Connect with us


Zero Trust is Not a Point Solution



Roland Daccache, Systems Engineering Manager for META at CrowdStrike, says to ensure a frictionless Zero Trust journey, organisations should consider using a cloud-native security platform approach

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?
Like many things in our industry, Zero Trust is a concept that can be distorted. For years, vendors have tried to redefine Zero Trust to align with their current product capabilities. But Zero Trust is not a point solution.

It’s about building a defense-in-depth strategy to ensure all assets have identity-based perimeters that are continuously monitored for user behaviors and device attributes to ensure that least-privileged access to enterprise resources is continually enforced. This must happen no matter where users, applications, or devices are located. Zero Trust is fundamentally dynamic and requires a modern approach to security to be effective.

Do you believe that technologies that support Zero Trust are moving into the mainstream?
Yes, and good solutions should make it easy for companies to implement Zero Trust. CrowdStrike, for example, do all of the heavy liftings for enterprise security teams to enforce frictionless Zero Trust with its industry-leading CrowdStrike Security Cloud — the world’s largest unified, threat-centric data fabric to stop breaches. The CrowdStrike Security Cloud processes trillions of events, enabling hyper-accurate attack correlation and real-time threat analytics and response that can scale any deployment model, whether they are multi-cloud or hybrid enterprises that may also run legacy and proprietary applications.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?
Yes, with digital transformation and remote work, IT organizations need to adjust to today’s new way of working. It is vital for IT departments to move away from traditional network security which follows the “trust but verify” method. In the traditional model, users and endpoints within the organization’s network perimeter were assumed to be trustworthy. This put the organization at risk from malicious internal actors and rogue credentials; it also inadvertently granted wide-reaching access to unauthorized users once inside the network.

Zero Trust is often used as an alternative to the virtual private network (VPN) model, which grants total network access to verified users. Given the shift to remote work, the use of VPN is increasingly seen as a cybersecurity risk, as organizations find it more difficult to monitor and analyze network traffic and application use across a wide variety of locations and devices.

How can companies get started with zero trust?
Zero Trust can be challenging to implement due to the complexity of the technology stack, cross-departmental organizational challenges, and mapping out a process for budgeting and execution. Although each organization’s needs are unique, I recommend the following three steps to move to Zero Trust:

  1. Visualize: In this stage, the intent is to understand all of the resources, their access points, and the risks involved. Discover endpoints, identities, and applications, visualize attack paths, and discover and assess multi-cloud workloads.
  2. Mitigate: In this stage, an organization should be ready to detect and stop threats or mitigate the impact of the breach in case a threat cannot be immediately stopped. At this point, endpoints should be protected, as well as identities, and workloads in real-time with behavioral and real-time analytics. Identities should be automatically segmented and telemetry enriched with threat context and intel.
  3. Optimize: At this stage, the goal is to extend protection to every aspect of the IT infrastructure and all resources regardless of location without creating a poor user experience (which can lead to non-compliance and lower productivity). The key goal is to deploy conditional access for continuous verification without compromising a positive user experience. Best practices to avoid this include eliminating multi-factor authentication fatigue with risk-based, conditional access even for privileged users, extending multi-factor authentication protection to legacy systems to ensure no-gap coverage, and detecting and responding to threats for public clouds and SSO credentials even if a sensor/agent is not possible to deploy.

To ensure a frictionless Zero Trust journey, organizations should consider using a cloud-native security platform approach to achieve superior protection and performance without the overhead of managing terabytes of data, threat feed, and hardware investment.

What according to you are the limitations of zero trust?
Zero Trust Network Access (ZTNA) functions as a next-gen VPN replacement in that it ensures that only approved, authenticated users are granted access to an IT environment or resource. At the same time, it does not actively monitor or mitigate threats once a user has been granted access to a trusted zone.

Further, while secure access via ZTNA is a critical component of a comprehensive cybersecurity strategy, it is not effective at stopping modern cyberattacks such as ransomware or supply chain attacks. ZTNA must be combined with a secure access service edge (SASE) solution and other security tools and solutions to ensure complete protection.

In addition, ZTNA does not provide underlying identity protection capabilities, such as gathering activity data or endpoint details. In this way, the ZTNA solution cannot determine a baseline of standard user behavior, making it impossible to detect anomalies or deviations. Finally, most ZTNA solutions require a gateway, similar to what is used by a VPN. This requires careful planning to ensure the strongest possible protection without introducing significant friction within the user experience that could prevent valid users from accessing the tools and resources they need to perform their jobs.


COP28: AI Can Be Leveraged to Deliver Actionable Insights



Paul Park, the Regional Director of MENAT at Milestone Systems, says climate change is complex and demands collaborative, cross-border solutions, often constrained by geopolitical tensions. (more…)

Continue Reading


COP28: Fortinet is Committed to Innovating for a Safer Internet



Alain Penel, the VP for Middle East, Turkey, and CIS, at Fortinet, says sustainability is central to his company’s vision

Please tell us about your efforts that ensure a sustainable and equitable digital future.
Sustainability is central to our company vision at Fortinet: making possible a digital world you can always trust, which is a fundamental element to achieving just and sustainable societies. Our corporate social responsibility mission is to deliver on that vision by innovating sustainable security technologies, diversifying cybersecurity talent, respecting the environment, and promoting responsible business across our value chain.

We are actively implementing our sustainability strategy across most material areas, and we continue to prioritize the security and privacy of individuals and organizations to enable digital progress and establish sound governance. We also remain committed to the vital issues of climate change and resource scarcity that impact us and our stakeholders.

