Security is everyone’s job, not just that of the CISO and the security team: DEREK MANKY, Chief, Security Insights & Global Threat Alliances, Fortiguard Labs

By: |
February 11, 2021 2:00 AM

This is a huge focus for us, to go beyond our own research to lead, interact, share, and foster the sharing of actionable threat intelligence.

DEREK MANKY, Chief, Security Insights & Global Threat Alliances, Fortiguard LabsDEREK MANKY, Chief, Security Insights & Global Threat Alliances, Fortiguard Labs

Cybersecurity defences are only as good as the threat intelligence which feeds them, making threat information a critical element for protecting against cyber threats, says Derek Manky, chief, Security Insights & Global Threat Alliances, FortiGuard Labs, the threat intelligence and research organisation at Fortinet. “Effectively defending against cyberattacks today requires security teams to work smarter rather than harder,” says in an interaction with Sudhir Chowdhary. Excerpts:

Give us an overview about the threat intelligence team at FortiGuard Labs?
When asked by partners or CISOs I meet, I often talk about how FortiGuard Labs has brought together some of the brightest and most knowledgeable threat hunters, researchers, analysts, tool developers, and data scientists in the industry, located in research labs around the world. But that’s just the start. FortiGuard Labs has also designed, trained, and delivered one of the most advanced AI and ML platforms to augment the efforts of the FortiGuard Labs team. Our primary mission is to provide Fortinet customers with the best threat intelligence designed to protect them from malicious cyberattacks.

From a threat landscape and research point of view, what should be known about FortiGuard Labs?
One of the most important aspect of our research is that our telemetry is gathered from Fortinet’s millions of sensors which helps the FortiGuard Labs team identify the real-world threats our customers face. These include threats discovered on network, endpoint, and IoT devices, as well as those embedded in emails, applications, and on the web. But there is more. FortiGuard Labs also has a successful zero-day detection and research operation. Our researchers study threat actors and cybercriminals in order to understand their motives, techniques, and patterns and use that knowledge to help protect our customers.

Partnerships seem to be a big part of threat intelligence today, how is FortiGuard Labs leading in this area?
This is a huge focus for us, to go beyond our own research to lead, interact, share, and foster the sharing of actionable threat intelligence. For example, Fortinet co-founded the Cyber Threat Alliance (CTA). Fortinet is also a founding member of and is supporting multiple initiatives for the WEF Centre for Cybersecurity holding one of only two permanent seats on this international council. Fortinet is actively engaged with and has bi-directional threat intelligence feed relationships with more than 200 partners.

What impact do these relationships and this information sharing have on threat intelligence?
Today there are a massive amount of security challenges researchers need to be aware of and proficient in to protect against attacks. Different threat actors specialise in network attacks, software attacks, cloud-based attacks, container-based attacks, attacks against critical infrastructure, IoT devices, and many other types of threats. Attackers need to only be proficient in one type of threat, while defenders need to understand a large variety of attack surfaces. Effectively defending against cyberattacks today requires security teams to work smarter rather than harder.

Security teams need a combination of knowledge, experience, tools, strategy, automation, and skilled professionals to monitor the entire attack chain and automate as much of the process as possible so that human resources can be focused on higher order analysis and response. Threat Intelligence sharing gives researchers and defenders an opportunity to better understand the entire length of the attack chain and how vulnerabilities in each of its links can compromise the security of your network.

Security is everyone’s job, not just that of the CISO and the security team. All employees inside a company need to be aware of ongoing threats and why everyone needs to be cautious.

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, Check out latest IPO News, Best Performing IPOs, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1OnePlus ‘officially’ merges with Oppo to build better products, roll out faster software updates
2Penalise Twitter for non-compliance, says IT industry veteran T V Mohandas Pai
3Jio tops 4G chart with 20.7 mbps download speed in May, Vodafone Idea in upload: Trai