Cyber Sentinels May 2018

Page 1

V O L U M E 0 4 | I S S U E 1 2 | M AY 2 0 1 8 SPECIAL SUPPLEMENT BY “Prevention is the key to lock the door of attacks.” This is what Check Point has been advocating organizations for the past 25 years..... 20 CHECK POINT BRACEAHEAD!YOURSELF! JAYENDRATEAMTERRITORYRAMAN,LEADER,CHECKPOINT RAM CHECKMANAGER,REGIONALNARAYANAN,SALESPOINT

PRESENTS BROUGHT BY TECHTALK AND META CIO AWARDS NOMINATE NOW GET READY FOR A ‘NEVER-SEEN-BEFORE’ CIO ROADSHOW IN THE META REGION 10.05.2018 MAY EDITION: UAE, OMAN, TURKEY, QATAR VENUE: ARMANI HOTEL, BURJ KHALIFA DUBAI THE PRIVATE OFFICE OF HIS HIGHNESS SHEIKH SAEED BIN AHMED AL MAKTOUM HELD UNDER THE PATRONAGE OF

GHANAFRANCEEGYPTCHINACANADABOTSWANABAHRAINAZERBAIJANAUSTRALIA NEPALNEWMAURITIUSMALAYSIAKENYAKAZAKHSTANITALYINDONESIAINDIAZEALAND SOUTHSPAINSRISINGAPORESCOTLANDSAUDIRUSSIAOMANNIGERIAARABIALANKAAFRICA ZIMBABWEUSUNITEDUAETURKEYTHAILANDSWITZERLANDKINGDOM PARTICIPATINGCOUNTRIES 34 QUALIFYINGROUNDS 50 C-LEVEL EXECUTIVES 3,700

It is saddening that every issue of Cyber Sentinels in the past 6-8 months has began with the narration of a severe security breach or major hack that shook the industry. While tech writers and editors around the globe can be hands full with interesting contents to write on, it is a shame on economies that boast of a highly digital infrastructure.

EDITORIAL A COSTLY ‘RIDE’ PUBLISHED BY ACCENT INFOMEDIA MEA FZ-LLC PO BOX : 500653, DUBAI, UAE 223, BUILDING 9, DUBAI MEDIA CITY, DUBAI, UAE PHONE : +971 (0) 4368 8523 A PUBLICATION LICENSED BY INTERNATIONAL MEDIA PRODUCTION ZONE, DUBAI, @COPYRIGHTUAE 2013 ACCENT INFOMEDIA. ALL RIGHTS RESERVED. WHILE THE PUBLISHERS HAVE MADE EVERY EFFORT TO ENSURE THE ACCURACY OF ALL INFORMATION IN THIS MAGAZINE, THEY WILL NOT BE HELD RESPONSIBLE FOR ANY ERRORS THEREIN. PRINTED BY AL GHURAIR PRINTING & PUBLISHING LLC. MASAFI COMPOUND, SATWA, P.O.BOX: 5613, DUBAI, UAE INFO MEDIA ANUSHREE DIXIT Assistant anushree@gecmediagroup.comEditor EXECUTIVE DIRECTOR: SANJIB MOHAPATRA FOUNDER AND COO: TUSHAR SAHOO GROUP EDITOR: SANJAY sanjay@gecmediagroup.comMOHAPATRA M: +971 555 119 432 ASSISTANT EDITOR: ANUSHREE RONAKSALESINFO@GECMEDIAGROUP.COMSUBSCRIPTIONSASSISTANTDESIGNER:LEADVISUALIZER:OFFICEJR.REPORTER:anushree@gecmediagroup.comDIXITDIVSHABHATdivsha@gecmediagroup.comREPORTER:CVARYADEVIarya@gecmediagroup.comEXECUTIVE:SHRIYANAIRshriya@gecmdiagroup.comMANASRANJANVISUALIZER:DPRCHOUDHARYAJAYARYADESIGNER:RAHULARYAANDADVERTISINGSAMANTARAYronak@gecmediagroup.com M: + 971 555 120 490 SOCIAL MARKETING & DIGITAL RICHAPRODUCTIONYASOBANTCOMMUNICATIONMISHRAyasobant@gecmediagroup.com&CIRCULATIONSAMANTARAY + 971 529 943 982 DESIGNED BY

04 MAY 2018

Few days back, Careem, the Mideast ride sharing app, reported a major hack of its customer and captain data which exposed the name, email addresses, phone numbers and trip information of the riders. Though the credit card details were not stolen, this does not justify the massive threat. And as always, once a breach is done, social media and inboxes are flooded with emails, comments, advice and tips on how the attack could have been avoided and what the victim company could have done. Service providers come up with new strategies that claim to have the capability to stop such attacks. A lot said and less done. However tight the strategy is, there is always a crater of vulnerability. What is the price that a customer has to pay to trust a service?Itistime for the Middle East market to shake up the security dust once again and set the stage for some serious interactions. GISEC 2018 is all set to go on floors this May and is all about Vertical focused security that emphasizes on the fact that security is not a one-size-fits-all phenomena and underlines the different kind of approach needed for each sector. We will once again be there on the grounds to explore the vendor and partner offerings as the technology media partners of the event. See you at the fair! ë

COVER STORY CONTENTS With mega breaches that took place in 2017, many cyber security measures have emerged. But security within an organization is equally important. EMBRACING THE POWER OF TRUSTED IDENTITIES14 CISO KALEIDOSCOPEINBLOCKCHAINSPEAKACISO 32 GUEST HEALTHCAREARTICLE IS A MAJOR TARGET CYBERCRIMINALSFOR 12 THREAT DECODED EMAIL PHISHING 28 INTERVIEWDOYOUKNOW WHAT HAPPENED?HAD 37 05MAY 2018

06 MAY 2018

TOM KEMP, CEO, CENTRIFY

Centrify Study Finds CEO Disconnect is Weakening Cybersecurity

ORGANIZATIONS USING PUBLIC CLOUD HAS HAD DATA STOLEN McAfee revealed its third annual cloud adoption and security report, Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security. The report outlines the current state of cloud adoption, the primary concerns with private and public cloud services, security implications and the evolving impact of Shadow IT for the more than 1,400 IT professionals surveyed.

STREETCHANNEL

MCAFEE STUDY REVEALS ONE-IN-FOUR

“Despite the clear prevalence of security incidents occurring in the cloud, enterprise cloud adoption is pressing on,” said Rajiv Gupta, Senior Vice President of the Cloud Security Business Unit, McAfee. “By implementing security measures that allow organizatios to regain visibility and the control of their data, businesses can take advantage of innovative services and accelerate their business with a more informed approach to security in the cloud.”

Infoblox made significant enhancements to its Active Trust Cloud offering that now leverages advanced ana lytics to expand detection of potential zero day threats and prevent the loss of data, adds the ability to distribute threat intelligence to other security products in the network and ensures that content on the network conforms to corporate policies. In this latest release, organizations are able to strengthen their protection across their entire security ecosystem with advanced machine learning as well as distribute action able threat intelligence across existing security solutions on the“Becausenetwork.DNS sits in core of the network – it sees a lot of malicious activity first,” said Scott Fulton, executive vice president of products at Infoblox. “DNS should be an organization’s first line of defense as most ransomware and malware uses DNS at multiple points in the cyber kill chain. The data we collect provides essential context and visibility so IT admins can be alerted of any network anomalies, report on what assets/devices are joining and leaving the network and resolve problems faster.”

SERVICESECURITYSAASUPGRADESINFOBLOXBASED

Centrify revealed results of a new research study with Dow Jones Customer Intelligence, “CEO Dis connect is Weakening Cybersecurity,” which reveals that a misalignment between CEOs and Technical Officers is weakening enterprise cybersecurity postures.Thereport highlights that CEOs are incorrectly focused on malware, creating misalignment within the C-suite, which results in undue risk exposure and prevents organizations from effectively stopping breaches. Technical Officers (CIOs, CTOs and CISOs) on the front lines of cybersecurity point to identity breaches — including privileged user identity attacks and default, stolen or weak passwords – as the biggest threat, not malware. As a result, cybersecurity strategies, project priorities, and budget allocations don’t always match up with the primary threats nor prepare companies to stop most breaches. “While the vast majority of CEOs view themselves as the primary owners of their cybersecurity strategies, this report makes a strong argument that companies need to listen more closely to their Technical Officers,” said Tom Kemp, CEO of Centrify.

The digital transformation in business, trade and industry offers a whole host of opportunities but also throws up new challenges for IT infrastructures. Dealing with complex tasks and huge volumes of data calls for increasingly fast, flexible and efficient IT solutions. DISCOVER THE POSSIBILITIES WITH RITTAL. INNOVATIVE DATA CENTRE ARCHITECTURES INNOVATIVE CLOUD SERVICES EDGE DATA CENTRES SMART PACKAGE OFFERING FOR IoT SOLUTIONS Discover it – the new world of IT solutions. Accent Infomedia_EMEA_GITEX 2017 - Handbook - 220X310mm(bleed) 200x290mm(trim) Balanced Cloud CentreDatacentre-in-a-Box IT Security Room RiMatrix SEdge Data Center Rittal Middle East FZE Tel: +971-4-3416855 I Email: info-it@rittal-middle-east.com I www.rittal.com/uae-en For Enquiries: Visit us at Hall 1 Stand F1-1

F5’s Advanced WAF supports a variety of consumption and licensing models, including a per-app basis, as well as perpetual, subscription, and utility billing options for ultimate flexibility in the cloud and the data center. This helps SecOps better collaborate with modern DevOps and NetOps teams to easily deploy app protection services in any environment that can be configured for individual applications or en masse.

