Business & Technology
Partnering to Disrupt Cybercrime
Cyber risk is escalating, and so are the consequences of being struck by a cyberattack. In recent years, we have seen cybercriminals team up in search of skilled hackers and advanced tools to further evolve their craft. They are building their own ecosystems and supply chains to be more effective. Partnerships and cooperation on the defense side are our best weapon in the fight against cybercrime. Partnerships are a great exercise in building trust, which in turn is important for sharing information and creating relationships. With more trust comes more shared intelligence.
Why are cyber security partnerships so important today?
Derek Manky (DM): Cybercrime impacts everyone from individuals to global corporations and critical infrastructures and governments. It causes immense, though not always visible, damage to economies and societies. It helps take the fight to adversaries and creates a more unified front.
Adversaries must find one weakness while defenders have to protect everything, ensuring that not even a single weakness is found. By sharing threat intelligence and working with other threat intelligence organizations in a cybersecurity partner program, it helps improve protections for customers and enhances the effectiveness of the entire cybersecurity industry.
As part of our CSR efforts at Fortinet, we believe it is important to work to reduce cyber risks for society. This is also a part of helping organizations create cyber security resilience and hardening of their infrastructure.
Can you give a brief overview of the difference between global threat partnerships and threat sharing? Why are the two important in the fight against cyber adversaries?
DM: There are a lot of silos in the industry and no one person or organization has a view into all the threats that are out there. Collaboration and partnership are key. Threat sharing is important to enable quick mobilization of protections for customers across many vendors and to help break down technical barriers to enabling protections. Many organizations focused on this are focused on a particular sector or goal. Broader global partnerships are important when it comes to driving change and behaviors and are built on a foundation of trust.
In addition, partnerships are also focused on bi-directional sharing of knowledge and information. It is important to focus on surrounding adversaries with cybersecurity disruption at as many points in their ecosystem as possible. Everyone has a role to play in this scenario, including end-users. However, this must be accompanied by proper training, good education, and cyber awareness.
What do Fortinet and FortiGuard Labs do in regard to partnerships?
DM: At Fortinet and FortiGuard Labs, there is a huge focus on going beyond our own research to lead, interact, share, and foster the sharing of actionable threat intelligence. FortiGuard Labs is committed to partnerships and cooperation with global law enforcement, government organizations, and industry organizations.
Fortinet invests meaningful resources in global partnerships, including the MITRE Enginuity Center for Threat Informed Defense (CTID). Fortinet is also a long-standing member of the NATO Industry Cyber Partnership (NICP), are active contributors and members of INTERPOL Gateway, is a founding member of the Cyber Threat Alliance (CTA), and more.
Fortinet is also proud to be one of the founding partners of the WEF Centre for Cybersecurity and an active contributor of its Partnership against Cybercrime (PAC). The Cybercrime Atlas effort is about driving real impact and is a coordinated effort to disrupt cybercrime.
Can you give an example of how partnerships have helped disrupt cybercrime?
DM: Fortinet has been an active member of the Global Cybercrime Expert Group and trusted partner to INTERPOL dating back to 2015 and became an INTERPOL Gateway partner in 2018. This ongoing collaboration has resulted in greater threat intelligence standards and protocols across the industry as well as impactful global cybercriminal takedowns.
For example, Fortinet was one of several private sector companies that provided support to an INTERPOL-led operation targeting cybercrime across the ASEAN region, resulting in the identification of nearly 9,000 command-and-control (C2) servers as well as hundreds of compromised websites, including government portals. We also assisted a cyber investigation coordinated by INTERPOL, providing threat intelligence and analysis to help uncover a group of online fraudsters behind a BEC (business email compromise) scam totaling more than $60 million in thefts and involving hundreds of victims worldwide.
The Africa Cyber Surge Operation is a shining example of how shared threat intelligence on threat actors and joint operations across trusted partners can increase the cyber resilience of an entire region. It also shows how valuable cybersecurity training and education is to help close the cyber skills gap and effectively disrupt cybercrime at scale.
The Takeaway
In short, successfully fighting cybercrime requires collaboration between both the private and public sectors. But as good as our cybersecurity partnerships may be today, we need to continue to deepen our private-public relationships further as we continue to fight cybercrime.
Find out how the Fortinet Security Fabric platform delivers broad, integrated, and automated protection across an organization’s entire digital attack surface to deliver consistent security across all networks, endpoints, and clouds.
