https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-logo.png
Banking Technology
    • Newsletter
  • Home
  • Technologies
    • Back
    • Analytics
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
  • Intelligence
    • Back
    • Content Resources
    • From the Industry
    • Galleries
    • Our Sponsors
    • Podcasts
    • Videos
    • Webinars
    • White Papers
  • Think Tank
  • Awards
    • Back
    • Circle of Excellence
    • Digi Awards
    • MSP 501 Rankings
    • Talkin’ Cloud 100
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
  • More
    • Back
    • About Us
    • Advertise on Channel Futures
    • Contact Us
    • Editorial Calendar
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
  • Home
  • Technologies
    • Back
    • Analytics
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
  • Intelligence
    • Back
    • Content Resources
    • From the Industry
    • Galleries
    • Our Sponsors
    • Podcasts
    • Videos
    • Webinars
    • White Papers
  • Think Tank
  • Awards
    • Back
    • Circle of Excellence
    • Digi Awards
    • MSP 501 Rankings
    • Talkin’ Cloud 100
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
  • More
    • Back
    • About Us
    • Advertise on Channel Futures
    • Contact Us
    • Editorial Calendar
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Silos

Silos Are a Cybercriminal’s Best Friend

  • Written by Jon Bove
  • September 6, 2018
Today's attacks are designed to exploit vulnerabilities and dive deep into the network without leaving a trace. This enables lateral movement, in which bad actors search for resources to take over or data to exploit, all without detection.

Cybercriminals by definition don’t play by the rules. They aren’t constrained by org-chart-diagrammed lines of business, carefully guarded network domains, narrowly deployed security solutions or compartmentalized technology teams. They look at your customer’s network as a single entity and will take every opportunity for lateral movement. That means they may have better visibility into an organization’s network operations and architecture than many of the folks who actually work there. 

This “silo effect” is dangerous. It’s also way too prevalent. 

As cybersecurity needs have evolved, organizations have deployed one-off security solutions in different areas of the network and cloud infrastructure that often require individual management. As a result, threat intelligence is isolated, so detecting sophisticated attacks requires the sort of manual correlation that most organizations simply do not have the resources to support. For MSPs, the mandate is to break down these walls and provide integrated security solutions. 

As to how to convince line-of-business decision-makers, look no further than the shift to a digital business model. Data is the currency of today’s economy. Collecting it, generating it, mining it and finding ways to make it available to both employees and consumers are measures of success. But while workflows and data now move freely between one network ecosystem and the next, the institutional culture building these systems still has hard lines drawn between domains and lines of responsibility, and they protect zones of personal control that have developed over years or even decades. In such an environment, establishing consistent visibility, management and security protocols that span the network can be next to impossible.


6 Top MSSPs Share Their Sales Secrets: Struggling to sell managed security? These peer experts have some tips for you.


Malicious actors know this and use it to their advantage. Fortinet’s first-quarter Threat Landscape report reveals that the number of unique exploit detections grew by over 11 percent, to 6,623. And at the same time, 73 percent of companies experienced a severe exploit during the quarter. Our data seems to indicate that cybercriminals are getting better at matching exploits to their targets. I can attest that organizations with institutionalized controls and rigid hierarchies that isolate personnel and restrict resources to teams with specific silos of responsibility tend to be more vulnerable to today’s sophisticated attack strategies. The fractured infrastructure resulting from this model allows attackers to hide in the gaps between control systems.

Likewise, complex, multivector attacks are difficult to identify when a team has access to only a limited sphere of functionality. And malware that can mimic legitimate traffic is especially difficult to detect when the team responsible for security has no control over the data or resources being consumed or delivered by another team.

Mind Those Gaps

Security-focused partners are in a good position to help customers reconsider how they plan to stay ahead of the criminal community that wants to steal, hijack or ransom their data. You are an impartial, outside observer who may see schisms that the company doesn’t even realize may be putting its data at risk.

Once you get their attention, there are four steps to begin implementing effective security services help bridge the gap between traditionally isolated security devices. 

  • Technology integration. Because today’s threats are so sophisticated, customers need to integrate security solutions so they can work as a unified system to find and respond to even the fastest and most stealthy attacks. Building a fabric-based security framework around open APIs and a common OS enables those security technologies to span the distributed network as a single, integrated security solution. By weaving different security technologies together using a common framework, you can help customers effectively share and correlate threat intelligence and collaborate to adapt and respond to threats, regardless of which zone of the network or which team owns and manages the asset being targeted.
  • Unified intelligence. In a unified security strategy, all solutions must operate using the same set of policies, protocols and intelligence. Adding a common threat-intelligence service to a fabric-based security strategy ensures that different security tools deployed across the infrastructure are on the same page when it comes to looking for and discovering new threats.
  • Consistent application of services. When you offer a uniform set of security services that spans your customers’ ecosystem of networks, they can tie different and disparate security solutions together even further. These services, such as sandboxing, intrusion prevention, virus-outbreak prevention or application controls, allow you to use a common set of intelligence and techniques to better identify, correlate and respond to threats in a coordinated fashion, regardless of where a threat is detected or where security resources are located.
  • Process automation. Human decision-making delays can no longer be tolerated as the time between a breach and the compromise of data or resources continues to shorten. To address this growing challenge, offer decision-making and analysis engines that take humans out of the loop. Leveraging AI engines and automation to perform the vast majority of decisions and analysis at speed and scale would not only close the gap on threat impact, but also allow humans to reallocate resources to focus on the really hard remaining decisions, where human cognition and intervention are required.

