Channel, Insight, Opinion, Security

Fortinet’s Derek Manky on the importance of threat intelligence to partner business

Derek Manky, Fortinet

Organisations of all sizes are working to prioritise security initiatives as cyber threats become more targeted and sophisticated.

Aware of the consequences a breach can have on business operations, organisations are seeking to deploy more security controls throughout the network and build out security teams. When implementing these initiatives, organisations should focus on attaining accurate, current threat intelligence. This is what will inform strategy, personnel, and security solutions.

Why is threat intelligence so important? Your customers are facing an onslaught of threats. Cyber criminals are using automation to operate at machine speed and have become more adept at evading security measures in their attacks, meaning a successful attack is inevitable. The focus now must turn to locating those attacks in complex network environments and addressing them in as little time as possible.

Threat intelligence gives IT teams essential context on the types of threats and vulnerabilities that are trending among attackers to ensure fast response times across distributed environments.

The ability to provide cutting-edge threat intelligence on a regular basis allows Fortinet partners to consistently deliver value to customers through informed security strategy.

Our partners are enabled by the full force of FortiGuard Labs, our threat intelligence division. Security researchers and analysts at FortiGuard Labs evaluate security incidents and alerts detected by the millions of Fortinet threat sensors, honeypots, and collectors deployed around the globe to understand where networks are weakest at any given time.

In the wake of the cybersecurity skills gap, which makes it nearly impossible for your customers to employ security researchers in house, access to this research makes partners a highly valuable resource.

It is important to provide support for partners with threat research in several ways such as helping partners become expert advisors for customers, offering support to customer accounts, and enabling regular training for partners in emerging threats. Partners must provide their customers with regular insights into cyber-criminal capabilities, motives, goals and trending cyberattack infrastructure and resources.

Partners must be able to access threat intelligence via weekly threat intelligence briefs, playbooks, threat early warnings, quarterly threat reports.

As a founding member of the Cyber Threat Alliance, Fortinet is able to share threat information with other member organisations to improve threat awareness and minimize the efficacy of attack campaigns. This means partners are not only getting information from Fortinet’s own team, but also threat research from other leaders in the industry.

What this means for your customers?

Access to this threat intelligence can offer immense benefits to your customers as they ramp up security efforts, addressing several key challenges:

  • Reduce Complexity and Increase Visibility

Your customers are working within increasingly complex networks as cloud environments, apps, and devices are introduced. Many are also working with an assortment of disparate security controls, the lack of integration of which can actually cause blind spots when it comes to threat detection and remediation. Centralised threat intelligence offered by partners can help break down information silos across network security teams and devices, ensuring all parties are acting on the same, most current data. This will also increase adaptive visibility giving customers insight into security events occurring locally and globally, enabling them to adapt strategy based on real-time threat intelligence when using the integrated Security Fabric.

  • Prioritise Speed

The goal of modern security teams must be to detect anomalous activity in the network and respond to it as quickly as possible. This is a departure from perimeter-based security strategies of the past.  Today’s cyber criminals work so fast that perimeter defenses are not enough. When informed about current attack vectors and vulnerabilities, customers can more quickly identify malicious activity in the network and act upon it. Furthermore, based on this intelligence, partners can more knowledgeably help customers build and adapt their security strategies to ensure the necessary controls are in place, without compromising performance or speed of business operations. This is essential to effectively secure digital transformation.

  • Leverage Automation

Finally, partners can assist by outfitting their customers with security controls that are informed by this current threat data, and constantly share new discoveries and alerts across other controls. Fortinet’s security fabric incorporates controls that are integrated and regularly updated with the most recent threat intelligence. This allows customers to automate responses to threats. These tools can more readily detect the most recent attack vectors and evasion tactics, and issue automated responses to ensure minimal dwell time.

As your customers aim to increase their security capabilities, they should begin by obtaining access to current threat intelligence to inform broader strategy. Fortinet partners can be of value here, offering access to comprehensive threat intelligence to help customers stay a step ahead of adversaries.

Previous ArticleNext Article


The free newsletter covering the top industry headlines