Fabrizio Croce, Regional Director, Southern Europe and Middle East, WatchGuard discusses the importance of guarding encrypted traffic, and offers his predictions for 2015.
What can businesses do to protect the increasing threats on their encrypted streams?
The MENA region is a major target for cyber threats and malware. First, the region suffers all the normal malware infections (Trojans, worms, botnets, viruses) that affect the rest of the world, but also seems to suffer a higher infection rate than other regions. Hence information security will be taken seriously.
Improved efficiency and low expenditures are factors that organisations believe will make a difference too. Companies are looking to streamline their systems so that information is easily made available.
WatchGuard recently announced a new generation of firewalls; the Firebox M400 and M500. How can these innovations benefit SMBs in the region?
There’s a rise in encrypted traffic and addressing these threats within encrypted streams is imperative. According to Gartner, more than half of the network attacks targeting enterprises will use encrypted traffic to bypass controls, up from less than five percent today.
The Firebox M400 and M500 appliances are specifically designed for mid-size and distributed enterprises, which are struggling to effectively and affordably secure networks in the face of explosive growth in bandwidth rates, connection speeds and encrypted traffic. Thus, the new appliances not only benefit SMBs in the region financially, but are also provided with the support they will need, especially when you consider the pace at which encrypted traffic is growing.
How have increased demands from end-users effected the production of these solutions?
The Firebox M400 and M500 firewalls are specifically engineered for mid-sized and distributed enterprises that are struggling to effectively and affordably secure networks. We listen to demands, and deliver, by launching products that meet the needs from enterprises. At the same time, these solutions need to meet our clients’ requirements of being affordable and effective, considering the explosive growth in bandwidth rates, encrypted traffic, video use, and connection speeds.
With an operating system built on the latest generation of processors from Intel, the M400 and M500 have all the power they need to run their security scanning engines in parallel, without causing a bottleneck in performance. This ensures network pros never have to compromise network security for performance.
How have you made your solutions adaptable to the changing threat landscape?
With our UTM solutions, enterprises are provided with the flexibility to add any of our powerful subscriptions, whichever is needed in key industries. The UTM solution can easily be upgraded to a higher appliance model within the line with a software license key, and simplifies administration tasks including log file management, auditing, and compliance reporting to keep IT productivity high.
While keeping their productivity high, it also allows the IT staff to have more time to focus on other areas of network administration, while also saving money on support and hardware costs.
Are there security issues that are unique to this region? How do you go about addressing those particular issues?
Like the rest of the world, the MENA region suffers from cyber threats, however it also suffers from higher than average infection rates, and it is one of the main targets for APT attacks.
We work with a selection of channel partners in the region that are well qualified and trained to deliver solutions to enterprises. The partnerships that we are continuing to develop in the region highlight the commitment that there is for technological advancements. With such a vast range of industry verticals basing themselves in the region, companies are looking for specialised solutions. WatchGuard and our partners continue to deliver and personalise these solutions to suit the demands, and continue to work together to develop new products to increase business security.
What do you see as the biggest future threat, in terms of IT security?
Our predictions for next year are:
Our reliance on encryption will rise while governments will try to restrict and bypass it:
Security pros have always recommended encryption to protect data. However, both users and the industry have historically been slow to adopt encryption at a wide scale – likely due to its complexity and resource expense. That is changing. Between Snowden’s revelations and an increase in breaches, we realise ‘bad actors’ are snooping on our communications, and our privacy is at risk.
Cloud adoption plateaus due to privacy and security concerns:
Security pundits have always been a bit suspicious and slow to adopt certain cloud services, especially when the service requires you to share sensitive data with an external cloud vendor, or give up some control. Despite this, businesses have quickly and widely adopted many cloud services, presumably because they offer so much business advantage. For instance, web hosting and email have become services many companies choose to host elsewhere. However, this cloud adoption will slow and plateau in 2015. Between the “Snowden effect” and a number of popular cloud services getting breached and leaking data, organisations will be more concerned with where they put certain sensitive information.
Targeted attacks increase, focusing on business verticals:
There’s always been a mild debate between opportunistic and targeted attacks, and whether one or the other poses the bigger threat. One might say opportunistic attacks are more threatening because they affect everyone and happen at a large scale, whereas another points out targeted attacks tend to be more sophisticated and result in more damaging losses. While both threats pose risk, and can affect everyone, some new trends will tip the favour toward targeted threats next year, while also expanding the affected target base. Targeted attacks have increased and become more sophisticated largely due to the fact that cyber criminals have matured. They now realise writing malware costs something and they need a return on their investment.