Security Advisor Middle East | Issue 46 by Security Advisor Middle East

ISSUE 46 | FEBRUARY 2020

WWW.TAHAWULTECH.COM

EXPERTSâ&#x20AC;&#x2122; CORNER: DATA PROTECTION THE AFTERMATH OF A CYBER-ATTACK REVIEW: EUFYCAM

NO BLIND SPOTS

WESTERN DIGITAL ON THE POWER OF STORAGE IN ENABLING A SAFE FUTURE

HOME IS WHERE YOUR DATA IS.

Our new Data Center in the Kingdom of Saudi Arabia brings world-class cybersecurity expertise to your doorstep, ensuring the confidentiality, integrity and availability of your log & event data, without them ever leaving the country. Fully compliant with the NCA ECC-1 and the SAMA Framework, we now offer in the Kingdom of Saudi Arabia the full range of services of our award-winning ClearSkies™ Advanced Security Analytics Platform:

• • • •

ClearSkies™ SaaS NG SIEM Managed Security Services (MSS) / Managed Detection & Response (MDR) ClearSkies™ NG Endpoint Detection & Response (EDR) ClearSkies™ Advanced Security Analytics Platform for MSSPs (white-label)

Learn how you can benefit from the ClearSkies™ Advanced Security Analytics Platform. Reserve your free consultation now. Scan the QR code below to visit our website.

SCAN THE QR CODE TO RESERVE YOUR FREE CONSULTATION. www.odysseycs.com | www.clearskiessa.com

CONTENTS

20 22

NO BLIND SPOTS

Western Digital’s Khwaja Saifuddin on why storage is a vital aspect of smart video surveillance technologies

MOVERS AND SHAKERS

The latest people movement in the regional security industry

DEFEND YOUR DATA

Industry experts share top tips on data protection best practices

CLEAN SLATE

How to wipe your data and ensure it doesn’t fall into the wrong hands

BEYOND THE BREACH

What happens to the business following a cyber-attack?

COMPROMISED SLOTS How to steer clear of SIM swap attacks

34 REVIEW

Why Anker’s eufyCam deserves to be on top of your security camera shopping list

REGISTRATION NOW OPEN

BICSI EMEA

Conference & Exhibition Dubai, UAE • 13-15 April 2020 The Global Leader in ICT Education, Certification & Standards

e-CONNECTIONS THAT MATTER! IoT • 5G Networks • PoE Applications and Standards • Data Centres • AV over IP • Wireless Technologies • Artificial Intelligence (AI) • Smart Cities, Buildings and Infrastructure • Single-pair Ethernet • And More

bicsi.org/emea2020

EDITORIAL

SECURITY AND BEYOND Talk to us: E-mail: adelle.geronimo@ cpimediagroup.com

Adelle Geronimo Editor

EVENTS

The video surveillance industry has rooted all the way back to the 1940s when closed circuit television (CCTV) was invented. Since then, video surveillance tools have advanced to integrate technologies as artificial intelligence and analytics making it smarter and allowing its function to evolve beyond simply recording visual images. The global video surveillance market is projected to reach $36.9 billion in three years, according to global research firm MarketsandMarkets. This shows how investments in technologies around this security segment will continue to grow in the years to come. With regional governments focusing on developing smart and safe cities there is now more than ever a need for solutions that will deliver value beyond security.

In this month’s issue, we spoke to several surveillance technology experts who shared their views on how AI and deep learning capabilities as well as smart city initiatives are impacting the video surveillance space. Most of them highlighted that surveillance is no longer just a security tool, it is also instrumental in accelerating operational efficiencies across multiple industries. Global data storage firm Western Digital also emphasised why decisionmakers should not only look at the latest software and cameras when investing in smart video surveillance systems but also on a reliable storage device. It’s very exciting to see how a technology such as video surveillance is now evolving to deliver benefits beyond security.

“THERE IS NOW MORE THAN EVER A NEED FOR SOLUTIONS THAT WILL DELIVER VALUE BEYOND SECURITY.”

Published by FOUNDER, CPI MEDIA GROUP Dominic De Sousa (1959-2015)

Publishing Director Natasha Pendleton natasha.pendleton@cpimediagroup.com +971 4 440 9139 ADVERTISING Group Sales Director Kausar Syed kausar.syed@cpimediagroup.com +971 4 440 9130 Business Development Manager Youssef Hariz youssef.hariz@cpimediagroup.com +971 4 440 9111 Senior Sales Manager Sabita Miranda sabita.miranda@cpimediagroup.com +971 4 440 9128

EDITORIAL Online Editor Adelle Geronimo adelle.geronimo@cpimediagroup.com +971 4 440 9135

DESIGN Senior Designer Analou Balbero analou.balbero@cpimediagroup.com +971 4 440 9140

Contributing Editors Daniel Bardsley Mark Forker Giorgia Guantario Sharon Saldanha

Designer Mhar Delaben marlou.delaben@cpimediagroup.com +971 4 440 9156 PRODUCTION Operations Manager Cherylann D’Abreo cherylann.dabreo@cpimediagroup.com +971 4 440 9107

DIGITAL SERVICES Web Developer Jefferson de Joya Abbas Madh

Registered at Dubai Production City, DCCA PO Box 13700 Dubai, UAE

Photographer Charls Thomas Maksym Poriechkin

Tel: +971 4 440 9100 Fax: +971 4 447 2409

webmaster@cpimediagroup.com +971 4 440 9100

Printed by Emirates Printing Press LLC, Dubai © Copyright 2020 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.

NEWS

SOPHOS TO HELP NEUTRALISE THREATS WITH NEW MTR SERVICE

JOE LEVY, SOPHOS

Sophos has announced the availability of Sophos Managed Threat Response (MTR), a fully managed threat hunting, detection and response service. The re-sellable service provides organisations with a dedicated 24/7 security team to neutralise the most sophisticated and complex threats. These types of threats include active attackers leveraging fileless attacks and administrator tools such as PowerShell to escalate privileges, exfiltrate data and spread laterally, as explained in the SophosLabs Uncut article on Lemon Duck PowerShell malware. Attacks like these are difficult to detect since they involve an active adversary using legitimate tools for nefarious purposes, and Sophos MTR helps eliminate this threat. Joe Levy, chief technology officer, Sophos, said, “Sophos MTR not only augments internal teams with additional threat intelligence, unparalleled product expertise, and around-the-clock coverage, but also gives customers the option of having a highly trained team of response experts take targeted actions on their behalf to neutralise even the most sophisticated threats.”

FEBRAURY 2020

SANS INSTITUTE TO HOST IMMERSION-STYLE CYBERSECURITY TRAINING IN DUBAI SANS Institute has announced SANS Dubai February 2020, which will be held from 15th to 20th February 2020 at the Hilton Dubai Jumeirah Beach. During the event, global cybersecurity experts will conduct hands-on and immersionstyle training to enable participants with skills to defend their organisation against security breaches and prevent future attacks. “The rapid pace at which cybersecurity attacks are evolving and increasing is making it even more difficult for organisations to prevent and defend against them. They need to have an effective method in place to detect, thwart, and monitor internal and external threats to prevent security breaches,” said Ned Baltagi, Managing Director, Middle East and Africa at SANS Institute. “According to reports, the cyber security skills gap is widening with a shortfall of 1.8 million cybersecurity workers globally by 2022 and the situation in the Middle East is no better. Through

NED BALTAGI, SANS INSTITUTE

our courses, we hope to address the region’s skills gap by training and enabling more professionals to defend their organisations against future security breaches and attacks.” At SANS Dubai February 2020, cybersecurity experts, Brandon McCrillis and Greg Porter will conduct the two courses – the SEC566: Implementing and Auditing the Critical Security Controls – In-Depth and the SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking respectively.

RUSSIAN SPEAKING HACKING GROUP TARGETS BANKS IN SUB-SAHARAN AFRICA: REPORT Kaspersky security researchers have reported on thousands of attack notifications on major banks located in the Sub-Saharan region of the African continent. The attacks detected began on the first week of January 2020 and indicated that the threat actors are about to begin the final stage of their operation and cash out the funds. To the date, the attacks are ongoing and target large banks in several countries in Africa. The Silence group is one of the most active Advanced Persistent Threat (APT) actors, which carried out a number of successful campaigns targeting banks and financial organisations around the Globe. The typical scenario of the attack begins with social engineering scheme, as attackers send phishing e-mail that contains malware to a bank employee. From there the malware gets inside the banks’ security perimeter and lays low for a while, gathering information on the

victim organisation by capturing screenshots and making video recordings of the day to day activity on the infected device, learning how things work in the targeted banks. Once attackers are ready to take action, they activate all capabilities of the malware and cash out using, for example, ATMs. The score sometimes reaches millions of dollars. The researchers attribute the attacks to the Russian speaking Silence group based on the malware used in the attacks, which was previously used solely in the group’s operation. Sergey Golovanov, security researcher, Kaspersky, said, “We urge all banks to stay vigilant, as apart from the large sums Silence group also steal sensitive information while monitoring the Banks activity as they video record screen activity. This is a serious privacy abuse that might cost more than money can buy.”

www.tahawultech.com

NEWS

DFSA SUPPORTS DUBAI’S NATIONAL CYBERSECURITY STRATEGY WITH NEW PLATFORM The Dubai Financial Services Authority (DFSA) has launched the first financial regulator-led Cyber Threat Intelligence Platform in the region. The platform was rolled-out in collaboration with the Dubai Electronic Security Center (DESC), the National Computer Emergency Response Team for the UAE (aeCERT), the Computer Incident Response Center Luxembourg (CIRCL) and the Open Source Threat Intelligence and Sharing Platform Project (MISP). According to the DFSA, it will host the Platform on its infrastructure and will outsource the management and enrichment of the platform to HelpAG. The platform will facilitate the development of a community of information sharing for regulated and non-regulated companies operating in or from the Dubai International Financial Centre (DIFC). It also connects with other

respected international cyber security firms, including Palo Alto Networks, Cofense, Kaspersky and Recorded Future. Bryan Stirewalt, chief executive officer, DFSA, said, “Over the past two years, we have been steadily increasing our supervisory focus on operational resilience, including cyber risk. We

