V O L U M E 0 3 | I S S U E 0 9 | A U G U S T 2 0 1 7 SPECIAL SUPPLEMENT BY Gone are the days when a news outbreak on cybercrime was like a comet that struck the earth occasionally....... 14 SECURITYSTRATEGICPARTNER STEPSAFECYBERSPACE TAKE TOWARDSA A
GBM continues to innovative and provide next-generation cybersecurity services Know your risks and mitigate them today! • Cyber Security Assurance • Information Security Strategy and Roadmap • Integrated Compliance (ISO, NESA, BCP) • SCADA/IOT Risk Assessments • SOC Consulting Unless you know your risks, you can’t mitigate them www.gbmme.comABU DHABI • BAHRAIN • DUBAI • KUWAIT • OMAN • PAKISTAN • QATAR
THE NEXUS OF GCC COUNTRIES FOR FUTURE ECONOMY Unveiling the investments, roadmap, technolgies and key infrastructure pillars that put GCC on the map of global competitiveness www. gec360.org ORGANISED BY 28TH NOV 2017 FORUM 2017 CRITICALTHE INFRASTRUCTURE BROUGHT BY
ë EDITORIAL TO ERR IS HUMAN. TO RECTIFY IS HUMAN TOO. PUBLISHED BY ACCENT INFOMEDIA MEA FZ-LLC PO BOX : 500653, DUBAI, UAE 223, BUILDING 9, DUBAI MEDIA CITY, DUBAI, UAE PHONE : +971 (0) 4368 8523 A PUBLICATION LICENSED BY INTERNATIONAL MEDIA PRODUCTION ZONE, DUBAI, @COPYRIGHTUAE 2013 ACCENT INFOMEDIA. ALL RIGHTS RESERVED. WHILE THE PUBLISHERS HAVE MADE EVERY EFFORT TO ENSURE THE ACCURACY OF ALL INFORMATION IN THIS MAGAZINE, THEY WILL NOT BE HELD RESPONSIBLE FOR ANY ERRORS THEREIN. PRINTED BY AL GHURAIR PRINTING & PUBLISHING LLC. MASAFI COMPOUND, SATWA, P.O.BOX: 5613, DUBAI, UAE INFO MEDIA ANUSHREE DIXIT Assistant anushree@gecmediagroup.comEditor EXECUTIVE DIRECTOR: SANJIB MOHAPATRA FOUNDER AND COO: TUSHAR SAHOO GROUP EDITOR: SANJAY sanjay@gecmediagroup.comMOHAPATRA M: +971 555 119 432 ASSISTANT EDITOR: ANUSHREE RONAKSALESINFO@GECMEDIAGROUP.COMSUBSCRIPTIONSDESIGNER:LEADVISUALIZER:NIZAMUDDINBUSINESSREPORTER:anushree@gecmediagroup.comDIXITDIVSHABHATdivsha@gecmediagroup.comCONTENTDEVELOPER:AISHAKHANaisha@gecmediagroup.comMANASRANJANVISUALIZER:DPRCHOUDHARYAJAYARYAANDADVERTISINGSAMANTARAYronak@gecmediagroup.com M: + 971 555 120 490 KHYATIkhyati.mistry@gecmediagroup.comMISTRY M: + 971 556 557 191 SOCIAL MARKETING & DIGITAL RICHAPRODUCTIONYASOBANTCOMMUNICATIONMISHRAyasobant@gecmediagroup.com&CIRCULATIONSAMANTARAY + 971 529 943 982 DESIGNED BY
04 AUGUST 2017
Yes, humans may be the weakest links in secu rity, as experts say; but we have to remember that the one launching the attack and the one being attacked are both humans. It is not very far from today that humans or insiders would not be the link, but the epicenter of security Itbreaches.istimeto emerge and rise!
Many service providers and partners are coming up with training programs to better position the IT heads to combat the rising threats. On one hand, we would definitely advice the end-users not to brush these events aside as yet another event in a calendar, but choose wisely based on their domain requirements and try to garner the knowledge; On the other hand, we would also encourage the vendors and their partner ecosystem to collaborate with the customers and tailor programs that are in sync with the requirements of the customer, rather than pushing the solutions through.
Starting from 2018, once VAT is introduced in the region, organizations would be in the need for additional storage, back-up archiving solutions and it would be equally important for organizations to guarantee the security of the documents and rise above the traditional archiving solutions.
Today, it is inevitable that an organization will be targeted. If you hear someone saying that they are too small an organization to be targeted, then they have just opened the doors for an attack fire and wide.
The horizons are just getting wider and wider. Make sure you are armed with the needed security keys. !
COVER STORY CONTENTS Gone are the days when a news outbreak on cybercrime was like a comet that struck the earth occasionally. Today, cyber-attacks are wreaking havoc in the world every day. A broader approach to cyber resilience is not just a necessity. TAKE A STEP TOWARDS A SAFE CYBERSPACE14 GUEST MANAGEMENTTHREATEFFECTIVEDRIVINGINNOVATIONARTICLE IN CYBERSPACE 12 MY ENVIRONMENTSFORSECURITYCOMPREHENSIVEVIEWSCOMPLEX 28 MY AREVIEWSYOU SURE YOU DIDN’T SHOULDN’TSOMEONEAUTHORIZEYOUHAVE? 30 MY CATERINGVIEWS TO THE FUTURE OF IDENTITIESSECURE 13 05AUGUST 2017
ENDUSER
STREETCHANNEL
CHIEF
SENIOR
“The behaviour of end-users, most commonly unin tentionally malicious, are often the root-cause of data breaches, which is why SANS has worked to pinpoint the shortcomings of security awareness programs and provide enterprises with a clear outline for how they can overcome these” stated Ned Baltagi, Managing Director, MEA at SANS.
REPORTAWARENESSSECURITYNEWREVEALSSANS2017
SOPHOS NAMED A LEADER IN UTM MAGIC QUADRANT Sophos has once again been positioned in the “Leaders” quadrant of Gartner’s “Magic Quadrant for Unified Threat Management.” The quadrant is based on an assessment of a company’s ability to execute and completeness of vision. Sophos is one of only three vendors to be placed in the Leaders quadrant in this latest report. Sophos is the only IT security company to be consistently positioned as a Leader by Gartner in both the January 2017 Magic Quadrant for Endpoint Protection Platforms and the Magic Quadrant for Unified Threat Management.