F5 Networks is introducing its Advanced Web Application Firewall™ solution for comprehensive application protection. With industry leading security capabilities to guard against evolving application threats, F5 is adding to its growing portfolio of integrated and standalone solutions specifically designed for app security.

HID’S

SonicWall Introduces Capture Platform

BILL

08 MAY 2018

F5’s holistic approach to application security reduces management complexity, decreases OpEx, and efficiently delivers services to neutralize attacks.

HID Global said that its IdenTrust® business is the #1 digital certification authority in the world, according to the latest independent research results from W3Techs, a technol ogy survey company that consistently tracks the SSL certificate market.

SonicWall also is introducing new and enhanced products in its portfolio of hardware, virtual appliances and endpoint clients. The significance of the unified and con nected SonicWall Capture Cloud Platform is highlighted by the escalating threat landscape. In the first quarter of 2018 alone, the average SonicWall customer faced 7,739 malware attacks, a year-over-year increase of 151 percent; 335 of these attacks were hidden using SSL/ TLS encryption. The SonicWall Capture Cloud Platform also identified more than 49,800 new attack variants in the first quarter, with Sonic Wall Real-Time Deep Memory InspectionTM (RTDMI) identifying 3,500 never-before-seen variants.“Winning the cyber arms race requires a consistent, agile and reputable stream of realtime cyber threat intelligence,” said SonicWall President and CEO Bill Conner. “The new SonicWall Capture Cloud Platform ensures organizations are always protected by the abso lute latest information — updates, signatures and alerts — to automatically defend their networks from the most advanced cyberattacks.”

Cloud

F5 LAUNCHES ADVANCED WAF FOR MULTI-CLOUD APP SECURITY

SonicWall introduces the Capture Cloud Platform, which tightly integrates security, management, analytics and real-time threat intelligence across the company’s full portfolio of network, email, mobile and cloud security products.

IdenTrust’s leap to being the market leader for digital certificates signifies only the second time in the history of the Inter net that the top position for the Certifica tion Authority has changed – first in 2015 by a competitor and now to IdenTrust after a fast-paced growth trajectory over the past two“Becomingyears. the #1 Certification Authority for SSL certificates makes HID’s IdenTrust among the most trusted digital certificate providers in the world,” said Brad Jarvis, Vice President and Manag ing Director, IAM Solutions with HID Global. “Third parties trust our digital certificates because they are reliable, easy to integrate and compliant with standards. Our customers trust us to provide digital certificate services from a secure and scal able platform capable of meeting the needs of their dynamic business environments.” This achievement reflects the changing landscape of SSL certificate usage, with more emphasis on automated processes and the value of the IdenTrust infra structure and broader partner network associated with HID Global. One aspect of the changing landscape is how tens of thousands of websites are reportedly going to find themselves labelled as “unsafe” next month, due to a decision in September 2017 by Google to cease trusting certificates from a former market leader.

IdenTrust digital certificates support real-time validation of Internet traffic on a scalable, software-as-a-service platform. IdenTrust helps create a trusted environ ment that secures business- and life-critical data.

CEO,PRESIDENTCONNER,ANDSONICWALL

TIONDIGITALBECOMESIDENTRUSTTHE#1CERTIFICAAUTHORITY

Fidelis Cybersecurity® will be participating in GISEC 2018, to be held at Dubai World Trade Center, May 01-03. Building on the capabilities of Fidelis Elevate™, an automated detection and response (ADR) solution, that was launched in the Middle East at GITEX 2017, Fidelis Cybersecurity will demonstrate how regional organizations can leverage a modern Decep tion defense that extends visibility and detection deep into the network, learns new attacker techniques and better defends organizations’ critical data assets.

10 MAY 2018

Firas Jadalla, Regional Director – Middle East, Turkey and Africa, Genetec said: “Genetec continues to bring clever technologies to market that expand our flagship unified security platform and helps our end users implement the most effective security strategies that have been designed to protect their organizations, cities, and schools from both physical and cyber AT threats. In today’s highly connected world, we need to defend our physical security system as well as our communication infrastructure, servers, and data from cybercriminals.” As the KSA continues achieving the goals and objectives of Saudi Vision 2030, Genetec is committed to providing the modern technology necessary to help protect the people, assets, and intellectual property for both public-private entities.

Firms struggle with patching because they use manual processes and can’t prioritise what needs to be patched first. The study found that efficient vulner ability response processes are critical because timely patching is the most successful tactic companies employed in avoiding security breaches.

Making the case for deception technologies, Roland Daccache, Senior Regional Sales Engineer, MENA at Fidelis Cybersecurity said, “Regardless of the techniques—behavioral, signature based, machine learning—used by traditional security stack solutions like antivirus (AV), next-gen firewall (NGFW) and sandbox, attackers and advanced malware are slipping through the cracks.”

Vulnerability response is the process companies use to prioritise and remedi ate flaws in software that could serve as attack

“Addingvectors.more talent alone won’t address the core issue plaguing today’s security teams,” said Philip van der Wilt, General Manager and Vice President Sales EMEA, ServiceNow.

ServiceNow released new research, “Today’s State of Vulnerability Response: Patch Work Demands Atten tion,” based on a survey conducted with the Ponemon Institute. The report uncovered security’s “patching paradox” – hiring more people does not equal better security. While security teams plan to hire more staaffing resources for vulnerability response – and may need to do so – they won’t improve their security posture if they don’t fix broken patching processes.

Paladion discovered vulner abilities in extensions for the content management system Joomla that could leave users exposed to hackers. As an open source software, Joomla has more than 2 million live users and contributors. Its popularity has also prompted other coders and companies to produce more than 8,000 extensions to offer addi tional handy features. However, in certain cases, use of some of these extensions exposed users to security risks and attacks. As part of its continual, intensive cybersecurity monitor ing and research, Paladion found instances of data not being validated when being exported from Joomla extensions to a CSV file format. Paladion security expert Suresh Narvaneni, who found the flaws, said, “This vulnerability made it possible for an attacker to spread malware via spreadsheets such as Microsoft Excel and LibreOffice Calc. Unauthorized remote machine access was also possible.”Suresh identified the issue in specific Joomla exten sions from Acyba and notified Joomla immediately. In addition, a missing validation on a URL field when creating a new com pany record and a vulnerability to cross-site-scripting (XSS) were found in the JS Jobs extension from Joom Sky.

GISEC PALADION HELPS JOOMLA DEVELOPERS STOP CYBERSECURITY RISKS

PARADOXRITY’SUNCOVERSRESEARCHSERVICENOWSECUPATCHING GENETEC ADDRESSED CYBER SECURITY CHALLENGES AT INTERSEC KSA FIDELIS CYBERSECURITY TO UNVEIL ACTIVE DECEPTION TECHNOLOGY

FIRAS REGIONALJADALLA,DIRECTOR - META, GENETEC

Genetec highlighted its premier solutions addressing the evolving physical and cyber threats in the Middle East region at the second edition of Intersec Saudi Arabia, which was held at the Jeddah Center for Forums and Events in the Kingdom of Saudi Arabia (KSA) from April 24 to 26, Genetec2018.showed Citigraf, a decision support system that unifies public safety operations across city departments for inter-agency col laboration; and Genetec Traffic Sense, a Unified Traffic Operations Platform driven by advanced analytics. Additionally, the company will put the spotlight on its Security Center 5.7 solution, a unified, open architecture security flagship.

ServiceNow surveyed nearly 3,000 security professionals to understand the effectiveness of their vulner ability response tools and processes.

Protected Health Information (PHI) contains more personal data points and cannot just be reissued in the event of a problem. Bank account details and passwords can be changed following a breach; but information about allergies, dis abilities, mental health or hereditary conditions, can’t. So, securing this data and a healthcare institution from these calculated threats should be a top priority.

ARTICLEGUEST

The value of medical records on the black market is at least 10X higher than credit card data. Why?

BRANDON BEKKER, MANAGING DIRECTOR, MIMECAST MEA well-meaning employees and malicious insiders. Busy staff members are bound to make mistakes regarding PHI. With the ubiquity of email, it’s not uncommon to find a breach where employees accidentally (or carelessly) attached a spreadsheet or document containing PHI. A mistake like this could result in personal harm or defamation and will have severe implications for healthcare professionals in countries that have data protec tion laws in place.

To prevent brand damage, fines, and audits, healthcare organisations must actively seek to identify and prevent PHI from leaving the organisation without the proper safeguards in place. However, this can be a monumental task without the right technology. For email, Mimecast recently introduced data loss preven tion (DLP) capabilities that can help address this challenge. Healthcare organisations can scan, identify and take action on emails containing PHI. These actions include holding the message for review, encrypting the content, applying secure messaging between parties, converting the files and more. As part of the service, Mimecast can notify the sender, recipient, and administra tor of a message flagged as containing PHI. Ensuring that PHI does not leave the organisation without the proper encryption and safeguards is just as essential as securing against external attackers. Healthcare is the only industry where employees are the predominant threat of a breach.Thehealthcare sector is at major risk. The time is now for them to rethink cyber security and implement strategies that make them resilient and prepared for both internal and external threats. ë allow continuous access to critical applications and information during an attack and provide the ability to recover data to the last known workable state, after a threat is neutralised. But it even goes beyond external threats.

