GULF BUSINESS MACHINES
has a security strategy programme in place. Whether it’s effective or not, that’s another question, but at least more organisations are heading in the right direction.” This significant progress in the mindset of organisations was also driven by increased regulations in the market, according to Nofal. “The implementation of GDPR in Europe last year has pushed many regional enterprises, to re-think how they are dealing with some of the security and privacy issues.” Although we have seen a move towards greater protection from cyber risks, there’s still more that needs to be done. Companies today must understand that preparation against a security breach should not be purely focused on defensive tactics, but rather it is important to invest in resources that facilitate detection and response. According to GBM’s latest study, 69 percent of Gulf companies consider preventing attacks as their top security concern while only 31 percent of Gulf organisations have detection and response as their key priority in their cybersecurity strategy. “We have to recognise that a cyber breach is not a matter of ‘if,’ but ‘when’,” says Nofal. “But enterprises should also understand that there is no ‘one-size-fits-all’ when it comes to security,” he explains. “Every organisation is different and the assets within them are different. Therefore, a vital step that organisations need to take is to be prepared for what’s coming.” According to Nofal, shifting the focus and investments from conventional reactive cybersecurity methods of prevention to proactive detection and response is key to ensuring effective security. “Simply installing firewalls and anti-virus software are no longer enough to defend against cyber-attacks,” he explains. “Now the game has changed. If an organisation’s security practice is too focused on how to prevent attacks, it will be vastly outgunned and unprepared for the damage that an inevitable breach will cause. There’s an opportunity within the early stages of a breach for the security teams to detect, gain intelligence, analyse and stop the cyber-attack. In addition, they can use such intelligence to familiarise themselves with the type of attack so they can be better prepared for the future.”
ENTERPRISES SHOULD UNDERSTAND THAT THERE IS NO ‘ONESIZE-FITSALL’ WHEN IT COMES TO SECURITY.”
As the threat landscape grow to become more sophisticated than ever, prevention alone is no longer viable as the sole security strategy. However, this does not mean that prevention is unimportant, it simply reiterates the need to transform security strategies into one that strikes a balance between prevention and better detection and response. A shift that is slowly but surely taking place in enterprises across the globe. In fact, recent figures from Gartner highlighted that security spending is expected to reach $113 billion by 2020, with a big chunk of investments focused on enhancing detection and response capabilities. “We are definitely seeing this important shift happening in the region as well,” says Nofal, “not only in the mindset but also in investments.” “Despite this transformation, a vast majority of regional firms are lagging behind and we still have a big room for improvement. But I think it’s something that will improve in the next few years,” he explains. Another vital element for an effective security scheme that organisations need to keep in mind is visibility. “We always say that you cannot protect what you don’t see. Unfortunately, one of the main challenges in an increasingly digitised world is we end up creating a lot of systems that work in silos,” says Nofal. “The lack of integration among enterprise systems creates numerous cracks that threat actors can exploit.” Nofal says is this where GBM’s role becomes crucial. “As a trusted security solutions provider in the region, we ensure that we bring in the latest solutions from all the vendors and we create a fabric that will provide organisations with a holistic security strategy.” To facilitate enhanced visibility in the face of growing numbers of sophisticated cyber threats, a unified security operations centre (SOC) is emerging as a vital asset in defending enterprises. “SOC combines the technology and human and makes it a perfect solution for those who are not comfortable putting their entire security practices in the hands of machine learning or those who are concerned about human error,” he explains. “GBM can help you design, build and run an SOC that protects critical data, reduces risk, provides deep security insight and enhances governance.”
5