MIMECAST
DAN SCHIAPPA, GENERAL MANAGER AND VICE PRESIDENT FOR SECURITY AT SOPHOS JENNINGS, OPERATING OFFICER AT
06 AUGUST 2017
Mimecast Reveals its Third Quarterly ESRA
SANS 2017 Security Aware ness report has revealed the lack of time dedicated to employee training and the lack of communication skills as the key reasons organizations’ cyber security awareness programs fail to meet their objectives. In identifying these factors, the researchers also found that women are twice as likely as men to be dedicated full-time to cyber security awareness. The report further went on to specify human resource allocation, partnerships, hiring of dedicated profes sionals, and fostering of security ambassadors as the four areas organizations need to focus on to dramatically improve the effectiveness of their awareness campaigns.
ED
Mimecast Limited announced the results of its third quarterly Email Security Risk Assessment (ESRA), a report of the results of tests which measure the effec tiveness of incumbent email security systems. This quarter’s assessment noted a continued challenge of securing organizations from malicious attachments, dangerous files types, impersonation attacks, as well as spam – with nearly a quarter of “unsafe” email being delivered to users’ inboxes. Among the email security services assessed, the tests found that using Mimecast in conjunction with prominent cloudbased email service providers, including Google G Suite and Microsoft Office 365, would substantially improve results by blocking thousands more email-borne attacks. The report indicates the need for organizations to enhance their cyber resilience strategies for email with a multi-layered approach that includes a third-party security service provider.
“These quarterly Mimecast ESRA reports highlight the need for the entire industry to work toward a higher standard of email security” said Ed Jennings, COO at Mimecast.
MOVE MANAGEIT. IT. USE IT. It’s your data. Your Betweenstrategy.cloud30%to45%of cloud spend is wasted (…is that right? That can’t be right.1) A smart multi cloud data management approach is critical. Your data: securely moved, well managed and effectively used. You’re smart, and that’s right. COMMVAULT AND THE CLOUD - SIMPLY POWERFUL. 1 State of the Cloud Survey, RightScale, January 2017 COMMVAULT.COM | +971 4 375 3491 | TALKTOUS@COMMVAULT.COM © 2017 COMMVAULT SYSTEMS, INC. ALL RIGHTS RESERVED. FY18CLD_MiddleEastAd_ACN_v1.6.indd 1 7/17/2017 10:06:19 AM
08 AUGUST 2017
ESET sees increase in use of phones to access online banking, to buy goods through consumer websites and to access public services. The data up for grabs is a goldmine for both identity thieves and fraudsters. A surge in connected cars, smart traffic management as well as development in appliances we’re familiar with, such as fare payments for public transport, will form part of that IoT revolution. The down side of smart mobility is that the use of GPS is integral to its functionality – and GPS is seen as an easy target by cybercriminals. Many gamers, for instance, use it to cheat at the popular augmented reality game Pokemon Go. Exactly what a cybercriminal could do with data that reveals the location of your car or the last tube journey you took is a chilling thought – as is knowing where you areManufacturingnot. processes can now be networked to provide greater efficiency as well as real-time diagnostics and rapid response. However, smartphones could pose a vulnerability. Company gateways that connect IoT devices to networks are made as secure as the devices themselves. However, the rise of bring your own device to work policies could leave a gaping hole if these networks are accessed via smart phones that don’t have the same security credentials. ARE IOTSECURITYTHREATENINGSMARTPHONESTHEOFOURDEVICES?
ESET revealed the key risks of using smart phones. Recent years have seen an upsurge in internet-connected medical devices and fitness trackers, many of which feed data to or can be controlled via apps on our phones. This means that such devices now contain valuable data about our health and wellbeing that are vulnerable to cyberat tacks. IoT objects increasingly rely on smart devices with sensors built in and applica tions to support them. The problem with this is that the infrastructure to shore up and support the security of the data being funnelled through our phones simply does not exist yet. It isn’t just medical data that can be exploited, either.
Smart buildings operate as a link between the physical and digital world and leverage data to optimize operations and lower facility costs, while increasing safety and sustainability. Cyber threat actors have demonstrated capability and intent in hacking building automation systems, safety systems, and critical environmental technology. Smart system network designs must be secured, if integrated with IT systems and networks, to make sure internal systems are not exposed to new threat vectors from building automation systems..
“This certification serves as validation, that the solution has passed rigorous compatibility testing and is ready for enterprise grade deployment. We are also excited to be a part of the McAfee Security Innovation Alliance program, where we can work together to help customers build an adaptive security defense against advanced threats” said Attivo Networks CEO, Tushar Kothari.
Attivo Networks revealed that Attivo Threat Defend now integrates with the McAfee ePolicy Orchestrator platform to provide a comprehensive solution for advanced threat management and response. This technology integration combines the Attivo ThreatDefend Platform with the McAfee ePO console for increased detection of in-network threats and detailed attack forensics and accelerated incident response. Additionally, the company has joined the McAfee Security Innovation Alliance partner program. Under the SIA program, the companies will work together to integrate ThreatDefend technology with McAfee Advanced Threat Defense, providing customers an adaptive defense solution to combat modern day advanced threats.
BAH Emphasizes on Cyber BuildingsSmart TUSHAR KOTHARI, CEO, ATTIVO ATTIVONETWORKSNETWORKS ACHIEVES INTEGRATION WITH MCAFEE EPOLICY ORCHESTRATOR PLATFORM
As smart cities become a reality in the GCC, smart buildings are increasingly becoming more prevalent because of the optimized efficiency and convenience they offer, for both operators and tenants. However, wider adoption of smart building technology should stimulate corporations and govern ments to ensure that they are adequately prepared for potential cyber risks, stated in a comprehensive report titled ‘Cybersmart Buildings’ co-authored by Booz Allen Hamilton and Johnson Controls.
10 AUGUST 2017
Symantec provides an in-depth look at how attackers are increasingly adopting ‘living off the land’ tactics – something Symantec touched on in its Internet Threat Security Report earlier this year.
