Across several industries, from manufacturing to retail and services, aggressive digital acceleration strategies have reinvented how enterprises create value for customers.
Cybersecurity firm Fortinet, however, observed that the resulting “solution sprawl” has given birth to a logistical challenge that companies are addressing through vendor and solution consolidation.
Organizations are seeking to reduce complexity within their security framework and their cloud environments through solutions that integrate deeply with a disparate security service portfolio. Fortinet says only a handful of security vendors have the capability to offer this at the moment.
Cloud adoption is another league of complexity altogether. From rapid adoption to the diversity in types of cloud environments, businesses face security complexity and friction just by simply introducing a new version of a deployed tool or when these tools are not cloud-native to begin with, adding new layers to the process.
Based on Fortinet’s 2022 Cloud Security Report, 39% of surveyed cybersecurity professionals are already running 50% of their organization’s workloads in the cloud while 58% are positive that they will reach this level in the next 12-18 months.
The same report also revealed that 61% of the respondents see lack of skills in deploying and managing a complete solution in cloud environments as a primary challenge that slows down digital acceleration, followed by issues with data protection across these environments (53%), want of understanding on how different solutions fit together (51%), and loss of visibility and control (47%).
To help organizations and enterprises to gather and correlate data across disparate and multiple cloud security services, Fortinet has officially launched its new product called FortiCNP (Fortinet Cloud-native Protection) which is essentially a cloud security management service that also identifies risks and creates a plan to mitigate them.
“By integrating with native security services offered by cloud platforms such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform alongside Fortinet Cloud security products such as FortiGate-VM and FortiWeb, FortiCNP collects, normalizes and correlates security findings from all these tools to create consistent security workflows across public clouds,” the company said in a statement.
FortiCNP is a new component of Fortinet’s Security Fabric cybersecurity platform which enables customers to take advantage of cross-fabric capabilities like network access controls, endpoint visibility and dynamic access, next-generation firewalls, cloud security analytics, threat intelligence and detection, and security management orchestration and automation.
“We’re pleased to continue to deliver solutions that allow security professionals to transition from time-consuming triage and manual analysis processes to proactively securing their cloud workloads and easily understand their cloud security risk. FortiCNP is the latest example of Fortinet’s commitment to delivering Fabric solutions that extend enterprise security with cloud-native integration,” said Fortinet CMO and EVP of products John Maddison.
Fortinet plans to feed FortiCNP with more types of cloud security findings to gain better insights on cloud workloads. With more data points to leverage, its ability to analyze risk will improve, allowing security scaling while maintaining consistent workflows, reducing overall friction from deployment to operations, and increasing the productivity of security teams in a broader perspective.
“With consistent workflows utilizing cloud-native services across multiple clouds, security teams will no longer be required to master the intricacies of each cloud platform’s security service operational model,” Fortinet stated in a blog discussing the capabilities of FortiCNP.
There are five major use cases highlighted by Fortinet for the new platform: customers gain access to context-rich actionable insights produced from the analysis of security findings generated by a cloud service provider (CSP), security events are monitored and risks are prioritized, all data passing through cloud storage services are analyzed while potential data leakage incidents are investigated, the application container lifecycle is protected, and policy violations are identified.
The FortiCNP platform currently boasts deep interoperability with the Enterprise Security Services of AWS. This support covers the automated vulnerability management service Amazon Inspector, the threat detection service Amazon GuardDuty, and the cloud security posture management service AWS Security Hub.
“Security partners like Fortinet with their FortiCNP offering built on AWS and integrated with our security services like Amazon GuardDuty give customers a choice to simplify and accelerate their cloud journey with cloud-native security services,” said Jon Ramsey, vice president of AWS Security.
Meanwhile, for BK Bank’s chief technology officer Caio Hyppolito, better product integration provides opportunities for the company get more value out of its deployment while its security teams can focus on securing high-priority resources.
“FortiCNP gives us comprehensive cloud visibility with an intuitive dashboard that allows us to easily track risk management over time,” he concluded.
