cyber trends
The cyberthreat landscape is evolving
rapidly and companies need a different
approach, as the security challenges
posed by Digital Transformation projects
need addressing. One such approach is
a dynamic, risk-adaptive product such as
Forcepoint’s Dynamic Data Protection.
Hassan El-Banna, Business
Development Manager,
META, Genetec
In the Middle East, organisations are
most susceptible to attacks. According
to a study by McAfee, the UAE is the
second most targeted country in the
world for cybercrime, costing the
Emirates an estimated US$1.4 billion
per year.
Taking time to
implement a
cybersecurity
risk assessment
to educate your
workforce and
prevent malicious
attacks is vital.
Evidently, there is a strong need
for organisations to implement risk
assessment. Risk assessment tests
should be conducted on a recurring
basis in order to catch vulnerabilities,
inefficiencies and non-compliance with
standards for security policies. If an
organisation does not assess and manage
risks, they are vulnerable to attacks.
Today, technologies are continuously
evolving so your organisation must
assume that cyberattacks will evolve
too. Taking time to implement a
cybersecurity risk assessment to
educate your workforce and prevent
malicious attacks is vital. Cyberattacks
are no longer simply a technology
issue. They affect the entire business
and can have a huge financial impact
www.intelligentciso.com
|
Issue 18
on an organisation. The costs can
include cleaning up and restoring a
network as well as re-establishing trust
with partners and customers alike.
According to a 2017 research study
conducted by the Ponemon Institute,
the average cost of a data breach in
the Middle East alone has reached
US$4.94 million.
In addition, cyberattacks are now
targeting IOT devices such as video
surveillance, access control, alarms and
communications. According to industry
analyst firm, Gartner, by 2020 more
than 25% of cyberattacks in enterprises
will involve IoT devices. And yes, that
includes the very devices that are
supposed to help keep us safe. That
alone could give businesses a false
sense of security.
Rajesh Ganesan, Vice President –
ManageEngine
Of course, every region has its own
set of cybersecurity threats and
challenges and hence has to formulate
a specific plan to manage cyber-risks
based on their financial, political and
cultural demographics. For example, the
relatively high concentration of oil and
gas companies in the GCC region makes
them an exclusive target for hackers like
organised ransomware groups.
Due to the enormity of the financial
and operational impact it can make,
such groups work with high levels of
motivation to leverage the same type of
attacks across multiple companies. To
combat this, companies must get their
act together and learn from each other
to build strong layers of security.
Similarly, the GCC countries are
also some of the pioneers of
having digitisation as an
important government
policy which is driving
the entire region to
become one of the most
digitally connected. In the
same vein, while the states are
trying to bring about legislative
measures to counter cyberthreats,
arriving at a common technical and
legal framework and implementing it
across the region has been a challenge.
This has a profound impact on the
companies of the region too.
And the cultural aspect plays a critical
role too as the GCC region has been
most welcoming to many expats, who
in fact outnumber the locals in some
states. The multiculturalism brings
many advantages but also paves
way to multiple threats in the form of
residents who are either temporary or
have their own jurisdiction. It has been
well-established that while the number
of incidents because of insiders is
always typically low, the consequence
of any insider attack has always been
enormous and catastrophic. Bringing
together people of varied culture and
approach to handling sensitive business
information is a top challenge in any
company’s list.
While technologies evolve very fast, the
adoption is caught up globally, fairly
easily, and the application of technology
is getting to be standardised. In addition
to standard information security
procedures, CISOs should also focus
on the strong regional factors that could
pose strong cybersecurity threats. u
CISOs should also
focus on the strong
regional factors that
could pose strong
cybersecurity
threats.
21