Recent attacks by the Calicum/Fin7 group against restaurants in the U.S. has shown how effective these tactics can be; The most common dual-use tool in 2017 was sc.exe, followed by remote access tools such as VNC: Dual-use tools are ubiquitous, which means an attacker can hide in plain sight. System and dual-use tools are fre quently used to gather information about a freshly compromised system. These tools have also been used during lateral movement or to exfiltrate stolen data. This activity blends in with normal system administration work, making it difficult to detect; Embedding malicious scripts in the registry is the most common fileless persistence method, seen on around 5,000 computers per day: The most popular fileless load point mechanism is storing a malicious script in the Windows registry. Trojan.Poweliks, Trojan.Kotver and Trojan. Bedep make heavy use of this method.
McAfee released Disrupting the Disruptors, Art or Science?, a new report investigating the role of cyberthreat hunting and the evolution of the SOC. Looking at security teams through four levels of leading,procedural,development—minimal,innovativeandthereportfindsthat
STME has issued a strong warning to the region’s business community about the potential vulnerability of IT systems following the global Wannacry attack in May 2017. It is estimated the attack affected 200,000 computers in 150 countries, including systems used by Fedex, Nissan and the UK’s National HealthAymanService.AlBayaa, CEO, STME, said: “Today, cyberattacks pave the way for extortion, bribery, blackmail, theft and even a complete blackout of systems, yet according to data from KPMG, only 50% of respondents have any counter attack measures in place. It is of vital importance that these firms and organizations stress test their systems and address all potential vulnerabilities.”
SYMANTEC: LIVING OFF THE LAND ATTACKS FLOURISH IN 2017 STME WARNS UAE BUSINESS TO PROTECT
The key findings include: The top four “living off the land” attack techniques are memory-only threats, fileless persistence, dual-use tools, and non-PE file attacks: Cyber criminals are adopting these tactics to spread threats like ransomware and financial Trojans, but nation-state targeted attack groups also make use of them.
advanced SOCs devote 50% more time than their counter parts on actual threat hunting. Per the survey, companies are investing in and gaining different levels of results from both tools and structured processes as they integrate “threat hunting” activities into the core security operations center. The key findings results are – On average, seventy-one percent of the most advanced SOCs closed incident investigations in less than a week and 37% closed threat investiga tions in less than 24 hours; Novice hunters only determine the cause of 20 percent of attacks, compared to leading hunters’ verifying 90%; More advanced SOCs gain as much as 45% more value than minimal SOCs from their use of sandboxing, improving workflows, saving costs and time, and collecting information not available from other solutions.
There are three trends driving cybercrime currently. New hacking technology has paved the way for automated attacks, meaning that it is only a matter of time before an unprotected system is detected and compromised. There has also been an emergence in hackers taking control of computers, with access to all the information IT AL BAYAA, CEO, STME
CISCO REVEALS 2017 MIDYEAR CYBERSECU RITY REPORT NEW MCAFEE REPORT REVEALS SECRETS OF SUCCESSFUL THREAT HUNTERS
SYSTEMS AYMAN
“While the majority of organizations took steps to improve security following a breach, busi nesses across industries are in a constant race against the attackers. Security effectiveness starts with closing the obvious gaps and making security a business priority,”said Steve Martino, VP and CISO, Cisco. Cisco tracks progress in reducing “time to detection”, the window of time between a compromise and the detection of a threat.
employees and management see. Thirdly, hackers copy and encrypt information that may be useful to them – bank details, log in codes – and can use these to re-access the system and even post a ransom demand. STME believes that knowledge is the first link in the chain of stopping an attack. STME provides an informative consultancy service to clients, covering the security climate in general and the options available.
The Cisco 2017 Midyear Cybersecurity Report uncovers the rapid evolution of threats and the increasing magnitude of attacks, and forecasts potential “destruction of service” attacks. These could eliminate organizations’ backups and safety nets, required to restore systems and data after an attack. Also, with the advent of the Internet of Things, key industries are bringing more operations online, increasing attack surfaces and the potential scale and impact of these threats.
NOMINATE NOW GLORY AWAITS THE CHAMPIONS! For more information, write divsha@gecmediagroup.comronak@gecmediagroup.comanushree@gecmediagroup.comto BROUGHT ORGANISEDBYBY HONOURING THE BEST NOMINATION DEADLINE IS 1ST SEPTEMBER 2017
It is time to raise the bars and touch new milestones, yet again as the 4th Annual GEC Awards 2017 is set to go on stage this October. Ruling the pre-GITEX stage since the past 4 years, GEC Awards has become the fastest growing industry awards in the region and a major referral for ICT champions in the MEA region.
12 AUGUST 2017
Cyber threats evolve at a rapid pace and corpora tions often adopt incident response plans to prevent or remedy any damage. The traditional interpretation of incident response revolves around a preventive and reactive mind-set, one that binds practitioners to a wait-and-see approach heavily dependent on procedures and technologies; however, with cyber attacks appearing both targeted and opportunistic, it is increasingly difficult to justify giving attackers any leeway or time to mobilize an attack.
CTM360 developed its offensive defense mind-set upon seeing how escalating external attack types were passively being addressed only once they impacted the perimeter or induced panic. In response, the company developed Cyber Incident Response capabilities that stemmed from a clear grounding of how the dynamic threat landscape may be tackled preemptively. Currently catering to 25 of the Top 50 GCC banks, as well as a host of other entities in different verticals and geographies, CTM360 remains at the forefront of an ever-evolving cyber threat landscape and acts as a complementary layer of security to the IT security and Information Security departments. This gives cyber security coverage to organiza tions that may not hold a specialized department, function or expertise to truly understand, detect and then counteract against external threats. Whilst many solutions have jumped upon the cyber security bandwagon, few providers have successfully reconciled the true definition and role of different security functions. As per CTM360, a simplistic analogy towards defining
The new reality of cyberspace, as seen by CTM360, requires corporations to think more offensive defense, i.e. be able to identify and tackle threat vectors early, well before the threat can manifest as an attack and look to neutralize it, thereby defending home base. This approach not only enables companies to control their internal environment, but also empowers them to quickly resolve threats originating from cyberspace.
ë
the roles of IT security, information security and cyber security may be mapped directly from the real world: (1) IT security mimics the role of the police, with the mission of enhancing the user experience but in a secure manner; (2) Information Security holds the mission of guard ing information assets (not users), sits on the perimeter of an organization and best resembles the role of the army, i.e. securing both perimeter and critical information assets that may be anywhere within the organization; (3) lastly, Cyber Security focuses on attacks and not users or assets, requiring agility and innovation to keep up with changing variables, much like the role of an intelligence agency within an external threat environment (i.e. cyberspace); however, integrat ing the relatively new function of Cyber Security with Information and IT Security departments also remains a considerable organizational challenge, but much less than the current status where clear boundaries based on each function’s mission are not defined.
