The cyber threat scenario continues to evolve and 2023 is predicted to bring with it old and new intrusion tactics. CIOs and CISOs are faced with the task of overcoming significant challenges as they work to manage initiatives that have become critical to the operation of a business such as securing remote work devices, enabling digital acceleration, staying ahead of increasing cyber risks, and supporting sustainability goals. They have to do all this while facing a global shortage of skilled talent. For perspective on recommendations and strategies for 2023, Jaime Chanagá, Fortinet’s Field CISO for Latin America and the Caribbean, shares his views on the current cybersecurity panorama and provides best practices for CISOs and CIOs to strengthen their strategies not only for the current year but beyond.
How do you see the current cybersecurity scene? What is at the top of priorities for customers?
Jaime Chanagá (JC): During 2022 I had the privilege of traveling to more than 10 countries in Latin America, the Caribbean, and Canada to speak with senior executives and organizations from a wide variety of industries. Most C-Levels, including CEOs, CFOs, and board members, have the same concerns as CISOs, CSOs, and CIOs. These are summarized as the following three: 1) business resilience, 2) cybersecurity maturity, and capability, 3) challenges faced by HR teams in acquiring, training, and retaining cybersecurity talent.
The current cybersecurity environment is also among customers’ top concerns. They are uneasy about the increasing number of cyberattacks and the changing nature of threats that come with digital transformation. On top of this, during the pandemic, customers were forced to radically transform their business in order to survive. Some organizations are learning about the additional risks that came with these changes.
We often hear that cyber risk is escalating. Do you agree with this statement?
JC: In general, cybersecurity risks are increasing. Compare, for example, the adoption of new technologies such as artificial intelligence (AI). While some organizations have not yet adopted AI-powered technology, cyber adversaries have and are using it to challenge current cybersecurity defenses. That said, it is important for organizations to consider adopting AI in order to defend against the sophisticated cyber attacks that continue to increase. Malicious actors have more ways to penetrate an organization’s environment due to the increased use of remote access that comes with remote work and study schemes. For example, some applications are designed to be 100% cloud native and store data in multiple uncontrolled environments. Also sometimes IoT sensors are located within critical infrastructure without proper segmentation.
More importantly, cyber risks are increasing due to a lack of cybersecurity awareness and training for remote workers, which can leave employees vulnerable to phishing attacks. Organizations should consider implementing awareness and training programs for their employees to secure people, data and devices, regardless of their location.
Which cybersecurity solution made the difference for customers and business partners in 2022?
JC: Organizations that invested in human and artificial intelligence services and solutions found the most value. For example, artificial intelligence-powered solutions from Fortinet’s FortiGuard lab start with a high-quality global team of cybersecurity researchers who are continuously innovating using advanced technologies such as AI and ML, which helps expand knowledge together with hundreds of international partnerships for cyber risk research and threat intelligence.
Recently, talking to customers and partners, I noticed that they are especially interested in Digital Risk Protection Services (DRPS). Many CISOs are under pressure to take risks in terms of digital transformation, but they don’t know if their current security platform can protect them with all these new technologies.
What cybersecurity portfolio solution are you recommending to customers for this 2023?
JC: Investment in sophisticated detection solutions is an area that is missing from cybersecurity planning for 2023. In 2022, many organizations faced an increase in cyber risks that came as a result of the convergence of IT and OT networks. That being said, investing in solutions such as network detection and response (NDR) can enable organizations to quickly identify anomalies, analyze emerging threats in real time, and automate responses to mitigate cyberattacks. Businesses and organizations that improve their cyber agility can defend IT environments and the company against both existing and emerging threats.
Another cybersecurity solution I recommend customers to consider is Security Access and Service Edge (SASE) to modernize their remote access technology. Currently, most companies rely on VPNs to provide remote access and some more advanced companies incorporate proxies such as Secure Service Edge (SSE). However, the use of mixed-based solutions adds complexity and performance issues to networks, which translates into ineffectiveness in responding to and remediating any attacks that may occur. This can be achieved by using a consolidated platform that brings together SSE, Zero Trust Network Access (ZTNA), and Cloud Access Security Broker (CASB) to ensure the level of access point control. This approach will ensure end-to-end visibility to provide rapid response in the event of a security incident.
What is an example of a solution that many customers haven’t considered, but should?
JC: Given that most organizations are still dealing with a shortage of specialized cybersecurity talent, I would recommend SOC-as-a-service (SOCaas), especially for all those without an in-house security operations team. If companies do not have a security-skilled workforce, they face serious risks should a cyberattack hit.