The following QnA included both Schneider Electric, and Fortinet representatives.
1. It is a year since the partnership between Schneider and Fortinet. What is the status of this collaboration in September 2021?
In August 2020, Fortinet and Schneider Electric Systems announced a worldwide partnership agreement to Secure the Digital Transformation in Energy Management and Automation.
Much has been accomplished since last August. Most importantly,
(i) Across the globe, 50+ resources at Schneider Electric Centers of Competence received advanced OT Security training leveraging the Fortinet Network Security Expert (NSE) Certification Program and Fortinet Subject Matter Experts support.
(ii) Fruitful collaboration between Fortinet Executives and Subject Matter Experts and Schneider Electric Cybersecurity Services organization as well as its Product security teams to strengthens the ability to secure operations across the business lifecycle, enable a dynamic response to changing cyber threats, and combines expertise and technology to unlock the advantages of a secure IIoT
(iii) Thanks to this close collaboration, three new collaboration projects have been signed to secure critical infrastructures of major Utilities and O&G companies. Several other projects are in pipeline across the globe.
2. How has SD-WAN evolved with the pandemic?
There have been two major trends in SD-WAN during the pandemic. The first is a general business trend towards integrating security into SD-WAN. Companies have realized that although SD-WAN is a networking solution, it opens up more and more locations to uncontrolled internet access, which is a major security concern.
Most SD-WAN solutions require adding a separate firewall – either a physical or virtual appliance – into the system. This generates extra cost in OPEX and maintenance costs, as well as overhead for the support teams.
An integrated security gateway, such as the Fortinet FortiGate, brings security and SD-WAN together in a single, easy-to-manage device. The second big trend we are seeing is the connection of production facilities via secure SD-WAN.
Digital transformation has had a huge impact on factories, refineries, utilities, and other production sites, which has increased the need for connectivity to mainframe and cloud applications, as well as maintenance and software update access by asset providers.
Here we see the same issue of needing to protect the site with an integrated security gateway, with the added complexity of also needing to segregate the Operational Technology network from the IT network, allowing only authorized traffic to pass between them.
Not to mention the need for the security devices to be able to understand and inspect the many different industrial protocols that are found on-site, as is the case with FortiGate.
3. In what ways would you say your customers feel supported in this era of working remotely?
Finding anything positive about the current pandemic is almost impossible, but we are fortunate that it has happened at a moment when we have the technology available for effective remote working. Not just for office workers.
Remote access to production sites has also been possible, which was a lifesaver for many companies. However, although asset owners, engineers, and managers have been able to access their operational technology without having to be on-site, so, too, have cybercriminals and other attackers.
Many of our customers have put in place security solutions such as Network Access Control, multi-factor authentication, and Endpoint Detection and Response from Fortinet. These solutions have given our customers the security of knowing that they have placed a number of high hurdles in the way of any potential attacker.
4. Cyberattacks have grown exponentially over the past year. Cybersecurity experts and environments need to be dynamic and quick on their feet. How have you co-creatively handled innovation around that?
Technology is a major tool for fighting cyberattacks, but technology alone isn’t enough. The solution also involves people. Email is still the number one vector for attacks. One-click on a URL or attachment can unleash a ransomware attack.
It is very important that all staff follow cyber-hygiene training on a regular basis, to reduce the chances that they “misclick”. Good training works best when it is backed up by good technology. This includes email security tools that can identify suspicious items even before they are presented to the user.
Strong segmentation and micro-segmentation can isolate a machine that does get infected. And new tools like Endpoint Detection and Response can identify unusual activity on an individual device and take actions up to and including quarantining the device. This includes activity such as a sudden high number of writes to the disk, which could be a symptom of ransomware encrypting files. Combining these technologies with the human factor can repulse a very large percentage of cyberattacks.
5. What has been the most challenging aspect of bringing together OT and IT?
Despite being more connected than ever, IT and OT still operate in silos. They interact but fall shy of true team integration. A collaborative approach to cyber-security solutions and incident response is essential.
There are, however, some serious difficulties in redressing this division – starting with the technical specificities of OT and IT respectively. Then, there is a cultural gap between IT and OT.
To implement a converged OT vision, the first step we recommend is to develop a Cyber-Security Program that includes both IT and OT experts and executives. Then care must be taken to make technological adjustments to accommodate the merger, such as adopting security tools that cater to both IT and OT requirements.