Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced a technology alliance partnership with Siemens, a global industrial powerhousespecializing in digital industries from environments such as electrical power, transportation, and oil and gas. Also announced today is the companies’ first integrated solution combining best-in-class technology and a worldwide resell agreement to address the unique security and connectivity requirements of operational technology (OT) networks. 

While OT environments have traditionally been isolated from the rest of the IT network, efforts to converge IT and OT to provide more responsive and agile business outcomes have exposed OT and industrial control systems (ICS) to increased cybersecurity risk. According to the SANS 2019 OT/ICS Survey, just over 50 percent of respondents rated the level of ICS cyber risk to their organization as “severe/critical” or “high.” However, given the nature of many OT environments, traditional security solutions can sometimes leave gaps in protection of the aging or sensitive systems in place. Additionally, deploying reliable connectivity and security in harsh and frequently remote or substation environments has traditionally not been easy. While rugged products do exist, assembling and deploying the various parts of the complete solution can create issues with connectivity, reliability, space, and even physical security.

Highlighting the growing importance of cybersecurity in OT environments and the need for solutions specifically created for OT networks, Siemens has joined the Fortinet Fabric-Ready Technology Alliance Partner Programto address the security challenges associated with the convergence of OT and IT networks. Technology ecosystem partners are a key part of the Fortinet Security Fabric, which enables Fortinet and partner products to cooperatively integrate and provide comprehensive security solutions. Fortinet’s technology ecosystem partner solutions enable customers to gain more effective security and get even more value from their security deployments.

The first Fabric-Ready solution from Fortinet and Siemens integrates Fortinet’s industry-leading FortiGate Next-Generation Firewallwith the Ruggedcom Multi-Service Platformfamily of switches and routers to improve the integration of cybersecurity into locations with harsh environments such as electrical substations, while simplifying management, space, and power issues. This solution provides a single, integrated appliance for OT networks. By simplifying deployment to a single piece of hardware, the power, space, physical security, and connectivity issues typically encountered outside of a single box deployment model are resolved. Remote management further simplifies the deployment and ongoing management. In addition to this joint solution, Siemens will bring to market Fortinet’s FortiGate Next-Generation Firewall VM bundled with the APE 1808 to further enable the availability of advanced security solutions for OT environments.

Today’s announcement and addition of Siemens to the Fabric-Ready Partner program extends the range of integrated security solutions now available to OT customers through the Fortinet Security Fabric, and is further testament to Fortinet and Siemens’ commitment to creating OT-specific solutions designed to address the unique needs and requirements of their joint customers.The Fortinet Security Fabric provides a unique integrated and automated platform approach to security through purpose-built solutions and AI threat intelligence, combined with strategic partnerships with some of the industry’s leading security specialists. Unlike most security platforms, the Fortinet Security Fabric is flexible enough to easily accommodate and integrate with a large number of partners to provide truly comprehensive security coverage.

By Jacob Chacko, Regional Business Head – Middle East, Saudi & South Africa (MESA) at HPE Aruba

As we approach the end of 2019, Jacob Chacko, Regional Business Head – Middle East, Saudi & South Africa (MESA) at HPE Aruba, gives an insight into major technology trends that will shape the industry in the Middle East in 2020:

AI and ML

The Rise of AI-based, Autonomous Security 

• In 2020, AI-based, increasingly autonomous security technologies will become more prominent as emerging technologies such as IoT and edge computing applications consume security practitioners who will require a more efficient way to secure their organizations.  
• In the coming year, security breaches will continue to plague organizations of all sizes and attacks will become increasingly complex, widespread and persistent, often carried out by coordinated teams of sophisticated hackers.

Network Management Goes from Proactive to Predictive Mode

• AI-powered automation, heightened programmability and the ability to take action based on insights are all attributes of a modern, self-validating network. 

In 2020, we’ll see continued advancements in the areas of data analysis and security, among others, which will enable the process of network management to go from proactiveto predictive, easing the burden on network managers and allowing them to focus their efforts on business-impacting issues.

• This will enable IT teams to not only take a proactive stance, but will allow systems to predictwhen issues will occur based on nuanced patterns, behavior monitoring and network health, easing the pressure on IT resources even more.

