AT&T & Fortinet Partner for a Managed SASE Solution

5/5 (1)

5/5 (1)

Last week AT&T announced a partnership with Fortinet to expand their managed security services portfolio. This partnership provides global managed Secure Access Service Edge (SASE) solutions at scale. The solution uses Fortinet’s SASE stack which unifies software-defined wide-area network (SD-WAN) and network security capabilities into AT&T managed cybersecurity framework. Additionally, AT&T SASE and Fortinet will integrate with AT&T Alien Labs Threat Intelligence platform, a threat intelligence unit to enhance detection and response. AT&T has plans to update its managed SASE service during the year and will continue to bring more options.

Talking about the AT&T-Fortinet partnership, Ecosystm Principal Advisor, Ashok Kumar says, “This move continues the trend of the convergence of networking and security solutions. AT&T is positioning themselves well with their integrated offer of network and security services to address the needs of global enterprises.”  

Convergence of Network & Security

AT&T’s improved global managed security service includes features such as secure web gateway, firewall-as-a service, cloud access security broker (CASB) and zero-trust access, which provides security teams and analysts with unified capabilities across the cloud, networks and endpoints. The solution aims to enable enterprises to create a more resilient network bringing the core capabilities of the two companies that will reduce operational costs and deliver a unified offering.

Last year AT&T also partnered with Cisco to expand its SD-WAN solution and to support AT&T Managed Services using Cisco’s vManage controller through a single management interface. Over the past years multiple vendors including Fortinet have developed comprehensive SASE solution capabilities through partnerships or acquisitions to provide a unified offering. Last year Fortinet acquired Opaq, a SASE cloud provider to bolster their security capabilities through OPAQ’s patented Zero Trust Network Access (ZTNA) cloud solution and to strengthen SD-WAN, security and edge package.

The Push Towards Flexible Networking

Kumar says, “The pandemic has created a higher demand and value for secure networking services. Enterprises experienced greater number of phishing and malware attacks last year with the sudden increase in work-from-home users. The big question enterprises need to ask themselves is whether legacy networks can support their evolving business priorities.”

“As global economies look to recover, securing remote users working from anywhere, with full mobility, will be a high priority for all enterprises. Enterprises need to evaluate mobile SASE services that provide frictionless identity management with seamless user experiences, and be compatible with the growing adoption of 5G services in 2021 and beyond.”


The Top 5 Telecommunications & Mobility Trends that will dominate the telecom industry to watch out for in 2021. Signup for Free to download the report.

New call-to-action
1
Asavie Acquisition Strengthens Akamai’s 5G Security Strategy

5/5 (1)

5/5 (1)

In the recently published the Top 5 Cybersecurity & Compliance Trends for 2021 report Ecosystm predicts that 2021 is when M&As will ramp up in earnest to consolidate the fragmented cybersecurity market. The pandemic has slowed down M&A activities in 2020. Early signs of what we can expect from the market when we emerge from COVID-19 can be seen in the recent acquisition of Asavie by Akamai Technologies. The market is realising the full implication of the shift to remote working and the potential of increased cyber threats – and this acquisition is a sign that larger vendors will continue to strengthen their cybersecurity capabilities by acquiring vendors, with complementary capabilities.  

Asavie Enabling the Secure Office Anywhere

Asavie, headquartered in Ireland, offers a global platform that manages the security, performance, and access policies for mobile and internet-connected devices. Asavie delivers secure access to business resources for a mobile workforce – without requiring installation and management of client software. Increasing mobile workloads and Office Anywhere trends mean that the enterprise private network is no longer just PCs/laptops. All enterprise endpoints must be considered to be a part of the enterprise network – and security and authentication solutions must be able to handle this. Organisations will need to explore options where they can give seamless access to their employees without straining their IT and cybersecurity teams – a rapidly installable, scalable, and cloud-managed solution will become a necessity. 

More than ever before, enterprises will have to treat all endpoints as branches of the organisation, and the Future of Work goes beyond enabling home offices. The Global CXO Study: The Future of the Secure Office Anywhere finds that 66% of IT and business leaders think of multiple locations, when they think of Office Anywhere. Employees will work wherever they get the best work experience and are most productive. Future work patterns will require that all endpoints are considered as extended branches of the organisation. This involves the ability to extend the enterprise WAN – with speed, flexibility, and security in mind – whether it is a temporary or a home office, an ad-hoc point of sales or an employee on the go. Every employee or device should be treated like a Branch of One.

Ecosystm Comments

Ecosystm Principal Advisor Shamir Amanullah

“Akamai has been diversifying away from its well-known content delivery network (CDN) offering and has successfully built its security business offering in recent years. In 2019, the company nearly doubled its security revenue to USD 849 million from just USD 488 million in 2017. In their 3rd quarter financial results reported in end October 2020, the Cloud Security Solutions revenue was US$266 million, up 23% year-over-year.”

