SPECIAL SUPPLEMENT BY VOLUME 0 2 | ISSUE 0 5 | SEPTEMBER 2016 LET THERE ‘SERVICES’BE Climbing skills shortage, burgeoning expenses and a high growth infrastructure have just cleared the way for MSS to take the road ahead! STRATEGIC PARTNER LET THERE ‘SERVICES’BE
In this situation, Managed security is a very good option and it is therefore on northward moment in the region. Alongside, we do have a lot of thought leaders in the security domain, who have contributed to this edition of Cyber Sentinels. They have covered a lot of security challenges and vulnerabilities extensively, which are of great use of the CISOs. hope this issue would create an indelible impact on the market while taking any decision on security solutions and practices.
04 SEPTEMBER 2016
I
ESCALATION IN THE SECURITY BREACHES IS BOUND TO HAPPEN GOING FORWARD. There are war zones and cold war situation in every region and it is heavy in the middle east and Africa region. By and large Africa is not being suffered from these syndromes thought, but in cyber war space, this region is not immune either. Rather there are pockets where cyber mercenaries are being prepared. However, the entire Middle East is the target of not only these cyber mercenaries but hackers and mercenaries from other geographies.
Happy Reading!!! ë EDITORIAL ESCALATION IN BREACHES AND RIGHT PRACTICES PUBLISHER: SANJIB MOHAPATRA MANAGING DIRECTOR: TUSHAR SAH00 EDITOR: SANJAY sanjay@accentinfomedia.comMOHAPATRA M: +971 555 119 432 ASSISTANT EDITOR: ANUSHREE RONAKSALESINFO@ACCENTINFOMEDIA.COMSUBSCRIPTIONSDESIGNER:LEADVISUALIZER:REPORTER:anushree@accentinfomedia.comDIXITSONALLUNAWATsonal@accentinfomedia.comMANASRANJANVISUALIZER:DPRCHOUDHARYAJAYARYAANDADVERTISINGSAMANTARAYronak@accentinfomedia.com M: + 971 555 120 490 KHYATIkhyati.mistry@accentinfomedia.comMISTRY M: + 971 556 557 191 SOCIAL MARKETING & DIGITAL RICHAPRODUCTIONYASOBANTCOMMUNICATIONMISHRAyasobant@accentinfomedia.com&CIRCULATIONSAMANTARAY + 971 529 943 982 PUBLISHED BY ACCENT INFOMEDIA MEA FZ-LLC PO BOX : 500653, DUBAI, UAE 223, BUILDING 9, DUBAI MEDIA CITY, DUBAI, UAE PHONE : +971 (0) 4368 8523 A PUBLICATION LICENSED BY INTERNATIONAL MEDIA PRODUCTION ZONE, DUBAI, @COPYRIGHTUAE 2013 ACCENT INFOMEDIA. ALL RIGHTS RESERVED. WHILE THE PUBLISHERS HAVE MADE EVERY EFFORT TO ENSURE THE ACCURACY OF ALL INFORMATION IN THIS MAGAZINE, THEY WILL NOT BE HELD RESPONSIBLE FOR ANY ERRORS THEREIN. PRINTED BY AL GHURAIR PRINTING & PUBLISHING LLC. MASAFI COMPOUND, SATWA, P.O.BOX: 5613, DUBAI, UAE INFO MEDIA SANJAY MOHAPATRA sanjay@accentinfomedia.com
In this issue of Cyber Sentinels, we are discussing about a lot of issues around cyber security. One of the issues related Cyber-attacks is privilege abuses. It is important to note that privilege misuse breaches are not always the result of a malicious former employee or disgruntled worker, but often emanate from carelessness and lack of awareness. This accounts of 15 per cent of breaches since 2010. We are also discussing about encryption challenges. Encryption is about managing multiple keys from multiple vendors. This is the most difficult part because enterprises by multiple products and there is no standard pattern. Different people manage different keys and there is a chance of data being breached. Of course there is an advance level talk among the solution providers to create an interoperability between the keys of application, database, storage consoles. However, the real challenge does not lie in acquiring the technology but in managing by deploying skilled resources, which is a tough ask for every enterprise.
COVER STORY CONTENTS As the region and regional organizations gear up to empower the integral infrastructures and invest in new technologies, Managed security services providers are seeing a silver lining. Climbing skills shortage, burgeoning expenses and a high growth infrastructure have just cleared the way for MSS to take the road ahead! LET THERE BE ‘SERVICES’12 CASE PUSHESCOMPANYHOLDINGSTUDYBACK ON CYBERCRIME 18 GUEST UNDERSTANDTHATFORBUSINESSBUILDINGARTICLEACASESECURITYTHECFOCAN 34 GUEST WHENARTICLETIMEIS OF THE TOOINTELLIGENCETHREATESSENCE,IS 36 CISO THETIGHTENINGSPEAKFENCES OF SECURITY 32 05SEPTEMBER 2016
Sophos revealed the availability of a beta program for Sophos Intercept. With the steady rise of crippling ransomware, pervasive zero-day exploits and memory resident attacks, sophisticated end-user security technologies are essential for preventing, detecting and responding to today’s cyber threats.Sophos Intercept can be installed and run alongside any competitive endpoint security software, boosting the levels of protection against unknown exploit variants and stealth attacks, with minimal impact to endpoint performance.
“Simply put, there can be no digital transformation without mobility. That means organizations are under increasing pressure to drive their businesses forward and innovate and are taking short-term risks in security in order to make staff and operations as agile as possible. With our mobile management technologies, VMware gives employees the ability to access the corporate data needed to do their jobs – from any device, while the IT team has a full oversight and control of which employees have access to which applications, meaning they no longer need to compromise on enabling true business mobility,” said Ian Evans, Vice President End User Computing EMEA & Managing Director, AirWatch EMEA at VMware. Employees themselves admit they aren’t as stringent at protecting organizational data on their corporate devices as they are the data on their personal ones.
Dan Schiappa, Senior VP & GM, Enduser Security Group at Sophos.
Virus Bulletin has published its VB100 Comparative Review on SUSE Linux Enterprise Server and VB100 Comparative Review on Windows 8.1 Pro 64-Bit. In the SUSE Linux Enterprise Server Comparative, Virus Bulletin had tested ESET Endpoint Security for Linux, scoring 100% in both – on demand and on access scanning. The same result was reached by ESET NOD32 Antivirus 9 in the second comparative, with Windows 8.1 acting as the test-bed.
“Sophos is changing the way organizations of all sizes view advanced endpoint protection. By combining the proven and independently verified advanced technology from Sophos with the pioneering exploit protection and remediation innovations from SurfRight.”
STREETCHANNEL
SOPHOS’ CEPTSOPHOSINTERRELEASEBETAOF
ESET GARNERS TWO MORE VB100 AWARDS
DAN SCHIAPPA, SENIOR VICE PRESIDENT AND GM, END USER SECURITY GROUP, SOPHOS
Competition leading to compromise of data security
The findings show the urgency UAE businesses are facing when it comes to digitally transforming for a competitive advantage.
VMware conducted a new research showing nearly half of IT decision makers (49 per cent) are under so much pressure to deliver on business mobility, they’re willing to take calculated risks on the security of organizational data. Almost two-thirds, (63 per cent) say the benefits of a mobile business outweigh any potential security issues, such as a data breach.
“We are proud of our continued excellence in independent security software tests,” said Palo Luka, Chief Technology Officer at ESET.
PALO LUKA, CHIEF TECHNOLOGY OFFICER , ESET
06 SEPTEMBER 2016
Genetec.oftrademarksortrademarksregisteredeitherareSynergisandGenetecreserved.rightsAllGenetec.2014© genetec.com/synergis
In a perfect world, no one thinks about access control except you. The hundreds of people coming and going don’t think about you, or what a good job you’re doing, or how they always manage to get seamlessly where they need to go. Because you chose Synergis access control, it was another great day.