12 MAY 2018

The nature of healthcare, requires that organi sations within this sector keep highly sensitive patient data on file. Doctors need to have this information to make informed decisions about patients, and the ability to easily share this infor mation within a healthcare network, has resulted in significant advancements in the way patients are treated. Personal and medical details are also used by staff who handle post care activities, from post-op follow-up to billing. This reduces the admin involved and makes it a far more efficient experience for patients. However, housing this kind of personal information poses a severe risk. Without the right security in place, this data is left exposed to external threats, as malicious actors use targeted threats to infiltrate networks. But when you’re dealing with something as important as people’s lives, it’s not enough to only have security in place, the continuity of services is vital. Take the WannaCry ransomware outbreak earlier this year for example, where entire hospitals in the U.K. were shut Healthcaredown.institutions therefore need to have a cyber resilience strategy in place. This will help them defend against threats such as ransomware,

HEALTHCARE IS A MAJOR TARGET FOR CYBERCRIMINALS

Equally important is making sure the organisation is insulated from mistakes by both

The internet of things has transformed the healthcare sector, allowing practitioners to easily share information and deliver personalised treatments. Yet many experts in the security industry believe that of all the industries facing serious cyber threats, healthcare is possibly the most at risk.

Visit us at GISEC 2018 stand C14

EMBRACINGTRUSTEDCOVERSTORYTHE POWER OF IDENTITIES 14 MAY 2018

n PHOTO:

Based on an estimate the IAM market is going to be worth $14 Billion - $20 Billion by 2020 but it can also grow exponentially as security is one of the major concerns now-a-days. The changing needs of the workplace, adoption of cloud, Bring Your Own Device, etc are driving organizations to adopt Identity access management solutions.

BY: DIVSHA BHAT <DIVSHA@GECMEDIAGROUP.COM> SHUTTERSTOCK

n

With mega breaches that took place in 2017, many cyber security measures have emerged. But security within an organization is equally important. Identity access management has become the new perimeter with the evolution of BYOD, cloud adoption and mobility.

CEO: You mean to say, we pay a fortune but we know nothing about identities? CISO: No answer

We witness such scenarios often these days. Cyber-attacks doubled in 2017 compared to 2016. The CISO’s have to be always prepared for the ‘please explain’ request from the senior management. Corporate growth now-a-days in mostly linked with the vendors and contractors. And everyone from professional services to IT experts are allowed into an organizations security sensitive location and systems. So secure Identity and Access Management is very important for organization these days and it has to be in place. And with the growing number of cyber-attacks, the demand for IAM is only going to increase.

15MAY 2018

Location: Atlanta, USA Time: 10:30 PM CEO: What’s happening? CISO: I cannot access my account. It has been hacked! It is a major incident of identity theft. CEO: Again??? I keep approving security measures. Didn’t I sign off $10 million on iden tity management a few days ago? Isn’t it sup posed to keep hackers off our systems? What else can we do about identity and credential CISOtheft? (panics): We rely on the solution provid ers/contractors for this.

WISAM YAGHMOUR, REGIONAL SALES DIRECTOR – MEA, HID GLOBAL

AUTHORIZATION MAN DATES FOR ORGANIZATIONMODERN

“Trusted identities will emerge this year as the fundamental building blocks for organizations to create environments that connect people, places and things,”

Organizations in the region should become more vigilant when it comes to accessing their sensitive data. Imagine an organization as a home. A burglar keeps stealing and yet the owner keeps the door open. Why not lock the doors and prevent or at least make it harder for the burglar to break in?The enterprise network now-a-days extends to wherever employees are and wherever data goes. Mobility and the Internet of Things (IoT) are changing the way we live and work. As a result, enterprises must support a massive prolifera tion of new network-enabled devices. Security specialists have more tools available these days to help them protect their business against known vulnerabilities.KamalHeus, Regional Manager – MEA for Centrify sees more tightening in the way people are accessing data within the company boundar ies or from outside. “Employees, partners and contractors are able to access data from anywhere at any time and combined with the fact that the traditional perimeter is dissolving, more work is being done to protect the identities of people (or devices) accessing the organisation’s data.”

16 MAY 2018

KAMAL HEUS, REGIONAL MANAGER MEA, CENTRIFY

Wisam Yaghmour, Regional Sales Director MEA for HID Global believes - “Organisations should look at investing in the convenience of physical and data security that is converged onto a single credential. In much the same way that users are gravitating to mobile solutions, in part, because they like how it interconnects their digital world, so too are enterprises, universities and healthcare institutions embracing converged credentials.”

IAMAPPROACHORGANIZATION’STOWARDS

Its been 6 months since Equifax revealed the breach. The company is still adding millions of new names to the list of people who were impacted which total up to 148 million Ameri cans. This raises the question – What authoriza tion mandates should a company follow to prevent breaches? Identification, Authentication and Authorization. These three major concepts are incorporated by identity and access manage ment. According to Scott Manson, Cybersecurity Lead – Middle East and Africa for Cisco, these

“Centrify’s Zero Trust Security assumes users inside a network are no more trustworthy than those outside the network,”

three processes combine to ensure that specified users have the access they need to do their jobs, while unauthorized users are kept away from sensitive resources and information. The fact that a user proves his or her identity is not sufficient to gain access — the system must also ensure that users perform actions only within their scope of authority.Also,any organization considering remote access in a borderless workplace should consider a few key solutions according to Morey Haber, Chief Technology Officer of BeyondTrust. Multi-Factor Authentication (MFA)—to provide an additional layer of challenge and response to prove a user’s identity; Privileged Access Manage ment—to secure privileges, passwords, and ses sions when sensitive remote access is requested; User behavior monitoring—to measure the level of appropriate access and potentially malicious behavior such as lateral movement attempts; Trusted computing—to allow access from only trusted sources such as phones or laptops. This includes everything from authentication using host-based certificates to network access control solutions that can prove a remote asset is owned by the company or authorized BYOD.

“The security team in charge of authenticating user identities are ensuring that the organization has robust security controls in place while stream lining authentication procedures to increase user productivity. The security teams have embraced multifactor authentication, trusted computing models, virtual private networks and many other new technologies to help protect the communica tion and verify the user,” he adds.

MOREY HABER, CHIEF TECHNOLOGY OFFICER, BEYONDTRUST

SCOTT MANSON, CYBER SECURITY LEAD – MEA, CISCO

“CISOs will need to include securing managementidentityenvironmentsmultiprotocolintheirandaccessstrategy,”

“Security teams have embraced multifactor authentication, trusted computing models, network access control, virtual private networks to help protect the communications and verify the user,”

FINALLY Although organizations will face new security challenges, they should focus on protecting information assets that are very sensitive. In order to secure identities, they need to respond quickly by adapting IAM strategy and its tools. A research estimated that cybercrime will cost organizations around the world over $2 trillion by 2019. In such rise of security breaches, it is never too late to start. Act now to protect your business! ë

Single sign-on (SSO) is also an essential feature for humans because it reduces many of the shortcomings of passwords. Centrify also suggests that to mitigate threats, organizations should use digital access technolo gies that limit the one and only access point users have to reach resources. Organizations should provide user roles that details each person’s access and privilege they have in that role and what time of day, week or month is that role available.

CHALLENGES FOR SECURITY LEADERS With the rise of connected devices via the Internet of Things, adoption of cloud and increase in BYOD, managing user identities and access to IT resources has become very important and have created new challenges for CISOs. The industry side security skill shortage is also one of the other challenge. Organizations should not only make investments in security tools but also provide training and hire skilled personnel to support these tools.

Global Identity and Access Management Market Will Reach USD 15.92 Billion by 2022 Source: Zion Market Research $15.92 bn 17MAY 2018

Getting Management Commitment, identification of suitable implementation use cases, a well thought through POC study are My Mantras of Blockchain for IT Security. ë MANI, CISO, BANK OF

What are the pros and cons of this?

Storage limits - Each block can contain no more than 1 Mb of data, and a Blockchain can handle only 7 transactions per second.

SHARJAH

1)

High Operation Costs - Running Blockchain technology requires extensive computing power resulting in high costs in comparison with conventional systems.

6) Cryptographic

3)

Blockchain is designed in a way that the storage location or central authority doesn’t exist.

To be more precise to attack and collapse a Blockchain, a hacker need to destroy the data stored on all the comput ers/nodes that are part of a Blockchain network. This could be millions of computers, with each one storing a copy of some nodes or all the nodes. Unless the hacker is able to put down an entire Blockchain network, those nodes not attacked by the criminals will keep functioning running and keep record of all the data on the Blockchain network.

How do you see Blockchain as a right weapon to rise against cyber criminals?

5)

The Cons of the storage mechanisms as per me are Irreversibility - There’s a risk that encrypted data may be unre coverable in case a user loses or forgets the private key necessary to decrypt it.

Blockchain Technology has come up with promises to overcome the traditional network security practice that are easily exploited by the Cyber Criminals as they are built on cryptographic data structures and use algorithmic consensus mechanisms for every transaction which ensures the authenticity of electronic transactions that are targeted by the Cyber Criminals.

Ability & Time to restore - Restoring a Blockchain based service after an individual node or multiple nodes have been compromised cannot be instantaneous, and there will be some latency effects on the network in recovery of the service.

How can business owners create a ‘defence in depth’?

Organization should ensure their security posture by constructing a Defence In Depth Security Mechanism containing the imple mentation of the following layers of Security. Even if one layer of security fails, next layer of security will come for rescue. Information Security Policies & Procedures, Standards, Security Mechanisms such as Firewalls, Proxies, IDS, IPS, Network Routers E Mail, Endpoint and Application Security Solutions Operating System Security Log Monitoring Solutions such as SIEM Controls and Data Classification Data Loss Prevention (DLP) Solutions Your Blockchain mantra for IT Security would be ?

VIMAL

CISO SPEAK 18 MAY 2018

According to Vimal Mani, CISO of Bank of Sharjah, Organization should ensure their security posture by constructing a Defence In Depth Security Mechanism containing the implementation of the following layers of Security. Even if one layer of security fails, next layer of security will come for rescue.

