CRN Recognises WatchGuard in its Annual 100 People You Should Know List

24 September, 2024 by The Editor

WatchGuard is thrilled to share that CRN has selected WatchGuard’s Adisa Hairlahovic as an honoree in its 100 People You Don’t Know But Should list for 2024! This prestigious list recognises the dedicated, talented people who work behind the scenes in the IT channel to set their company’s partners up for success. CRN’s editorial team compiles the annual list to highlight the contributions of these channel professionals in areas such as partner program development and management, sales, channel marketing and partner enablement, among others.

As a channel marketing communications specialist at WatchGuard, Adisa is dedicated to amplifying the voice of WatchGuard’s partners. She ensures that their perspectives and feedback are incorporated into WatchGuard’s strategic planning and decision-making processes. Some of the key initiatives she owns to meet this goal include:

Survey Management: Adisa manages WatchGuard’s partner surveying process to gather valuable insights that directly influence strategies and actions, ensuring WatchGuard remains responsive to evolving partner needs and expectations.
Partner Blog Management: Adisa oversees WatchGuard’s partner blog, enabling partners to customise their communication preferences and receive content tailored to their needs.
Partner Advisory Council Leadership: Adisa leads WatchGuard’s Partner Advisory Council, cultivating a collaborative environment where partners can share insights, discuss industry trends, and provide feedback on WatchGuard’s products and services. The council is pivotal in aligning WatchGuard’s strategies with the needs and expectations of its partners, driving mutual growth and success.

You can read more about Adisa’s recognition in CRN’s 100 People You Don’t Know But Should list for 2024 online here and in the October issue of CRN Magazine.

Zero Trust + AI: fewer alerts, guaranteed security

10 September 2024 By Carlos Arnal

Excessive cybersecurity alerts are not a trivial matter; they pose a real challenge that directly impacts business security strategies. Too many notifications generate stress on IT teams, which are increasingly being reduced in size while facing a heavier burden of tasks. This situation can lead to urgent alerts being overlooked, putting system security at risk.

Many endpoint security tools delegate the task of manually classifying threats and managing alerts to the administrator, which increases workload, liability, and stress on teams. This also consumes valuable time that should be spent on higher-risk incidents, enabling an effective response before a threat spreads and its impact grows. In cybersecurity, reaction time is a critical factor, as it can make the difference between an immediate and effective response or the threat spreading and potentially inflicting more serious damage on systems.

A recent study by Hack The Box indicates that 84% of cybersecurity professionals experience stress and burnout due to technological acceleration and the increasing sophistication of threats. In an environment where ransomware has become a ubiquitous danger, with more than 317 million attempts detected in 2023, security analyst fatigue represents a serious risk to businesses. How can this issue be addressed?

Traditional Detection Systems vs Zero Trust Application Service

The solution to these challenges isn’t adding more tools. The best way forward is to adopt services and solutions that enable greater automation and accuracy to lighten the workload. Services such as WatchGuard’s Zero Trust Application Service provide a new way to manage endpoint threat detection by combining a zero trust approach with artificial intelligence (AI) to deliver more efficient security that is less dependent on human intervention.

Compared to traditional systems, this service presents major advantages such as:

• Improved detection: traditional systems rely on signature files and predefined rules to detect known malware. This limits their ability to detect new or unknown threats, as they require constant database updates and manual adjustments. By using AI to classify 100% of processes in real-time, without relying on known signatures, it is possible to detect and prevent sophisticated threats, including unknown threats.
• Automation: Most traditional systems rely on manual intervention to classify threats, which increases the workload of IT teams, thereby raising the risk of inaccuracies in threat classification and detection. Conversely, the Zero Trust Application Service automates the process of classifying applications and processes, significantly reducing the margin of error and freeing IT teams from repetitive tasks.
• Reduction of false positives: traditional systems can generate false positives and uncertainty in classification, requiring manual analysis. This delays response time and increases security team fatigue. In contrast, by providing accurate, uncertainty-free, real-time classification, this service minimizes false positives by enabling faster and more effective responses.
• Adaptability: while traditional systems require continuous adjustments and have trouble adapting to the constant sophistication of threats without human intervention, this service automatically adapts to new threats thanks to its AI-based system.
• Continuous Monitoring: there are types of malware known as zero-day that are camouflaged or unknown to many companies and that most traditional security systems fail to detect. This represents a major risk, as these systems often rely on manual monitoring and classification by the administrator. On the other hand, the Zero Trust Application Service continuously monitors processes and applications in the pre-execution, execution, and post-execution phases. This allows constant monitoring of any process classified as unknown, and if any suspicious or unusual actions are performed, the process is immediately classified as malware, blocking its execution and proceeding to removal.
  The Zero Trust Application Service included in WatchGuard EDR is a prime example of how it is possible to offer a more efficient defence while mitigating the stress and burnout associated with alert fatigue. With this goal in mind, this service is based on a clear premise: trust nothing and no one without first verifying. This ensures that only applications and processes verified as safe are run on the devices.

