One of the new battlefields of today is the rise of the edge. On the one hand this domain brings significant functional and economic benefits, enabling the emergence of a new breed of real-time applications, but at the same time such a plethora of devices augments the attack surface, creating new entry doors into the corporate network.
The laptops, smartphones, security cameras and sensors in items that you’re tracking all make it easier to do business and manage your operations. They also vastly increase the playground that hackers can target, warns Alain Sanchez, EMEA chief information security officer, senior evangelist at Fortinet.
Speaking during Fortinet’s recent Security Day Africa event, Sanchez highlighted some pros and cons behind the massive growth in edge computing, which allows companies to capture, store, process and analyse data where it is generated, instead of in a centralised data-processing warehouse.
Ecosystem of the edge
It’s being enabled by the high speeds and low latency of 5G network architecture. That low latency has created an ecosystem at the edge of the network that empowers people and AI (artificial intelligence) by letting them make decisions as close as possible to the operations without generating traffic back and forth. It’s making organisations flatter with faster decision-making processes, but it opens up more routes for attackers to infiltrate. 5G also makes swarm-based attacks more likely because its distributed architecture uses building blocks that can be shared amongst telecommunications services.
Edge computing is generating investments worth $4,68 billion in the US only in 2020. “We are living in a moment of digital acceleration that will not stop. But these digital transformations carry threats by increasing the number of touchpoints to attack,” Sanchez warned. “This rise of the edge is something very important that we have to deal with in the coming months and years.”
The Covid-19 pandemic that pushed people into working from home accelerated the move to edge computing. It also increased the risk, by putting people who don’t understand the sophistication of cybercriminals and the threats they pose in charge of their own security.
“Everyone has the temptation to adopt one single password for every application because it’s easier to remember, but look at the damage it can cause. It’s a series of open doors into all your information,” Sanchez said. “Many people are connecting to business-critical applications through home-grade routers. Some are doing video conferences with a PC that one hour ago was downloading games from a not-so-clean server.”
In Africa last year, many of the recorded attacks took advantage of the presence of Covid-19 by specifically targeting this new architecture. The switch towards remote working has also accelerated cloud computing, which carries other risks as data is distributed more broadly. The benefits of the cloud must be protected by a security posture, rules and strategy that sit on top of it, he said.
Traditional security strategies can’t keep up with the risks posed by this expanding attack surface, given the ever-increasing professionalism and volume of cyber-attacks. Protecting a business now requires what Fortinet dubs ‘security-driven networking’ that tightly integrates a security architecture and the network infrastructure into one platform containing all the necessary components to keep a network secure as it scales and changes. The networking and security functions will merge into one connectivity layer involving a series of hybrid, moving clouds.
At the moment, multi-cloud strategy is emerging as a massive trend, 71% of organisations are embarked on a multi-cloud transformation. Now if this mitigates the risks, it also adds management complexity and increases the attack surface. In this context the need for a single management pane is crucial; 78% of security professionals see it as extremely helpful, according to the 2021 Cloud Security report. “Security is a common strength across all the elements of the information system and has to provide end-to-end visibility and the ability to understand, analyse and act,” he said.
To help achieve that, Fortinet has developed solutions that leverage ML (machine learning) that learn a user’s normal behaviour and flag any behaviour that doesn’t match their credentials.
This trend towards security-driven networking will benefit companies by protecting their edge computing endeavours and let the security officers deal with the various scenarios that will unfold in the future.
© Technews Publishing (Pty) Ltd | All Rights Reserved