RAQMIYAT ANNOUNCES PARTNERSHIP WITH IVANTI FOR GCC Regional systems integrator and provider of digital transformation solutions and services Raqmiyat has announced that it is now a regional business partner and authorised reseller of Ivanti products and services in the GCC. Ivanti delivers solutions that unify IT and security operations to better manage and secure the digital workplace. Ivanti provides solutions for the integrated management of desktops, servers and mobile devices in the enterprise. It offers insight and management of devices, workflow integration, and optimal automation through a wide range of solutions such as endpoint security, IT asset management (ITAM), IT service management (ITSM), identity management and unified endpoint management to drive business growth. By leveraging this partnership,

www.tahawultech.com

Raqmiyat will address the need of digital transformation for enterprises by enabling our customers who want to unify IT on –premises or in the cloud. Ugresh Kumar, director, Managed Services, Raqmiyat, said, “Ivanti’s comprehensive portfolio of ITAM, ITSM, endpoint, and security management solutions are designed specifically to help enterprises achieve a secure, automated, and digital workplace. We believe Ivanti’s solution that helps secure and automates IT operations will provide additional value to the existing customers helping them in achieving their digital transformation agenda. And also, adding, Ivanti product line to Raqmiyat’s Managed Services offerings will help customers to achieve the higher success rate of automation, end-user support and also new business to Raqmiyat.”

are proud to launch the Cyber Threat Intelligence Platform, which brings together a community of cyber experts in a coordinated fight against cyber-attacks and will be a valuable mechanism for all members of the DIFC ecosystem to share information on threats and risks. These intensified efforts support the National Cybersecurity Strategy and the Dubai Cyber Security Strategy and are designed to strengthen the cybersecurity environment in the DIFC.” Prior to the launch of the Platform, the DFSA undertook a series of initiatives focusing on cyber risk governance, systems hygiene and resilience. The DFSA also created a specialist supervision team tasked with overseeing how firms manage their cyber risk.

9 OUT OF 10 CISOs SAY THE BOARD ASKS THEM FOR ADVICE, BUT STILL FACE DIFFICULTIES WHEN IT COMES TO JUSTIFYING NECESSARY SPENDING ON IT SECURITY SOURCE: KASPERSKY

Under the partnership Raqmiyat will deliver solutions such as the Ivanti Security Controls, Ivanti Endpoint Manager, Ivanti User Workspace Manager, Ivanti Service Manager and Ivanti Asset Manager. Husni Hammoud, general manager, Ivanti Middle East, said, “This partnership will provide us the opportunity to showcase the Ivanti Unified IT vision and solutions to customers and organisations in order to sustain their competitive edge, achieve higher efficiency and the ultimate goal of digital transformation. With Raqmiyat’s expertise and competency, we aim to further grow and strengthen our market dominance in the region.”

FEBRAURY 2020

MOVERS AND SHAKERS

TENABLE APPOINTS NEW SENTINELONE GETS NEW VICE PRESIDENT FOR EMEA VP FOR OT SECURITY SentinelOne, the autonomous endpoint

MARTY EDWARDS, TENABLE

Tenable has announced the appointment of Marty Edwards, a globally recognized expert in cybersecurity for industrial control systems and operational technology (OT), as Vice President of OT Security. At Tenable, Edwards will serve as an evangelist for the company’s OT security vision, with a particular focus on furthering government and industry initiatives to improve critical infrastructure security. Edwards and his team will help ensure organizations address OT security as part of their risk conversations. He will report to the office of the Chief Technology Officer. Edwards joins Tenable from the International Society of Automation (ISA), where he was the Director of Strategic Initiatives. In this role, he worked closely with government and industry leaders to help strengthen the cyber defenses of critical infrastructure. Before that, Edwards was the longest-serving Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT.) “Tenable uniquely understands the security challenges of dynamic computing environments — from traditional IT to OT to modern assets — and is bringing innovative solutions to market to solve them head-on,” said Edwards. “I’m very excited to join the Tenable team and I’m looking forward to helping customers around the world understand and reduce their cyber risk in the digital era.”

FEBRUARY 2020

protection company, has announced the appointment of Daniel Kollberg as vice president EMEA. According to the company, the appointment supports its efforts to become the next great cybersecurity company, through helping organisations use AI to defend against every attack at every stage. Over the last six months, SentinelOne has more than tripled its EMEA business fueled by enterprise wins in Southern Europe, UK, and the Middle East. Serving hundreds of Global 2000 enterprises and three of the Fortune 10, key EMEA public references include Aston Martin, Casino, Monoprix, Savencia, About You, and Berlitz – each of which has replaced legacy antivirus for SentinelOne’s EPP and EDR platform. Daniel Kollberg will play an integral role in further growing and scaling the company’s growth across EMEA. Kollberg brings over 25 years of leadership experience in cybersecurity and IT solutions to SentinelOne. Prior to joining the company, Kollberg was most recently VP, EMEA Service Providers at Palo Alto Networks, where he helped dramatically grow and scale the

DANIEL KOLLBERG VP EMEA SENTINELONE

company over the past five years. At SentinelOne, Kollberg will work closely with the executive leadership team to execute aggressive growth plans across EMEA. “SentinelOne is differentiated in its ability to secure the region’s largest enterprises against the widest spectrum of attacks,” said Daniel Kollberg, VP EMEA, SentinelOne. “In SentinelOne, I see the industry’s goldstandard unified EPP & EDR solution, with unprecedented innovation in IoT and cloud workload protection, all in a single platform. SentinelOne epitomises innovation and customer success.”

HID GLOBAL NAMES BJÖRN LIDEFELT AS NEW PRESIDENT AND CEO HID Global has announced the appointment of Björn Lidefelt as its new president and CEO. Lidefelt joins the company after serving as Chief Commercial Officer (CCO) at HID parent company ASSA ABLOY, where he oversaw branding, communications, commercial development and strategy. He also has extensive experience in international sales and marketing, having spent more than nine years in Asia Pacific markets including China and Malaysia. He holds a Master of Science degree in Industrial Engineering and Management from the University of Linköping, Sweden, majoring in computer science and marketing. He succeeds Stefan Widing, who led HID Global for over four years. “I look forward to leading a dedicated

BJÖRN LIDEFELT - CEO-HID

and talented global workforce focused on delivering industry-leading solutions to governments, universities, hospitals, financial institutions and some of the most innovative companies on the planet to create trusted physical and digital places,” said Lidefelt.

www.tahawultech.com

12TH

CPI Media Group would like to sincerely thank all our sponsors for their incredible support that ensured our CIO100 Awards were a resounding success. GOLD PARTNERS

DIGITAL TRANSFORMATION PARTNER

CLOUD TRANSFORMATION PARTNER

SILVER PARTNER

EVENT PARTNERS

RAFFLE SPONSOR

HOSTED BY

ORGANISED BY

STRATEGIC TECHNOLOGY PARTNER

COVER FEATURE

NO BLIND SPOTS

WESTERN DIGITAL SENIOR SALES DIRECTOR FOR THE MIDDLE EAST KHWAJA SAIFUDDIN DISCUSSES THE COMPANY’S INNOVATIVE OFFERINGS FOR THE SMART VIDEO SURVEILLANCE SEGMENT AND SHARES INSIGHTS INTO WHY STORAGE IS THE UNSUNG HERO OF SMART AND SAFE CITY TECHNOLOGIES.

“SMART VIDEO SURVEILLANCE IS A HUGE PART OF THIS TECHNOLOGY AND STORAGE IS ITS BACKBONE.”

FEBRUARY 2020

www.tahawultech.com

he race towards smart cities is all the rage today. Almost every government across the world are launching initiatives, signing partnerships and investing in tools and expertise that will enable them to build technologically empowered cities. Surveillance technologies will be at the heart of these smart cities, ensuring not only the security and safety for citizens but also bolstering

www.tahawultech.com

FEBRUARY 2020

COVER FEATURE

efficiency across a vast variety of critical infrastructure functions. Smart cities need to have a robust and scalable video surveillance infrastructure. A study by research firm MarketsandMarkets noted that the global video surveillance market is projected to reach $68.3 billion by 2023. This figure highlights how organisations see the importance of investing in this IT segment to support their respective nations’ smart and safe city goals. However, when most decision-makers think about a new video surveillance solution, they typically invest in the latest camera, video monitoring tools and video management software. What they need to realise is that storage is a key component to the success of any initiative involving video surveillance. Khwaja Saifuddin, senior sales director – Middle East, Western Digital, says, “Several countries in the region are investing in the latest safe city

FEBRUARY 2020

“AS THE AMOUNTS OF DATA BEING RECORDED CONTINUE TO GROW, WESTERN DIGITAL IS COMMITTED TO DEVELOPING RELIABLE STORAGE AND EFFICIENT ACCESS TO CRITICAL DATA.” technology innovations to keep their cities safe and secure. Video surveillance is a huge part of this technology and storage is its backbone.” As with most technologies, video surveillance solutions collect huge volumes of data. For example, in the UK, there are over 8.2 million surveillance cameras, which produce 10.3 petabytes of visual data every hour, according to recent industry reports. While these data

are fundamentally unstructured, they need to be stored over a number of years for legal and regulatory purposes, which require organisations and government authorities to have a robust storage solution. And for future smart cities, in particular, the amount of data that will be generated is endless. “Surveillance systems often feature video analytics and high-definition image recording,” explains Saifuddin. “To manage the vast amounts of video and related metadata in an intelligent surveillance solution, it is absolutely critical for an organisation to have data storage that can read and write for such systems and has the utmost levels of performance ensuring that data integrity isn’t compromised.” FROM ‘SEEING’ TO INSIGHTS Today’s surveillance industry is witnessing strong demands for higherresolution cameras and new applications requiring real-time analytics.