This is thanks to machine learning algorithms that analyse hundreds of static, behavioural, and contextual attributes of each application in real-time. This approach allows 99.98% of processes to be automatically classified, which drastically reduces the number of alerts that require human intervention. The remaining 0.02% is analysed by a team of top-tier threat analysts who manually assess any ambiguity.

By recommending tools and services that simplify the work of your customers’ IT teams, as an MSP you are not only demonstrating a deep understanding of their needs but also positioning yourself as a strategic ally in protection. With Zero Trust Application Service, the entire process of threat classification and alert management is performed automatically, freeing IT teams from repetitive tasks so they can focus on incidents that are important or require more in-depth analysis. This enables you to provide robust, easy-to-manage security, differentiating you from competitors who still rely on more traditional and complex approaches. This boosts customer satisfaction, strengthens long-term relationships, and makes your offering stand out in the marketplace, driving business growth.

This New Wi-Fi Attack Can Intercept Data Traffic

20 August 2024 By Kirk Jensen

The growing complexity of networks and connected devices makes implementing effective cybersecurity an increasingly complicated task. While businesses have shown more awareness of the need to elevate their security posture in recent years, several fundamental cyber hygiene issues still need to be addressed.

Researchers have recently warned that wireless access points (WAPs) and routers are among the devices that pose the most significant security risks to companies. Unfortunately, this concern has not gone away. Moreover, new techniques are emerging, such as SSID confusion attacks, where cybercriminals exploit a loophole in the IEEE 802.11 Wi-Fi standard to create fake Wi-Fi networks with identical names to legitimate networks. This tricks devices into connecting to the fraudulent network instead of the authentic one. This means that if the device is configured to disable VPN on trusted networks, it will be automatically disabled when connecting to the fake network, exposing the user’s traffic. This allows hackers to intercept and spy on confidential user information, seriously compromising user security.

What makes these devices a potential threat?

• Default configurations:
  Many devices come preconfigured with settings that facilitate installation and initial use, but this also makes them vulnerable to cyberattacks. Weak passwords, unprotected open ports, or unnecessary enabled services are among the most sensitive settings. If users neglect to change them, these predefined access points become a weakness that cybercriminals can exploit.
• Lack of firmware updates:
  Firmware is the software in devices’ internal memory that controls key functions such as booting, hardware management, and communication with software. Keeping firmware up to date is essential to safeguarding IT device security. Outdated firmware exposes vulnerabilities that attackers can use to access sensitive information, take control of devices, or even spread malware on the network.
• Constant connection to the network:
  These devices’ uninterrupted connectivity provides cyber criminals with a continuous access path. They are often linked directly to the Internet without the necessary protective measures, such as firewalls or proper segmentation of the network infrastructure.
• Critical infrastructure:
  Routers and wireless access points are essential components of a company’s critical infrastructure, acting as gateways between its networks and the outside world. If an attacker compromises these devices, they can access a large part of the network and other connected devices.
• Lack of monitoring and management:
  Despite being business critical, these devices often go unnoticed in terms of their importance to network security. Lack of proper monitoring and management can make them a security blind spot. Implementing tools that provide adequate visibility can detect unusual activity, intrusion attempts, and other breach indicators.

It is important to recognise that while IT devices, such as routers and wireless access points, are crucial for corporate network connectivity, they also represent a potential gateway for cyber threats. Implementing cybersecurity solutions designed to protect these critical points is necessary in today’s threat landscape.

Deploying a tool that offers centralised management and monitoring, automated security updates, and strong encryption and authentication can ensure a secure wireless environment. In addition, using advanced firewalls that deliver comprehensive threat protection, including intrusion prevention, application control, web filtering, and spam blocking, is key to protecting these devices from potential attacks. Maintaining a proactive and robust cybersecurity posture is imperative to address current challenges and achieve a secure corporate network.

Uncovering the Duality of Generative AI: How to Protect Your Clients

18 July, 2024 by Carlos Arnal

Artificial intelligence (AI) is revolutionising our world, emerging as a powerful tool that simplifies daily tasks and drives technological advancements. Generative AI, in particular, has shown immense potential across various fields, from real-time translation to content generation. Its integration into security solutions has enhanced detection and response times, and automated repetitive tasks. However, the duality of AI means it also presents significant risks, particularly in terms of security.

The Dual Nature of AI: Benefits and Risks

Generative AI’s capabilities are vast and varied, offering substantial benefits such as improved efficiency and innovation in cybersecurity. Yet, the use of AI is not always well-intentioned or correctly executed and it can expose confidential or sensitive data that may impact both individuals and organisations, as there is no control over how this information is handled.