Cybercrime has evolved faster than the typical piecemeal security strategy can defend against it. Wide-reaching knowledge of the attack landscape and the ability to respond quickly at multiple levels are the only ways to provide the level of security needed now. By providing such services, you will ensure consistent enforcement and security effectiveness, regardless of how complex your customers’ network environments may be.

Jon Bove is the vice president of Americas channels at Fortinet. In this capacity, Bove and his team are responsible for strategizing, promoting and driving the channel sales strategy for partners in the United States as the company seeks to help them build successful – and profitable – security practices. During his time at Fortinet, he has been responsible for establishing Fortinet’s national partner program and aligning Fortinet’s regional partner strategy to allow partners to develop Fortinet security practices with the tools and programs to successfully grow their business.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Business Models Security Strategy

Related


  • Success story word salad
    Remove the Mystery (RTM)
    VAR Improves Margins by Moving to Managed Security Services
  • Barracdua MSSPInsiders Blog Image
    Tips for Launching an Actionable Cloud Security Framework
    To successfully launch an actionable cloud security framework--and avoid missing key elements-- providers should sequentially focus on five key areas.
  • Certified, certifications
    MSPAlliance Adds, Updates Certifications Focused on Cloud, Data Center, GDPR
    The UCS update specifically targets MSPs and distinguishes them from cloud providers.
  • Survey: Use of Cyber Threat Intelligence Gaining Steam
    Only 8 percent of organizations reported having no plans to begin using threat intelligence.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Tips for Launching an Actionable Cloud Security Framework
  • Mobile Phone Users Drive Consumerization of Workplace Biometrics
  • Jask Goes Global with Enhanced, Rebranded Partner Program
  • SolarWinds Debuts Flow Tool Bundle

From the Industry


Sponsor Content

A 2019 Update on RDP Ransomware

February 14, 2019
Sponsor Content

This Valentine’s Day, Give the Gift of IT Education

February 14, 2019
Sponsor Content

XO Is in the Air

February 11, 2019
view all

Galleries


MSPs On … Struggles with the Skills Shortage

February 15, 2019
view all

Webinars


Sponsor Content

Double Your Revenue with Backup and DRaaS

February 12, 2019
Sponsor Content

UCaaS 101: Building a Unified Communications as a Service Practice

December 4, 2018
view all

White Papers


Sponsor Content

A Business Owner’s Guide to Cybersecurity

February 6, 2019
Sponsor Content

The Seven Types of Power Problems

February 6, 2019
Sponsor Content

The Lean MSP

January 29, 2019
view all

Videos


Sponsor Content

Video: Ivanti Unified IT: Automate Service Requests

January 14, 2019
Sponsor Content

Linksys Cloud Manager Tutorial – Dashboard Overview

January 13, 2019
Sponsor Content

Linksys Cloud Manager Tutorial – How to Set Up a Network, Access Points, and SSID

January 13, 2019
view all

Twitter


ChannelFutures

.@CenturyLinkBiz embraces new stricter @awscloud #MSP partner requirements. goo.gl/fb/WwDzco

February 15, 2019
ChannelFutures

.@ISC2 announces new #cybersecurity continuing education program. goo.gl/fb/nWbJY1

February 15, 2019
ChannelFutures

We asked 7 #MSP501 partners about their frustrations with finding good talent. @BowmanWilliams goo.gl/fb/fyzLLj

February 15, 2019
ChannelFutures

.@LenovoDC sees a strong year ahead for partners with a hard focus on #storage. goo.gl/fb/xvtYKp

February 15, 2019
ChannelFutures

.@Nvidia brings virtual #GPU workstation as a service to #Azure Marketplace, also planned for #WVD. goo.gl/fb/SpCCBx

February 15, 2019
ChannelFutures

.@googlecloud gets a boost via a larger salesforce, $13 billion in #datacenter investments. goo.gl/fb/vfnwhb

February 15, 2019
ChannelFutures

.@IBM is making its #Watson #AI services available on @awscloud @Azure and other cloud platforms. goo.gl/fb/mx7itA

February 15, 2019
ChannelFutures

.@KaseyaCorp releases 2019 #MSP Benchmarking study. We get insights from @jimlippie. goo.gl/fb/kZfPZS

February 15, 2019

MSSP Insider

Newsletters and Updates

Sign up for the Doyle Report, Channel Futures Update, MSP 501 Update and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

Channel Futures

© Channel Futures 2019. All rights reserved.

  • About Us
  • Contact Us

Related Links

  • Privacy Policy
  • Terms of Service

Follow us

Websites are now required by law to gain your consent before applying cookies. We use cookies to improve your browsing experience. Parts of the website may not work as expected without them. By closing or ignoring this message, you are consenting to our use of cookies.
X