Nothing happened today
“We know many consumers believe that using a password to access public Wi-Fi means their information is safe, but that’s not necessarily the case. When using any public Wi-Fi, whether password protected or open, users should be cautious as cybercriminals can easily leverage these connections to access the sensitive information you are sending and receiving,” said Tamim Taufiq, Head of Middle East Partnerships, Norton.
Paul Taylor, UK Head of Cyber Security, KPMG ManageEngine has been positioned by Gartner for its log management and SIEM solution, Log360, in the 2016 Gartner Magic Quadrant for Security Information and Event Management . The company is the only new addition to the Gartner Magic Quadrant for SIEM. “In the past few years, the need to trace breaches and tackle targeted attacks has outgrown the need to meet compliance requirements. We believe this shift in focus is mirrored in the Gartner Magic Quadrant for SIEM,” said Raj Sabhlok, President, ManageEngine. “The market’s maturity has led to more stringent entry criteria and forced several vendors out of the quadrant. ManageEngine is the only new addition to the quadrant this year.
Two in three respondents are unable to recognise the difference between a secure and unsecure Wi-Fi network, putting the convenience of connectivity before the security of their personal information.
Only a fifth of IT decision-makers in large multinational corporations are confident that their organisation is fully prepared against the threat of cybercriminals. The vast majority of companies feel constrained by regulation, available resources and a dependence on third parties when responding to attacks, according to new research from BT and KPMG.
To help people safely connect to public Wi-Fi hotspots, Norton by Symantec has introduced Norton WiFi Privacy, an easy-to-use mobile app for Android and iOS devices that helps shield consumers’ information from hackers snooping on wireless (Wi-Fi) networks.
APP TO PREVENT CYBER CRIMES
Mark Hughes, CEO, BT Security said, “With cybercrime continuing to escalate, a new approach to digital risk is needed – and that means putting yourself in the shoes of attackers.”
NORTON’S WI-FITHROUGHHAPPENINGPUBLICHOTSPOTS
08 SEPTEMBER 2016
The report, Taking the Offensive – Working together to disrupt digital crime finds that, while 94 per cent of IT decision makers are aware that criminal entrepreneurs are blackmailing and bribing employees to gain access to organisations, 47 per cent admit that they don’t have a strategy in place to prevent it.
MARK HUGHES, CEO, BT SECURITY
We feel Gartner’s recognition validates Log360 as a solution that can meet the specific needs of the SIEMManageEnginemarket.” Log360, an integration of EventLog Analyzer and ADAudit Plus, ensures an organization’s network security with its log management, monitoring, analysis, correlation, archiving, alerting and reporting capabilities.
NEW REPORT BY BT & KPMG WARNS OF EMERG ING THREATS RAJ SABHLOK, PRESIDENT, MANAGEENGINE TAMIM TAUFIQ, HEAD OF MIDDLE EAST PARTNERSHIPS, NORTON. said, “You need to think about credible attack scenarios against your business & consider how cyber security, fraud control, & business resilience work together.”
According to the Norton Wi-Fi Risk Report 2016, which surveyed over 9,000 people across nine markets, confusion about the security of public Wi-Fi networks can make people easy targets for hackers.
ManageEngine enters 2016 Gartner Magic Quadrant for SIEM
WWW.GECOPEN.COM BROUGHT BY ORGANISED BY HONOURING THE BEST ITSTIMETOBRUSHSHOULDERWITHTHELEADERS,RAISETHEBAR,AND BETHECHAMPION11thOctober2016 FOLLOW US: www.enterprisechannelsmea.comGec Open GECOpen Enterprise Channels MEA
Banque Saudi Fransi has partnered with Kaspersky lab to provide better protection to their online users and to raise the level of security awareness among its clients.
Key findings by FireEye include: ICS vulnerability disclosures surged to 49% between 2014 and 2015, 90 percent of vulnerabilities were disclosed after Stuxnet emerged in media, 123 vendors are affected by vulnerability disclosures, 33 percent of vulnerabilities encountered by industrial environments had no vendor fixes.
RSA SecurID Suite is a comprehensive identity solution that combines the separate disciplines of access, governance, lifecycle and identity assurance, working together in harmony. As a result, organizations can leverage one platform for strong control and visibility, mitigating security and identity risk and enabling business productivity. Jim Ducharme, VP of Engineering and Product Management, RSA said, “ RSA SecurID Suite helps executives take command of the whole identity lifecycle. It’s one of the only solution on the market that offers truly actionable insights into identity and access issues, helping C-level leaders protect their enterprises, minimize the friction that users face and empower their business to get more done.”
RSA UNVEILED NEW RSA SECURID
SUITE FIREEYE’S REPORT HIGHLIGHTS TRENDS IN INDUSTRIAL CONTROL SYSTEMS
JIM DUCHARME, VP OF ENGINEERING AND PRODUCT MANAGEMENT,
10 SEPTEMBER 2016
“The current realities are such that many people still do not have a security solution installed on their devices and do not know a lot about safe practices in cyberspace. For example, they can’t identify phishing messages or fake websites, which is leaving them vulnerable to a cyberattack. Together with Banque Saudi Fransi we hope to improve this situation,” said Ashraf Abdelazim, В2В Business Development Director in the Middle East at Kaspersky Lab.
Genetec has introduced a version 5.5 of Security Center. Security Center 5.5 which offers a new disaster recovery mode, enhanced levels of authentication and encryption, augmented video archiving and export management capabilities, and new choices of supported access control hardware. With innovative capabilities designed to help organizations better secure their sites, version 5.5 gives administrators greater control and protection of their security infrastructure.
In line with its ‘Banque of Excellence’ strategy, Banque Saudi Fransi is offering the Kaspersky Total Security multi-device product to its online banking customers free of charge, as a proactive measure for protecting their personal devices from viruses and other malware infections.
RSA ASHRAF ABDELAZIM, B2B BUSINESS DEVELOPMENT DIRECTOR IN THE MIDDLE EAST AT KASPERSKY LAB. GENETEC’S NEW VERSION OF ‘SECURITY CENTER’ IN MIDDLE EAST Banque Saudi Fransi Partners with Kaspersky Lab
FireEye released a report titled Overload: Critical Lessons from 15 Years of ICS Vulnerabilities, which highlights trends in total Industrial Control Systems vulnerability disclosures, patch availability, vulnerable device type and other vulnerabilities exploited by threat actors.
Copyright © Unify Software and Solutions GmbH & Co. KG 2016 Connect. Share. Give. Take. Solve. Save. Smile. Unify. Introducing Unify. Unifying business communications for the new way to work. unify.com 13481_Unify_Ad_Channel Arabic_275x240_v1.indd 1 25/01/2016 14:09
12 SEPTEMBER 2016
PHOTO: SHUTTERSTOCK
n
Looking back in time, the term Managed security services was not much popular, owing to the various security, governance and data sovereignty issues that discouraged the organizations from entrusting their operations to a third party. But the increasing need for digitalization and the lack of appropriate skill set to match pace further fuelled the influx of managed services and made it a common name.
´SERVICES´LETTHEREBE COVERSTORY
Cisco is helping organizations become ANUSHREE DIXIT <ANUSHREE@ACCENTINFOMEDIA.COM>
BRIDGING FAITH AND WALKING WITH TRUST
As the market goes steady in moving towards the service space, cloud based offerings and managed services are gaining pace. Managed security service providers are eying high growth from enterprises, midmarket as well as SMBs. The key driver for this has been the overriding concerns to keep the organizational infrastructure worries at bay and promote a robust and secure organization without having to invest in hardware and other systems.
As the region and regional organizations gear up to empower the integral infrastructures and invest in new technologies, Managed security services providers are seeing a silver lining. Climbing skills shortage, burgeoning expenses and a high growth infrastructure have just cleared the way for MSS to take the road ahead!
