Connect with us

News

Fortinet Unifies Zero Trust, Endpoint, and Network Security to Lead the Work-from-Anywhere Era

Published

on

Fortinet announced the industry’s most complete solution to enable organizations to secure and connect work-from-anywhere. By unifying Fortinet’s broad portfolio of zero trust, endpoint, and network security solutions within the Fortinet Security Fabric, Fortinet delivers security, services, and threat intelligence that seamlessly follow users whether on the road, at home, or in the office to provide enterprise-grade protection and productivity. These capabilities – designed for the way business is done in the Work-from-Anywhere Era – are available now.

John Maddison, EVP of Products and CMO at Fortinet, said, “Empowering users to move seamlessly between different work environments has critical implications for maintaining user productivity as well as security. Cybercriminals have been quick to exploit the expanded attack surface and security gaps created by this shift in work patterns to get a foothold into the corporate network. Today’s enterprise organizations require work-from-anywhere security that is as flexible and dynamic as today’s business demands. Fortinet is the only vendor capable of delivering unified security built for the Work-from-Anywhere Era that seamlessly adapts based on a user’s environment and risk profile.”

Work-from-Anywhere Expands to Benefit Workers and Cybercriminals
The COVID-19 pandemic has surfaced as the forcing function that greatly expanded the work-from-anywhere model. A forecast analysis from Gartner reveals, “by the end of 2024, the change in the nature of work will increase the total available remote worker market to 60% of all employees, up from 52% in 2020.” Also according to Gartner, “Organizations are facing a hybrid future, with 75% of hybrid or remote knowledge workers saying their expectations for working flexibly have increased.”

At the same time, multi-stage sophisticated attacks like ransomware are plaguing organizations at an increasing rate. According to the 1H Global Threat Landscape Report from FortiGuard Labs, ransomware incidents have increased nearly 1100% from June 2020 to June 2021. And in a recent global ransomware survey conducted by Fortinet, an astonishing 67% of organizations report having been a ransomware target.

It’s clear that remote and hybrid work is now the status quo and cybercriminals will continue to take advantage of this expanded attack surface. To address the shift in the workforce and threat landscape, enterprises must now take a “work-from-anywhere” approach to their security by deploying solutions capable of following, enabling, and protecting users no matter where they are located.

Fortinet Delivers Security Built for Work-from-Anywhere
As users move between travel, office, and home, they access applications from the cloud, data center, or SaaS. Because of this continual flux, it’s imperative that zero trust, endpoint, and network security are all unified by a common set of APIs and integration points to ensure users can seamlessly shift from one location to another, enjoying a consistent user experience that is adequately protected with contextual security. Fortinet is the only vendor capable of delivering this unification to enable security customized depending on where users are and what they are accessing. Here’s how Fortinet enables the three use cases of work-from-anywhere:

Travel: Users working outside the office or primary remote space (and the layered security it provides) potentially introduce unique threat exposure when connecting to the applications and resources necessary for work while using unknown and often unsecured networks and locations. This enables cybercriminals to snoop on exposed communications or launches attacks from inadequately protected devices. To secure users on the go, Fortinet delivers an integrated combination of:

  • Endpoint Security: EPP, EDR, XDR (FortiEDR, FortiXDR)
  • Zero Trust Access: ZTNA (FortiClient, FortiOS, FortiGate) + Identity (FortiAuthenticator, FortiToken)
  • Network Security: SASE (FortiSASE Remote)

Work-from-Home: Remote and hybrid employees typically log in from a set remote location that has some infrastructure to enable work, such as a monitor, home network, and external webcam and microphone. However, home networks are full of non-secure IoT devices as well as other users who might be consuming bandwidth with productivity-reducing video streaming or online gaming. They are also often outside the security of the corporate network and its controls. To provide managed, enterprise-grade security to users at home, Fortinet delivers an integrated combination of:

  • Endpoint Security: EPP, EDR, XDR (FortiEDR, FortiXDR)
  • Zero Trust Access: ZTNA (FortiClient, FortiOS, FortiGate) + Identity (FortiAuthenticator, FortiToken)
  • Network Security: Linksys HomeWRK for Business | Secured by Fortinet

Office: Even when users are working from a location managed by the organization that provides networking and security to employees, strong endpoint security remains an important part of a layered defense given the potential for vulnerabilities to be exploited or third parties to be compromised, providing an entry point for cybercriminals to bypass corporate controls. To secure users, devices, and servers in the office, Fortinet delivers an integrated combination of:

  • Endpoint Security: EPP, EDR, XDR (FortiEDR, FortiXDR)
  • Zero Trust Access: ZTNA (FortiClient, FortiOS, FortiGate) + Identity (FortiAuthenticator, FortiToken)
  • Network Security: Next-generation Firewall (FortiGate + FortiGate-VM)

All of the above are available as part of the Fortinet Security Fabric for stronger security, easier management, and superior total cost of ownership. Fortinet is the only vendor to support ZTNA across travel, office, and work-from-home, and is the only vendor capable of delivering all the required components to support the three use cases of work-from-anywhere as part of an integrated and automated cybersecurity platform.

Simplifying Services to Support Work-from-Anywhere
To further accelerate secure work-from-anywhere, Fortinet is committed to expanding its FortiTrust security as a service portfolio, which offers simplified consumption and unified licensing models designed for the way companies do business in the Work-from-Anywhere Era. Unlike most complicated licensing that includes a mixture of device-based, appliance-based, and cloud-based fees, FortiTrust brings everything together under one user-based license that seamlessly follows users across any environment or form factor.

This allows organizations to dynamically adapt to work-from-anywhere challenges such as shifting connectivity needs, hybrid workers, or resources that may need to move back and forth between physical and virtual environments and form factors. FortiTrust’s simplified licensing model allows true network flexibility and enables organizations to easily deploy new technologies designed for dynamic networks.

Work-from-Anywhere Security-Enhanced With AI/ML-driven Threat Intelligence
FortiGuard Labs is Fortinet’s elite cybersecurity threat intelligence and research organization dedicated to developing and utilizing leading-edge AI and machine learning technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. FortiGuard Labs continuously monitors the worldwide attack surface using millions of network sensors and hundreds of intelligence-sharing partners to keep Fortinet security products armed with the best threat identification and protection information available. These efforts result in timely, actionable threat intelligence that enhances Fortinet’s ability to adjust security enforcement based on location, device, and the application users are trying to connect to.

News

Kasten by Veeam Announces New Kasten K10 V5.0 with Enhanced Kubernetes Security

Published

on

Kasten by Veeam has announced the new Kasten by Veeam K10 V5.0 Kubernetes data management platform. Purpose-built for Kubernetes, this latest release is focused on delivering a comprehensive risk management strategy, streamlined CI/CD pipelines, and new ecosystem advancement details that optimize and de-risk Kubernetes investments. These advancements all aim to help the expanding Kubernetes community work more efficiently and securely in cloud-native applications.

“As ransomware attacks continue to remain the highest concern for organizations, a comprehensive risk management strategy to help continuously identify risk, protect data, detect attacks and deliver disaster recovery for cloud-native applications is crucial,” said Gaurav Rishi, Vice President of Products and Partnerships at Kasten by Veeam. “Our latest release remains focused on helping enterprises minimize the financial impact caused by attacks on data and cloud applications. At the same time, we’re also supporting developer needs for backup solutions that not only integrate with the CI/CD tools they use but pave the way for automation to detect and protect applications as they get deployed.”

Backing up Kubernetes applications while accommodating agile, shift-left development and distributed deployment environments remain a challenge for many organizations. Appliance-based approaches do not properly account for the unique characteristics of Kubernetes and replication doesn’t protect against infrastructure failures, data corruption, data loss, or ransomware. Having a cloud-native solution in place ensures secure and reliable backup without disrupting workflows or adding complexity that could inhibit innovation.