CTM360’s cloud-based Cyber Incident Response Unit (CIRU) is the pivot of their com prehensive offerings, offered in modular form as a service. Team CTM360 does not require access to a company’s infrastructure or data and operates independently in cyberspace to detect, analyze and mitigate any malicious or suspicious activity that may have potential impact. This service offering performs fast incident response in cyberspace, ably supported by CTM360’s ability to strengthen a member’s security posture through internet-facing asset inventory and audit. CTM360 thrives on the key principles of determination, innovation and agility and has quickly flourished as a successful cybersecurity offering from the Middle East, one of a few profit able cyber security startups from the region.
ARTICLEGUEST
INNOVATION DRIVING EFFECTIVE THREAT MANAGEMENT IN CYBERSPACE
MIRZA ASRAR BAIG, CEO, CTM 360
The Dubai government’s initiative for the Smart City has opened big opportunity for the IoT solution providers. How do you plan to position yourself in GITEX? What would be your key focus areas? This year we are more focusing on Solution Distribution. It means our system integrators no more need to source other component of the solutions from other sources. Screen Check will be a single source for the total solutions. We see Gitex as a good platform in the region for us to showcase our innovative products and solutions more over it a meet ing point for our resellers and customers in the region. ë
FAISAL MOHAMED GENERAL SCREENCHECKMANAGER,
MY VIEWS 13AUGUST 2017
CATERING TO THE FUTURE OF SECURE IDENTITIES
“The customers are looking for solutions which secure their assets, business and enhance the bottom line. Since our customers are spread across 25 countries in the region we have a balanced market.” Based on your products/ solutions portfolio, how has the year 2017 come along for you so far? The first half of year 2017 was impressive and we are very much optimistic on H2. The foundation of ScreenCheck is Innovation. Thanks to the innovative products and solution lines we added which has generated good interest from the resellers and end customers. This year we have introduced Innovative food tags, Video Surveillance Solutions, Iris based Attendance and access Control solutions, RFID based key management solutions etc. The customers are looking for solutions which secure their assets , business and enhance the bottom line. Since our customers are spread across 25 countries in the region we have a balanced market. Certain political and economic situations in some markets do not have an overall impact on our business. The balanced product portfolio with a widespread market coverage keep our numbers and pipeline healthy. What are the latest trends in secure identities and what kind of demand do you see in this region? Secure Identity is an ever growing market. There are significant changes happening in this industry. We have seen the identity tool has changed from ID cards to biometrics and RFID. The latest trend is Digital ID where you store your ID or credentials on your phone in a digital encrypted format. This Digital Id can be used for multiple purpose including secure log on. Just think about your driving license is available on your smartphone and you transfer the data to the police man through Bluetooth and you use the same credentials to log on to a government service at their website. This is the future. How are your solutions working in sync with IoT and an increasingly connected world? Our products and solutions based on RFID which is one of the component of the IoT. The solutions like RFID based waste management and Emergency evacuation are definitely a necessity for Smart City where as Document, Asset, People tracking etc enables an organization connected.
TAKE TOWARDSA A 14 AUGUST 2017
STEPSAFECYBERSPACE
Gone are the days when a news outbreak on cybercrime was like a comet that struck the earth occasionally. Today, cyber-attacks are wreaking havoc in the world every day. A broader approach to cyber resilience is not just a necessity, on top of a robust firewall, but a much needed lesson to the digitization savvy enterprises.
COVERSTORY
According to news agencies, His Highness Sheikh Mohammed bin Rashid Al Maktoum, Vice-President and Prime Minister of the UAE and Ruler of Dubai, and Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum, Crown Prince of Dubai and Chairman of Dubai Execu tive Council, on Wednesday launched the Dubai Cyber Security Strategy that aims to strengthen Dubai’s position as a world leader in innovation, safety and security. Amidst all these developments, there is a ques tion that persists— How can humans cease to the weakest links in security?
T
RISING ABOVE THE HUMAN ERRORS When we say human error, it need not necessarily be a severe blunder. It can be a nano second of carelessness that can lead to atrocious external threats. The concept of people, processes and technology is a cornerstone of many organiza tion, but seldom are the maintained in the right equilibrium. In order to mitigate risks, organizations have to make sure that employees are trained and their skill sets are polished and in perfect sync with the surrounding or correlating processes and technology.
The launch of Dubai cyber security strategy is a big initiative and example towards that step.
he Middle East, specially the GCC, is becoming an eye candy for cyber criminals around the world owing to the mega achievements that the region has had in terms of its digitization initiatives. As the sophistication sphere gets stronger in the enterprises, so does the perimeter of vulnerability. The rising nature of attacks that are posing threat to the nation and the national grids have driven the need for the government to have its own protocol and standards for cyber security.
n BY: ANUSHREE DIXIT <ANUSHREE@GECMEDIAGROUP.COM> n PHOTO: SHUTTERSTOCK
15AUGUST 2017
MImecast advices building a ‘Human Firewall’ to manage this to an extent. “This educational layer encourages all users in an organisation to interrogate their inbox and take necessary steps to protect themselves and their organisation
Fred Juhlin, Global Senior Consultant, Axis Communications makes a very interesting comparison. He says, “If you think of it as the equivalent of a car thief wandering down a road trying door handles until he finds a car that has been left unlocked, then similarly it is easy to protect yourself from opportunistic attacks by following some standard cyber hardening recommendations – i.e. don’t leave your car door unlocked! Having a router with a firewall built-in, using hard-to-guess passwords on your computer and keeping your OS and software up to date are simple things you can do at home.
FRED JUHLIN, GLOBAL SENIOR CONSULTANT, AXIS COMMUNICATIONS
“In order to determine what security controls should be used to reduce your risks, it is important undertake threat modelling and risk analysis.”
“Implementing advanced security software does help, but Mimecast also advocates the building of a ‘Human Firewall” from cyberattacks.Humans are often the weak link in the cyber security chain, so businesses need modify their approach to cyber security in order to evolve the corporate mindset towards one of cyber resilience,” says Brian Pinnock, cyber resilience expert at Mimecast.
