EVENT
RETHINKING CYBERSECURITY IN THE DIGITAL AGE THE CYBER STRATEGISTS 2021 SUMMIT ORGANISED BY CXO INSIGHT ME BROUGHT TOGETHER INDUSTRY PRACTITIONERS AND SECURITY EXPERTS IN THE REGION TO EXPLORE NEW WAYS TO BUILD CYBER RESILIENCE AND DISCUSS INNOVATIVE SOLUTIONS.
T
he event was kicked off by Shahab Siddiqui, global head of cybersecurity at Petrofac, with an insightful presentation about the impact of digital transformation on cybersecurity. “The perimeter is disappearing fast as a result of the accelerated adoption of the cloud and virtualisation technologies. This poses a unique challenge to cybersecurity teams because the attack surface has increased. Due to remote work, many organisations had to open up their legacy systems and applications, which were not designed with security in mind. They also fast-tracked digital transformation initiatives without considering cybersecurity. Your users, data, and systems are everywhere now, compounding visibility problems,” he said. He pointed out cybersecurity teams are not involved in the initial phase of digital transformation. Businesses must set up a formal steering committee for DX and make sure that the cybersecurity team is involved right from the beginning. “And we can’t talk about digital transformation without discussing cloud security. Many people assume that cloud vendor is responsible for security. It is a fallacy – cloud security has to be shared responsibly. You can’t afford to think that if it is a SaaS product, security is a given. Configuration issues can happen anywhere, even in the cloud. You can leverage technologies such as DLP, CASB, and DRM to protect your enterprise,” he added. Jude Pereira, managing director of Nanjgel Solutions, addressed the cybersecurity challenges of remote work in his presentation titled digital workspace in a 32
CXO INSIGHT ME
APRIL 2021
covid continuum. “Responding to covid-19 has essentially forced organisations to accelerate the evolution of the work environment by five to ten years. Fiftyseven percent of the business plan to work remotely, even after normalcy returns. However, the hasty implementation of remote work has resulted in a significant rise in cyberattacks worldwide. The biggest challenge facing CISOs is the need for cyber transformation to facilitate remote work with limited budgets. Organisations need a digital workspace solution that provides virtual apps and desktops, zero trust-based access, data protection for BYOD, and strong authentication,” he said. A presentation from Bhawani Singh, principal solutions architect at Checkmarx, followed this on increasing software vulnerabilities and how to manage risks with DevSecOps. “The increased speed and app complexity are resulting in security gaps. Besides, the developer community is getting bigger by the day, and 70 percent of developers are not trained to write secure code. By taking the DevSecOps approach, you can be confident that your apps are as secure as possible. You have to make security part of the
development workflow by integrating as much as possible into the developer environment,” he said. The event also featured a panel discussion with industry experts on the need to rethink cybersecurity for the digital world. Taking part in the discussion, Nicolai Solling, CTO of Help AG, said many organisations have now realised security is a day zero problem for digital transformation. “More and more enterprises are depending on digital systems to do business, and security has to be on the first page of the lexicon around DX,” he said. Giving the audience an end-user’s perspective, Prince Rana, manager of information security and governance at Al Fardan Group, said digital transformation is no longer a choice but a business mandate. “Last year, we have seen cyber criminals exploiting all the pandemic-related digital transformation initiatives. However, governments in the region have come out with strong regulations, especially around consumer data protection to mitigate those risks.” Mohieddin Kharnoub, chief revenue officer of Spire Solutions, spoke about the need for a risk management framework and risk quantification before embarking on the digital transformation journey. Echoing a similar opinion, Shabbir Zakavi, director of cybersecurity and managed services at Visiontech, stressed the need for risk management and said internal threats now account for 80 percent of cyberattacks. Aliasgar Bohari, IT director of Zulekha Hospital, gave the audience a clear overview of the cyber challenges facing the healthcare industry in the region. “We deal with sensitive data, and security has been a top priority for us even before the pandemic. You can’t ever be 100 secure even if you invest in all the latest security technologies. Security has to become a business enabler, not a hindrance,” he said. Cyber strategists summit was sponsored by Checkmarx, Spire Solutions, Help AG, Nanjgel Solutions, and Visiontech (Signature partners); Event partners: Micro Focus, Solarwinds, Teksalah, and Redington.
