Cyber Sentinels March 2022

Page 1

Using Singularity XDR, CISOs can integrate multiple data sources and security solutions into a single intelligent dashboard.

BUILDING THE STORYLINE OF AN ATTACK TAMER ODEH Regional Sales Director, SentinelOne. MARCH 2022 SPECIAL SUPPLEMENT BY
#evolvetechnology UNVEILING THE FUTURE AT #FITSMEA22 www.fitsmea.com OFFICIAL MEDIA PARTNERS IN ASSOCIATION BROUGHT BY March 17, 2022 The Ballroom, Level 4, Conrad Hotel, Dubai

Risk is the only constant!

Yes, in the world of security, not ‘Change’ but ‘Risk’ is the only constant. If pandemic was not a war enough for the mankind and business in general, the ongoing Russia-Ukraine crisis (If I may term it as a crisis any longer) has put the economy and the world at crossroads once again. The world is awake with eyes wide open anticipating a mega cyber warfare to strike anytime. How much real this anticipation is, only time will tell. The anticipation is fueled up as history is witness to earlier instances of attacks on Ukraine (viz the NotPetya) that brought in a new wave of ransomware.

MANAGING DIRECTOR

TUSHAR SAHOO

TUSHAR@GECMEDIAGROUP.COM

EDITOR

ANUSHREE DIXIT

ANUSHREE@GECMEDIAGROUP.COM

CEO

RONAK SAMANTARAY

RONAK@GECMEDIAGROUP.COM

GROUP SALES HEAD

RICHA S

RICHA@GECMEDIAGROUP.COM

EVENTS EXECUTIVE

GURLEEN ROOPRAI

GURLEEN@GECMEDIAGROUP.COM

JENNEFER LORRAINE MENDOZA

JENNEFER@GECMDIAGROUP.COM

SALES AND ADVERTISING

RONAK SAMANTARAY

RONAK@GECMEDIAGROUP.COM

PH: + 971 555 120 490

PRODUCTION, CIRCULATION, SUBSCRIPTIONS

INFO@GECMEDIAGROUP.COM

DIGITAL TEAM

IT MANAGER

VIJAY BAKSHI

DIGITAL CONTENT LEAD

DEEPIKA CHAUHAN

SEO & DIGITAL MARKETING ANALYST

HEMANT BISHT

ANUSHREE DIXIT

Anushree@gecmediagroup.com

The criticial infrastructure is certainly at risk. As Shenoy Sandeep, Regional Director META of Cyble Middle East says, “Learning from last year’s statistics, we find that cybercriminals have deliberately targeted supply chain and critical infrastructure given the steady increase in remote work requirements. Threat actors have targeted government and private sector enterprises for both financial and non-financial gains. The number of targeted banking trojans increased the year after. Additionally, vulnerabilities have also increased particularly in sensitive infrastructure not limited to internetfacing apps, operational technology (OT), and network devices. Over 20,000+ vulnerabilities with an average CVSS of 6.5 were reported in 2021 alone.” UAE is definitely taking serious measures to curb the attacks and introduce a tight cyber security framework in place. UAE has introduced their first Federal Data Protection Law No. 45 of 2021 (Law), which came into effect on 2 January 2022. All private and public entities will have 6 months’ time to comply with the new law, should they fail to do so they could be heavily penalized.

With these tectonic shifts in security landscape, Global CISO Forum predicts a paradignm shift in the role of the 2022 CISO and solution providers.

In this issue of Cyber Sentinels, we explore the changing role of CISOs in 2022 and how they are planning to further empower their teams and their organizations to build up a resilient security foundation.

Our exclusive cover story this time with Tamer Odeh of SentinelOne, is a deep dive into how SentinelOne has been investing and innovating its solution stack to find a way forward. With an urgent drive for companies to improve their detection and response time, we find out how SentinelOne’s Singularity XDR unifies and extends detection and response into multiple security layers, providing teamswith centralised end-to-end visibility, with analytics and automated response across the technology stack.

This and much more in this edition of the Cyber Sentinels. Happy reading!

PRODUCTION, CIRCULATION, SUBSCRIPTIONS

INFO@GECMEDIAGROUP.COM

DESIGNER

AJAY ARYA

ASSISTANT DESIGNER

RAHUL ARYA

DESIGNED BY

PRINTED BY AL GHURAIR PRINTING & PUBLISHING LLC.

MASAFI COMPOUND, SATWA, P.O.BOX: 5613, DUBAI, UAE

SUBSCRIPTIONS

INFO@GECMEDIAGROUP.COM

# 203 , 2ND FLOOR

G2 CIRCULAR BUILDING , DUBAI PRODUCTION CITY (IMPZ)

PHONE : +971 4 564 8684

31 FOXTAIL LAN, MONMOUTH JUNCTION, NJ - 08852 UNITED STATES OF AMERICA PHONE NO: + 1 732 794 5918

A PUBLICATION LICENSED BY INTERNATIONAL MEDIA PRODUCTION ZONE, DUBAI, UAE @COPYRIGHT 2013 ACCENT INFOMEDIA. ALL RIGHTS RESERVED.

WHILE THE PUBLISHERS HAVE MADE EVERY EFFORT TO ENSURE THE ACCURACYOF ALL INFORMATION IN THIS MAGAZINE, THEY WILL NOT BE HELD RESPONSIBLE FOR ANY ERRORS THEREIN.

EDITORIAL
HAPPY COMPANIES CREATE HAPPY EMPLOYEES NOMINATE CATEGORIES SMBs (0-150 EMPLOYEES) ENTERPRISES (151-5000 EMPLOYEES) UNVEILING THE FUTURE AT #FITSMEA22' www.fitsmea.com OFFICIAL MEDIA PARTNERS BROUGHT BY Some wait for Friday to end! Some wait for Monday to Begin!
CONTENTS 03 EDITOR’S PAGE 12 THOUGHT LEADERSHIP HOW DOES CISOS BECOMES THE CATALYST IN DIGITAL TRANSFORMATION AGE? 06-10 CISO OPINION CORNER 36-49 EXPERT BYLINE GETTING AHEAD OF CYBERSECURITY CHALLENGES IN 2022 MILLIONS LOST TO RANSOMWARE. WHAT IS THE SOLUTION? 5 STEPS TO ENHANCE YOUR CYBER RESILIENCE EMPOWERING A CYBER RESILIENT CULTURE HOW CYBER RESILIENCE ADAPT TO THREATS? ADDRESSING GAPS IN CYBER RESILIENCE 50-51 GECSS PREVIEW THE GCC SECURITY SYMPOSIUM & CISO AWARDS 2022 32 INFOBLOX MARCH 2022 COVER STORY 22-25 BUILDING THE STORYLINE AND BEHAVIOUR OF AN ATTACK 05 MARCH 2022

DRIVING INNOVATION FOR BUILDING A SAFER FUTURE

CISOs must evolve in their role and become transformational leaders capable of empowering the business and driving innovation.

Please describe your job role in the organization. The primary responsibility in the organization is to define and implement information security and cybersecurity strategies that are in line with the organization’s goal of providing secure, seamless, and enhanced security and customer experience. Developing information security plans, guidelines, policies, short and long-term strategies, and directing information security planning processes in order to establish a comprehensive information security program.

What are the most important and critical aspects of your job role for your organization?

New security threats emerge on a regular basis, and IT security professionals must stay current on the latest tactics used by hackers in the field. In addition to the highlevel responsibilities mentioned above, IT security teams perform the following specific tasks:

l Configure and implement user access controls, as well as identity and access management systems.

l Keep an eye on network and application performance to spot unusual activity.

l Conduct regular audits to ensure that security practices are in compliance.

l Endpoint detection and prevention tools should be used to thwart malicious hacks.

CISO OPINION CORNER
MOHAMMED AL-DOSERI CISO, Tas’heel Finance
06 MARCH 2022

l Set up patch management systems to automatically update applications.

l Implement comprehensive vulnerability management systems for all on-premises and cloud assets.

l Set up a shared disaster recovery/business continuity plan with IT operations.

l Work with human resources and/or team leaders to educate employees on how to spot suspicious activity.

What are the typical challenges faced by a chief security officer in large and medium enterprises?

At the highest level, cybersecurity professionals are in charge of safeguarding IT infrastructure, edge devices, networks, and data. More specifically, they are in charge of preventing data breaches as well as monitoring and responding to attacks. Protects information system assets by detecting and resolving potential and actual security issues.

System security is provided by defining access privileges, control structures, and resources.

What are the key skills required for an ideal chief security officer in this age of digital transformation?

Any digital transformation project has farreaching implications for both your current and future workforce. As the driving force behind your company’s innovation, it should be your top priority as a CSO/CISO to ensure your teams have the right mix of skills throughout the project lifecycle, especially if you intend to keep resources

beyond the initial stages of digital transformation. This is not a simple task. CSO/CISOs must be aware of, and responsive to, the changes that digital transformation brings to the workforce by hiring the right people with the right skill set at the right time. Integrating the right mix of skills can also be accomplished by upskilling current employees, hiring new permanent employees, or bringing in contractors.

So, we can list the key skills set as the following:

1. KNOWLEDGE OF DATA ANALYTICS, SOFTWARE DEVELOPMENT, AND CYBER SECURITY

The specific skills required the organization are determined by its nature. However, because any digital transformation project is likely to generate a large amount of data, data analytics, market research analytics, and database administration skills should be at the top of your priority list.

2. ABILITY TO MANAGE CHANGE

While we live in a more digital age, we must never underestimate the value of human interaction. Effective communication and analytics skills will be required during a digital transformation project in order to provide insights and share information across the organization. Furthermore, because your headcount is expected to increase in the short term as a result of digital transformation, an initial boost in your human resources capability will help to steer your company through

this period of transition.

3. ADAPTABILITY, CREATIVITY, AND LEARNABILITY

As technology replaces repetitive manual and cognitive tasks, look for employees who can handle non-routine tasks. These individuals must be able to think creatively, exhibit cognitive flexibility, and demonstrate emotional intelligence, as these abilities tap into the USP of human intelligence when compared to the skill set of an artificial intelligence.

4. INCREASE YOUR WORKFORCE’S DIGITAL LITERACY.

As digital transformation becomes more prevalent, every member of staff will require a basic level of computer literacy in order to use technology in their jobs. However, more than 40% of workers who use office software on a daily basis do not have the necessary digital skills to use it effectively.

To ensure that your digital transformation strategy is future-proofed across the organization, you must provide adequate training to current employees and ensure that future employees have these generic skills.

And last point is don’t forget about your own set of skills.

Only 21% of businesses have a firmwide digital transformation strategy in place.

The CSO/CISO must be able to explain why something needs to change rather than just how it will change. They must be able to demonstrate the value of combining emerging digital technologies with business objectives.

CSO/CISO have a huge opportunity to reimagine their workforce through digital transformation by bringing in new roles and skills. CSO/CISO will see true transformation change across the organization by bringing these skills to the workforce and investing in their own abilities. Such transformative change, achieved through the integration of the skills your organization requires now and in the future, will enable the company to not only survive, but thrive, now and in the future.