As a result, in some sectors, such as education, it is becoming increasingly common to limit use or block access to AI tools in infrastructures to prevent inappropriate or unwanted use. Moreover, we shouldn’t forget the rise in AI-driven cyberattacks, as these threats are growing more sophisticated and complex to detect.

Why Generative AI Control Matters

The escalation of cyber threats requires a comprehensive understanding and mitigation of security risks within organisations. According to a McKinsey study, while 53% of organisations acknowledge the existence of AI-related cybersecurity risks, only 38% are actively engaged in efforts to mitigate these risks. The risks include:

• Confidential Data Leaks: Generative AI tools can inadvertently expose sensitive information.
• Cybersecurity Threats: Cybercriminals may exploit generative AI to launch sophisticated, hard-to-detect cyberattacks.

Companies and IT security teams need to adapt to this trend and be prepared to incorporate AI into their day-to-day work but in a secure and controlled way. Regular reviews of security strategies and tools are essential to maintaining effective protection and adopting the appropriate solutions. Leveraging AI and ML technologies can revolutionise the detection and classification of potentially harmful processes and applications, ensuring networks and systems remain secure.

How WatchGuard Integrates AI and Uses It to Protect Customers

To ensure that networks and systems are well protected and free from external threats that could compromise the security of sensitive information, it is essential to have tools that include AI and ML-based technologies that revolutionise the detection and classification capabilities of potentially harmful processes and applications.

Therefore, solutions that include these technologies and incorporate zero-trust approaches in their models are great allies in achieving this goal. WatchGuard has been working in this direction for years and using this innovative technology to its advantage to improve its protection model and reinforce its customers’ security. Their advanced Endpoint Security solutions have a secret weapon, the Zero-Trust Application Service, which uses AI to accelerate detection times and classify 100% of applications and processes in an automated way. This proactive approach prevents sophisticated cyberattacks from bypassing protection measures, providing you with the tools needed to better protect your clients.

Accordingly, apart from integrating AI into their solutions, they also recognise the importance of its responsible usage. Their advanced tools, such as the Web Access Control functionality in their Endpoint Security solutions, and WebBlocker and Application Control in Firewall Security Services, are key features that help partners prevent AI misuse in customer environments. These features give you the ability to manage and restrict the use of potentially harmful AI applications in client environments, ensuring secure interactions within and outside the corporate network. By providing a controlled environment, you can easily and effectively mitigate the risks associated with AI misuse.

Updates to the WatchGuardONE Rebate Program

01 July, 2024 by Joseph Tavano

WatchGuard is excited to announce an important update to the WatchGuardONE rebate programme, effective July 1, 2024. This update, made with feedback from their valued partners, is part of their continued commitment to partner engagement and success, as well as to reward and incentivise sales performance and growth.

The main objective of this new programme structure is to provide you multiple pathways to more predictable rewards, so you can plan for and achieve rebates in a more flexible way that’s best suited for your business. The new rebate programme structure will feature three goals that can be individually achieved and rewarded, each contributing to your maximum potential rebate incentive.

The New WatchGuardONE Rebate Programme Structure

Gold and Platinum Partners

Sales Volume Goal — 3%

• This back-end rebate goal can be achieved by exceeding your volume-based target.

Growth-Based Goal — 2%

• You will earn a 2% rebate if your quarterly WatchGuardONE eligible US MSRP exceeds a 10% increase over the same quarter in the prior year.

Gold Partners with Three Specialisations or more and Platinum Only

Engagement-Based Goal — 2%

• Platinum and Gold partners with three or more specialisations have the opportunity to achieve an additional 2% rebate. The goal for this 2% rebate will be an objective that will focus on your engagement with the WatchGuard platform in a variety of ways, including but not limited to deal registration, new product training and/or certifications, trial volumes, promo adoption, new customer wins, and more.

WatchGuard hopes you are excited by these upcoming changes and the flexibility you will soon have to target the rebate rewards most beneficial for your business.

For more detailed information regarding these upcoming changes, please read the FAQ that should provide answers to any questions you may have, or speak with your account manager.

Updates to WatchGuardONE Technical Certification Renewals

01 July, 2024 by Joseph Tavano

WatchGuard are excited to announce that the process for renewing your technical certifications just got easier!

Effective July 1, 2024, you will now renew your technical certification once a year by taking a technical certification booster course related to the specialisation you are renewing and then passing a quiz. The process for how you earn your initial technical certification will remain unchanged at this time.

Additionally, there no longer will be any requirement to re-take a proctored exam through Kryterion, at the cost of $200 USD, to renew your technical certification.

Furthermore, there will be no costs associated with renewing a technical certification as long as you keep your certifications current.

Please read the in-depth FAQ for even more information on this change to the WatchGuardONE program. Should you have any further questions, please reach out to your Purdicom account manager.