In 2020, organizations across industries faced numerous security challenges as the nature of work suddenly and unexpectedly shifted. CISOs were forced to rapidly pivot their security strategies across the infrastructure, from the endpoint, enterprise data center, WAN, or cloud edges, and make real-time decisions that would impact their organization over the course of 2020.
Throughout the year, Fortinet CISOs shared their expertise with organizations worldwide to help them address both current and future cybersecurity challenges. Four of these Fortinet CISOs joined us virtually to reflect on 2020 cybersecurity outcomes and share their 2021 predictions for the federal, retail, financial services and healthcare sectors.
Jim Richberg, Fortinet Field CISO Federal Government
“Federal agencies have always been a high value target for malicious actors and the surge in remote work in 2020 only exacerbated this. For the federal government, 2021 is likely to be a year of transition. Many agencies are likely to continue to let a significant number of employees work remotely at least part time; this makes securing remote telework an ongoing priority for government, rather than a ‘2020 problem’, since the remote teleworker’s IT environment, online collaboration platforms, and connectivity will continue to be targeted by both criminal and nation state (APT) actors.
More government services and data became accessible online as a result of the COVID pandemic; this will likely bring more Denial-of-Service activity directed against these digital assets, with a trend towards multiple simultaneous small attacks intended to stay below the threshold of automated response. And while ransomware in the public sector is often viewed as largely a problem for state and local government, the digital assets and services of most federal agencies are ‘crown jewel’ assets in terms of the sensitivity and quantity of data they contain. CISOs will need to prioritize solutions such as Zero Trust Access, automated endpoint security, and employee awareness to counter this range of threats, and to ensure that solutions such as software defined networking and multi-cloud services are implemented securely.”
Courtney Radke, Fortinet Field CISO Retail
“In 2020, omni-channel experiences, contactless commerce, and a more mature cloud strategy were more than just “nice to haves”. They quickly became essential for retail organizations looking to thrive in the face of unexpected challenges and changing consumer behavior. In 2021, we will continue to see organizations relying on these approaches and, as they do, security must continue be a top priority. Cybercriminals are always looking for new opportunities to exploit vulnerabilities and retail has always been a prime target for financially motivated attacks. These campaigns were especially successful in 2020 as threat actors capitalized on the ongoing global disruption and rapid technology adoption being undertaken by retailers. It became apparent early on that thoughtful planning and investments made in technology platforms before the events of 2020 created much greater opportunity to survive and thrive in the new dynamic retailers found themselves in.
Going into 2021, retailers will look to expand on these investments while creating efficiencies and cost-saving opportunities along the way. Secure SD-WAN, coupled with flexible and adaptive security solutions that are easy to manage, will help reduce overall network complexity while ensuring high performance and “always on” availability of applications and customer facing technologies. Expanding 5G usage will only further highlight the necessity for robust and secure connectivity. Zero Trust Access, when integrated with the existing security fabric, will help businesses identify risk in their environments and successfully and securely scale to meet changing customer demands and business needs. As digital innovation shows no signs of slowing down, retailers will likewise need to streamline security operations through automation-focused technologies such as SOAR and manage the impact of the cyber skills shortage by augmenting with AI-enabled services to help keep up with the influx of data and alerts due to rapid multi-cloud and IoT adoption.”
Renee Tarun, Fortinet Deputy CISO Financial Services
“Like organizations across verticals, financial services organizations had to pivot largely to remote work in 2020 and digital services became more important than ever before. This, of course, brought on new opportunities for cybercriminals to exploit weak points in the security infrastructure of financial institutions to gain access to highly targeted and lucrative data. These trends will likely continue in the new year, which is why CISOs need to be taking a hard look at their strategies to identify any potential gaps.
As financial institutions remain under threat of constant attack, they will need to look at flexible and agile solutions to enable IT and security to scale and adapt without compromising security and performance. Since we expect to see an increased reliance on the cloud as digital services continue, maintaining visibility and control across their cloud, on-prem, and hybrid environments will be pivotal. It will require a broad suite of security tools that cover the entire attack surface including all users, applications, and devices, on and off the network with Zero Trust Access tools that are integrated to reduce the complexity of managing multiple solutions and vendors. In addition, centralized management of security, including automation of workflows with security orchestration, automation, and response (SOAR), automated endpoint protection, and threat intelligence sharing will be key for protection, detection, and response to security incidents.”
