This blog was written and published by Fortinet | June 29, 2022
Fortinet is proud to have been at the forefront of the global cybersecurity industry since our founding 20+ years ago. Our industry leadership is demonstrated by our continuous commitment to working with non-profits and the private industry, including competitors, dedicated to making the digital world a safer place for everyone.
Fortinet has been a founding partner or frequent collaborator with such high-profiled, well-respected organization as the Cyber Threat Alliance (CTA), the World Economic Forum (WEF), International Criminal Police Organization (INTERPOL), North Atlantic Treaty Organization (NATO) Communications and Information (NCI) Agency, and the Forum of Incident Response and Security Teams (FIRST).
A Decade of Collaboration
For the past 10 years, Fortinet’s FortiGuard Labs has been a FIRST Team that collaborates with the international confederation of trusted computer incident response teams. As an international, not-for-profit organization composed of 600+ members from over 100 countries, FIRST’s membership is composed of both national CERT (Computer Emergency Response Teams) and CSIRT teams across, but not limited to, government agencies, academia, commercial enterprises, and financial corporations from a variety of industries. Together, Fortinet and FIRST have been cooperatively assisting with the managing of cybersecurity incidents and promoting incident prevention programs.
A Forum for Sharing Goals, Ideas, and Information
At FIRST’s 34th annual conference in Dublin, Ireland (June 26 – July 1), where over 1,000 specialists representing six continents will participate in critical discussions to bolster cyber defenses, FortiGuard Labs’ Global Threat Intelligence Team leader Derek Manky will be a featured panelist in a formal discussion titled, “Driving Public-Private Cooperation to Combat Cybercrime.”
This featured panel presentation will examine how—with cybercrime presenting a major risk to prosperity in the global digital economy—to systematically address cybercrime, focusing on how it is imperative to raise the cost of conducting cybercrime and increase the risks for cybercriminals. The panelists will emphasize effective public-private cooperation with global businesses and other cyber responders, working side by side with law enforcement to help achieve that outcome. In the session, the panelists will also explore what is needed to achieve such collaboration.
“With every alliance and collaboration, Fortinet works toward its mission to secure users, devices, applications, and edges everywhere. When we grow our collective intelligence, we can better combat and disrupt advanced threats, deploy security controls to counteract the latest moves, and deliver greater security for our customers and all organizations,” comments Derek Manky, chief security strategist and vice president, Global Threat Intelligence. “Through Fortinet’s collaborations with organizations like the CTA, FIRST, INTERPOL, NATO NCI, and WEF, we advance cyberthreat information sharing. This advancement will then enable us to collectively disrupt the cybercriminal ecosystem.Our relationship with FIRST is an excellent example of intelligence collaboration with the industry in mind. While FortiGuard Labs processes billions of threat events on any given day, no single entity will have a complete vision of the cyberthreat landscape, and this is why mutually beneficial relationships with organizations like FIRST are so critical to further advancing security practices and defenses for our customers and for the overall industry.”
How the FIRST and Fortinet Collaboration Benefits Industry and Fortinet Customers
The collaboration with FIRST is a two-way street. Fortinet provides its expertise to FIRST and its membership, and FIRST generates data, content, and knowledge that Fortinet uses to even more consistently communicate and secure its customers. For example, the Fortinet Product Security Assurance Policy and Information Security Management System are based on recognized industry standards, including best practice recommendations supplied by FIRST.
In a recent Fortinet Threat Research blog titled, “Using EPSS to Predict Threats and Secure Your Network,” Paolo Di Prodi, senior data scientist at FortiGuard Labs and EPSS Special Interest Group (SIG) member, writes about a couple of FIRST tools and how they are used by the security industry: “The Common Vulnerability Scoring System (CVSS) …[that] highlights how exploitable different vulnerabilities are. And now, EPSS (Exploit Prediction Scoring System) can supplement CVSS by providing dynamic insight into the likelihood that a vulnerability will be exploited. It produces a probability score of a rational number between 0.0 and 1.0, and the higher the score, the greater the probability that a vulnerability will be exploited.”
According to Paolo, the CVSS scoring system is used worldwide to prioritize software vulnerabilities. He goes on to say how EPSS is “a new score that can predict the likelihood of exploitation of software vulnerabilities” and how it should be used in CVSS to prioritize vulnerability patching.
“The takeaway is that organizations that properly deploy and train EPSS will need to patch fewer vulnerabilities than they would have using the classic CVSS strategy while maintaining the same level of protection.”
As it happens, Fortinet contributes to EPSS’s “ground truth” by providing critical information derived from daily observations of exploitation-in-the-wild activity and from other sources of data provided by FortiGuard Labs. Hence, the more Fortinet contributes to helping FIRST and the cybersecurity industry, the more the company helps itself and helps Fortinet customers.
Fortinet is looking forward to more decades of productive collaboration with FIRST and to bringing the outputs of that collaboration to the industry and to its customers.