Dec 26, 2013 (Thu): Dato’ Seri George Chang, Fortinet’s Vice President for South East Asia and Hong Kong shares his IT Security Industry insights and outlook for Malaysia in 2014
1) What will be the top technology spending trends for 2014 in Malaysia?
- More and more enterprises will consolidate their security functions for better protection, easier management and lower TCO. Modern security platforms carry the full range of security functions including firewall, VPN, IPS, anti-spam, web filtering, application control, etc and can offer protection better than standalone security appliances.
- Managed services will find greater adoption as cloud computing matures. Such services also make financial sense for organisations looking to reduce Capex in challenging economic environments.
- Mobile workforce and BYOD adoption will grow, as organisations leverage technology to increase productivity and give employees better work-life balance. BYOD brings with it its own set of security challenges and we expect firms to spend more on securing their mobile infrastructure.
- A recent survey which Fortinet commissioned Frost & Sullivan to conduct shows that senior IT professionals are keen to turn their data centre into a security command post in the next 12 months. This is happening as more organisations embrace private cloud and put critical information in their data centres. As a result, data centre security spending is likely to rise.
2) What issues do you see confronting Malaysia organisations throughout 2014?
As with other parts of the world, the main issue confronting Malaysia is the proliferation of online threats that are getting more sophisticated by the day.
Advanced persistent threats (APTs), for example, have been in the news lately and are a veritable threat to governments and enterprises. APTs are crafted to evade traditional security tools like firewalls, intrusion prevention systems and antivirus gateways to gather intelligence from organisations.
To deal with APTs and other advanced threats, organisations need to educate users, maintain up to date security policies and systems, and adopt an intelligent multi-layered security set-up made up of solutions with advanced inspection capabilities.
A recent survey of young professionals done by Fortinet in 20 countries globally (including some countries in Asia Pacific) illustrates this well. With the rise of mobile devices, wearable technologies like smart watches and Google Glass, and the use of personal cloud services like Dropbox in the workplace, organisations need to set and enforce policies for their employees, and make sure they are aware of the security implications of their actions. Organisations should be especially diligent in these efforts because the survey found a large number of users willing to contravene corporate policies in order to use their mobile devices, wearable technologies or personal cloud services. The survey also found that security literacy levels are typically low, and companies could do more to educate their users.
3) How different will 2014 be from 2013 relating to management strategy, approach to IT infrastructure, spending and business confidence?
Senior IT executives need to be more conscious of the big-picture impact of IT, more strategic and more customer-oriented. Here are a few key findings from the Fortinet-Frost & Sullivan survey mentioned earlier:
- CEOs want to/will become more involved in IT security decision making
- Customer satisfaction will become the top reason for firms to adopt IT security, ahead of compliance and risk reduction
- Organisations want greater value from their IT (security) investments. Example include consolidated security platforms for greater protection, easier management and better TCO, and more value-added services from their solution providers
More and more firms are realizing that security is not the remit of the IT department alone. The impact of a security breach on business is real and broad, and management wants to be proactively involved in preventing it. The survey found that CEOs now have unprecedented involvement in security decision-making, ahead of CFOs and even CIOs. Senior IT executives need to take this into account. They need to become more big-picture and strategic, and support their CEO and corporate’s initiatives to incorporate IT security into broader risk management objectives of the company. Leverage IT security as a business enabler, rather than see it as an infrastructure cost.
Secondly, focus on the customer. Customers are the reason for organisations’ existence. Make sure all that the IT department does goes towards improving the customer experience.
In 2014, the macro economy will remain challenging. Organisations should continue to spend their budgets wisely and invest in cost effective solutions and services.
4) What advice would you give Malaysian organisations for 2014?
Despite the challenging economic climate, business opportunities in Malaysia still exist. Organisations just need to look harder and respond better to customer needs. Fortinet, for example, surveyed the market recently and found opportunities in application security, as the Web becomes an increasingly important conduit for companies to do business. We will be focusing on this area in the coming year.
More generally, firms should leverage technology to reduce their reliance on manpower. In cases where it does not make financial sense to own the technologies in-house, they should consider managed services providers.
5) How will your organisation address the opportunities arising from the IT security trends in 2014?
Fortinet is well positioned to take advantage of IT security trends.
- Security consolidation is Fortinet’s core competency. Our solutions are developed to provide comprehensive security to corporate networks, through a single platform to offer simplicity, streamlined installation and management, with the ability to update all the security functions concurrently. Fortinet has pursued this vision for the last 13 years by continuing to innovate on our FortiGate platform and enriching its solution portfolio with products that provide protection at and around the gateway.
Today, Fortinet provides broad, integrated, and high performance protection against dynamic security threats while simplifying the IT security infrastructure for enterprises, service providers and government entities worldwide. We will continue to increase the performance of our products and broaden our product and services portfolio to help enterprises deal with evolving threats.
- For BYOD, Fortinet takes the approach of network-based enforcement. A key advantage of network-based enforcement is the location of the targeted data ultimately resides on the network. Establishing controls on the network itself allows an organization to block malicious software or activities coming from mobile devices before any damage can occur to the network. By identifying devices and applying specific access policies and security profiles − according to the device type or device group, location and usage
- In the managed services space, Fortinet’s products empower managed security service providers (MSSPs) with best-of-breed and adaptive security that fits any environment − SME, enterprise, data centre or service provider networks. Our network security platforms make up the backbone of MSSPs’ security portfolios − providing multiple advanced security controls in a single high performance appliance.
- The cloud presents a variety of new opportunities for Fortinet, ranging from how we leverage our own cloud-based technologies to make networks more secure, to actually developing the solutions that help secure the cloud infrastructure. Our FortiGate virtual appliances mitigate blind spots by implementing security controls within a virtual infrastructure. They also enable the ability to rapidly provision security infrastructure whenever and wherever it is needed.
- For data center deployments, Fortinet’s high-performance firewall technologies provide exceptional throughput and ultra-low latency, enabling the protection, flexibility, scalability and manageability customers demand. The FortiGate platform, which combines a high-performance firewall with fully integrated security technologies such as anti-malware, application control, and intrusion prevention, enables extensive protection profiles for in-depth defence and provides the backbone of organizations’ secure high-speed data centers.