THE CYBER SECURITY STRATEGY PILLARS nation:smartsecurityCyber societysecurity-awareaBuilding Privacycyberspace:Secure dataofcyberspaceSafeInnovation: innovationfostering Availabilitycyberspace:ofFlexibility cyberspaceinsystemsITof theAchievingmodel:Global objectives.strategy’s 16 AUGUST 2017
BRIAN PINNOCK, CYBER RESILIENCE EXPERT AT MIMECAST
For those governments and companies in the Middle East that are now beginning to take cybersecurity seriously, the focus still remains heavily on securing systems against attack. This is done predominantly with training and IT-driven solutions with insurance tools gaining traction slowly.However, without a deep understanding of the relevant risks and the technical and legal strategies to manage risk, such organisations will remainMostvulnerable.cyber-security efforts at present are reac tive. Their focus is recovery from a cyber attack, as opposed to attack prevention. An effective and enduring national cyber-security program must include proactive cybercapabilities that can help to prevent attacks, such as information sharing and continuous monitoring for elevated situational awareness.A research by SophosLabs has also indicated a growing trend among cybercriminals to target and even filter out specific countries when designing ransomware and other malicious cyberattacks, which means cyber threats contain vernacular languages, local brands, logos and payment methods, making ransomware highly believable and effective.
THE EVOLVING CYBER CRIMINALS
ë
VIMAL KOCHER, MANAGING DIRECTOR FOR THE MIDDLE EAST REGION OF ARROW’S ENTERPRISE COMPUTING SOLUTIONS BUSINESS
According to Sophos, The growth in complex and coordinated attacks is outpacing many organizations’ ability to protect themselves, leading to increased losses from cybercrime.
“Our goal is to enable solution partners to understand, execute and deploy comprehensive security solutions across a spectrum of delivery platforms.”
HARISH CHIB, VP, MIDDLE EAST & AFRICA, SOPHOS
Also, Overstretched IT departments struggle to respond fast enough to threats entering their ever-expanding IT infrastructure. They don’t have the time or resources to manage the complex cross-product correlation needed to identify and stop advanced threats. According to Brian, “One way to overcome this is to have three different layers of security for your network to limit access to sensitive data through different tiers: a public or guest network, a private intranet network and finally, if necessary, a secure and limited access network. The three can be fed from the same internet pipe, provided they all are behind a properly configured and robust firewall device.”
CYBER SECURITY BEST PRACTICES n Maximize your ability to block threats n Identify threats before a breach occurs n Reduce costs n Keep you protected all-round the year n Remove complexity from security operations 17AUGUST 2017
CHALLENGES IN SECUR ING DATA
“Synchronized Security is a best-of-breed security system that enables security solutions to talk to each other, sharing information and responding automatically to threats.”
FINALLY Never underestimate the threat vectors or its potential targets. Remember, every drop counts and every dollar counts.
Keeping data secure from theft and vulnerability in today’s digital world isn’t as easy as putting a lock on the file cabinet - especially with the widespread adoption of cloud computing such as Office 365. Despite all of the security risks BYOD poses to an IT environment, the trend of businesses embracing bring your own device in the workplace continues to grow at a rapid pace
“Social engineering attacks are not only becoming more common against enterprises and SMBs, but they’re also increasingly sophisticated. With hackers devising ever-more clever methods for fooling employees and individuals into handing over valuable company data. The most common social engineering attacks come from phishing or spear phishing,” says Brian. “The cybersecurity landscape is a constantly changing environment, and enterprises are under tremendous pressure to deploy multilayer and comprehensive security strategy to keep up with today`s constantly evolving IT security landscape,” said Vimal Kocher, managing director for the Middle East region of Arrow’s enterprise computing solutions business. “Our goal is to enable solution partners to understand, execute and deploy comprehensive security solutions across a spectrum of delivery platforms, from data and endpoint security, threat prevention, and security analytics, to automated security and monitoring solutions. However, sound informa tion security management often involves people, processes, and technologies. It takes everyone, from the CEO to front-end employees in the organization to adopt daily security practices to prevent, detect, and respond to potential security challenges.”
According to a report from Mimecast, the number of impersonation attacks detected this quarter rose more than 400 percent quarter over quarter and that this simple method of attack is being exploited at an alarming rate as it can be used to dupe recipients into initiating wire-transfers and sending back other sensitive data leading to significant financial loss – as evidenced by widely publicized recent attacks.
Today,2017 reality is not very detached from a sci-fi movie or novel. Great minds like Issac Asimov had once imagined a future where humans and machine interacted on a same platform, in a unified language. Lo and behold! We are already coexisting. As the device becomes smaller and compact, the demands of the millennials are just climbing up the ladder
n
18 AUGUST
The ultimate need to have technology at one’s fin gertip (literally) has been the driving force behind the positive influx of wearables. Technology, as we all know, progresses from large to miniature unlike other subjects. A massive computer or computing machine that occupied almost your room in its entirety has been fastened to you wrist and affixed to your eyes. From smart wristbands to smart glasses, smart clothing, smart shoes and smart watches, technology has undergone a massive revolution as well as evolution. Streaming of the accu mulated data, record and back-up of the data on cloud, ability to structure it, authenticate it, control it and augment it have driven the demand for more sophisticated yet niche devices. BY: ANUSHREE DIXIT <ANUSHREE@GECMEDIAGROUP.COM>
n PHOTO: SHUTTERSTOCK WATCH IT WEAR IT WATCH IT WEAR IT
THE SHIFTSNOTEWORTHY
“Media and entertainment can become more immersive, video games can become more visually and physically engaging, and advertising can take advantage of highly targeted place ments with greater relevancy. When it comes to law enforcement, police officers will be able to adopt the use of tools similar to future versions of Google Glass, that use facial recognition to identify people along with their records in a timely manner,” says Dirk.
“Yes, like any other technology, wearables within an organization’s internal network can also threaten the cybersecurity of the organization. It all depends upon the design of the wearable technology and how well the design of the wearable has been thought of. A respected “If organizations take the risk of bringing untested and poorly designed devices into their internal network, the probability of a security compromise increases tenfold.”