“The move into the mobile security segment has been timely for Akamai as enterprise application and content is moving from behind the firewall to the cloud; adding to the criticality of the cybersecurity threat management. The COVID-19 pandemic has further driven the onboarding of businesses and consumers alike, adding to significant addressable market opportunities.”

“The acquisition of Asavie is a strategic move. Asavie’s solution effectively extends the enterprise security management to incorporate mobile devices as a ‘Branch of One’ enabling CIOs and CISOs to manage security and policies the same way as traditional enterprise network resources. The growth of 5G will further drive IoT devices and a myriad of applications and use cases which will provide for a significant growth opportunity for Akamai – the acquisition of Asavie is a positive move to support this trend.”

Akamai Strengthens Intelligent Edge Capabilities

Asavie’s mobile, IoT and security solutions will integrate with Akamai’s Security and Personalisation Services (SPS) product line sold to carrier partners that embed the solution within the technology bundle sold to their subscribers. With the Asavie acquisition, Akamai intends to help their carrier partners address enterprise and mid-market customer demand for IoT and mobile device security and management services.

Ecosystm Comments

Ecosystm Principal Advisor Ashok Kumar

“The addition of Asavie to Akamai’s SPS product line provides synergy for the company to expand into new addressable markets for the remote workforce and internet-connected devices to deliver superior experience in a multi-cloud environment. The Global CXO Study conducted by Ecosystm found that three quarters of the organisations rate mobile security as an important or very important part of their digital transformation strategy. Secure mobile experiences will be a core element of the enterprise going forward in the post COVID-19 business environment – driven by employee needs for mobile services and corporate resources from remote locations, with superior identity and policy management, in a frictionless manner.”

“There is an opportunity for mobile service providers and mobile virtual network operators (MVNOs) to leverage the Asavie solution combined with Akamai’s strength at the edge with over 1,500 networks worldwide to offer cloud-based value-added cybersecurity services. The Global CXO Study also found that scaling of endpoint security was a major pain point for half the organisations with more than 100 branches. Service providers can become the enabler by offering services for small and medium enterprises (SMEs) to dynamically adapt their network and security services to fluctuating demand conditions.”                          

Ecosystm Principal Advisor Claus Mortensen

“Although Akamai does offer CDN services for the SME segment, the company heavily relies on service providers and carriers to address this segment in the CDN, cloud security and its burgeoning IoT Edge offerings. Asavie’s market approach is similar and its products and services portfolio appears to complement Akamai’s very well, making it a very good fit for the company. Not only will it enhance Akamai’s SME positioning on the secure connectivity space, but it will also boost its offerings for carriers in the IoT space.”

“Carriers have had a checkered history at best, in understanding and making the most of data services. Mobile Internet took off because of smartphone manufacturers (Apple) and Internet companies – not through carrier offerings. Although carriers appear to be more proactive and forward-looking with regards to IoT, they should not expect to have the foresight to see what services and business cases will make 5G and IoT truly profitable. Rather, their main focus should be on enabling the secure and flexible infrastructure that can ultimately enable others to develop the use cases. The next logical step would then be for carriers to develop IoT orchestration platforms that can manage much larger parts of the IoT value chain. If they succeed in this (and even if they don’t) it could result in a major boost for Akamai’s CDN business.”

“In other words, carriers need help with IoT and to that end, Akamai’s acquisition of Asavie may strengthen its ability to support carriers to reach that goal.”


The full findings and implications of The top 5 Cybersecurity & Compliance Trends For 2021 are available for download from the Ecosystm platform. Sign up for Free to download the report.

New call-to-action

2
Ecosystm Predicts: The Top 5 Cybersecurity & Compliance Trends for 2021

5/5 (1)

5/5 (1)

Ecosystm research finds that 47% of organisations re-evaluated cybersecurity risks and management making it the biggest measure undertaken by IT Teams when COVID-19 hit. There is no denying any more that cybersecurity is a key business enabler. This year witnessed cybercrime escalating in all parts of the world and several governments issued advisories warning enterprises and citizens of the increase in the threat landscape, during and post COVID-19. Against this backdrop, Ecosystm Advisors, Alex Woerndle, Andrew Milroy, Carl Woerndle and Claus Mortensen present the top 5 Ecosystm predictions for Cybersecurity & Compliance in 2021.

This is a summary of the predictions, the full report (including the implications) is available to download for free on the Ecosystm platform here.