Cloud-Driven Era 

The Containerized Future

• In this modern era, networks that exhibit cloud-native characteristics – such as modularity, programmability, elasticity and resiliency – will become increasingly popular. 
• In 2020, cloud-native networks will help DevOps teams by having switch infrastructures that interact with a cloud-based GUI to better support applications that have proliferated almost everywhere in modern enterprises, especially in containers or as micro-services. 
• Whether on premises, or in the cloud, the network must evolve to embrace a containerized future.

Death of Network Software Subscription Models

• Having network switches, routers and controllers that go dark once the software registration ends is harmful to businesses. 
• When customers buy equipment, they want all the ownership of features, functionality and their network, not a ticking time bomb in the form of a services contract that could impede essential features, security functions and even connectivity itself. 
• In 2020, customer-first subscription models tailored to cloud-driven strategies will emerge to deliver value and peace-of-mind.  
  
  

Security

Securing Widespread Adoption of the Internet of Things (IoT)

• While the growing use of IoT devices is providing organizations with new levels of data to make intelligent decisions about business operations, they can also provide an open door for malicious actors to exploit vulnerabilities. With over 70 billion devices expected to be in operation by 2020 according to Gartner, securing these devices, and using behavioral analytics to detect Indicators of Compromise (IOC), will be critical.

Continued Integration and Orchestration of Security Tools

• With enterprises using over 130+ security tools and technologies on average, in 2020, we will see a rise in the use of integration and orchestration tools to better leverage these technologies for better threat detection and accelerated response

Wireless

Wayfinding is Just the Beginning

• In 2020, location services will continue to advance and serve up more meaningful, personalized experiences to users, inviting them to engage with their environment like never before. 
• No longer just about wayfinding, location services will enable a new host of services based on proximity and preferences, delivering value to both the provider and the user in the form of customized offers for the user and consumer insights for the provider.

If You Build It, They Will Come

• Despite the fanfare, the introduction of Wi-Fi 6 this year was met with cautious optimism, with skeptics citing that the increased bandwidth enabled by Wi-Fi 6, though impressive, will not necessarily be put to use very soon. 
• As a result of continued Wi-Fi 6 innovation, Aruba predicts that 2020 will usher in a new swath of Wi-Fi 6-enabed services that will deliver the performance, availability and Quality of Service that is promised by technologies such as 5G.
• Wi Fi 6 will be the preferred on ramp to 5G for the majority of enterprise edge applications.

SD-WAN

Entire Distributed Enterprises Managed from a Single Pane of Glass

• With all layers of the distributed enterprise managed from a single platform, complex WAN management activities for all branches and head-ends (data centers or public clouds) will be greatly simplified in 2020. IT teams will also be able to use these same platforms to unify policy and management, as well as networking and security, for LAN traffic. Throughout the LAN and WAN, a single pane of glass will monitor and manage corporate applications for all users, gateways, access points, switches, and other network elements, including IoT devices.  

Cloud Connectivity Becomes More Seamless and Ubiquitous

• In 2020, organizations will increasingly leverage cloud-based services from branch offices to support mission-critical applications while reducing exposure to malicious users and other sources of cyberattacks. Virtual gateways will better integrate with network services provided in public clouds to greatly simplify and accelerate this trend. New SD-WAN features will enable IT to better monitor and manage applications from public cloud infrastructures.  

Public Internet Continues to Replace MPLS at Remote Branches

• In 2020, organizations will increasingly utilize public internet services, which is more widely available and costs up to 100x less than legacy MPLS, for SD-WAN remote office connectivity. This trend is being driven by next-gen SD-WAN solutions which use ML-based analytical tools to improve performance and utilization. Additionally, these solutions automatically reroute traffic to minimize network disruptions which further increases confidence in public internet services as a primary transport vehicle.

In conclusion, it is hard to grasp the scale of innovation with the dynamic nature of the tech industry and the pace at which changes are happening. The above list of predictions highlights some of the technology trends that we are Aruba believe CIOs and IT managers should take note of, but it is far from exhaustive. It is interesting to wait and see the exciting innovations that 2020 will bring! 

