These updates, going into effect later this year, will help upskill security professionals –including customers, partners and employees – and reskill anyone interested in entering the field by more closely aligning the training curriculum to various cyber career pathways. Other Fortinet certification updates include new naming designations based on proficiency progression and more flexibility for individuals to craft their NSE training journey.

“Just as the threat landscape is constantly evolving, the same must happen with security teams’ skillsets to stay ahead and eliminate cyber risks. The significant updates we’re making to our flagship NSE Certification program will provide security professionals, including customers and partners, with more flexibility to acquire the skills needed for growth in their ever-evolving job roles. Fortinet is helping close the skills gap by enhancing our award-winning training curriculum that benefits both individuals and the organizations that need skilled talent”, said John Maddison, EVP of Products and CMO at Fortinet.

Mitigating Cyber Risks by Addressing the Talent Shortage through Training

One of the top challenges CISOs are facing is the lack of cybersecurity talent to fill the critical roles needed to effectively protect their organizations. Fortinet’s 2023 Global Cybersecurity Skills Gap Report found that as a result of unfilled IT positions due to the cyber skills shortage, 68% of organizations indicate they face additional cyber risks.

To help tackle this challenge, Fortinet established the NSE Certification program in 2015 as part of its longstanding dedication to address the cybersecurity skills gap. In addition to the company’s commitment to technology innovation, this focus transpires into continuously innovating Fortinet’s training curriculum content and how it is delivered. As part of this, the NSE Certification program will now focus on more role-based training aligned to in-demand careers, such as Cloud Security Specialists and Security Operations (SOC) Analysts, which a recent Fortinet report found were the two most sought-after roles.

These changes will further enable security professionals to sharpen their skill sets to stay ahead of new threat methods and learn about the latest security technology to help strengthen their organization’s security posture. At higher levels, there are multiple certification options to better drill down into areas of expertise. The new NSE Certification designations include:

• Fortinet Certified Expert (FCX): The most elite designation and what has been known as NSE 8 is evolving into Fortinet Certified Expert (FCX). The FCX certification identifies the highest proficiency in comprehensive and expert knowledge of network security design, configuration, and troubleshooting for complex networks.
• Fortinet Certified Engineer (FCE): These certifications further enable learners to specialize in cybersecurity solutions and gain advanced skills that map to the following key areas: Zero Trust Access, Network Security, Public Cloud Security, Security Operations, and OT Security.
• Fortinet Certified Professional (FCP): The professional level of certification does a deep dive into role-based training with the ability to certify in the following three areas: Network Security, Public Cloud Security, Security Operations.
• Fortinet Certified Associate (FCA): This certification centers around cybersecurity technology with a focus on network security and the technical aspects of the next-generation firewall.
• Fortinet Certified Fundamentals (FCF): This certification will focus on the foundational knowledge and skills that are required to learn how to operate cybersecurity products and solutions. This curriculum also offers courses that cover today’s threat landscape and the fundamentals of cybersecurity.

Existing NSE Certification holders with an NSE level 1-8 designation, including Fortinet’s partner community, can expect a smooth transition from their existing achievements to the revamped certification program with required exams clearly mapped out for each proficiency level. These enhancements will begin rolling out gradually with finalized transition expected in the fall of 2023. For information on the overall NSE Certification program updates, visit here. More information about the partner benefits of these changes is available here.

Fostering Cyber Skills through the Fortinet Training Institute

As the cornerstone of the Fortinet Training Institute – also comprised of the Education Outreach program, Academic Partner program, Authorized Training Center program, and more – the expansion of Fortinet’s certifications will also benefit participants of these programs, including veterans, students and under-represented groups. Some key highlights of advancements across these programs in helping address the skills gap and pledge to train 1 million people by 2026 include:

