Fortinet first-ever participation in the Mobile World Congress emphasizes our committment to solving the security problems that stand in the way of the rapid adoption of the next generations of mobile services. Fortinet’s booth presence and education efforts at the Congress reinforce that commitment by exploring three themes: Agile Security for Mobile Cloud Services Delivery, Advanced Security for Industrial Operation Technology (OT) and the Internet of Things (IoT), and Mobile Security/Managed Security Services. In this post, I’d like to dive deeper into what we have in store for our Advanced Security Theme.
Industrial OT and IoT infrastructures have become one of the fastest growing, but often least understood, categories of mobile computing. As industrial OT and IoT systems proliferate, there is a great deal of concern that while new wirelessly-connected industrial and IoT devices and applications are springing up at a rapid pace, they may lack security protections strong enough to not only prevent attacks but to even detect them.
Although massive Industrial control networks and Internet-connected “thing” micro-environments may seem worlds apart, they have a lot of technical and security risk commonalities. Both industrial and IoT installations typically run on either bare-bones embedded software or trailing edge versions of commercial operating systems. They often don’t have sufficient memory or processing headroom to support rich security functionality. Meanwhile, the adversary community has woken up to the potential ill-gotten financial and social rewards to be gained by attacking under-defended industrial and IoT targets. And to compound the problem, many security vendors have focused product and service development on “white collar” Information Technology infrastructures and have underinvested in solutions to protect industrial, healthcare, facilities, public utility, and other “mechatronic” environments.
While the designers and operators of industrial and IoT systems recognize that these systems might fall victim to cybersecurity attack, the consequences to society or the economy of such attacks are often more difficult to imagine. What happens if factory floors come to a halt? Could some malefactor install ransomware to extract tribute from an industrial company? Could a globally distributed fleet of device status monitoring “things” go blind? Then what? And what of attacks targeting economically mission-critical infrastructure such as the electric power grid, transportation signaling and control, or medical devices?
Booth Demos and Formal Presentations
The Advanced Security Zone in Fortinet’s booth will present solutions in two areas relevant to the Industrial OT and IoT security space. First, we plan to demonstrate security services scaled to protect IoT infrastructures, as well as an active security solution to protect Industrial Control and Supervisory Control and Data Acquisition (SCADA) systems.
Second, we have made it a priority to help security service providers upgrade their abilities to assist clients with detecting and foiling attacks on industrial infrastructures. To that end, we’ll be staging a demo of a service provider-oriented threat intelligence capability that can be packaged as a subscription offering to clients.
We also have added two presentations relevant to Industrial OT and IoT security to our daily briefing session schedule:
Strengthening Industrial Operation Technology (OT) Security with Firewalls
With Digital Transformation taking hold in industrial environments, Industrial Control Systems (ICS)/SCADA Operational Technology (OT) environments are increasingly exposed to threats. This presentation will demonstrate the unique role that the integration of Fortinet’s FortiGate next-generation firewalls and the Nozomi Networks’ SCADA technology (a Fortinet Fabric-Ready Partner) can play in providing advanced security for the industrial OT environment.
Monetizing Threat Intelligence
Good threat intelligence is mandatory for the effectiveness of any security infrastructure and service. It provides up-to-date protection against known and unknown threats. But threat intelligence can also play a role in providing granular insight and understanding into the threat landscape and its evolution, enabling service providers to create additional value for their customers, and generate additional revenues. This presentation will introduce Fortinet’s Threat Intelligence Services for managed security services providers (MSSPs) and how they can be customized as value-add and revenue generating services.
These presentations will take place once daily over the four main days of the Congress, February 26, 27, 28, and March 1, in the Fortinet Booth, Hall 7, Stand 91 at the Congress. For full details on Fortinet’s presence at the 2018 Mobile World Congress, visit our webpage dedicated to this subject. You can also use this site to see our presentation schedule and set up meetings with Fortinet representatives. The Mobile World Congress website contains, of course, official information on the event itself.
Did we mention that Barcelona is very nice this time of year? Yet another reason to visit Fortinet at this year’s Mobile World Congress.