www.fortinet.com Open in urlscan Pro
44.199.160.6  Public Scan

Form analysis
1 forms found in the DOM

GET /blog/search

<form class="b3-searchbox__form" action="/blog/search" method="get">
  <input class="b3-searchbox__input" type="text" name="q" placeholder="Search Blogs">
  <button class="b3-searchbox__icon" aria-label="Search" type="submit">
    <svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg">
      <path
        d="M15.688 14.18l-4.075-4.075C12.36 9.06 12.8 7.78 12.8 6.4 12.8 2.87 9.93 0 6.4 0 2.87 0 0 2.87 0 6.4c0 3.53 2.87 6.4 6.4 6.4 1.38 0 2.66-.44 3.705-1.187l4.075 4.075c.207.208.48.312.753.312.274 0 .547-.104.755-.312.416-.417.416-1.093 0-1.51zM2.133 6.4c0-2.357 1.91-4.267 4.267-4.267s4.267 1.91 4.267 4.267-1.91 4.267-4.267 4.267S2.133 8.757 2.133 6.4z"
        fill="#fff">
      </path>
    </svg>
  </button>
</form>

Text Content

Blog
 * Categories
   * Business & Technology
   * Threat Research
   * Industry Trends
   * Partners
   * Customer Stories
   * PSIRT Blogs
 * Business & Technology
 * Threat Research
 * Industry Trends
 * Partners
 * Customer Stories
 * PSIRT Blogs
 * CISO Collective
 * Subscribe





Business & Technology


THE ART OF WAR (AND PATCH MANAGEMENT)

By Carl Windsor | February 23, 2022

With escalating tensions in Ukraine and threats of nation-state attacks, it is
worth noting that modern warfare is no longer only based on traditional ground,
air, or sea assaults, but it has progressed to the point where cyber attacks are
a common part of the offensive arsenal.  They are commonly made on the
financial, government, and communications of target countries in order to
destabilize the country’s critical infrastructure and delay any required
response to an attack.

Even if you are not directly in the line of fire, it is a timely reminder during
these concerning times that we all need to be taking our cybersecurity more
seriously. This is a sentiment echoed by Department of Justice (DoJ) official
Deputy Attorney General Lisa Monaco in remarks at the Munich Cybersecurity
Conference. 

"Given the very high tensions that we are experiencing, companies of any size
and of all sizes would be foolish not to be preparing right now as we speak --
to increase their defenses, to do things like patching, to heighten their alert
systems, to be monitoring in real-time their cybersecurity. They need to be as
we say, 'shields up' and to be really on the most heightened level of alert that
they can be and taking all necessary precautions."


WHY DO WE EVEN NEED TO SAY THIS?

Anyone who has been keeping up with Fortinet blogs is aware that we have been
saying this for some time, Prioritizing Patching is Essential for Network
Integrity.  We are dealing from the fallout of some customers not patching. It
has caused an ongoing news cycle related to an SSL-VPN issue resolved back in
2019, which remains unpatched for some customers. If you take nothing else away
from this blog, check that you have taken action to remediate this issue.

Given that some organizations are not always taking action to patch, how can we
better understand the reasons why, so that we can help to change this behavior?
Human psychology gives us some useful clues as to why this is the case. 

Hyperbolic discounting is a cognitive bias that refers to the inclination to
choose immediate rewards over rewards that come later in the future, even when
these immediate rewards are smaller. This is most clearly demonstrated by the
phrase: “A bird in the hand is worth two in the bush.”

In cybersecurity terms: I will continue working on a time-sensitive project that
my boss is chasing rather than patching systems against a cybersecurity issue
that might never happen, thinking “maybe we’ll get lucky and nobody will attack
us.”

The situation in Ukraine and the warning from DoJ Official Lisa Monaco
demonstrates we should not be taking this lightly but we need to change human
nature if we want to succeed in prioritizing patch management. To do this, we
need to give people an instant payback. 


REMOVING COGNITIVE BIAS

This is where the Security Rating Service comes into play helping to remove this
cognitive bias. It gives customers immediate feedback that the actions they are
taking have an impact on the security of their systems. While this has been
available for some time, in the coming months we will push this to the next
level and will include patching (or lack of) into the rating. We will also
provide a roll-up report in FortiCare to help encourage this process even
further.

Fig. 1. Example of FortiCare Platform Capabilities

Find out how the Fortinet Security Fabric platform delivers broad, integrated,
and automated protection across an organization’s entire digital attack surface
to deliver consistent security across all networks, endpoints, and clouds. 


Tags:

Cybersecurity Architect, Security-Driven Networking


RELATED POSTS

Industry Trends

CYBERSECURITY MESH ARCHITECTURES: FORTINET CISOS DISCUSS THE IMPORTANCE



Business and Technology

THE NEED FOR A ZERO TRUST EDGE STRATEGY



Industry Trends

PUBLIC SECTOR CYBERSECURITY AND THREAT TRENDS


 * 
 * 
 * 
 * 
 * 
 * 

NEWS & ARTICLES

 * News Releases
 * News Articles
 * Trademarks

SECURITY RESEARCH

 * Threat Research
 * FortiGuard Labs
 * Threat Map
 * Threat Briefs
 * Ransomware

CONNECT WITH US

 * Blog
 * Fuse Community

COMPANY

 * About Us
 * Why Fortinet
 * Security Fabric
 * Exec Mgmt
 * Careers
 * Certifications
 * Events
 * Industry Awards

CONTACT US

 * (866) 868-3678

Copyright © 2022 Fortinet, Inc. All Rights Reserved

Terms of Services Privacy Policy | Cookie Settings


PRIVACY PREFERENCE CENTER




 * YOUR PRIVACY


 * STRICTLY NECESSARY COOKIES


 * PERFORMANCE COOKIES


 * FUNCTIONAL COOKIES


 * TARGETING COOKIES


YOUR PRIVACY

When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer. privacy policy


STRICTLY NECESSARY COOKIES

Always Active

These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to block
or alert you about these cookies, but some parts of the site will not then work.

Cookies Details‎


PERFORMANCE COOKIES

Performance Cookies


These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site.

Cookies Details‎


FUNCTIONAL COOKIES

Functional Cookies


These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.

Cookies Details‎


TARGETING COOKIES

Targeting Cookies


These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They are based on uniquely identifying your
browser and internet device. If you do not allow these cookies, you will
experience less targeted advertising.

Cookies Details‎


BACK BUTTON BACK

Vendor Search
Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label


 * 33ACROSS
   
   33ACROSS
   
   View Third Party Cookies
    * Name
      cookie name


Clear
checkbox label label
Apply Cancel
Confirm My Choices
Allow All


By clicking “Accept All”, you agree to use of cookies on your device to enhance
site functionality, analyze site usage, and assist in our marketing efforts. The
Cookies Settings link has cookie-specific detail and preference options. privacy
policy

Cookies Settings Accept All



"