13SEPTEMBER 2016
n BY:
YASSER ZEINELDIN CEO, EHOSTING DATAFORT ERIC EIFERT SENIOR VICE PRESIDENT OF MANAGED SECURITY SERVICES AT DARKMATTER “Faced with mounting costs and an increasingly complex IT environment to manage, organizations in the Middle East are now more than ever looking at Managed Services as an alternative to manage and expand their IT infrastructures” “Our goal is to be the trusted security partner of our clients and help them reach all of their cyber security goals.” EHDF: n Security Log Collection & Management n Real Time Security Monitoring n Vulnerability Management & Penetration Testing n Incident Management & Response n DDoS DARKMATTER: n Remote Managed Security Services to provide remote monitoring, remediation, and incident resolution at an “off premises” location n Tiered Incident Analysis and Response Process n Additionally, our managed Governance, Risk, and Compliance services will help understand and monitor the cyber risk profile of an organization CISCO: n Cisco Umbrella Roaming: n Cisco Umbrella Branch: n Cisco Defense Orchestrator: n Cisco Meraki MX Security Appliances with Advanced Malware Protection (AMP) and Threat MSSGrid PORTFOLIO 14 SEPTEMBER 2016
clients Don’t wait somethingforto break Don’t underestimate the need for encryptionintegrationDoyourinformationthemDon’tandwithyourcommunicationclearofrequirementsbothyourstafftheMSPstaff.preventfromhavingaboutchallenges.notignoretheofrobusttoolsFINESSEDARKMATTERSTMECISCO 15SEPTEMBER 2016
Do collaborate
your
offered
MSS DO AND DON’T Do Invest in business-class products. Do trust the
SUNIL PAUL, COO AND CO-FOUNDER OF FINESSE
“Remotely monitoring and managing systems to prevent security leaks and breeches is a security service that has gained popularity over the years and will continue to be sought after in 2017 and beyond”
AYMAN ALBAYAA STME’S CEO
and
Privateteam
and should
Scott Manson, Cyber Security Leader for Middle East and Turkey, Cisco says, “For that to happen, organizations will need security solutions designed for the world of tomorrow. Through our security architecture, the Cisco security portfolio increases capabilities but also decreases complexity — offering an alternative approach for customers that helps them close the gap and be more secure.”
“How a customer transfers control to a third party provider demands that both parties plan very carefully for the future evolution of the requirements and the relationship.”
digital, the company is also deeply committed to ensuring that security is the bedrock upon which the successful digital enterprises of the future will stand.
Sunil Paul, COO and Co-Founder of Finesse says, “Many organizations continue to lack the appropriate skills necessary to define, implement and operate appropriate levels of data protection and privacy-specific security controls. This lack of skills leads organizations to contract security consulting firms that specialize in data protection and security risk management to take care of regulatory compliance demands and enhance their“Insecurity.”orderto bridge the gap, eHDF ensures best-in-breed security infrastructure along with robust practices with 24/7 monitoring and management. Moreover, we understand that the concept of one-size-fits-all is not conducive to the wider range of needs of different industries. We have consciously built solutions to suit the individual needs of our customers. Our guaranteed SLAs also provide greater confidence in our services,” says Yasser Zeineldin, chosen MSP’s recommenda tions concerns. with MSS partner as a member of your cloud as against a public cloud offer better security and latency be to
“Choosing the right partner is key, one that can educate and empower a business with real-world knowledge about the expanding attack surfaces.”
PUTTING A SMILE ON THE CISO’S FACE Nothing tops the agenda of a vendor as much as this does. How to give the CIOs a good day’s work and a goodnight’s sleep. Communication is one of the virtue not to miss out here. An end to end managed security portfolio needs to have an end to end understanding of the infrastructure. MSS vendors have been highly recommending the CIOs to include web and data security as business priorities. And as the cliché goes, it is not ‘if’ you get attacked, it is ‘when’.
SCOTT MANSON CYBER SECURITY LEADER FOR MIDDLE EAST AND TURKEY, CISCO
CEO, eHosting DataFort.On the other hand Eric Eifert, Senior Vice President of Managed Security Services at DarkMatter says that as an end-to-end cyber security firm they are able to offer a service portfolio encompassing cyber Governance Risk & Compliance to help organisations understand the appropriate controls they need to follow to help increase their security posture.”
CLOUD BASED MSS Allied Market Research report on Global Managed Security Services Market claims that cloud-based managed security services would overtake on-premise deployments by 2016. As tight budgets and an incresingly OPEX driven business models haunt the CIOs, service providers are increasingly laying out plans to offer more flexibility on the cloud. Amidst data security concerns and cases, Cloud based managed security services, is still making a strong case . “To help organizations transform securely, Cisco has created Cisco Active Threat Analytics (ATA) – a suite of next-generation managed security services that will help customers to detect threats in their environments with great speed, accuracy, and focus. Cisco’s expert investigators monitor customer networks 24x7 from its global network of state-of-the-art security operations centers, providing constant vigilance and in-depth analysis as a comprehensive security solution,” says Scott. DarkMatter is designing and building a next generation of Remote Managed Security Services to provide remote monitoring, remediation, and incident resolution at an “off premises” location. Our world-class facility complemented by our world-class team of cyber security professionals will use our Tiered Incident Analysis and Response Process. Additionally, our managed Governance, Risk, and Compliance services will help understand and monitor the cyber risk profile of an organisation.
Darkmatter sees an increased growth in Managed Detection and Response services.
THE SOUGHT AFTER SERVICE Digital transformation has stepped in organizations are in the lookout of services like never before. Based on our conversation with the leading players in the industry, the following services are all set to rule the floors of 2017. According to STME, remotely monitoring and managing systems to prevent security leaks and breeches is a security service that has gained popularity over the years and will continue to be sought after in 2017 and beyond. eHDF says that Cloud-based security services would be the most sought-after, particularly in Qatar and the UAE.
“Starting from the most senior level, businesses must make cyber security a business process, and deploy cyber security solutions that cover the entire attack continuum – before, during, and after a cyber-attack,” says Scott. Ayman of STME believes that CIOs should take into consideration the implementation period of the security systems and plan accordingly. After which, they can rest assured of high quality service. The best way to minimize the initialization stage is to communicate expectations and instil safeguards in place.“TheCIO/CISO should look for a trusted partner that he can outsource various security services to, which will complement the overall strategy of the organisation. He should look for efficient and effective reporting and escalation procedures, as well as integration with current technologies, actionable threat intelligence, and meaningful metrics,” states Eric.
Organisations not only need support detecting security incidents but also conducting the incident response and recover services associated with a security incident.
FINALLY Managed Security Services in the region actually started as a snowball that gradually gained mass and pace. It was not an easy journey for the CIOs and the service providers in investing and establishing faith. Security risks associated with security service offerings will never fade, but the land is much more greener and the market is much richer.
Service Providers-- Listen, Understand, Deliver and Manage! CIOs--Be Open, Have Faith, Choose Wise and Get Going! ë
16 SEPTEMBER 2016
WWW.GECOPEN.COM PREMIUM CHARITY GOLF TOURNAMENT FOLLOW US: www.gecopen.comGec Open GECOpen Enterprise Channels MEA WORLD CORPORATE CHALLENGE BROUGHT BY ORGANISED BY IN ASSOCIATION WITH KENYA GHANA EGYPT TURKEY OMAN UAE SAUDI ARABIA QATAR BAHRAIN INDIA
CHALLENGE: PREVENT RANSOMWARE FROM DISRUPTING BUSINESS OPERATIONS WHILE GAINING GREATER CONTROL OVER NETWORK TRAFFIC TO STRENGTHEN ENTERPRISE SECURITY AND IMPROVE EMPLOYEE PRODUCTIVITY.
