I S S U E 0 1 | S EP T EM B ER 2 0 1 9
M I D D LE E A S T
A SPECIAL SUPPLEMENT WITH
Reimagining Security HOW TO ENABLE DIGITAL TRANSFORMATION WITH A STRONG SECURITY CULTURE
EDITOR’S NOTE
CYBERSECURITY MUST BE TOP OF MIND C
ybersecurity dominates headlines these days and it’s hard to ignore how nefarious actors are getting more sophisticated with their methods. The global average cost of a data breach is $3.92 million and this figure is much higher in the Middle East. The time to detect incidents is also much longer in our region. Indeed, spending on cybersecurity has been on an upward spiral here but organisations in the Middle East still have a lot of ground to cover when it comes to improving their risk management and security postures. According to Gartner, Middle East and North Africa (MENA) spending on enterprise information security technology and services is on pace to reach US$1.9 billion in 2019. Cloud and data security will account for a lion’s share of this spending as organisations try to catch up with the rising trend of digital transformation. In this booklet, we have some of the leading security vendors weighing down on the latest trends in cybersecurity and what you need to know about today’s dynamic threat landscape. We hope this serves as a ready reckoner for CISOs looking to lead with security innovation in the digital age.
TOC VMWARE
SECURONIX
04
11CHARTING TRANSFORMATION
INTELLIGENT PROTECTION
FORTINET
RAQMIYAT
06
CYBER 12BUILDING RESILIENCE
SOPHOS
BITDEFENDER
POWERING DIGITAL TRANSFORMATION
08
13DESIGNED TO PROTECT
SENTINELONE
BLUELIV
SECURITY MADE SIMPLE
10
14PROACTIVE SECURITY
DETECT AND PROTECT
08
13
06 SEPTEMBER 2019
SECURITY INSIGHT ME
3
VMWARE
INTELLIGENT PROTECTION Rasheed Al-Omari, Principal Business Solutions Strategist – SEMEA, VMware, on how his company ensures enterprise security is intrinsic to your infrastructure. malware and of course, phishing. The best approach for any organisation is to adopt intrinsic security and start to embed security into the DNA of their network, whether on-premises or in the cloud. This is the approach that VMware is taking and offering to our customers. Is security a boardroom level discussion now? I’m glad to say that attitudes are changing and boards are moving in the right direction. Boardroom conversations about security are more common than they were just a year or two ago, as the C-suite increasingly comes to recognise that security impacts all areas of business. Furthermore, truly robust security opens new business opportunities and should be viewed as an investment that quickly pays for itself.
H
ow do you see the threat landscape evolving in the region? The threat landscape is evolving rapidly in line with the ongoing trend of digital transformation among organisations, companies and governments. The security requirements of organisations are changing as they rapidly migrate services, applications and storage to the cloud and wrestle with new demands from employees and customers: demands such as BYOD and the ability to access services anywhere, at anytime on any device. Moreover, as IoT services ignite across a range of sectors and areas of life, so cybersecurity must adapt to cover devices on the edge of the network. Amid these challenges, which stretch the resources of IT teams thin, we see an increase in a variety of cyberthreats including Denial-of-service, Man-in-theMiddle attacks, SQL Injection attacks,
4
SECURITY INSIGHT ME
SEPTEMBER 2019
VMware provides security solutions to protect all aspects of your IT infrastructure and systems. To take a macro view, we aim to deliver intrinsic security for your organisation’s networks and workloads by building it into your infrastructure with VMware solutions.
What are your tips for CISOs looking to bolster the security posture of their organisations? What I would like to say to CISOs is move beyond the established model of detection and response. In the new landscape we need to build security deep into all layers of the network. Your systems should be able to detect when something is not quite right, just like the human body lets you know when you have an infection. Also, CISO’s should embrace AI and machine learning tools to stay a step ahead of threat actors. What kind of security expertise do you offer? VMware provides security solutions to protect all aspects of your IT infrastructure and systems. To take a macro view, we aim to deliver intrinsic security for your organisation’s networks and workloads by building it into your infrastructure with VMware solutions. In this way, we provide adaptive protection for your organisation’s apps, regardless of their location or movement. We also secure your data centres, clouds, and endpoints, providing your users the flexibility and freedom to work as they wish. Do you think AI and machine learning will drive the future of cybersecurity? AI and machine learning are already becoming pivotal to cybersecurity. The whole purpose of AI is that it is designed to learn and adapt constantly. It can, therefore, do a better job of detection and response than traditional cybersecurity approaches which require updates at intervals. The role of AI in cybersecurity will continue to grow at a rapid pace.