How does your organization or how do you define digital transformation?

CISO OPINION CORNER
07 MARCH 2022

The integration of digital technology into all areas of a business, as well as the process of using digital technologies to create new — or modify existing — business processes, culture, and customer experiences to meet changing business and market requirements, is referred to as digital transformation.

The Aspects of Digital Transformation as the following:

l Process Improvement. Process transformation entails changing the elements of a company’s processes to achieve new objectives.

l Transformation of the Business Model.

l Domain Transformation

l Cultural/Organizational Change.

According to you, how does digital transformation affect the security posture of any business?

Security concerns are on the rise as organizations pursue digital transformation and adopt new technologies and business processes. The major CISOs security issues during digital transformation had a “somewhat” to “extremely large” business impact. Similarly, the rapid adoption of new technologies, particularly IoT and

multi-cloud environments, has increased the attack surface and the number of entry points into a network significantly. This is especially true if organizations lack integration across their security solutions and have only a limited view of user, system, and network behavior.

Enterprises are dealing with security issues in three critical areas of threat management and operations:

l Polymorphic Attacks: These sophisticated attacks are capable of changing and adapting in order to avoid detection by traditional security solutions. This approach has become more common, with 85 percent of respondents describing it as a “somewhat” or “extremely large” challenge.

l DevOps: Integrated DevOps teams and processes have enabled organizations to keep up with today’s continuous delivery and integration pipeline. The faster development and release process, on the other hand, makes it easier for security vulnerabilities to go undetected when published.

l Inadequate Visibility: This issue stems from a legacy of non-integrated, siloed multi-vendor point defense products. To secure complex, highly distributed environments spanning remote branches,

enterprise data centers, and hybrid clouds, security teams must maintain cohesive visibility to detect anomalous behavior and mitigate threats quickly.

How is digital transformation impacting your job role and department responsibilities in the organization?

Security can help to remove obstacles to digital transformation and accelerate adoption. It can not only help the enterprise avoid increased risk, but also reduce it proactively. For this to happen, CISOs must evolve in their role and become transformational leaders capable of empowering the business and driving innovation. Here’s why CISOs must embrace digital transformation, learn about the benefits of new technologies, and comprehend the seismic shift they bring to traditional security practices.

The CISO’s role and the security function’s role within organizations have changed dramatically. Security was separate and hidden from application teams just ten years ago, and it was widely perceived as an impediment to new initiatives. Obtaining security approvals or defining security requirements for a project can take months, preventing developers

CISO OPINION CORNER
08 MARCH 2022

from releasing the product on time. This is unthinkable in today’s fast-paced business environment.

However, as businesses engage on digital transformation projects and evolve their IT infrastructure, the risks change as well. In a cloud-native world, developers continuously push new code to production. Organizations deploy applications in minutes rather than days or weeks using containers or functions.

Traditionally, the CISO’s role has been to protect the organization from cyber threats and to mitigate potential risks. However, as a result of the ongoing digital transformation, the CISO’s focus is shifting, and the role is rapidly becoming more strategic and influential. Today, the CISO’s role is measured not only by whether the company suffers losses as a result of a data breach, but also by how security anticipates new initiatives and allows companies to bring services and applications to market faster.

Specifically, what are the challenges and opportunities created by digital transformation including IoT, cloud, mobility, for chief security officers Digital transformation is about using

technology and data to drive innovation and better business outcomes. They intend to achieve four key business goals through digital transformation: improved business agility, customer insights, operational efficiencies, and increased market share. Organizations are looking at four key technologies to bring about these changes:

1. The cloud

2. Internet of Things

3. Adaptability

4. Machine Learning/Artificial Intelligence So, there are many Challenges that Organizations Face in Digital Transformation process

l Lack of Change Management Strategy

l Complex Software & Technology

l Driving Adoption of New Tools & Processes

l Continuous Evolution of Customer Needs

l Lack of a Digital Transformation Strategy

l Lack of Proper IT Skills

l Security Concerns

l Culture Mindset

Significantly, CISOs rated each of these technologies as having an “extremely large” impact on business. Security concerns are on the rise as organizations pursue digital transformation and adopt new technologies and business processes. In fact, CISOs reported that security issues during digital transformation were “somewhat” to “extremely large.”

Similarly, the rapid adoption of new technologies, particularly IoT and multi-cloud environments, has increased the attack surface and the number of entry points into a network significantly. This is especially true if organizations lack integration across their security solutions and have only a limited view of user, system, and network behavior.

Enterprises are dealing with security issues in three critical areas of threat management and operations are DevOps, Polymorphic Attacks, and a Lack of Visibility.

On the other hand, there are numerous opportunities for digital transformation. Here are a few of the most significant.

INCREASED PRODUCTIVITY

Factory automation technologies increase output rates while decreasing error rates. Furthermore, sensors and machine learn-

CISO OPINION CORNER
09 MARCH 2022
While we live in a more digital age, we must never underestimate the value of human interaction. Effective communication and analytics skills will be required during a digital transformation project in order to provide insights and share information across the organization.

ing technologies can improve and reduce breakdowns, leading to even greater productivity gains. A good example of this is systems that receive real-time data from sensors and use it to predict failures before they occur.

RESOURCE UTILIZATION THAT IS MORE EFFICIENT

The digitalization of a manufacturing business entails the use of machines and software to perform functions that were previously performed by people. This enables businesses to more effectively redeploy and reallocate their resources. Furthermore, a digital twin with artificial intelligence capabilities could predict the failure and either automatically schedule maintenance or send process updates, potentially preventing the failure from occurring.

WORKING WITH SUPPLIERS, REGULATORS, AND OTHERS MORE EFFECTIVELY

It is possible to build digital bridges with companies and organizations in distribution and supply chains by digitally

transforming a business. The automation of these processes reduces errors and decision-making times. This provides several advantages, such as more efficient management of raw material stock levels or finished product output.

IMPROVING COMMUNICATION AND SUPERVISION

Digitalization improves communication efficiency while also increasing transparency.

IMPROVING CUSTOMER EXPERIENCE

Opportunities such as product customization improve the customer experience, but there are other ways that digitalization can improve it.

In general, looking at the present and future technology landscape, what is the upside and downside of cyber security solutions?

Cyber security solutions put into practice the practice of ensuring information’s confidentiality. integrity, and availability (CIA). Cybersecurity is a constantly evolving set of tools, risk management approaches, technologies, training, and best practices aimed at protecting networks, devices, programs, and data from

attacks or unauthorized access.

THE BENEFITS OF THESE SOLUTIONS ARE AS FOLLOWS:

a) Display a solution that safeguards the system against viruses, worms, spyware, and other potentially harmful programs.

b) Anti-theft protection for data.

c) Prevents hackers from accessing the computer.

d) Reduces the likelihood of computer freezing and crashes.

e) Provides users with privacy.

THE DISADVANTAGES ARE AS FOLLOWS:

a) These solutions, such as firewalls, can be difficult to configure properly.

b) Incorrectly configured firewalls may prevent users from performing certain Internet activities until the firewall is properly configured.

c) Slows the system down even more than before.

d) New software must be updated on a regular basis to maintain security.

e) It could be expensive for the average user.

f) Integration with other solutions is a problem, so the focus is on using a single echo system from the same vender to get the best visibility ë

CISO OPINION CORNER 10 MARCH 2022
RIYADH 23 rd MAY NEW DELHI 19 th AUGUST DUBAI 09 th JUNE TRANSFORMATION IN SECURITY TRANSFORMATION IN NETWORKING TRANSFORMATION IN BUSINESS APPLICATIONS TRANSFORMATION IN IT & COMPUTING

HOW DOES CISOS BECOMES THE CATALYST IN DIGITAL TRANSFORMATION AGE?

Digital transformation should integrate the security posture required for efficiently managing the risk at the business level and smoothly enabling these digital initiatives across the business.

daily commitment of enhancing everyday life for Dubai residents and visitors by imagining and operating safe, smart and sustainable shared transport solutions, accessible to each and every one.

What are the most important and critical aspects of your job role for your organization?

What are the key skills required for an ideal chief security officer in this age of digital transformation?

Please describe your job role in the organization?

I have more than 15 years of experience in security on both IT and OT domains of the transport industry (civil/military aviation and light rail transit systems). I am acting as the Chief Information Security Officer (CISO) of the Keolis-MHI consortium and reporting directly to the Chief Finance Officer (CFO). My role is also to be cybersmart and to ensure that the Keolis Group values: “We imagine, we care, we commit” are respected. These values illustrate the

I am responsible for establishing and maintaining the Keolis-MHI consortium information security management program to ensure that the assets are adequately protected. I drive the company’s cyber security governance by defining the information systems security policies. I liaise with senior level directors, and key stakeholders to provide recommendation, assistance, information, training and I raise alerts about cyber security by considering the geopolitical environment and the legal context in Dubai and within the UAE.

I finally oversee the implementation of technological solutions and operational procedures that will ensure data privacy and information systems security.

Cyber security has become a top agenda thanks to regional and international regulations around data privacy and because of all these cyber attacks targeting not only small, medium or large company but also Industrial Control Systems (ICS) where the safety is at stake. The World Economic Forum said that the biggest risk after pandemic globally is actually cyber. Executive management teams have started talking about cyber security and it has becoming one of their agendas in the board room. For that, it is very essential, for a cyber security professional, to talk cyber security in business terms. As business relies on solutions which have high probability of cyber attacks, hence the CISO is a key catalyst in the adoption phase of any digital transformation journey. Some of the key skills are proactive measure, continuous monitoring via embedding robust security measure into the organizational structure.

THOUGHT LEADERSHIP
JEAN-MICHEL BRIFFAUT Rail Cyber Security Manager, Keolis MHI
12 MARCH 2022

SEC _ RITY IS NOT COMPLETE WITHOUT U!

BROUGHT TO YOU BY

REGISTER NOW

PRESENTS UNITED
ARAB EMIRATES MAY 2022 17
OFFICIAL MEDIA PARTNERS

How does your organization or how do you define digital transformation?

In the fast-evolving transport sector, Keolis-MHI has already initiated its digital transformation journey which can be summarized as the implementation of modern capabilities in the two keys areas: assets and processes with a vision to enhance service delivery and quality in an optimized and sustainable manner. The goal of these initiatives is not only to satisfy our client but also to navigate through opportunities by optimizing risk, enhancing efficiency and increasing employee and customer value and satisfaction. And all our digital security-related projects are part of the enterprise strategy.

According to you, how does digital transformation affect the security posture of any business?

The challenge is to ensure that digital transformation will not lead to the expansion of the attack surface beyond the

current capacity (and even the future capability) of the business to manage threats and vulnerabilities. The response to that challenge is to ensure ongoing alignment of business strategies and activities with the business risk appetite.

How is digital transformation impacting your job role and department responsibilities in the organization?

As we move forward in the journey of adopting the latest trends and technologies, my job has been converted into a more transverse role. I have to pro-actively focus on governance, compliance, audit and I have also to continuously evolve around optimization and improvements. It has required the implementation of a digital security strategy across all the departments within the business. My interaction is not only with the Security Opeation Team, but has been developed to be between the members of the Executive Management Team, the IT Team and the other business functions.