2)GuidelinesPerimeter

4)

CREATING AN IN-DEPTH DEFENSE STRATEGY

The information storage mechanism offered by Blockchain technology is decentralised. Traditional databases are centralized in nature. Here, each and every line of coding is concentrated in a single place. Therefore, they are vulnerable for cyber threats. Even if the companies make back-ups of the information in a disciplined manner, they will not be completely free from threats. Since Block chain is synchronised across multiple systems, it will not be an easy job for hackers to tamper with the information. These blocks of information are linked to each other. As they are not concentrated in one place, hackers can’t steal the data contained in any of the Blockchain nodes.

7)

THE 6 KEYS TO UNLOCK YOUR GISEC POTENTIALS2018 WE CARVE THE PERFECT PLAN FOR YOU! ENTERPRISECHANNELSMEA (GISEC 2018 ISSUE) SentinelsCyber QuarterlymagazineSecurity FTWFTW Dailybulletinnews Felicitating the Top IT makersDecisionfromMETA CIO 200 INTERVIEWVIDEO Bring your views to life. Accent Info Media MEA FZ-LLC 223, DMC – 9 Dubai Media City, Dubai, UAE SALES Ronak Samantaray Mob: +971 555 120 490 Email: ronak@gecmediagroup.com EDITORIAL Anushree Dixit Mob: +971 529 112 472, Email: Email:Mob:Divshaanushree@gecmediagroup.comBhat+971561553608divsha@gecmediagroup.com TO PARTICIPATE CONTACT REDEFINING SECURITY, REJUVENATING ENTERPRISE READINESS GENERATIONLEAD(SURVEY) The crucial step towardsyourattainingROI

20 MAY

We woke up to the news of Careem attack a few days ago which shows no signs of slowing down from hackers. With an ever-increasing demand in security, Check Point provides 360degree visibility towards addressing these threats with real time advanced threat prevention across all platforms (Network, Cloud & Mobile).

In

n PHOTO:

Check Point is rated by Gartner for 22 consecu tive years and recommended by NSS labs for 14 consecutive tests for different technologies. The GCC team was awarded the best team for new customer acquisition across EMEA in the recently concluded annual conference (CPX 360).

“Prevention2018 is the key to lock the door of attacks.” This is what Check Point has been advocating organizations for the past 25 years. Check Point has protected customers from major cyber-attacks and offers a complete 360-degree security architecture defending enterprises from networks to mobile devices. In this month of Security Expo and Conference, Ram Narayanan, Regional Sales Manager and Jayendra Raman (Jay), Territory Team Leader are all set with their GCC team to make enterprises aware of the Gen V threats and prevention measures. DIVSHA BHAT <DIVSHA@GECMEDIAGROUP.COM> SHUTTERSTOCK the present generation, it is not a big chal lenge and very easy to do a targeted attack. From WannCry to eBay, the past year made some shocking revelations of data breaches.

n BY:

BRACE YOURSELF! CHECK POINT AHEAD! RAM NARAYANAN, REGIONAL SALESCHECKMANAGERPOINT

“CloudGuard IaaS provides advanced Gen V security/threat prevention of attacks on infrastructure and workloads for leading public and private cloud platforms, including: Amazon Web Services, Google Cloud Platform, Microsoft Azure, Cisco ACI, OpenStack, VMware NSX, VMware Cloud on AWS, VMware ESX, Alibaba Cloud, KVM, Hyper-V and more. In today’s land

JAYENDRA RAMAN, TERRITORY TEAM LEADER CHECK POINT

The company also made another major announcement by introducing CloudGuard which protects the enterprises from Gen V cyberattacks on cloud applications and infrastructure. As traditional security approaches do not fit into the dynamic nature of the cloud, this new product delivers proactive protections for cloud data, networks and applications. The comprehensive portfolio seamlessly integrates with the largest number of cloud infrastructures and applications to instantly and easily keep cloud services pro tected against even the most sophisticated Gen V cyberattacks. CloudGuard supports a single-click and agile deployment model aligned with the dynamic nature of cloud services, making a move to cloud services a breeze.

It is shocking to know that 97% of the organiza tions are not prepared for the fifth generation of cyber-attacks according to the 2018 Security Report by Check Point. With data breaches like Equifax and Uber, that we witnessed in 2017, organizations need to take extra measures to protect themselves by understanding and learning the ways of prevention. This annual security report extensively analyses the trends over the past year and predicts how the fifth generation of cyber security now spans across countries and industries along multiple vectors of network, cloud and mobile. “We release the report at the beginning of every year so that customers have a clear picture of the malicious attacks that are on the rise and guide them of the future prospects on what they should be aiming for and what kind of solutions are available. If 97% of the companies are having outdated technologies, obviously, they are vulnerable. It shows the need for enterprises to step up to Generation V” says Ram Narayanan, Regional Sales Manager, Check Point.

Ram recalls how from Gen I to Gen V, their unmatched security solutions have covered the entire landscape. “From virus related attacks and anti-virus solutions to mega cyberattacks, we have come a long way. The year 2017 was a global wake up call to get serious about addressing the cyber-attacks. We realized that the available technology solutions were not strong enough to prevent the targeted mega attacks. Organizations cannot survive Gen V attacks while they have a Gen III architecture. To remain operationally secure, organizations needed a new generation of security solution which is when we unveiled Gen V Security theme in 2018,” commented Ram. Awarded as the ‘New Product of the Year’, Check Point Infinity delivers a broad set of security technologies to protect organizations against the most advanced and unknown Gen V threats and can now be deployed using Check Point Infinity Total Protection (ITP). ITP is a game-changing new consumption model with a simple all-inclusive, per-user, per-year subscrip tion offering. The solution provides the key elements of a security infrastructure, including the network security hardware and hardware upgrades, network security software, endpoint, mobile and cloud security software, security updates, support and subscriptions all as a single annuity subscription. This was introduced at the annual user conference of Check Point, CPX 360 in January 2018 at Barcelona.

21MAY 2018

In an interesting way, Ram explains how organizations having 20-point products are struggling to connect them together to make it work as one complete solution. “With Infinity as an architecture, we cover all aspects and give them a consolidated view. Security is all about visibility and once customers see the visibility, they know that this will help them secure their enterprise.”

THE PREDICTIONFUTURE

THE EVOLVING GEN OF THREATS

“Being a 25-year-old company, our focus is only security. Check Point has always been at the forefront of delivering the customer’s needs and plays the role of a trusted advisor in their engage ment,” concludes Ram. With 1402 R&D engineers, Check Point has already begun researching on Gen VI threats (Nano security) and aims to continue being at the forefront of helping enterprises. We wish them all the best to discover new keys to lock the doors! ë Gold Standard for Efficient(Gartner)Management&Most(NSS) 100% Catch-rate for Labs)malwareunknown(NSS

22 MAY 2018 Only solution to withdealGen V Cyber AttacksMega Leaders in Gartner MQ since 1997 Fastest vulnerabilitiesbigrespondtotoimpact scape, where enterprises are worried about cloud and mobile security, we provide complete end to end solutions covering all aspects from physical network to cloud to mobile infrastructure. We are here to help customers transform their IT journey in a secure way” says Jayendra Raman, Territory Team Leader, Check Point.

BECOME A STAR Celebrating its 25th year, the team is very proud to be one of the few companies who have achieved this goal. With more than 100,000 customers worldwide and with high acceptance for their solutions in the region, GCC business has achieved a growth of 32% last year. Ram believes that these achievements would not be possible without the support of the partners who have been with them throughout their journey.

The Star partner program is not just a sign and start selling process. To be a part of the partner program, the company has to be technically qualified. “Based on certain criteria’s, we grant them the stars. For example, to become a 2-star partner, the company needs to have a minimal technical certification. The partner landscape is also changing with more focus on cloud services, we see a lot of traction in GCC this year. We recently concluded a partner workshop and also organize trainings on network security and advanced threat protection. We want to grow with our existing partners and achieve more heights of success,” said Ram. Jay explains how the training ended success fully in Dubai and plans to continue it in other GCC countries so that partners are equipped with the latest offerings from Check Point.

SECURING THE FUTURE OF ENTERPRISES AT GISEC

SaaS will be made available which comes with patented technology like ID Guard, which will help customers address their security concerns on cloud. “We look forward to this platform to know more of the customer needs, help them protect their data and brand value and also make our presence felt in the region,” says Jay.

Check Point revamped its Star partner program in 2016 and continues to onboard partners in 2017. It is proud that they now have a 4-star part ner in the region which is equivalent to platinum partnership. “We have upgraded our partner Computer Data Network (CDN Kuwait) as a platinum partner. We have been together for the last 15 years and the partnership has grown very strong. GBM is our regional partner which goes across all countries in GCC. Mannai as a strategic partner in Qatar. We also have global partners like Dimension Data and British Telecom.” says Jay. With larger partner ecosystems and in country partners, Check Point believes they are able to address more customers in specific territories.

In a world where most of the solutions are focused on breach detection, Check Point has been a differentiator by providing solutions for breach prevention. The organizations vision is to take security solutions to customer which will give them an advantage of having a solution which will prevent. “There is no point in telling someone that you have been attacked or your data has been encrypted after the fact, then the purpose of the solution itself is lost. That’s always been the differentiator and we continue to strive in coming out with those solutions. For instance, Check Point SandBlast as a product, has been rated the best in the industry for advanced threat prevention which is normally called as zero days solutions where you don’t have a signature to prevent an attack but you determine based on the behaviour,” explained Ram. At this GISEC, the Check Point team is all excited to independently create awareness among the people on Gen V attacks and how they need to scale up their protections. Infinity Threat Protection (ITP) has been of interest to customers from US and Europe and the GCC team believes, this architecture can address a lot of requirements for the organizations across GCC. CloudGuard

EMEA WWW.SANS.ORG The Largest and Most Trusted Source of Cyber Security Training, Certification, and Research in the World @SANSEMEA Take SANS training at one of our upcoming events in the Gulf region. You can choose from classes in Riyadh, Dubai or KhobarWWW.SANS.ORG/EVENT/RIYAD-OCTOBER-2018WWW.SANS.ORG/EVENT/GULF-REGION-2018WWW.SANS.ORG/EVENT/KHOBAR-2018DIGITALFORENSICSINCIDENTRESPONSEPENTESTINGSECURESOFTWAREDEVELOPMENTSECURITYAWARENESSCYBERDEFENCEMANAGEMENTAUDITINDUSTRIALCONTROLSYSTEMS REGISTER ONLINE AT:

A WEAPON FIT FOR THE CYBER CRIMINALS

Time-stamped and digitally signed, the digitized ledger stands at an advantageous position to improve everything from data integrity to digital identities. It also comes as a true measure for the increased vulnerabilities brought in by the newer technologies like IoT and machine learning.