What is your commitment to combat climate change?
Our commitment to the environment and our efforts to curtail climate change are reflected in our product innovation and manufacturing standards, the eco-footprint of our facilities, and our support of environmental policies and regulations. Fortinet has a strong commitment to product energy efficiency and has also sought to reduce its environmental impact by redesigning its packaging, shipping over 500,000 boxes with 100% eco-friendly, biodegradable packaging in 2022. We have also taken tangible measures to mitigate our environmental impact and harmful emissions by signing onto the Science-Based Targets initiative (SBTi) to achieve net-zero greenhouse gas emissions across our value chain by no later than 2050.

How are you aligning your sustainability initiatives with the themes of COP28?
In line with the COP28 theme of education and skills, we have a mission to grow an inclusive cybersecurity workforce. Fortinet has already trained 219,465 people in cybersecurity as part of our goal to reach 1 million individuals trained in cybersecurity by 2026. We have also seen a +39% year-on-year increase in women hired.

When it comes to promoting responsible business and accountability, Fortinet delivers training on the impacts of human rights throughout the product life cycle to key business units. 100% of our key contract manufacturers and over 90% of our distributors globally have completed Fortinet’s training on compliance and business ethics.

Finally, in line with the COP28 theme of innovation, Fortinet is committed to innovating for a safer internet. Over 200,000 pieces of malicious cyberinfrastructure were disrupted as part of INTERPOL’s anti-cybercrime operation in Africa; 5 new product families and services were designed to support security teams in the arms race against cybercrime; and 13 new information security certifications and assessments were completed, including SOC2, HIPAA, TISAX.

Continue Reading

Cyber Security

Databases Are the Black Boxes for Most Organisations



Nik Koutsoukos, the Vice President of SolarWinds, says databases represent the most difficult ecosystems to observe, tune, manage, and scale

Tell us about the SolarWinds database observability platform.
Nearly everything a modern business does from a digital perspective requires data. Thus, databases are among the enterprise’s most valuable IT assets. This makes it critical for organisations to ensure their databases are optimised for performance and cost.

That said, databases represent the most difficult ecosystems to observe, tune, manage, and scale. Not only are there different types of databases that serve different purposes, but they are also populated by different types of data, adding to their complexity. The implications of not having visibility into your databases can be anywhere from a costly annoyance to a significant issue that causes business service disruption. For example, most application performance issues, between 70% and 88%, are rooted in the database.

For this reason, databases have largely been seen as a black box for most organisations. You know what goes into it. And you know what comes out and how long that took. However, the complexities that occur within the black box of the database are harder to discern.

This is where the SolarWinds Database Observability comes in. This offering is built for the needs of the modern enterprise environment and helps ensure optimal performance by providing full, unified visibility and query-level workload monitoring across centralised, distributed, cloud-based, and on-premises databases. Organisations armed with SolarWinds Database Observability enhance their ability to understand database implications as new code is deployed, utilise real-time troubleshooting of database performance issues, and isolate unusual behaviour and potential issues within the database.

How does database observability help IT teams track and manage infrastructure, applications, and possible threats?
Database observability collects data about the performance, stability, and overall health of an organisation’s monitored databases to address and prevent issues, and provides deep database performance monitoring to drive speed, efficiency, and savings. With SolarWinds Observability — which supports MongoDB, MySQL, PostgreSQL, and SQL Server database instances — database performance, responsiveness, and error rate are conveniently displayed in dashboards.

Moreover, alerts can be configured to notify admins by email or other methods when user-defined thresholds are crossed. This allows them to identify and remedy issues before they can develop. By gaining insight into the activities taking place inside their database instances, teams can understand user experience as well as ensure systems can scale to meet demand.

What sort of enhancements has your observability platform received recently?
Just this November, we announced major enhancements in the Database Observability capability within our cloud-based SolarWinds Observability platform. SolarWinds Database Observability provides full visibility into open-source, cloud-enabled, and NoSQL databases to identify and address costly and critical threats to their systems and business. It is now possible to navigate across all of the samples collected globally, giving IT teams an empirical distribution of random samples, which resembles the main workload.

What factors according to you will drive the adoption of observability tools in the MEA region?
The Middle East, Türkiye, and Africa (META) are riding a wave of rampant digital transformation as organisations seek to remain competitive. According to IDC, digital transformation spending in the Middle East will accelerate at a compound annual growth rate (CAGR) of 16% over the five-year period, topping US$74 billion in 2026 and accounting for 43.2% of all ICT investments made that year. As organisations continue to shift workloads to multi- and hybrid-cloud environments, the complexity of their IT environments still continues to increase. This raises the potential for visibility and monitoring gaps which ultimately translate to underwhelming or outright frustrating experiences for end users.

Tell us about the top three trends you foresee for 2024.
There are clear signs of the continued adoption of cloud technologies to allow enterprises to become more agile, giving engineering teams the ability to focus on their core competencies and expand and contract on demand.

The adoption of Kubernetes is also increasing as the refocusing introduced by the cloud enables the move to microservices-based architectures which require sophisticated orchestration management.

Finally, we are starting to see an uptick in Vector databases, as applications demand better handling of relationships between data points.

What is going to be your top priority in terms of strategies for 2024?
We will continue to deliver on our vision of making observability easy. OpenTelemetry is driving observability, but data collection is nothing if it can’t provide insights. So, we aim to ensure the data is both collected and curated such that users find it easy to consume and extract valuable insight.

Regionally, through 2024, we will continue to focus on our key markets of the UAE and Saudi Arabia, the ongoing enhancement of our product portfolio, and the strengthening of our channel ecosystem to create more markets for our business and for our partners.

Continue Reading

Follow Us


Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.