At present, what are your expectations from cyber security solution vendors, channel partners, consultants?

My expectations for a project improving or enhancing the security posture of the company is that cyber security is considered from the initial stages and this includes:

l The support and cooperation of the vendors by proposing a solution which is secured by design or by demonstrating its robustness during a Proof of Concept (PoC);

l The participation of consultants to write technical and non-functional cyber security requirements inside RFP aligned with local regulatory framework;

l The selection by channel partners of companies certified with international IT and/or OT security standards;

l The negociation of stringent SLA with integrators and/or vendors to ensure that the time between the discovery of a new relevant vulnerability and the time of receiving a validated patch is reduced as low as reasonably practicable. ë

THOUGHT LEADERSHIP
14 MARCH 2022
CELEBRATING ENABLING ◄ ► SECURING DIGITAL TRANSFORMATION Al Chatbots • Bl & Analytics • Blockchain • CRM/CEM • Robotic Process Automation • Managed IT Services • DIGITAL TRANSFORMATION • Digital Risk & Compliance • Zero Trust • Cloud & Application Assurance • Digital Identity • Data Protection & Privacy • Managed Security Services MENA I APAC AMERICAS 400+ ProfessionalTeam I 300+ Enterprise Clients I 50+ International Awards I 10+ Global Locations I 20+ Nationalities

ANTICIPATE THE THREAT TO ACHIEVE CYBER SECURITY

Cost reduction in an organization restricts the company and CISOs to achieve the organizational goals and figure out the security issues. Negotiation, leadership, and decision making are the key skills required for CISOs in the age of digital marketing. Digital transformation is a key to the pursuit of business development, marketing, and promotion.

CISO OPINION CORNER
16 MARCH 2022

SHAFIULLAH ISMAIL, Head, Information Security & Risk, Leading Global Investment Firm

Please describe your job role in the organization.

The Cyber Security architecture and risk unit oversee the security, governance, and risk functions which are centralized. Being in a financial organization we are highly regulated through different geo-location-based regulators where cyber security is taken seriously. Our organization is business-centric, and it is critical to look at business-specific security to protect its ecosystem. Working with business units through committees and forums will ensure alignment and quick response.

What are the typical challenges faced by a chief security officer in large and medium enterprises?

For years, cyber security has been considered a showstopper by businesses. This mindset created a disconnection in aligning cyber security initiatives. Cyber security is an organization-wide function, and it needs strong integration with management and business stakeholders. To create a synergy between security and its stakeholders, it is highly important to meet and talk in business language. Technology forums with various business stakeholders

are the key drivers in emphasizing cyber security. .

It is of paramount importance in getting the right budget to equip the cyber security to address both security threats and regulatory compliance requirements. Lack of budget to address cyber security concerns are the biggest challenge for the CISOs.

What are the key skills required for an ideal chief security officer in this age of digital transformation?

Making good decisions is a crucial skill at every level – Peter Drucker. Digital transformation is dominating a huge portion of the board room talks and businesses want to accelerate their strategy and initiatives in a rapid phase. Protecting digital assets against the volatile, ever-changing threat landscape is the biggest challenge and requires some key skills.

Negotiation: Collaboration and integration with business are vital. Keeping businesses aware of cyber threats and regulatory complications should be prioritized. Getting the right budget and deploying controls around business platforms are few quick wins if the synergy between security and businesses is stronger.

Leadership: CISOs should be a driving force and should lead the security from the front to enable business. CISOs should be a front channel that assures both business and management regarding security and risk.

Decision Making: The stakes are high for CISOs when it comes to security incidents or risk. Decisions and considerations are key factors that impact the progress of the cyber security program.

How does your organization or how do you define digital transformation?

In my personal view, Digital transition should be the number one priority for any organization. It makes organizations more agile. A digital transformation initiative involves change at the organizational level, change that generates breakthrough value. The digital culture shift is critical for businesses to remain sustainable. Customer experience (CX) is the new battleground for companies who want to offer it as service. Each time-consuming and error-

prone manual activity that’s automated cuts countless hours of resources, allowing businesses to focus on more businesscritical tasks.

According to you, how does digital transformation affect the security posture of any business?

Today, digital transformation is everywhere. Organizations are embracing artificial intelligence and automation at a rapid speed and adopting platforms that are connected to external cloud sources to power the digital transformation experience. The security landscape has evolved with the introduction of zero trust architecture, APIs and cloud security, blockchains and cryptocurrency, digital governance, and risk. As organizations started to fill in CXOs positions, it’s another partnership for CISOs to align and steer the business initiatives together.

Specifically, what are the challenges and opportunities created by digital transformation including IoT, cloud, mobility, for chief security officers. Digital transformation opens its door to new innovations and opportunities in technology space. Business is always in demanding front to integrate something creative to add value to their clients/customers/partners.

Some of the challenges areas when it comes to security are,

l Allowing the internal ecosystem to collaborate with different external platforms.

l Accepting cloud centric services to power up the artificial intelligence initiatives opening new risks.

l Mobility gaining grounds among business users with mobile devices and data at large are not sufficiently protected.

Some of the opportunity’s areas in security with regards to digital transformation are,

l CISOs are now part of digital and business forums.

l Security solutions are relying on algorithms for threat protection and monitoring.

l Automations and machine learning capabilities incorporated with business processes. ë

CISO OPINION CORNER
17 MARCH 2022

RAKESH NARANG

AVP Network and Security, Aldar Properties PJSC

WAYS TO PROMPT BUSINESS ADVANCEMENT

Security is the predominant factor in every business and said to be the top concern of the CISOs. Digital transformation should be enhanced controlling data breaches and other security attacks. Digital marketing could keep in touch with the customer demands that helps to strengthen the future initiatives.

What are the most important and critical aspects of your job role for your organization?

The priority is always to secure the business. Implementing and overseeing strategies to assess and mitigate risk, develop, implement and security processes and policies, identifying and reducing the risk, and limiting liability and exposure to informational risk, also conducting research, and executing security management solutions to help keep the organization save.

What are the typical challenges faced by a chief security officer in large and medium enterprises?

In The CISO not only should understand business but must be technology savvy as well because the way technology landscape is enhancing it’s very difficult to be in a same pace if the one is not skilled with current technology.

Business communications are one of the critical functions specially when dealing with security subjects with executive management to ensure that they understand the business context of the often-technical security challenges, one must break this complex security challenges into the RISK and present to the executive management.

Please describe your job role in the organization. With 20+ years of professional experience in building and maintaining Information Technology network and security operations, Heading the Network and Security operation in my current role as AVP Network, Security and Datacenter operations in Aldar Properties PJSC.

As a CISO, the priority always being able to assist and secure the business and the increasing dominance of cyberattack is generally the top concern for CISO and the drive for most of their day-to-day security operations. If securing company network from threats wasn’t already difficult enough but arrival of Internet of Things (IoT) and BYOD are another reason why the role has become more challenging because the increasing prominence of IoT devices refers to a network of internetconnected devices that communicate with each other. Though widespread adoption of IoT devices certainly makes our lives more convenient, but it’s a critical and challenging for infosec to secure.

What are the key skills required for an ideal chief security officer in this age of digital transformation?

According to you, how does digital transformation affect the security posture of any business?

Digital transformation holds different meanings for different people. But at its core, digital transformation describes the process of improving or upgrading your business by taking advantage of the latest applications, services, and technologies. With digital transformation organization enhance customer experience and launch features new to the market. To diminish cybersecurity risk in this process requires transforming organization how to manage risk on an ongoing more flexible rather than demanding a traditional cyber control-based approach which can be very slow. With growing demand of mobility and cloud, security is a very critical function to secure data, but a rigid security protocol cannot be applied to this fast-paced technology landscape however a RISK mitigation framework must be in place.

ë CISO OPINION CORNER 18 MARCH 2022

A STATE OF HACK | 2022

CHALLENGES

ANKIT SATSANGI, Co-Founder, CTO and Head Cyber Defense, AHAD

The pandemic has introduced a cyber-pandemic which has constantly put us in a state of hack. In retrospect, 2021 globally has been a very hard year for organizations especially with vulnerabilities like Log4j being exploited in the wild and high-profile breaches such as Solar Winds and many others which resulted in causing serious impacts in organizations, more like a ripple effect. Hackers in 2022 are going to be more sophisticated adopting to new TTP’s (tactics, techniques, and procedures) and ways to compromise businesses. Threats like Ransomware, BCE (business email compromises) worry organizations and they should as the damage we have seen past couple years have been unprecedented.

Ahad, a leading cyber-security services and solutions company backed by veterans from the industry. We are best known to take the offensive security approach to best define security priorities for the remainder of the year.

THOUGHT LEADERSHIP
20 MARCH 2022

CHALLENGES

1. DATA PROTECTION AND LAW OF THE LAND

UAE has introduced their first Federal Data Protection Law No. 45 of 2021 (Law), which came into effect on 2 January 2022. All private and public entities will have 6 months’ time to comply with the new law, should they fail to do so they could be heavily penalized. With the increasing number of security incidents in data breaches, Ahad is helping establish a process around data protection, classification and urging organizations to introduce a DPO (Data Privacy Officer) position who is going to be responsible for educating the employees of data compliance, identifying data owners to establish a data processing framework and conduct frequent security audits. We are already in the process of helping organizations comply to the new data protection law.

2. ATTACK SURFACE, VISIBILITY & INTELLIGENCE

One of the most common problems identified is that organizations

do not maintain an updated asset inventory of all their digital assets. This is critical to maintain to be able to gain visibility into which of the assets are in production that we do not know of, that are unpatched or that have already been compromised. Furthermore, mapping the external attack surface is going to bring added visibility into all possible points that an organization can be breached and compromised from, help generate a compliance report and help the security teams detect and respond to threats proactively before they are exploited.

3. OFFENSIVE SECURITY ENGAGEMENTS

Offensive Security engagements are not optional for any organization today. Its testing the limits of a self-proclaimed “strong security posture” that helps in identifying key security, application, network, and infrastructure vulnerabilities that could lead to a security incident of the highest severity. Ahad’s offensive security practices are comprehensive, impactful, and conducted by white hats who understand security from a security and a compliance standpoint. We conduct assessments of any size, compile findings in technical report with a well-defined methodology and then define a cyber-security road for the organization on the basis of the engagement. ë

THOUGHT LEADERSHIP THOUGHT LEADERSHIP
21 MARCH 2022

BUILDING THE STORYLINE AND BEHAVIOUR OF AN ATTACK

The regional and global cybersecurity threat landscape is evolving and expanding. As attack vectors multiply, from endpoints to networks to the cloud, many enterprises are addressing these vectors with best-in-class solutions for specific vulnerabilities. However, point solutions do not connect the dots across the entire technology stack.

As a result, security data is collected and analysed in isolation, without any context or correlation, creating gaps in what security teams can see and detect. Because of this amongst other reasons, manual investigation can often be slow and cumbersome, causing teams to lag behind significantly in containing and remediating threats.