FORTINET
POWERING DIGITAL TRANSFORMATION Alain Penel, regional vice president – Middle East, Fortinet, on why a fabric-based approach to security matters in today’s digital age.
H
ow do you see the threat landscape evolving in the region? Research from our Fortinet’s FortiGuard Labs reveals that cybercriminals continue to look for new attack opportunities throughout the digital attack surface and are leveraging evasion as well as anti-analysis techniques as they become more sophisticated in their attempts. Regardless of the vector, ransomware continues to pose a serious threat for organisations going forward, serving as a reminder of the importance of prioritising patching and infosecurity awareness education. Cybercriminals are searching for new opportunities to commandeer control devices in homes and businesses. Sometimes these types of devices are not as prioritized as others or are outside the scope of traditional IT management. The security of smart residential and small business systems deserves elevated attention especially since access could have serious safety ramifications. This is especially relevant for remote work environments where secure access is important. Is security a boardroom level discussion now? Over the years, we’ve seen that cyber security has become a key investment for organisations, with more and more C-level executives considering it as part of their broader IT strategy. As organisations now embrace digital transformation and turn to technologies like the cloud, cyber security is no longer just an IT investment but a strategic business decision. In today’s digital economy, I expect the trend we’ve seen at the board level to accelerate with security being treated as a top priority within an organisations’ broader risk management strategy. By doing so, companies will be in a better position to succeed in their digital transformation efforts.
6
SECURITY INSIGHT ME
SEPTEMBER 2019
audits of devices before onboarding and ensure that intent-based segmentation is in place to shrink the potential attack surface. Digital transformation and the accelerated pace of innovation, complexity and threats means that security must operate at the new speed of business or become irrelevant. CISOs must be masters of technology, risk management, and business enablement. To achieve this, CISOs need a broad, integrated security architecture that enables the automation of deep visibility and control at speed and scale.
What are your tips for CISOs to looking to bolster the security posture of their organisations? CISOs need to access near and longterm business objectives and strategies, resources required to accomplish those objectives, what the impact on the network will be? They need to understand the risks associated with meeting these objectives is crucial. CISOs need to begin leveraging Artificial Intelligence and Machine Learning to combat new, machine-generated attacks effectively by automating their own security processes and by working with vendors that have woven AI deep into their solutions. They need to increasingly rely on advanced threat intelligence—including real-time threat-intelligence sharing across all security elements—to keep pace with the volume, velocity, and sophistication of the evolving threat landscape. CISOs also need to pay attention to their supply chain. IoT devices designed with poor security and malicious adware embedded on physical devices, mobile apps, and other delivery mechanisms are a growing threat. Organisations need to conduct thorough
What kind of security expertise do you offer? Driven by the need to move faster at a global scale while reducing costs, enterprises are experiencing digital transformation (DX). This evolution includes the adoption of new technologies that widen the attack surface, leaving network perimeters vulnerable to advanced threats, resulting in a complex security environment. The Fortinet Security Fabric segments the entire network and delivers broad, integrated, and automated protection across an organisation’s entire digital attack surface from IoT to the edge, network core and multi-clouds —to provide superior protection against sophisticated threats. To help address the cyber skills gap, Fortinet offers a worldwide Network Security Expert (NSE) program, an eight-level certification program aimed at advancing aspiring and technical professionals in their skills and knowledge of today’s modern cybersecurity landscape. We’ve extended the program to educators and students through the Fortinet Network Security Academy (FNSA), facilitating network security education across the globe to help educate, train, and prepare the next generation of cybersecurity experts.
