Everyone has a role in stopping unknown threats

Sean Campbell, Director Canadian Channels, Fortinet

Protecting against unknown cybersecurity threats is more challenging than ever before. The speed, ferocity and sophistication of cyber attacks increases every day as criminals exploit any weakness. 

These criminals are taking advantage of a rapidly changing work environment, where flexible work arrangements have expanded the attack surface and opened new opportunities for infiltration. 

Ransomware is a particular threat, having evolved into a lucrative Ransomware-as-a-Service (RaaS) industry. An entire cybercriminal ecosystem has emerged, and organizations like FortiGuard Labs have seen an increase in malicious actors and the use of more destructive wiperware and zero-day threats, meaning organizations may not even be aware of an attack until it’s too late, giving them even less control over the situation.

It takes a village 

Stopping these new and sophisticated unknown threats requires a team effort – starting from an organization’s executive team, security team, partners and vendors, all the way down to each individual employee using network access and applications. 

It’s hard to downplay the importance of the human component of cybersecurity: a whopping 80 percent of organizations reported at least one cybersecurity breach in the last year that was attributable to the skills gaps; 19 percent of which suffered 5 or more breaches, and 40 percent who suffered breaches that cost more $1 million USD to remediate. It’s not surprising then that two-thirds of global leaders believe that the global cybersecurity skills shortage increases risks, and as such, 76% of organizations now have a board of directors who explicitly recommend increases in IT and cybersecurity personnel. 

Today, many threats come through email via phishing/social engineering techniques, making employee education and good cyber hygiene a priority for establishing a strong security stance. But there are other ways to bolster the human component to help defend against unknown attacks. 

Increase Employee Capabilities

Given the challenges in recruiting and retaining cybersecurity talent, organizations should at the very least ensure all existing employees undergo cyber-safe training. Not only does this benefit the organization, but it also adds to the employee’s credentials and capabilities. In addition, security teams should have time allocated for regular tactical training to test the crisis playbooks while leveraging tools like security orchestration, automation and response SOAR. This approach can help improve accuracy and speed up detection and remediation in the event of an attack.

Make Use of Technology

Organizations can invest in technologies to prevent and stop attacks early with advanced capabilities like external attack surface management (EASM), network detection and response (NDR), deception, sandboxing, endpoint detection and response (EDR), and secure email gateways, as well as web application firewalls (WAF) to minimize damage from attacks. It is important to invest in the right tool that maps to threat threats an organization will likely face. For example, a recent survey showed that 96% or organizations feel they are at least moderately prepared for a ransomware attack. But there is an apparent disconnect between their feelings of preparedness and the tools and plans they have in place to address an attack.

Outsource to Dedicated Professionals

Finally, organizations can also choose to enhance their capabilities by engaging dedicated cybersecurity professionals. Outsourcing can help keep internal teams focused, minimize disruptions when introducing new technologies, and can be set up to operate temporarily or as a permanent extension of the in-house security team. Most often, organizations will outsource when looking to evaluate security effectiveness, for added threat-hunting capabilities, or expanded incident response. 

Where do channel partners fit in 

Channel partners also have a role to play, as many organizations do not know where the next threat is coming from. Zero-day threats could be gaining a foothold through technologies already in the environment, like applications or IoT devices. Customers need partners as the trusted advisor that they are – to help them guide along the threat landscape of today.

Channel partners can help cybersecurity leaders navigate these unknown threats by moving their customers toward a unified security framework that takes full advantage of machine learning automation. Solutions like Fortinet’s fully integrated Security Fabric delivers automation technology and human-based as-a-service offerings. Demand will be high for channel partners that can pair their customers with vendors and technologies that can ensure automations are trustworthy and offer human-based resources to expand the customer’s capabilities when and where they need it.