SentinelOne has been investing and innovating its solution stack to find a way forward. SentinelOne’s Singularity XDR unifies and extends detection and response into multiple security layers, providing teams with centralised end-to-end visibility, with analytics and automated response across the technology stack.

INNOVATIONS AND PRODUCT DEVELOPMENT

SentinelOne have been innovating in the realm of cybersecurity with specific focus into XDR. “We have coined the term Singularity XDR platform. We have also been developing and innovating multiple solutions either by acquisition or research and development and or integration,” says Tamer Odeh, Tamer Odeh, Regional Sales Director, SentinelOne.

SentinelOne has been addressing the pain points of IoT hygiene and IT hygiene by releasing a solution called, Ranger. This product helps us in

classifying and identifying, IOT devices, rogue devices. And it helps in the reduction of attack surface area.

“We have also addressed through integration the growth in protection of mobile devices. We are integrating with third party vendors to protect, mobile devices in the same manner that we are protecting endpoints,” he continues.

SentinelOne has improved its managed detection and response services by offering proactive threat hunting services, compromised assessment, and is leveraging third party, incident responders and partners.

Kroll, Mandiant, KPMG, are leading when it comes to incident response and breach management, and they have opted to use the SentinelOne’s Singularity XDR platform in addressing the requirements of responding to breaches and doing analysis and, mitigating risk related to those breaches.

HOW DOES XDR FUNCTION WITH BUILTIN AL, ML

Leveraging automation and machine learning, we have evolved EPP and EDR to XDR. However, the use cases of AI and machine learning are a patented technology from SentinelOne.

The benefit of having automation and machine learning is the reduction of dependency on humans to make decisions and actions. The benefit of the Singularity XDR platform is to provide SOC operators, analysts, cybersecurity professionals, CISOs, with prioritising of actions that they need to do.

“Either we prioritise the actions on their behalf, and we do it automati-

Using ingenious techniques such as data integration and behaviour modelling, built on artificial intelligence and machine language, SentinelOne’s Singularity XDR and Storyline, may just be the solution CISOs are looking for.
COVER STORY 22 MARCH 2022
TAMER ODEH
COVER STORY 23 MARCH 2022
Regional Sales Director, SentinelOne.

SentinelOne Singularity XDR platform has the power to ingest any type of data structured or unstructured

cally through our automation, or we provide the analysts with the right actions to be taken care of,” says Odeh.

Now, this is the core component of the SentinelOne agent. And that is how SentinelOne is leading when it comes to detection and remediation at machine speed. Singularity XDR does not depend primarily on external factor to make a verdict on discovered malicious behaviour, whether human or the cloud, action is taken at the agent level at machine speed.

CURRENT STATE OF CISO PAIN POINTS

CISOs pain points are very dependent on where the executives and the enterprises are in their cybersecurity journey and the point at which a CISO enters the organisation.

You have CISOs that come in fresh into an organisation to build it from the ground up. So, they have a clean slate to design their cyber security journey and their cyber security blueprint. You have CISOs that come halfway through and are required and requested to improve on the existing security processes and address the needs of business operation needs, to make sure they are secure. And you have CISOs coming in at the 11th hour where there is a breach, and they are asked to clean up.

So, each CISO has a different pain point and a different agenda, but you can see a common denominator across all. It could be governance, risk and compliance. It could be reporting and documentation. It could be the availability of themselves.

If you look at the number of breaches that have happened in the past six to twelve months, the role of the CISO and the SOC operation team has definitely been elevated. And pain points have definitely risen, not just at the CISO level, but also at the board level.

“And this is where we come into play,” points out Odeh. “We heard a lot about the CISOs pains, we leverage SentinelOne Singularity

COVER STORY
24 MARCH 2022

in reducing the time to investigate and detect and respond to a lot of the attacks or the malicious behaviour that they see.”

SentinelOne helps in consolidating a lot of their security tools into a single security tool, based on SentinelOne Singularity platform. This is either by integration of security tools from the ground up, where you address multiple silos and facets of the security requirements, whether endpoint protection EDR, XDR or overlapping into data collection or data analytical space.

SentinelOne is doing its best to optimise the work of SOC operation teams, reducing their alert, fatigue, reducing the alerts for the CISO and giving priority to the things they need to action on .

COPING WITH DIGITAL TRANSFORMATION, HYBRID WORK

Inside the enterprise there are a lot of developments around digital transformation, hybrid work, IoT devices at the edge, and so on. Talking about the attack surface, this is one of the biggest challenges and the biggest buzzwords that we have had over years. BYOD, IoT, and 5G are all expanding the attack surface.

“We are going to create a lot more data in the next 3 years, beyond what was created over the last 30 years. And if it is not contextualised, it is meaningless,” says Odeh.

SentinelOne Singularity XDR platform has the power to ingest any type of data structured or unstructured, wherever the telemetry is coming from, and making it meaningful. This is combined with SentinelOne’s EDR data, because at the EDR level you create a lot of metadata. And that is where majority of the attacks spin out from.

An XDR solution will definitely help, because it is addressing a new type of cybersecurity solution, as opposed to what there was in the past, where for every problem, you would throw a product or throw a person or people at it.

Today, more and more platforms are on XDR, whether open or hybrid. This means some vendors have their own XDR firewalls, email, end point protection, and some are more open willing to work with other vendors.

SENTINELONE PATENTS

SentinelOne’s patented technology is what differentiates it in the market. SentinelOne is not dependent on traditional signature-based type of detections. It is doing detection and response remediation, dependent on behaviour.

The part that is patented is a technology called Storyline in which you are able to correlate, different parts of an attack into a single story. So rather than isolating an attack into specific events or separate events, SentinelOne Singularity’s patented storyline is capable of stitching together various parts of an attack or various parts of a technique into a single event.

This will give the end user context of what the attack was. And once you highlight that context, you are able to remediate automatically. For the end user it is a single platform, and the objective of the Singularity XDR platform is to consolidate and merge as many silo solutions as possible that are out there.

The SIEM solutions out there are siloed. They are receiving data from various tools, network logs firewalls, EDR data and logs from emails, but it is all static and very passive.

The SentinelOne Singularity platform correlates a lot of that information together, adding context to them, analysing them, aggregating them. And it does not matter what context it is or what the data source is.

From there, it gives the end user actions that can be done. And the quicker you do it through AI or the machine learning; the quicker you are able to ingest that data; the quicker you are to respond to breaches; the name of the game is the speed of how to detect, investigate and respond.

END USERS, CHANNEL PARTNERS AND THE SINGULARITY MARKETPLACE

There is definitely an improvement in utilising tools such as SentinelOne Singularity platform in improving SLAs, improving the mean to time to respond, because you are no more dependent on just collecting the data in a single place and having a SIEM to look at it, or a SOC analyst. If you are able to ingest that data quickly and correlate it at machine speed, you are definitely improving on SLAs. There are multiple sources and tools and playbooks that MSSP players or channel partners do require to follow in the incident of a breach or in the incident of a compromise. However, throwing many tools and people and processes at the problem has not been helping us in addressing that.

SentinelOne works with a lot of integration partners through the Singularity marketplace or through APIs to automate and improve the speed of responses. This marketplace is very akin to an app store, in which the vendor is developing connectors and integration ports for multiple solutions out there. SentinelOne has developed connectors with NDR, SOAR, Firewall players and both end users and channel partners can benefit from this. End users can visit the marketplace and download these connectors.

Channel partners can augment their service offering if they are offering MSSP or they are offering value added services on top of selling the product. Since most channel partners sell multiple types of products from multiple vendors, they can benefit from these connectors, helping them to integrate with other solutions through Singularity XDR.

Today most of the attacks have a very common behaviour built into their techniques and procedures. SentinelOne is capable of thwarting a lot of those attacks, leveraging its AI. SentinelOne has publicly stated that none of its customers were breached or attacked during the supply chain attacks.

“We were able to detect those malicious behaviours early in the cycle. The name of the game is real time analysis,” reflects Odeh. ë

COVER STORY
25 MARCH 2022
SentinelOne’s patented technology is what differentiates it in the market

A BROADER LOOK BEYOND THE PERIMETERS

surface of the organization.

l The pursuit of profit is more important than security

l Lack of synergy between C-executives and Information Security.

l Changing reactive approach to proactive.

l Cyber skills are not growing at the same pace as digital transformation of business.

l Security is usually an afterthought in the DevOps environment.

l Shortage of security skills in Information Security staff.

l Traditional, poorly secured communication processes with authorities, suppliers, and customers are maintained for convenience

l Organizational level readiness to zero-day cyber-attacks.

l Standards are considered more of a tickin-the-box than the actual application of controls.

What are the key skills required for an ideal chief security officer in this age of digital transformation?

Please describe your job role in the organization?

Being the lead information security officer, I am responsible to establish an end-to-end information security program which contains formation of Information security strategy and framework, develop, and maintain security architecture in adherence with the architectural framework and principles, improve security incident response capability internally to minimize the risk of cyber-attacks on the enterprise and its cloud environment.

What are the most important and critical aspects of your job role for your organization?

Managing and supporting business expectation and enhancing user experience while improving the overall security posture. Promote security culture across the organization through training and awareness, improve the organizational security capabilities to tackle unforeseen events, conduct quality assurance and technical security control testing.

What are the typical challenges faced by a chief security officer in large and medium enterprises?

Top challenges for a CISO in most of the organizations are usually the following:

l Growing digital footprint and attack

An ideal CISO must have everything it takes to drive cybersecurity into organization’s DNA. CISO must be able to steer the business activities through business aligned security strategy that supports present and future business initiatives and its transitions. CISO should have deep understanding of the business to bridge gaps between Security and C-suite and at the same time he/she must also understand technical challenges to work them through with IT and should change its inherited mindset from being just a service provider to a business enabler with an objective to improve customer experience rather than the customer service.

In addition, another important skill required for a CISO is to be able to create and maintain communication channels on all levels to prepare the organization for the potential business risks related to increased reliance on third parties and new trending digital solutions in the market that is part of the digital transformation package.

CISO OPINION CORNER
An ideal CISO must have everything it takes to drive cybersecurity into organization’s DNA. CISO must be able to steer the business activities through business aligned security strategy that support present and future business initiatives and its transitions
ZAHID SYED
Head
26 MARCH 2022

How does your organization or how do you define digital transformation?

There is a big misconception in the market and among business owners about digitalization. Most of the time, digitalization is used to describe digitization, although they are closely related but both require different skill sets, approach, and tools. Digitization refers to converting a non-digital information into a digital format for ease of use, for example converting a movie from a VHS cassette to mpeg4 so that the video can be played randomly from any point for faster access.

Digitalization is about leveraging technology to transform and improve existing business process and make them more efficient, productive, and profitable. For instance, purchasing a software with manual invoicing may require several emails for purchase initiation, approvals, budget availability check, delivery confirmation, invoicing etc. This series of action can be performed using workflows, pulling data from HRMS for approval hierarchy and finance for budget availability and work confirmation for delivered items or services.

Ever evolving digitalization journey has

increased efficiency to our business processes, and reduction in double handling of data leading to better utilization of resources, improved customer experience and satisfaction rate resulting in greater profitability.