Organizations Need to Adopt Security Strategies that Maximize Integration, Advanced AI, and Actionable Threat Intelligence to Proactively Protect Against Modern Attacks

News Summary:

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today unveiled predictions from the FortiGuard Labsteam about the threat landscape for 2020 and beyond. These predictions reveal methods that Fortinet anticipates cybercriminals will employ in the near future, along with important strategies that will help organizations protect against these oncoming attacks. For a more detailed view of the predictions and key takeaways, visit the blog.

“Much of the success of cyber adversaries has been due to the ability to take advantage of the expanding attack surface and the resulting security gaps due to digital transformation” said Derek Manky, Chief, Security Insights & Global Threat Alliances, Fortinet. “Most recently, their attack methodologies have become more sophisticated by integrating the precursors of AI and swarm technology. Luckily, this trajectory is about to shift, if more organizations use the same sorts of strategies to defend their networks that criminals are using to target them. This requires a unified approach that is broad, integrated, and automated to enable protection and visibility across network segments as well as various edges, from IoT to dynamic-clouds.”

 Highlights of the predictions follow:

Changing the Trajectory of Cyberattacks

Cyberattack methodologies have become more sophisticated in recent years magnifying their effectiveness and speed. This trend looks likely to continue unless more organizations make a shift as to how they think about their security strategies. With the volume, velocity, and sophistication of today’s global threat landscape, organizations must be able to respond in real time at machine speed to effectively counter aggressive attacks. Advances in artificial intelligence and threat intelligence will be vital in this fight.

The Evolution of AI as a System

One of the objectives of developing security-focused artificial intelligence (AI) over time has been to create an adaptive immune system for the network similar to the one in the human body. The first generation of AI was designed to use machine learning models to learn, correlate and then determine a specific course of action. The second generation of AI leverages its increasingly sophisticated ability to detect patterns to significantly enhance things like access control by distributing learning nodes across an environment. The third generation of AI is where rather than relying on a central, monolithic processing center, AI will interconnect its regional learner nodes so that locally collected data can be shared, correlated, and analyzed in a more distributed manner. This will be a very important development as organizations look to secure their expanding edge environments.

Federated Machine Learning 

In addition to leveraging traditional forms of threat intelligence pulled from feeds or derived from internal traffic and data analysis, machine learning will eventually rely on a flood of relevant information coming from new edge devices to local learning nodes. By tracking and correlating this real-time information, an AI system will not only be able to generate a more complete view of the threat landscape, but also refine how local systems can respond to local events. AI systems will be able to see, correlate, track, and prepare for threats by sharing information across the network. Eventually, a federated learning system will allow data sets to be interconnected so that learning models can adapt to changing environments and event trends and so that an event at one point improves the intelligence of the entire system. 

Combining AI and Playbooks to Predict Attacks

Investing in AI not only allows organizations to automate tasks, but it can also enable an automated system that can look for and discover attacks, after the fact, and before they occur. Combining machine learning with statistical analysis will allow organizations to develop customized action planning tied to AI to enhance threat detection and response. These threat playbookscould uncover underlying patterns that enable the AI system to predict an attacker’s next move, forecast where the next attack is likely to occur, and even determine which threat actors are the most likely culprits. If this information is added into an AI learning system, remote learning nodes will be able to provide advanced and proactive protection, where they not only detect a threat, but also forecast movements, proactively intervene, and coordinate with other nodes to simultaneously shut down all avenues of attack. 

The Opportunity in Counterintelligence and Deception 

One of the most critical resources in the world of espionage is counterintelligence, and the same is true when attacking or defending an environment where moves are being carefully monitored. Defenders have a distinct advantage with access to the sorts of threat intelligence that cybercriminals generally do not, which can be augmented with machine learning and AI. The use of increased deception technologies could spark a counterintelligence retaliation by cyber adversaries. In this case, attackers will need to learn to differentiate between legitimate and deceptive traffic without getting caught simply for spying on traffic patterns. Organizations will be able to effectively counter this strategy by adding playbooks and more pervasive AI to their deception strategies. This strategy will not only detect criminals looking to identify legitimate traffic, but also improve the deceptive traffic so it becomes impossible to differentiate from legitimate transactions. Eventually, organizations could respond to any counterintelligence efforts before they happen, enabling them to maintain a position of superior control.