The Top 5 Cybersecurity & Compliance Trends for 2021

  1. There will be Further Expansion of M&A Activities Through 2021 and Beyond

As predicted last year, the market is set to witness mergers and acquisitions (M&As) to consolidate the market. The pandemic has slowed down M&A activities in 2020. However, the market remains fragmented and there is a demand for consolidation. As the cyber market continues to mature, we expect M&A activities to ramp up over the next couple of years especially once we emerge from COVID-19.  Some organisations that understand the full impact of the shift to remote working and the threats it creates have embraced the opportunity to acquire, based on perceived value due to COVID-19. The recent acquisition of Asavie by Akamai Technologies is a case in point. Asavie’s platform is expected to strengthen Akamai’s IoT and mobile device security and management services.

  1. After a Year of Pandemic Leniency, Regulators will Get Stricter in 2021

The regulators in the EU appear to have gone through a period of relative leniency or less activity during the first few months of the pandemic and have started to increase their efforts after the summer break. Expect regulators – even outside the EU – to step up their enforcement activities in 2021 and seek larger penalties for breaches.

Governments continue to evolve their Compliance policies across broader sectors, which will impact all industries. As an example, in Australia, the Federal Government has made changes to its definition of critical infrastructure, which brings mandates to many more organisations. Governments have shown an acute awareness of the rise in cyber-attacks highlighted by several high-profile breaches reported in mainstream media. Insider threats – highlighted by Tesla, where an employee raised the allegations of bribery by unknown third parties in exchange for exfiltrating corporate information – will also lead regulators to double down on their enforcement activities.

  1. The Zero Trust Model Will Gain Momentum

Remote working has challenged the traditional network security perimeter model. The use of personal and corporate devices to access the network via public networks and third-party clouds is creating more opportunity for attackers. Organisations have started turning to a Zero Trust security model to mitigate the risk, applying advanced authentication and continuous monitoring. We expect the adoption of the Zero Trust model to gain momentum through 2021. This will also see an increase in managed services around active security monitoring such as Threat Detection & Response and the increased adoption of authentication technologies. With an eye on the future, especially around quantum computing, authentication technologies will need to continually evolve.

  1. The Endpoint Will be the Weakest Link

The attack surface continues to grow exponentially, with the increase in remote working, IoT devices and multicloud environments. Remote endpoints require the same, if not higher levels of security than assets that sit within corporate firewalls, and it will become very clear to organisations that endpoints are the most vulnerable. Remote workers are often using unsecure home Wi-Fi connections and unpatched VPNs, and are increasingly vulnerable to phishing attacks. IoT device passwords are often so weak that brute-force attackers can enter networks in milliseconds.

Although endpoint security can be dealt with through strict policies together with hardware or software authentication, the difficult part is to adopt an approach that retains a relatively high level of security without having a too negative an impact on the employee experience. Experience shows that if the security measures are too cumbersome, employees will find ways to circumvent them.

  1. Hackers Will Turn the Table on AI Security

Cybersecurity vendors are increasingly offering solutions that leverage AI to identify and stop cyber-attacks with less human intervention than is typically expected or needed with traditional security approaches. AI can enhance cybersecurity by better predicting attacks enabling more proactive countermeasures, shortening response times, and potentially saving cybersecurity investment costs. The problem is that the exact same thing applies to the hackers. By leveraging AI, the costs and efforts needed to launch and coordinate large hacker attacks will also go down. Hackers can automate their attacks well beyond the use of botnets, target and customise their attacks with more granularity than before and can effectively target the biggest weakness of any IT security system – people.

Already, phishing attacks account for many of the breaches we see today typically by employees being tricked into sharing their IT credentials via email or over the phone. As we move forward, these types of attacks will become much more sophisticated. Many of the deepfake videos we see have been made using cheap or free AI-enabled apps that are easy enough for even a child to use. As we move into 2021, this ability to manipulate both video and audio will increasingly enable attackers to accurately impersonate individuals.


New call-to-action
5
The Cybercrime Pandemic

5/5 (2)

5/5 (2) Organisations across the globe, are facing disruption on a scale never seen before, and are urgently seeking ways of remaining viable. Predictably, cybersecurity is a secondary concern and is often handled reactively. To make matters worse, a chronic cybersecurity skills shortage is being made much more severe by the crisis.

Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cyber criminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly. Containing and suppressing this cybercrime pandemic is proving to be almost impossible.

Remote working intensifies known threats posed by phishing and ransomware. More alarming are the distinctive cybersecurity vulnerabilities associated with home working including reliance on home Wi-Fi, increased use of unpatched VPNs and devices, and the exponential growth of network access points. These vulnerabilities increase the likelihood of a breach enormously.

Corporate IT is in a very challenging position. It needs to ensure that organisations can operate in a way that they have never operated before, while ensuring that their assets are secure – a very difficult, if not an impossible task for which there is no precedent.