THREATENING SECURITY
PENETRATING MORE INDUSTRIES EN ROUTE
VARUN KUKREJA, SECURITY CONSULTANT, GBM
INTERMINGLING WITH EVERYDAY LIFE
Varun Kukreja, Security Consultant, GBM says,“While we are only seven months into the year, there are already over 50 pieces of wearable technology to be excited about. I’d say the biggest shift in the wearable technology industry at this moment is the innovation. Right now, companies are scrambling for funding or raising their own Kickstarter campaigns to help crowdfund their innovations.”“Everyyear, more and more companies are joining the wearable technology market by introducing new products, and increasing competition. The constant improvement of products and the increasing rate of consumer adoption have become noticeable trends that are creating new opportunities for retailers to provide better experiences to consumers,” says Dirk Raemdonck, Marketing & Retail Develop ment - Manager, E-City
19AUGUST 2017
A report by Intel on wearable technology states a very beautiful relation between wearable technology and connected intimacy, which reads, “Wearable technologies are adding new layers to our personal relationships by extending the reach and power of how we communicate and share details aboutourselves regardless of distance. The constant connectivity of these devices builds aunique portrait of their wearers and creates a continuous link between people,simulating loseness, changing the way we understand one another and enabling newforms of attention and care.”.
“Wearable technology that can collect and deliver con sumer information at higher levels of efficiency than others, allows for marketing professionals to connect with consumers on a much more personal level.”
DIRK RAEMDONCK, MARKETING & RETAIL DEVELOP MENT - MANAGER, E-CITY
20 AUGUST 2017 DESIGN PRINCIPLES OF WEARABLES wearable technology manufacturer will have invested more money on R&D as compared to those who manufacture cheap knock-offs, so you really get what you pay for. Ultimately, the features included for convenience are usually used to compromise security,” says Varun. For instance, many smart bands and watches include a feature to unlock your phone, tablet, or laptop if you are wearing it. While this feature was created for the convenience of the user, it can surely be used for deconstructive purposes. ë Key Themes Driving Enhancements:Wearable n Bio-Tech Fusion n Synced Lifestyle n Organic Computing n Human Enhancement n Health Empowerment n Personalized ContextTECHWEARABLEFUTUREIQBYPUBLISHEDTOACCORDINGAREPORTINTELONTHEOF Source: Deloitte University Press
THE 6 KEYS TO UNLOCK YOUR GITEX POTENTIALS2017 WE CARVE THE PERFECT PLAN FOR YOU! ENTERPRISECHANNELSMEA (GITEX 2017 aroundMeticulouslyISSUE)weavedInfrastructureMarketinMEA. INSIGHTINFRA AnnualHandbookTechnology G LIVE The destinationUltimateforallGitexactions SURVEY The crucial step towardsyourattainingROI AWARDSGEC Awardingtheirorganizationsdeservingforunparalleledcommitment INTERVIEWVIDEO Bring your views to life. Accent Info Media MEA FZ-LLC 223, DMC – 9 Dubai Media City, Dubai, UAE SALES Ronak Samantaray Mob: +971 555 120 490 Email: ronak@gecmediagroup.com EDITORIAL Anushree Dixit Mob: +971 529 112 472, Email: Email:Mob:Divshaanushree@gecmediagroup.comBhat+971561553608divsha@gecmediagroup.com TO PARTICIPATE CONTACT 7
T
he network security market flourished 2016 with a worldwide revenue of $2.2 billion. According to MarketsandMarkets, the Wireless Network Security Market is expected to grow from $8.47 billion in 2014 to $15.55 billion by 2019, at a Compound Annual Growth Rate (CAGR) of 12.94% during the forecast period. The increase in the usage of mobile devices and the increase in demand for integrated security solutions are few of the aspects that lead to the growth of the network security market in the coming years. The growth of SaaS (Softwareas-a-Service) based network security solution is considered as the main factor in the growth of overall market. AGAINST NETWORK THREATS
RE-INVENTING NETWORK SECURITY FOR A CONNECTED FUTURE
Today,
n PHOTO:
Anti-virus and firewalls are no more the sole saviours of complex networks. this term has undergone a dramatic shift. Organizations that used antimalware are re-inventing security with the use of sensors for multi layered, centralized security systems. Businesses are also developing security technology that can understand artificial intelligence (AI) and machine learning (ML). DIVSHA BHAT <DIVSHA@GECMEDIAGROUP.COM> SHUTTERSTOCK
TAKING ARMS
With an increasing amount of people getting con nected to networks, the security threats are also rising. The CIO’s or the IT leaders are naturally cautious about their network safety. The organiza tions should look into mitigating risk by patching vulnerabilities. An unexpected connection could be an important sign of a possible breach which may pass unnoticed.
n BY:
22 AUGUST 2017
they stay ahead of hackers. Businesses are protect ing customers data with higher standards of security.In such a threat landscape, organizations are have taken several measures to combat the threats. “In keeping up with Global and regional trends, we have a very focused approach towards Cyber Security. We have recently launched our world class Cyber Defense Centre (CDC) in the UAE. This plays a very critical role in deploying advanced security intelligence and automation tools to identify threats quicker and with greater accuracy and precision. The way we do this is by scrutinizing threats with a combination of Threat Intelligence and end point technologies which are capable of detecting more complex threats and may be dormant in a customer’s environment” said Sachin Bhardwaj, Director - Marketing and Business Development, eHDF.
“We are actively involved in developing our cloud based capabilities, to provide the analytical ability to identify and contain data exfiltration, DNS tunnelling and other DNS related threats within the cloud”
“Organizations should monitor the health and activity of their network in real time, immediately patch security updates and fixes, and harden their systems via secure communication protocols. They should also routinely keep security and activity logs to help them prevent threats and provide much-needed support for forensic analysis and government compliance. Lastly, users should be fully aware of security challenges and where threats can come from” commented Biju Bhaskaran, Pre-Sales Manager, Alpha Data.
“In order to be agile and provide required protection, security solutions need total network visibility, including physical and virtual hosts, operating systems, applications, services, protocols, users, content, network behavior as well as network attacks and malware. We can of course deploy technology to fix the issue on visibility – In fact that is what we are doing for many organizations, but it is really also about understanding the attack vectors which spread these threats and then ensuring that those vectors are eliminated or the risk mitigated” said Nicolai Solling, CTO at Help AG.