• Increasing training through new public and private sector collaborations: Fortinet has partnered with the All-India Council for Technical Education (AICTE) and EduSkills Foundation to offer 100,000 virtual internships in the field of cybersecurity across India. Through these kind of cross sector public and private collaborations, Fortinet is helping bring more talent into the field.
• Continuing to build the workforce of the future with new academic partnerships: The Academic Partner program provides academic institutions with Fortinet’s training curriculum to integrate into their students’ learning. Fortinet has surpassed 500 academic partners globally, including the addition of Ecole 2600 based in France that will use Fortinet’s training in its Hybrid Lab providing hands-on learning.
• Developing OT security skills: Fortinet is partnering with Purdue University to increase awareness of OT cybersecurity career pathways and foster the development of OT security talent at both the graduate and undergraduate levels. Purdue Polytechnic’s newly constructed Smart Manufacturing laboratories and research testbeds in the new Dudley and Lambertus Halls (Gateway Complex) utilize hardware and software donated by Fortinet to monitor and manage operations, support research, and provide real-world laboratory experiences in their courses. Additionally, Purdue leverages Fortinet training materials to support the laboratory curriculum.
• Instilling fundamental cyber awareness through free offering global expansion: Building on the success and demand seen in the U.S. after making the company’s customized version of its Security Awareness and Training service available for free to educators tied to the 2022 White House National Cyber Workforce and Education Summit, Fortinet is expanding the offering across the United Kingdom. The service is now available to more than 1 million education staff in nearly 30,000 schools across the U.K.
• Increasing access to technical training for security professionals: Fortinet is increasing access for security professionals to upskill through its Authorized Training Center (ATC) program, with new partners including Computer Gross in Italy and DNS based in Czech Republic.

“Fortinet continues to push the boundaries of what is possible in converging networking and security to enable customers and partners to safely and effectively compete in today’s digital marketplace. Networking and security can no longer be treated as separate strategies. The present and foreseeable future consists of hybrid networks, and only with security at their core will those networks be able to adapt at speed and scale to secure every edge. Over 20 years of prioritizing organic research and development have positioned Fortinet as the driving force behind cybersecurity innovation. And now, with the release of FortiOS 7.2, Fortinet is setting new industry standards for converged networking and security.” said John Maddison, EVP of Products and CMO at Fortinet

Hybrid Networks and Accelerating Business Demands

Growing and scaling digital business while protecting a distributed infrastructure has never been more critical or complex. Networks today are hybrid by design – spread across on-premises, multiple edges, and the cloud – and they will continue to be the enabler for digital acceleration.

According to Brandon Butler, Research Manager, Enterprise Networks at IDC, “The network is foundational for enabling the secure, scalable, and efficient use of cloud, edge, and IoT applications. Hybrid networks are needed for enterprises today, allowing applications and workflows to move seamlessly across every edge so critical information can be accessed by any user or device from any location. Combined management of advanced networking and security becomes a powerful enabler of digital acceleration”.

FortiOS 7.2 delivers new AI-powered FortiGuard security services, enhancements to the only converged networking and security platform available today, and further consolidation of security point products across networks, endpoints, and clouds.

These enhancements enable FortiOS to further protect today’s hybrid networks in the face of an escalating threat landscape while also helping organizations achieve digital acceleration.

New AI-Powered FortiGuard Security Services

Fortinet’s rich suite of FortiGuard Security Services is powered by FortiGuard Labs and natively integrated across the Fortinet Security Fabric to deliver automated and coordinated security in real-time. FortiGuard services are powered by trusted machine learning and artificial intelligence models informed by unified data sets feeding from networks, endpoints, and clouds, rich independent research, and comprehensive industry collaboration. In FortiOS 7.2, Fortinet expands its offering with multiple new services and enhancements to stop known and unknown threats faster and more effectively than ever before

John Maddison, EVP of Products and CMO at Fortinet
“According to a recent FortiGuard Labs Global Threat Landscape report, ransomware grew 1070% year over year. Unsurprisingly, organizations cited the evolving threat landscape as one of the top challenges in preventing ransomware attacks. As evidenced by our ransomware survey, there is a huge opportunity for the adoption of technology solutions like segmentation, SD-WAN, ZTNA, as well as SEG and EDR, to help protect against the threat of ransomware and the methods of access most commonly reported by respondents. The high amount of attacks demonstrates the urgency for organizations to ensure their security addresses the latest ransomware attack techniques across networks, endpoints, and clouds. The good news is that organizations are recognizing the value of a platform approach to ransomware defense.”

News Summary
Fortinet unveiled the 2021 Global State of Ransomware Report. The survey reveals most organizations are more concerned about ransomware than other cyberthreats. However, while the majority of organizations surveyed indicated they are prepared for a ransomware attack, including employee cyber training, risk assessment plans, and cybersecurity insurance, there was a clear gap in what many respondents viewed as essential technology solutions for protection and the technology that can best guard against the most commonly reported methods to gain entry to their networks.

