The Gately Report: Fortinet Partners Can Look Forward to More Effective, Efficient Relationships
Plus, Tenable's CEO slams Microsoft's vulnerability reporting practices.
![Fortinet partners and business relationships Fortinet partners and business relationships](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt5233310982072a78/6523eb83b388be8058799596/Business-Relationship.jpg?width=700&auto=webp&quality=80&disable=upscale)
G-Stock Studio/Shutterstock
Channel Futures: What are your responsibilities in this role and how does your previous channel experience come into play?
Fortinet ’s Ken McCray: My responsibilities are for the U.S. channel, and under that umbrella I have seven different channel routes to market. There are the traditional national partners. You’ve got your focused regional partners. I’ve got MSPs and MSSPs under one umbrella. I also have distribution, the cloud service providers (CSPs), telco, and then retail. I also have our new operational technology (OT) initiative, which is one of Fortinet’s key strategies for 2023.
The Fortinet channel is a very multipartner channel. I didn’t have seven or eight different routes to market previously. I may have had four. But now when you look at customer buying patterns — one of my colleagues used the term tri-partner engagement, where you have a GSI in an engagement, you’ve got a national partner in the same engagement, you’ve got a CSP in the same engagement., and then there may be a telco providing the connectivity. So thinking about how we all work together, that’s one of the opportunities that I saw here at Fortinet, to take my 30-plus years of experience and then manage those different channel routes to market and bring that together as customers are using all those different partner types.
CF: Fortinet’s FortiGuard Labs published its latest semiannual Global Threat Landscape Report. Among the findings, ransomware detections are down and one-third of APT groups were really active in the first half of the year. Is there any overall message for partners in this research?
KM: [Our customers say] their biggest concern right now is consolidation of all the technology that they have. So are we moving from ransomware to APTs? The answer probably is yes, but there’s still a blend of of attacks. The attack surface hasn’t changed, in my opinion. It’s gotten more complicated. So the advantage goes to a company such as Fortinet, which has a platform approach with a number of different solutions in order to address the changing landscape. Whatever environment exists today, I can tell you Fortinet is definitely positioned correctly with our platform approach in order to address that.
CF: Fortinet announced new SD-WAN services and an expansion of its secure networking portfolio. How will partners benefit from those?
KM: I’m proud to be a part of a company that’s very innovative. There were three things I looked at when I decided to join Fortinet. One was technology. And that’s technology leading to innovation. We’re definitely in that category. The other one was the culture of the company. And then there was general opportunity. I can tell you what I see with our partners is a services opportunity. One of the things that we are expanding through our partners is their ability to attach their services. Whether it be through our MSSP go-to-market strategy, partners now can look at the Fortinet portfolio and then add their expertise on top of that.
So [announcing] two new SD-WAN services, that allows our partners to then add their expertise on top of that and build a lot more knowledge around how to secure those environments, as they are complex. I’m really proud to say that since I’ve been here, we’ve probably announced five new, different products, and particularly three of them [last week] — the two SD-WAN services and FortiGate 90G series of next-generation firewalls (NGFWs) — again, expanding our portfolio, demonstrating our knowledge in cybersecurity.
CF: Is Fortinet being impacted by economic uncertainty? Also, how is it helping partners that are being impacted by economic uncertainty?
KM: I would be lying to you if I told you that Fortinet wasn’t being impacted. But it gives us the opportunity to sit down with our partner community, understand what their customers are asking them for, have conversations with our distributors and understand what programs we need to engage in, whether that be extended payment terms through our distribution partners or working with a partner on a solution. Maybe that means moving them from a traditional perpetual license to a subscription license, which helps them in the long term and creates that recurring revenue for them.
What I’m happy to say is that we have the solutions where a partner, based on their business model, can pivot to, and go from an on-premises solution to a cloud solution and still be very profitable with us. And that’s what we do when we sit down with our partners. We craft their business plans. We want to understand where they are trying to go, what they are doing in their environment, and is there a solution, an on-premises hardware solution? Or do we need to move you to a cloud where your financials change, but you can still be profitable over a longer period of time?
CF: AI and cybersecurity is a really big topic right now. How is Fortinet making use of AI in its solutions to prevent cyberattacks?
