How Convergence, Consolidation Give Customers a Cybersecurity 'Leg Up'

Ken McCray

These days, the pace of change can feel overwhelming. It doesn’t help that the network contains edges everywhere. Cybercriminals are already taking advantage of the increased risks brought on by more endpoints and doing so at a scale and rate we have never before encountered. Whether automating, converging or consolidating, everyone must be ready for what might happen next.

Integrated Network Is Key

Standard security methods are no longer sufficient. It’s just not practical to attempt to build a network of isolated solutions and add security on top. Networking and security must converge to defeat cybercrime. Creating an integrated platform that consolidates vendors and products is the key to simplifying the network and cutting down on vendor sprawl.

The latest ransomware study from Fortinet found a significant gap between how prepared organizations think they are for a ransomware attack and the reality. Despite 78% of firms reporting that they were “very” or “extremely” prepared to stop an attack, the study revealed that 50% of respondents had been the victim of ransomware in the previous year.

Contrary to conventional wisdom, enterprises using a best-of-breed strategy — those using the best point product (typically from a pure-play vendor) — were more likely to become victims of ransomware in the past year. Conversely, organizations that had consolidated their technologies using a platform strategy, either whole-cloth or with a few specific point products, had a lower likelihood of being affected.

To increase the effectiveness and efficiency of their security, many businesses are trying to merge point products. A large, integrated and automated platform is a means to achieve this goal. Given the ubiquity of multivector, multistage cyber-attacks, it’s imperative that companies approach cybersecurity in aggregate rather than as a collection of discrete projects and products.

Coordinate Wisely

The risk has especially increased throughout OT-centric industries — including manufacturing, healthcare, transportation, energy, utilities and critical infrastructure — due to the rising convergence of OT and IT networks and the need to access the supply chain.

A growing percentage of respondents (45%) report using a combination of security platforms and point products, but 36% still solely purchase the best-of-breed point solutions.

Consequently, the security teams of those organizations spend time maintaining products that have been implemented over time, battling to get their technology to work successfully as a whole. Manual processes like this might also make it more difficult for a security team to obtain the necessary information and react quickly to a ransomware event. All of those manual processes can also exacerbate the cybersecurity skills shortage that so many organizations are grappling with; to the tune of a global shortage of 3.4 million people, according to the latest ISC(2) findings (PDF).

Organizations are consolidating how many point products they use and switching to fewer but more effective strategic platforms. What we found in our survey confirmed this, with 99% of participants believing that platforms or integrated solutions are necessary to thwart ransomware.

Once again, using these platforms to their full potential requires not just technology but also the right people and processes.

Helping Organizations Find the Power of a Consolidated Approach

Partners have an opportunity to help their customers understand why a consolidated approach is crucial and help integrate customer ecosystems across the spectrum. Focus on the areas of risk that you already know about before rushing out to acquire the newest “hot technology.” This includes strong authentication, robust email security at the gateway and endpoint, identifying and reducing exposure of the attack surface, and identity management that needs frequent credential updates. Consider adding more AI-driven technologies after that to accelerate your detection and response.

To safeguard the full attack surface — including the cloud, operational technology (OT) and all edges — a security fabric is deployed to operate across hybrid environments. It considers the changing threat environment, shortens the response time and simplifies management. A consolidated, converged strategy has many advantages, including stronger security, cost savings and more efficient corporate operations.

Converge, Consolidate and Conquer

As the pace of change accelerates and cyber threats become more pervasive, organizations must adopt a consolidated approach to network security. The conventional best-of-breed strategy is proving inadequate, as our latest ransomware study reveals a higher likelihood of attacks against those relying on point products alone. Instead, integrated platforms that consolidate vendors and products offer a more effective defense against cybercrime. This approach not only simplifies the network and reduces vendor sprawl but also increases the effectiveness of your security strategy.

Channel partners can play a vital role in helping their customers understand the importance of consolidation and integrating ecosystems to address known risks, followed by the adoption of AI-driven technologies for enhanced detection and response capabilities. By deploying a security fabric that spans hybrid environments, organizations can safeguard their entire attack surface while enjoying stronger security, cost savings and improved operational efficiency.

Ken McCray is Fortinet‘s vice president of channel sales for the U.S. He previously was at McAfee, where he was head of channel sales and operations and senior director of channel sales. You may follow him on LinkedIn or @Fortinet on Twitter.