BIJU BHASKARAN, PRE-SALES MANAGER, ALPHA DATA.
PETER GOODWIN, SALES ENGINEERING DIRECTOR EMEA, INFOBLOX
WHAT DOES RE-INVEN TION MEAN? To avoid breaches, organizationsare making sure NETWORK SECURITY TIPS TO MITIGATE RISKS n Training & Awareness n Establish a BYOD Policy n Defense in Depth Network Security n Unauthorized access n Back-up the data n Physically secure equipment and ports n Set up a log management system n Upgrade software with latest security patch n Promote a security conscious environment n Use two factor authentications
“Alpha Data can integrate sophisticated security technologies sourced from its global partner network with Security Operation Center (SOC) and other standard global security processes”
“The organization should look at deploying tools that provide the essential visibility and network context that allows security operations teams to detect and respond to breaches. There is no static network deployment which will mitigate all threats so organizations need to supplement the preventative security measures with rapid detection and response to minimize the impacts of breaches when they occur” said Peter Good win, Sales Engineering Director EMEA, Infoblox.
23AUGUST 2017
Cisco says, in 2020, as many as 1 million connections will be included to the web every hour. “We’re going to develop security deep into the network due to the fact that the network is going to be the platform throughout which all these connections enter your world and we need to begin preparing security the minute they hit the wire or we do not have a chance. So, security is deeply embedded to develop trust. All of this over time creates this adaptive system that comprehends your intent, has a level of trust built in, that then gets notified by context and continuously adapts and over time can really adjust itself based on exactly what it understands you’re trying to do and the context it has seen flow through the network” said Osama Al-Zoubi, Chief Technology Officer, Cisco Middle East.
approach“defense-in-depth”canhelpprovideasoundstrategyfornetworksecurity”
FINALLY AI will play an important role in improving network security. But, the bottom line is, there is no perfect security. Hackers will also look into the emerging technologies to bypass network security. Cyber-attacks are triggered by humans, so countering them requires human logic and cannot be solely done by machines. The need to protect network security will go on for a long time and the mitigation techniques will change but the attacks are not going to go away. ë
24 AUGUST 2017
“Creating layers of protection or a
to optimize network operations and
and
threat
eHDF eHDF’s suitavailableseveralortailormadetoallowsSecurityManagedServicescustomersavailofeithersolutionstheycancombineaspectsoftheservicestoindividualneeds Help AG Help AG malwarewhentriggeredbuildershuntingproactivedoesthreatforcustomformalwareandautomaticallyuse-casesweseemajoroutbreaks ALPHA DATA Alpha stages.attoandprocesses,skilledexceptionallypossessesDatapersonnel,toolstechnologiesidentifythreatstheearliest SOLUTIONSCOMPETENCY
SACHIN BHARDWAJ, DIRECTOR - MARKETING AND BUSINESS DEVELOPMENT, EHDF “Be sure to establish safe practices when using and accessing cloud services; don’t pass the responsibil ity of security to the cloud provider”
OSAMA AL-ZOUBI, CHIEF TECHNOLOGY OFFICER, CISCO MIDDLE EAST. “We actually have developers who only focus on these API’s and we believe that this elevates our services from just installing a box to build ing an end-to-end solution”
NICOLAI SOLLING, CTO AT HELP AG CISCO Cisco’s approach creates an intuitive system that constantly learns, adapts, protects, defend against today’s evolving landscape. excellent insight into what the compro mised host is doing and right at the heart of the network has a front row seat to what the adversary is trying to do.
INFOBLOX InfobloxDNS records give
and
26 AUGUST 2017
The antivirus program has been disabled.
l Your computer fails to respond to common inputs (Eg: Mouse freezes, Keyboard does not respond)
27AUGUST 2017
SYMPTOMS OF A ROOT
Rootkits are very difficult to detect and even harder to find. Once embedded in your computer, a rootkit disables antivirus program so that the built-in security functions ignore the rootkit and whatever it does. To detect a rootkit, when searching your system memory, monitor all ingress points for invoked processes keeping a track of imported library calls that may be redirected to other functions. A rootkit can be detected by any rootkit scanner but it will only suspend the rootkits. For the removal of a rootkit, there are different approaches. There is no guar antee that it will be removed completely. There are security experts who recommend formatting the drive and reinstalling the operating system.
l Disabled web browser applications.
l A spate of system crashes.
HOW TO RECOGNISE AND REMOVE ROOTKIT?
l
l Your network connection becomes slow or gets disconnected.
HOW TO PREVENT ROOT KITS AND BE SAFE?
WHAT IS A ROOTKIT?
l Without your permission, the settings in the Windows change.
KIT INFECTION
l Protect the devices by using updated antivirus software or firewall.
A rootkit is a type of software designed to provide hackers with access to your computer without your knowledge. It hides the fact that an operat ing system has been compromised sometimes by replacing vital executables. It can control any device remotely. It hides its presence within the lower layers of the operating system. It can get into a PC in many ways. The common way is through e-mail attachment or trojan horse. A rootkit can be installed in many ways. Surfing the web may result in installation of rootkit. Rootkits cannot spread by themselves but instead are one component of blended threats.
l Use a rootkit scanner and regularly scan devices with it.
ROOTKIT
l Use the internet only from a limited user account and not from an administrator account.
l Be careful of what you download or click on.
Security in digital enterprises is all about re-inventing the wheel and rising a notch above the regulars. A close look into how Barracuda Networks is evolving with the landscape and what difference Barracuda Sentinels is bringing to the security market.
Keeping in mind the recent attacks that happened, how can Barracuda help organizations prior and post attack? Barracuda uses multiple layers of technology and arti ficial intelligence to provide our security researchers with the best possible samples and data for analysis. This intelligence and analysis is fed back into our system to protect our customers all over the world.
Tell us more about Barracuda Sentinel? What difference is it bringing to the security market? Barracuda Sentinel is one of our latest innovations. It’s is the first com prehensive AI solution for spear phishing and cyber fraud defense. It’s a cloud service – no hardware or software to install/maintain, set up takes less than 5 minutes. It connects directly to Office 365 via API –no impact on network performance or user experience. Simply put, Barracuda Sentinel uses AI to learn an organization’s communication history to predict future attacks.
• Enforce, monitor, and educate: Education is a critical piece of a solid data protection strategy as attackers increasingly look to exploit “human networks” in targeted phishing and spear phishing campaigns.
