EXPERT
OPINION
management system and cybersecurity
policies to be applied unilaterally or
on a case-by-case basis. For instance,
different permissions can be granted
to a laptop compared to a fixed lab
computer and non-compliant devices
that attempt to gain access can be
instantly quarantined to prevent the risk
of lateral movement.
This allows for vulnerabilities to be
located and dealt with before they
can spread across the network.
Segmentation of connected devices
across the network also allows for
this. The result of which is that, if a
compromise does occur, it isn’t able to
infect the whole network.
Can you tell us about some use
cases for your technology in
these environments?
In the Gulf Region, we work with many
different financial, healthcare, oil, gas
and government entities. A common
challenge we find is there is not enough
visibility into connected IT, IoT and OT
devices. There is also an inability to
accurately identify devices which are
connected to the network, resulting
in failed audits and high-costs due to
manual inventory.
Forescout helps large customers to gain
device visibility and auto classification
of all connected devices, whether they
are in campus, building automation, OT
(Operational Technology), data centre
or cloud environments. One of the most
common use cases for our platform is
modern NAC (Network Access Control).
Other important related use cases
we have found are threat hunting
capabilities – especially with the growing
threat of ransomware outbreaks.
How important is it for
organisations to ensure
a high level of security
while not compromising
operational efficiency?
Service availability and operational
efficiency are always top priorities for
our customers. Forescout introduced
Operational Security Automation – which
can help in breaking down existing
security solution silos and help our
customers reduce their response rates
to risks.
Forescout helps customers across
the Gulf region to automate manual
tasks, whether on the network
(for access control or for network
segmentation use cases) or on the
endpoint (for posture assessment
and auto-remediation actions), while
orchestrating actions responses from
third-party systems.
What best practice approach
should CISOs take to ensure
a robust network and OT
security policy?
Zero Trust is a security framework that
centralises around the idea that no
entity should ever receive automatic
access to a network – instead, each
one must verify itself in order to be
granted the privilege. Born out of the
realisation that both the outside and
inside of a network can produce threats
to cybersecurity, it replaces traditional
authentication methods and helps to
protect increasingly fragmented and
diverse networks.
When deploying the Zero Trust model,
it is vital that organisations have a good
understanding of every connected
user, their devices and the data they’re
attempting to access.
This should be the foundation of any
security framework already – after all,
visibility is the backbone of security
Grappling with the
growing number of
attack vectors while
meeting more and
more compliance
directives, CISOs
have their hands full.
We help customers to use built-in
vulnerability and response policies (such
as for WannaCry, NotPetya, Samsam, etc)
and allow customers to customise their
own policies to search for compromises
within the whole infrastructure.
42 Issue 26 | www.intelligentciso.com