In this exclusive interview with Arabian Reseller and Security Review, Alain Penel, the Vice President for the Middle East and Turkey at Fortinet; and Aasef Iqbal, the Product Manager for OT Cybersecurity at Fortinet, talk about the cybersecurity threat landscape in the OT arena, the opportunities present for all stakeholders and how such threats can be kept at bay:

To learn more, review the Westlands Advisory 2022 IT/OT Security Navigator report, to see why Fortinet has been named a Leader: https://arabianreseller.com/WestlandsAdvisoryReport

If you liked the video, please like, share, and comment below. Follow us on social media:
✓ Linkedin – https://www.linkedin.com/company/74044193/
✓ Twitter – https://twitter.com/secreviewmag
✓ Facebook – https://www.facebook.com/secreviewmag/
✓ Website – https://securityreviewmag.com/

For more videos, please subscribe to our channel. Also, hit the bell icon to join our Notification Squad!

In this exclusive interview, Petko Stoyanov, the Global CTO at Forcepoint, speaks about their new Forcepoint One offering, the evolving security threat landscape, the skills gap in the industry, and more

You recently conducted the Forcepoint One event. What was it all about?
We announced Forcepoint One way back in February 2022, globally, as a marketing event. And then on, we started focussing on regional events. At the UAE event, we had over a hundred people attending the event and we’ve definitely had a lot of interest in Forcepoint One. We spent some time with our customers at the event, understanding their challenges and explaining how Forcepoint One is a better way to access the internet securely – not just the Internet or cloud, but also private applications.

During the pandemic, many people were working from home and though they wanted to be productive in a new working environment, they lacked the tools. So, the users started using tools they weren’t supposed to. However, if we had visibility into that and gave the users control over the data they could use, it would have been amazing. That’s what is unique with Forcepoint One – we have centralised the management.

In doing so, we don’t need all your data. Your data stays with you and we want to give you control over the data that matters to you. So, the beauty of our solution is centralised management, distributed enforcement of security, and data loss prevention, and just visibly at the same time.

Another pain point customers are facing is hiring the right talent. For managing cybersecurity products and solutions, one needs to be a CSSP. However, the number of certified professionals in this region is far lower than the demand. There is a precise skill gap in this industry that needs to be tackled. We need to change how we approach cybersecurity and hiring.

How has the security threat landscape changed over the past couple of years?
Well, it has changed even in the last two months. We are seeing lots of geo-political tensions everywhere and these instances are being used as a reason to attack government installations, utility services, oil and gas installations, banking systems, telecoms, and so on.

The safety we feel here in the UAE is because of the regulation we have in place, which is a lot of ways, applies to cybersecurity. Regulations also drive other things globally. At Forcepoint, we offer many tailor-made solutions for such industry verticals. Our data loss prevention solutions are used by some of the largest organisations in the world and our threat prevention capabilities are used to protect some of the most sensitive networks in the world.

In terms of the skills gap you mentioned, what do companies need to do to solve this?
I think there are two problems with this. One is the demand issue, where we don’t have enough people to fill up the specialised jobs available. So we’ve got to train more and more professionals so they are qualified to take up such critical jobs. Another problem is that most companies are hiring the wrong set of talents for job openings. We need to list out the job criteria that make sense.

Do not hire someone who is a jack of all trades – he/she will always be a master of none. Companies need to ask these questions. Why do I need that certification? Why do I need 20 years of experience in cybersecurity? Why do I need expertise in a 10-year-old language that is going to be non-existent in the next couple of years? So I would say, companies need to start asking questions about their hiring rates, making sure they have the right talent for the right job.

I think there are multiple things we’ve got to do as an industry. We’ve got to educate more customers so they make sure they have the right people for the job. They need to understand that you do not require a Ph.D. to go configure a router or configure something on the network. You shouldn’t be spending months deploying software. It should be done in days not months. And that is exactly what Forcepoint One is tackling.