STUDYCASE 18 SEPTEMBER 2016
CASE SUMMARY
COMPLETE PROTECTION ON A SINGLE SECURITY PLATFORM
FREED THE COMPANY OF RANSOMWARE Since implementing the Palo Alto Networks Next-Generation Security Platform, Delta Holding has all but eliminated ransomware while improving the effectiveness and efficiency of its entire security strategy. Now with the Palo Alto Networks platform providing a preventive security shield on-site, as well as threat intelligence cloud services for added protection against zero-day attacks, Delta Holding no longer requires the extra servers to protect its critical data.“We have not had one instance of ransomware showing up since adopting the Palo Alto Networks plat form with WildFire. We tested WildFire on a computer loaded with new and previously unknown viruses. It successfully found them all while our antivirus software did not.”
— DejanMilicevic, SecurityEngineer, Delta Holding ë DELTA HOLDINGIS A PRIVATELY HELD HOLDING COMPANY ORGANIZED INTO THREE SEPARATE COMPANIES: DELTA AGRAR GROUP, DELTA REAL ESTATE GROUP AND DELTA DISTRIBUTION. THESE COMPANIES ARE INVOLVED IN A VARIETY OF INDUSTRIES, INCLUDING AGRIBUSINESS, FOOD PROCESSING, REAL ESTATE DEVELOPMENT, WHOLESALE DISTRIBUTION AND AUTOMOBILES.
SOLUTION: PALO ALTO NETWORKS NEXT-GENERATIONSECURITY PLATFORM TO PROVIDE CENTRALIZED PROTECTION OF DATA CENTER ASSETS AND SECURE NETWORK SERVICES FOR GEOGRAPHICALLY DISTRIBUTED BUSINESS UNITS.
Delta Holding was attacked on several occasions by ransomware, which disrupted business productivity and required added expense to protect vital data on separate backup systems. The Company also needed three separate systems to protect its internal users, DMZ and VPN users. By replacing its three previous systems with the integrated Palo Alto Networks Next-Generation Security Platform, Delta Holding eliminated ransomware and gained a comprehensive, preventive shield against malware and zero-day attacks. By segmenting network traffic based on roles and respon sibilities, Delta Holding reduced bandwidth consumption by 30 percent. By consolidating on the Palo Alto Networks platform, the Company also reduced device administra tion time by 20 percent and lowered support costs by $50,000–$60,000 over three years.
HOLDING COMPANY PUSHES BACK ON CYBERCRIME
— BojanVujanovic, Network Engineer, Delta “WithHolding.an integrated platform like Palo Alto Networks, we reduce cost, save on manage ment time, and improve our security. It does everything for us on one platform.”
SUBSCRIPTIONS: THREAT PREVENTION, URL FILTERING, WILDFIRE, GLOBALPROTECT, PREMIUM SUPPORT APPLIANCES: PA-3020 (2) OVERVIEWCUSTOMER
Deployment was completed by Delta Holding network team:DuskoMinic, Milan Piscevic, DuskoVukotic and BojanVujanovicwith the support of local partners, S4E CHS and E-Smart Systems.
Delta Holding first replaced Microsoft ForefrontThreat Management Gateway (TMG), which was previously deployed on its user network, with a Palo Alto Networks PA-500 next-generation firewall. When IT forecasts showed that, within a year, over 50 percent of all traffic would be SSL-encrypted, the Company decided to upgrade the PA-500 to a PA-3020 next-generation firewall, which provided additional capacity for SSL decryption and higher throughput to handle increased traffic. At the same time, Delta Holding replaced its legacy Cisco ASA firewalls deployed in the DMZ with a second PA-3020 next-generation firewall.
ISISTHERERISKARISK…AWAY!
WHERE THERE
As the businesses prosper so does the ugly face of risks and threats, waiting to attack the critical infrastructure of the organizations in ways that are not only unforeseen but also frightening to the overall organization operations. The level and magnitude of risks have changed and so are the tactics to combat them.
FIGHTING THE RISKS OF TOMORROW ‘Risk Management is the difficult and delicate balance between being proactive and not being anxious’ according to Mr. Rolf Jorgen Strand, Head of Information Systems, Qatar Vinyl Company. Governance, risk management and compliance are the three areas of concentration when it comes to managing IT security. The Enterprise Governance, Risk, and Compliance (eGRC) market size is estimated OF RISK MANAGEMENT PLAN
MONITORINGIDENTIFICATIONSOURCINGMEASUREMENTEVALUATIONMITIGATIONOFRISKS
n BY: SONAL LUNAWAT <SONAL@ACCENTINFOMEDIA.COM> n PHOTO: SHUTTERSTOCK
COMPONENTS
Risk- some see it as a challenge whereas some see it as threat, but all enterprises are aware that they constantly have a sword of ‘risk’ hanging on their head, a little ignorance can cause a massive damage. Evaluating the organization’s risk landscape is a continuous effort of not just the CISOs or the management but also the employees, after all knowledge of potential risk factors and departments and functions most vulnerable to it form the backbone of building up a secured strategy. Process, integration, culture and infrastructure are the key elements guiding the overall risk roadmap of any enterprise. With the spectrum of risks not been defined in today’s world and risks like regulatory compliance risks, vendor risks, social risks, geopolitical risks and most importantly cyber security risks keeping the IT department on their toes, there arises a serious concern of working in a proactive approach to be protected and prepared for risks.
22 SEPTEMBER 2016 to grow from USD 19.42 Billion in 2016 to USD 38.00 Billion by 2021, at a CAGR of 14.4% as per MarketsandMarkets. Business partnerships, government regulations and importance to compliance has resulted in the growth of the GRC market. In the Middle East region there has been an awareness of risk management strategies and having ways and means to overcome risk and seize opportunities. GCC region has been a victim to many cyber-attacks which include cases of cyber espionage, hacktivism, ransomware, data breach, malware attacks etc. These attacks have paved way for the enterprises to have strong fences around their operations to avoid any such activities. Risk management has become an integral part of the IT department. Cyber security policies as well as national regulations are helping in avoiding the possible threats to theNoorganizations.tworisksare alike, be it internal risks like employee misconduct, employee espionage or external risks like natural disaster, geo-political environment or strategic risks like investment etc., the kind of approach and research required is very diverse. Understanding the organization’s risk profile before implementing any risk management programme is crucial. Analysts believe that a test run of the chosen programmes is a useful activity to understand whether that particular plan fits in the organization structure as well as cures the concerns.A blend of survey, data collection, SWOT analysis, financial analysis, organization rules and regulations, national company regulations etc. needs to be carefully analysed before chalking out a risk plan. Vendors globally have started providing end-to-end solutions since enterprises are always on the look out to engage with a single vendor who can provide them a complete infrastructure for security and risk management along with timely services and updates.
FINALLY… The era of digitalization brings with it new kinds of risks requiring a deeper and rooted regime to keep an ‘ongoing’ strategy to fight them. Cyber threats will continue keeping the organizations worried about their crucial data. Insuring the enterprise to fight physical damage will also make it to the list of CIOs critical risk management budget. Training and workshops for employees will also be a compulsory activity. Don’t fear risk, manage it!