Hitting a bullseye is easy and possible when you can see the bull’s eye, in this case the center of the system’s nervous system. Blockchain eliminates this possibility completely. The structure of the blockchain makes it perpetually comprehensive for cyber defense platforms to prevent any mind of fraudulent activities. As reports and studies on blockchain emphasize, it creates a non-hackable entrance unlike a database driven structure.

Although the base of the blockchain technology is built on enhancing security, trust and transparency, we have to abide by the fact that the technology is still in a very nascent stage and vulnerable to the expectations harnessed to it. Blockchain is primarily being seen as a tool or rather an innovation to cement the gaps in trust and security that has been created by the loose walls of security and firewall in modern enterprises.

24 MAY 2018

n BY: ANUSHREE DIXIT <ANUSHREE @GECMEDIAGROUP.COM> n PHOTO: SHUTTERSTOCK A ‘BLOCK’ WORTHY SECURITY

There have been many cyber attacks on the digital currencies and the systems of financial ser vices have been shaken several times. Developed as a technology to underpinning digital currency bitcoin, blockchain allows transactions to be veri fied electronically over a network of computers, with no central ledger. The Blockchain ledger can

Mohammad Jamal Tabbara, Senior Systems Engineer - UAE at Infoblox says, “Blockchain heavily uses built-in cryptography – Private Keys, Public Keys, and Hashing algorithms. You can think of a Private key as some sort of a password, which you should be the only one who has this key for you to authenticate against the system, yet it is so complex that for the vast majority of people it is not practical to use or possible to memorize. A Private Key is a single string of 64 characters in the range 0-9 or A-F, which makes it a human-unreadable string, and hence you need to store it in a special software or a piece of hardware that you need to carry with you anytime you would need it.”

Blockchain comes as a fresh wave of security for these organizations.

ELIMINATING THE HUMAN INTERVENTION Humans, as we all know, are considered to be the weakest link in the chain of security. There are many organizations who still work on legacy models of single factor authentication, simple logins and conventional password management systems. A slight negligence from the employee or a weak password can put the entire data on stake.

25MAY 2018

Essentially, Blockchain becomes the implementer of the ‘zero trust’ policy. It also holds potential to assist in forensic investigations. For example, an organisation that had confidential intellectual property stolen can take their immutable ledger to court and prove that an unauthorised person extracted or copied a set of “Significantdata. attacks have recently been launched from low-cost IoT endpoints, and there is very little incentive for manufacturers of these devices to incur the cost of a security stack, which leaves them extremely vulnerable. Blockchain can play a fundamental role in securing these environments,” says Mechelle Buys Du Plessis, Managing Director - UAE, Dimension Data.

BUILDING TRACEABLE BLOCKS OF HISTORY

The distributed ledger eliminates the question of who shoulders the responsibility of adding or removing data added to the ledger. Blockchain strategically creates an algorithmic pattern to assemble the blocks or individual ledger in a way that each block is traceable and can be further broken into sub category of time, data etc. But behind this capability is very standard technol ogy, which has been assembled in a very smart way to create something new. The audit capability of blockchain offers companies with a level of security and transpar ency over every iteration. From the perspective of cybersecurity, this offers entities with an additional level of reassurance that the data hasn’t been tampered with and is authentic.

AUTHORITY WITHOUT A CENTRAL AUTHORITY Has anyone ever come across a term ‘secure coding’ or has heard anyone say that he has written a secure code. According to Stefan Thomas, CTO of San Francisco-based Ripple, which is creating its own blockchain-like network for banks, says.

MECHELLE BUYS DU PLESSIS, MANAGING DIREC TOR - UAE, DIMENSION DATA “ Blockchain is still in its early stages, and might not be the silver-bullet for every use-case or application out there in the market yet, and instead you might have to stick to what you have today or consider blockchain-like technologies such as Hashgraph. “

$ 78 /s BLOCKCHAIN COMPANIES HACKED 26 MAY 2018

$ 65

FINALLY Blockchain is looked up as a revolution in cryptography and chronological recordings. But several times there has been an outside power that has successfully burgled into these technolo gies. So the question here is not that Blockchain is a tight lock security that is unpenetrateable but how organizations should look up to it as a more systematic and mature form of distributed data recording and how innovative analytics can be driven out of it. ë

The DAO that used ETHER digital currency was robbed of more than 50M, drained by cyber criminals in June, cutting the value of the currency by a third. Bitfinex, a Hong Kong-based digital cur rency exchange, lost about $65m in a cyber attack in August. A mysterious attacker mined Verge coins at a near impos sible speed of 1,560 Verge coins (XVG) per second, the equivalent of $78/s. m

This decentralized peer-to-peer network is based on complex cryptography from the ground-up, making encrypted data extremely secure, and signed data by Private Keys nearly impossible to forge. Besides, a DDoS attack on anything less than 51% of the network is useless.

“There’s no history of how to write secure code,” he says. “It is not surprising that it would be easy to miss typical problems.” One of the most serious problems is that some cryptocurrency companies rely on new programming code. It is hard to anticipate what the flaws are in new code or a new programming language, as there has not been a history of specialists examining it for flaws. Because it is decentralized and all nodes in the networks share the same data, the technology becomes more secured and trusted by design compared to a central authority where if this cen tral authority is hacked- data becomes untrusted.

“We believe that Blockchain has the potential to totally industrycybersecurity,re-engineerbutthehasyettocometotermswithit.”

detect suspicious online behaviour and isolate the connection, giving the user restricted access until the transactions have been sanctioned by system administrators or the IT security team.

MOHAMMAD JAMAL TABBARA, SENIOR SYSTEMS ENGINEER - UAE AT INFOBLOX

“There are other uses for Blockchain in the realm of cybersecurity that I believe will emerge in 2018. It’s already being used in public key infrastructure (cryptography used to secure emails, websites, and messaging applications). It provides better security by replacing a central database with a distributed ledger of domains and related public key,” says Mechelle.

HYBRID IT, UNIFIED UAEROADSHOWMONITORING&OMAN Office 1504, JBC3 Building, Cluster Y – Jumeirah Lakes Towers, P.O. Box 393447, Dubai, United Arab Emirates T: +971 4 427 9940 | E: info@spiresolutions.com | W: www.spiresolutions.com CONTACT

28 MAY 2018 WHAT IS EMAIL PHISHING? An act of impersonating a business or other identity for the purpose of tricking the receiver of an email into sharing personal information is called email phishing. Data obtained from phishing is often used to commit identity theft or to gain access to online accounts. Anyone with an email account is vulnerable to an attack. HOW TO IDENTIFY AND PROTECT YOURSELF FROM EMAIL PHISHING? If you receive an email from a company or website urging you to provide personal informa tion such as password or bank account details, you might be the target of a phishing account scam. Below are a few tips on how to identify and protect yourself from phishing –l Always check the ‘from’ address l Check the contact information and dates l Check for spelling and grammar mistakes l Check if the linked website is legitimate l Review the email’s salutation and signature l Do not respond to any email asking for personal or financial information l Make sure your antivirus and firewall are updated regularly l Do not click or download attachments l Check bank account or credit card statements for unusual transactions l Don’t be intimidated by the threatening language PHISHINGEMAIL

March 2018 - A phishing email attack on Baltimore-based CareFirst BlueCross BlueShield may have comprised nearly 6,800 members’ personal data. The insurer learned that one of its employees fell victim to a phishing email that comprised his or her email account. The hacker used the email account to send spam messages to an email list of individuals not associated with CareFirst. Although hackers sent emails to people not associated with CareFirst, the hackers could have potentially accessed the personal information of 6,800 CareFirst members, including names, member identification numbers, date of birth and, in eight cases, Social Security numbers.

July 2017 – A phishing attack on Snapchat tricked more than 55000 users to reveal their account passwords. The company learned of the data breach when UK government official notified a Snap engineer that the attack resulted in a publicly available list of thousands of user’s login information including passwords on a phishing website. The phishing attack relied on a compromised account that sent users a link pointing to a mobile site designed to mimic the Snapchat login screen. The phishers collected login data from users who entered their usernames and passwords on the fake site. The Snap observed that a single device had logged into thousands of accounts and marked it as suspicious, but that was after the accounts were compromised. ë

29MAY 2018 HOW TO REPORT AN EMAIL PHISHING? l Copy the email including headers and paste it to a new email l Do not forward the phishing message as it will remove the email headers l Be sure to add the words ‘phishing email’ in the subject line l Send the email for investigation EMAIL PHISHING IN NEWS

September 2017 – A Canadian University lost $10 million after falling prey to an online phishing scam. Officials at MacEwan University received fake email that said they were from one of the school’s major vendors and that the vendor was changing its banking information. The staff paid money into the new banking account which did not go to their client. Three staffers made payments in three separate instalments. The mistake was only discovered when the actual client called the university.