According to you, how does digital transformation affect the security posture of any business?

In a world where the buzzwords like Cloudready, multi-cloud environment, DevOps, CI/CD, Dockers and Kubernetes becoming a norm with their agile and lightweight characteristics, security is still a latecomer, and it must transform too at the same pace. Digital alliance, API integrations, federated identities, cloud-based solutions, multi-cloud environment, hybrid infrastructure and social media collaborations have challenged security to limit the attack surface and remote working during pandemic has fueled it even more. This shift of trust requires information security leads like me to take a broader look beyond the perimeters of the organization, it has also influenced us to do a revision of internal and external processes, conduct training of staff and implement new approaches to security in

which the focus should be more inclined towards identity protection, data privacy and its security.

At present, what are your expectations from cyber security solution vendors, channel partners, consultants?

l Vendors are expected to align themselves with their customers’ needs and offer proactive guidance on how to efficiently leverage technology within our industry vertical.

l They are expected to be exercising best practices within the industry and delivering quality products and services.

l They should develop and maintain the highest form of a relationship with their customer to be able to suggest innovation of process

l Vendors must demonstrate continuous improvement in their products and services to help them build customer trust.

l They are expected to take full responsibility for all their contractual and service level commitments.

l Communicate roadmap, strategic directions, mergers, and acquisitions that could enhance the relationship.

l Consistency in performance which is in compliance with the contractual obligations. ë

CISO OPINION CORNER 27 MARCH 2022

DIGITAL TRANSFORMATION IS IN ITS THRESHOLD TO CURTAIL THE CYBER RISKS

Digital Transformation is not the real cause to affect security posture, but rather it will be a threat of cybercrime when the concerns on data privacy are growing in the business. The chief information officer should be under greater scrutiny in this digital transformation era.

CISO OPINION CORNER
28 MARCH 2022

Please describe your job role in the organization?

Protecting business digital assets, assuring compliance, and enabling the technology to deliver business value with reduced risk.

Operating as Security Architect with CISO responsibilities for international operation. Focused on enabling automation in risk profiling, risk quantification and faster decisioning on response strategy based

on real-time signals to deal with evolving cyber threat landscape.

What are the most important and critical aspects of your job role for your organization?

l Keeping updated with evolving business and tech footprint, the industry, region, product/offering, operating regime, tech stack and applicable threat-landscape.

l A well thought security strategy defined keeping the business strategy/priorities at center of attention and mapping with existing and evolving cyber risk to draw response plan and resiliency.

l Priorities the control strategy to assure effective resource utilization, focus what matters most at given point of time and assure residual risk remains within the risk appetite.

What are the typical challenges faced by a chief security officer in large and medium enterprises?

l Defining/translating cyber security strategy as an enabler to business priorities.

l Risk and impact quantification due to federated approach to manage security and lack of integrated view.

l Making pace with evolving tech-stack and threat landscape

How does your organization or how do you define digital transformation?

In my opinion need of the hour with lots of possibilities including automation, time to market, CXP, integrated view with business context, effective and efficient resource utilization, as the cyber risk dimensions are less explored hence a thorough risk analysis and control strategy should be part of the plan including enabling the facilitator /control functions.

According to you, how does digital transformation affect the security posture of any business?

As mentioned above digital transformation is not the cause to affect security posture but if it’s explored without thorough risk analysis and control strategy.

How is digital transformation impacting your job role and department responsibilities in the organization?

Digital transformation triggered various material changes due to adoption of advance tech-stack which led expansion of security eco-system beyond perimeter with exponential increase in threat vectors. This is a transformation age for security professional as its mandated to think beyond and deal with the exponentially evolving threat landscape and attack vectors.

Specifically, what are the challenges and opportunities created by digital transformation including IoT, cloud, mobility, for chief security officers?

l Exponentially increased attack surface

l Better contextualization to risky behavior / pattern

In general, looking at the present and future technology landscape, what is the upside and downside of cyber security solutions?

l Considering evolving cloud and digital stack towards platform less open service model most of the endpoint solutions might become native solution.

l Gateway Security solution with automatic risk quantification and response would evolve to manage the risk in interdomain association.

At present, what are your expectations from cyber security solution vendors, channel partners, consultants?

l To address the blind-spots (get visibility and contextualization) which can help in identify the risk in proactive manner and quantifying the risk to priorities the response strategy.

At present, what advice or feedback or recommendation would you give cyber security solution vendors, channel partners, consultants?

As above ë

CISO OPINION CORNER
RAM SONI AVP- Information Security, Mashreq Bank
29 MARCH 2022

SECURITY CONCERNS: CHALLENGES AND SOLUTIONS

The year 2022 is going to witness rapid growth in innovations in technology along with the growing security vulnerabilities. Cloud security, SDN based services, VPN, EDR, and 5G are the effective mitigation steps that can be adopted to meet the security threats.

We are finding new ways to manage the pandemic and new variants showing up and casting a shadow in all spheres of life. Tech space is not an exception and in spite of that tech companies are more equipped to handle challenges than ever before. The new distributed hybrid workforce is the new norms of the day and organizations have well managed their businesses globally by adopting Technologies and effort to support work from anywhere. This will only enhance the days to come which means technologies like

Analytics, Cybersecurity, and AI will play increasingly important roles in 2022 as well.

Despite all this, 2022 will bring significant opportunities but not with out challenges. Here are the 3 major Treats & solutions -

1. Security Challenge: 2022 with the growth of complexities in technol ogies and increasingly adopting to new technologies will bring greater emphasis on exceeding customer experiences rather than just products and services. This is going to be a sweet spot for cybercriminals because cyber criminals are becoming more creative and changing their strategies regularly, hence strategies need to be regularly monitored & adopted, and organizations are challenged to step up with evolving security threats. So at Cloudbox Technologies (CBT), we help customers build a resilient, agile, and sustainable infrastructure. CBT treats every customer require ment as unique. Moreover, there is no one-size-fits-all security solution hence our security experts will do a comprehensive network vulnerabil ity assessment and understand and provide best of breed solutions. Our solution includes Cloud Security, SDN based services, VPN, and setting up strict network traffic controls policies for all devices to access the networks or business data through multi-factor authentication like two factor authentication (2FA). Endpoint detection and response (EDR) gives insight into the data on a real-time basis to take necessary steps to mitigate threats, vulnerability assessment, and digital forensic tools. All these solutions protect from multiple endpoints, several devices, and from several remote locations safely and securely.

2. Cyber security skill shortage: There is likely to be a shortage of skilled employees in cybersecurity with ever-increasing sophisticated ransom ware and cyber-attacks. To address this the organization should look at the workforce by developing and realigning roles, skilling, up-skilling, re-skilling, and also managed services or looking at service providers to fill in these gaps.

3. 5G Adoption new risk: 5G will revolutionize connectivity which will open up new possibilities for faster and accelerate growth for IoT devices. IoT devices are vulnerable to security threats and these devices can be a threat for the office networks that organization has to be well prepared before 5G becomes mainstream for business use. For all IoT devices strict policies have to be designed, timely update of security patches and misconfiguration needs to be addressed. Organization needs to have a holistic cybersecurity strategy which includes people, processes, and technology.

2022 will see a growth of security vulnerabilities in organizations and must be prepared to evolve their mode of operation if they wish to stay ahead of new risks. Security teams have to keep a close attention to upcoming threats and challenges in the cybersecurity space. They need to take the key learnings from the past and build new adaptability and flexibility into their security process to improve their overall risk gap and thrive in the future. ë

THOUGHT LEADERSHIP
30 MARCH 2022
SAJITH KUMAR, GM – Enterprise, Cloud box Technologies LLC

INFOBLOX

What is Infoblox 3.0?

Infoblox 3.0 harnesses the industry’s leading networking core services and security solutions to provide the highest availability and to secure on-premises, virtual, cloud and hybrid deployments.

We are uniting NIOS, the industry leading on-premises DDI solution, with its cloud-

native BloxOne Threat Defense and BloxOne DDI platforms to help customers bridge core networking and security into cloud environments that underpin the needs of the modern enterprise.

We are integrating our on-premises and cloud technologies, making them available from a single cloud-based portal, which

enables customers to see where all their assets live through a centralized console.

Why is Infoblox going cloud-first?

As customers extend on-premises infrastructures and applicatiopns into the cloud, they are redesigning their data centers, networks, and security. Infoblox 3.0 gives customers the cloud foundations they need - whether in the form of private clouds that stay on-premises, hybrid networks combining data centers with cloud offerings, or fully cloud networks. Connecting the on-premises DDI capabilities of NIOS to BloxOne DDI and BloxOne Threat Defense enables customers to build the hybrid and cloud-only DDI networks that modern enterprises need for workplace

How are you doing this?

We pioneered enterprise-grade DDI, which our customers use in their centralized data centers and regional offices. We followed up with support of private and public cloud to help our customers move workloads to the cloud. Under CEO Jesper Andersen’s leadership, we made a bet on offering DDI as a cloud managed offering with BloxOne DDI - doing for this space what Amazon did for compute and Microsoft did for storage. We leveraged our two decades of experience delivering the market’s preferred on-premises DDI solutions to simplifying, scaling, and securing that experience in the

We’re building on our on-prem DDI leadership to delivering virtual, hybrid and cloud DDI deployments that are:

Simple: Automating and standardizing the delivery of cloud-first network experiences with the richest set of cloud-native APIs, integrations and contextual data

Reliable: Providing proven five-nines reliability for mission-critical networks, including the largest networks in the world, with the flexibility and cost efficiency of the cloud

l Secure: Enabling customers to automate anytime, anywhere, foundation security for all uses and devices with faster threat detection and remediation

l Scalable: Delivering services when and where customers need them with a seamless, uniform experience ë

SOLUTION SHOWCASE
FRANK RUGE, Vice President, EMEA Sales.

THE ONEROUS WAY FROM CYBER SECURITY TO DATA PRIVACY

CISOs have to play ubiquitous roles in the business operations of an organization facing security challenges and finding ways for risk mitigation. For this a CISO should possess skills on interpersonal, leadership, communication, and presentation and an in-depth knowledge on modern trends and technologies.

Please describe your job role in the organization.?

My role involves focusing on ICT Governance, Risk, Compliance, Information Security, Business Continuity, Data Privacy, auditing, training, and accreditation from certification bodies. I am also involved into ensuring reporting, monitoring, and measuring the critical domains of Information Security to take proactive preventive measures. I am also involved into designing and strategizing IT Strategy and ensuring businesses towards digital transformation.

What are the most important and critical aspects of your job role for your organization?

The most important and critical aspect as a Security and compliance person is “Communication”. Constant communication with the team, staff, employees, stakeholders, directors, as well as with external regulatory and compliance authorities is the most critical and important aspect for this kind of role. It is very important to have great interpersonal and communication skills, conflict management, and team management skills other than the necessary technical skills and expertise.

What are the typical challenges faced by a chief security officer in large and medium enterprises?

