For the last several years, one of the hallmarks of digital transformation has been the market’s rapid transition to the cloud, from applications and services to complete infrastructures. But a growing number of organizations have begun to pull away from that trend, primarily because of security concerns.
The rapid adoption of new technologies almost always introduces challenges for which enterprises haven't adequately prepared. The security challenges of vulnerable IoT devices is an excellent example. In the case of cloud adoption, there are two critical concerns. First, because market demands forced many organizations to move too quickly, their cloud adoption strategy wasn't always planned as well as it might have been. As a result, many organizations now find themselves with a complex cloud-based environment that has become too expensive to manage, maintain and secure.
SD-WAN Experiencing Dynamic Growth
Gartner recently completed a survey that highlights key concerns organizations face as they implement an SD-WAN solution, and strategies for addressing those challenges. SD-WAN has been seeing rapid growth over the past two years according to IDC, with the total addressable market ballooning from $225 million in 2015 to $1.3 billion this year, with some experts predicting that it will jump to as much as $4.6 billion in 2022.
The driver behind this growth is exactly what you’d expect—digital transformation. Branch offices can no longer simply function as a satellite connected to a central network. Today’s next-gen branch leverages multiple connections, from SaaS and IaaS multi-cloud connections to direct internet connectivity from corporate-owned and BYOD assets. It also relies on high-speed connectivity to the core network, but with local awareness of things like business applications and the need for real-time data.
Traditional MPLS connections are not only expensive in some markets like the US, but they are also quite rigid—which means that digital business development efforts can often accelerate beyond the ability of a traditional branch office connection to keep up.
As with traditional IT networks, Operational Technology (OT) networks are undergoing a digital transformation process of their own. The goal is to improve productivity, efficiency, up-time, and flexibility through better monitoring. To do this, online sensors and connected systems are replacing traditional serial connections, proprietary protocols, and programmable logic controllers to better manage and control industrial environments. At the same time, the integration of automation, communications, and networking in industrial environments is an integral part of the growing Industrial Internet of Things (IIoT).
As IT and operational technology networks converge, organizations are exposing their traditionally isolated OT networks to new cyber-risks. Cybercriminals have already begun designing new malware threats, like CrashOverride/Industroyer, Triton and VPNFilter, to target vulnerable OT systems. While some of these new attacks target SCADA (supervisory control and data acquisition) and ICS (industrial control system) systems, most are focused on highly vulnerable industrial IoT devices.
Traditionally, OT engineers attached devices to monitor and control the OT infrastructure through a serial connection, which made them less available to traditional hackers. Today, as OT managers add serial-to-Ethernet converters to these devices, they are becoming prime targets. Part of the reason is that many of these devices are highly vulnerable to attack. For example, many run aging operating systems, such as Windows XP, that are highly susceptible to exploitation. In addition, most OT networks simply haven’t deployed the sorts of security technologies commonly in place in IT networks. As a result, targeting IIoT devices has certain advantages for some cybercriminals.
Location analytics solutions have been around for a while. But despite the valuable data they can provide, they are still primarily perceived as a tool for big box retail environments, such as malls, grocery stores, and department stores. In such environments, location analytics are commonly used to track consumers while they shop to help retailers do things like identify natural customer movement patterns, address congestion, identify places within a shopping environment that are less frequently visited, or place specific merchandise in high traffic areas.
But the reality is that any number of verticals can realize benefits from leveraging the sort of information that a presence analytics solution provides. Knowing where people are, where they’ve been, and how they’re moving around a location can be of key importance to a wide variety of vertical markets, including hospitality industries, transportation hubs, public venues, theme parks, and even large healthcare facilities. In fact, any business that needs to manage large numbers of people or evaluate the effectiveness of the placement of resources or services can benefit from location-based analytics.
It's time again for another quarterly trek into the wilds of the cyber-threat landscape. As security practitioners work to put themselves in the shoes of hackers to better anticipate where attacks will be coming from, these malicious actors are starting to think more like developers to evade detection.
And lately, they are more precise in their targeting, relying less on blanket attempts to find exploitable victims. How can IT security teams keep pace with the agile development cybercriminals are employing and pinpoint the recycled vulnerabilities being used? Fortinet's latest Global Threat Landscape Report sheds light on current criminal activity and suggests how organizations can stay a step ahead.
Fortinet just announced FortiNAC, the latest addition to its growing portfolio of integrated security solutions designed to protect today’s evolving networks. As organizations embrace digital transformation to improve operational efficiency, they have to support and secure a growing number of IoT devices. In fact, the rapid adoption of both stationary and highly mobile IoT solutions is one of the primary reasons why today’s networks are in constant flux.
According to Gartner, “Internet of Things endpoints will grow at a 32% CAGR from 2016 through 2021, reaching an installed base of 25.1 billion units.”(1) While most people envision digital cameras, printers, and smart appliances, IoT today also includes Industrial IoT (IIoT), Medical IoT (MIoT), and similar IoT solutions being developed across every vertical market. And to complicate matters further, these devices are increasingly interconnected and interdependent. They generate huge volumes of data, operate using applications that are constantly being updated, and often require access to critical resources. As a result, IT teams are struggling to identify, track, monitor, and secure them.
This trend hasn’t gone unnoticed by the cybercriminal community. The volume and sophistication of attacks targeting IoT devices continues to grow as well, as evidenced by the recent Triton and VPNFilter malware attacks.
Atrius Health relies on electronic medical records (EMR) to provide instant access to patient data, ensuring seamless service across a wide range of providers and departments. While Atrius Health had multiple layers of network security, a reliable barrier for physical network connections was missing. If an unauthorized individual slipped into a room at a facility, they could connect a computer, get an IP address and access the network. As with any medical group, preventing data loss and ensuring HIPAA compliance is a major concern for the organization. Lack of complete visibility across the network could result in an easy path for data loss.
The second key challenge involved operational issues. Its many locations often acted as individual business centers, introducing new technology without consulting the IT group whose team was then tasked with supporting unfamiliar devices. This behavior also led to duplicate purchasing of networked equipment. The organization needed to gain visibility into the entire network to ensure efficient, centralized management.
The education industry is aware of the power of digital transformation, and yet it is also one of the sectors most hampered by tight spending constraints and the lack of critical IT skills in the areas of security and cloud. With lots of legacy infrastructure and manual processes and paperwork that have been in place for decades, it is a monumental task to convert a digital strategy into a plan of action.
Cyberattacks are often motivated by the desire to steal and sell sensitive data, such as credit card and financial records, personally identifiable information (PII) including social security numbers, or protected health information (PHI). Once obtained, this data can be readily sold on the dark web to be used in fraudulent transactions, or for illegal activities such as credential stuffing attacks.
In addition to financially motivated attacks, we’re also seeing the rise of disruptive attacks. In many cases, the goal of these attacks was nothing more than the disruption of normal operations along with resulting brand equity damage and loss of public trust. Most alarming is the potential loss of life and public safety if critical services are disrupted. Healthcare, financial services, and retail are often the targets of disruptive attacks due to the high-value data they store and their critical economic and public safety roles.