SOPHOS
SECURITY MADE SIMPLE Harish Chib, vice president, Middle East & Africa, Sophos, on how to bolster cybersecurity and data protection.
H
ow do you see the threat landscape evolving in the region? Threat landscape today is both constant and changing on a daily basis. Cybercrime is a big business and is well-funded – and criminals don’t need to be IT experts in order to be successful. Toolkits with support services can be bought on the Dark Web, and even “hackers for hire” will launch an attack on your behalf. Ransomware as a service (RaaS) is now marketed on the Dark Web like a legitimate business tool – complete with technical support if the cybercriminal requires it. Attacks are becoming more targeted. Phishing will disguise itself as a legitimate email or even phone call in order to get into a network – people remain a weak link in the armor, although to be fair, many of these new attacks are difficult for even experts to spot right away. Is security a boardroom level discussion now? There are data security breaches every single day globally. Some of them are reported but many of them are not. These breaches however highlight the growing concern over cybersecurity, the impact of breaches, and why cybersecurity needs to be a top priority for organisations of all sizes. Increasingly complex and sophisticated threats, rise of new attacks such as ransomware and targeted phishing continues to drive a need for education, technology and strategic discussions to protect business. What are your tips for CISOs to looking to bolster the security posture of their organisations? Here are some things we’ve learned over the years, working with thousands of other organizations of every size: • First, encrypt the data! Many IT organizations have steered clear of
8
SECURITY INSIGHT ME
SEPTEMBER 2019
encryption thinking that it impacts performance or that it’s simply too complicated to effectively implement. This is no longer the case. Enterprises should be encrypting their most critical data far more often than they do • Ensure that any contractors, outsourcers or third-party partners take cybersecurity as seriously as you do. After all, it’s your data that your customers have entrusted you with, and it’s your responsibility to secure it • Take a user-centric view to your security. Too often IT departments focus on devices and fail to see the connection between a user, their data, and all the devices (including mobile devices) that they use on a daily basis • Simplify. Complexity is the enemy of security. Too often complicated tools aren’t configured correctly, aren’t communicating with other tools or aren’t even deployed at all because despite all their power they are simply too complicated for mere mortals to use effectively
• Train your users! They are often the weakest link in a cybersecurity strategy. Too often users willfully hand over their credentials and engage in risky cyber behavior that can put the company at risk Even the most well-resourced companies are still falling victim to attacks that use phishing and social engineering techniques to dupe employees. Companies need to re-think their isolated security and should think more about cybersecurity system armed with AI and deep learning that can share information and take action faster than an IT Manager, and in a predictive manner, and reduce the ‘holes’ that exist. What kind of security expertise do you offer? Sophos covers entire IT security and have succeeded at being a leading provider of both endpoint security and network security. The company is at the forefront of a pivotal moment in the evolution of cybersecurity. As a global cybersecurity leader, Sophos is constantly driving change to reshape and innovate the market. One way Sophos is doing this is by harnessing the power of artificial intelligence, through deep learning neural networks, so that its security solutions adapt more quickly to today’s fast-changing threat landscape. Secondly, at the heart of Sophos’ strategy, lies the concept of synchronized security, where all of the company’s security products actively work together to provide faster, more accurate detection, and greater levels of automation to isolate and stop threats from spreading. At Sophos, we know that the solution to complexity is not more complexity. We tackle security challenges with clarity and confidence, knowing that simple, innovative security is better security.
SENTINELONE
DETECT AND PROTECT Tamer Odeh, regional sales director of SentinelOne, talks about how his company’s AI-powered autonomous endpoint platform, which can protect against every type of attack. Is security a boardroom level discussion now? In fact, cyber security issues are increasingly discussed at board level – albeit not as often and intensively as it would be necessary. Many CEOs and board members do not realize that cyber security is not just about preventing cyber-attacks. In fact, a strategic security strategy is an important investment in a company’s growth and its competitiveness.