As transportation network is seen as a critical part of country’s infrastructure, it is considered as a privileged target for hackers. But even after a warning that the security system of a transportation network company is compromised and they choose to refuse it and gets hacked, it is something that happens once in a blue moon.

NEGLECT WARNING: HELLO HACKING n BY: CV ARYA DEVI <(ARYA@GECMEDIAGROUP.COM)> n PHOTO: SHUTTERSTOCK

“A PCP server uses highly secure protocols and is employed by international banks around the globe to protect financial information,” the blog read. The blog also states that customers who have signed in after January 14 has not been affected by the data Careemhack.already had a warning on the pos sibility of a security breach in the near future but refused to acknowledge it. Mr Daniyal Nasir, a researcher said that he penetrated Careem’s apps for security vulnerabilities in March 2017 and had noticed a breach in the security. He further men tioned that he could recover all the personal data including emails, pictures, cars, booking details and even user location. Mr Nasir further warned the Careem company on the vulnerabilities but did not respond well to his warning. The blog post stated that the hack occurred on January 14 by an unauthorised access to the system where data was store. The blog further mentions that there is no evidence that the password and credit card numbers have been compromised as it is stored in a separate system. The company revealed that personal information including names, email address, phone numbers and trip data were hacked.

30 MAY 2018

Companies can be defended from these evasive threats by including web security solutions, repu tation services, prevention services, application control et cetera. Backing up of data, having a pre written disaster recovery plan and ensuring that all systems are in place for operations will benefit the organisation in case of a cyber attack. Also it is impportant to encry any data stored in the com pany and those that leaves the corporate network.

Careem, a transportation network company in Dubai got stolen the personal data of more than 14 million customers by cyber criminals. Careem revealed this report on their website as a blog post.

A similar breach had already taken place in another popular transportation network com pany in 2016. The data breach was kept a secret by the company for more than a year after paying a ransom of $100,000 and made in seem like a “bug bounty” among the employees. ë

Providing organizations with the confidence to deploy multiple datacenter workloads on a single infrastructure platform, Pivot3 is the only HCI vendor to offer VM-level Quality of Service and patented erasure coding to guarantee application service levels and business objectives are met. To begin your journey to the virtualized datacenter, visit us at www.Pivot3.com TRANSFORMING BUSINESS WITH SMARTERSOLUTIONSINFRASTRUTURE 9x THE PERFORMANCE 25% LESS HARDWARE 3x VM DENSITY 62% LOWER LATENCY

ABUBAKAR BAHRAIN

AsKALEIDOSCOPEaninterestingcontinuationtoourarticleon

LATIF, CYBERSECURITY ADVISOR, TRA

There is however, the additional risk of Blockchain being used for money launder ing and ransomewares etc.

How do you see Blockchain as a right weapon to raise against cyber criminals? More than a weapon, Blockchain is indeed a very effective tool in building trust in digital communications and transactions. So while the internet allows for an open space for ubiquitous communication, Blockchain helps an organization ensure that it communications and interacts with trusted individuals and the transactions are immutable and secure, thereby reducing the security risks associated with identity and access management.

Blockchain eliminates human factor from authentication, does this raise an alarm or will this be the way driving future? Indeed, Blockchain plays a major role in identity and access management. The scale at which Blockchain networks are expected to operate, it is virtually impossible to have human factor influence the deci sion making and transactional records. Therefore I see this to be a rapidly adopted Wetrend.will increasingly see Artificial intel ligence play a major role to enhance the speeds at which these transactions are logged and monitored. Especially with IOT environments, Blockchain will further enhance the value realized out of the Machine to machine communications. Blockchain is designed in a way that the storage location or central authority doesn’t exist. What are the pros and cons of this? One of the most fundamental paradigm shift with Blockchain is the decentralized nature of managing and recording digital transactions. As the control of trust moves from the central location to the edge, the entire network participates in ensuring the accuracy of the data stored. This adds a great degree of security and resilience to the network. However, this also exposes the edge devices to increased levels of risk. If an edge device that makes the transac tion is compromised, the entire transaction data stored in that block of information becomes inaccurate. In addition, just like all other software applications, Blockchain is, at the end of the day, prone to vulner abilities and that further emphasizes the need for the secure Blockchain application. As a result, we will increasingly see security standards for Blockchain applications as we move forward. ë

BLOCKCHAIN IN A CISO

Blockchain for IT Security, we are putting a CISO’s perspective to the Blockchain and how it will well or ill affect the networks and systems of an organization. We sat down with Abubakar Arshad, Cyber Security Advisor of TRA Bahrain to get a sneak peek into his thoughts on this emerging technologies and the pros and cons that it will have in the modern organizations.

CISO SPEAK 32 MAY 2018

When deep-learning is applied to the use case of false positives and detection of malicious web links in cybersecurity, deep-learning produces a much higher detection range, less false positives, and smaller footprint on end-points compared to other solutions. A comparison between the efficiencies of deep-learning and machinelearning can be made by taking an X and Y plot

33MAY 2018

DEEP LEARNING

HARISH CHIB, VICE PRESIDENT, MIDDLE EAST & AFRICA, SOPHOS

Analytical tools usually in the realm of artifi cial intelligence and machine-learning take into consideration user profiles, user behavior, busi ness normalcy to establish thresholds for normal and abnormal behavior. This is in comparison to traditional tools that use predefined signature patterns and scenarios of past attacks to detect and block incoming malicious behavior. While using big data to derive results in the cybersecurity solution space, the primary requirements are data sources, storage environ ment, analytical engine and presentation. Big data analytics inspects, cleans, transforms and models large data sets for the purpose of discovering information, suggesting conclusions and sustain ing decision making process.

The recent replacement of the decision-making tree with deep-learning neural networks to build tomorrow’s cyber security solutions, promises to be a significant differentiator amongst security vendors.

ARTICLEGUEST

MACHINE LEARNING TOOLS Machine learning and artificial intelligence are the latest tools being applied to big data analytics. These include the decision-tree approach that has been in use since the nineties and deep neural networks or Deep-learningdeep-learning.networks allow findings and results to be generated from data without explicit programming. In contrast to the decision-tree approach, deep-learning automates the process. It automatically identifies optimal features using learning methods inspired by the brain. For this reason, deep-learning networks are overtak ing conventional machine-learning across the RAISES THE BAR FOR CYBERSECURITY SOLUTIONS

Growing competence in the area of big data and analytics promises to transform the cybersecurity solution space. While threat actors keep changing their modus operandi and tools for attack, many modes of operation continue to be carried forward. This consistency in behavior allows analytical solutions to detect malicious attempts to penetrate a network or an end-point.

of false positives and detection rates. A false positive is the percentage rate at which nonmalicious links are classified as malicious based on a particular sensitivity. Similarly, the detection rate is the percentage of malicious web links that are correctly classified as malicious based on a particular sensitivity.

By setting a false positive rate of one per million non-malicious web links, deep-learning can achieve a detection rate of 72% for new malicious web links that do not appear on previ ously announced threat lists. The conventional decision-tree approach can also achieve a similar detection rate accuracy, but only by increasing its false positive rate from one per million nonmalicious web links to one per thousand nonmalicious web links. This is a 1,000X increase in the span of false positives.

Cyber security vendors investing in deeplearning to enhance their solutions are likely to make significant gains for a number of reasons including the fact that development in AI is being built on deep-learning. However, as a word of caution to customers looking to invest in deeplearning based security solutions, we recommend that they analyze the real deep-learning approach on the basis of three parameters - Attributes, Scale and Deep-learningSize. approach automatically learns to process optimal attributes. Deep-learning systems elegantly scale to hundreds of mil lions of training examples, which means that it can “memorize” the entire observable threat landscape as part of its training process thereby improving subsequent detection results. And deep learning approaches result in highly compressed models whereas traditional machine learning approaches result in huge model sizes which can sometimes take many gigabytes on disk. ë cybersecurity solution landscape.

COMPARISON OF TOOLS

TOMINING FOR GOOD CAUSES

The reasons for this are not hard to work out. Fundamentally, the majority of cybercriminals are motivated by the prospect of making a quick buck with as little effort as possible. Ransomware, though lucrative does have a couple of drawbacks that have its exponents looking for an easier target: l Setting up a cryptocurrency wallet takes time and most companies don’t have one at the point they are attacked. This means the criminal has to wait for payment instead of seeing an instant profit.

Of course, mining cryptocurrency is perfectly legitimate when done openly, and it can even be harnessed for good. How about instead of seeing adverts when you visit your favourite website, your computer is used to mine cryptocurrency while you browse? No more irritating ads, but the site owner still makes money. The site could even decide to mine currency to donate to a charity for users who opt in. While this is perfectly legitimate and even praiseworthy, it presents a headache for infosec professionals trying to put protocols in place to protect systems. What do you allow and what do you block?

ARTICLEGUEST

RICK MCELROY, SECURITY STRATEGIST, CARBON BLACK

In the case of cryptocurrency, its current high profile is legitimising a means of exchange that, until recently, was mostly the preserve of the deep and dark web as the preferred payment method from victims of ransomware attacks. So, while Joe Public began a twenty-first century gold rush to try and make a killing in the fluctuating cryptocurrency markets, the cybercriminal community started putting its own ideas of how to get its hands on the digital gold into action.

We are looking for great cyber hygiene in the form of patching; reducing the attack surface with technology such as application whitelisting; tuned next-generation antivirus (NGAV); and good content filtering and control of admin accounts. Organisations can control browser set tings in their environment and use those settings to help thwart these types of attacks. You should also pay close attention to an increase in the number of tickets or user complaints related to system slowness that could indicate cryptomin ing in progress. ë the hassle and admin of running ransomware campaigns and settle back while unsuspecting victims print money for them.