www.tahawultech.com

Increasingly, video surveillance systems are being integrated with artificial intelligence (AI) and data analytics to ensure to provide organisations with actionable insights. According to Saifuddin, AI-enabled video systems allow organisations to process, analyze and identify patterns on-site in real-time at the edge. This enables them to eradicate the need to deal with latency associated with transferring data and video off-site for analysis. This demands for storage devices that are capable of writing data at high speeds to keep up with these AI applications and simultaneously support both AI and video workloads. “Traditional surveillance is often focused on post-event actions. Those days are behind us,” he says. “Organisations today want to invest in surveillance devices that are more proactive and will give enable them with insights to take preemptive action. AI and analytics pave the way to achieving this.” These insights, according to Saifuddin, are not solely focused on security measures. It also helps accelerate smart city initiatives such as traffic management by analysing data from surveillance cameras and integrating deep learning to recognise traffic patterns that will help curb congestions. “It is undeniable that video surveillance is expanding and is transforming into a more intelligent science, therefore, we believe that storage too must evolve,” explains Saifuddin. THE POWER OF STORAGE Western Digital seeks to play a key role in the evolution of smart video technology. Its ‘No Blind Spots,’ campaign encompasses a broad portfolio of storage solutions that supports today’s complex and advanced video and AI technologies.

www.tahawultech.com

“As the amounts of data being data storage capacities. Meanwhile, recorded continue to grow, Western WD Gold HDD offers enterpriseDigital is committed to developing class performance and exceptional reliable storage and efficient access to reliability making it ideal for demanding critical data,” says Saifuddin. environments. “We are focused on innovating across the technology stack to prepare our LOOKING AHEAD customers for the zettabyte-scale age Saifuddin highlights that the biggest of the future and to build a flexible driver in the video surveillance space foundation for enabling access to faster will be the evolution to 4K videos and the intelligence.” rise of 5G networks. As part of its ‘No Blind Spots’ strategy, “A few years ago, the video the company has optimised its storage surveillance market was mostly products for 24/7 video surveillance comprised of analogue cameras. To cameras and feature high endurance date, it has transformed into digital and with the capability to withstand extreme in the future, we can expect demands for operating temperatures from -25˚ 4K videos,” he says. to 85˚C. Edge solutions are Furthermore, he delivered through SSDs notes that there’s and purpose-built already a growing HDDs for Network buzz in the Video Recorders market for the (NVRs) with high development capacity and of 8K videos. high endurance “What does allowing for this mean for VALUE OF THE GLOBAL VIDEO many days of storage? Well, SURVEILLANCE MARKET BY 2023 high-resolution these highSOURCE: video footage to definition videos MARKETSANDMARKETS be stored. mean the images The WD Purple that these cameras portfolio complements will produce will have solutions that enhance higher resolutions and will, smart video technology. The WD Purple therefore, have big file sizes. This microSD card provides long-lasting means organisations will require more on-camera storage coupled with space to store these data, and with more exceptional performance and reliability. space, they need more Western Digital Meanwhile, WD Purple Surveillance drives,” explains Saifuddin. HDD features Western Digital’s AllFrame To support this future requirement, technology that helps create a security Western Digital is already testing new system tailored to the needs of the products with larger capacities from business. including 18 to 20 terabytes HDDs. As for enterprise-grade requirements, “We are at the forefront of developing Western Digital’s Ultrastar NVMe series storage solution with the largest SSDs perform at the speed of today’s capacity. We have a very strong history of business needs. The Ultrastar HC 530 pioneering industry-leading innovations and WD Gold HDD are premier Cloud in this segment because of the amount solutions. The Ultrastar HC 530 is a of talent and expertise that we have at cost-effective option that allows for huge Western Digital.”

$68.3 BILLION

FEBRUARY 2020

AWARDS & FORUM 2020

24th March, 2020 LouLou’a Ballroom Ritz Carlton Dubai (JBR)

Recognising excellence in security Security Advisor Middle East CISO 50 Awards recognise 50 top organisations and the people within them that have delivered groundbreaking business value through the innovative application of risk & security concepts and technologies. Winners will be announced at the CISO 50 awards and conference taking place in Dubai. To submit a nomination, please follow the instructions below and send: • Name of project, brief description including objective • Detailed narrative describing the project • Empirical facts & metrics that demonstrate the initiative’s value • Additionally, you will also be asked to provide details about key contacts in the nominated organisation. Award nominations may be submitted by an organisation, PR agency or a solutions provider. Nominations deadline: 1st March 2020

#CISO50

www.tahawultech.com/ciso50/2020 SILVER PARTNER

HOSTED BY

OFFICIAL PUBLICATION

ORGANISER

EXPERTS’ CORNER

DEFEND YOUR DATA LAST MONTH SAW THE WORLD OBSERVE THE DATA PROTECTION DAY, A GLOBAL EVENT THAT’S AIMED AT BOOSTING AWARENESS AMONG BUSINESSES AND USERS ABOUT DATA PROTECTION AND PRIVACY. SECURITY ADVISOR ME SPOKE TO INDUSTRY EXPERTS WHO SHARED INSIGHTS INTO WHY DATA PROTECTION DAY IS MORE THAN JUST ANOTHER DATE IN THE CALENDAR.

www.tahawultech.com

eld annually every 28th January, Data Protection Day began in Europe in 2007. Two years after, the US and Canada followed suit and launched the Data Privacy Day. With the aim of raising awareness and promoting privacy and data protection best practices, the event is now being observed by individuals and organisations across 50 countries worldwide. In an increasingly digitised world, data is becoming more and more valuable. Today, businesses rely on data to identify new opportunities for growth as well as to improve the efficiency, services and products that are, ultimately, aimed at benefiting their consumers. With data protection growing into one of the major priorities of our time, we spoke to industry experts about the best way to protect data, as well as predictions regarding the direction data privacy in the future. g

FEBRUARY 2020

EXPERTS’ CORNER common routes for malicious users to

shared and how it’s protected; and assess

steal data are addressed before you look

risks to data and prioritize investment in

to control access for legitimate users. Of

data protection.

course, making sure that stakeholders are

Having a data-centric audit and

addressed and engaged throughout the

protection is vital for modern enterprises

process will help in delivering an efficient

that leverage Big Data to support

and effective data protection mechanism

business processes. By finding the right

that meets, or hopefully, exceeds their

balance between adequately protecting

needs and expectations.

the organisation’s data and supporting the use of data within the organisation, IT teams can create a more robust security

BRIAN CHAPPELL, DIRECTOR OF PRODUCT MANAGEMENT, BEYONDTRUST

posture without hindering productivity.

Success in data protection projects is predicated on a solid cybersecurity foundation and a structured approach to what is being protected — without a solid foundation, data controls will be open to abuse. Not all data are equal, and some data will require more protection than other

GARRETH SCOTT, MANAGING DIRECTOR, CREDENCE SECURITY

data. Try to keep the classification of

ALAIN PENEL, REGIONAL VICE PRESIDENT – MIDDLE EAST, FORTINET

data as high-level as possible with only

Companies must be able to identify,

a handful of labels — Highly Sensitive,

combine and manage multiple sources of

Confidential, General, and Open. Having

data. More importantly, business leaders

only a few ‘buckets’ makes it easier to

must possess the muscle to transform the

achieve the actual task of protecting the

organisation so that the data and models

The challenge is that with today’s

data and enables organisations to avoid

yield better decisions.

highly distributed network, data can be

getting paralysed with the task of classifying

It’s essential for organisations to have

copied multiple times and distributed

data. Bringing data together into their

protection for wherever the data is located

virtually anywhere. To meet data privacy

respective classifications can also make

and integrated. Data travels across many

and protection requirements in such

initial protection much easier. Appropriate

platforms and devices from computers

environments, organisations need to

protection for each classification will go a

to mobile phones and from social media

implement security solutions that span

long way in avoiding impacts to productivity.

to the cloud. So, it’s important to provide

the entire distributed network in order to

Highly Sensitive data should and will be

protection on the endpoint, network, cloud,

centralise visibility and control.

harder to access than Confidential data and

and for Windows, Mac, and Linux.

that will be harder than General data (this

Enterprises are taking advantage of Big

To achieve this, organisations need to consider three essential factors. Firstly,

is data where release has very low impact

Data analytics to advance their businesses.

security needs to span multi-cloud

or actually due for public release in the mid

But this also creates opportunities for

environments. IT and security leaders

to near term). Ensuring the protection is

cybercriminals. That’s why companies

need to implement mechanisms that

appropriate will reduce friction for day-to-

are increasingly securing their business

will allow them to keep track of every

day activities – there will be fewer users

and customer data with data-centric audit

instance of data, especially as it moves

reporting that the controls impact their

and protection (DCAP). Data-centric audit

into and across multiple applications

ability to do their jobs, but sensitive data will

and protection is designed to protect

and workflows. Furthermore, security

be fully protected.

business data without getting in the way of

tools need to natively integrate into

In parallel, closing the obvious gaps

harnessing the analytical use of it. A good

cloud platforms in order to consistently

in areas like vulnerability management,

data-centric security model can enable

segment the multi-cloud environment,

privileged account and sessions

businesses to safely use IT services and

and policies need to be translated on the

management, privilege elevation and

vendors; mitigate the risk of data breaches;

fly to accommodate differences in cloud

delegation management, and identity and

comply with regulatory mandates; manage

platforms as data moves.

access management will ensure that the

data including where it’s stored, when it’s

FEBRUARY 2020

The second factor they need to keep

www.tahawultech.com

in mind is the important of data poss

The first misstep that IT and business

prevention (DLP) tools. Tracking and

leaders commit when it comes to protecting

managing PII requires the implementation

data is having inappropriate or lack of

of Data Loss Protection (DLP) technologies

backups. Many organisations believe that

that can be applied inline as well as at the

their data is safely backed up on either

cloud API level.

cloud drives or internal archives but if

Finally, they also need to keep in mind that

these are not adequately secured these can

compliance reporting requires centralised

be accidentally or maliciously erased for

management. Compliance reporting needs to

example during a ransomware attack or

span the entire distributed infrastructure. As with other requirements, this also demands consistent integration throughout the cloud and

RAJESH GANESAN, VICE PRESIDENT, MANAGEENGINE

with the on-premise security infrastructure.

