Ken Xie, CEO
The emerging digital economy is requiring businesses to process and analyze increasing volumes of data to make critical business decisions. The shift towards digitalization is forcing financial services institutions to rethink their business models so they can keep pace with the real-time expectations inherent in their market sector. While cloud capabilities and open source infrastructures have helped make enterprises more effective and efficient, new threats and vulnerabilities surrounding these new infrastructures have become a pressing concern. Combating these cybersecurity challenges becomes more complex each day as cybercriminals find new, innovative ways to steal and manipulate data. According to Ken Xie, CEO and Founder of Fortinet, a leading cybersecurity company, an integrated, fabric approach to cybersecurity is critical to protect against the growing number of cyber adversaries and the expanding attack surface. Fortinet takes this idea of an integrated and adaptive security framework from concept to reality with its comprehensive security architecture.
"Fortinet has consistently anticipated the threats and vulnerabilities of the future, and built solutions before the threats emerge"
Founded in 2000, Fortinet has a long-standing history of delivering highly integrated, best-in-class security to companies across a myriad of industries, especially to financial services organizations, where Fortinet fills a unique void. Xie points to the complexity that capital markets face in keeping their data, systems, and end users safe. “Financial services have evolved from person-to-person transactions to a fully digital business model moving at wire speed. To meet these new business demands, the industry’s networks have also evolved.” These networks need to address such challenges as consumers connecting to infrastructure through mobile or IoT devices, enabling real time access to information and transactions from anywhere, producing innovative analytics designed for investment customers, and the ability to personalize the applications and services being used by both consumers and employees.
With these new expectations, implementing the right steps to maintain a high level of performance without compromising the security that financial organizations require has become increasingly complex. Traditionally, as new threats continue to emerge, financial organizations would deploy security point products into an already complex infrastructure, usually built around isolated solutions from a variety of vendors. To meet the dynamic demands that the market requires today, however, it's important for companies to move away from simply building higher walls that restrict movement and access, and replace it with an adaptive defense-in-depth, risk-based approach that connects security devices into a holistic framework. "The biggest security challenge we keep hearing from customers is the need to consolidate and automate security infrastructure," says Xie.
Many financial services customers have 40 or more different security vendors inside their networks. The complex infrastructure includes multiple firewalls, antivirus tools, intrusion detection and prevention systems, SIEM and advanced threat protection tools, such as sandboxes, email security appliances, web security tools, and endpoint security. Because these products operate in isolation with separate management systems, interoperability challenges are daunting.
Fortinet is actively directing the future of threat intelligence standards and protocols through our ongoing collaboration with global law enforcement and government institutions
For example, while individual security tools are often able to collect important threat intelligence, IT teams are forced to hand correlate this information in order to detect and respond to sophisticated threats.
Fortinet works to address this challenge by providing a security fabric architecture that reduces complexity. Xie explains, “While it is critical to ensure effective security, financial institutions must also be able to conduct business in real time, without network slowdowns." An integrated fabric approach to security allows companies to share pertinent information across and between management consoles, correlate important data, and synchronize a coordinated response to detected threats simultaneously across the distributed network, without compromising business. The key to better security is the ability to deliver the automation, integration, and performance required, while keeping pace with the speed of business.
The Fabric Approach
Fortinet understands the trends driving today’s security concerns, including cloud computing, the Internet of Things (IoT), Mobility, and Big Data analytics. Addressing these trends within an evolving IT infrastructure while driving business value is a challenge nearly all companies face today. Fortinet has taken a unique approach through its Fortinet Security Fabric architecture, designed to address the challenges in security brought by evolving network ecosystems.
Xie breaks down the unique positioning of the company’s broad solutions. “Fortinet is the only company with a security fabric architecture designed to provide unified security across the entire network, including network core, endpoints, applications, data centers, private and public cloud, and access. The Fabric is designed to enable traditionally disparate security devices to work together as an integrated and collaborative security fabric.” The Fortinet Security Fabric’s interconnected security approach, built around open API standards, can scale and dynamically adapt to the needs of any business in any industry, offering intuitive awareness, actionable intelligence on threats, and automated, synchronized response. It allows organizations to have greater visibility over their entire security infrastructure, segment traffic and applications end to end, and the ability to continually prevent, detect, and mitigate cybersecurity threats. The end goal is to deliver comprehensive security that is broad, powerful, and automated, even for the most complex business models like capital markets.
Fortinet has spent a significant amount of time, capital, and effort to develop security solutions that meet the unique needs of various organizations. Xie states, “We consistently earn top scores in independent tests, including being recommended by NSS Labs, because we offer innovative and world class security coupled with flexible deployment options, including hardware, virtual, and cloud solutions.” The company’s over 2.5 million threat sensors worldwide, comprised of both hardware and virtual solutions, collect and correlate over 50 billion threat events each day. Fortinet’s global team of global cybersecurity researchers, FortiGuard Labs, works around the clock to reinforce and supplement this intelligence.
For over 16 years, their sole focus has been to survey the cyberthreat landscape, conduct research and analysis, and provide customers with actionable threat intelligence for the prevention of attacks and near real-time incident response.
Fortinet’s collaborative security solutions protect the valuable assets of some of the largest financial services institutions, operating in markets around the world.
In addition to solution development and integration, and threat intelligence and research, Fortinet continues to move the needle by developing and maintaining strategic industry, technology ecosystem, and public sector alliances. Xie states, “Fortinet is actively directing the future of threat intelligence standards and protocols through our ongoing collaboration with global law enforcement and government institutions. For example, we have collaborated with INTERPOL for over a year, helping catch a global cybercriminal gang last year. We also recently announced a partnership agreement with the NATO Industry Cyber Partnership (NICP), and we are a founding member of the Cyber Threat Alliance.” Contributing to critical threat research in the landscape of enterprise security through industry organizations like the Cyber Threat Alliance allows Fortinet to contribute directly to the greater mission of every security vendor doing business throughout the world. “Sharing critical threat intelligence is a crucial part of our responsibility, and partnerships in this area will continue to be a major focus for Fortinet in the future. There are many companies working hard to respond to the security problems enterprises are facing right now, but in most cases these responses are reactive. Fortinet, on the other hand, has consistently anticipated the threats and vulnerabilities of the future, and built solutions before the threats emerge.”
Looking ahead, the company plans to continue its leading innovation in cybersecurity solutions that span the entire environment, providing unified visibility into every aspect of the framework—from across the cloud and out to every endpoint and IoT device. The speed at which today’s cyberattacks take place creates the need for security devices to collaborate in a way that enables a synchronized, automatic response to threats without waiting for human intervention. “This can’t happen with the traditional model of simply deploying additional isolated security devices and platforms every time the network changes. What is needed is an integrated, open API-based approach that matches the speed of changes being made to the network,” says Xie.
To do this efficiently in the future, Fortinet focuses its efforts on cultivating a team environment within its own business structure, with a clear commitment to innovation. Fortinet’s culture is invention-focused, as evidenced by a patent reward program open to all employees. Everyone is encouraged to submit ideas for consideration, and specialists help guide new applicants through the patent submission process. This unique program has led to an impressive 343 patents issued worldwide and 280 additional patents pending, which is over ten times greater than their nearest competitor. In the true spirit of innovation, Xie states, “We can see how the internet is evolving and how cybersecurity will play an increasingly important role, with a demanding growth curve over the next 20 years. The requirements keep changing, the attack surface is getting larger, and the threats are getting more sophisticated. For a business to remain successful in this space, it needs to keep innovating, constantly improving its technology to help financial services institutions solve their business and security challenges.”