David Finger, VP of Product & Solutions

Jon Speer, Director of Product & Solutions

Agenda

 ǀ The State of the World Today

 ǀ What This Means for Security Teams
 ǀ What to Do About It
 ǀ The Fortinet Solution
 ǀ The Benefits

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 2

The State of the World Today
Complex
Cybersecurity Market and Industry Drivers
Driving Infrastructure Evolution Evolving Threat Landscape

How we interact with customers, suppliers, Cybercriminals are adopting APT-like tactics to
infrastructure, and employees is changing develop and scale attacks faster than ever

Work from Anywhere Digital Acceleration

Cloud Nation Ransom as
Sponsored a Service

Kaseya Hermetic REvil

VSA Wiper

Operational Technology
Application Journey Connectivity
Growing Attack
Surface AI-enabled OT

SolarWinds | Log4j Swarmbot Colonial

Wipers |
Pipeline

© Fortinet Inc. All Rights Reserved. 4

Digital Initiatives Increase Complexity

Today’s
Public Cloud Internet Data Center SaaS Edge Compute
Challenges
• Applications are
distributed
• Users are working from
anywhere
• More devices are
attaching to applications
Users and Device Security Network Security Cloud Security Security Operations
• Too many IT and
security stacks
• Too many vendors
+ + + + • Cybersecurity skills
Home Travel Campus Branch Factory
shortage
Users and Devices
Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 5
What Does This Mean
For Security Teams
Challenge for Security Operations
Keeping pace with evolving threat landscape across an expanded attack surface

Expanded Attack Surface: Digital innovation

(including WFA, cloud, and supply chain)- has
expanded the attack surface and cyber exposure

Evolving and Evasive Attacks: Increasingly

sophisticated multi-stage campaigns mimicking
legitimate activities often evade security.

Security Complexity: Large number of security

products & consoles, slow identification and
response, exacerbated by the cyber skills shortage

Fortinet Privileged
Go Back& Confidential
End © Fortinet Inc. All Rights Reserved. 7
Poll Question #1

What is Your Top Cyber Security Concern?

a. The evolving threat landscape
b. The expanding digital attack surface
c. The exhaustive number of security alerts
d. The complexity of our security infrastructure
e. All of the above equally

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 8

Life is Harder
52% believe security operations are more difficult today

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 9

It’s Harder for Exactly The Reasons at the Start

© Fortinet Inc. All Rights Reserved. 10

What To Do About It
In the Real
Recommendations for Cyber Security in 2023
Simplify security architectures and infrastructure through consolidation and convergence

Organizations are challenged with a Seek out opportunities to consolidate

security product landscape that is security tooling and start planning
wide and varied with different levels and evaluating your current vendors
of integration and interoperability. to align them with a cybersecurity
mesh architecture (CSMA).
In this landscape, organizations are
unable to make contextualized Seek out tooling to simplify
enforcement decisions fast enough architecture and increase capabilities
to meet business needs. through consolidation and
convergence in all environments

Source: Gartner. 2023 Planning Guide for Security. October 2022.

© Fortinet Inc. All Rights Reserved. 12
Most Organizations are Consolidating Security Vendors
Especially by moving towards XDR

Source:
Gartner. How SASE, XDR and Security Vendor Consolidation Are Shaping Your Security Strategy. June 2022. © Fortinet Inc. All Rights Reserved. 13
Primary Benefits Are Not Financial
Better risk posture, security capabilities, strategic fit, make life easier on the team

Source:
Gartner. How SASE, XDR and Security Vendor Consolidation Are Shaping Your Security Strategy. June 2022. © Fortinet Inc. All Rights Reserved. 14
The Fortinet Solution
An Automated SOC
Security Fabric Solution: Automated SOC
AI-driven coordinated protection across an expanded attack surface

Early Detection (EDR | NDR | UEBA I Deception | Recon)

Endpoint and other behavior-based sensors to
detect and stop attacks along the kill chain

Centralized Response (SEIM | SOAR | Fabric Analytics)