BLURRED LINES – CRYP

DIGITAL GOLD RUSH

BLACK DYNAMICSMARKET

34 MAY 2018

The result? Cryptojacking looks set to overtake ransomware as the number one motive for cyberattacks in 2018.

Injecting malware into websites is still depress ingly easy to do, and the growing scale of the problem hit the headlines earlier this year when 4,000 sites were infected with a cryptojacking bug designed to mine the currency Monero. The Coinhive cryptominer was injected into the sites

via a compromised plugin that was designed to assist site accessibility; in this case it allowed cybercriminals to access a bunch of Monero. There were red faces at the UK Information Commissioner’s Office, among many other gov ernment agencies, as they shut their sites down to deal with the problem and tighten security.

THE

PREVENTING YOUR ENDPOINTS FROM JOIN ING THE WORKFORCECRYPTOMINE

As the general public tried to get its head around the concept of cryptocurrency and blockchain at the back-end of 2017, infosecurity professionals were facing one of the universal truths of our industry: whenever there is an innovation in technology or society, those who want to exploit it for illicit gain are never far behind.

l The fluctuating price of cryptocurrency makes it hard to rely on as a means of payment – attack ers constantly have to tweak their files so that the value of the payment remains within the range that victims are likely to pay: a bit too much like hard work. On top of this, diversification is critical for any business. Like any other venture, cyber criminals want to spread out their sources of income. By seeding cryptojacking malware. They can avoid

l Using exchanges costs money. Fees vary but if you want to be profitable do you really want to pay exchange fees at all?

HIGH PROFILE VICTIMS BRING THE ISSUE TO THE FORE

UNDERSTANDING

35MAY 2018

Data is a key driver to GDPR and its what deter mines compliance. Businesses in the financial sector generate huge amounts of data, and despite the phenomenal advancement in the security technology landscape, most organizations even today have about 80% of unstructured data that is unidentified UNDERSTAND YOUR DATA

Adopting GDPR needs to be perceived by organi zations as an opportunity to address this core issue of management of Unstructured data.

GDPR AS A BUSINESS ENABLER Adopting a framework like GDPR will enable organizations to clearly understand the data they hold and thus address questions like: Is this data ‘really’required, who needs this data (business team or process), what is the business use of this data, where all is it stored, and what are the security measures currently implemented for this data?With this mindset,organizations will start collecting only that data which is specifically required for Business. They will identify the required data from the existing storehouse and identify better control mechanisms to protect data and thus stronger measure to prevent data breaches. ë the attitude and practice of “lets save it all, it might be useful sometime later”.

GDPR has created challenges that requires every organization to take appropriate action. Chal lenges for financial services are more complex, and businesses that do not comply stand to face stiffBut,penalties.letusput aside the fines, and look at what compliance to a regulation like GDPR can do forfinancial organizations.

ARTICLEGUEST

ANOOP RAVINDRA, IT GRC PRACTICE HEADPROVISE GRC LAB, MIDDLE EAST two aspects: It forces organizations to look and relook at the Data they collect, process, store, and it gives rights to the end consumers over their own data that they share with organizations. Data privacy is not a new subject and has been around for a long time now. In fact,there have been several International standards like ISO 27001 and ISO 27018, that either directly address the requirement to have a robust framework around protecting Personal data (PII) or indirectly addresses the need to have strong data protection policies within the organizations.

Most organizations are unaware of the extent and depth of data they already have and how much of that data is sensitive information. Trying to find specific data in a huge data warehouse is like finding a needle in a hay stack. As a result, security controls around a huge volume of data is also weak, thus making it a gold mine for hackers. Rightfully, statistics on breaches in the last few years also support this. The percentage of such unstructured data is increasing and there is no effort spent in understanding, ‘Is this data required at the first place’. This also stems from AND SIMPLIFYING GDPR COMPLIANCE IN THE FINANCIAL SECTOR

GDPR has dominated industry discussions for more than a year. It will continue to be afiercely discussed topic across industry verticals, considering the enforcement date of May 25th is fast approaching. While compliance is the main concern, what happens in the case of non- compliance is akey driver for organizations in the Middle East.

WHAT DOES A REGULA TION LIKE GDPR DO? Fundamentally a regulation like GDPR warrants

DATA COMPLIANCEDRIVES

36 MAY 2018

A significant impact on transformation occurred with the development of cloud stor age. With the increase in the cloud storage as opposed to hardware storage devices, by busi ness enterprises and government, security like virtual firewall and virtual security systems is popular. Certified secure services based in cloud like FedRAMP provides a standardised approach to security assessment, authorisation and monitoring. The Federal Risk and Autho rization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Deep learning methodology which focuses on anomalous behaviour can prevent hacks without any human intervention if fed with the right data like potential system security threats. This system scrutinises entities instead of users for access of informations. Data loss can further be prevented from encryption of data that encodes the data into secret codes which cannot be decoded without a passcode. These cipher texts can be moved across enterprise in a secured manner without any form of data loss.

As far as 45% of people think that they are not under a viable cyber security threat. But majority of cyber attacks being automated does not concentrate on a single person or firm. Even adding security solutions from different vendors lead to technology gaps that can be rectified with minor steps.

SYSTEM: VISIBILITY AND EXFILTRATION95percentofbreachedrecordscamefromthreeindustriesin2016:Government,retail,andtechnology.Theaveragecostofadatabreachin2020willexceed$150millionby2020,asmorebusinessinfrastructuregetsconnected.Over75%ofhealthcareindustryhasbeeninfected. $150mn 95% 75% THERE IS A HACKER ATTACK EVERY 39 SECONDS

The GCC Cyber security market which assesses to generate a revenue of $7.1 billion in 2018 is increasingly testifying that fact that the cyber vector is vulnerable like never before. Digital infrastructure in the GCC region is expanding at a massive rate and this definitely comes with a cost. It increases cyber security threats, with much of the spending credited to government projects that are intended to tackle cyber security vulnerabilities. For instance, last year the UAE unveiled an “advanced cyber security network” for 35 federal bodies, and Saudi Arabia created a commission to battle cyber crime in the country. The Gulf Information Secu rity Expo and Conference (GISEC) showcases this prime position given by the GCC countries to cyber security. GISEC brings together over 7,350 top IT security and tech sector professionals to discover cutting edge solutions, share insights with industry experts and equip themselves with the right tools to protect their businesses from rapidly evolving cyber attackers. This event is sup ported by the Dubai Electronic Security Centre, Dubai Police, Smart Dubai, the UK National Crime Agency and Cyber Security Agency of Singapore.Sincethe passwords and usernames used by the users are not private enough, hacking has become easier and has pressurized the security officers to bring up more authenticate a better secure method for the logging process. Even when a password and username has been compromised, malicious activities can be identi fied if there is a user behavior analytics (UBA) which uses big data to analyse the anomalous behavior of a user and also “peer analysis”. It analyses when a user compromises credentials which isn’t a normal user activity.

CRACKS IN SECURITY

FINALLY Companies, big or small, have to realize that cyber security is a responsibility that they have to handle themselves and no solution or service can come to aid unless the companies create a strong cyber security culture within the organization. ë

SPECIALSTORY

It is therefore critical for every organization to define a cyber incident management process and the role of Digital forensics in incident response.

A Cyber incident shall be considered closed only after completing a detailed analysis of the incident. Key activities involved in a post incident analysis include:

Incident response exercises

a. Identifying what had happened - Protection of the original evidence is critical and hence the organization shall create snapshots of devices to preserve original evidence. Create a chain of custody of the evidences for legal acceptance. Once the original evidence is preserved, perform Digital Forensics to determine the details such as who, what, when, how along with other elements caused the incident.

l

c. Perform breach notifications - Notify the respective authorities including law enforcement, as required.

2. Active Incident Response

c. Continuous monitoring Periodic security testing ë

BINOY KOONAMMAVU, CEO & PRINCIPAL CONSULTANT, VALUEMENTOR

Globally,HAPPENED?mostoftheorganizations have faced cyber incidents one way or other. At present, it is no longer a question of “if” but “when” about becoming a threat target. It could be an external attack resulting in a data breach or internal attack by a rogue insider. It is vital for the organizations to investigate the incident and take appropriate actions to contain and/or prevent such incidents. Digital Forensics can help the organization / individual obtain, preserve and examine digital evidence. A digital forensics activity helps you determine the events that led to the incident providing detailed information about when was the incident occurred, who was involved and what data was affected.Additionally, if the post incident actions include legal actions, it is important to collect, preserve and prese the digital evidences in a legally acceptable manner.

Active Incident Response

Post Incident Management

l

l

ARTICLEGUEST 37MAY 2018 DO YOU KNOW WHAT HAD

l

Key objective of this phase is to enable the organization to prepare for potential incidents. Key activities in this phase include: Developing the governance structure for incident response Planning for a cyber incident Security assessments & testing (VAPT) Developing and deploying incident detection capabilities Activating audit logs and other security configurations

3. Post Incident Management Cyber Incident Preparation

1. Cyber Incident Preparation

a. Root cause analysis / Digital Forensics - Identifying the root cause of the incident

b. Review of associated systems, which are not affected by the incident

l

When you are hit with the cyber security incident, the organiza tion shall utilize the incident response plans developed so that an effective response can be achieved. Key activities in this phase shall include:

l

d.

a. Time and resources needed for conducting a Digital Forensics engagement

b. Contain the cyber incident - Take steps to contain / stop the damage, remove malware, remove access and patch the system. If needed, perform complete erasure of the disks or replace the disks. Recover systems and return them to their pre-incident state, with added fixes and security.

