for the bad guys to launch an attack against a potential victim.
The global cybersecurity landscape is undergoing massive upheaval and is facing one storm after another on a daily basis. Data breaches have increased manifold with new and emerging threats coming up every other day. The Worldwide security market stands at $2.47bn according to IDC’s Q1 2016 Security Appliance Tracker. The US, including Canada led the region wise spend with $1.14bn, followed by Europe at $583mn, while APAC market was estimated at $541mn.
According to Gartner Enterprise security spending (hardware, software, and services) research, spending in India is at pace and is estimated to reach $1.12bn in 2016, up by 10.6% from $1.01bn in 2015. Security spending will continue to grow in 2017 while the revenue is projected to reach $1.24bn. Security services (that include consulting, implementation, supp+-ort, and managed security services) revenue accounted for 61% of the total revenue in 2015, and will increase to 66% by 2020.
The root cause for the increasing number of cyber attacks is our over-dependency on technology. For many individuals and organizations, information technology (IT) is no longer an ancillary part of the business but a key ingredient for success. Hence, there is a proliferation of technologybased innovations within governments and institutions of all sizes. The pace of change of these technology innovations has a significant influence on the velocity and frequency of cyber attacks. For some perspective on this accelerated pace, consider that to reach 50 million users, it took radio 38 years, television 13 years, internet four years, and iPod only three years. Facebook added 100 million users in less than nine months and iPhone apps have hit 1 billion download in nine months.*
This pace has produced a vast attack surface for threat actors, and has subsequently created new and emerging attack vectors and options for intruders. If technology innovation and adoption was limited, then cybersecurity breaches would be at a bare minimum, but it is not. Instead it is expected to continue to rise with the proliferation of IoT devices. This creates a significant security challenge to keep pace with the rate of technology innovation.
Innovation is a good thing because it makes our lives better, but it can also represent another entry point for threat actors and hackers. For example, LinkedIn made it easier for professionals to stay connected but also introduced additional risks. Clearly, there were not data breach reports about 100 million LinkedIn accounts being compromised 15 years ago because there was no LinkedIn at that time. Why does this matter? Each new innovation is yet another opportunity or entry point for the bad guys to launch an attack against a potential victim.
Cyber attacks are more scalable than physical threats and are capable of controlling physical assets and therefore can wreak the same magnitude of havoc, if not more. They can be as sophisticated as physical crimes and, in some cases, even more so. Finally, cyber threats are extensible and can easily be upgraded, improved, or obfuscated and offer the lowest risk of getting caught because they are difficult to detect. Attribution is very difficult as is persecution across international boundaries. These are the core reasons why cyber threats pose huge risks in today’s digital world.
types of cyber threats and how to mitigate them
Networks, at present, are undergoing dramatic changes. Organizations are simultaneously wrestling with technologies such as BYOD, IoT, virtualization, SDN, cloud, proliferation of applications, big data, and the expectations of the next generation of employees to blend their work and personal lives on a single device of their choice, with instant access to any data, at any
time, from any location. This has exponentially increased the attack surface that organizations need to be concerned with.
The response to increasingly complicated networked environments needs to be simplicity. Securing these evolving environments requires three things:
01 collaborative intelligence: Local and global threat intelligence needs to be shared between security devices, and a coordinated response between devices needs to be orchestrated centrally.
02 segmentation: Networks need to be intelligently segmented into functional security zones. End-to-end segmentation, from IoT to the cloud, and across physical and virtual environments, provides deep visibility into traffic that moves laterally across the distributed network, limits the spread of malware, and allows for the identification and quarantining of infected devices.
03 universal policy: There is a need for a centralized security policy engine that determines trust levels between network segments, collects real-time threat information, establishes a unified security policy, and distributes appropriate orchestrated policy enforcement.
Cyber insurance is another solution that is increasingly becoming more relevant today.
To mitigate these threats, Fortinet has introduced its new security fabric architecture. It is designed to integrate security technologies for the endpoint, access layer, network, applications, data center, content, and cloud into a single collaborative security solution that can be orchestrated through a single management interface.
Cyber insurance is another solution that is increasingly becoming more relevant today. It has been available in the market for over ten years; however, most security professionals seem unlikely to have heard of it or know that it exists. Insurance can be successfully used as a risk-transfer option especially in those countries that have mandatory data breach notification laws. As the expense of dealing with a breach gets higher and the cost of dealing with mandatory notification is added, the option of using an insurance cover will become more attractive for many businesses.
IoT-based security solutions
The Asia-Pacific region is tipped to be at the forefront of IoT growth with market researcher IDC estimating that Asia-Pacific’s industries will connect 8.6 billion things by 2019, creating a market opportunity of $508bn.
