Data Privacy Day - What it Means for Your Organization

What this means for your organization

If your organization does business with any organizations or individuals in the EU, you have already had to make significant changes to how you process, manage, and store the data of EU residents. Prepare now to provide many of the same sorts of protection to your US and Canadian customers. Here is a quick checklist of the things you will need to do:

1.     Implement a comprehensive, integrated security strategy. It has been said that there cannot be any data privacy without good data security. Because of that, you have to start by ensuring that any PII data your organization touches is secured from the moment it enters your network to the moment it leaves. This includes applying security measures and policies that can seamlessly identify, follow, and secure data as it moves between network domains and devices, including across multi-cloud or SD-WAN environments, as well as into your storage area network (SAN).

Security plays a critical role in helping you know where every bit of data is located and who and what has access to it. An integrated security framework allows all security components to see other devices, share and correlate information between them, and participate in a coordinated threat response. It needs to be woven into and across every aspect of your evolving network to enable things like unified policy creation, centralized orchestration, and consistent enforcement. This approach allows you to extend visibility deep into your infrastructure to see every device, track every application and workflow, and more importantly, see and secure all data. It also allows you to demonstrate compliance with regards to protected privacy requirements and the verification of its secure storage, use, and removal.

2.     Change what and how you collect PII data. New privacy laws such as GDPR define individuals as the sole owners of their data, and not businesses or institutions. As a result, these individuals must be able to withdraw their consent to the collection of their data as quickly and easily as it was given. This will require organizations to collect only the minimum amount of data needed for a specific purpose, and to then be able to completely remove it when it is no longer needed. 

3.     Reorganize your data so that PII can be easily identified, flagged, and deleted. Be prepared to demonstrate to compliance officials that you can prevent specific data from being shared or sold to third parties and that you can remove all instantiations of an individual's PII regardless of where it is being stored or used. For larger organizations, this is not a trivial task. It will require significant retooling of databases, rewriting software applications and websites, and redesigning internal processes to simplify and accelerate internal processes to identify all data related to a single customer. The GDPR’s “right to be forgotten” (RTBF) means that data needs to be found and removed quickly and easily, rather than relying on humans to hunt for each instance of personal information scattered across your distributed network.

4.     Encrypt PII to ensure that if possesses no risk if compromised.  You should consider encrypting data in transit and at rest in your network.  Encryption negates the value of data if it is compromised.  But encrypting large volumes of data is no easy task.  Organizations should consider ability of encryption performance and any associated degradation of performance.

Summing Up

New and looming data privacy legislation reflects growing public concern about the protection and personal ownership of PII. Data Privacy Day is an urgent reminder that every organization that touches personal data needs to re-evaluate its IT security infrastructure. Are your IT security solutions able to effectively communicate, regardless of where they have been deployed, to optimally protect data and provide network-wide visibility? Does your network include sophisticated data-protection measures such as threat prevention and detection, pseudonymization of PII, and internal segmentation to isolate and track customer and employee data? And finally, have you documented, and more importantly, tested your data-breach response plan?

Our experts say about Fortinet Certification Exams

Will Emerging Threats Tip the Scales - Fortinet Certifications

Digital devices and infrastructures continue to be woven deeper into every aspect of our lives, whether through connected homes, cars, and mobile devices, or by expanding their role in business, government, and even critical infrastructure. One outcome of this is that the stakes in the ongoing battle between cybercriminals and security professionals continues to rise. We are no longer just looking at a cyber breach impacting an organization’s reputation and bottom line. Now and into the future, there is a real potential for a successful cyberattack to disrupt interconnected economies, shut down essential services, or even result in physical harm.

Emerging threats will tip the scales

The classic problem is that the playing field is dramatically uneven. Cybercriminals only need to find a single weakness in a security strategy to achieve their goals, while defenders have to stop 100% of threats 100% of the time. And because attacks are becoming increasingly sophisticated, often attack multiple threat vectors simultaneously, the imbalance between these adversaries continues to grow.

Last fall, Fortinet predicted a number of emerging threats that may be game changers if we don’t change our tactics. They include such things a Swarmbots—semi-autonomous botnets comprised of clusters of compromised devices with specialized skillsets that can work collectively to solve problems, the commoditization of fuzzing—a process for discovering zero-day vulnerabilities in hardware and software interfaces and applications, and machine learning poisoning—training automated security devices to intentionally overlook certain threats.