ë LIFE NOW FUTURE Recognizing risk andopportunityinherent Comprehensive definition of operational risks Increasingly IntegratedSourcesData Emphasis on digital risks opportunitiesand Three lines of defense with fluid interaction embedded in the business Analytics will permeate decision making Rise of Chief Risk and Return SingleOfficerData source will drive reporting and analytics Companiesactivities will explore robotics and artificial intelligence to manage transactional risks Behaviour prediction will help to effectively inform risk management Source: Accenture Culture SettingGoalIdentifyprioritizeandrisks EvaluateoptionsImplementperformanceEvaluateConfirmnextstepsERMCYCLE RISK MANAGEMENT
KINGDOM OF SAUDI ARABIA OFFICIAL COUNTRY PARTNER Companies globally are reimagining business realities fast. Join Gitex to stay aheadADedicated Event Day just for your industry. Experience the best in your businessVERTICAL DAYS MONDAY 17 TUESDAY 18 WEDNESDAY 19 THURSDAY 20 Aseem Puri CMO, INTERNATIONALUNILEVER Singapore Insider on Unilever’s ‘zerobased budgeting’ strategy One of the leading minds behind the biggest fintech disruptor Industrial revolution 4.0 - how do you integrate cyber autonomy in everyday lives Becoming the world’s largest online grocery store using AI & robotics How to transform into a number one digital city in the world Insider on Total’s integration of nanosensors & robotics in digital oilfields Mapping a path to the most connected campus & pioneering the future of learning World’s first Google Glass surgeon Rafael Grossman Healthcare andTechnologyFuturist,InnovatorSurgeon,US James Baresse Former CTO, JonathanPAYPAL Reichental CIO, CITY OF PAOLO ALTO Paul Clarke Chief Officer,Technology OCADO Assine George CIO, UNIVERSITY OF AUSTRALIAWESTERN Keith Kaplan CEO, PascalTESLADauboin R&D Director,InnovationandTOTAL Learn how the best companies across every industry including yours integrate these technologies to sharpen their competitiveness Be part of the largest indoor VR experience Powered by and RealityAugmented Printing3DLearningMachineUAVsRobotics & 18 sectorsmore Startup GITEX MOVEMENT MOVEMENTCENTRETRADEWORLDDUBAI GLOBALMOST LAUNCHING STARTUP the OUTTALK CONFERENCE - PITCH COMPETITION MENTOR CLINICS - CORPORATE ACCELERATOR NETWORKING Applying groundbreaking technologies to outrun your competitors. Tech investor, startup founder, music mogul defining the careers of numerous recording artists including Lady Gaga Troy Carter Head of Client Liaison, SPOTIFY The owner of world’s largest home swap club, biggest competitor to AirBnB. Debbie Wosskow Founder, LOVE HOME SWAP Founder of world’s leading bitcoin software company, raised over $30million from top tier investors Nicolas Cary Founder BLOCKCHAIN Named an ‘Emerging Tech Leader’ by Politico as well as a ‘newsmaker to watch’ by Washington Business Journal Evan Burfield Founder 1776 HEAR LIVE FROM THESE VISIONARIES WHO DID IT. Learn how companies apply the newest and most innovative concepts to clinch global success. We curate 4,000 of the best tech suppliers from 77 countries Featuring 150+ high profile practitioner speakers who achievedbreakthroughsawe-inspiring We recognise dare to change companies with achievementenviableawards MARKETING HEALTHCARE& FINANCE & INTELLIGENT CITIES RETAIL EDUCATION& ENERGY www.gitex.com/visit | Tel : +971 4 308 6037 / 6901 | Email : gitex@dwtc.com | For conferences : fahad.khalife@dwtc.comREGISTERNOW&SAVE!OVER150SPEAKERSGame changing tech Cyber Security Innovation Partner StartupSponsorSupport Official Publications OfficialPartnerAirline Organised byStrategic Partners Digital TransformationPartner StartupPartnerIncubation Robotics PartnerVIP Majlis PartnerStudent Lab Headline Sponsor Green Partner Digital Data PartnerCenter
24 SEPTEMBER 2016 PRIVILEGEMISUSE DECODEDTHREAT
n
THE CHALLENGES
n
August 2016: Software provider Sage hit by data breach. The FTSE 100 company said today that it was investigating an incident of “unauthorised access to customer information”, which was made using internal login details, rather than an external hack.
n April 2016: Qatar National Bank Suffers Massive Breach.
n
Most organizations are using a mix of traditional computing, private and public cloud infrastructure to run their critical systems. Organizations should have theability to centrally secure and audit access across all of these environments.
25SEPTEMBER 2016
Protection against the insider threat involves measures similar to those recommended for Internet users, such as the use of multiple spyware scanning programs, anti-virus programs, firewalls, and a rigorous data backup and archiving routine.
n Use PUMA tools to monitor privileged users activities.
Secure Remote Access: Reduce the number of network entry points for malicious activity by consolidating secure remote and mobile access onto a single, scalable gateway.
WHAT IS PRIVILEGE MISUSE?
Authorization and Notification: Frisking users before entering the network with passwords and notifying malicious activities.
August 2016: The outdoor clothing and accessories retailer Eddie Bauer is the latest victim of point-of-sale malware to admit that its customers’ card details may have been stolen.
n
According to Gulf News, Over the last five years, organisations in the region incurred a total financial loss of approximately $1,493,590 (Dh5.4 million) after hackers broke into “system perimeters” in an attempt to steal passwords, customer data and other sensitive information from corporate databases
n
App and Web Console: Web Console should have an easy to use and clean interface through which all the web traffic can be monitored and managed.
n
KEY AREAS TO KEEP WATCH
Session Forensics:Segregate, monitor and control privileged access to enterprise assets.
PREVENTIVE MEASURES FOR PROTECTION
n
n External threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, that limit user access and data interchange between systems and users within the organization’s network and systems and users outside the network, especially on the Internet.
PRIVILEGE MISUSE IN NEWS
n
n August 2016: Data breach hits Oracle’s retail payment terminals.
A privileged identity management technology needs to accommodate for the special needs of privileged accounts, including their provisioning and life cycle management, authentication, authorization, password management, auditing, and access controls. A breach in this is termed as Privilege Misuse.
n Customer Details, Card Data Apparently Leaked Online.
Cloud Access Control:This allows an administrator to secure information and set privileges as to what information can be accessed, who can access it and at what time it can be accessed, through cloud.
n
n
n Identify privileged user accounts on network. Reduce the number and types of privileged user accounts. Create awareness and train employees in optimum use of privileged accounts.
INSIDER ABUSE VS EXTERNAL THREAT
n Raise awareness on insider and external threats.
WORLD MIDDLE EAST
Europe’s CATRENE-Pasteur project has developed a flexible tag that can track and monitor the quality of food in the supply chain. which integrates an RFID chip, microcontroller, and sensor IC into a flexible tag. Singapore telco M1 has commercially launched a nationwide “heterogeneous network” (HetNet), tapping Nokia’s small cells and Wi-Fi equipment, and is also building a narrowband Internet of Things (NB-IoT) network with the networking gear manufacturer.
Odisha (India) is planning to introduce drones or unmanned aerial vehicles (UAVs) for various citizen centric services. To start with, the state government is contemplating use of drones for effective management of solid waste.
Sharjah launches Middle East’s first ‘smart Wi-Fi bins’. They also come equipped with sensors to detects when the bin is full, and communicates with the Bee’ah control room allowing “Tandeef”’s team to make the necessary collection in an efficient and eco-friendly way.
DoT in Abu Dhabi has commenced work on the Dh33-million adaptive traffic control central system project, ‘Scoot’ — one of the world’s leading proven systems utilised in more than 120 cities worldwide. The system offers high flexibility and interactivity to respond to all changing traffic scenarios via data generated by vehicle counting and classification sensors.
THE SIX-FOLD GROWTH IN MOBILE ROBOTICS BY 2020 WILL DRAMATICALLY ENHANCE MIDDLE EAST AND GLOBAL BUSINESS PRODUCTIVITY, WORKPLACE SAFETY, AND DAILY LIVES, ACCORDING TO AN EXCLUSIVE NEW REPORT BY FROST & SULLIVAN PREPARED IN COLLABORATION WITH GITEX TECHNOLOGY WEEK.