Based on the technologies viewed as essential, organizations were most concerned about remote workers and devices, with Secure Web Gateway, VPN and Network Access Control among the top choices. While ZTNA is an emerging technology, it should be considered a replacement for traditional VPN technology. However, most concerning was the low importance of segmentation (31%), a critical technology solution that prevents intruders from moving laterally across the network to access critical data and IP. Likewise, UEBA and sandboxing play a critical role in identifying intrusions and new malware strains, yet both were lower on the list. Another surprise was secure email gateway at 33%, given phishing was reported as a common entry method of attackers.

Organizations More Concerned About Losing Data
The top concern of organizations regarding a ransomware attack was the risk of losing data, with the loss of productivity and the interruption of operations following closely behind. In addition, 84% of organizations reported having an incident response plan, and cybersecurity insurance was a part of 57% of those plans. In regards to paying ransom if attacked, the procedure for 49% was to pay the ransom outright, and for another 25%, it depends on how expensive the ransom is. Of the one-quarter who paid ransom, most, but not all, got their data back.

Ransomware Concerns Consistent Globally
While concerns about ransomware were reasonably consistent across the board, there were some differences regionally. Respondents in EMEA (95%), Latin America (98%), and APJ (Asia-Pacific/Japan) (98%) were only slightly more concerned about ransomware attacks than their peers in North America (92%). All regions perceive the loss of data as the top risk associated with a ransomware attack, along with the worry that they will be unable to keep up with an increasingly sophisticated threat landscape. APJ, uniquely, lists the lack of user awareness and training as their top concern. Respondents in APJ and Latin America were more likely to have been victims of a ransomware attack in the past (78%) compared to 59% in North America and 58% in EMEA. Phishing lures were a common attack vector everywhere, while remote desktop protocol (RDP) exploits and open vulnerable ports were top attack vectors in APJ and LatAm.

The Need for Integration and Intelligence
Almost all respondents view actionable threat intelligence with integrated security solutions or a platform as critical to preventing ransomware attacks and see value in artificial intelligence (AI)-driven behavioral detection capabilities.

While almost all of those surveyed felt they are moderately prepared and plan to invest in employee cyber awareness training, it is clear from the survey that organizations need to recognize the value of investing in technologies like advanced email security, segmentation, and sandboxing, in addition to the mainstays of NGFW, SWG, and EDR, to detect, prevent, and limit ransomware. It is important that organizations consider and evaluate these solutions to reduce risk given today’s ransomware tactics and techniques. The most advanced organizations will adopt a security approach for their ransomware protection strategy that is platform-based and provides core capabilities fully integrated with actionable threat intelligence. They must also be designed to interoperate as a unified system and be enhanced with AI and machine learning to better detect and respond to ransomware threats.

About the Fortinet Ransomware Survey:

• The report is based on a global survey of IT decision-makers aimed at better understanding how organizations view the threat of ransomware, how they are currently protecting against it, and how they plan to protect against it going forward.
• The survey was conducted in August 2021 with 455 business leaders from small as well as mid to large-sized organizations worldwide. Survey participants are IT and security leaders from 24 different countries, and represent nearly all industries, including the public sector.

Additional Resources

• • Read the blog for valuable takeaways from this survey or access the full report.
  • Learn more about how to protect against ransomware attacks with Fortinet.
  • Learn more about Fortinet’s NSE Training Institute free Information Security Awareness and Training Service.
  • Watch how Fortinet makes possible a digital world you can always trust, and view how the Fortinet Security Fabric platform delivers broad, integrated, and automated protection across an organization’s entire digital infrastructure.
  • Read more about how Fortinet customers are securing their organizations.
  • Learn more about FortiGuard Labs threat intelligence and research or Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
  • Learn more about Fortinet’s FortiGuard security services portfolio.
  • Engage in the Fortinet User Community (Fuse). Share ideas and feedback, learn more about our products and technology, and connect with peers.
  • Follow Fortinet on Twitter, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on YouTube.

The announcement serves as another proof point of both companies’ long-term commitment to delivering enterprise-grade performance and security for the hybrid era, and follows earlier news of Fortinet’s investment in Linksys and the launch of Linksys HomeWRK for Education | Secured by Fortinet to bring reliable connectivity and security to students at home.

With the increase in remote and hybrid work, enterprise IT teams are struggling to enable their workforce to work effectively from anywhere while protecting their organization from security threats, including ransomware, malware and phishing attacks, introduced by home networks. A recent survey from Sungard Availability Services revealed “only 1 in 5 companies are fully confident their infrastructure security can support long-term remote work.” Cybercriminals continue to take advantage of the expanded attack surface; the latest FortiGuard Labs Global Threat Landscape Report revealed that average weekly ransomware activity in June 2021 was more than tenfold higher than levels from one year ago. Enterprise IT teams are also challenged to support their at-home employees with a simple plug-and-play solution that delivers connectivity that can support all of the capabilities they have in-office.

