2 minute read
Network security
The ongoing shift to homeworking in many countries has been further boosted by the coronavirus pandemic. However, remote working can increase threats to network security. Perry Hutton, regional vice-president of cyber security solutions company Fortinet Africa, tells Ron Murphy what the risks are — and what can be done to manage them.
THE PANDEMIC HAS made remote working the norm for many people. It has also increased security risks.
As Perry Hutton, regional vicepresident, Fortinet Africa, a leader in broad, integrated and automated cybersecurity solutions, said, “For attackers, the shift has presented an unprecedented opportunity to break into enterprise networks by targeting weakly protected home networks, consumer devices, VPN connections, and video communication and collaboration tools.”
Malicious activity involving the use of Covid-19-related lures, for example, includes phishing and business email compromise schemes, nation-state-backed campaigns and ransomware attacks. Attackers have also focused considerable attention on the security of routers and all IoT devices at home.
The point, Hutton said, is that “attackers can exploit the subpar security in these systems to try and gain a foothold on enterprise networks or on devices that homeworkers might be using to connect to the enterprise network.”
A relevant term here is increased attack surfaces. The attack surface can be defined as being the whole set of physical and digital micro-perimeters arising in the enterprise IT eco-system, combined with all attack vectors used to breach them.
Digital transformation offered opportunities for business expansion to enterprises, but it led to a rushed adoption of new application and access technologies (such as cloud services, mobile applications and IoT) which are also bringing hidden and unknown vulnerabilities.
Hutton explained, “An attack surface thus now includes new edges (such as WAN, data centre, cloud and end points) and various threat types: known, advanced and unknown. To be able to protect such attack surfaces, we need to adopt a strategy that makes it easy to cover the broader attack surface and manage security in a broad, integrated and automated fashion. This enables security-driven networking, zero trust access, dynamic cloud security, and AIdriven security operations.”
Today’s networks are becoming huge, very complex and very resource-consuming, meaning that artificial intelligence (AI) and machine learning (ML) play a greater role in network security. Hutton says that ML has become an essential method for analysing bulky data traffic behaviour and identifying patterns to determine anomalous activity. AI, meanwhile, is playing a vital role in automating the processes of identifying and neutralising these threats.
He continued, “With ML/AI, network security is rapidly shifting from being reactive to proactive, by offering better capabilities than humans in detecting sophisticated attacks in a faster way, accurately and more cost-effectively.”
Automated detection of security breaches is one result of AI’s involvement. Hutton explained, “One starts by collecting all the security telemetry, events and data from appliances and systems for correlation and analysis. This will become the data that is used to feed the AI system.” Because it collects information across the industry’s broadest portfolio, the more threat telemetry that can be used to find an active threat the better the results.
More companies than ever are enabling homeworking. But are they aware of the network security risks?
Continued on page 26