What is your take on the Zero Trust Framework?
So, I’ve been working on the Zero Trust concept for the past three years. The US government’s been using it extensively. And the way they started is, they started actually started using Zero Trust almost 10 years ago. Zero Trust is what security should have been from the beginning. Because you’re applying security and controls only to the data – so users need to only access what they need to. But there are multiple layers of security in Zero Trust.

There’s Zero Trust where we need user data. There’s Zero Trust where you need the device. And then there are applications. You want to make sure that the user, the device, and the application have access to data, but also ensure at the same time that any data that goes to those users and devices are authorised. So it’s in many ways, applying the concept of what’s known as least privilege to the data element, the device element, the application layer, and the user.

Do you offer certification programs for your channel partners?
Yes, we do offer certification programs to make sure channel partners are at the forefront of everything we do. We are also investing a lot to make sure this happens – in the last 18 to 24 months, we’ve doubled the size of our team here. We keep our training and certification programs simple, so when our certified partners go to a customer, they know what they are talking about in order to suggest solutions to solve their issues.

What were your learnings from last year and how are you using those to better your strategies for this year?
So, in January 2016, Forcepoint spun out of Raytheon. Even though we are now an independent company, Raytheon still uses our software and hence they are our customers. So, as soon as we went on our own, we got into an acquisition mode – buying technologies and companies that complemented our ecosystem of solutions.

Our strategy has always been to invest in new solutions that complement our existing set of solutions and offer a complete end-to-end solution. So today we are capable of integrating additional solutions such as RBI, CDR and ZT, and so on. So all of these are being offered as a bouquet of services through our management platform.

Emad Fahmy, the Systems Engineering Manager for Middle East at NETSCOUT, speaks about the evolving threat landscape in the region

How has the security threat landscape evolved in recent months?
According to a 2021 survey by PwC, cybersecurity is a growing concern for organizations, with approximately 43% of Middle East CEOs planning to increase investments in cybersecurity and data privacy by 10% or more over the next three years. Moreover, 41% of these leaders think that their organization should be doing more to measure cybersecurity. The ever-evolving threat environment has made it increasingly necessary to be vigilant.

Cybercrimes continue to grow in terms of both complexity and frequency. Among the businesses that identify breaches or attacks, 21% lose money, data, or other assets, and 35% report being negatively impacted in other ways and suffering from wider business disruption. As such, it’s vital for enterprises to ensure the security of data, applications, networks, and critical business processes to stay competitive and thwart attackers. Depending on traditional security solutions and methodologies isn’t enough to combat the sophisticated attacks that target businesses today.

Is ransomware still an issue?
It is, unfortunately. The unprecedented surge in ransomware attacks has made effective cyber security and defence a top priority in today’s world. Every day, new ransomware attacks are reported by businesses and government authorities alike, not to mention the attacks that go unreported, and it seems like no one is immune.

Threat intelligence is vital to combat ransomware attacks. Threat intelligence is the study of the bad actors who perpetrate these attacks, along with the tactics and tools they use. This involves unveiling the bad actor’s attack methodologies and why they are targeting those victims. This knowledge is then turned into actionable insight that enterprises can access and comprehend. Empowered with this knowledge, enterprises can learn about their network’s vulnerabilities to actively defend against ransomware.

Companies have been trying to protect the endpoint for years. How can companies make sure endpoints are protected and monitored for attacks and mitigation?
As service providers increasingly focus on cloud services, edge computing, end-users, and endpoint devices, the traditional approach of utilizing distributed detection solutions in concert with centralized mitigation centres within the network is no longer enough. However, mitigation measures that are distributed out to the network edge necessitate both infrastructure and intelligent defence capabilities that are capable of working hand in hand across locations and platforms.

A more modern threat mitigation strategy involves distributing both detection and mitigation functions throughout the network to intercept threats nearer to the source. In this way, network operators can stop attacks upstream, instead of having to incur the cost of peering and transit link traffic that is only going to be discarded once it reaches a centralized scrubbing centre. By conducting the scrubbing as close as possible to the threat source, service providers can reduce any potential impact on traffic, helping to ensure high-quality service.