H
ow do you see the threat landscape evolving in the region? The biggest challenge facing companies and IT security departments today is a new generation of sophisticated malware. The modus operandi of this new generation of attacks is best defined by two key facets. The first is that they are using stealthy and more advanced techniques that disguise known malware against static-based detection means such as signatures. The second one is that attacks increasingly avoid use of the more traditional file-based delivery mechanisms that all antivirus, and even some of the newer behavioral-based solutions, focus on. We must understand, that malware today evolves on a daily basis, which means that companies need to implement security solutions that stay abreast of the change.
10
SECURITY INSIGHT ME
SEPTEMBER 2019
What are your tips for CISOs looking to bolster the security posture of their organizations? As the endpoint is still the primary – since lucrative and vulnerable – target for cyber attackers, it pays to strategically invest in endpoint security. However, it is important to focus on next generation solutions that meet the sophisticated threat landscape described above. Here, a promising approach is the merge of classical endpoint protection solutions with endpoint detection & response (EDR) technologies. This offers major advantages, as it helps security staff to understand the cause of an attack and to derive appropriate reactions. Using EDR will bolster a company´s security posture sustainably, especially when relying on active EDR solutions that work with automation. As no technology can ever guarantee a hundred percent security, I furthermore recommend every CISO to prepare an incident response plan that helps to effectively manage the aftermath of a security breach or cyberattack. Reacting quickly and thoughtfully is the key to limit major damage and reduce recovery time and costs.
What kind of security expertise do you offer? SentinelOne was founded by a group of defense and intelligence experts to develop a dramatic new approach to endpoint protection. Today we are offering the only endpoint security platform that defends every endpoint against every type of attack – at every stage in the threat lifecycle. Our major advantage is, that we rely on an intelligent agent that runs directly at the endpoint to analyze potential threats in real time using artificial intelligence. Suspicious files do not have to be isolated in a sandbox or other external systems – instead, the analysis takes place in the environment for which the malware was written: directly on the system itself. This means more speed and as a consequence a considerably increase of the detection rate. In addition, our agents also work offline and can automatically initiate the right actions to limit the damage, such as a roll-back. But we offer our customers not only an innovative technology but also an excellent support including reliable partners and a strong channel all over the world. Do you think AI and machine learning will drive the future of cybersecurity? Without any doubt, AI and machine learning are important techniques that will drive the future of cybersecurity like hardly any other technology. Artificial Intelligence plays an important role in analyzing new, unknown and stealthy malware and enables us to identify and ward off any kind of cyber threat in real time. At the same time, machine-learning capabilities ensure that our technologies are constantly self-learning and optimizing thanks to the constant flow of threat information. But of course, AI and machine learning are no panacea, but must be used wisely in order to gather the greatest benefits of these technologies.
SECURONIX
CHARTING TRANSFORMATION Sheik Abideen, regional sales director - META – Securonix, talks about how his firm is reinventing the SIEM market by transforming big data into actionable security intelligence, leveraging machine learning to power advanced threat detection, rapid investigation, and intelligent incident response.
H
ow do you see the threat landscape evolving in the region? The unfortunate part of cyber threats has been that it has always evolved. I believe this is a global phenomenon not just limited to our region. Every cyberattack that is possible anywhere else in the world is also possible in this region. Is security a boardroom level discussion now? Unlike before cybersecurity is a boardroom discussion in every medium to large organisations in the region, this is predominantly due to two reasons: Customers in the region have encountered some form of a security breach in the past; introduction of several regional compliance regulations such as NESA, ISR, and others mandate organisations to comply with security regulations, forcing top management to take cybersecurity more seriously What are your tips for CISOs to looking to bolster the security posture of their organisations? As a New Gen CISO, today, one must design Information Security controls with the believe that sooner or later, most of their applications move to the cloud. Enterprise perimter has already vanished and data is already in the open. As breaches are bound to happen, CISOs will have to implement a security system that detects emerging attaches very early. Soon, organisations will not own data centres or end-user devices, so security leaders will have ensure that they at least own the data and secure it. And my final piece of advice – AI and ML is the new norm and you need to deploy them in the fight against cyber threats.
in the cloud for cloud environments and is expected to continue on this growth path as companies look to move more and more of their datacenter components, applications, and data to cloud environments. Also, behavior analytics continues to be one the key differentiators of the Securonix platform. Securonix Threat Research (STR) Labs has also been widely recognised and quoted as a leading source of detailed security research and cybersecurity thought leadership.
