By Gary Gardiner, Director of Engineering & Services, ANZ at Fortinet
‘If we don’t hang together, we’ll surely hang separately.’ Benjamin Franklin’s (the face on the American $100 dollar note) quote is as valid today as it was 240 years ago. Building a strong national response to network security has to be a coordinated, nation-wide effort. Otherwise Australian organisations are sitting ducks.
Right now Australia’s national security landscape is comprised of thousands and thousands of discrete, individual networks that, in effect, operate in a network security vacuum. There is no significant nationwide policy to share expertise, identified threats, work-arounds or even to alert organisations of the latest malware infections. We have thousands of organisations each duplicating efforts, playing catch-up and, unfortunately, leaving the doors and windows open for cyber criminals.
It doesn’t have to be this way. The technology is in-place to share network security information in near realtime. The challenge is, that for far too long, organisations have viewed their network security policies and practices as their own intellectual property. And fair enough. Businesses have invested significant resources into developing security policies, buying, leasing or subscribing to cloud-based security infrastructure and training up their IT staff. But they haven’t been able to take advantage of the efforts of their peer organisations that are doing exactly the same thing. There shouldn’t be competition around network security. There has to be cooperation.
Of course many organisations see their network security as a competitive edge, especially in the managed security services market. We’re not advocating a wholesale ‘open source’ security policy. What we are promoting is the real-time sharing of threat intelligence across all sectors. We’re not asking how an organisation identified a fast-moving ‘zero-day threat’ – that is and should be proprietary. All we’re saying is that once that threat is detected and analysed to create mitigation procedures, there should be a mechanism to release this information to the public.
Extending the reach
Fortinet has these capabilities already in place. Right now these capabilities are available to our client base as part of our Advanced Threat Protection (ATP) and FortiSandbox solutions and we are extending these capabilities to the endpoint, access layer, applications, the cloud and event into IoT-enabled devices. What we really want to do is expand this process so that any malware that we detect and the mitigation procedures that we develop are pushed out to the wider community.
While we would like to see a wider adoption of Fortinet equipment in the marketplace, we fully understand that there are other players on the market and that many organisations have invested heavily in their security solutions. Indeed this is the whole idea behind a national security fabric. Our clients could benefit immensely if they were alerted to malware picked up by a competing vendor’s security solution. There is a time and place for competition. But there is an equally compelling rationale for cooperation, especially if it results in the rapid dissemination of mitigation procedures for zero-day threats.
Supporting a national Cyber Security Strategy
Fortinet isn’t alone in advocating such an approach. Australia’s recently released Cyber Security Policy advocates strong cyber defences with a specific goal of ‘establishing a layered approach for sharing near realtime public-private threat information through joint cyber threat sharing centres, initially piloted in a capital city and an online cyber threat sharing portal.’
The need is clear. The tools are in place. The benefits are manifest. What it will take is coordination. Fortinet is in initial communications with various government agencies to extend reach of ATP, FortiSandbox and the hundreds of researchers at our international FortiGuard Labs to a wider audience. We call on other security vendors and private industry to join us to work together on these initiatives. Our combined resources can and will overwhelm the resources that the bad actors can employ. It’s a strategy that we must adopt. Otherwise we will always be in react mode instead of leading the charge.
About the author
Gary Gardiner, Fortinet’s senior security executive in ANZ, is a seasoned network security professional with hands-on and management experience in every aspect of security across many different vendors, solutions and verticals. As a technologist, he understands the challenges and solutions. As a ‘C-level’ executive, he also is acutely aware of the drivers and challenges facing Australian organisations.