A key misstep is not doing a full audit. This leads to not knowing about all the data you actually have and where it is located.

Data protection works completely only

Another is trusting implicitly in the security

when every component in the infrastructure

of a cloud vendor without augmenting it

including people are prepared to handle

with additional layers of security. This is

it with every activity that happens in the

known as a defence in depth approach and

business infrastructure. To make this efficient

is a critical component of security and data

while being compliant to an important

governance best practice.

regulatory requirement, data protection must

DR ALEKSANDAR VALJAREVIC, HEAD OF SOLUTIONS ARCHITECTURE, HELP AG

simple accidental deletion.

Another common error is assuming that

be built right from the design stages of all

encryption is all the protection you need.

services and operations. It should be present

Encryption can help to ensure unauthorised

as a strong but invisible layer, not hampering

access to information is eliminated but

the regular operations nor requiring big

it does nothing to ensure the integrity or

changes or specialised training.

availability of the data. An example of this

The other aspect is imparting awareness

is organisations believing that encrypted

about the importance of data protection.

data is secure from ransomware whereas

Business leaders need to educate people on

in reality criminals can simply encrypt your

Organisations need to first understand their

the Dos and Don’ts in a way that is contextually

encrypted data rendering it unusable.

data to succeed in their data protection

integrated into their work, instead of doing

initiatives. They need to be aware of the

periodic training sessions. This can be done by

different internal and external policies

implementing the right hooks in the system that

and regulations that apply to those data.

pops up and informs users about any violations

Subsequently, data protection strategies

to data protection policies their actions are

should cover the three key components of the

causing. People learn well contextually this

digital business, which are people, process

way, carry the lessons and make less mistakes

and technology.

making them more productive. This is a

There needs to be a balance between implementing data protection measures and

strategy that data protection leaders must make sure to implement.

productivity. To achieve this, organisations should have a proper understanding of their

ADENIKE COSGROVE, CYBERSECURITY STRATEGIST, INTERNATIONAL, PROOFPOINT

risk exposure. They can do this by running security awareness campaigns, which can give them an idea on how adept people in the workplace are when it comes to data protection and privacy. They can also utilise technologies

Data Privacy Day provides an important

that offer adaptive response and analyse user

opportunity for organisations to take a

behaviour to get a better gage of the risk profile

step back and consider whether they really

of different individuals within the organisation.

are doing enough to keep their customers’

In doing so, security leaders will get a better view of the level of protection that they need for their data and systems.

www.tahawultech.com

BRIAN PINNOCK, CYBER RESILIENCE EXPERT, MIMECAST

data secure in the face of today’s threats. While data protection regulations such as the EU GDPR have helped start

FEBRUARY 2020

EXPERTS’ CORNER

conversations and forced organisations

Furthermore, it is always a balancing

have a data breach, and put in place

to think differently about how keep data

act to find the right data protections

capabilities or contract service to help

secure, this is just the starting point.

without sacrificing productivity, and

you spot insider threats and cyber-

Just because a business complies with

more importantly, within the allocated

attacks before they have time to develop

a regulation, that does not necessarily

budget constraints. Data protection,

into damaging breaches.

mean it is doing everything it can to

like any other security approach,

protect its customers’ personal data.

requires a solid foundation to build

Regulatory compliance is often

upon, a roadmap to incrementally

viewed as a check-box exercise and can

stride towards and a list of milestones

be open to interpretation, so becoming

for the team to achieve. In most

compliant with regulations such as the

organisations, the security team is

GDPR should not be a primary driver of

not directly tied to a revenue stream,

security. Compliance is an important

and therefore, are scrutinised and

step in the process as it can help an

have a ceiling compared to other

organisation discover critical gaps

departments. This requires the

in its current security, but it should

security team to constantly evaluate

only be viewed as a starting point on

their objectives and measure

the journey to true data protection

themselves against quantitative

and information security. Beyond the

milestones.

compliance check box, organisations need to implement industry best practices, understand their individual

JASMIT SAGOO, SENIOR DIRECTOR, HEAD OF TECHNOLOGY UK&I, VERITAS

risk profile, and implement peoplecentric security strategies.

MATT WALMSLEY, EMEA DIRECTOR, VECTRA Put people first and create and

RYAN TROST, CO-FOUNDER AND CTO, THREATQUOTIENT

maintain a security-aware culture. Your employees are on the frontline of the guardianship of your data. Help educate and engage them about how to

When it comes to ensuring the success

responsibly use and protect your data.

of data protection strategies the best

Define policies and technical controls

advice that I can give to organisations

that underpin the way of working.

is periodically test your protection

Data security and risk need to

processes. Data protection typically

be considered throughout business

comprises several layers and each

planning and operational rolls out,

one needs to be periodically tested to

rather than as an afterthought.

ensure the workflows are documented,

Finally, recognise that you are never

the technology is sound, and the

truly 100 percent secure. Adopt a

protections continue to align with the

healthy paranoia, have a practiced and

original intent.

documented plan of action for if you do

FEBRUARY 2020

Data Protection Day serves as an important reminder that businesses are being increasingly held more accountable by regulators and consumers for protecting data. It is a good opportunity for CIOs and Data Protection Officers to highlight the issue of data privacy to the board, or implement internal activities such as employee training or phishing tests to ensure employees are continually educated about the vital role they play in protecting data. IT leaders should also use the day as an opportunity to review their current data protection strategies. Software that can automate the protection and recovery of data everywhere it lives within an organisation, while ensuring 24/7 availability of business-critical applications, should be considered. Data Protection Day may be a one-day event, but it’s imperative to maintain good privacy practices year-round.

www.tahawultech.com

Innovation Awards 2020

NOMINATE NOW Tuesday, 24th March 2020

LouLouâ&#x20AC;&#x2122;a Ballroom, Ritz Carlton, JBR, Dubai

https://www.tahawultech.com/govtech/2020/ For sponsorship enquiries Kausar Syed Group Sales Director kausar.syed@cpimediagroup.com +971 4 440 9130 / +971 50 758 6672

HOSTED BY

Youssef Hariz Business Development Manager youssef.Hariz@cpimediagroup.com +971 4 440 9111 / +971 56 665 8683

ORGANISER

Sabita Miranda Senior Sales Manager sabita.miranda@cpimediagroup.com +971 4 440 9128 / +971 50 778 2771

OFFICIAL PUBLICATION

INTERVIEW

PRIMED FOR GROWTH FADI ABU EKAB, CEO AND FOUNDER, SCOPE MIDDLE EAST, DISCUSSES COMPANY UPDATES AND SHARES WHAT MAKES THEM A STRONG PLAYER IN THE REGIONAL SECURITY LANDSCAPE.

FEBRUARY 2020

www.tahawultech.com

“WE HAVE A VERY DEDICATED TEAM AND HAVE A WONDERFUL WORK CULTURE THAT CULTIVATE KNOWLEDGE AND EXPERIENCES TO ENSURE THAT WE DELIVER SUCCESSFUL SOLUTIONS THAT MEETS CUSTOMER EXPECTATIONS.”

an you please share some of the highlights at SCOPE Middle East over the past 12 months? Over the last 12 months, we had signed a number of key partnerships. We have added NIKSUN’s real-time and forensics-based cybersecurity and network performance management offerings into our portfolio. We have also signed a partnership to distribute C3M’s cloud services and compliance management solutions in the Middle East. Another key partnership that we have entered was with UK-based cybersecurity firm CybSafe for its cloudbased cyber awareness platform. We have also worked closely with Umniah and Kaspersky in delivering the Safe Kids programme to families Jordan. Another key milestone that we have achieved is the expansion of our footprint to West African markets. Last but definitely not the least, in 2019 we have achieved a growth of almost 30 percent as compared to 2018. What do you believe are the growth drivers for SCOPE Middle East? SCOPE Middle East was formally established on 2009, since then the main success driver for the company has been our dedication to achieve growth. Key to this success are is the dedication of our team to expand their knowledge to face and deal with challenges of all

www.tahawultech.com

types, and deliver and maintain customer satisfaction. I believe that’s what makes SCOPE ME successful and a wonderful company to work in. What do you think differentiates SCOPE Middle East as a security distributor in the region? We have a very dedicated team and have a wonderful work culture that cultivate knowledge and experiences to ensure that we deliver successful solutions that meets customer expectations. As a distributor, how do you enable organizations in the region become cyber resilient in the digital era? Throughout our wide network of resellers, we make sure that we deliver what regional organisations need to address the latest cybersecurity challenges. We also maintain the ability to understand all types of businesses, so that we can provide our customers with the right advice before we propose a product. Cybersecurity awareness is one of the areas that we are putting a lot of focus on today. We believe developing people’s knowledge to increase their immunity against hackers’ intentions and methods, is more important than putting them behind a firewall. To achieve this, we work to deliver cybersecurity knowledge in a scientific approach based on well collected and classified data on human

behaviours for different scenarios predicted while dealing with technology. What industries do you think will see increased investments in security technologies? Utilities and essential infrastructure sectors are increasingly realising the different security risks that they might be exposed to. This will, in turn, fuel investments in security solutions for operational technologies. Which technologies do you think will transform the regional cybersecurity market? I believe that technologies around data forensics will be provide organisations with the ability to deeply see what is happening or happened on a network. This will enhance the defensive measures that organisations have in place. At the same time providing security via cloud is becoming more mature now in the area and having local cloud providers in each country will encourage organisations to use these technologies. What role can SCOPE Midde East play in the future of the regional cybersecurity landscape? The vast experience and expertise that Scope Middle East has today puts us in a unique position to help spread knowledge and awareness on the latest cybersecurity innovations and best practices. We can be instrumental in building the foundation for international cybersecurity players to reach regional organisations who need to develop their cyber immunity. What can we expect from SCOPE Middle East this 2020? We have a number of initiatives planned for 2020 including roadshows and taking part in industry events. We look forward to meeting current and potential partners and customers then