Historically, organizations stayed away from post-incident Digital Forensics for 2 primary reasons.

b. Cost of such an engagement By defining a cyber incident response management program, both these concerns can be addressed and eventually improve the overall cyber security posture of the organization We recommend having a 3-phased approach so that cyber incidents can be responded and managed quickly and efficiently.

the

SECURITY MARKET 2018

East have

573estimatedmilliondollars. For the

globalcomparedattacks,toaaverageofonly9%. 18 % UAE’s countryRegulationsTelecommunicationsAuthority(TRA),thefoiled86cyberattacksinthefirsttwomonthsof2018 86 cyber attacks 85 % At present, area of 85%comparedonlycurrentlysecurity-cyber15%ofinvestmentinsecurityisspentondetectiontospentonprevention 573 mn Each

(2017) 52 % Businesses

to be 500 mil lion dollars South Africa loses 0.14% of its GDP because

cost was

hours

UAE

days)

Dh669

More than half (52%) of the respondents experienced cybercrime, with each victim losing an average of and 47.9 (about six working dealing with the after math of a cybercrime. in the Middle East suffered losses than other regions in the world last year due to cyber incidents, with 85% respondents in the region comparing to a global average of 79%. respondents in Middle experienced more than 5,000 year, cybercrime cost the South African economy an Nigerian economy cybercrime estimated of cybercrime.

85 % Around 18% of

500 mn 0.14 % In Africa, the twelve countries with the infrastructureinfectedmostITare: Libya 98% Nigeria 82% Tunisia 74% Algeria 84% Kenya 78% Mauritius 57% Zimbabwe 92% CoastIvory 81% Morocco 66% Cameroon 83% Senegal 78%

larger

A single data breach will cost the average company $3.8 million and this will exceed $150 million by 2020. There will be some 3.5 million unfilled cyber-security roles by 2021, according to a CyberSecurity Ventures report: expected to be filled. So that many cyber security jobs.

93 % $1,077

place. 200 bn5086 affectedmostplaces 11.38 mn 3.5 mn

for

The Middle East cyber security market size is expected to grow from USD 11.38 Billion in 2017 to USD 22.14 Billion by 2022. 93 percent of data are expected to be financial

The previous266%anattackademandedamountaveragebyransomwareis$1,077,increaseofontheyear.

$1501tn

gain

By 2020 there will be roughly 200 billion connected devices. UAE has foiled 86alreadycyber-attacksin2018. 2nd place UAE and South Arica is in the 11th

breaches

Approximately $1 trillion is expected to be spent globally on cybersecurity from 2017 to 2021.

40 MAY 2018

Read on n BY:

T

While digitization has helped businesses grow exponentially, it has also given rise to crime. Cybercrime-as-a-service — along with Ransomware-as-a-Service and Phishing-as-a-Service has opened doors to anyone looking to score a quick, illicit buck on the internet. That’s a big deal! Why? DIVSHA BHAT

he increase in connected devices and the rapid explosion of cloud-based services have given rise to cybercrime which has become the greatest threat to every organi zation in the world. Cybersecurity Ventures predicts that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. The Yahoo hack affected 3 billion user accounts and Equifax breach affected around 148 million customers. These major attacks are more complex than WannaCry and NotPetya

<DIVSHA@GECMEDIAGROUP.COM> n PHOTO: SHUTTERSTOCK

CRIME ON SALE

Gone are the days when we read about new service offerings such as Infrastructure-as-aservice (IaaS), platform-as-a-service (PaaS) and so on. The IT teams should now guard against one of the fastest growing services – Cybercrimeas-a-Service (CaaS). Hackers no longer rely on their own resources to carry out attacks as CaaS tools are available to help them launch attacks. As pointed out by an IT expert, these tools are available for as low as USD 175. Cybercrime-asa-service — along with ransomware-as-a-service, phishing-as-a-service has opened a wide digital door to anyone looking to score a quick, illicit buck on the internet. With CaaS becoming more mainstream, it should definitely be on an organizations radar. Harish Chib, Vice President – MEA at Sophos says that criminals don’t need to be IT experts in order to be successful. Toolkits with support devices can be bought on the Dark Web and along with “hackers for hire” to launch an Inattack.March 2018, a member of Lizard Squad was sentenced to 3 months in prison for the part he played in “hacker-for-hire” service that launched distributed denial of service (DDoS) attacks. As per the reports, cybercrime for hire business appears to be strong that hacker’s gangs are compelled to keep up with the demand. The presence of the words “as-a-service” market have also attracted growing interest from criminals. As per the investigation, just 100 to 200 people may be powering the CaaS ecosystem by developing the attack code and services.

DIMITRIS RAEKOS, GM, ESET MIDDLE EAST

SERVICECYBERCRIME-AS-A-

An organization does not need to have a billion-dollar revenue to be the target. Criminals are increasingly aiming small businesses as they cannot afford to spend more on cybersecurity.

ever-increasing2017.previouslytooktackscyberatthatplaceinWithannumber breaches, has cybercrime become a growth industry?

“Toolkits with support services can be bought on the Dark Web, and even “hackers for hire” will launch an attack on your behalf,”

ROLAND DACCACHE, SENIOR REGIONAL SALES ENGINEER MENA, FIDELIS CYBERSECURITY

41MAY 2018

In the words of Roland Daccache, Senior Regional Sales Engineer MENA, Fidelis Cybersecurity – “If it weren’t for the Facebook scandal that exposed data for millions of users, the majority of people would still be oblivious to the seriousness of the threat of cyber-attacks. Today almost everyone’s identity is for sale, from Facebook and Google accounts, to credit cards and PayPal information.”

COULD YOU BE A TARGET FOR CYBERCRIME?

HARISH CHIB, VP MEA, SOPHOS

“I advise CISOs and their teams to have a simplified and easy-tograsp approach to a “defense in depth” strategy that everyone can understand,”

“The biggest problem of the small companies is not the cost, it is the failure to reach out products that suit their needs,”

“Small businesses do tend to have weaker defenses than large enterprises. But enter prises—with increased staff and more complex networks—have more vulnerability points. So, both require protection. But there is a second reason why small business are being attacked more: criminals are using automation to deploy more attacks. Criminals can now easily cast a wide net, so they can now afford to attack more targets, instead of focusing their firepower on enterprises,” explained Amit Roy, Executive Vice President and Regional Head for EMEA at Paladion.ButDimitris Raekos, GM, ESET Middle East thinks that the biggest problem of the small com panies is the failure to reach out products that suit their needs with the right price in order to get a ROI. SMBs need to have in mind that it might be much harder for them to recover than an enter prise in case of a security incident. Consequently, they need to be constantly educated. Small businesses should incorporate certain best practices into their structure such as keeping software up to date, educating employees, implementing formal security policies and having an incident response plan in place said Mazen Dohaji, Regional Director for Middle East, Turkey & Africa, LogRhythm.

“Since large corporations are increasing their enterprise security measures, hackers are now turning to vulnerable small businesses,” MAZEN DOHAJI, REGIONAL DIRECTOR FOR MIDDLE EAST, TURKEY & AFRICA, LOGRHYTHM

AMIT ROY, EXECUTIVE VP & REGIONAL HEAD – EMEA, PALADION

Digital resilience is possible—it involves using automation for three specific goals: to be harder to hit, to detect breaches when they occur, and to bounce back quickly due to deep knowledge of how your organization really works. Mike Lloyd, chief technology officer, RedSeal.

DAVE KARP, CHIEF PRODUCT OFFICER, DIGITAL GUARDIAN

“Continuous analysis is never a bad thing. I believe that it’s not enough to simply review the existing network infrastructure. Organiza tions have to endeavour to continuously assess, monitor, and remediate any & all vulnerabilities that are discovered as a result of these activities while – at the same time, working diligently to monitor network traffic, and host traffic in order to understand what is “normal” for the network, the systems housed within it, its authorized users,” said Dave Karp, Chief Product Officer, Digital Guardian.MikeLloyd, CTO, RedSeal shares a defence strategy for the organizations – “We can use machine reasoning to understand our defensive gaps, eliminating the routine human errors that build up in our defences and make us vulnerable.

“Small businesses do tend to have weaker defenses than large enterprises. But enterprises—with increased staff and more complex networks— have more vulnerability points,”

THE NEXT PHASE

The role of a CISO has been evolving year after year. A report titled “The Evolving Role of CISOs and Their Importance to the Business” by Ponemon Institute revealed that the role of the security leader is becoming more critical when it comes to managing the risk. With the necessary technical expertise, he/she should also understand their organization’s operations and articulate security priorities from a business perspective. They should also have an excellent team as security cannot be accomplished alone.

It looks like this is just the very beginning of the cybercrime era. However, there are many steps oraganizations can take to protect themselves. Businesses must adopt a layered approach to security. What’s more, employees must understand the gravity of the threat posed by outdated software with regular education training sessions. ë

WHAT’S A CISOS TO DO?

“Digital resilience is possible— it involves using automation for three specific goals: to be harder to hit, to detect breaches when they occur, and to bounce back quickly,”

“It’s no secret that budget is a significant factor in level ling the playing field between defenders and attackers. However, it is not the only factor that matters,”

42 MAY 2018

MIKE LLOYD, CTO, REDSEAL

Intergrated cloud suite for email SECURITY ARCHIVING CONTINUITY www.mimecast.com

A ENTERPRISESFORBLUEPRINTSECURITYTHEDIGITALBECAUSESECURITYISNEVERANAFTERMATH! OFFICIAL MEDIA PARTNER BROUGHT BY FOR MORE VISIT: gecmediagroup.com CONTACT: ronak@gecmediagroup.com,anushree@gecmediagroup.com,divsha@gecmediagroup.com FOLLOW US: Enterprise Channels MEA - Magazine EC_MEAEnterprise Channels MEA www.ec-mea.com 3SEPrd 2018 AND CISO AWARDS 2018 GEC SYMPOSIUMSECURTY

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.