LANDSCAPEWORLDVSTHEMIDDLEEASTCHALLENGESOPPORTUNITIES M2MOPPORTUNITYTHREATSAND n Low Power or Data Rate n Standards & Interoperability n Security & Device Sophistication n Lack of Visibility and Information n M2M Establishes The Base Of Speed And Intelligence n Better And Predictive Maintenance n Digital Technology Bridges The Blue And White Collar n Reduce Maintenance AndManagement Costs By Easy And centralized Access To System Data n Identification Of Critical Situations By Means Of Remote Monitoring n Continuous Real-Time Information And Monitoring Of Machinery n New Service-Based Offerings Can Provide New Sources Of Revenue n Variable Use of Network Transport n Overwhelming Cost of Global Deployment n Highly Fragmented M2M solutions
The Emirates Energy Star project, a joint initiative of Etisalat and Pacific Controls harnesses the information, communication, technology (ICT) enabled M2M (machine-to-machine) technology from Etisalat, to substantially reduce energy consumption for organizations, with an aim to bring down the carbon footprint of the country.
GLOBAL M2M MARKET TO GROW TO 27 BILLION DEVICES, GENERATING USD1.6 TRILLION REVENUE IN 2024 27bn
VS
THE GLOBAL PROCESS AUTOMATION AND INSTRUMENTATION MARKET IN THE OIL & GAS SECTOR IS EXPECTED TO REACH UP TO $31.24BN BY 2020, AT AN ESTIMATED CAGR OF 8.23% FROM 2013 TO CELLULAR2020M2M CONNECTIONS FORECAST TO REACH 1 BILLION BY 2020 INDUSTRY ANALYSTS EXPECT THAT AT LEAST 50% OF M2M DEVICE CONNECTIONS IN THE MIDDLE EAST WILL BE FOR UTILITIES APPLICATION BY 2020 THE TOTAL M2M REVENUE OPPORTUNITY WILL BE USD1.6 TRILLION IN 2024, UP FROM USD500 BILLION IN 2014, A CAGR OF 12%. THIS INCLUDES DEVICES, CONNECTIVITY AND APPLICATION RETAILREVENUEM2M AND IOT APPLICATIONS CONNECTION GROWTH TO 44.3 MILLION BY 2019 COMPANIES WILL BE ABLE TO REPLACE UP TO 10 WORKERS WITH ONE ROBOT, DRIVING DOWN COSTS BY AS MUCH AS 60 PER CENT, ACCORDING TO FROST & SULLIVAN $31.24bn MEA IOT MARKET IS SET TO REACH $10.9 BILLION IN 2019, WITH IDC FORECASTING A COMPOUND ANNUAL GROWTH RATE OF 19.5% FOR THE 2014–2019 PERIOD. $10bn 1bn 50% 12% 44.3mn $31.24bn
n
Complexity of sharing encrypted data with external users Whether it provides strong key management Whether it allows for “application-aware” and “always-on” encryption
The biggest challenge for enterprises is to understand which data has to be encrypted and how? As the importance of comprehensive encryption increases so does the solution palette to offer management keys to ease the security burdens of the enterprises. In this game of creating a coded infrastructure the true victory lies in making the process simplified, systematic, reliable and updated.
n
Encryption of information is a protection shield to ensure data is secured and only accessed by the right authorities. Many organizations feel that though encryption isn’t difficult but managing the associated encryption keys across their lifecycles usually becomes a problem which then creates a new set of vulnerabilities making even the important data inaccessible SONAL
n
LUNAWAT <SONAL@ACCENTINFOMEDIA.COM> n PHOTO: SHUTTERSTOCK n
A comprehensive cyber defence plan must be put in place, and its efficiency must be tested over and over again TO CONSIDER BEFORE ENCRYPTIONDEPLOYINGSOLUTION
n
n
Whether the solution works cross-platform and on multiple devices Whether the software has centralized manage ment and control
n
n BY:
BE SAFE 28 SEPTEMBER ENCRYPTION2016 & DECRYPTION: THE ‘KEY’ TO A SAFE INFRASTRUCTUREENTERPRISE
Confidential data breathes in every organization in different forms. The compliance driven, competitive organizations are the prey to crimes and attacks by motivated outsider attacks or disgruntled employees. Passwords no longer provide complete security to businesses thanks to the insider threats, there is a need to take one step forward and be more secured when it comes to exchange of information within the organization as well as externally. Data identity and authentication tools have evolved over the years due to various planned attacks by internal and external agents. Data encryption as analysts view it is a necessity and not a luxury. Most organizations do not have dedicated key management solutions for every applications and therefore they are moving to common key management systems. But with the nature of the business getting more dynamic and critical the question then arises is that- Is encryption-decryption the answer to the problems? Or is it an added cause of contention for the organizations?
HYPE ENCRYPTION-DECRYPTIONAROUND
n
THINGS
The backup and recovery mechanism for encryp tion keys to prevent enterprise from losing access to encrypted information Enterprises must take into account potential risk of attack on the security platform itself, not just their assets
To protect
identified threats To avoid public disclosure after a data breach happens Source: Ponemon Institute To comply with internal policiesPlaintext PlaintextCiphertext Encrypt Decrypt Recipient’spublickey Recipient’sprivatekey Sender Recipient Different keys are used to andencryptdecryptmessages
to authorized users. Globally the kinds of key management systems used are Formal Key Management policy, KMI, KMPS, Removable media, Smart Cards, Software based Key Stores and Wallets.
‘Last line of defense against data breach’ is what Harish Chib,VP MEA, Sophos calls encryption, he says, “With organizations realizing the value of their data and the fact that it is of immense value to cyber attackers as well, encryption and that too next-generation encryption is emerging as the key requirement in an organization’s security infrastructure.” The number of data breaches and threats have cautioned the enterprises to tighten their security fences and therefore the trend of encrypting data has become a focus of many organizations. Governments, small, mid-sized as well as multi nationals all fear being hacked or being victims to malicious attacks. DarkMatter’s Dr.Robert Statica, Senior VP of Technology research says, “While modern encryption technology has been around for more than 30 years, in the last few years, with the rise of high profile hacking, data exfiltration and data leakage, coupled with the scandals of government surveillance convinced many people and organisations that encrypting their data and communication is the right thing to do.” Many vendors understand the personal information information against specific,
30 SEPTEMBER 2016 MAIN DRIVERS FOR USING ENCRYPTION TECHNOLOGY SOLUTIONS To protect enterprise intellectual property To comply with external privacy or data security regulations and requirements To reduce the scope of compliance audits To limit liability from breaches To protect customer
DARKMATTERGENETEC
DR. ROBERT STATICA, SENIOR VICE PRESIDENT OF TECHNOLOGY & RESEARCH, DARKMATTER JADALLA, REGIONAL DIRECTOR MEA, GENETEC
Decentralizing the process of Encryption and Decryption should be the basis of any organization. The companies should maintain that no decryption or re-encryption should be permissible in case of key rotation or expiration.
FINALLY… IoT and M2M world continue to put pressure on the security landscape of the enterprises, the future will definitely lay emphasis on devices using IoT which have built in mechanisms to encrypt data and have a safety procedure in place. A dedicated team to supervise and test run the solutions/tools will be carried out by organizations on regular intervals. Encryption doesn’t mean that the enterprises can be rest assured never to face attacks within their infrastructure, it’s just a prevention not a full-fledged cure. ë
According to Harish, there are different types of encryption tools available in the market and many of them are built into popularly used systems, for e.g. BitLocker is a full-disk encryption tool built into Windows systems. FileVault performs on-the-fly encryption with volumes on Mac computers. Talking about encryption algorithms, Genetec’s Regional Director MEA, Firas said, “They are two different types of encryption algorithms: Symmetric and Asymmetric. Symmetric encryption uses the same private encryption key for encrypting and decrypting, while asymmetric uses a private and public key pair.”
effectiveness of encryption and provide solutions or tools to help enterprises deal with security issues. Eg. Sophos SafeGuard Enterprise delivers protective data protection with Synchronized Encryption. It encrypts content as soon as it is created, Genetec’s ‘Security-of-Security,’ is the latest version of Security Center (unified security platform) offers new video encryption and authentication enhancements, DarkMatter also provides end-to-end secure communications apps for text, files, audio and video messaging, as well as audio and video calling and email do the heavy calculations and encryption in the background, transparent to the users.