New key features of Kasten K10 V5.0 include:

  • Security everywhere: Enhanced platform hardening, including KMS integration with AWS KMS and HashiCorp Vault, coupled with the ease of use of Kubernetes-native RBAC objects exposed in UI dashboards, ransomware attack detection with AWS S3 or S3-compatible storage supporting S3 Object Lock, data protection policy guardrails and support for Veeam-hardened Linux repositories with immutability that offers comprehensive ransomware protection.
  • Shift-left applied to data protection: Fully integrated add-ons for newly launched Amazon EKS Blueprints, Level III certified Red Hat OpenShift Operator with full lifecycle capabilities, new built-in Kanister blueprints for MS SQL and PostgreSQL Operator, and simplified UX for Operations with new Blueprint Editor for a more intuitive and streamlined workflow, and new Reports Generator for critical metrics.
  • Expanded ecosystem: Enabling integrations with industry-leading technologies and platforms ensures that customers can have freedom of choice in an expanding array of solutions across the ecosystem, including support for Red Hat Marketplace, SUSE Rancher Marketplace, VMWare vSphere with Tanzu and Falco.

“Cloud-native applications are being developed at a pace never seen before, and with DevOps and shift-left principles, application deployment in Kubernetes is proving faster and far more scalable. Yet, at the same time, backing up Kubernetes applications remains a constant challenge,” said Danny Allan, CTO at Veeam. “This latest release provides secure backup and recovery for Kubernetes data and applications while eliminating the complexity in deployment and operations for Kubernetes in the enterprise. As more Veeam customers look to leverage Kubernetes, Kasten K10 V5.0’s ease-of-use will be critical to support data protection and backup in their new environments.”

“The alarming rate of ransomware attacks and the increased use of cloud-native application development means it’s only a matter of time before cloud-native applications become more heavily targeted,” said Johnny Yu, Research Manager, Storage, and Computing at IDC. “Now more than ever, enterprises need a backup solution that is flexible across multiple clouds and can proactively offer visibility into a potential attack before it happens. With its new K10 V5.0 release, Kasten by Veeam has positioned itself as a solid choice for companies that are looking for comprehensive, end-to-end ransomware protection for Kubernetes environments.”

The capabilities introduced in NEW Kasten K10 V5.0 underscore Kasten’s dedication to Kubernetes users by integrating DevOps and shift-left principles and hardened security. General availability of the new Kasten K10 V5.0 is expected in June. To learn more about Kasten and see Kasten K10 V5.0 in action, visit Kasten by Veeam at KubeCon + CloudNativeCon Europe 2022, as well as at VeeamON 2022.

Continue Reading

Channel Talk

Entrust Signs Up CyberKnight as New Distributor for the Middle East Region

Published

on

Entrust has announced its new distribution partnership with CyberKnight to address compliance and simplify cyber threat management. In line with evolving regional compliance regulations and standards, Entrust’s new partnership with CyberKnight as its newest regional distributor will see the two companies jointly build solutions for the Middle East market that achieve the highest standards of cyber security.

Entrust and CyberKnight are strategically aligned on their security vision with a ‘Zero Trust’ philosophy at its core. With the aim of increasing access to the highest standards of security for Middle East customers, Entrust’s new partnership with CyberKnight will further enable the delivery of digital security solutions to customers, by tapping into CyberKnight’s local network to offer advice, education, expertise, and confidence.

“Digital transformation in the Middle East continues to evolve at a phenomenal pace, especially as the demands of the past two years called for a rapid implementation of cloud-based systems to manage the unprecedented shift to remote workforces,” said Scott Kemish, Global Vice President Channel Sales, Entrust. “In order to support local customers championing cloud adoption while meeting the requirements of local compliance regulations, as well as protecting themselves against an all-time-high of cybercrime, we have entered a stage of channel development that requires our channel distribution partners to stand up and make a difference; CyberKnight has all of the right attributes that we are looking for in the market.”