Some important cybersecurity considerations, during and after the COVID-19 pandemic include:

Re-enforce Basic Cyber Hygiene

As massive numbers of people work from home, basic cyber hygiene becomes more critical than ever before. Organisations must maintain awareness of security threats among employees, ensure security policies are being followed and be certain that corporate software is being updated and patched on time. With a dispersed workforce, these basic practices are more challenging, and training becomes more critical. Phishing attacks are often the primary attack vector for malicious actors, so employees must be able to identify these attacks. They increasingly exploit shortages of goods such as protective equipment and sometimes claim to offer official information relating to COVID-19.

Remote employees often access sensitive business data through home Wi-Fi networks that will not have the same security controls – such as firewalls – that are used in offices. There is more connectivity from remote locations, which requires greater focus on data privacy, and hunting for intrusions from a much larger number of entry points.

Place More Focus on Endpoint Security

The unprecedented switch to remote working is radically increasing the number of vulnerable endpoints. Given that endpoints are located at a distance from corporate premises, it is frequently difficult for IT departments to configure endpoint systems and install necessary security software.

It is vital to assess the security posture of all endpoints connecting to the corporate network. This practice enables an organisation to determine whether or not an endpoint requesting to access internal resources meets security policy requirements. It requires the ability to monitor and enforce policy across all devices, while making onboarding and offboarding seamless.

It is essential that endpoint solutions can be rapidly deployed for remote workers, as needed on both personal and corporate devices. Devices used for remote work need much more than the basic antivirus and antispyware protection. Multi-factor authentication (MFA) and on-board endpoint detection and response (EDR) capabilities are crucial.

Be More Selective About How and When Video Conferencing and Collaboration Platforms are Used

Since lockdowns spread around the world, the use of video conferencing and collaboration tools has grown beyond the wildest expectations of suppliers of these tools. The extraordinary growth of Zoom has made it a target for attackers. Many security vulnerabilities have been discovered with Zoom such as, a vulnerability to UNC path injection in the client chat feature, which allows hackers to steal Windows credentials, keeping decryption keys in the cloud which can potentially be accessed by hackers and gives the ability for trolls to ‘Zoombomb’ open and unprotected meetings. Zoom has so far managed to augment its security features in part by its recent acquisition of Keybase, a secure messaging service.

Switching to an alternative video conferencing platform will not necessarily offer greater levels of security as privacy is typically not a strength of any collaboration platform. Collaboration platforms tend to tread a fine line between a great experience and security. Too much security can cause performance and usability to be impacted negatively. Too little security, as we have seen, allows hackers to find vulnerabilities. If data privacy is critical for a meeting, then perhaps collaboration platforms should not be used, or organisations should not share critical information on them.

Protect all Cloud Workloads

In today’s remote working paradigm, cloud computing is being used more than ever. This frequently exposes organisations to risks that are not adequately mitigated.

Organisations typically need to manage a mix of on-premises technology together with multiple clouds, which are often poorly integrated.  These complexities are compounded by the increasing risk from cyberattacks associated with cloud migration and hybrid cloud implementations. In cloud environments, the leading cybersecurity risks include insecure interfaces and APIs, data breaches and data loss, unauthorised access, DDoS attacks, and a lack of a unified view of assets.

Protection requirements for securing hybrid multicloud environments are evolving rapidly. In addition to tightening up endpoint security, organisations must also place greater emphasis on cloud workload protection. Cloud security solutions need to offer a unified and consistent view across all physical machines, virtual machines, serverless workloads and containers, used by an organisation.

Amend Incident Response Plans

It is the containment of breaches that often determines the success of security policies and procedures. Basic cyber hygiene as well as changes to IT architecture, such as micro segmentation, play an essential role in breach containment. But incident response plans also need to be made relevant to the current pandemic scenario.

Employees and IT teams are now working in a completely different environment than envisaged by most incident response plans. Existing plans may now be obsolete. At the very least, they will need to be modified. Usually, incident response plans are designed to respond to threats when most employees are operating in a corporate environment. This clearly needs to change. Employees need to be trained in the updated plan and know how to reach support if they believe that a security breach has occurred in their remote location.

Critically, new alert and warning systems need to be established, which can be used by employees to warn of threats as well as to receive information on threats and best practices.

 

Organisations are struggling to keep the lights on. In this battle to remain operational, cybersecurity has been taking a back seat. This cannot last for long as the deluge of new vulnerabilities is creating easy pickings for attackers. Cyber hygiene, endpoint security, cloud security, security policies and incident response plans must be continually reviewed.


This blog is based on Andrew Milroy’s recent report titled “Cybersecurity in the COVID-19 Era”.
Click here to download the full report ?

Download Report


1