In an exclusive interview with Telecom Review during the 18th edition of the Telecom Review Leaders’ Summit, Shadi Khuffash, Senior Director for the South Middle East, Fortinet, discussed the company’s initiatives, collaborations, and journey to enhancing global cybersecurity.
From a cybersecurity perspective, what are the key challenges for enterprises in accelerating their transition to the cloud?
The journey to the cloud is not as simple as people think. As a cybersecurity leader, many things need to be considered in this transition and migration. Moving from a traditional data center on-premises solution to the cloud needs a completely new mindset; things have to be looked at from a regulatory perspective. For example, ‘Are we compliant with both regulation or local regulations?’ These are the questions that service providers need to ask, and, depending on the data, will need to adapt and migrate.
The next challenge: visibility and control. These are some of the key concerns for many service providers in their transition, especially since there are too many internal players involved when trying to monitor asset, application, or system migration.
Another concern is identity and access management. With multiple roles involved in managing the cloud, there has to be control. There has to be some visible audit of those assets because things can be moved, and applications are rolled out regularly.
The skills gap is also a real and growing concern, according to most of the conversations we’ve had with our customers, because the mindset needed for cloud security is completely different from a traditional on-premises mindset. There is no longer a traditional perimeter or IP address (as used on-premises); it is a complex journey but worth it in the end.
Please tell us a bit about Fortinet’s investment in the fast-growing unified SASE and security operations markets.
These are two of the key pillars of Fortinet's go-to-market strategy. We have significantly invested in these areas, ensuring we provide an integrated and automated platform for our customers and creating threat intelligence sharing between different components to offer maximum security and enhanced user experience.
Fortinet is heavily investing in SASE and security operations (SecOps). These are homegrown solutions, particularly SASE. We rely on our homegrown ASIC chips, which are known for accelerating performance. By combining that with our SASE and security capabilities, we can provide the best breed of SASE solutions to our customers and extend them through our platform or Security Fabric via SD-WAN, next-generation firewalling, and more.
The multiple components of our SecOps provide automation and intelligence tools as well as visibility and control for our customers, maximizing the security of their premises.
In what ways is Fortinet addressing global cyber resilience challenges through collaboration with leading public and private sector organizations?
Cyber resilience is one of our core values, and is driven directly by our founders. We have pledged to the market at a global level to train, certify, and prepare 1,000,000 people in cybersecurity by 2026, establishing a new skilled workforce in the cybersecurity domain. We are also a strong believer of private-public partnerships. We have partnered with numerous industry bodies such as Interpol for cybercrime and NATO for state-sponsored threat actors.
At the local level, we also have great partnerships with government bodies and entities. Earlier this year, we signed a Memorandum of Understanding (MoU) with the Cybersecurity Council to share threat intelligence and best practices to protect the United Arab Emirates (UAE). We have invested a lot as well in training and development, establishing the Fortinet Academy and Fortinet Security Awareness Program, which are dedicated not only to university graduates but also to primary and secondary school students. So, even in early childhood, we are trying to make children more aware of cyber risks, such as cyberbullying, social media, and many more.
We are also big on community initiatives, developing bespoke initiatives for the UAE. Earlier this year we conducted the ‘Flag the Hack’ event in partnership with the Cybersecurity Council, offering a combination of both threat hunting and detection team activities that outlined how to stop, prepare, and respond to threats.
How is Fortinet harnessing leading machine learning (ML) and AI technologies to provide advanced threat intelligence for its customers?
Artificial intelligence (AI) and machine learning (ML) are nothing new to us; we have been using these for many years.
As one of the largest cybersecurity players in the world, we have devices and installed bases around the world, providing the opportunity to collect a lot of threat intelligence, which cannot be deciphered by humans. We developed AI and ML tools to help us automate detection and identify anomalies and abnormal behaviors. We’ve also developed solutions against that and use predictive analytics.
We use AI, particularly, to mitigate emerging threats. We try to look at historical data and decipher it to respond to those threats at an early stage. For generative AI (GenAI), we use it for many of our solutions, including in our security operations and FortiManager, where we harness its capabilities to enhance the operational side, reduce the complexity of operations, and deliver better results.
Fortinet at TRS-24:
Panel Powered by AWS: Unlocking the Potential of Network Cloudification
TRS-24 Panel: Cybersecurity Under the Spotlight