Troy Ament, Fortinet Field CISO Healthcare
“2020 brought a slew of new security challenges to healthcare. As healthcare, pharmaceutical, and life sciences organizations pivoted to deal with the COVID-19 pandemic by transitioning to telehealth services, creating temporary remote COVID-19 testing sites, and developing and manufacturing vaccines, security teams struggled to ensure security, performance, and compliance—among other things. Many organizations had to revamp their security infrastructure to support these remote users as cybercriminals seized the opportunity to exploit the global health crisis.
These attacks will not end in 2021, and healthcare CISOs need to be prepared to address these concerns, as well as anything else that 2021 throws at us. Healthcare organizations’ quick response to COVID-19 challenges leveraged cloud technology, secure mobile workforce enablement, and virtual patient platforms at an accelerated rate that demonstrated healthcare organizations can more quickly and effectively enable digital transformation to solve healthcare, life sciences, and pharmaceutical business challenges in the future. In addition, these same organizations have been targeted and impacted by a 75% increase in ransomware threats that will continue to rise in 2021 requiring organizations to invest in key security programs (SD-WAN, Edge Compute, Cloud Security, and Security Operations) to reduce organization risk and ensure compliance.”
Renee Tarun, Deputy CISO Education
“Like organizations across industries, academic institutions faced unprecedented challenges in 2020 as local mandates required schools to rapidly shift to remote, hybrid, or socially distant learning. Many schools did not have the IT infrastructure in place to accomplish this, and especially not in such a short timeframe. Further, students, faculty and staff would likely be accessing the network from often-unsecured internet connections and devices, increasing the opportunities for bad actors to breach networks.
Though schools have been able to implement security policies and solutions to combat these risks and secure their networks, their challenges are not over. Cybercriminals will continue to attempt to exploit weaknesses from all the new remote users and devices on the network.
In 2021, academic institutions should expand on the solutions they put in place early in the pandemic to ensure a robust digital infrastructure that can withstand new and evolving cyberthreats. Academia will continue to see a barrage of cyberattacks, such as ransomware, phishing, and denial of service attacks.
Complicating matters further, schools have traditionally been challenged with not having sufficient budgets and resources and 2021 may mean doing even more with less. Therefore, it will be imperative for these organizations ensure they look to reduce the attack surface and complexity in their environments. This will entail shoring up any weaknesses in their remote access solutions and protecting endpoints.
As education institutions look to leverage cloud and SaaS solutions, consolidating visibility and administration tasks across both its cloud and on-premises security infrastructure to enable more efficient management will be key.”
Rick Peters, Fortinet Field CISO Operational Technology
“Operational technology has long been a target for bad actors, but the onset of the COVID-19 pandemic in 2020 presented new exploitation opportunities that cybercriminals were quick to take advantage of.
Many organizations were unprepared for the challenges of the pandemic and the increased cyberthreats; because of this, they had to pivot quickly to adopt security solutions that would defend their unique and critical infrastructure from attack.
In 2021, organizations must begin to develop a more proactive security strategy that protects OT environments by leveraging up-to-date threat intelligence and constantly analyzing and revising their tactics to stay ahead of bad actors.
For many, the present COVID-19 pandemic served to illustrate the propensity and commitment of cyber adversaries to amplify disruptive campaigns against OT targets during a period of great uncertainty. Expect a proportional response from OT leaders as they carefully focus their investments to accomplish proactive defense of high value cyber physical assets. Implementing cybersecurity best practices will likely require multi-year prioritization to gain confidence regarding the state of operations and adoption of an OT Security solution designed to outmaneuver adversaries.
The importance of Building Automation will expand and elevate as part of the key focus areas for OT (expanding beyond Energy & Utilities, Manufacturing, and Transportation). As a prominent part of future OT security conversations, anticipate that smart buildings, campuses, and cities will be top of mind across the global community. Likewise, the emerging strategies will be a foundation component in defining the new normal as our society stabilizes after the present health crisis.
Further, the value and demand for sustained OT situational awareness underpinned by robust actionable intelligence will grow as a key part of a proactive defense for Critical Infrastructure. Anticipate a response the recognizes the importance of a multi-faceted solution that employs technology, processes, and workforce readiness to achieve defense at the speed of business and ultimately OT resilience against a growing attack surface.”
Chanvith Iddhivadhana Fortinet’s Thailand Country Manager revealed that, “In 2020, organizations in Thailand faced multiple urgencies to manage the networks to cope with the COVID-19 situation and to comply with the requirements of the Personal Data Protection Act (PDPA) and Cybersecurity Act which have been published in the Government Gazette and is already in effect. Fortinet has accelerated strategic advice to enable organizations to build a strong cybersecurity defense. In workforce development, Fortinet extends availability of free self-paced NSE Cybersecurity Training Courses to reduce cybersecurity skills gap in 2021.”
Source: Communication Arts