Correlated data for investigation, validation and
response across the attack surface

Training and Preparation (Readiness | SAT| Response)

Assessment, practice, certification and
augmentation to supplement in-house teams

AI-powered Security Services

Intelligence and engines to detect and respond
faster

Fortinet Privileged
Go Back& Confidential
End © Fortinet Inc. All Rights Reserved. 16
Fortinet Products & Services - Automated SOC
Reduce Cyber Risk with People, Technology and Process Optimization

Training and Preparation

Employee Training
and Awareness

InfoSec
Training

Onboarding &
Training
NSE
Cybersecurity
Professional Education

Security Assessment
& Readiness
Incident
Response
& Readiness

Incident Readiness
& Response
Incident
Response
& Readiness

Organization readiness through

assessments, training & visibility

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 17

Fortinet Products & Services - Automated SOC
Reduce Cyber Risk with People, Technology and Process Optimization

Training and Preparation Early Detection and Response

Employee Training Behavior-based AI

and Awareness

InfoSec
Training FortiEDR FortiNDR

Onboarding &
Training
NSE
Cybersecurity FortiSIEM
Professional Education UEBA

Security Assessment
& Readiness
Incident
Response FortiRecon FortiDeceptor
& Readiness

Incident Readiness Threat Feed

& Response
Log enrichment from
Incident endpoints, networks,
Response application and clouds
& Readiness

Organization readiness through Difficulty detecting

assessments, training & visibility sophisticated attacks

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 18

Fortinet Products & Services - Automated SOC
Reduce Cyber Risk with People, Technology and Process Optimization

Training and Preparation Early Detection and Response Centralized Response

Employee Training Behavior-based AI Analytics Platform Orchestration

and Awareness Playbooks

InfoSec
Training FortiEDR FortiNDR
FortiAnalyzer FortiXDR

Coordinated Workflows
Onboarding &
Training
NSE
Cybersecurity FortiSIEM
Professional Education UEBA
FortiSIEM FortiSOAR

Security Assessment
& Readiness
Managed Services Active Incident
Incident Augmentation
Response FortiRecon FortiDeceptor
& Readiness

Incident Readiness Threat Feed

& Response SOCaaS Managed
Detection & Incident
Log enrichment from Response
Incident endpoints, networks, Response
Response Service
application and clouds
& Readiness

Organization readiness through Difficulty detecting Challenged to

Close the skill gaps automate response
assessments, training & visibility sophisticated attacks

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 19

 The Platform- Integrated Components
Reduce Cyber Risk with People, Technology and Process Optimization

Continuously monitor across the digital attack surface and along the cyber kill chain

Users Early Detection & Response Public Cloud

Endpoints
FortiDeceptor FortiRecon FortiEDR FortiNDR FortiSIEM
UEBA Private Cloud
Telemetry

Devices
Applications

Data Center
FortiAnalyzer FortiSIEM FortiSOAR FortiXDR

Networks

Centralized Response
SaaS
Dark Web

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 20

 Kill Chain Mapping - Automated SOC
Reduce Cyber Risk with People, Technology and Process Optimization

Recon Weapon Delivery Exploit Installation C&C Action

FortiRecon FortiRecon FortiNDR FortiDeceptor FortiDeceptor FortiNDR FortiAnalyzer

AV+ANN Threat detection, analysis, esponse Enageg, Defuse Lateral Movement Event handlers & reports
FortiEDR FortiSIEM
FortiDeceptor FortiEDR FortiEDR FortiEDR Defuse compromised
FortiDeceptor Control vulnerable apps Defuse exploit endpoint Rules Engine & Threat Hunting

FortiSOAR
FortiClient FortiClient FortiClient FortiClient Playbooks

FortiGate FortiGate FortiGate IOC

FortiGate (HW/VM/CN/SASE) Threat hunting
(HW/VM/CN/SASE) (HW/VM/CN/SASE) (HW/VM/CN/SASE)
Products &
Solutions Web application FortiProxy FortiProxy FortiCWP FortiSIEM
Outbreak
Detection
UEBA
FortiADC FortiADC FortiSIEM
UEBA
FortiWeb ZTNA
FortiWeb Auto tagging
Web application