Changing cybersecurity tactics

The traditional process of identifying a threat and then developing a counter defense, or even attempting to anticipate and neutralize new attack strategies, are becoming obsolete. Defenders need to approach this problem from an entirely new direction. One possible approach is to adopt strategies and solutions that address and disrupt the economic drivers of the criminal community.

For many criminal organizations, attack techniques are evaluated not only in terms of their effectiveness, but also in the overhead required to develop, modify, and implement them. In short, in many ways they function like legitimate business. Knowing this, one defensive response is to make changes to people, processes, and technologies that impact the economic model of the attacker. Security Week, December 07, 2018

Changing the game

In his SecurityWeek byline, John Maddison outlined three strategies for defending against tomorrow’s threats:

1. Deploy Deception

One economic model used by cyberattackers depends on reducing risk of discovery. Since the time between breach and exploit continues to shorten, one strategy with real potential is to simply slow down attacks. Deception strategies can generate dozens of enticing false targets combined with tripwires that force attackers to slow down, allowing attackers and malware to be quickly identified and removed.

2. Refine Threat Intelligence

Building new attacks is expensive. Instead, cybercriminals maximize their investment in an attack by making minor changes to their malware.

Even something as basic as changing an IP address can enable malware to evade detection by many traditional security tools. The continued success of known exploits is testament to the effectiveness of this strategy. Security Week, December 07, 2018

As threat intelligence becomes better at identifying entire attack families, the more difficult it becomes for cybercriminals to simply adjust their existing attack tools and strategies to evade detection. Applying behavioral analytics to threat intelligence to predict the future behavior of malware can preempt new attacks and force cybercriminals back to the drawing board. 

3. Take a Proactive Approach

The final approach is to engineer as much risk as possible out of your current network by moving from implicit trust to a zero trust model. This includes implementing multi-factor authentication, deploying network access control, and adopting automated, intent-based segmentation and microsegmentation. This begins by integrating traditionally isolated security devices into a single, integrated architecture. Tools that can actively correlate threat intelligence and respond as a single, integrated system are much more effective at combating even the most advanced threats.

Conclusion

Getting out of the trap of security brinksmanship requires organizations to rethink their security strategies. Instead, organizations need to target the economic motivations of cybercriminals by anticipating their attacks and thereby forcing them back to the drawing board. This starts with a cohesive security fabric that can gather and share threat intelligence, perform logistical and behavioral analysis, and tie information back into a system to preempt criminal intent and raise the cost of doing criminal business.

Success Secrets: How you can Pass Fortinet Certification Exams in first attempt 

Fortinet Practice Exam Dumps PDF VCE Exams Files - VCE Exams Test

Fortinet NSE7 - Questions & Answers Free Demo

Question 1

Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?

A: Diagnose debug application radius -1.
B: Diagnose debug application fnbamd -1.
C: Diagnose authd console –log enable.
D: Diagnose radius console –log enable.

Correct Answer: A

Question 2

An administrator has configured a FortiGate device with two VDOMs: root and internal. The administrator has also created and inter-VDOM link that connects both VDOMs. The objective is to have each VDOM advertise some routes to the other VDOM via OSPF through the inter-VDOM link. What OSPF configuration settings must match in both VDOMs to have the OSPF adjacency successfully forming? (Choose three.)

A: Router ID.
B: OSPF interface area.
C: OSPF interface cost.
D: OSPF interface MTU.
E: Interface subnet mask.

Correct Answer: BDE

Question 3

An administrator has configured a dial-up IPsec VPN with one phase 2, extended authentication (XAuth) and IKE mode configuration. The administrator has also enabled the IKE real time debug:
diagnose debug application ike-1
diagnose debug enable

In which order is each step and phase displayed in the debug output each time a new dial-up user is connecting to the VPN?

A: Phase1; IKE mode configuration; XAuth; phase 2.
B: Phase1; XAuth; IKE mode configuration; phase2.
C: Phase1; XAuth; phase 2; IKE mode configuration.
D: Phase1; IKE mode configuration; phase 2; XAuth.

Correct Answer: D

Question 4

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

A: Group ID.
B: Group name.
C: Session pickup.
D: Gratuitous ARPs.

Correct Answer: A

Question 5

When does a RADIUS server send an Access-Challenge packet?

A: The server does not have the user credentials yet.
B: The server requires more information from the user, such as the token code for two-factor authentication.
C: The user credentials are wrong.
D: The user account is not found in the server.

Correct Answer: B

Success Secrets: How you can Pass Fortinet Certification Exams in first attempt