This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
Michael Xie, founder, president and CTO of Fortinet.
For anyone reading the news regularly, it's not hard to grasp that cyber threats are getting more sophisticated and damaging by the day. From a security technology provider's perspective, I can add that tackling them is a fast mounting challenge for the millions of businesses that come under attack daily.
Modern cybersecurity technologies - assuming you have already put in place the right professionals, policies and processes - are a must but organizations deploying them need to look beyond the boxes that sit on their racks.
What underpins the security appliances is invisible, but plays a pivotal role in ensuring that those boxes block the threats that imperil your business. Threat intelligence - or more specifically, the security appliances' ability to know the ins-and-outs of the evolving threat landscape and respond to them appropriately - is the fuel that powers your cyber defences.
Getting timely, accurate and predictive threat intelligence is much tougher than it sounds. It calls for a robust R&D set-up, which comprises a few components:
1. Divide and conquer - In many aspects of business, large teams equate to large outputs. When trying to outsmart well motivated cybercriminals, however, following conventional wisdom seldom works well. In my experience, an effective threat research organisation should be made up of many small teams, with each team dedicated to a particular type of threat. Creating such research focuses boosts each team's specialization and competency - leading to faster discovery of threats, and the identification of more threats - while shortening customer response times to incidents.
2. Stay fleet-footed - Threat research teams must be nimble. The threat landscape is highly dynamic, changing by the day, or even hours and minutes. The teams must be able to adjust their priorities and refocus on the fly. At Fortinet, for instance, based on our projections of how the threat landscape will evolve, research plans are updated. From the new directions identified, researchers with the most appropriate skill sets are selected to join specific task forces to delve into those emerging threats. Examples of such threats in recent times include IoT, ransomware and autonomous malware.
3. See the big picture - Researchers must be encouraged to think big and pursue their own interests, even if those interests don't have a direct link to the company's products. Research on IoT vulnerabilities, for instance, can deepen an enterprise security provider's understanding of the threat landscape.
Sign up for Computerworld eNewsletters.