There are various challenges which CISOs usually face in any organization: One, the growing frequency of cyberattacks. The increasing prevalence of cyberattacks is generally the top concern for CISOs and the drive for most of their day-to-day efforts. At the same time, they are expected to wear multiple hats: that of the defender and enforcer who protects the organiza-

tion, as well as the manager and a trainer who enable the members of the organization to stay secure and educate them on the existing and upcoming risks

Second, yet very crucial challenge is the shortage of skilled resources, and organizational issues. Currently, the market is filled with people having tool-based skills. However, being a CSO the major challenge is to have the resources with understanding and knowledge of compliance, risk management and key concepts of information security and data privacy. They should have understanding about laws and regulations pertaining to Information Security, Data Privacy, and cybersecurity.

Another very critical challenge which usually CSOs face is they are not always considered as a true member of the leadership team.

What are the key skills required for an ideal chief security officer in this age of digital transformation?

Since CSO must wear multiple hats, it is very important to have diverse portfolio of skills to his name. But I believe that other than the technical and cybersecurity skills (which of course is mandatory), a CISO should have good communication, presentation, and interpersonal skills. He/ she must have good understanding of the recent trends and technologies like AI, ML, Blockchain, IoT from business standpoint. and on top of that, he/she must have a strong grip on Governance, Risk, Compliance, Data Privacy and relevant regulatory laws and regulations.

How does your organization or how do you define digital transformation?

CISO OPINION CORNER
HAFIZ SHEIKH ADNAN, IT Security & GRC Officer, WASL Group
32 MARCH 2022

Digital transformation is a buzzword, and a common misconception is introducing new tools and technologies in the organization is called digital transformation. Digital transformation is not only the process of using digital technologies to create new or modify existing busines processes, culture, and customer requirements to meet changing business and market requirements; Digital transformation is more than this. Digital transformation is about cultural/organizational transformation, it also involves business model transformation as well as domain transformation It is only with a complete overhaul of an organization that businesses can realize the benefits of digitization: enhance operations, create collaboration opportunities, expand their service offerings, and revolutionize their approach to the customer experience.

According to you, how does digital transformation affect the security posture of any business?

A push back many enterprise organiza-

tions in data-sensitive industries have privacy and cybersecurity concerns. And that is valid. Most digital transformation efforts involve leaving behind on-premises solutions to move to the cloud, as well as integrating all a company’s data into one centralized system. Of course, this brings up the increased threat of cyberattacks stealing customer data and company secrets. Online attacks can target system vulnerabilities, poor setups, and unsuspecting users. Be sure to have a plan in place to proactively mitigate these threats before they happen.

Specifically, what are the challenges and opportunities created by digital transformation including IoT, cloud, mobility, for chief security officers?

The first and foremost challenge starts right from the top, lack of understanding of digital transformation and no vision and strategy with regards to digital transformation. No proper feasibility studies, lack of ROI benefits realization leads to further

complexities. Lack of Change Management strategy, complex software and technology, and lack of skilled resources is another major challenge to drive digital transformation within the organization. Digital transformation is not only adopting new software, technologies, and processes that are more efficient and automated than traditional business practices and processes, it’s an entirely new, innovative way of doing something that is core to your business.

At present, what advice or feedback or recommendation would you give cyber security solution vendors, channel partners, consultants?

My two cents to solution vendors and consultants: Focus on the GRC rather than just selling and working on the tools. Become partners in digital transformation rather than vendors and service providers. Build your strong base on Risk Management, invest in uplifting your skills. ë

CISO OPINION CORNER 33 MARCH 2022

The mere definition of “brand value” has far gone beyond financial balance sheets, marketing strategies, and customer acquisition costs. With great branding comes great visibility and one shouldn’t discount the dark side of the force. Cybercriminals are on a constant watch out for the next trivial mistake that could bring an enterprise to the mercy of their ransomware demands. 2022 will see digital brand protection as one of the top services that regional enterprises will want to have in their daily cybersecurity operations.

Learning from last year’s statistics, we find that cybercriminals have deliberately targeted

GETTING AHEAD OF CYBERSECURITY CHALLENGES IN 2022

supply chain and critical infrastructure given the steady increase in remote work requirements. Threat actors have targeted government and private sector enterprises for both financial and non-financial gains. The number of targeted banking trojans increased the year after. Additionally, vulnerabilities have also increased particularly in sensitive infrastructure not limited to internet-facing apps, operational technology (OT), and network devices. Over 20,000+ vulnerabilities with an average CVSS of 6.5 were reported in 2021 alone.

Manufacturing, construction, retail, business services, and healthcare have taken the top 5 spots for the most targeted ransomware group activity. Remote code execution, privilege escalation, authentication bypass took the top 3 vulnerability categories with RCE covering over 55% of the pool.

Cyble Research Labs predicts that if the ransomware attacks continue with the current trend, 2022 might witness a 50% increase as compared to 2021. Approx. 50 vulnerabilities were reported every day in 2021 and vendors such as Linux, Apache, and iOS are likely to be targeted by attackers soon.

To get ahead of the cybersecurity challenge curve, end-user cybersecurity teams need a sophisticated early warning Cyber Threat Intelligence system. One that caters to the attack surface in totality including deepweb and darkweb

chatter and correlating with Threat Actor activity at a regional level.

An Intelligence-driven visibility approach that can predict future attacks based on a heavily vetted intelligence gathering exercise needs to be put in place to meet the demands of enterprises upgrading their current infrastructure.

While relying on AI-powered systems is the future, having dedicated human intelligence analyst working their way and maintaining access in some of the toughest corners of the darkweb and cybercrime marketplace will be a must-have arsenal in modern-day cybersecurity operations.

Receiving real-time statistics into changes in IT inventory, typo squatted malicious phishing domains, exposed cloud storage, and online code repositories are some of the most important use cases we see the industry will employ in 2022 to improve their attack surface management capabilities.

The plethora of information and sensitive communication that lies in 99% of the web (deep and dark) will be of major concern in 2022 and we recommend that organizations now include a sophisticated approach in receiving timely alerts on any compromize not limited to only them but also the 3rd party supplier network.

To sum it all up, Early Intelligence enables Early Intervention. ë

EXPERT BYLINE
34 MARCH 2022

GETTING AHEAD OF CYBERSECURITY CHALLENGES IN 2022

Organizations continue to embrace and accelerate digital transformation driven by key objectives of enhancing customer experience, reducing operational inefficiency and increasing productivity while mitigating risk and maintaining security. They are rethinking network and security for them to be able to have the agility and resilience while supporting access anytime from anywhere. The Middle Eastern countries have become early adopters of cutting-edge digital technologies, with governments increasingly diversifying their economies. The public and private sectors have made significant gains in establishing a robust digital infrastructure that supports innovation and opens new economic possibilities.

As governments in the Middle East work to diversify their economies, a greater focus is being placed on broad-scale digital transformation across verticals. The public and commercial sectors have made significant gains in establishing a robust digital infrastructure that supports innovation and opens new economic possibilities, driven by national visions and ICT goals.

This transformation is ultimately expanding the threat and cyber attack surface with a borderless enterprise, which will prompt many companies to implement innovative measures to protect themselves from damaging attacks. In 2022, modern ransomware is becoming more targeted and prominent. Employees connected from anywhere and IOT increased the threat surface and the entry to corporate

networks directly or via VPN s. This is adding critical challenges to the security team to be able to enforce policy and maintain the security posture across the organization using legacy and traditional security tools.

Rethinking our network and security strategy is the way forward. Bringing users and devices via VPNs to our networks allows lateral movement of threats coming from infected users, while connecting remote users and securing their traffic through the traditional security stack is facing scalability and resiliency challenges. Another major challenge is security operations and the ability to manage a cascaded security stack and effectively respond to cyber crime. In 2022 and beyond is the time to transform our network and security to the Zero Trust architecture. The concept of Zero Trust is still connecting users, devices and applications securely without the need to be on the network while maintaining a unified policy across the enterprise. Zscaler was ahead of the curve to bridge the gap with its true Zero Trust Exchange Platform enabling fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network. Based on the zero trust principle of least-privileged access, it provides comprehensive security using context-based identity and policy enforcement. Zero Trust is the way forward in an ever growing cyber threats while containing the attack surface and optimizing network and security operations.

ë EXPERT BYLINE
35 MARCH 2022
Zscaler was ahead of the curve to bridge the gap with its true Zero Trust Exchange Platform enabling fast, secure connections and allows your employees to work from anywhere using the internet as the corporate network.

MILLIONS LOST TO RANSOMWARE. WHAT IS THE SOLUTION?

In 2021, we observed a resurgence of enterprise ransomware with a shift towards larger organizations. By attacking enterprises with a larger reach, threat actors are looking to increase their financial gains without increasing effort. The rise of ransomware attacks on supply-chain and third parties is resulting in ‘one-to-many’ compromise.

On average, enterprises have approximately 5800 vendors they depend on for business functionality, and 20% of these pose a high risk. Since third-party (and fourth party) cybersecurity is often not up to the mark, and there is a lack of visibility of real-time cyber risk the third parties pose to a business, cybercriminals are targeting third-party vendors to laterally breach multiple larger organizations simultaneously. Examples of such tactics include the SolarWinds attack, which will reportedly cause a cumulative loss of over $100 billion.

In 2022, ransomware is evolving; sensitive credentials will be stolen and leaked without any waiting period, customers’ data will be exposed and customers will be directly threatened. Therefore, reactive techniques and

Businesses should understand that more cybersecurity products does not mean better security.
EXPERT BYLINE 36 MARCH 2022

reliance on data backups alone wouldn’t help. Organizations will have to proactively prepare for ransomware attacks and have dedicated playbooks in place to manage and mitigate them.

PROACTIVE CYBERSECURITY THROUGH CYBER INSURANCE

With the costs to manage and mitigate cyber risks rising - from the first half of 2020 to 2021, the average ransom demand increased by 170% - businesses are looking to ‘transfer’ their cyber risk through insurance. Last year alone, there was an increase in claims frequency by 46% for IT, and 53% for professional services, and 263% for industrials, according to a report by Coalition.

Cyber insurance plays a significant role in influencing proactive cybersecurity initiatives. The way insurers do not cover risky drivers under auto insurances, cyber insurers are liable to reject coverage if businesses do not have a certain standard of cybersecurity. A deliberate shift from both parties to adopt a standardized means to measure, manage, and mitigate cyber risks in real-time through breach-likelihood prediction will have the benefit of knowing. It will enable cyber insurance providers to have a dynamic view of who they’re covering and the risk they’re underwriting. Given the number of dynamic parts in businesses, including people, third parties, technology, and cybersecurity products, that can be targeted for initiating ransomware attacks, cyber risk quantification can be a game-changer for insurers and businesses alike.