KM: Fortinet is definitely one of the companies that embraced AI a long time ago. Ai isn’t new to most of us in cybersecurity. We’ve been here. Through our FortiCare and FortiGuard programs, our customers are attached to us where we can get those threat feeds and we can work with our customers to help them protect their environment. We’re going to continue to do that. We’re going to continue to make sure that we are one of the leaders in using that technology to strengthen our position in cybersecurity and continue to make sure that comes back to our customers. So our partner community has access to FortiCare and FortiGuard, and then our customers through them. And I’m one of those people who believes in embracing AI and using it to our advantage, and that aligns with the Fortinet strategy.
CF: Is there a lot of confusion in the channel in terms of what AI means and what it can do? Therefore, is part of your job to communicate that to them and clear that up for them?
KM: There definitely is fear, uncertainty and doubt around AI. The thing that I would tell you is, yes, part of our enablement strategy has to be to talk openly about AI, and what it can and can’t do. Fortinet as a company has decided to embrace it. And as we sit down and talk to our partners, it’s our job to explain to them how we’ve embraced AI and what we’re doing with that technology. So you’re spot on. We have a role in educating our partners through our Engage Partner Program to make sure that they know where we’re going and how we’re using not just AI technology, but all new technology in order to strengthen our position in cybersecurity.
CF: What’s the latest in terms of feedback from partners? What are they telling you?
KM: One of the things I’m hearing a lot from partners is they’re concerned about undocumented changes. Partners want to make sure that they are aligned to the company. As they continue to build their business and they build their brand with their customers, they want to be as connected to Fortinet, connected to me, as possible. And that’s one of the things that I’m committed to, staying out in front, meeting with partners. When we don’t do that, it creates that fear, that uncertainty and that doubt. “Are you guys going to change technology? How is that going to impact my customer? Are you going to change your partner program? How is that going to impact my company?” That’s one of the key areas I’m hearing from partners.
And the other key element there is pricing. Partners want to understand if your pricing model is going to change and how that will impact them. I’ve always subscribed to being a very good communicator. I use the term “seven times, seven ways.” And that’s why having this conversation with you is part of that, making sure the partners understand who I am and know what I’m trying to do within the Fortinet channel as we build their business and our business together.
CF: What do you find most dangerous about the current threat landscape?
KM: What keeps me up at night is what’s new, what haven’t we found? It’s one of those things in security, I never want to get too comfortable in security. You ask yourself, have we seen all the threats? The answer is no. The concern is where is the next threat is going to come from. And that’s why having a platform approach, the way we do it at Fortinet, gives us the opportunity to say, “OK, we’re thinking about this from multiple different vectors.” We also have a single pane of glass in order to look into the environment to understand what’s going on. It goes back to your question around AI. Are we using the right technology to understand what’s happening out there in the wild? And are we making sure that we’re staying on top of our technology? That’s what concerns me the most. Where is the next threat going to come from and then how fast can we remediate that, and then protect our partners and our customers? That’s part of the strategy, not only to have technology on the front end, but also have responsive technology that helps remediate a problem as soon as possible, therefore reducing the risk to our partners and our customers.
CF: What can partners expect from Fortinet through the remainder of 2023?
KM: I spent the first six months listening. I told the Fortinet executives, the Fortinet team, as I did town halls internally and started talking to partners, that I was going to listen first. I didn’t come to the opportunity with, “I’m going to change this, I’m going to change that.” I wanted to listen. I’m to the point now where I’m turning the corner from listening to taking a look at how we can be more effective and how we can be more efficient. One of the the key words that my boss is using is efficiency. So what can partners expect from me in the next couple of months? We’re taking a look at everything from our partner relationship management (PRM) to the entire partner experience so we can make our relationship definitely more effective, but more efficient. There are the terms “time to market” and “time to value.” If I can help a partner get our solution into their hands a lot quicker because I’m more effective on how we manage inventory through our distributors, that’s a win. If I can get that experience through distribution down from an SLA that’s hours to an SLA that’s minutes, that’s a win. So those are the things that I’m looking at. How do we make it more effective, more efficient, more intentional so that when partners call Fortinet, they know that they’re going to get a solution, one that works? And they’re going to get it in a timely manner so they can respond to their customers. Those are the things that I’m thinking about. And by the way, I’m having a lot of fun because it’s a challenge, but it’s a challenge that I welcome. I’m coming to the job every day with a lot of energy and a new thought process on how I can make the experience better for our partner community.