What kind of security expertise do you offer? Securonix delivers a next-generation security analytics and operations management platform for the modern era of big data, Machine learning, and advanced cyber threats. Securonix Next-Gen SIEM is a modern SIEM platform that is disrupting the SIEM market with the most advanced behavior analytics capabilities on a scalable Hadoop platform. Securonix was recognised a leader in the 2018 Gartner Magic Quadrant for Security Information and Event Management. The Securonix Cloud offering includes UEBA, SIEM, and Security Data Lake (log management) solutions. Securonix Cloud is the only complete SIEM and UEBA offering
Do you think AI and machine learning will drive the future of cybersecurity? The future is already here. Humanly it is impossible to look at millions of real-time events coming from disparate systems and detect any possible cyber threats. We have also seen that all traditional security monitoring system failed to adapt to the scale, speed, and complexities. We at Securonix believe that the best way to build a better security analytics platform is to harness the power of machine learning on Hadoop. All to deliver unlimited scale, resilience, and cost-effectiveness as well as the power to predict, detect, and respond to advanced threats.
Securonix Next-Gen SIEM is a modern SIEM platform that is disrupting the SIEM market with the most advanced behavior analytics capabilities on a scalable Hadoop platform. SEPTEMBER 2019
SECURITY INSIGHT ME
11
RAQMIYAT
BUILDING CYBER RESILIENCE Abhijit Mahadik, director - Cybersecurity Solutions, UAE & KSA, Raqmiyat, on the blueprint for a strong defence against today’s security concerns.
H
ow do you see the threat landscape evolving in the region? The cyber threat landscape in the Middle East continues to evolve, it is important for the government and private sector should take adequate measures to safeguard from attacks. A host of new and evolving threats has the information security industry on high alert. Ever-more sophisticated cyberattacks involving Malware Attack, Data Breach, Identity & Access theft, Insider threat, Phishing, machine learning and artificial intelligence and more have placed the data and assets of corporations and individuals at constant risk. As per one of the leading security vendor’s Internet Security Threat Report ranks the UAE 10th in the rate of malicious emails (third in the Middle East) and ninth in the number of targeted attacks by known threat actors. Risk management of the threat landscape warns increased potential for: DisruptionOver-reliance on fragile connectivity creates the potential for premeditated internet outages capable of bringing business to its knees and heightened risk that ransomware will be used to hijack the Internet of Things. Distortion - The intentional spread of misinformation, including by bots and automated sources, causes trust in the integrity of information to be compromised. Is security a boardroom level discussion now? Cybersecurity threats are not only complex and constantly evolving they have the potential to impact significant financial and reputational damage to an organization. Boards of Directors are ultimately liable and responsible for the survival of their organizations, and in today’s interconnected world, cyber resilience is big part of that responsibility. Cybersecurity is no longer just the responsibility of IT departments, Boards must take an active role in
12
SECURITY INSIGHT ME
SEPTEMBER 2019
cybersecurity. As Boards of Directors take on the role of cybersecurity leaders within their organizations, here are some responsibilities they should consider. – The legal and regulatory implications of cyber risks as they relate to their company’s specific circumstances. Boards meeting agenda should give regular and adequate time on cybersecurity expertise, and discussions about cyber-risk management. What are your tips for CISOs to looking to bolster the security posture of their organisations? A CISO has the responsibility to manage internal and external risk management for IT and beyond. The duties of a CISO vary by company and industry. There are major areas of focus for a CISO - Governance, Security operations, Security architecture, Identity and access management, Data loss and fraud protection, Program management, Investigations and forensics, and Cyber-risk and cyber intelligence. Beyond these seven areas, CISOs are also encountering a newer realm — artificial intelligence. The reality is