FortiMail FortiClient
Endpoint search
FortiSIEM
UEBA
FortiCASB FortiEDR|XDR

FortiCWP FortiDeceptor
Threat intelligence, & attack
isolation

Credential Stuffing Anti-malware, AV pre-Filter, SBX, IPS, Application, FW, URL, AV Botnet, C2, DNS
FGD
Prevention Service Endpoint Vulnerability Protection, IOT, OT
AI-Powered App Control, IL CASB, Credentials
Security

SOC
Augmentation Know Your Risks & vulnerabilities Train your SOC Managed Detection & Response Augment your SOC Respond Faster and More Effectively
By FortiGuard Security Assessments IRR, Playbooks, Training MDR SOC as a Service Incident Response

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 21

Poll Question #2

How would you describe your organization’s use of AI / Automation?

a. We have little to no AI or automation for cyber security
b. We have some AI for early detection, but not comfortable for
automation
c. We have some automation, but haven’t deployed much AI for
early detection
d. We have a lot of AI and/or Automation
e. I can’t say

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 22

The Benefit
Faster detection, faster response, lower cost of a breach
Fabric Benefits: Automated SOC
AI-driven coordinated protection across an expanded attack surface

Integration with distributed security controls

across network, endpoint, application and
Faster Mean time to Detect cloud covers the expanded digital attack surface

-54 days Artificial Intelligence applied across the cyber

kill chain detects components and activity
designed to bypass traditional security and hide
among legitimate operations

Automation and Augmentation speed a

comprehensive, coordinated response and ease
the burden on in-house security teams

Fortinet Privileged
Go Back& Confidential
End © Fortinet Inc. All Rights Reserved. 24
Ponemon. 2022 Cost of a Data Breach Survey. Use of AI and Automation.
Fabric Benefits: Automated SOC
AI-driven coordinated protection across an expanded attack surface

Integration with distributed security controls

across network, endpoint, application and
Faster Mean time to Detect Faster Mean time to Contain cloud covers the expanded digital attack surface

-54 days -20 days Artificial Intelligence applied across the cyber
kill chain detects components and activity
designed to bypass traditional security and hide
among legitimate operations

Automation and Augmentation speed a

comprehensive, coordinated response and ease
the burden on in-house security teams

Fortinet Privileged
Go Back& Confidential
End © Fortinet Inc. All Rights Reserved. 25
Ponemon. 2022 Cost of a Data Breach Survey. Use of AI and Automation.
Fabric Benefits: Automated SOC
AI-driven coordinated protection across an expanded attack surface

Integration with distributed security controls

across network, endpoint, application and
Faster Mean time to Detect Faster Mean time to Contain cloud covers the expanded digital attack surface

-54 days -20 days Artificial Intelligence applied across the cyber
kill chain detects components and activity
designed to bypass traditional security and hide
among legitimate operations

Automation and Augmentation speed a

Lower Average Breach Cost comprehensive, coordinated response and ease
the burden on in-house security teams
-$3.05M

Fortinet Privileged
Go Back& Confidential
End © Fortinet Inc. All Rights Reserved. 26
Ponemon. 2022 Cost of a Data Breach Survey. Use of AI and Automation.
Recap
Consolidate Vendors, Detect Earlier, Respond Faster
Recap
1. Three out of Four Organizations are Consolidating Cyber Security

2. Fortinet Automated SOC Offers Early Detection, Centralized

Response and Training / Preparation

3. Organizations Using AI/Automation Report Faster Time to Detect,

Time to Contain and Lower Breach Costs
Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 28
Poll Question #3

What would you like to most learn more about right now?
a. The various early detection technologies we might deploy
b. One or more of the central response options your offer
c. Services to help with preparation, ongoing monitoring or
response…just in case
d. All of the above equally
e. None at this time

Fortinet Privileged & Confidential © Fortinet Inc. All Rights Reserved. 29