14 minute read
SECURING DIGITAL INNOVATION
RENEE TARUN, DEPUTY CISO AND VICE PRESIDENT INFORMATION SECURITY AT FORTINET, ON HOW BUSINESSES CAN TACKLE CHALLENGES OF SECURING THEIR INNOVATIONS AS CYBER THREATS GROW.
The demand for digital innovation (DI), driven by shifting markets, evolving consumer expectations, and digital competition, has done far more than just transform networks. It has completely changed the organisation, including how lines of business are structured, how teams and individuals collaborate, where and how employees work, how success is measured, and how leaders execute against business objectives.
Advertisement
One of the most profound changes has been the increased reliance on applications to support every aspect of the business. This has led to a number of critical structural changes, such as the adoption of cloud-based infrastructures, the adoption of SaaS applications and services, and the need to provide fast, flexible and secure connections to these resources to any user on any device in any location. The COVID pandemic accelerated the adoption of innovative work-fromhome solutions to accommodate the need for social distancing while maintaining business operations. Others, such as implementing network upgrades or expanding network edges, are designed to improve a company’s efficiency and customer experience.
However, this need to compete in today’s digital world also means that many of these business-critical initiatives can only be realised by deploying new systems and solutions. But deploying new devices as part of a DI initiative also increases the complexity of network environments and creates new security and operational complexities that open up an organisation to new cyber risks.
Part of the problem occurs when a security team attempts to address new risks, especially in a new edge environment, by deploying point security products inside the growing digital attack surface. However, the additional complexity associated with monitoring and managing these point solutions, exacerbated by new data protection regulations, actually fragments visibility and reduces control, leaving security teams less prepared to protect the organisation against new cyber threats, especially those that utilise a multivector approach.
New Devices Create New Threats
When DI initiatives add new devices and work locations to the distributed network, they not only expand the organisation’s attack surface but they can also introduce new holes in the security framework. These new systems and solutions typically include Internet-of-Things (IoT) devices, mobile devices, distributed cloud computing, new branch locations, and home offices.
Each one of these introduces new threats that have to be monitored and responded to by security teams. IoT
devices often use insecure protocols that can’t be patched and default passwords that are targeted by malware. Mobile devices commonly hop between being on- and off-network, potentially dragging malware with them behind the corporate firewall. And home offices often include older, unpatched devices that can be easily exploited and used as conduits back into the corporate network. When these solutions are protected with different, isolated point security products, it can be impossible to deploy, manage, and ensure consistent policy enforcement or to correlate threat events across the network.
Cloud computing, for many organisations, is especially challenging, as nearly three-quarters of cybersecurity professionals have trouble understanding the foundational cloud shared responsibility model. Next-gen branch networks expand security requirements as each new location has devices that must be secured. And for organisations increasingly relying upon latency-sensitive Software-as-a-Service (SaaS) applications, relying on traditional connections to apply corporate security solutions also means routing all traffic through the headquarters network, impacting user experience, and the bandwidth required to scan these applications for malware simply exacerbates the problem.
Similarly, telework introduces new challenges, such as relying solely on VPN connections to provide security. VPNs do not inspect traffic. A compromised home network simply means that a VPN provides a secure tunnel through which bad actors can inject malware into the corporate network. Monitoring and securing these new devices and environments often requires specialised security tools, increasing the workload overhead on security teams.
Growing Cyber Threats Versus the Cybersecurity Skills Gap
At the same time that networks are being transformed, the cybercrime industry continues to grow. Overburdened security teams, stretched thin across the expanding attack surface and suffering from the cybersecurity skills gap, are often unable to keep up. Deploying “best-ofbreed” standalone cybersecurity solutions to address each potential attack vector as it is discovered simply makes the problem worse. Recent research shows that IT teams now have an average of 45 security solutions deployed across their networks. Rather than enhancing security, this level of vendor and solution sprawl actually diminishes their ability to not only detect, but also defend against active attacks.
Complicating this problem further is the lack of integration between these tools. This means security teams must manually collect, aggregate, and analyse data from multiple platforms to gain the context required to detect and remediate threats on their networks. Leveraging expert security analysts might save time by collecting only a subset of significant data. But such experts are hard to find with a cybersecurity skills gap of over 3 million unfilled positions has left organisations understaffed and existing teams overworked. The addition of new devices and solutions that require manual security processes absorb essential time from security teams. And this is made worse because these manual correlation processes do not scale with the frequency and complexity of cyberattacks.
Solutions for Securing Digital Innovation Initiatives
To address these challenges, CISOs must create security strategies and deploy solutions capable of providing scalable, integrated security that provides broad visibility and enables automated threat detection and response across their organisation’s security architecture.
This starts by deploying an expansive security platform designed to function seamlessly within and across different environments. This platform should serve as a central point of control for seeing, managing, and orchestrating a suite of fully integrated solutions deployed at every edge. And it should support common standards and APIs to connect existing solutions into a single security framework.