“Our partnership with CyberKnight further cements our commitment to the region, and we look forward to helping more customers transform their digital security in line with the requirements of this new age,” Scott continued. Over the last two years, the rapid adoption of cloud solutions to enable remote working resulted in an increase in cybercrime globally, as it provided cybercriminals more opportunities to target victims at home. Cybercrime is set to cost the global economy $10.5 trillion annually by 2025. And industry research reveals that, in the UAE, the average cost of remediating a ransomware attack is over $500,000.

“The pandemic has reminded us that cybercriminals are constantly fine-tuning their skills and techniques. If we do not help our customers do the same, then they will be playing catch-up,” said Avinash Advani, Founder & CEO of CyberKnight. “Our partnership with Entrust as our newest vendor will enable us to continue helping customers fill the existing gap between their digital transformation efforts, and their security posture by securing their digital ecosystems as well as supporting them with their zero-trust security journey. We are very excited about working with them to further support our local customers across the region.

Entrust’s certificate solutions, PKI, identity and access management, encryption key management and hardware security modules are available to local customers through the partnership. Later this year, Entrust will join CyberKnight’s annual roadshow, set to take place in November 2022.

Continue Reading

Cyber Security

Ransomware Hit 59% of UAE Organizations Surveyed for Sophos’ Annual “State of Ransomware 2022”

Published

on

Sophos has released its annual international survey and review of real-world ransomware experiences in the State of Ransomware 2022. The report shows that 59% of UAE organizations surveyed were hit with ransomware in 2021, up from 38% in 2020.

The report summarizes the impact of ransomware on 5,600 mid-sized organizations in 31 countries across Europe, the Americas, Asia-Pacific, and Central Asia, the Middle East, and Africa. The main findings for the UAE in the State of Ransomware 2022 global survey, which covers ransomware incidents experienced during 2021, as well as related cyber insurance issues, include:

  • Many organizations rely on cyber insurance to help them recover from a ransomware attack – 85% of mid-sized organizations had cyber insurance that covers them in the event of a ransomware attack – and, in 100% of incidents, the insurer paid some or all the costs incurred.
  • Ninety-eight percent of those with cyber insurance said that their experience of getting it has changed over the last 12 months, with higher demands for cybersecurity measures, more complex or expensive policies, and fewer organizations offering insurance protection.

“The findings suggest we may have reached a peak in the evolutionary journey of ransomware, where attackers’ greed for ever higher ransom payments is colliding head-on with a hardening of the cyber insurance market as insurers increasingly seek to reduce their ransomware risk and exposure,” said Wisniewski. “In recent years, it has become increasingly easy for cybercriminals to deploy ransomware, with almost everything available as-a-service. Second, many cyber insurance providers have covered a wide range of ransomware recovery costs, including the ransom, likely contributing to ever higher ransom demands. However, the results indicate that cyber insurance is getting tougher and in the future ransomware victims may become less willing or less able to pay sky-high ransoms. Sadly, this is unlikely to reduce the overall risk of a ransomware attack. Ransomware attacks are not as resource intensive as some other, more hand-crafted cyberattacks, so any return is a return worth grabbing and cybercriminals will continue to go after the low hanging fruit.”

Sophos recommends the following best practices to help defend against ransomware and related cyberattacks:

  1. Install and maintain high-quality defenses across all points in the organization’s environment. Review security controls regularly and make sure they continue to meet the organization’s needs.
  2. Proactively hunt for threats to identify and stop adversaries before they can execute their attack – if the team lacks the time or skills to do this in house, outsource to a Managed Detection and Response (MDR) specialist.
  3. Harden the IT environment by searching for and closing key security gaps: unpatched devices, unprotected machines, open RDP ports, etc. Extended Detection and Response (XDR) solutions are ideal for this purpose.
  4. Prepare for the worst. Know what to do if a cyber incident occurs and keep the plan updated.
  5. Make backups, and practice restoring from them so that the organization can get back up and running as soon as possible, with minimum disruption.
Continue Reading
Advertisement


Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.