To enable enterprise IT teams of all sizes to ensure enterprise-grade security and high-performance connectivity for remote and hybrid workers at home, Fortinet and Linksys are launching Linksys HomeWRK for Business | Secured by Fortinet. This offering builds on Fortinet’s commitment to build a safer Internet by protecting people, devices, and data everywhere, and delivers the following key benefits for enterprise organizations:

Fast, Reliable, and Secure Wi-Fi Mesh Connectivity
Built with the latest Wi-Fi 6 tri-band technology and Linksys’ powerful Velop Intelligent Mesh software, Linksys HomeWRK for Business | Secured by Fortinet enables high-performance, secure corporate and personal networks for users at home via a single device. Enterprise IT teams can easily distribute the provision-free hardware to employees to replace their existing home router to establish both corporate and personal networks. With a blanket of mesh Wi-Fi coverage, employees can enjoy fast and consistent whole-home Wi-Fi connection, without worrying about a weak signal or deadspots.

Optimized for Zoom to Boost Team Collaboration
Fortinet and Linksys have teamed up with Zoom, a leader in video communications, to provide the best experience for video conferencing, voice calls and screen sharing. With quality of service (QoS) networking technology that prioritizes and optimizes traffic for Zoom and other business collaboration applications, users can be confident that their next meeting, webcast or remote interview goes off without a hitch even during times of high non-critical traffic such as gaming or video streaming.

Enterprise-grade Security from Fortinet
The solution is integrated with industry-leading Fortinet security to safeguard against cyber threats introduced by home networks and automatically blocks suspicious malware, prevents intrusions, filters harmful content, and more. This joint solution showcases the power of Security-Driven Networking; by placing security in the home office on the device itself – converging networking and security together – it delivers a much better user experience.

Zero-touch Provisioning Simplifies Installation
The zero-touch provisioning solution streamlines the employee onboarding experience with simple plug-and-connect devices that don’t require physical assistance from corporate IT teams to install. The solution also includes a guided app for ideal placement of nodes at home.

Simple Remote Management
An intuitive management console enables enterprise IT managers to monitor and diagnose the performance of all devices connected to the corporate network in real-time via a single portal. The solution will be natively integrated with Fortinet management systems to further streamline management for existing Fortinet customers. Employees are also able to manage their personal network via a separate console with visibility and control of all personal devices.

Employee Privacy Protection
Protect remote employees’ privacy with support for multiple networks for separate personal use. While the corporate network is managed by the IT team, employees maintain complete ownership of the personal network and security settings, allowing all household members to benefit from a fast and secure connection for non-corporate devices, such as laptops and gaming consoles. Corporate and personal networks are separated with no visibility or access to personal information granted to corporate IT teams.

Proven, Industry-leading Technology
This joint venture and resulting joint solution bring together proven technology from two industry leaders to solve some of the biggest challenges of effectively enabling remote and hybrid work. By combining proven Wi-Fi 6 mesh technology from Linksys and industry-leading enterprise-grade security from Fortinet on the same device, Linksys HomeWRK for Business | Secured by Fortinet creates a networking environment at home that is equivalent to being at the office.

Availability and Enterprise Subscription Model
The joint solution will be available in the United States in Q4 2021 and globally beginning in Q1 2022 on affordable hardware-as-a-service subscription plans that require no upfront investment for enterprise IT teams. Two levels of service give enterprises flexibility in supporting their remote and hybrid workers: Standard – includes two nodes with standard Fortinet security, and Advanced – includes two nodes with advanced Fortinet security. Additional nodes to extend coverage available for purchase.