MANAGING RANSOMWARE PROACTIVELY

Firstly, an organization should define what financial risk they are facing as a result of ransomware attacks; it varies depending on the geography, industry, and size of the business. Once they have calculated this value, they must build a strategy to accept, reduce or transfer the risk. If the damage is within acceptable limits, the business should focus its efforts on other facets of its cybersecurity strategy. However, to reduce the financial impact, they can either purchase cybersecurity products/services to improve their cyber risk posture or patch identified vulnerabilities. The problem is that in today’s dynamic and digitally native businesses, there are over 40-50 cybersecurity products/ services; each with its dashboard, warnings, and priorities. Cybersecurity teams are often overwhelmed and miss important SOC alerts that could potentially warn about ransomware attacks. Businesses should understand that more cybersecurity products does not mean better security. A shift in mindset will enable businesses to move towards a predictive approach where signals - from various cybersecurity services - are unified and integrated in real-time, using ML-enabled risk assessment techniques to quantify the cyber risk posture across all vectors (people, processes, and technology for 1st and third-party). A single dashboard approach that helps businesses measure, manage and mitigate threats such as ransomware and others will aid CISOs and security teams to have a proactive view of what’s going right and what can be better; with a contextual understanding of the direct financial impact of every cybersecurity initiative undertaken to reduce the risks. Lastly, a part of the cyber risk can be transferred via cyber insurance and in 2022, we will see a rise in mandatory cyber insurance to have a baseline level of protection, especially for businesses in critical sectors such as FinServ, Healthcare, Power, etc. No organization can be 100% secure but they can be 100% prepared. Cyber risk quantification makes cybersecurity simple, de-jargoned, and contextual by improving visibility of cyber risk. ë

EXPERT BYLINE 37 MARCH 2022

5 STEPS TO ENHANCE YOUR CYBER RESILIENCE

Rapid digital transformation can leave organizations, and more specifically critical infrastructures, open to cyberattacks. The adoption of new technologies and processes is leading to more risks than ever as the attack surface has phenomenally increased in the last years.

ARE YOU CYBER RESILIENT ENOUGH?

Organizations are aware that there are no perfect cybersecurity solutions today. They should be prepared to respond and recover from any type of cyber threat, and this is where cyber resilience kicks in.

Cyber resilience is the ability that organizations should develop to continuously provide services and operations to their end customers with minimal impact, even in the case of a cyberattack. It encompasses a whole change of mind and cyber culture where the need to anticipate, prepare for, respond to, and recover from cyber-attacks become critical.

. Thanks to 5G high speed and performance, critical infrastructures can launch new services such as smart utilities, smart cities, or smart factories. These activities should not stop under any circumstances and disruption of services or data breaches could deeply impact the organization in terms of cost, reputation, and performance, with the risk of leaking confidential and private data or even endangering lives.

Moreover, 5G is a very complex ecosystem to protect as it is heterogeneous, with virtual and physical infrastructures, and requires adapted security at several levels.

FROM REACTIVE TO RESILIENT: THE NEED FOR A CHANGE

There is no single solution to address cyber resilience: it’s a framework involving people, processes, and technology to be able to withstand against all possible scenarios and should become a part of organiza-

AMIT ROY, General Manager
Cybersecurity - MEA, Atos
EXPERT BYLINE 38 MARCH 2022
There is no single solution to address cyber resilience: it’s a framework involving people, processes, and technology to be able to withstand against all possible scenarios and should become a part of organizational culture.

tional culture. The organizations could complement it with a proactive approach through prevention with security trainings, stress testing and proactive threat hunting and monitoring.

The objective is to bring a holistic approach to protect against threats that are more and more sophisticated and recover quickly.

STEP 1: MEASURE YOUR RESILIENCE TO BETTER HANDLE IT

To stay ahead of your enemies, you first need to understand what your current security posture is so you can improve it. An assessment can help you make the inventory of your critical assets and have a global overview of what is the most at risk. This includes maintaining a catalog of your cloud and hybrid assets, performing infrastructure discovery, and evaluating your security measures.

STEP 2: EFFICIENTLY HANDLE INCIDENTS WITH THE RIGHT COMMUNICATION SETTINGS

Communication is key during security incidents and times of crisis but also to effectively operate daily. To succeed in coordinating securely and competently, organizations should set up a comprehensive communication matrix where all stakeholders, both internally and externally, are clearly identified and will be rapidly notified.

STEP 3: BUILD A CYBER RESILIENCE CULTURE AND ENSURE COMPLIANCE

The key to prevent security incidents is to implement a strong cyber resilience mindset within your organization, and that should involve all departments and stakeholders, not only IT and security teams. . Open discussions with the employees who are directly impacted by the processes and gathering their feedback is important for subsequent optimizations.

Your systems should also be challenged regularly. For that, mock drills and red teaming exercises are important to know the gaps and work towards improving the security posture. It will also help confirm if you

are compliant or not with the regulatory standards.

STEP 4: DETECT, RESPOND, AND RECOVER QUICKLY

Now that you have worked on the prevention part, you should also focus on your ability to identify the risks on your supply chain and the related key assets. This is where an integrated continuous threat detection and response strategy is critical. You need to be able to cover your entire IT stack, across all vectors, including endpoints, cloud, applications, or servers for a complete visibility.

Once these threats are detected, comprehensive threat management technologies, such as managed detection and response platforms, should be used to automatically contain the threat and orchestrate a swift and efficient response.

STEP 5: AUGMENT CYBER RESILIENCE WITH A ZERO-TRUST APPROACH

With the multiplication of users and devices trying to access your network remotely, how do you ensure that only the right ones are allowed to access the right resources at the right time? A zero-trust security approach is the best way to go further in improving your cyber resilience posture. You should never trust and always verify who tries to connect to your infrastructure and most valuable resources. As a result, you will be able to better fight against both insider threats and external malicious actors.

CYBER RESILIENCE FOR A SUSTAINABLE AND TRUSTED FUTURE

Cyber resilience is an imperative on the journey towards a secure digital transformation as threats will continue to grow stronger and adversaries will be equipped with more advanced weapons. To survive and adapt, let’s look forward continued innovation by our defender teams and security solutions to ensure we can stay ahead of attackers. ë

EXPERT BYLINE 39 MARCH 2022

EMPOWERING A CYBER RESILIENT CULTURE

tion exempts it from being targeted by cyberattacks. Cyber Resilience means evolving your IT Security stack to be resilient enough from any anticipated or predicted type of an attack, while maintaining productivity.

2. What are the main gaps?

This question is challenging to answer, because no single source of information can provide a comprehensive response. We all agree that being 100% secure does not exist – the same is applicable to being perfectly resilient. Since the answer varies from one industry to another, let us review some high-level gaps that should be significant areas of improvement for companies, but not limited to these:

A) Having an eagle-eye view of the external possibility of a breach/compromise:

A holistic view of your Digital Footprint (Attack Surface Management) is one of the very crucial perspectives that most organizations fail to consider, as such a solution may give an early indicator for a vulnerability which could in turn lead to a backdoor/entry point for multiple types of attacks at an early stage, such as social engineering/reconnaissance, etc.

B) Having a spectator-mode platform which can help to differentiate/distinguish anomaly behavior:

Attackers are always trying to mimic corporate users’ behavior in the network vector; trying to abuse interconnectivity, which is not easy to identify. The SOC Triad concept (SIEM, EDR, NTA), recently mentioned by the renowned third-party industry analysts, can be complemented by Network Threat Hunting, which can further assist in differentiating real users’ behavior from the bad guys.

C) If your end-users become compromised (knowing that EDR is now omnipresent), is there anything that can limit such an attack’s impact? (DWELL Time)?

D) The answer is YES.

attacker move between, in any of your secured subnets? 2, 3, 5 or more?

Reducing your internal attack surface and ring-fencing your workloads/mission-critical assets is a key resilience approach, which helps to reduce the probability of an impactful strike. Segmenting the heterogenous infrastructure in alignment to your business objectives is especially important and creates a great obstacle to attackers, whose tactics are to move laterally in your secure network.

3. How to prioritize these gaps and fill them?

Smart prioritization of investments is the only way to increase the readiness of the cybersecurity/cyber resilience ecosystem that will minimize the chance of getting compromised. Zero Trust Security is a well-designed framework that can be leveraged to prioritize the bridging of the gaps.

4. Why are new-born Technologies/Thought leaders welcomed?

Attackers are always a step-ahead! So, augmenting your security operations and posture with AI, ML, Predictive Analytics are important to enrich and empower the Cybersecurity ecosystem and incident response capabilities against sophisticated attacks which impact large enterprises and government entities that have already invested in market-leading cybersecurity technologies. Innovation around these new mechanisms and methodologies are usually in next-generation platforms.

5. What guidelines can CISOs refer to?

1. INTRODUCTION

Cyber Resilience is top-of-mind for all Security Leaders since we live in an era where neither the size nor the type of an organiza-

Next-Generation Deception technology plays a key role in such a scenario, as you can still detect the attacker’s activity (which could be under the cover of your legitimate users’ identities).

E) How big is your internal attack surface? How many entities/workloads/assets can the

Again, this will be hard to limit since there are multiple trusted references and each one is different. Out-of-the-box thinking always requires access to as many resources and advisors as possible. All third-party industry analysts use their own criteria to define the best players in any domain, which may not necessarily be the best for a particular organization. So, the best way to get the right advice is to have a proper gap assessment conducted, specifically for an organization considering all their variables including the respective infrastructure and corresponding criticality.

A trusted security advisor can provide guidance to address gaps and prioritize addressing them according to current investment plans, by optimizing detection, prevention, and response processes, while architecting effective solutions tailored for the organization. ë

EXPERT BYLINE
Cyber resilience can reduce the effect of security risks and it is basically a framework including people, technology, and processes that should have the ability to recover from the organizational issues and external threats.
MOHAMED AMR, Sales Engineering Team Lead for GCC and Levant at CyberKnight
40 MARCH 2022

HOW CYBER RESILIENCE ADAPT TO THREATS?

No organizations today can claim that they will not face cyber-attacks, data breaches and other incidents. Cyber resilience focus on how well the organization protects against incidents and its ability to continue business operations and minimize harm to organization in the long run.

1. RISK ASSESSMENTS

Risk assessment is the best starting point for organizations who wants to address the gaps in cyber resilience. Organizations should consider having a comprehensive risk management which is customized to covering all aspects of people, process and technology. With ever changing threat vectors organizations should continuously keep assessing the risks and its impact. Highlight the key risks to senior management and board, get their buy-in to address the risks.

2. CYBERSECURITY & BUSINESS CONTINUITY CONTROLS

KANNAN SRINIVASAN, Head of Cybersecurity, GAVS Technologies
As part of assurance, have a clearly defined charter in place and get the board level commitment and involvement.
EXPERT BYLINE 42 MARCH 2022

Having strong cybersecurity and business continuity controls are key to protect organizations from any attacks. They should focus on the following areas:

A) Protect and Manage: Implement tools and technologies that an organization can afford to best protect its environment including endpoints, applications, and networks.

B) Identify and Detect: Tools implemented have the ability to identify the incidents early and consider automated tools like SOAR which can prevent an attack automatically.

C) Response and Recover: Incidents are unavoidable and if it happens what is the ability to bring the systems up and running as per the business requirements.

3. THIRD PARTY RISK ASSESSMENTS

Organizations depend on third parties to support them in many ways. Service agreements or statement of work will cover the security and recovery obligations in addition to scope of work. One third of security breaches are caused by third parties, so it means once the contract is signed the effectiveness of security may not be tested. A third-party risk assessment based on their nature of support and access to sensitive data must be done on a periodic basis.