By converging networking and security, CISOs can ensure that dynamic changes to the network are automatically protected without impacting performance or productivity, ensuring the best user experience for employees and customers alike. A zero-trust access strategy helps ensure secure access to protected resources, identify unmanaged devices, and monitor for unusual behaviors across a highly distributed workforce. An adaptive cloud security protects applications and infrastructure in and across cloud environments, as well as extends security to users both on and off the network. When all of these systems are working together and sharing a common threat intelligence framework, real automation can be put into place to detect events, conduct an investigation, and coordinate a system-wide response without requiring human intervention. Which means your security team can focus on strategic solutions for DI initiatives.
Digital innovation and rapidly adopted realities like remote work have led to a complex and expansive digital attack surface that threat actors are taking full advantage of. By integrating security into every facet of the network, CISOs can ensure that their team dynamically adapts to challenges and remains agile in the face of adversity. Breaking down the traditional walls between network and security and creating a more integrated and automated fabric ecosystem should be top of mind for CISOs who need to be prepared for any eventuality in order to thrive in the new digital marketplace.
EXPLODING NEED FOR BANDWIDTH
THE DEMAND FOR BANDWIDTH IS EXPLODING, NOT ONLY BECAUSE OF REMOTE WORKERS, BUT ALSO BECAUSE OF THE INCREASED DEPENDENCE THAT BUSINESSES TODAY HAVE ON APPLICATIONS AND DATA, WRITES SHIBU VAHID, BUSINESS HEAD - SPECIAL PROJECTS, MIDDLE EAST, AFRICA & TURKEY AT R&M.
Across the public networks, telecom, Internet, and data centre segments, we see cabling infrastructure investments increasing. Above all, telecoms are investing in the expansion of fiber optic high-speed broadband networks, with this trend set to continue throughout 2021. Ongoing growth extends throughout the entire chain – from residential home networks to colocation and hyperscale data centres as well as wireless infrastructures.
The key driver remains the exploding need for bandwidth everywhere. End devices are exponentially increasing in number and generating more and more data, driven by developments like 5G communications, smart cities, the Internet of Things (IoT), Wi-Fi 6, Industry 4.0, and edge computing. From enterprise and residential sites to data centers, generated data needs to be handled and managed in near real-time across all these different environments. So, bandwidth is needed nearly everywhere – whether it is inside and outside cities.
As important as Power
Although bandwidth is a basic need – and should be considered a utility like electricity and water – there’s still not enough of it. There is a growing awareness that infrastructure needs to be right for the type of data transport that end users are demanding – or it will simply collapse. Even the most advanced end devices will be severely compromised if the network behind them is outdated.
The uptake of remote working, online collaboration, and online gaming, driven by Covid-19, is expected to last. It underlines just how vital bandwidth, uptime, and latency have become.
Fibre will remain the medium of choice. Making it possible to cater to the vast need for ultra-high bandwidth, stability, and stringent security criteria that technologies such as 5G need. As demand grows, technology has to keep up – and the clock is ticking. So with this setting the stage for the telco sector in 2021, let’s take a closer look at the key developments we can expect.
5G requires dense FTTx
In 2021, growth in telecom will continue to be at a higher-than-average rate. 5G remains an essential driver. Bandwidth and latency performance can only be realised by bringing FTTx networks closer to the wireless connection point. It requires a dense optical backhaul network with antennas integrated into fiber networks and connected to edge facilities.
Densification of FTTx networks and a growing number of small cell connections is resulting in special demands. More compact solutions and large quantities of network components are required for outdoor use.
The rollout of 5G wireless and the resulting expansion of radio cells is mainly taking place in conurbations. The main focus is on macro cells, small cells for urban and industrial applications and Pico cells for indoor applications.
However, the vast increase in working from home means that bandwidth demand has grown faster than usual. Also, in rural areas where uptake of fibre and future mobile services such as 5G has grown. 5G development will also continue to attract alternative network operators.
However, there is also an increasing tendency to move towards the periphery. Throughout and beyond 2021, installation work will provide a boost to the market. For example, there will be a requirement for huge numbers of (camouflaged) antennas, powered over PoE across relatively short distances. Besides private internet traffic, these will be used in numerous other (industrial) applications.
Further drivers include the need for low latency communication, for example, self-driving cars or healthcare applications, machine communication, smart cities, and extended mobile communication (Video UHD, Augmented Reality, smart home, highspeed internet). All of these applications require fibre, power, and data management.
The needs of urban areas
According to the UN, 68% of the global population of 9.8 billion will live in urban areas by 2050. Making Smart City applications – and therefore the quality and reliability of networks – more important than ever.
Infrastructures for smart cities require a highly flexible, future-ready approach to architecture and data traffic, with devices and systems connected by fiber extending deep into the network. This allows transport of very high data volumes with ultra-low latency, ensuring smart city applications run without interruption.