IoT devices are subjected to a wide variety of attacks. These include targeted code injection, physically altering the firmware, man-in-the middle attacks, remotely controlling devices to alter or disable their functionality, spoofing IoT devices, or simply hiding malware in the volume of IoT data. IoT devices which are at risk include infusion pumps or heart monitors used in hospitals, critical infrastructure devices, traffic control or irrigation systems, and inventory control devices to help track and manage supply chain.
Organizations need to implement certain key security solutions and strategies to secure IoT deployment:
■ strict access controls
Organizations need to implement security in the network access layer. Access control allows networks to automatically identify, authenticate, and authorize IoT devices wherever they connect to the network, ensuring they are not being spoofed. network segmentation
Given the nature of IoT devices, we need to ensure IoT traffic never touches the rest of the data flowing through the network.
Traditionally, segmenting traffic could be achieved using static VLANs. However, given the highly mobile nature of IoT devices, it is advisable to implement a secure segmentation solution that is designed to adapt to the fluid movement of devices between access points located across your distributed network.
security embedded in the access point
Deploy wireless access points that already have embedded security, and that can also seamlessly integrate into the larger security architecture in order to share intelligence and coordinate a response to threats.
unified management and orchestration solution
Implement a unified management and orchestration solution that can collect threat data from multiple sources and devices located across the distributed network, correlate data, and provide automated coordinated responses to stop sophisticated threats in their tracks. protection for IoT o/s vulnerabilities/ exploits
A network needs to authenticate and inspect an increasing number of IoT devices as they access the network. The network needs to sift through increasing volumes of traffic to find anomalous behaviors, which then can be corroborated to detect known vulnerabilities and exploits, zero-day or multi-vector attacks. The system will also need to be able to identify, inspect, and secure IoT-specific applications and tools to detect and respond to compromised applications and inappropriate or unauthorized behaviors. Finally, the network enforces consistent security across a distributed network, including into the cloud and IoT networks.
Implement a unified management and orchestration solution that can collect threat data from multiple source.
markets in India with the highest adoption of security solutions
In India, all the three market segments—small and medium business, enterprise and service
providers—are growing rapidly. In the last 2-3 years, enterprises and the government sectors have made significant investments for better security services. Small and medium enterprises that face the same problems as big corporations are also investing more in comparative solutions that can cover all the aspects of cybersecurity. The service providers in India are investing heavily to provide security for the LTEs or the 5G/4G investment infrastructure. We are also witnessing investments in terms of securing data centers. Across all verticals, we are registering high growth and we foresee a lot of new opportunities for further growth.
Artificial Intelligence and human operators need to work together.
One may assume that with greater automation and the advancement of technology in general, the dependency of cybersecurity on human beings have fallen. The truth is quite the opposite. Intelligent cybersecurity technologies can only take the place of human decision-making as an initial filter (take a look at what trading algorithms have done to the modern stock market). At the end of the day both Artificial Intelligence and human operators need to work together. Without the human element, large swaths of the world will suffer from poorly implemented cybersecurity, security tasks will be sub-optimally done, leading to greater vulnerabilities in cyberdefences and inefficiently run security departments.
To successfully groom cybersecurity talent, all stakeholders in the industry must come together—not just technology providers, but governments, regulators, educational institutions, services providers, and end-users. There must be more concerted setting of the security education agenda, curriculum development and knowledge transfer, and funding and internship programs.
It is clear that isolated security devices do not solve today’s cybersecurity challenges; companies need something different. They want integrated security, from IoT to the cloud, with actionable analytics across their multi-vendor networking and security solutions, all delivered through a single pane of glass view. Fortinet’s ‘security fabric’ has delivered on this technology vision with a complete rethinking of security for customers to implement more strategic approaches, such as internal segmentation or automated universal policy to stay ahead of the threat landscape.
Most organizations have deployed security devices from multiple vendors inside their networks. A ‘security fabric’ lets customers maximize these existing investments with integration that goes beyond simply allowing third-party solutions to collect or redirect data and traffic. Partner solutions that integrate with the
By opening the Security Fabric to our partner ecosystem, we accelerate our customers’ transition to integrated security strategies to address the full spectrum of challenges across the attack life cycle.
When we started our India operations ten years ago, the growth was slower than more mature countries but in the last ten years we have enjoyed high year-on-year growth, matching the company’s Y-o-Y growth of about 30%. We have seen the dynamics of the market evolving rapidly, specially over the last five years. Now we are well-equipped to meet most of the security needs for each of our three market segments that we are targeting—small and medium business, enterprises, and service providers. So today I think I can say that Fortinet India is in line with other mature countries and enjoying high growth in this market. ■
JOE SARNO IS VICE PRESIDENT, INTERNATIONAL EMERGING, MEA, EASTERN EUROPE, INDIA, AND SAARC OF FORTINET.