FEBRUARY 2020

INTERVIEW

EVOLVING BEYOND SECURITY

FADI KANAFANI, MANAGING DIRECTOR AND GENERAL MANAGER – MIDDLE EAST, NETAPP, DICUSSES THE EVOLUTION OF VIDEO SURVEILLANCE TECHNOLOGIES AND THE ROLE THAT STORAGE SOLUTIONS PLAY IN SUPPORTING THIS TRANSFORMATION.

hat was the primary highlight of your participation at this year’s Intersec? At this year’s Intersec, we showcased NetApp platforms that are geared for intelligent video applications. These applications were developed with the aim of helping organisations modernise their video surveillance infrastructure. Participating at Intersec gave us the opportunity to demonstrate our expertise in this sector, and how we can help businesses get more out of data by using AIdriven analytics to derive information that they can work with. NetApp also showcased its relationship with three alliance partners: Atos, Axis and VMS. Together, we complete an offering and demonstrate our integration when we go to customers. NetApp’s E-Series storage offers VMS and analytics

“ORGANISATIONS ARE BEGINNING TO REALISE THAT THEIR VIDEO SURVEILLANCE SYSTEM IS MUCH MORE THAN JUST CAMERAS AND SOFTWARE.” 22

FEBRUARY 2020

technologies direct, super-fast access to data along with ensuring reliability, speed, and scalability. How has the surveillance storage market grown over the years and what are the trends organisations should look out for in this space in 2020? In the Middle East, we see emerging demands for security and surveillance. Video surveillance technology has been developing in leaps and bounds and the storage solutions to support it have also been evolving. Businesses aim to get more out of their surveillance data to make better and faster decisions and to ensure swift operations for their security teams. In addition, advances in camera technology place extreme demands on video surveillance storage infrastructure. Organisations are beginning to realise that their video surveillance system is much more than just cameras and software. Storage is the backbone of today’s video surveillance systems. At NetApp, our technology is constantly evolving to ensure that we deliver what the market needs. Growth has been accelerating from a physical security perspective and we have seen development not only in the UAE but in Saudi Arabia and the region as well.

How can the company’s offerings enable smart and safe cities? When you say smart, you have to ensure that you have the right infrastructure and right application in place to render it as smart. It also requires the eyes to see what’s going on, to see the trends, if its related to traffic or people walking around in the late night or if its related to a shopping mall and understanding the needs of your customers etc. The common denominator for all this is a robust infrastructure that NetApp provides. We have been in that business for over 20 years and we’ve sold a million systems that has made physical and video surveillance solutions possible. How do you market your technologies to your channel ecosystem? NetApp has its presence in three different countries in the Middle East. However, the size of the business is so large that it’s going to be naïve on our part to believe we can cover all that business. We operate in a two-tier model – NetApp to the distributor, distributor to the partner channel and then to the end customer. The landscape for storage devices has also changed and evolved rapidly. NetApp has stepped up to meet this challenge by providing the proper training to ensure its success.

www.tahawultech.com

FEATURE

A CLEAN SLATE

DATA IS GROWING AT AN INCREDIBLE PACE AND IT WILL ONLY CONTINUE TO DO SO IN THE COMING YEARS. RECENT INDUSTRY REPORTS HIGHLIGHTED THAT A FULL 90 PERCENT OF ALL THE DATA IN WORLD HAS ONLY BEEN GENERATED OVER THE LAST TWO YEARS. BUT WHAT DO YOU DO WITH DATA WHEN IT’S NO LONGER NECESSARY FOR THE COMPANY AND HOW DO YOU MAKE SURE THAT IT DOESN’T FALL INTO THE WRONG HANDS? SECURITY CORRESPONDENT DANIEL BARDSLEY INVESTIGATES.

he Idaho Power Company hit the headlines for all the wrong reasons in 2006 when it came to light that hard drives from the firm containing customer data were being sold on eBay. It transpired that the company’s policy on wiping drives had not been followed before the devices had been put up for sale, leaving company officials scrambling to track down the items.

www.tahawultech.com

FEBRUARY 2020

FEATURE

much more complex. Although the firm was successful Indeed, it is so complex that multiple in recovering most of the more than terms have been developed to cover the 200 hard drives that it had sold on, the myriad ways in which devices might be episode remains a cautionary tale as to made safe. what can happen when not enough care As the data erasure and diagnostics is taken with old hardware. company Blancco notes, there is the There was a time not that long ago term data destruction, which refers to when destroying sensitive data was a destroying data on devices so that it relatively straightforward affair, involving cannot be read or accessed. little more than tearing up letters and However, as Blancco highlights, documents and dropping them in the standard methods of ‘destroying’ data waste bin. often merely prevent it from being Often the closest methods got to being accessed. high-tech was if a pair of As a result, stainless-steel shredding sophisticated data scissors boasting recovery methods multiple blades or might be able a mechanical to overcome shredder was efforts to used. make the While these device safe. fairly simple ESTIMATED VALUE OF THE GLOBAL In doing so, devices were DATA ERASURE SOLUTIONS AND DATA they may sufficient for a DESTRUCTION SERVICE BY 2026 allow the world in which SOURCE: MAXIMIZE MARKET data to be read documents RESEARCH again. were paperThings have to only, destroying be taken a step further electronic data can be

$5,245.3 MILLION

FEBRUARY 2020

to achieve what Blancco describes as data sanitisation, which leaves the data unrecoverable even by the most advanced forensic means. “There are techniques called secure wipes. The data is erased and the disk is overwritten multiple times so you cannot get a ghost image,” says Morey Haber, chief technology officer and chief information security officer, BeyondTrust. Many firms offer these types of services, among them the United Statesbased Vibrant Technologies, to give just one example. Vibrant Technologies promotes what it describes as “bullet-proof erasure services”, with the work carried out in a secure room that is subject to constant surveillance. Among its services are three-pass and seven-pass DoD [Department of Defense]-level wipes using tools from a variety of well-known companies, such as NetApp and IBM. As is often the case, the data erasure itself is followed, as an additional safeguard, by verification that it has been successful. Myriad companies offer physical destruction services, although

www.tahawultech.com

destruction is not as foolproof as might be thought, because recovery methods can sometimes extract data even from broken structures Data erasure can have environmental benefits, since it may allow electronic waste, once wiped, to be reused and to enter the secondhand or secondary market, instead of being destroyed. This is all the more important considering that the amount of e-waste generated each year is thought to be an eye-watering 50 million tonnes. A complication when it comes to data erasure is that companies do not have to consider just devices that have come

to the end of their life and are being disposed of, whether for landfill, recycling or resale. There is also the issue of hardware that has to be returned for repairs, servicing or replacement, perhaps under the manufacturers’ warranty. Risks are created too by multifunctional devices such as photocopiers, which a company might try for a short period of time before deciding whether to go ahead with a purchase. These may store sensitive data from the period when they were being trialled. Further complications can arise if a device does not boot up. What is to be done with a

laptop that contains data but that refuses to start up in order for that data to be erased? “For a system that doesn’t boot up, you have to trust the warranty company or just consider the device lost if it wasn’t containing very sensitive info,” says Haber. “Do you just consider it lost and get another one? This is a business decision based on the sensitivity of the data that will have passed through that device.” In some instances, if a device is returned, vendors may allow customers to retain the hard disk or SSD, perhaps at the cost of just a nominal fee. Haber suggests companies should seek out such vendors.

WHAT KIND OF DATA ERASURE SOLUTIONS ARE AVAILABLE IN THE MARKET? Many issues linked to protecting data when devices are sold are similar to those associated with the likes of laptops, tablets and mobile phones, all of which are regularly taken out of company premises and are therefore at risk of being lost or stolen. Ensuring that the contents of these devices are not compromised in the event of theft or a loss is crucial. “For example, if I’m taking my laptop outside the company for business travel or personal travel, I should have restricted access or have access through a VPN tunnel,” says Ananthakrishnan Vaidyanathan, product manager, ManageEngine, which has customers ranging from small and medium-sized businesses up to large enterprises. Vaidyanathan says the confidential data should not be available on the device itself, but in the cloud, with the VPN tunnel meaning that access to it is restricted by a password. “If I’m travelling and I want some

www.tahawultech.com

financial information, then I should log in and get the information when it’s required. If, for my business travel, it’s not required, I should not have access to the data,” he says. There are solutions available in the market that can enable data to be erased remotely from devices when necessary. “If the device is lost, they can erase the data from the laptop or mobile [so that only] genuine employees [have] access to the corporate data,” he says. “In terms of mobile devices, ManageEngine has a management application that runs on the enterprise network that has access to the devices managed by them. The device will contact the central server, which will perform the remote wipe. “If it’s been reported as being lost, the first thing the administrator can do is to lock the device. When we have the capability, if it’s misplaced we will try to play a remote song, so

the user can locate it, or display a message: ‘This device is lost and can you contact the owner.’ As a final call, we can remove or wipe the device. “The device can be wiped immediately on being reported as lost,” says Vaidyanathan. Just as travel with devices containing company data creates complications, so does the ‘bring your own device’ (BYOD) phenomenon, in which an employee uses their own mobile phone, laptop or other device for work and non-work activities. When an employee leaves a company, ManageEngine is able to carry out what is known as a corporate wipe or enterprise wipe. Such enterprise wipes are normally undertaken by mobile device management (MDM) products, which are able to remove only applications, data and setting that they installed, leaving everything associated with the device owner’s personal use untouched.