Strategies need to be aligned
We will continue to see 5G and FTTx infrastructure merging, where the FTTx access network is used for 5G deployment. Around the world, there is a growing trend toward developing above-ground networks (Aerial Deployment). In FTTH, Aerial Deployment will expand and Plug and Play. In the Middle East, Turkey and Africa, pre-terminated rollout solutions are being favored and developed. 5G is more than an evolution of 4G/LTE to 5G. It requires fixed and mobile networks to converge and densify. The fixed and mobile 5G strategy needs to be aligned and physical assets can be shared.
TAKING BACK CONTROL OF THE NETWORK
COVID-19 ACCELERATES CLOUD TRANSFORMATION AND STRETCHES THE NETWORK TO ITS LIMIT - SD-WAN ENSURES YOU STAY IN CONTROL, WRITES MOHAMMED RETMI - HEAD OF REGIONAL DOMAINS, MIDDLE EAST & AFRICA - ORANGE BUSINESS SERVICES
Among all the disruption of the current crisis, we can see a very clear pattern emerging across our regional enterprise customers and this is a shift to the cloud, which is rapidly becoming the limit of the network as more customers recognise and respond to the need to digitally transform. Customers are looking for the ultimate prize of lower costs (moving from a CAPEX to an OPEX model), agility and improved customer experience. But the concern we hear regularly is that when moving applications to the cloud, there may be a corresponding loss of visibility and control.
Our own experience is reflected in the recent IDC white paper – Redefining Customer Experiences with Cloud and Artificial Intelligence-Enabled Contact Centers. The paper comments on the rising demand and increasing uptake of cloudbased solutions in the Middle East, shown by the increase in the deployments of software as a service, platform as a service, and infrastructure as a service. It also highlights some of the challenges of adopting cloud, from security concerns to lack of adequate quality of services, and integrating systems with third-party applications.
However, successful digital transformation requires network transformation and the tools to optimise the network. As enterprises go through digital transformation and they harness the applications they need to transform, bandwidth requirement leaps and the network has to transform in order to respond to meet the needs of the emerging digital business model.
Cloud migration is the main driver of SD-WAN transformation among our customers and when migrating to cloudbased infrastructure or software, they need robust and manageable communications infrastructure to support the cloud resources on which their business processes rely.
According to the IDC paper, most companies identified data residency and governance, and industry-specific regulations as major discouraging factors when considering a cloud-based solution. Despite this, it also shows that through digital transformation, 57% of organisations aim to improve customer experience and strengthen customer engagements, while 55% intend to develop innovative products and services.
Of course, it’s not a uniform shift to the cloud and companies are migrating at different rates mirroring the local country regulatory developments – but the major cloud service providers are now here in the region and regulators are increasingly looking at the opportunities and advantages of cloud as a driver of digital business transformation with data at the heart of the business.
When it comes to customer experience, voice connectivity remains a critical element of CX – 50% of customer interactions still happen through the voice channel and our customers are looking for a voice-ready solution that facilitates the smooth transition of voice and data to the cloud.
Just recently, Orange Business Services announced a global strategic collaboration agreement with Amazon Web Services (AWS) to help enterprises accelerate their digital transformation and leverage the benefits of the cloud to adapt quickly to market changes and user needs. This will deliver new solutions for migration, data analytics, innovation and security, along with training and certification, with new products and services fast-tracking customer journeys to the cloud. A one-stop approach removes multivendor complexity for customers, speeds up digital transformation and enables innovations to enhance cloud applications. SD-WAN is becoming an essential tool for IT departments which are increasingly becoming service brokers for a variety of SaaS applications. By using SD-WAN to manage multiple applications across different service providers, the IT department can offer a diverse portfolio of applications while managing end-to-end visibility and service quality over the supporting network.
So, digital and cloud transformation is also an opportunity to move to nextgeneration SD-WAN transformation in order to optimise the network and deliver all the benefits to the business of the increased flexibility and agility – essential to business at any time but vital factors in times of dramatic change.
We can see the sectors that are transforming at the fastest rates and not surprisingly, these include retail, retail banking, transport and logistics, all of which are very active. In the banking sector, for example, cloud migration and digital transformation starts at the first level which covers the non-banking applications and offers flexible costs and a basis for unified communications services in the cloud. Beyond this, the next level involves a shift of the datacenter to the public cloud and moves the network from Software-as-aService to Platform-as-a-Service.
This is where the benefits of SD-WAN transformation really start to kick-in. These include additional flexibility, agility and scalability and the option of pay-as-you-go. The value proposition for SD-WAN is taking back control and even if the transformation process is underway, SD-WAN can be retrofitted to ensure you can monitor performance and accelerate your network transformation.
The enterprise needs a network that provides the benefits of greater visibility and control, including security controls, with accelerated service deployment, speed and much more agility.
SD-WAN delivers it.