In other cybersecurity news …
Tenable CEO Amit Yoran released a scathing post on LinkedIn criticizing Microsoft for its vulnerability reporting habits spanning over a decade.
Microsoft’s “lack of transparency” applies to breaches, “irresponsible” security practices and to vulnerabilities, all of which expose their customers to risks they are deliberately kept in the dark about, Yoran said.
“In March 2023, a member of Tenable’s research team was investigating Microsoft’s Azure platform and related services,” he said. “The researcher discovered an issue which would enable an unauthenticated attacker to access cross-tenant applications and sensitive data, such as authentication secrets. To give you an idea of how bad this is, our team very quickly discovered authentication secrets to a bank. They were so concerned about the seriousness and the ethics of the issue that we immediately notified Microsoft. Did Microsoft quickly fix the issue that could effectively lead to the breach of multiple customers’ networks and services? Of course not. They took more than 90 days to implement a partial fix – and only for new applications loaded in the service.”
That means the bank is still vulnerable more than 120 days since Tenable reported the issue, as are all of the other organizations that had launched the service prior to the fix, Yoran said.
“And, to the best of our knowledge, they still have no idea they are at risk and therefore can’t make an informed decision about compensating controls and other risk mitigating actions,” he said.
Tenable said after Yoran criticized Microsoft’s security practices, Microsoft published the patch initially expected at the end of September.
Microsoft didn’t respond to repeated requests for comment.
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), FBI and Five Eyes cybersecurity authorities issued an alert listing the 12 most exploited vulnerabilities throughout 2022.
The most exploited vulnerability in 2022 was originally disclosed back in 2018 and it affects Fortinet’s SSL VPNs. The continued exploitation indicates many organizations failed to patch software in a timely manner and remain vulnerable to malicious cyber actors, according to the alert.
Other vulnerabilities, known as ProxyShell, affect Microsoft Exchange email servers. In combination, successful exploitation enables a remote actor to execute arbitrary code.
Log4Shell, which affects Apache’s Log4j library, also made the list. A threat actor can exploit this vulnerability by submitting a specially crafted request to a vulnerable system, causing the execution of arbitrary code. The request allows a cyber actor to take full control of a system. The actor can then steal information, launch ransomware or conduct other malicious activity. Cybercriminals began exploiting the vulnerability after it was publicly disclosed in December 2021, and continued to show high interest through the first half of 2022.
Last year, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed ones, and targeted unpatched, internet-facing systems, according to the alert. Proof of concept (PoC) code was publicly available for many of the software vulnerabilities or vulnerability chains, likely facilitating exploitation by a broader range of malicious cyber actors.
Cybercriminals generally have the most success exploiting known vulnerabilities within the first two years of public disclosure. The value of such vulnerabilities gradually decreases as software is patched or upgraded. Timely patching reduces the effectiveness of known, exploitable vulnerabilities, possibly decreasing the pace of malicious cyber actor operations, and forcing pursuit of more costly and time-consuming methods, such as developing zero-day exploits or conducting software supply chain operations.
James McQuiggan, security awareness advocate at KnowBe4, said this target list is already a part of the arsenal used by cybercriminals to gain access to organizations’ networks.
“It’s like ringing the doorbell to see if anyone is home and turning the door handle,” he said. “If it’s unlocked, they go inside without any problem. Suppose the cybercriminals scan for these vulnerabilities on an organization’s external network devices like Exchange, Fortinet or Apache (Log4j). If the result comes back true, then it’s susceptible. In that case, organizations are making it easy for them to walk in the front door before doing any social engineering.”
While it’s essential to keep up with patches, developers must ensure they have patches for the known vulnerabilities available as quickly as possible to reduce the risk of attacks against their customers, McQuiggan said.
“Organizations will need ongoing vulnerability management and threat monitoring capabilities to reduce their exposure, especially to exploits of newly reported issues,” he said. “User security awareness and an alert security culture around potential threats leveraging new vulnerabilities also remain crucial.”
A new ExtraHop report shows public companies it examined saw net income drop an average of 73% roughly one year following announcements of a data breach.
