Above: Marc Asturias VP, Marketing and Government for Latin America and the Caribbean, Fortinet.
Originally published in Newsday BusinessDay for March 10, 2022
“We’re probably the largest company you may not have heard of,” said Marc Asturias, Vice-president of Marketing and Government Vertical at Fortinet.
“We are the largest cybersecurity company in the world in terms of units sold, and we are number one in Latin America and the Caribbean.”
This position gives Fortinet a sweeping perspective on the state of play for cybersecurity threats worldwide as the company continuously monitors attacks across its secured networks and through sensors on the internet.
FortiGuard Labs is a group of global researchers within the company that’s dedicated to studying the profile of cyberattacks.
These intrusion attempts are detected, processed and analysed at computer speed using artificial intelligence and machine learning so analysts can provide updated information to Fortinet’s customers every five to ten minutes and even sooner in critical situations.
That’s important because Asturias expects that cyberattack techniques in use in the Ukraine invasion to filter into the wild eventually and what he sees happening there is, he said, “is very scary.”
The company processes as many as 10 billion cybersecurity attacks and intrusions each day and is continuously reconfiguring its networks to repel them. Curious about what that looks like? Fortinet has a live threat map that you can view here.
“All that data is aggregated and analyzed by these researchers so that we understand why it’s happening, who are the threat actors and with what purpose?” “Then we aggregate that data to understand exactly what’s happening in the wild.”
Fortinet implements a cybersecurity mesh architecture for protection and is serious about making cybersecurity education accessible at all levels from enterprise to individual home users.
The cybersecurity mesh is an evolution of traditional software tools that integrates them into a network that improves intrusion detection and speeds automated response.
According to a Gartner analysis, cybersecurity mesh designs will reduce data management by up to 70 per cent over the next two years, while reducing the financial impact of individual security incidents by an average of 90 per cent.
Gartner estimates that cloud-based mesh solutions will bring the core elasticity and scalability of cloud computing to the time-sensitive challenge of cybersecurity.
“By 2025,” the report noted, “cloud-native platforms will serve as the foundation for more than 95 per cent of new digital initiatives— up from less than 40 per cent in 2021.”
Fortinet’s mesh product, noted Asturias, offers protection from the firewall to endpoints.
“All those devices are interconnected, and share information with each other to protect in an automated way.”
“All our products integrate one with another, and for organizations that are wanting to make that modernization, now is the time.”
“The beauty of having an automated, integrated system that can take care of the threats at a low level and then raise (alerts) for humans to process at a slower speed is really key but that is not the way most infrastructure is configured today.”
“They have 40 vendors, there are 40 different types of certifications, you have to have 40 different screens to figure out how to manage what is going on and it is not automated.”
The company offers APIs to connect a wide range of products which allows customers to continue using existing solutions they have licensed while integrating Fortinet’s protective mesh into their networks.
Fortinet has also made significant investments in making training accessible, not just to bring more professionals into the industry, but also to improve cybersecurity across the board.
The company has introduced its network security academy program at several universities in Latin America and the Caribbean while making training for both awareness and network certification available for anyone at its website without charge.
There are collaboration agreements underway with the Dominican Republic, Panama, Colombia and Chile. The company has also done business in Trinidad and Tobago over the last 15 years.
Fortinet’s products protect many Fortune 500 companies as well as those on the Global 2000.
Over the last two operating quarters, Fortinet introduced a pilot training project to build cybersecurity awareness in the region at all levels of a business, from security guard to managing director.
“It’s important to note again, that the internet has no borders,” said Asturias.
“A small bank in Trinidad and Tobago is just as important as a very large bank sitting on Wall Street and similar problems will be faced by both organizations while both will really feel the impact of what we can bring to the table.”
Attacks are usually based on the dark web malware projects and profiles, but the Caribbean can expect to see intrusion and phishing attempts that are customised with interfaces that mimic official local websites and messages.
These attacks will become more deceptive and occur with greater frequency.
“The problem is very large,” Asturias said.
“We really need to be cognizant of what’s going on and prepare for it. It’s a hurricane. It’s coming if it hasn’t come already, and there are a lot of things we can do to ensure that our countries are safe.”
Regional vulnerability
Latin America and the Caribbean have logged 10% of all global threats
Log4Jvulnerability: The Latin American countries that registered the most attempts were Peru, Colombia, Argentina, Brazil, and Mexico.
Most significant DDos attack in history: Brazil was the target of about 10% of these attacks, which exceeded one terabit per second several times.
Ransomware: The integrity of the operation of organizations in the region was compromised by this threat in 2021.
Cryptocurrency mining: Execution attempts in Argentina, the Dominican Republic, and Colombia.
Malware and Trojans for Microsoft Office: Detection of download attempts in Argentina, Chile, Mexico, Peru, and Panama.
Phishing campaigns: Using the information on the Omicron variant of COVID as a lure, a massive campaign was deployed to install the RedLine Stealer botnet, which steals user data.