HARISH CHIB, VP MEA, SOPHOS
FIRAS
31SEPTEMBER 2016
SOPHOS
“At Sophos, we believe complexity is the enemy of effective security and products or technologies that are too hard to deploy or too hard to use don’t do any good.”
“A comprehensive cyber defence system must be in place to protect not only the data but also the infrastructure on which your data resides.”
ENCRYPTION TOOLS Enterprises often battle in understanding which data has to be encrypted and how? There is often a prejudice in the mindsets regarding the complexities and the technological shortage of the employees. Analysts have notified that most organizations are unable to find out where sensitive data is located and are at loggerheads when it comes to deploying encryption related solutions since there is training as well as understanding required regarding which solution fits into the particular activity or process. Dr Robert agrees that no one size fits all and feels that there are many key ciphers and encryption key sizes in use for various aspects and levels of protection, he said, “Our philosophy is that if you want to protect your data you should use the best protection there is. Currently the best cipher to use for data encryption is AES 256. For the key exchanges, the best cipher to use today is ECDH384/521.”
“Although encryption may hide the contents of a message, encryption alone does not necessarily preserve the integrity of a message.”
CISO SPEAK 32 SEPTEMBER 2016
Earlier CISOs only focused on Information Technology, but nowadays CISOs are involved in all business activities of the organizations. The CISO should have an all-round experience and knowledge about technologies like risk management, information assurance etc. The CISO should also focus on day to day operations of enterprise security consulting. A CISO must pay attention to Information Asset Management and risk management; this will help them mitigate risks based on the budget and reputation of the company. CISOs should be aware about audit and compliance. Today attacks are targeted and it’s important that a CISO shouldbe up-to-date with latest news and global breaches to understand the types and ways of threats and act proactively. ë
TIGHTENING THE FENCES OF SECURITY
The region has been facing targeted attacks of ransomware and malware. There is a co-operation between the organizations and the police in fighting against these kind of attacks. Efforts are taken by the organizations and police to raise awareness among the public about these threats and how to address them in a proactive manner.
MR. ALBLOOSHI,YOUSUF CHIEF INFORMATION SECURITY OFFICER, GLOBAL AEROSPACE LOGISTICS AND INFORMATION SECURITY MANAGER, EMIRATES ADVANCED INVESTMENTS.
For these systems to be an integral part of the company’s management activities there has to be linkages so that the boundaries between processes are seamless (integrated management systems), this is one way we help the aviation sector. We also offer counselling and support on security auditing programs.
Nowadays organizations have started taking steps to plan and take precautions to avoid attacks. Another trend is social engineering attacks; attackers try to manipulate people behavior or procedures of work flow and try to get more information and get access to private data which can be compromised in a criminal way.
How has the growth been in the aviation sector and what services are provided by your organization? Transport related sectors are always on a lookout for mechanisms to safeguard important assets; people, technology, information and whatever kind of technology (tangible or intangible). One of the challenges for aviation sector is how they can implement comprehensive aviation security regulation which covers different business units like IT field, logistics, aircraft maintenance etc. The comprehensive implementations require a lot of effort and alignment of framework and standards together by putting all the internal management practices in one system and not as separate components.
Mr. Yousuf Alblooshi is responsible for running and operating Security Operation Center for Group of Companies, he designs and implements Information security management system for Enterprises, Government and Military organizations in various industries. In an exclusive interview with Sonal Lunawat from ECMEA he talks about the current security trends in the MEA region and his views on the ongoing infrastructural developments. Which trends do you forecast for the region’s security landscape?
What measures are taken by your organization to overcome security challenges? Our organization implements international and national standards for development of security policies as per our company standards, e.g. quality, health& safety, information security and business continuity. We also ensure that the deployed technology works effectively by having regular audit programs.Through our internal development team, we analyze the business requirements for each unit and provide the best solutions for deployment and automation of processes.
How should a CISO resume look like in 2016?
THE 6 KEYS TO UNLOCK YOUR GITEX POTENTIALS2016 WE CARVE THE PERFECT PLAN FOR YOU! ENTERPRISECHANNELSMEA (GITEX 2016 aroundMeticulouslyISSUE)weavedInfrastructureMarketinMEA. INSIGHTINFRA AnnualHandbookTechnology G LIVE The destinationUltimateforallGitexactions SURVEY The crucial step towardsyourattainingROI AWARDSGEC Awardingtheirorganizationsdeservingforunparalleledcommitment INTERVIEWVIDEO Bring your views to life. Accent Info Media MEA FZ-LLC 223, DMC – 9 Dubai Media City, Dubai, UAE SALES Ronak Samantaray Mob: +971 555 120 490 Email: ronak@accentinfomedia.com EDITORIAL Anushree Dixit Mob: +971 529 112 472, +91 8373985944 Email: anushree@accentinfomedia.com Sonal Lunawat Mob: +971 55 485 9300, +971 4368 8523 Email: sonal@accentinfomedia.com TO PARTICIPTE CONTACT
WHERE IS THE VALUE? On the face of it, most security tools don’t appear to save you time or money. They generate new alerts and this can swamp an already overburdened security team with investigating and tracking down new potential threats. That’s not to say that security tools have no value, however, and it’s by evaluating this that a CFO can understand the true business case for a security solution. However, the challenges inherent in defining the ROI for security tools does not decrease the importance of defining this information and articulating it for corporate leaders and the Board.The recent explosion in the number of security vendors in the market, offering similar overlapping solutions, and their almost identical claims to “solve the security problem” makes picking a comprehensive security solution more difficult.The fact that its increasingly difficult for CIOs and CISOs to understand if and where security gaps still exist, doesn’t decrease the importance of helping C-suite executives and Board understand the value of proposed security programs and the importance of resourcing
FOR
THAT THE CFO CAN UNDERSTAND
ARTICLEGUEST 34 SEPTEMBER 2016
The biggest challenges when you go shopping for new security tools is answering the inevitable question from finance: “What’s the value?” Determining the ROI of a new security product isn’t an exact science. There are no hard and fast rules to follow – which is why generic ROI calculators should be avoided at all costs (pun intended). Measuring the impact of better security is like measuring a moving target. What’s more, every organization is unique. The setup of an organization’s existing infrastructure, its size, risk level and the potential impact of a security incident, will vary significantly.
n Can it automate tedious day-to-day activities?
n Does it reduce the time it takes to resolve a threat?
JIM JAEGER, CHIEF CYBER SERVICES STRATEGIST, CYBERSECURITYFIDELIS them.Insecurity, the biggest benefit will always be reduced risk; “buy this tool (or hire this person) and bad things are less likely to happen.” Unfortunately, this argument is highly theoretical, which doesn’t translate easily into a business case. It’s also likely that the same argument has been used for previous security procurements and consequently leads to a debate around the likelihood of data being stolen – a risky game to play.
l Will it reduce the requirements to integrate multiple security devices?
n Can it improve the speed and accuracy of a company’s incident response?
l Will it let tier 1 analysts do the tasks of a tier 2 analyst?
Organizations across the region have upped their IT security spend. However, one of the biggest challenges when you go shopping for new security tools is answering the inevitable question from finance: “What’s the value?”
l Will it allow tier 3 analysts to do the work of an incident responder?
Instead of trying to estimate the level of risk a company has in terms of security and how likely an attack may be, it’s arguably much more important to analyze the time and/or people a new tool might save and how much more efficient it could make an organization. Some key questions would be:
n Will it help consolidate the security stack e.g., reduce the number of agents operating on endpoints or the number of network security appliances in your rack?
n Can it reduce requirements for highly skilled, difficult to hire security personnel?
SECURITY
l Will it reduce the number of screens that monitoring personnel have to focus on?
