Digitally transform without fear with consistent security policies
Article by Josh Alcock, Principal Engineer and Cyber Security Strategist, Fortinet New Zealand
Digital transformation (DX) means many things to many enterprises.
To some, it means catching up with the competition.
For others, it’s consolidating IT infrastructure into an integrated whole.
But for forward-looking organisations, DX offers a host of new tools and techniques to capture new markets, increase engagements with customers and streamline operations.
But DX also carries increased risk.
This is especially true as organisations extend their network operations further afield with Operational Technology (OT) and tap into new opportunities with 5G.
OT and 5G offer benefits, to be sure, but they also significantly expand the cybersecurity threat landscape.Consistent security to reduce risk
The challenge, then, for innovative organisations is to adopt DX without adding additional risk.
The most effective method to do this is to incorporate consistent security.
In the core and edges, into the cloud and onto every inter-connected device on the network, including OT devices.
This is the essence of Fortinet’s Security Fabric.
OT, increasingly used for critical infrastructure in manufacturing, energy production and delivery and transportation, connects supervisory control and data acquisition (SCADA) sensors and other industrial control systems (ICS) to the network.
However, integrating IT-enabled devices into the network provides a whole new set of potential targets for adversaries.Air gaps no longer good enough
OT security has traditionally relied on air-gapped isolation from the corporate network for protection.
As a result, basic security protocols are usually not deployed.
Taking advantage, adversaries are increasingly targeting unprotected OT systems to steal trade secrets, disrupt operations or even commit acts of cyber terrorism against critical infrastructure.
STUXNET is a perfect example.
The majority of these attacks pick on the weakest links within the OT networks, especially the inconsistency (or lack thereof) of security policy across interconnected devices.
Adversaries also target the wide variety of OT protocols in place.
While IT systems employ standardised TCP/IP, OT systems use an array of protocols, many of which are specific to functions, industries and geographies.
This can create a challenge as security managers have to create disparate systems to secure their environment.
This in turn creates complexity with multiple vendor offerings and products.The risks won’t go away by themselves
Malicious actors are able to extract maximum value by exploiting the unprotected systems and vulnerabilities that persist in both older and newer networks and technologies.
They will also continue to take advantage of the slower replacement cycles and legacy technologies that are likely to remain in place for years.
IT integration and convergence due to DX will continue to pressure this situation further.Conclusion
The best way to counter this new reality is by implementing a comprehensive strategic approach that simplifies operations, covers all devices and can be extended as new technologies are adopted.
This would include embedding native security into SCADA and OT devices, building security functionality into the DevOps process in parallel with developments via APIs and connectors (more on this next month) and ensuring that your security policy can be extended and enforced across the entire network.
Adopting a single-vendor and unified Security Fabric approach carries the least amount of risk as your organisation adopts OT, 5G and DX.
Anything else can leave gaps (air and otherwise), increase complexity and inhibit the ability of your organisation to respond to digital opportunities.
This is exactly what the Fortinet value proposition is all about.
About the author
Josh Alcock is Fortinet New Zealand’s Principal Engineer and Cyber Security Strategist. As such, it is his business to know what’s happening in the cybersecurity world and help enterprises secure their transitional networks without sacrificing speed, functionality or control.
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organisations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 375,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.
Fortinet Security Insights is a series of hard-hitting discussions of trends in the cybersecurity world, how they will affect your enterprise and what you should be doing to prepare for digital transformation.