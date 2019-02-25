The second question is, 'what are the risks associated with meeting those objectives?'



The initial reaction is to expand existing security tools to cover the expanded attack surface being created by things like IoT and cloud services. But this only addresses the tip of the iceberg. Technologies and services don't exist in isolation. Digital transformation is more than shiny new devices. It is driving us toward a converged and hyper-meshed network fabric where devices and applications and connectivity and ecosystems all overlap and interact. As a result, challenges that need to be addressed are being simultaneously compounded and obscured, which makes answering the question about new risks quite complicated.

Leverage intelligence sources you can trust

Staying ahead of that threat curve requires that today's CISOs have constant access to timely threat intelligence and trends. Just as security tools need a steady stream of relevant threat intelligence to stay tuned to the latest security risks, security decision makers need to stay on top of trends in order to see the bigger picture in order to ensure that their security strategies map to the actual risks their organization is facing, both now and around the corner.

Fortinet's recent Threat Landscape Report provides essential information designed to help technical security professionals and CISOs alike make important and timely security decisions. Here are some critical data points that should be of interest to every CISO:

Botnet dwell time inside an organization before detection increased 15% during Q4, growing to an average of nearly 12 infection days per firm.

Exploits impacting individual firms grew 10% over the quarter, while the number of unique exploits encountered increased by 5%.

Six of the top 12 exploits were IoT related. Four of those targeted IP-enabled cameras. Ironically, cybercriminals target security cameras because many lack adequate security. They also could enable cybercriminals to snoop on private interactions, enact malicious onsite activities (e.g., shut off cameras so attackers can physically access restricted areas) and launch DDoS attacks, steal proprietary information, and initiate ransomware attacks.

Adware continues to be a threat and not just a nuisance. Globally, Adware sits at the top of the list of malware infections for most regions-exceeding one-quarter of all infection types for North America and Oceania, and almost one-quarter for Europe. With adware found to be in published apps, this attack type can pose a serious threat especially to unsuspecting mobile device users.

The third question is, 'how do we reduce these risks as much as possible?'

To address the specific challenges outlined in the report, CISOs need to take the following steps:

Organizations need to begin leveraging Artificial Intelligence and Machine Learning to combat new, machine-generated attacks effectively by automating their own security processes and by working with vendors that have woven AI deep into their solutions.

Organizations need to increasingly rely on advanced threat intelligence -including real-time threat-intelligence sharing across all security elements-to keep pace with the volume, velocity, and sophistication of the evolving threat landscape.

Organizations need to pay attention to their supply chain. IoT devices designed with poor security and malicious adware embedded on physical devices, mobile apps, and other delivery mechanisms are a growing threat. Organizations need to conduct thorough audits of devices before onboarding and ensure that intent-based segmentation is in place to shrink the potential attack surface.

In the broader security context, addressing radical and ongoing change requires a rethinking of what we mean by security. As we develop a meshed and hyperconnected networking infrastructure that spans ecosystems, businesses, societies, and personal lives, security needs to do the same.

Final Thoughts

We can no longer afford to deploy devices or platforms that operate in isolation. Different security tools with different functions still need to be integrated so they can more effectively see, share, correlate, and respond to threats. Consistent functionality is another requirement that ensures that security deployed in one ecosystem can seamlessly interoperate with security implemented in another-thereby ensuring that essential workflows are protected along their entire data path. And open standards need to be leveraged so that we can begin to securely link different networks together across businesses, public infrastructures, and social environments.

Keeping these options and strategies in mind, coupled with continually refreshing your knowledge base with timely security intelligence, will ensure that you can identify and implement appropriate security measures in place even as your business objectives and network infrastructures continue to evolve.