that AI is actually helping cyber-attackers automate attacks. But while they are using it for harm, AI also has the ability to be a great tool for a CISO and his or her team. AI can address cybersecurity challenges by identifying threats, risk assessment and more. What kind of security expertise do you offer? The rising sophistication and frequency of cyber threats are putting organizational assets – data, apps, networks – at a much greater risk and increases the risk of compliance lapses and regulatory fines. The IT ecosystem of an organization has to be cyber-resilient in order to safeguard business assets from cyber-attacks, proactively detect security gaps and ensure a speedy recovery from hazards. At Raqmiyat, we offer comprehensive cybersecurity solutions and services that help organisations secure their assets from malicious threats and improve overall security. We offer solutions & services in the areas of Data Protection, Identity and Access Management, Infrastructure Security, Cloud Transformation & Security, Risk & Compliance and Security Intelligence. Our end-to-end cybersecurity solutions enables enterprises across many verticals, including financial institutions and government, and large private sectors to be cyber-resilient in order to safeguard business assets from cyber-attacks, data breaches, proactively detect data breaches, proactively detect security gaps and ensure a speedy recovery from hazards. Do you think AI and machine learning will drive the future of cybersecurity? Yes. AI and Machine Learning are rallying to reduce crime in both the digital world and real life. AI is described as Industrial Revolution of our time,” is progressively becoming an influential factor in our cybersecurity armory to protect, perceive and computerize incident response.
BITDEFENDER
DESIGNED TO PROTECT The increase in sophistication and surface of attacks, coupled with the billions of IoT devices joining the network, mandates that security experts deploy solutions that guarantee full network visibility for both North-South and East-West traffic. This has been the driver behind the demand for network traffic analytics (NTA) solutions in the region—with these security solutions, security analysts can now, not only detect and investigate on the endpoint level with Endpoint Protection Platform (EPP) & Endpoint Detection & Response (EDR), but they can also detect threats for all entities, managed or unmanaged, for encrypted or un-encrypted network traffic. Tarek Kuzbari, regional director – Middle East, Bitdefender, talks about strategies to quickly remediate security threats with his company’s wide portfolio of products and services.
H
ow do you see the threat landscape evolving in the region? There is no doubt that threats in the region are increasing and becoming more and more sophisticated, something that is supported by latest regional research. For example, here are some facts about the region: • 95% of GCC CIOs expect cybersecurity threats to get worse, according to latest Gartner report. • The Middle East had the highest average number of breached records at 38,800, compared to the global average of 25,575. • The Middle East had the second highest total cost of a data breach of $5.97 million after United States, compared to the global average of $3.9 Million • Organisations in the Middle East took the most time in the data breach lifecycle, at 381 days. German organizations took far less time to identify and contain a data breach at 170 days. Is security a boardroom level discussion now? Senior business executives are finally aware that cybersecurity has a significant impact on the ability to achieve business goals and protect corporate reputation. However, security organizations must change in order to respond. 6% of GCC CIOs report that their board is ultimately accountable for cybersecurity
What kind of security expertise do you offer? At Bitdefender, we are led by a vision to be the most trusted cybersecurity technology provider in the world, which means we constantly anticipate, innovate and go the extra mile to ensure our customers are protected against cyber-attacks. Bitdefender is the provider of choice, embedded in over 38% of the world’s security solutions. Our product portfolio currently includes Endpoint Protection Platforms (EPP), End Point Detection & Response (EDR), Advanced Cyber Threat Intelligence (CTI), Network Traffic Analytics (NTA), Sand Boxing, as well as Training and Knowledge Transfer Services.
compared to the global average of 14% according to Gartner. And still only 44% of GCC CIOs are accountable for cybersecurity in the region. So this is something that has to change. What are your tips for CISOs to looking to bolster the security posture of their organizations? I would recommend them to view security through Process, People and Technology. Address the key risks and look for trusted partners, that can help them maneuver the changing landscape of risks.
