Building a national security fabric: The Fortinet approach

0

By Gary Gardiner, Director of Engineering & Services, ANZ at Fortinet

Fortinet Logo‘If we don’t hang together, we’ll surely hang separately.’ Benjamin Franklin’s (the face on the American $100 dollar note) quote is as valid today as it was 240 years ago. Building a strong national response to network security has to be a coordinated, nation-wide effort. Otherwise Australian organisations are sitting ducks.

Right now Australia’s national security landscape is comprised of thousands and thousands of discrete, individual networks that, in effect, operate in a network security vacuum. There is no significant nationwide policy to share expertise, identified threats, work-arounds or even to alert organisations of the latest malware infections. We have thousands of organisations each duplicating efforts, playing catch-up and, unfortunately, leaving the doors and windows open for cyber criminals.

F_GARY

“Gary Gardiner, Director of Engineering & Services, ANZ at Fortinet”

Technology in-place
It doesn’t have to be this way. The technology is in-place to share network security information in near realtime. The challenge is, that for far too long, organisations have viewed their network security policies and practices as their own intellectual property. And fair enough. Businesses have invested significant resources into developing security policies, buying, leasing or subscribing to cloud-based security infrastructure and training up their IT staff. But they haven’t been able to take advantage of the efforts of their peer organisations that are doing exactly the same thing. There shouldn’t be competition around network security. There has to be cooperation.

Of course many organisations see their network security as a competitive edge, especially in the managed security services market. We’re not advocating a wholesale ‘open source’ security policy. What we are promoting is the real-time sharing of threat intelligence across all sectors. We’re not asking how an organisation identified a fast-moving ‘zero-day threat’ – that is and should be proprietary. All we’re saying is that once that threat is detected and analysed to create mitigation procedures, there should be a mechanism to release this information to the public…Click HERE to read full article.

Share.