Supporting Quotes
“Our goal was two-fold. First, make it very simple for anyone to set up a fast and reliable home Wi-Fi network. Second, provide enterprise IT with the ability to secure and manage the business aspects of that work-from-home Wi-Fi network just as they do with any other device attached to the network. The Linksys and Fortinet joint venture is not just a simple OEM agreement of two distinct parties, it’s the start of a completely new market.”
— John Maddison, EVP of products and CMO at Fortinet

“Last year, companies and their employees were catapulted into a remote work era with little to no preparation. In that time, they’ve done what they can to make it work. It’s clear that remote work is the future of work and through Linksys HomeWRK for Business | Secured by Fortinet, we are not simply providing a solution to make it work. We are providing companies a way to enable employees to securely and safely connect to their work, thrive in remote environments and operate with peak productivity and efficiency.”
— Harry Dewhirst, CEO at Linksys

“We’re entering a phase of reopening where the hybrid model is becoming increasingly prevalent, and even in this new era of work, the importance of efficient and effective collaboration remains top of mind. Fostering collaboration starts with a reliable and safe network, and for organizations building forward, empowering employees with holistic solutions that yield fast and secure connectivity and optimization for collaborative tools will be key.”
— Pat Jensen, Distinguished Architect, Zoom

Fortinet today announced the FortiGate 3500F Next-Generation Firewall (NGFW) to protect organizations with hybrid data centers against the ever-growing threat landscape and ransomware attacks. FortiGate 3500F offers some of the industry’s highest performance numbers, including TLS1.3, with automated threat protection post decryption. Additionally, FortiGate 3500F is built with zero trust network access (ZTNA) capabilities, further delivering consistent security and seamless user experience to any user at any location with its security-driven networking approach.

Evolving Threat Landscape Poses Security Risks Across Hybrid Data Centers

With the shift to work from anywhere, organizations are adopting hybrid data centers to increase operational agility by deploying some resources across multiple clouds while keeping other business critical applications and data in on-premises data centers for compliance and control. As the data center infrastructure becomes more distributed, however, the attack surface expands and more blind spots emerge, reducing visibility and increasing the potential for breaches and attacks. It’s critical for organizations to inspect encrypted flows to detect all type of attacks, especially malware that hides in secure channels, to prevent ransomware and the disruption of command and control attacks from stealing customer and corporate data.

Organizations also need a strategy to manage excessive implicit trust and provide inspection into the growing volume of encrypted traffic which is increasingly used by cyber adversaries to mask malicious traffic. Otherwise, organizations struggle to securely grow and accelerate digital transformation as their traditional security strategy and solutions can’t keep up with escalating business demands.

Securing Users, Data and Applications Everywhere

To address these challenges, FortiGate 3500F NGFW helps organizations ensure business continuity and advanced security for hybrid data centers. With the industry’s highest Security Compute Rating (SCR) of 6x IPsec, FortiGate 3500F NGFW secures the data center edge, core and interconnect by providing ultra-fast secure data center to data center paths to build disaster recovery sites. It also enables organizations to secure data center to cloud paths for cloud on-ramps with full compliance and controls. Other key highlights of the FortiGate 3500F include:

• FortiGuard Security Services and Fortinet ASIC SPUs enable hyperscale protection for ransomware and advanced threats: FortiGate 3500F is powered by Fortinet’s purpose-built ASIC Security Processing Units (SPUs), like the NP7 and CP9. FortiGate 3500F offers the industry’s highest security compute rating of 6x for performance compared to competitors – including support of TLS1.3 – to detect attacks, like ZEUS, Trickbot, Dridex, and protect organizations from network, application and file-based attacks and many other sophisticated threats. FortiGate 3500F also natively integrates with FortiGuard Security Services. This further helps organizations protect themselves against network anti-virus, mail security, anti-DDoS, and similar functions, like IPS and anti-malware solutions.
• Natively integrates access proxy capabilities, such as zero trust network access (ZTNA): FortiGate 3500F is the only NGFW in the industry that natively integrates access proxy capabilities to enable zero trust network access (ZTNA). This allows organizations to host applications anywhere with consistent policy controls to enable and secure hybrid workforce models with seamless and superior user experience.
• Seamless user experience through consolidation: Fortinet further delivers a security-driven networking approach with FortiGate 3500F, which combines security and networking capabilities, including Secure SD-WAN and Zero Trust Network Access. An industry first, only Fortinet offers Secure SD-WAN, SD-Branch and ZTNA in one single offering.

Scaling Business with Superior Performance and Advanced Security

Powered by Fortinet’s ASIC SPUs, FortiGate 3500F offers some of the highest performance numbers for NGFW with 12x higher speeds than leading competitors. As a result, FortiGate 3500F delivers unparalleled performance levels and hyperscale to inspect, segment and secure locally hosted data and workloads at network speeds. Organizations are able to host business critical applications and provide secure access to corporate users, customers and partners.

Below is a comparison of the FortiGate 3500F compared against top firewalls on the market.

1. Performance with hyperscale license applied
2. SRX5400E-B1-AC, IPsec non-power mode​