MACAU – Media OutReach – 27 April 2021 – COVID-19 has been a catalyst for faster digital transformation across all sectors. As organizations have overcome the uncertainties and difficulties of the pandemic and achieved greater efficiency, new ways of working have also led to new cyber threats emerging to take advantage of the current situation.

On a typical day in 2020, Macau’s Cybersecurity Incident Alert and Response Centre received 1,600 initial cybersecurity risk alerts. It also issued 38 warnings to critical information infrastructure operators last year. Macau recognizes the importance of cybersecurity and introduced the Macau Cybersecurity Law (MCSL) in 2019. Under the MCSL, public and private critical infrastructure operators have to maintain adequate management and security levels for their information networks and computer systems, adopt cybersecurity systems and establish reporting mechanisms.

To safeguard Macau organizations from cyberattacks while they push forward with digital transformation, Fortinet suggests three measures to step up cybersecurity capabilities.

1. Adopt Zero-Trust Access and segmentation strategies


Ransomware remains a prevailing threat that can cause enormous loss of money and reputation, especially for healthcare, professional services, consumer services companies, public sector organizations and financial services firms. FortiGuard Labs data shows a sevenfold increase in ransomware activity in the second half of 2020 compared to the first half, with multiple trends responsible for this increased threat.

To effectively deal with the evolving risks of ransomware, organizations will need to ensure data backups are timely, complete, and secure off-site. Adopting zero-trust access and segmentation strategies can minimize risk and segmentation is especially critical when collecting and correlating large amounts of data in single and multiple network environments. Consistent policies across the network can more effectively manage and secure the movement of data and applications.

2. Use an Automated Security Fabric Platform to safeguard the expanded digital attack surface

Under the MCSL, all critical infrastructure operators must adopt a cybersecurity management system and develop internal measures for monitoring and responding to security incidents. However, the increased use of personal devices for remote working outside the corporate network can make organizations vulnerable to cyber threats as it expands the attack surface.

An automated security fabric platform has become essential for organizations with increasingly complex network environments, enabling then to operate securely across the core network, multi-cloud environments, branch offices and remote workers. The platform minimizes risk by providing broad visibility and control over the entire potential digital attack surface. Powered by machine learning, this automation level looks out for new cyber threats, to enable speedy prevention, detection and responses.

3. Provide education to overcome the cybersecurity skills gap


With increasing cyber threats and the implementation of the MCSL, the need for skilled cybersecurity professionals in Macau is more crucial than ever. According to the Center for Strategic and International Studies, global shortages in cybersecurity talent affect 82% of organizations. To address this skills gap and establish a more secure organization, education and training are fundamental, but they should be customized to address different roles’ unique situation. The underlying principles of cybersecurity awareness should run as a common thread throughout every training program.

Cyber criminals are leveraging advances in computing power to create new and advanced threats at unprecedented speed and scale. To staying one step ahead of cyberthreats and comply with the MCSL, organizations must act now to maximize their investments in cybersecurity platforms designed to provide comprehensive visibility and protection across the entire digital infrastructure, including networked, application, multi-cloud, and mobile environments.

About Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers our customers with complete visibility and control across the expanding attack surface and the power to take on ever-increasing performance requirements today and into the future. Only the Fortinet Security Fabric platform can address the most critical security challenges and protect data across the entire digital infrastructure, whether in networked, application, multi-cloud or edge environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 480,000 customers trust Fortinet to protect their businesses. Both a technology company and a learning organization, the Fortinet Network Security Expert (NSE) Training Institute has one of the largest and broadest cybersecurity training programs in the industry. Learn more at https://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.

Copyright © 2021 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiADC, FortiAP, FortiAppMonitor, FortiASIC, FortiAuthenticator, FortiBridge, FortiCache, FortiCamera, FortiCASB, FortiClient, FortiCloud, FortiConnect, FortiController, FortiConverter, FortiDB, FortiDDoS, FortiExplorer, FortiExtender, FortiFone, FortiCarrier, FortiHypervisor, FortiIsolator, FortiMail, FortiMonitor, FortiNAC, FortiPlanner, FortiPortal, FortiPresence , FortiProxy, FortiRecorder, FortiSandbox, FortiSIEM, FortiSwitch, FortiTester, FortiToken, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLCOS and FortiWLM.

Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.