Do you think AI and machine learning will drive the future of cybersecurity? At Bitdefender we have been pioneers in implementing machine learning (ML) & AI in our products and solutions for over 11 years now. However, as is the case with every technology, it has its pros and cons. There is no doubt that Machine Learning is providing value in simple tasks and elevating suspicious events for human analysis. However, we cannot escape the fact that humans and machines complement each other and together, can outperform either alone.
AUGUST SEPTEMBER 20192019
CXO INSIGHT ME
13
BLUELIV
PROACTIVE SECURITY Gerard Cervelló, general manager, Blueliv, on using advanced threat intelligence for risk protection.
H
ow do you see the threat landscape evolving in the region? Today’s threat landscape is becoming increasingly volatile as actors use evermore sophisticated techniques to attack organizations, not just in the Middle East but around the world. The reality is that any organization operating online holds data valuable to cybercriminals, from financial transaction records to customer PII, confidential company assets to industrial IP. A hit on any of these can lead to catastrophic business impact, reputational damage and compliance penalties. While cybercriminals are deploying similar TTPs against enterprises in the region as elsewhere in Europe, from an APT perspective in recent years the Middle East and North Africa has seen regional tensions make the jump from the realm of battlefields and closed-door meetings into cyberspace. The biggest players in the region – from Iran to Saudi Arabia to Israel – have invested in cultivating their own array of state-sponsored hacking collectives to be used in backing their agendas and advancing their national interests. Unsurprisingly, investment and interest in developing cyber assets continues to the present. Is security a boardroom level discussion now? Once the preserve of the CIO or CISO, defending against an ever-more sophisticated threat landscape has finally started to resonate with business leaders in recent years. The implementation of GDPR and similar legislation around the world has repositioned cyber risk generally, along with an increasing awareness of the significance of a breach. To put it simply, for a CEO cyber risk is business risk. Cybersecurity is everybody’s job – and the C-suite is responsible for establishing and promoting an appetite for cyber-risk management across the business. They
14
SECURITY INSIGHT ME
SEPTEMBER 2019
should ask questions relating closely to their priorities as a business. How integral is cybersecurity to overall business strategy – is enough budget being allocated? In the boardroom, members should try to understand why they would be being targeted by cybercriminals – what do they have in their systems that adversaries would find valuable? What are your tips for CISOs to looking to bolster the security posture of their organizations? Overall, cybersecurity must be a wellbalanced model between people, process and technology. A blend between the three makes for the strongest posture possible. That said, as with many aspects of cybersecurity, education is key to mitigating attacks – and this is very much an ongoing process. To manage cyber risk, organisations need to understand and act on threats relevant to their business. Blueliv’s Threat Compass provides a central point of control for automated operational, tactical and strategic threat intelligence and digital risk protection. We offer a streamlined, costeffective and scalable solution where users can ‘build-your-own’ threat intelligence from
individual modules, and only gather and act on the threats which matter most to them. All of this is backed up by our experienced international team of threat intelligence analysts and malware reversers. We leverage the broadest external datasets on the market, meaning that we cover a broader range of cyberthreats than any other service. This enables teams to process a higher volume of threat data, whilst maximizing limited resource and enabling smarter remediation. Our proactive, automated detection and monitoring not only help defend your assets, but also brand and reputation. Threat intelligence strengthens cyberdefense, and protects your balance sheet from financial losses and compliance penalties associated with cyberattacks. Crucially, Blueliv’s solutions are easy to deploy, easy to set up and very easy to operate. Users see results instantly without the need for costly analysts or huge supporting security teams. Do you think AI and machine learning will drive the future of cyber security? Simply put, automation and machine learning capabilities in threat intelligence helps to deliver the highest quality actionable data, helping organizations stay in command of their threat landscape. The sheer volume of samples that are detected, analysed and reported – hundreds of thousands per month at Blueliv, for example – requires advanced capabilities to structure the information at scale for presentation with humans and their security systems. Using patented software, we are able to connect the dots in the data, adding context to vulnerabilities, attack vectors and targets. Indeed, this is why simply using an open source or commercial data feed is usually not good enough – organisations need to contextualize data for timely and actionable diagnosis.