FEBRUARY 2020

INTERVIEW

IN FULL VIEW G AT THE SIDELINES OF THIS YEAR’S INTERSEC, SECURITY ADVISOR ME CAUGHT UP WITH HIKVISION MENA TECHNICAL DIRECTOR ROBERT WANG TO DISCUSS THE FIRM’S LATEST AI-POWERED INNOVATIONS AND THE TRENDS THAT WILL FUEL CUSTOMER DEMANDS IN THE SURVEILLANCE SPACE THIS YEAR.

FEBRUARY 2020

ive us a brief overview of some of the highlights at your company in 2019. In 2019, we have launched a number of new products and solutions here in the region. Among the primary products that we have unveiled last year is the 32MP PanoVu Ultra-High Resolution Panoramic Camera. This product takes four video images that are stitched together by the camera itself, which intelligently outputs a single, seamless panoramic image. We have also rolled out the ColorVu and AcuSense series. Hikvision’s ColorVu lenses and sensors work together to produce brighter images. The camera’s advanced lenses and high-sensitivity sensors capture

www.tahawultech.com

“THE INTERCONNECTIVITY BETWEEN MULTIPLE DEVICES WILL HAVE A BIG IMPACT ON THE INDUSTRY AND WILL PUSH SECURITY PLAYERS LIKE US TO ADAPT AND EVOLVE OUR INNOVATIONS.” details in low lighting, poor lighting, zero-light scenarios, and nighttime environments. Meanwhile, the AcuSense series is designed to help retail stores monitor key locations such as the cashier area, staff-only areas, and the stock room. Retail owners and managers can view video footage on their mobile device or laptop from remote locations using Hikvision’s iVMS-4200 application. Moreover, one of our biggest achievements last year was receiving certifications from Dubai Police’s Security Industry Regulatory Agency (SIRA) for our Automatic Number Plate Recognition (ANPR) cameras as well as our range of video management software. What was the primary highlight of your participation at this year’s Intersec? At this year’s Intersec, we touted our ColorVu and AcuSense series. In addition, we also featured our multiintelligence technology, which supports allows multiple algorithms running simultaneously on one camera. These cameras can run several deeplearning algorithms in parallel for a host of complex scenarios. In addition, these cameras visualise and analyse structured data of various targets such as faces, bodies, and vehicles simultaneously.

www.tahawultech.com

We also showcased our new thermal cameras, which have been is designed for perimeter protection and fire prevention, which are best suited for residential areas, office buildings and factories. Finally, we demonstrated our range of AI-powered solutions including our NVRs and a video management system (VMS) as well as our Intelligent Traffic System (ITS), which recognises vehicle license plates to streamline road traffic management. Where do you see the surveillance industry heading this year? We can expect to see increased investments in artificial intelligence technologies. In the smart surveillance segment, AI is already transforming the way organisations like Hikvision develop solutions. CCTV has long been known for its uses during and after an event. However, with AI there is an opportunity for authorities and various organisations to get insights pre-event allowing them to predict situations and prevent security risks from escalating. Today, there are hundreds of thousands of cameras installed across various cities across the globe. But, currently, there aren’t enough skilled people to monitor and manage the data from these cameras. This makes analysing video data and responding to potential threats a big challenge.

AI plays a key role in addressing this issue. It can help streamline surveillance monitoring as AI-powered systems can perform video analysis and provide alerts with minimal human intervention. Deep learning is also another capability that we are strongly focusing on. We have been integrating our latest solutions with deep learning features as this provides our products with continuous self-learning capabilities. This enables our solutions to capture and analyse large amounts of highquality data and make predictions, which makes the data valuable even before an incident. Which technologies do you think will reshape the Middle East technology industry? AI and machine learning technologies are poised to transform the overall IT landscape. Another important trend is the Internet of Things. The interconnectivity between multiple devices will have a big impact on the industry and will push security players like us to adapt and evolve our innovations. What can we expect from Hikvision in 2020? We are seeing that the security needs of organisations in the region are increasing day-by-day. To address this demand, we aim to invest more in R&D to ensure that our products and services are not only cutting-edge but are also leading in the market. We will continue to harness the power of AI and integrate its game-changing features across all our product offerings.

FEBRUARY 2020

FEATURE

BEYOND THE BREACH SECURITY BREACHES ARE INCREASINGLY BECOMING COMMON AND, CONSEQUENTLY, MORE COSTLY. HOWEVER, MORE THAN FINANCIAL LOSS, A CYBER INCIDENT CAN ALSO CAUSE A PLETHORA OF OTHER NEGATIVE IMPACTS TO A BUSINESS. SECURITY CORRESPONDENT DANIEL BARDSLEY REPORTS.

FEBRUARY 2020

www.tahawultech.com

s of late January, the foreign exchange company Travelex was still partly offline as a result of a malware attack that forced staff to carry out transactions by paper instead of electronically. Travelex, which was founded in London in 1976 but is now part of the Abu Dhabiheadquartered Finablr, suffered weeks of disruption as a result of the ransomware incident, which began in December 2019. Just as the firm was getting back on its feet during January 2020 with a gradual restoration of services, the news emerged that a German car parts manufacturer, Gedia, had been brought to its knees by an attack by the same group of hackers who had attacked Travelex. The Russian-speaking hackers stole company data from Gedia and threatened to post it online unless a ransom was paid. Such were the effects of the incident on the operations of Gedia, a company that can trace its history back a century, that staff were sent home early. As well as business disruption, both Travelex and Gedia have, of course, faced a raft of damaging headlines, demonstrating that cyber-attacks can lead to reputational damage as well as short-term financial harm. The two attacks came little more than six months after the ratings agency Moody’s announced that it was downgrading the outlook of the credit

Kevin Curran, Ulster University in the United Kingdom

“THEY CAN LOSE A YEAR’S PROFITS IN A COUPLE OF DAYS. IF THEY’RE HIT BY RANSOMWARE, COMPANIES CAN BE WIPED OUT IN A VERY SHORT TIME.” www.tahawultech.com

ratings agency Equifax from stable to negative because of the massive cyber breach that that company revealed in 2017. The personal information of 147 million people was compromised in the breach. Moody’s announcement in May 2019 was particularly significant because, as a spokesperson told media in the United States, “It is the first time that cyber has been a named factor in an outlook change.” So, the recent history of Equifax and, perhaps, Travelex and Gedia too, indicates that we are now in an era where the potential consequences of cybersecurity incidents are so severe that a company’s long-term prospects can be affected. Matt Walmsley, the Europe, Middle East and Africa (EMEA) director for the cybersecurity company Vectra, says that there are multiple ways in which cyber incidents can impact on major companies. Aside from the immediate financial loss if operations are hit, he cites reputational damage and the risk – because data has not been safeguarded – of major fines, especially those linked to the European Union’s General Data Protection Regulation (GDPR). Intellectual property theft is another major risk. “What we’re seeing now, a cyber event can affect your credit score and impact your business in a number of ways,” says Walmsley. Such incidents can, he says, make companies less attractive as suppliers and can increase the cost of capital, among other effects. “I just see it as another driver [for] particularly larger organisations to consider the impact that cyber has,” adds Walmsley. Tying in with recent events, Professor Kevin Curran, a cybersecurity specialist at the Ulster University in the United Kingdom, says the largest risks at the moment come from ransomware attacks. Such attacks, he suggests, are likely to have greater consequences for a company than a simple data breach. “They can lose a year’s profits in a couple of days. If they’re hit by

FEBRUARY 2020

FEATURE

ransomware, companies can be wiped out in a very short time,” he says. Curran says the degree to which companies can plan for the worst and safeguard their data in the event of an attack varies considerably from industry to industry. For something like an airline, for example, which has devices spread across the globe, replicating the system and producing a backup is very difficult. Having measures in place to deal with a worstcase scenario is therefore much harder. “Financial organisations, insurance companies and organisations in healthcare – where customer data is an especially sensitive issue – are also among the list of those likely to be affected the most,” says Walmsley. In today’s climate, he says that enterprises are, increasingly, looking to develop incident-response capabilities so that, if they are breached, the attackers can be located and closed down. “If they’re persistent, they’ll find a way in. If someone is in, how quickly can you find them and close them down?” he says. “The type of attack that impacted Equifax played out over many, many days. There’s a window of time where, if you can successfully find them and respond to them, you can close down any intrusion and notify it.” For credit ratings agencies, says Walmsley, the way in which an organisation is able to respond to an incident is taken account of when assessing that organisation’s overall risk profile. Companies can be particularly vulnerable to attacks at times of mergers

Matt Walmsley, Vectra

“FINANCIAL ORGANISATIONS, INSURANCE COMPANIES AND ORGANISATIONS IN HEALTHCARE – WHERE CUSTOMER DATA IS AN ESPECIALLY SENSITIVE ISSUE – ARE ALSO AMONG THE LIST OF THOSE LIKELY TO BE AFFECTED THE MOST.” and acquisitions, according to Ryan Trost, the co-founder and chief technology officer of the cybersecurity company ThreatQuotient. Trost experienced this himself earlier in his career at a time when he was working for a firm that was making an acquisition in the healthcare sector. The healthcare company that was being acquired – and even its own subsidiaries – became the focus of greater interest for attackers, whose ultimate aim was to attack the company that was making the acquisition (this was the company that Trost was working for at the time). “It was fascinating to see these nation states, very sophisticated, very competent attackers were organised enough to pivot the mission,” he says. “It shows the discipline of the adversary we were facing – that they were patient enough to say even if it takes several months, we still want a foothold into the larger organisation, as long as we can get entrenched into the smaller organisation and connect. “Ultimately this was a technical acquisition, so we escalated that up to the executive staff. We helped that