ExtraHop examined the costs associated with data breaches at six organizations, calculating the sum of regulatory fines, legal settlements and cyber insurance, in addition to the longer-term effects on corporate earnings and stock price.
Nearly all organizations analyzed experienced a decline in quarterly earnings and stock prices after a data breach occurred. In one example, ExtraHop noted a company’s stock price fell nearly 21% the day after the breach was reported, and net income dropped 27% year-over-year in the quarter the breach was reported. These losses are in addition to over $1 billion in reported costs, including regulatory fines, legal fees, and multiple settlements with consumers, businesses and individual states.
“When a data breach hits, real people lose real money – it goes way past the upfront costs that accompany stolen records and the number of people affected,” said Patrick Dennis, ExtraHop‘s CEO. “Both investors and customers lose faith in the business, which has a ripple effect on the organization for years to come. It’s important that corporate leaders take a hard look at their budget and make the cybersecurity investments they need to more effectively manage risk.”
Organizations need full visibility into their network to track the movement of potential intruders and identify security threats before they become business problems, according to ExtraHop. With full network transparency, organizations can uncover the truth about attackers to see more of what they’re doing and stop them with greater speed, precision and frequency.
A new ExtraHop report shows public companies it examined saw net income drop an average of 73% roughly one year following announcements of a data breach.
ExtraHop examined the costs associated with data breaches at six organizations, calculating the sum of regulatory fines, legal settlements and cyber insurance, in addition to the longer-term effects on corporate earnings and stock price.
Nearly all organizations analyzed experienced a decline in quarterly earnings and stock prices after a data breach occurred. In one example, ExtraHop noted a company’s stock price fell nearly 21% the day after the breach was reported, and net income dropped 27% year-over-year in the quarter the breach was reported. These losses are in addition to over $1 billion in reported costs, including regulatory fines, legal fees, and multiple settlements with consumers, businesses and individual states.
“When a data breach hits, real people lose real money – it goes way past the upfront costs that accompany stolen records and the number of people affected,” said Patrick Dennis, ExtraHop‘s CEO. “Both investors and customers lose faith in the business, which has a ripple effect on the organization for years to come. It’s important that corporate leaders take a hard look at their budget and make the cybersecurity investments they need to more effectively manage risk.”
Organizations need full visibility into their network to track the movement of potential intruders and identify security threats before they become business problems, according to ExtraHop. With full network transparency, organizations can uncover the truth about attackers to see more of what they’re doing and stop them with greater speed, precision and frequency.
In the months ahead, Fortinet partners can expect to see improvements in how the vendor works with them resulting in faster time to market and time to value.
That’s according to Ken McCray, Fortinet’s vice president of channel sales. He joined Fortinet in January and replaced Jon Bove in the role. Before that, he was with McAfee for more than 28 years, and most recently served as head of channel sales and operations.
Bove is now Fortinet’s vice president of sales for U.S. enterprise.
Last week, Fortinet announced its financial results for the second quarter of 2023. It reported a 25.5% increase in revenue compared to the year-ago quarter. It also saw profit jump from $194 million to a little more than $300 million. However, it reduced its annual revenue forecast amid tighter spending from enterprise customers and economic uncertainty.
Profiting with Fortinet Partners
Fortinet’s Ken McCray
“Our partners are a key part of our strategy,” McCray said. “It goes back to the opportunity and why I believe that I’m here. On the economic side, we want to make sure that our partners are profitable. And truly, what does that mean? You could say, ‘Hey, Ken, that’s another soundbite. But when I talk to partners, I want to know where we fit in their financial mix. I want to know, do we have a double-digit percentage of their business? Because then I know that we’re material to them. That materiality equals profitability. And we think about our technology, whether it’s on the services side or whether it’s on the product side, our partners have a great opportunity to add their expertise, their knowledge on top of that and drive not only their financials, but contributing to Fortinet’s financials. And it’s a good position to be in.”
Fortinet also launched new SD-WAN services to further simplify operations and enhance its customers’ digital experience, and expanded its secure networking portfolio to further drive the convergence of networking and security.
See our slideshow above for more from McCray about what Fortinet partners can expect in the months ahead, and more of the week’s cybersecurity news.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like