To the CFO, this approach presents clear opportunities to save critical funds andenhance the ROI of security solutions. For any organization it is almost impossible to put a prediction on how much a cyber breach could cost as it isn’t only a case of compensating victims and the loss of business revenue,but also damaged reputation. No one is expecting a CFO or the Board to write a blank check for security, which is why explaining the savings an enterprise can make in terms of a more efficient security team, lower hardware costs, and minimized risk, is paramount to understanding its value. ë
BUILDING A BUSINESS CASE
NETWORKING & SERVER CABINETS COOLING SYSTEMS POWER SYSTEMS IT SECURITY ROOM MONITORING & REMOTE MANAGEMENT Explore. Create. Win. IT Security Room RiMatrixCompactS Server RoomTE 8000 / TS-ITDatacentre-in-a-Box Rittal Middle East FZE Tel: +971-4-3416855 I Email: info-it@rittal-middle-east.com I www.rittal.com/uae-en For Enquiries: Experience the New Generation Smart Systems for IT Infrastructure and Data Centre Visit us at Hall 1 Stand F1-1
SCOTT MANSON, CYBER SECURITY LEADER FOR MIDDLE EAST AND TURKEY, CISCO how to act upon and share this information. The volume of data can be overwhelming, so it needs to be in a format that can be easily consumed and acted upon.
How quickly defenders can detect and respond to a breach can mean the difference between a nuisance and a nightmare. To deal with this evolving threat landscape, over the last few years there has been a shift from traditional event-driven security and response programs to an approach enabled by intelligence. It is similar to the shift we’ve seen in how we protect our communities from criminals. Think Dragnet versus CSI. We’ve gone from labour intensive and local to technology driven and pervasive. In the old days we relied primarily on officers patrolling the streets and calls from concerned citizens to report crimes. This still provides a strong baseline of protection. But to supplement these methods, federal, state, and local law enforcement now work together using advanced tools and techniques to gather data and corroborate information in order to capture the most elusive and often most dangerous criminals. In the same way, to more effectively counter attacks to our IT infrastructure we can no longer rely exclusively on event notification of known threats. We also need better intelligence about emerging threats as they unfold. But the challenge with intelligence-led security lies in the ability to reliably and consistently collect the right intelligence; validate, manage, and correlate that data; learn about attacks; and then act. Threat intelligence is critical to accelerate security and response programs, but it must have the following attributes: Tactical: Reliably and consistently collect the right intelligence from the right and trusted sources, manage and correlate that data, learn what adversaries are doing, and take action – all while using a risk-based approach to dictate
Automated: Automated intelligence creation allows organizations the ability to seamlessly consume atomic and contextual threat content for the creation of actionable and specific intelligence. You shouldn’t have to press a button to retrieve it; threat intelligence should continuously feed into your environment to ensure its effectiveness. Automation also supports the sharing of content between trusted entities for faster collaboration and decision making.
36 SEPTEMBER 2016
ARTICLEGUEST
WHEN TIME IS OF THE ESSENCE, INTELLIGENCETHREATISTOO
Complementing global threat intelligence, local intelligence – based on correlation and analysis about a company’s infrastructure –provides additional context and the information necessary to take more informed security actions. This requires visibility across today’s modern networks. These networks and their components constantly evolve and spawn new attack vectors, including: mobile devices, web-enabled and mobile applications, hypervisors, social media, web browsers, home computers, and even vehicles. Comprehensive visibility into the devices, users, applications, and systems that connect to your extended network day in and day out enables you to correlate seemingly benign events and apply intelligence to identify and stop threats.
For example, if you operate in the financial services industry you need the most up to date information about threats that are targeting your sector and not the retail industry.
Contextual: Indicators are not considered to be atomic elements, such as IPs, and need to be defined as a collection of elements that requires context to be applied to it. This context can be based on region, vertical or historical distribution, and can work in concert with Indicators of Compromise (IoCs), feeds or other enrichment.
Attackers are expanding their tactics, users are unknowingly aiding attacks, and breaches are now the new normal. Cisco sees a new dawn of intelligenceenabled approach that will redefine how threat landscape is perceived.
To reduce TTD and TTR, threat intelligence must be tactical, contextual, automated, and easily shared. And it must span the extended network and new, connected devices. With these attributes it empowers security technologies and security services teams with an intelligence-led approach to security and response to more quickly thwart today’s advanced attacks. ë
SIMPLIFYING SECURITY, NULLIFYING RISK
It’s definite that the threats are increasing which came down to couple of major breaches in the last few years. I see positive initiativ es across whether it’s at board level and their interest to know more about cyber security; or collaboration at an industry level by sharing information and meeting regularly to discuss pain points.
Employee awareness is essential. ME organizations are still vulnerable to cyber threats and that’s one of the reasons we are seeing the increased focus of cyber criminals on ME region
In a connected world, competency without risk is a unicorn; it can just be thought of. In close conversation with Hussain AlKhalsan, Deputy Head of IT Risk & GRC at Commercial Bank of Dubai on the 2016 CISO resume and risk management.
In my view some key security solution companies are doing great job in terms adapting different and new techniques as preventive measures but as we all know that this is still not enough.Wehave seen a very simple old phishing method turns to be successful where actually the organization losses money!
HUSSAIN ALKHALSAN, DEPUTY HEAD OF IT RISK & GRC AT COMMERCIAL BANK OF DUBAI
CISO SPEAK 37SEPTEMBER 2016
With the advent of IoT and big data, the scenario has just worsened. Security is an overriding issue and the organizational premises are vulnerable? It differs from one organization to another. Understanding the business and having the right policy, process and control in place sets the tone on how to build your information security model and framework. I believe with the IoT and big data era the more data you have from all systems logs the more it makes sense to understand the environment and users behaviour which can be used to build your correlation engines with plenty of use cases. How should a CISO resume look like for 2016? Security expert with business mindset who can show the ROI on security ë
Cyber security has been a growing concern among the regional organizations and many key security vendors have been talking about the preventive measures. What is your view on the entire situation? How vulnerable are the ME organizations to cyber threats?
How has the role of a CISO evolved over the recent times CISOs always need to be subject-matter experts understanding the technical aspects of the threats they face and solutions they deploy. Over the past few years the role of the CISO, and the skills they require have evolved because it’s their role to create the bridge between technical threat and business risk. Clearly CISOs also need to be business strategists and communicators to align with business and demonstrate the risks in a more business context. How do you perceive the evolving threat landscape of the region?
Add For further details, please contact: Bulwark Technologies LLC Phone : 04 333 5040 |E-mail : info@bulwark.biz www.bulwark.biz Stop malicious, targeted email attacks with Mimecast Targeted Threat Protection - a cloud solution that: • Scans every email hyperlink in real-time, as you click • Protects against CEO Fraud/whaling attacks • Adaptive cloud security service that easy to deploy for all organizational sizes • Includes granular security monitoring and reporting • Supports end user security education
Introducing `bazaar´ a loyalty solution for all industries Effective Solutions • Fresh Ideas • Business Planning • Terminals Managed Services • POS Network Services • Remote IT Infrastructure• Card Management Services • EFT Terminal Applications • Payment Solutions • Network Acess Controller • Global Banking Services • ATM Services • Local Support and Repair Facility Head Office: PB No: 3314 Sharjah, United Arab Emirates. Tel: +971 6 5730000, Fax: +971 6 5736500, Email: sales@omaemirates.com, www.omaemirates.com ONE STOP SHOP PAYMENTforSOLUTIONSallPre-paidCardsCentralTerminalsPaymentIssuanceInstantIssuance Mobile Wallet ValueServicesAdded Fraud AuthorizationSystemandSettlementNFC Card ManagementSystem Loyalty & Gift Cards ATMTransactionProcessingSwitching/Monitoring Full AssistanceProject PRODUCTS SUPPORTSERVICESSERVICES