Tighter Integration with Law Enforcement

Cybersecurity has unique requirements related to things like privacy and access, while cybercrime has no borders. As a result, law enforcement organizations are not only establishing global command centers but have also begun connecting them to the private sector, so they are one step closer to seeing and responding to cybercriminals in real-time. A fabric of law enforcement as well as public and private sector relationships can help in terms of identifying and responding to cybercriminals. Initiatives that foster a more unified approach to bridge the gaps between different international and local law enforcement agencies, governments, businesses, and security experts will help expedite the timely and secure exchange of information to protect critical infrastructure and against cybercrime.

Cyber Adversary Sophistication is Not Slowing Down

Changes in strategy will not go without a response from cyber adversaries. For networks and organizations using sophisticated methods to detect and respond to attacks, the response might be for criminals to attempt to reply with something even stronger. Combined with more sophisticated attack methods, the expanding potential attack surface, and more intelligent, AI-enabled systems, cybercriminal sophistication is not decreasing. 

Advanced Evasion Techniques 

A recent Fortinet Threat Landscape reportdemonstrates a rise in the use of advanced evasion techniques designed to prevent detection, disable security functions and devices, and operate under the radar using living off the land (LOTL) strategies by exploiting existing installed software and disguising malicious traffic as legitimate. Many modern malware tools already incorporate features for evading antivirus or other threat detection measures, but cyber adversaries are becoming more sophisticated in their obfuscation and anti-analysis practices to avoid detection. Such strategies maximize weaknesses in security resources and staffing.

Swarm Technology

Over the past few years, the rise of swarm technology, which can leverage things like machine learning and AI to attack networks and devices has shown new potential. Advances in swarm technology, have powerful implications in the fields of medicine, transportation, engineering, and automated problem solving. However, if used maliciously, it may also be a game changer for adversaries if organizations do not update their security strategies. When used by cybercriminals, bot swarms could be used to infiltrate a network, overwhelm internal defenses, and efficiently find and extract data. Eventually, specialized bots, armed with specific functions, will be able to share and correlate intelligence gathered in real-time to accelerate a swarm’s ability to select and modify attacks to compromise a target, or even multiple targets simultaneously.

Weaponizing 5G and Edge Computing

The advent of 5G may end up being the initial catalyst for the development of functional swarm-based attacks. This could be enabled by the ability to create local, ad hoc networks that can quickly share and process information and applications. By weaponizing 5G and edge computing, individually exploited devices could become a conduit for malicious code, and groups of compromised devices could work in concert to target victims at 5G speeds. Given the speed, intelligence, and localized nature of such an attack, legacy security technologies could be challenged to effectively fight off such a persistent strategy. 

A Change in How Cybercriminals Use Zero-day Attacks

Traditionally, finding and developing an exploit for a zero-day vulnerability was expensive, so criminals typically hoard them until their existing portfolio of attacks is neutralized. With the expanding attack surface, an increase in the ease of discovery, and as a result, in the volume of potentially exploitable zero-day vulnerabilities is on the horizon. Artificial Intelligence fuzzing and zero-day mininghave the ability to exponentially increase the volume of zero-day attacks as well. Security measures will need to be in place to counter this trend.

By Dave Russell, Vice President of Enterprise Strategy at Veeam

Throughout 2019, technology has continued to have a transformative impact on businesses and communities. From the first deployments of 5G to businesses getting to grips with how they use artificial intelligence (AI), it’s been another year of rapid progress.

From an IT perspective, we have seen two major trends that will continue in 2020. The first is that on-premises and public cloud will increasingly become equal citizens. Cloud is becoming the new normal model of deployment, with 85% of businessesself-identifying as being predominantly hybrid-cloud or multi-cloud today. Related to this are the issues of cybersecurity and data privacy, which remain the top cloud concerns of IT decision makers. In 2020, cyber threats will increase rather than diminish, so businesses must ensure that 100% of their business-critical data can be recovered.

Here are some of the key technology trends that businesses will look to take advantage of and prepare for in the year ahead.

1. Container adoption will become more mainstream.

In 2020, container adoption will lead to faster software production through more robust DevOps capabilities and Kubernetes will consolidate its status as the de facto container orchestration platform. The popularity of container adoption or ‘containerization’ is driven by two things: speed and ease. Containers are abstract data types that isolate an application from an operating system. With containers, microservices are packaged with their dependencies and configurations. This makes it faster and easier to develop, ship and deploy services. The trend towards multi cloud means businesses need data to be portable across various clouds — especially the major providers — AWS, Microsoft Azure and Google Cloud. 451 Research projects the market size of application container technologies to reach $4.3 billion by 2022and in 2020 more businesses will view containers as a fundamental part of their IT strategy. 

