scams where a bank’s internal systems
and ATMs are breached. Fortunately, this
has not happened in Bahrain yet, which
makes it essential for us to be alert and
focus on early prevention. attack, organisations should always
expect that many attacks will reach their
staff, and the only real defence towards
this is to train and educate staff to be
more vigilant.
How can you help them
overcome these threats? Why is it
better to prevent attacks in their
infancy and what is the best way
of doing this? Conducting awareness sessions and
regularly updating your employees on
the latest attack techniques and threats
will help reduce the risk of malware or
compromised data.
At CTM360, we believe that a pre-emptive
approach is always the best choice. This
includes tackling threats in infancy and
neutralising threats before they affect
your systems. Currently, the cybersecurity
industry focuses on Indicators of
Compromise (IOC) which is not wrong.
However, we do need organisations to
prioritise Indicators of Warning (IOW) and
Indicators of Attack (IOA). What are the most worrying
security threats in the region?
To properly tackle cyberthreats, it is
essential that we give sufficient attention
to all stages of the Cyber Kill Chain rather
than focusing on one segment alone. Another example that is also worrisome
is when a widespread breach happens
which causes one or more organisations
to block their systems temporarily.
Though reversible, it is still destructive.
Another way to help is to ensure that all
organisations have DMARC appropriately
configured on their domains. DMARC
stands for Domain-based Message
Authentication, Reporting and
Conformance and is fast becoming a
global standard.
The effectiveness of this standard
has also inspired the origination
of DMARC360, another one of my
technology start-ups, with a mission to
ensure all organisations are DMARC
compliant. Through DMARC360,
organisations are able to implement
digital signatures on their domains to
avoid common email threats, including
impersonations (BEC), spoof emails and
scams that damage an organisation’s
brand reputation.
What is the best way for
companies to protect themselves
from phishing?
This has to be addressed in two parts.
Firstly, through technology to ensure
organisations block all known ‘phish’
URLs. Secondly, since cybercriminals
are continually finding new ways to
76
The most worrying threat is when an
organisation’s system gets compromised
and can no longer be used (i.e Shamoon
attack). This is one of the most
disruptive types of attacks because it
can hold the system down and the user
has no control whatsoever.
What advice would you give
to CISOs, so they deliver an
effective multi-layered approach
to security?
The best advice is to identify and fill
gaps through a multi-layered approach.
More often than not, security teams
focus more on one layer and neglect
the rest. The problem is sometimes,
a particular attack type arises which
leaves security teams to focus on one
layer and completely lose sight of all
other segments.
It is best to ensure that security is
practiced in a balanced manner to have
full visibility and sufficient attention to all
layers of security. To do this, it is crucial
that IT security, information security and
cybersecurity teams collaborate and
tackle threats together.
Finally, put a stress on training
and educating all levels of staff on
being more vigilant when it comes to
cybersecurity, this should include board
members and executives as they are
highly targeted individuals. u
Issue 13
|
www.intelligentciso.com