Jim Richberg is field CISO at Fortinet and former national intelligence manager for cyber in the Office of the Director of National Intelligence. He previously coordinated the Comprehensive National Cybersecurity Initiative for Presidents Bush and Obama.
State and local governments are already in a fiscal black hole driven by the impacts of COVID-19, as resources plummet and expenditures on social safety programs soar. This bleak financial situation is almost certain to spread to the federal level, as mounting deficits eventually produce pressures to cut spending. This is likely to lead to a competition for resources within agencies more intense than anything seen since the mandatory cuts imposed by sequestration a decade ago.
And yet, after a brief respite, malicious cyber-actors have not suspended their activities during the pandemic. In fact, they’ve accelerated their tempo and targeted weaker security controls from remote workers using home networks to access agency data and networks.
Given the austere fiscal environment agencies are likely to face over the next few years, government cybersecurity leaders will need to work harder to demonstrate the worth of their programs and to build partnerships within their agency. Too often, as resources become scarce, agencies have tended to prioritize and preserve the funding of core mission functions. Cybersecurity and IT can be perceived as support elements which can absorb budget cuts with a lesser impact on the overall mission.
The reality, of course, is that today IT and cybersecurity are vital enablers of core business functions. The pressure will be on IT leaders to show that their programs increase mission efficiency and expand the “bang for the buck” of diminishing resources.
One way agencies can inject simplicity and drive down costs in their cybersecurity portfolios is with software-defined wide area networking (SD-WAN) — allowing agencies to create an integrated networking security architecture for fast, scalable and flexible connectivity across different network environments. SD-WAN has been growing exponentially in the private sector because of its appealing combination of lower cost, ease of deployment and maintenance, greater organizational flexibility and higher performance. As agencies look to refresh their existing branch office network infrastructure or even to build out remote teleworking capacity, SD-WAN becomes an increasingly attraction option.
Why is SD-WAN relevant today
Not all SD-WAN is created equally. Indeed, SD-WAN has evolved quite a bit since it was introduced, and the newest form offers agencies a multifunction platform with software-defined networking and an all-in-one suite of security functions integrated from the start.
As SD-WAN has evolved, it has yielded three divergent approaches to security. During its infancy, the technology was all about pure traffic management, and security wasn’t a factor. It became quickly apparent, though, that if security was not included, it could be left out. Thus, the second wave of SD-WAN products featured security that “daisy-chained” and often provided by third parties — generating solutions that work but added complexity and cost.
Now, we’re arrived at the third, latest version of SD-WAN, where everything is in one device: the firewall, switch and router — it’s completely organic and because it is the newest version, tends to be more efficient at both its security and networking functions. It allows, for example, “composite” connections that aggregate multiple physical connections into a single higher bandwidth path and security features that can replace the functions of a half-dozen or more older network security devices.
Obviously, picking your way through digital transformation options such as SD-WAN or multi-cloud security can be a complex topic. So it’s important to have IT and cybersecurity teams collaborate in identifying risk, cost and mission impact before they take their options to the rest of the organization.
Having a platform mindset for SD-WAN
Many cybersecurity solutions today are linked in to multi-vendor ecosystems. These ecosystems allow them to share sensor data, signatures and actions thanks to integration of AI- and machine learning-enabled tools and cloud-based storage. Independent third-party testing has verified that products linked within an ecosystem outperform best of breed non-integrated point solutions. This testing demonstrates that, while any platform outperforms non-platform options, not all platforms are equal in terms of their breadth, power and size of the participating vendor ecosystem.
But it is not a matter of whether a platform works, but rather which one to use. Government procurement should not only consider price and performance, but product platform affiliation as well. Overlooking vendor ecosystems could mean losing out on an opportunity for the synergy that comes with tools and technologies sharing the same platform.
For example, Fortinet’s SD-WAN offering and its “Security Fabric” platform, together with their ecosystem of Fortinet partners, cover the breadth of an agency’s digital attack surface by offering capabilities such as behavioral analytics, decoy technology and the ability to create customized playbooks of integrated response options.
Fortinet’s Security Fabric is powered by AI and ML that reflects the company’s decade of refinement and use of this capability, and its massive data set, to allow it to distinguish between normal and abnormal network activity in an IT environment; to respond to potential malicious activity in real time; and to take blocking or alerting action across the breadth of the Fabric — which means agencies can benefit from activity directed against targets in other sectors and even other countries.
As numerous studies have shown, a Fabric-based approach is not only more operationally effective, it is more cost-effective as well — and issues of total cost of ownership (TCO) will become increasingly important as agencies deal with the requirement to “do more with less.”
Simply put, by taking advantage of technologies such as SD-WAN and the full set of capabilities embodied by a platform-focused approach to cybersecurity, agencies can get the most bang for their buck. And as the impacts of the coronavirus pandemic on government operations and budgets play out, that’s exactly what agencies need: strengthened, integrated, and cyberthreat intelligence-driven security that supports critical mission needs, but at an attractive price point.
Learn more about how Fortinet can improve your agency’s security.