• Cloud Data Management will increase data mobility and portability.

Businesses will look to Cloud Data Management to guarantee the availability of data across all storage environments in 2020. Data needs to be fluid in the hybrid and multi cloud landscape, and Cloud Data Management’s capacity to increase data mobility and portability is the reason it has become an industry in and of itself. The 2019 Veeam Cloud Data Management report revealed that organizations pledged to spend an average of $41 millionon deploying Cloud Data Management technologies this year. To meet changing customer expectations, businesses are constantly looking for new methods of making data more portable within their organization. The vision of ‘your data, when you need it, where you need it’ can only be achieved through a robust CDM strategy, so its importance will only grow over the course of next year.

• Backup success and speed gives way to restore success and speed.

Data availability Service Level Agreements (SLAs) and expectations will rise in the next 12 months. Whereas the threshold for downtime, or any discontinuity of service, will continue to decrease. Consequently, the emphasis of the backup and recovery process has shifted towards the recovery stage. Backup used to be challenging, labor and cost-intensive. Faster networks, backup target devices, as well as improved data capture and automation capabilities have accelerated backup. According to our 2019 Cloud Data Management report, almost one-third (29%)of businesses now continuously back up and replicate high-priority applications. The main concern for businesses now is that 100% of their data is recoverable and that a full recovery is possible within minutes. As well as providing peace of mind when it comes to maintaining data availability, a full complement of backed up data can be used for research, development and testing purposes. This leveraged data helps the business make the most informed decisions on digital transformation and business acceleration strategies.

• Everything is becoming software-defined.

Businesses will continue to pick and choose the storage technologies and hardware that work best for their organization, but data centre management will become even more about software. Manual provisioning of IT infrastructure is fast-becoming a thing of the past. Infrastructure as Code (IaC) will continue its proliferation into mainstream consciousness. Allowing business to create a blueprint of what infrastructure should do, then deploy it across all storage environments and locations, IaC reduces the time and cost of provisioning infrastructure across multiple sites. Software-defined approaches such as IaC and Cloud-Native — a strategy which natively utilizes services and infrastructure from cloud computing providers — are not all about cost though. Automating replication procedures and leveraging the public cloud offers precision, agility and scalability — enabling organizations to deploy applications with speed and ease. With over three-quarters (77%)of organizations using software-as-a-service (SaaS), a software-defined approach to data management is now relevant to the vast majority of businesses.

• Organizations will replace, not refresh, when it comes to backup solutions. 

In 2020, the trend towards replacement of backup technologies over augmentation will gather pace. Businesses will prioritize simplicity, flexibility and reliability of their business continuity solutions as the need to accelerate technology deployments becomes even more critical. In 2019, organizations said they had experienced an average of fiveunplanned outages in the last 12 months. Concerns over the ability of legacy vendors to guarantee data Availability are driving businesses towards total replacement of backup and recovery solutions rather than augmentation of additional backup solutions that will be used in conjunction with the legacy tool(s). The drivers away from patching and updating solutions to replacing them completely include maintenance costs, lack of virtualization and cloud capabilities, and shortcomings related to speed of data access and ease of management. Starting afresh gives businesses peace of mind that they have the right solution to meet user demands at all times.

• All applications will become mission-critical.

The number of applications that businesses classify as mission-critical will rise during 2020 — paving the way to a landscape in which every app is considered a high-priority. Previously, organizations have been prepared to distinguish between mission-critical apps and non-mission-critical apps. As businesses become completely reliant on their digital infrastructure, the ability to make this distinction becomes very difficult. On average, the 2019 Veeam Cloud Data Management report revealed that IT decision makers say their business can tolerate a maximum of two hours’ downtimeof mission-critical apps. But what apps can any enterprise realistically afford to have unavailable for this amount of time? Application downtime costs organizations a total of $20.1 million globally in lost revenue and productivity each year, with lost data from mission-critical apps costing an average of $102,450 per hour. The truth is that every app is critical.