Organizations depend on the SAAS based platform, in most of the cases the application and data are hosted in cloud and only access management is controlled. Capture the secu-

Maturity Level

rity requirements, SLAs and enforce SSAE 18 reports as part of the contract.

4. INCIDENT RESPONSE

A well-defined process should be available on how to restore the systems within the agreed service levels. A matured incident response team is well-aware of each and everyone’s roles and responsibilities, stakeholders to be involved based on the criticality and a procedure document to resolve issues. During an incident, extreme care should be taken to ensure not to leak critical data (PHI, PII or PCI) to any unauthorized person.

Sophisticated cyber-attacks can have an impact on business operations or lead to penalties from authorities. It is important for organizations to have a qualified crisis management team in place.

Post incident, security teams should make sure the incident report is created with root cause of the incidents and action plan is drawn up to prevent such incidents in future.

5. AUDIT AND ASSURANCE

Internal and external audits play a key role in ensuring all the controls defined are effective. To cut costs, many organizations fail to recognize the importance of the last line of defense. Audit team should identify the scope and publish the audit plan. Governance team should ensure audit covers all aspects of security, disas-

ter recovery and IT systems. Audit team should focus on reviewing the Test of Design, Test of Effectiveness of controls and audit the periodic table-top exercise conducted by the technical team to recover the systems. It is highly recommended that audit team visit Third Parties and perform in house audit wherever possible. It is also a good practice to audit using external auditors. This gives a different perspective and identifies key risks which may have been overlooked by internal audit teams.

As part of assurance, have a clearly defined charter in place and get the board level commitment and involvement.

On a periodic basis (at least once in a quarter) publish the status to the board covering SLAs, KPIs, key risks and support required from the management. Organizations should have a roadmap to achieve the cyber maturity levels and report should publish the current status of this maturity levels.

6. ACHIEVING MATURITY LEVELS

Organizations can start with essential security controls like process, awareness, and tools, then move on to protect against common attacks - here you can consider SOAR tools and automation. Integrate cybersecurity into operations and have cyber risk management in place. Then move to your suppliers, ensure they have adequate tools and process in place not to create any impact to your organization.

ë
Embedded - Integrate with business objectives Baseline - Integrate with Business Operations Extended - Securing Supplier Services Core - Protect Against Common Attack
EXPERT BYLINE 43 MARCH 2022
Cyber Essentials

ADDRESSING GAPS IN CYBER RESILIENCE

Cybercrime is set to cost the global economy $10.5tn annually by 2025. Industry research reveals that, in the UAE, the average cost of remediating a ransomware attack is over $500,000. What’s even more concerning is the fact that nearly 80% of senior IT and IT security leaders believe their organizations lack sufficient protection against cyberattacks despite increased IT security investments. One of their main concerns? Lack of cyber hygiene.

By maintaining the security and upkeep of organization’s systems, devices, and procedures – whether that’s through secure corporate communication or purchasing cyber liability insurance, among other options – an organization can lower its chances of falling victim to a cyber-attack.

THE INITIAL STEP: SUPPLY CHAIN RISK

MANAGEMENT

Cyber threats are lurking everywhere. That’s why it’s important to do everything possible to limit an organization’s vulnerabilities. Through supply chain risk management, a strong network of trusted vendors can be maintained while securing end-to-end supply chain. This strengthens an organization’s physical security and helps protect against potential cyber-attacks.

It’s important to communicate and work closely with partners and vendors, to get an in-depth understanding of their data and privacy protection policies. After all, the highest level of resilience against cyber threats isn’t achieved alone. It happens when everyone involved commits to upholding best practices.

DETECTING SUSPICIOUS COMMUNICATIONS

Threat actors use social engineering campaigns – like phishing attacks or pretexting – to bait into unknowingly providing sensitive information, giving them access to private data. For that reason, ensuring that all employees can effectively detect and avoid suspicious communication attempts is vital to an organization’s physical security.

While mistakes happen, keeping an eye out for unusual communication requests, and thinking before clicking on any links or messages, are some of the ways to help to protect an organization against cyber-attacks.

PROVIDING CONSISTENT USER EDUCATION FROM THE START

Since the repercussions of a cyber-attack can have a long-lasting negative impact on an organization — whether it be in the form of a financial hit or data loss — providing consistent user education to employees is an investment that goes a long way.

EPHREM TESFAI, Sales Engineering Manager META at Genetec
EXPERT BYLINE 44 MARCH 2022
Educating employees on cyber hygiene is an ongoing task that should begin during their onboarding.

Educating employees on cyber hygiene is an ongoing task that should begin during their onboarding. By explaining the importance of strategies like strong password selection, locking devices, and identifying social engineering attacks, an organization can limit the chances for human error while maintaining best practices.

USE STRONG AUTHORIZATION AND PRIVACY METHODS

While encryption and authentication are great tools for protecting data, they cannot stop unauthorized access to a network. By using authorization capabilities, the scope of activity can be restricted within systems by giving specific access rights to groups or individuals for resources, data, or applications. You can also blur out people in a video frame to protect their privacy and identity.

CHOOSE TECHNOLOGIES WITH BUILT-IN

DEFENCES

Having multiple layers of defence built into physical security solutions is critical. For instance, encryption helps hiding and protecting data from unauthorized users and secures the communication between clients and servers. Authentication is another tool that determines if an entity is who it claims to be and verifies if and how that entity should access a system.

ADDING FINANCIAL PROTECTION WITH CYBER LIABILITY INSURANCE

There are as many as 12 different types of coverage available for cyber threats, which means that some research is needed before finding a cyber liability insurance package that can meet an organization’s needs. With cyber-attacks on the rise, investing in the right package should be an essential part of cybersecurity strategy. Because such a wide range of options are available, reading the fine print is a key part of the insurance selection process, as that’ll deter-

mine the exact coverage to be received in the case of a cyber-attack.

While cyber liability insurance is a good way to help mitigate the financial risk of cyberattacks, vetting vendors, partners, systems, and devices, and establishing an effective cyber risk mitigation plan are all equally essential steps to protecting your organization against cyberattacks. Always remember that any vulnerability is one too many.

GOOD CYBER HYGIENE IS A TEAM EFFORT

Cyber hygiene isn’t only about securing systems and devices, but it requires time and attention to many aspects of an organization. Because a physical security system is only as secure as the least trusted device connected to it, there isn’t much room for error. Focusing on maintaining strong cyber hygiene through supply chain risk management, secure exchanges, user education, and cyber liability insurance are some of the keyways to protect an organization against evolving cyber threats. ë

EXPERT BYLINE 45 MARCH 2022

DEVELOPING THE CYBER SECU RITY PROFESSION IN 2023 AND BEYOND

The growing security concerns resulted in the high demand for cyber security professionals who are responsible to strengthen the modern technological space. Towards the end of 2023, every industry can expect more than 10 million cyber security professionals with exponential skills and talent in the technical field.

INNOVATION AND FUTURE SECURITY IN BFSI SECTOR

Modern banking and financial services companies have to cope with the workloads in a short time and secure from the cyber-attacks. BFSI sector is highly focused on advanced self-service to manage the time and effort on the part of customers.

MANAGING AND RESPONDING TO CYBER THREATS

You can manage the cyber threats by keeping the system and web browsers updated, using only valid links and attachments, providing proper training to the employees regarding the cyber-attacks and the mitigation steps, and trying to back up the necessary files. Manage and respond to cyber threats only to better prepare for the future.

THE GCC SECURITY SYMPOSIUM & CISO AWARDS 2022

Global CISO Forum is all set to host the 5th edition of The GCC Security Symposium and CISO Awards on 17th May 2022 in Dubai.

HOW THE NATIONAL CYBER SECURITY COUNCILS TACKLING EMERGING THREATS

Cyber security formulates safe cyberspace for organizations and protects valuable data from unauthorized access. The national cyber security council collaborates and guides all the public administration in the matter of cyber security concerns. The cyber security council prepares these administrations to tackle the emerging cyber-attacks. National cyber security council come up with phenomenal security strategies on the basis of the threats devised by the particular technologies. All the agencies could respond to the data breaches for making their duty riskless and effective. The approach towards security concerns has transformed as a result of COVID 19 resulting in the disruption of important services.

GECSS PREVIEW
46 MARCH 2022

NAVIGATING THE LATEST RANSOMWARE – A HANDS-ON STUDY

The modern era has to resist hazardous incidents in both the physical and digital worlds. The cyber attackers exploit and hold confidential data and thereby demand a huge amount for the recovery of the files. Since 2020 Ransomware attacks are on their hike making a disruptive cause on the companies and customers. The cyber-world is the victim of high-profile attacks including the attacks on JBS Foods, Colonial Pipeline, and even Microsoft Software that has caused data breaches startlingly. A ransomware attack is leaning towards more potential threats unabated.

NFTS – IS THERE A FUTURE? IF YES, HOW SAFE IT IS?

Non-Fungible Token or NFT can entrust any of the valuable assets digitally and are highly confidential and cannot be traded or exchanged. NFT makes the purchaser experience the ownership of any of the digital assets without being interrupted by an outsider. NFT is becoming a new normal for content creators in the digital world. Over the next decade, the innovation in the NFTs will continue to a larger extent reducing the investment risk and help to become an extensive part of the digital market world.

PRIVILEGED ACCESS MANAGEMENT FOR GOVERNMENT ORGANIZATIONS

The significance of security concerns is increasing and the users should be heedful on the security issues. Beyond the users, there could be

someone special to handle and direct the security matters to run things on a regular basis. Privileged Access Management has special security management which cannot be accessed other than the specified person. Creating a strong password, formulation of a valid inventory, restrictions in sharing the accounts, monitoring and auditing the controlled privilege, and deducting the number of privileged accounts are the outcomes of PAM.

PROTECTING THE CONNECTED WORLD

With the increasing intensity of the connected world, the risk and disruption of attack are always a step ahead. When the people are connected to each other it will pave an effective way for the connection between several organizations by expanding the related industry and market. Modern technology helps the world to be connected but the way for finding a solution to the privacy issues need to be found. The security of the connected world is not only decided by the technology that one uses but the approach of a person on the technology he/she uses. Using strong passwords, encrypted communications, data backup, and application and security updates in the devices may help to protect the connected world.

EVALUATING THE ROLE OF UAE AS AN EMERGING HUB FOR INNOVATION IN TECHNOLOGY

As a land of tremendous growth UAE is always a country that witnessed rapid development in all the significant fields. UAE gives much attention to human development and works for the sake of it. The UAE government has an enormous investment in human resources as well as technology. The core part of UAE’s future development lies in its stupendous technological advancement. Recently Robocop and the Museum of Future have revolutionized the technological image of UAE in an influential manner. The government of UAE is always concerned about the innovation in technology for improving the quality of life and future vision.

GECSS PREVIEW
47 MARCH 2022
The in-person event will be embellished by over 200 leading decision makers in security from across the GCC
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.