Sean Campbell, director of Canadian chnnels at Fortinet, offers his thoughts on why AI and ML are key components to your customers' security strategies in 2021.
Anyone who has been around the industry long enough knows we’ve made leaps and bounds when it comes to cybersecurity technology. That doesn’t mean the work has become easier.
Managing security remains a complicated task. Certainly COVID-19 hasn’t helped, but the roots of security complexity extend far beyond the onset of the global pandemic, and they continue to have a major impact. The opportunity for partners is to help their clients rise above the day-to-day busy-ness that’s a symptom of cybersecurity complexity, and show them where and how all that extra work and attention is having an impact on their operations. From there, they can work to build a roadmap to a simpler, sustainable and easy-to-manage security workflow.
The big question to answer is: why have things become so complex? One big reason is the sheer number of solutions available. For decades, the answer to any new security problem was to acquire yet another specialized security tool. It’s left many businesses with a long list of solutions in their portfolios. The problem is, most of these point products were never designed to communicate with each other, which means they also have no ability to create automated workflows or coordinate policy changes. And, as networks become increasingly complex through things like digital transformation, and the number of specialized vendors in place continues to increase, valuable threat intelligence is more likely than ever to get lost in the noise.
Related to this is the volume of alerts teams must contend with. Some large organizations can see as many as 500,000 a day, and each must be tracked and confirmed. Granted, few businesses operate at this level, but even a small percentage of those alerts can greatly tax an already overburdened IT staff.
The lack of trained people is another major factor. In a March 2020 report, 89 percent of Canadian IT managers agreed that the cybersecurity skills shortage has created additional cyber risks for their organizations. Simply put, there remain far fewer people with the training to respond to the alerts and manage the products, let alone craft effective, long-term security strategies.
None of these are easy challenges to solve, and partners have to be realistic on what’s achievable based on their clients’ business priorities. However, what they can do is help companies find ways to minimize the burdens placed on their security teams, and start to show how new approaches can make their lives significantly more manageable over time. Artificial intelligence is a great place to begin, and a powerful analytical lever to explore. Recent groundbreaking advances in AI-driven security operations can enable the automatic prevention, detection, and response to cyber threats that people or standalone solutions are unable to achieve.
AI-driven security operations enable organizations to not only manage the sprawling collection of security devices they have in place, but also see and protect the data, applications, and workflows spread across thousands or millions of edges, users, systems, devices, and critical applications.
The benefits aren’t just theoretical. The ML systems woven into our global FortiGuard Labs operations, for example, continuously analyze data to identify new files, web sites, and network infrastructure that should be treated as malicious components of cybercrime campaigns. Once identified, these systems also dynamically generate new threat intelligence protection signatures that enable organizations to predict and prevent cyber threats. These threat intelligence protections are then distributed to the appropriate Fortinet Security Fabric products to automatically detect previously unknown attacks that may reach the customer ahead of global threat intelligence updates.
By taking advantage of AI technology, organizations are able to significantly enhance their ability to detect and respond to threats and adapt policies and protocols in real time. This, in turn, helps security teams to quickly correlate and process threat intelligence, ensuring that they can more consistently and efficiently keep their organization out of harm’s way.
As important as it is, exploring AI is about more than just easing workloads. Cyber criminals are leveraging AI to outmaneuver even the best network defenses. Everything from digital transformation plans to a secure remote workforce hinges on a stable, secure network. Businesses owe it to themselves to explore AI and learn how to take their security to a new level.
Security leaders have had a difficult year. As the shock of COVID-19 wears off and they work to build long-term stability for their business, they need to eliminate inefficient or risky ways of working. By introducing new AI-driven security solutions, partners can help them stay ahead of the risk and minimize the challenges that will continue to face them for years to come.
Sean Campbell, is Director Canadian Channels, Fortinet