MY VIEWS 28 AUGUST 2017
Barracuda Sentinel combines three powerful layers of artificial intelligence, domain fraud protection, and fraud simulation training into a comprehensive solution: AI engine learns existing communications patterns inside a com pany to identify anomalies and stop impersonation attempts and spear phishing attacks in real time, and the AI engine identifies high-risk individuals inside the company Domain fraud visibility and protection using DMARC authentication to guard against domain spoofing and brand hijacking Fraud simulation training to test the security awareness of high-risk individuals. What security advice would you give to a CISO? If you find yourself in one of the scenarios that we identified as “bad news,” don’t worry too much. These are things that can be fixed quickly, and then improved upon as you go along. You can start right now by evaluating your current data protection and recovery plan. Do you have one? Who is responsible for the deployment and manage ment of the plan? Is the plan being tested? Are there any gaps between your recovery objectives and the capabilities of your data recovery Onesolutions?ofthe most important questions for you to consider is whether your data protection and recovery plans are part of your security strategy? If you work in an environment where data protection is separate from security, it’s time to bring those two functions together. In the age of ransomware, they cannot be separated. ë
• You are never too small to be a target: A common misconception is that small and midsized businesses think they are unattractive attack targets and by default, safe. In reality, these organizations are often more prone to attacks as they’re assumed to have fewer staff, technology, and resources to combat targeted attacks.
• Secure everything: The best defense is a great offense – and organizations must take a “secure everything” approach to protect themselves from modern attacks.Barracuda delivers Advanced Threat Protection as a cloud service, which means that each ATP enabled solution can employ the intelligence gathered by the others. This makes processing faster and more scalable. A network firewall alone is not enough, just as an email security gateway alone is not enough.
• Recover from attacks with minimal disruption: When all else has failed, you need a plan to recover your data quickly. Typically for ransomware, the best approach is to devise and implement a comprehensive backup recovery plan that will allow you to recover all your encrypted files with minimal effort.
COMPREHENSIVE SECURITY FOR COMPLEX ENVIRONMENTS
TONI EL INATI, SALES DIRECTOR – ME & T REGION, BARRACUDA
ReRealitiesImagining+97143086282/4090/6566/6077sales@gitex.com gitex.com Dubai’s digitisation initiatives could generate a potential USD 4.87 billion in value by 2019” John Chambers, Chairman, Cisco, 2017 “ Organised byExclusive TransformationDigitalPartner OfficialPartnerAirline OfficialHandlerCourierOfficial Publisher Official Publication Supporting 145,000 trade attendees with their Digital Transformation initiatives BUSINESS CONTENT NEW FOR 2017 53% of attendees have a live RFP 83% of visitors do NOT attend any other event 60% of visitors are Sourcing new suppliers 6,048 Meetings happen through our Matching Portal CONTACT OUR TEAM FOR REMAINING PARTICIPATION OPPORTUNITIES Fintech program Smart Manufacturing & Data Centre area Future Tech: public private partnershipprogram showing AR, AI, VR, Autonomous System & Robotics Solutions 9 Vertical Conferences 5 High Profile Workshops 1 Visionary, prototype-led Summit 2nd Year of stellar startup line up @ GITEX Futurists Dubai attracted USD 7 billion in Foreign Direct Investment in 2016, with 73% directed to tech projects CALLING out All innovators in 5G AR, VR, Artificial Intelligence, Big Data, Cloud, Cyber Security and IoT
tions and companies in other regulated markets – as Google mail is today. Accessing e-mail with one factor (e.g, password) is too susceptible to being faked out in the digital realm. Two-factor authentication will be needed because a second form of verifying the identity of the so-called “trusted source” may become the linchpin for protecting your orga nization from a digital disaster. And the truth is that the cyberattacks of tomorrow are already coming upon us today. Seriously, make sure you have multi-factor authentication turned on. Multi-factor authentication was also highlighted in the retail store Target’s recent settlement in which it agreed to pay $18.5 million for the 2013 breach that affected 41 million consumers. As part of the settlement, Target has agreed to do the following: • “Take steps to control network access, including password rotation policies and twofactor authentication.” We at HID Global have watched how our customers have benefitted from multi-factor authentication.Forexample, we have been monitoring how banks are using our new HID Approve mobile app to deliver two-factor authentication. When someone is asking for online permission to access an accountor a corporate VPN, the person gets a notification on their phone about it. He or she swipeshis/her finger on the screen to approve or verify it. He/she swipeshis/her finger to the left to reject it. Not only is it an easy user experience, it also verifies the trusted source. Cyber attackshighlight how “trust” should be at the center of all conversations about securing people, places and things. HID Global is talking about it. ë
ARTICLEGUEST
ARE YOU SURE YOU DIDN’T AUTHORIZE SOMEONE YOU SHOULDN’T HAVE?
Fake identities posing as “trusted sources” and the lack of multi-authentication were exposed at the core of the recent swarm of malicious “Google Docs” phishing attacks across the world. The attacks were effective because they looked like they were coming from someone you trust, asking you to do something – in this case, asking you to open a Google Document.
30 AUGUST 2017
What was learned from the Google Docs phish ing scam? Verification of the authenticity of an online transaction, whether it’s accessing e-mail, an information database or even a bank account, continues to be vitally important.
authentication has quickly become an important security measure to protect organizations by putting the power back into people’s hands to verify identities, protect their credentials from being stolen and misused, and be able to transact securely. Experts agree that the future of cyber attacks involves tricking the user into granting permis sion to a third-party application – in other words, asking for privileges to access something of yours. In this brave new world, multi-factor authentication will become as commonplace for organizations – financial institutions, government agencies, utility companies, healthcare institu
MIGUEL BRAJOS, VP GLOBAL SALES IAM SOLUTIONS, HID GLOBAL
Google has taken remedial action for the Google Docs phishing attack but the fact remains that third-party apps rely on this mechanism to make your life more convenient. Let’s not forget security.Multi-factor
BE PART OF THE JOURNEY ! PARTICIPATING18COUNTRIES 2000+C-LEVELEXECUTIVES QUALIFYING24ROUNDS WWW.GECOPEN.COM BROUGHT BY ORGANISED BY IN ASSOCIATION WITH CSR PARTNER STRATEGIC PARTNER