Ryan Trost, ThreatQuotient

“TYPICALLY, THE SMALLER COMPANY DOESN’T HAVE THE RESOURCES OF A LARGER COMPANY SO THEY’RE GOING TO BE AN EASIER COMPANY TO INFILTRATE, SO THIS HAPPENS ACROSS THE BOARD.” 30

FEBRUARY 2020

organisation to solidify their vulnerabilities and weaknesses. The merger went through, and the rest is history.” In other circumstances, where an acquisition is less focused on securing access to technology and is, instead, “more of a numbers game”, with the company that is being acquired expected to have a positive financial impact early on, then a merger is more likely to be affected by a cybersecurity incident. Such an incident would, he says, become “a key negotiating piece”. The effect that cybersecurity incidents can have on negotiations is vividly illustrated by acquisition of Yahoo! by Verizon, when hundreds of millions of dollars were knocked off the price paid for Yahoo! when data breaches came to light. Trost says that it often happens that when a letter of intent to purchase another company is released – something that must happen in some jurisdiction – fraudsters will begin to attack the company that is the takeover target. This takeover target company will, of course, usually be smaller than the company that is trying to make the acquisition. “Typically, the smaller company doesn’t have the resources of a larger company so they’re going to be an easier company to infiltrate, so this happens across the board,” says Trost. “Once the letter of intent hits public visibility, both companies have to be prepared. Typically, none of that is vetted by the security team. We don’t get more of a heads-up than anybody else. It forces everybody to move a little bit faster than they typically would.”

www.tahawultech.com

FEATURE

COMPROMISED SLOTS SMARTPHONES HAVE BECOME AN INTEGRAL PART OF OUR LIVES TRANSFORMING THE WAY WE COMMUNICATE, WORK AND PLAY. HOWEVER, IT ALSO PROVIDED CYBERCRIMINALS WITH MULTIPLE OPPORTUNITIES TO ACCESS OUR MOST SENSITIVE DATA. IN THE RECENT PAST, A NEW KIND OF THREAT THAT TARGETS MOBILE DEVICES BY HIJACKING THEIR SIM CARDS ROSE TO NOTORIETY. SECURITY CORRESPONDENT DANIEL BARDSLEY REPORTS.

www.tahawultech.com

redictions indicate that worldwide smartphone sales will increase in 2020 after three consecutive years of contraction. With the roll-out of 5G helping to drive increases, the International Data Corporation expects a 1.5 percent increase on 2019, with global shipments expected to reach 1.54 billion units in 2023.

FEBRUARY 2020

FEATURE

That works out at about one smartphone sold for every five people on the planet in a single year, which is indication enough – were it needed – of the ubiquity of mobile technology. Indeed, any quick walk down the pavement is likely to involve passing people whose eyes are fixed on their devices instead of what is in front of them, vividly demonstrating that many of us partly live life through our phones. Whether it’s sending emails, surfing the net, playing games or finding out what our friends have posted on Facebook, the mobile is an essential part of everyday life. However, this brings with it risks. Mobile phones are, increasingly, used to confirm our identity and, through twofactor authentication (which often involves the sending of text messages containing passcodes to our device), they allow us to access bank accounts and other sensitive accounts, such as those for cryptocurrencies or tax payments. So just imagine the problems when a mobile number is hijacked by fraudsters. In SIM swapping attacks, fraudsters take over a mobile phone number so that an organisation that sends a passcode out for verification sends it not to the correct phone but to the fraudster’s phone. This, in turn, could mean that the fraudster is able to access an online account belonging to the original user, a serious breach that could have significant financial implications. Unfortunately, SIM swapping attacks are becoming increasingly common. Indeed, one recent report described them as “one of the fastest-growing cyber threats”. A group of researchers at Princeton University in the United States have recently undertaken a study looking at just how easy these attacks are to carry out. Their paper on the subject, entitled “An Empirical Study of Wireless Carrier Authentication for SIM Swaps,” was released at the beginning of 2020. The paper’s first author, Kevin Lee,

FEBRUARY 2020

HOW DO SIM SWAP ATTACKS WORK? As the Princeton University researchers detail in their paper, mobile phones are now increasingly being used by online services for personal identity verification. By SMS or a telephone call a user will be sent a single-use passcode, such as a six-digit number, and will be required to enter this code in order to gain access to an online service that they use. As the researchers note, such passcodes are often one factor used in multifactor authentication. “To hijack accounts that are protected by phone-based passcode authentication, attackers attempt to intercept these passcodes,” the researchers write in their paper. While there are other ways of getting hold of passcodes, the researchers say that SIM swap attacks are the most widely reported. SIM swaps make use of the fact that sometimes people need to carry out a SIM swap quite legitimately, such as if they purchase a new phone that will not accept their old SIM card, or if there is a fault with their original SIM card.

a postgraduate student in Princeton University’s Centre for Information Technology Policy, says that he and his colleagues carried out the work because they “had seen SIM swapping to be a huge problem throughout 2018”. “There were stories popping up left and right about people having their accounts hijacked and their funds drained from SIM

Customers then have to go through a process with their carrier to get their number transferred from their old SIM to their new SIM. As the researchers detail, customers will typically have to telephone their carrier and answer a number of security questions. What is concerning is that attackers can find ways to get the details needed to answer some of these questions – and this may be enough to achieve a SIM swap. For example, one verification question might involve asking the caller when a payment was last made on the account. “An attacker could purchase a refill card at a retail store, submit a refill on the victim’s account, then request a SIM swap using the known refill as authentication,” the researchers write. Other authenticating information could include details of the last outgoing call from the mobile number. If an attacker knows a person’s name and mobile number, they can call that number and hang up before the call is answered. If the user then calls them back, this call can be used by an attacker as authentication with the carrier.

swaps. Most of these SIM swap stories had blamed it on the carriers, but none of them went further than that,” he says. The researchers decided to look at the security policies of five mobile phone companies in the United States in order to determine how difficult it is to pull off a SIM swap attack. They also wanted to come up with recommendations for

www.tahawultech.com

Meanwhile, websites are advised to, for example, use threat modelling to identify vulnerabilities and to discourage or eliminate multi-factor authentication based on SMS. Lee has advice for consumers too, including that they check their two-factor authentication and account recovery settings on their account and use the most secure options offered. “It’s important to realise that twofactor authentication is meant to be an extra layer of security for your account; enabling two-factor authentication only

Kevin Lee, Princeton University

“ENABLING TWO-FACTOR AUTHENTICATION ONLY ADDS TO THE USERNAME AND PASSWORD REQUIREMENTS, POTENTIALLY MAKING IT TOUGHER FOR ATTACKERS TO HIJACK.”

carriers as to how they might improve their customer authentication processes over the telephone. The answer was that it was, indeed, possible to carry out SIM swap attacks using pieces of information that This is because the researchers found fraudsters might reasonably expect to be that, when looking at 140 websites that able to get hold of, such as details of when offered phone-based authentication, just a payment was last made on the mobile a SIM swap was sufficient to compromise account, or what are the physical or email 17 of them. addresses associated with the SIM. The researchers have come up with Often it proved possible to get around a string of recommendations for mobile authentication methods even if some of carriers, including discontinuing insecure the security questions could not be methods of authentication, answered. implementing additional And, even more secure methods of concerning, it authentication seems that once and providing attackers can the option of successfully heightened deploys a SIM security swap, they measures. are likely to Among be able to SMARTPHONE UNITS ARE EXPECTED TO BE SHIPPED GLOBALLY IN the other gain control of 2023 suggestions is at least some improved training online accounts SOURCE: IDC for customer service belonging to the representatives. user.

1.54 BILLION

www.tahawultech.com

adds to the username and password requirements, potentially making it tougher for attackers to hijack,” he says. As a result, he suggests that people who use SMS-based two-factor authentication should not turn it off if they do not have access to more security options. For all its faults it is, he says, “still better than nothing”. “People should still use two-factor authentication, but should understand the pros and cons of their two-factor authentication configuration as well,” says Lee. *The other authors of the paper are Ben Kaiser, a postgraduate student in the Centre for Information Technology Policy at Princeton University, Dr Jonathan Mayer, an assistant professor in the university’s Department of Computer Science, and Dr Arvind Narayanan, an associate professor in the same department.

FEBRUARY 2020

REVIEW

ANKER: EUFYCAM WITH PLENTY OF GREAT HOME SECURITY CAMERAS TO CHOOSE FROM, IT CAN BE DAUNTING TO SIFT THROUGH THE DIFFERENT PRODUCTS OUT THERE TO FIND A GOOD MATCH. DEPUTY EDITOR SHARON SALDANHA TOOK ANKER’S EUFYCAM FOR A SPIN AND EXPLORES ITS NOTABLE FEATURES THAT GO WELL IN THE DIY SPACE.

ireless security cameras do not only make homes smarter, but they are also a great way to keep an eye on your house and spot potential problems. Whether you’re concerned about home intruders or just need to spy on your dog, the Anker eufyCam can stream a live video feed straight to your smartphone. Anker is among the latest entrants in the smart home security market. The company, which is based in China, was founded by former Google software engineer Steven Yang. Anker initially started with a focus on producing laptop batteries and smartphone battery chargers in 2011. Since then, it has expanded to offer speakers and a variety of smart home products under the Anker and eufy brand names. The company launched the Anker eufyCam 1080p Wireless Home Security Camera System, which includes two cameras and mounting sets, a featurepacked app, and promises a long battery run-time.

FEBRUARY 2020

www.tahawultech.com

“THE WIRELESS CAPABILITY HERE WAS REALLY HANDY, AS IT MEANT I DIDN’T HAVE TO BUY LONG EXTENSION CORDS AND THREAD THEM AROUND THE HOUSE.”

It took about an hour for the whole setup process, which wasn’t long considering I was setting up a complete home security system. I connected the Eufy Security home base to my Wi-Fi, then installed the eufy Security app. The app is super easy to use and quick to load. With the help of the app, I found a mounting location with sufficient signal strength. I chose to install one camera inside my house and the other outside. Once a good mounting location was identified, I drilled holes for the mounting

www.tahawultech.com

hardware and secured it with the included screws. The wireless capability here was really handy, as it meant I didn’t have to buy long extension cords and thread them around the house. I then installed the entry sensor out on my front door, which only took about five minutes. What makes the security camera system stand out? Anker claims that the eufyCam is the world’s first wire-free security camera with 365-day battery life and AI technology. The camera will run wirelessly for a full year on its built-in battery. The 1080p video quality is excellent too. Rather than people appearing as blurry blobs, I can easily make out the facial

expressions on people. Even when the camera was relying on night vision, the images were clear. I’m also thoroughly impressed by the facial recognition capabilities. When the camera records a video clip, the app displays images of any faces that were in the video so you can quickly see if there is a reason to watch it. I can also store the faces in the app and get an alert when the camera detects a face it doesn’t recognise, like a new delivery guy or maintenance man. The built-in microphone and speaker provide you with direct communication— via your smartphone—to the door. Whether you’re at home or out, speak directly to whoever walks up to your home. Overall, Anker has done a good job delivering an attractive, simple-to-operate smart security system. The EufyCam works well enough and has enough of the right features to earn a spot on your security camera shopping list.

FEBRUARY 2020

INTERVIEW

INCORPORATING FLEXIBILITY

hat products and solutions did HID Global showcase at Intersec this year? HID Global unveiled its new end-to-end technology developments at this year’s Intersec to help companies in the Middle East tackle the increasing complexity of modern identity environments. We also showcased our two key products targeting specific markets. The first one is the Biometric reader, which comes with new features and operates with five different technologies of cards allowing all existing customers to easily switch from old to new technologies. The second one is our new Origo platform, which combines HID’s technologies for mobile IDs (and location services in the future) with its expansive access control architecture to bring together physical security and a wide range of building applications,

WISAM YAGHMOUR, REGIONAL SALES DIRECTOR, PHYSICAL ACCESS CONTROL, HID GLOBAL, SAYS THAT THE COMPANY’S ECOFRIENDLY SOLUTIONS HELP CUSTOMERS SEAMLESSLY UPGRADE FROM OLD TO NEW TECHNOLOGY IN DIFFERENT PHASES. services and IoT use cases via a unified cloud experience. How have the perimeter and physical security space evolved over the past year? We’ve seen a major change in the last couple of years. Customers are now more advanced, more linked to smartphones, mobiles, applications and cloud. They are looking for easy and simple solutions. Digital transformation, Internet of Things (IoT) and cloud-based solutions are key trends driving investment in secure access solutions. Current market analysis predict an annual growth of eight percent for access control in Middle East in the upcoming years and HID Global is well positioned to meet this growth with a robust portfolio of solutions designed to cater to the complexities of cloud and IoT environments.

“CUSTOMERS ARE NOW MORE ADVANCED, MORE LINKED TO SMARTPHONES, MOBILES, APPLICATIONS AND CLOUD. THEY ARE LOOKING FOR EASY AND SIMPLE SOLUTIONS.” 36

FEBRUARY 2020

How are you helping organisations in the Middle East address the growing complexity in modern identity environments? We provide organisations with a connected environment that incorporates identity management and physical access control solutions to provide end-users with a highly secure and comfortable experience allowing them to use a smartphone, tablet or wearable to enter controlled areas or networks. HID’s eco-friendly solutions help customers seamlessly upgrade from old to new technology in different phases. We provide multiple applications for our customers, making it very easy for them to migrate from the X to Y platform. What trends should organisations look out for in 2020? In my opinion, the first trend is finding a new approach on how space and location infrastructure can be accommodated and compromised, particularly for large organisations with enormous facilities to understand the cost and effects. Biometric technology is another major trend that we look forward to and we are seeing a huge future at HID Global for the next two years.

www.tahawultech.com

INSIGHT

ALL HANDSON DECK

ALEXANDER MOISEEV, CHIEF BUSINESS OFFICER, KASPERSKY, DISCUSSES HOW OUTSOURCING CAN SOLVE PROBLEMS WITH CYBERSECURITY BUDGET, CONTROL AND EXPERTISE.

utsourcing is a global trend and cybersecurity is no exception. According to Gartner, the managed security service market grew by 6.7 percent in 2018, reaching $10.7 billion in revenue and is expected to grow further. Both service providers and vendors contribute to this market by offering their customers expertise, intelligence or solutions as a service. We also work in this way at Kaspersky. The development of our services has already been one of the company’s strategic priorities for several years. Just recently we announced new services that deliver intelligence about vulnerabilities and threats to businesses. In my everyday life, and I bet the same is similar for many people nowadays, using different services is on a par

www.tahawultech.com

with eating breakfast – it is something we simply take for granted. Taxi, food delivery, housekeeping, buying gifts, organising sport training sessions or trip planning — all of this can be outsourced. Advantages of outsourcing can also cover many business needs. But holistically, they are all implemented to overcome three major challenges — lack of internal expertise, poor budget planning and control. Outsource to afford more Many services can provide us with more than we could otherwise afford. For example, to eat different meals with a variety of ingredients every day, a person needs to spend a lot of money and time buying exclusive products or going to expensive restaurants. Instead, there are food delivery services available

that provide new dishes each day in accordance with the customers’ tastes and for a better price. With car sharing, anyone can drive an executive class of car, even if he or she cannot afford to buy their own. IT services work the same way for businesses. Suppose a company needs to expand its data center. This company will have to buy servers, find more space in the data center and spend time on deployment. Alternatively, it can purchase workloads in the public cloud and save money it would have otherwise wasted with on-premise infrastructure. Another example is a security operation centre for advanced cyber-protection. Building an internal SOC demands investment in personnel, processes, detection and response technologies. Alternatively, managed service providers and vendors

FEBRUARY 2020

INSIGHT

offer SOC as a service with a dedicated team of experts, protection solutions and threat intelligence.

“ADVANTAGES OF OUTSOURCING CAN ALSO COVER MANY BUSINESS NEEDS. BUT HOLISTICALLY, THEY ARE ALL IMPLEMENTED TO OVERCOME THREE MAJOR CHALLENGES — LACK OF INTERNAL EXPERTISE, POOR BUDGET PLANNING AND CONTROL.”

Outsource to get expertise One of the problem areas for companies is the lack of internal expertise. One in three CISOs (70 percent), for example, say that it is difficult for the company to find experienced cybersecurity professionals. In our everyday lives, we often approach dedicated experts when we don’t know how to do things — from fixing something at home to solving personal legal and financial issues. This approach should work the same way in business. Mid-level employees, who bear the brunt of cybersecurity tasks, are in fact a key element in IT security decisionmaintain a high level to keep clients. making. It is they who assess protection Enterprise-level companies already demands and recommend what solution take this proven path; at least half of is needed. To do this properly, there the CISOs (55 percent) we interviewed should be several experts, just like there confirmed that they solve the personnel would be in a medical council, to work problem with the help of outsourcing. together to find the best solution. For SMBs, this should work even better, Now, imagine that the company because they are often even more limited does not have enough employees and in human resources for IT security. they are overloaded. Or they do not have enough skills in some areas, like Outsource to keep budgets under control cloud computing or IoT security, to Another big benefit of cybersecurity work effectively. Outsourcing can be a outsourcing is facilitating necessary, way out. Service providers accumulate but very important, resource planning. cybersecurity expertise and are focused This can work for companies that, for on the quality of services, because their example, struggle to define exact revenue depends on their customer costs because they have not satisfaction rating. The service yet developed a budget market has become very planning process for IT competitive. According and IT security. to Ami Partners’ By purchasing evaluation, the cyber-protection number of MSPs for endpoints is expected to CISOS SAY THAT IT IS DIFFICULT as a service, almost double FOR THE COMPANY TO FIND an IT security – from 48,000 in EXPERIENCED CYBERSECURITY PROFESSIONALS administrator 2016 to 74,000 in knows exactly what 2021. This means they will receive, how providers’ knowledge much it costs and how and reputation needs to

1 IN 3

FEBRUARY 2020

long the service deployment will take. This is the key advantage of outsourcing – transparency and clarity, predictable results and a predetermined cost. Another outsourcing scenario is when an organisation needs to cut its IT security budget. A company needs to maintain its current level of protection, so the budget should be split wisely. Managers should clearly understand how much they spent and what they receive for the price they are paying. Are businesses ready for these opportunities? I’ve got an interesting insight that today, despite the benefits described above, cybersecurity outsourcing in some cases is considered by companies as an option during difficult times, for example, when budgets are limited. On the contrary, companies with growing IT investments strive to increase internal expertise and solve security problems internally. Perhaps they still feel uncertainty towards service providers, or they think that internal resources are easier to control. At the same time, within our channel, we already observe that the managed service market is moving towards the development of narrowly targeted services. Providers are honing their expertise and the level of provided services. If companies develop such narrow expertise internally, it will most likely be unprofitable. Therefore, we will probably soon see the opposite situation occurring, where the more a company invests in cybersecurity, the higher the specialised and effective services it consumes from the outside.