Security Focus Issue 04 by Reseller Middle East

ISSUE 04 | october 2013

security focus A Reseller middle East supplement

security supplement

Inside GBM study Sophos Watchguard

SECURITY How can you profit from it?

T C E EXP

T S E B THE

VISIT If you are visiting GITEX and looking for a multi-purpose security your only option! Every single one of our security services is powered by a mature, best-in-class partner who has focused on that particular technology for years. Besides, WatchGuardÂŽ XTM solutions defend the network at every layer, with innovative security features. Visit WatchGuard at Gitex and you can win a Firewall for free! (WatchGuard XTM 515 including one year Security Bundle with a value of +/- AED 9000). For appointments or demo bookings email mea@watchguard.com.

Now available for WatchGuardâ&#x20AC;&#x2122;s award-winning XTM family of network security solutions: WatchGuard Data Loss Prevention!!

be easily added to any XTM solution for a powerful layer of protection from data loss.

WatchGuard Data Loss Prevention. Visit WatchGuard at GITEX for a free demo and more information.

Contents

06 04

Finding the right fit A string of high-profile breaches in the region have kept security in the limelight. GBM, which is at the forefront of addressing challenges resulting from the ever-changing threat landscape, recently unveiled its Security Framework to help users mitigate risks. Hani Nofal, INS Director at GBM, talks about the companyâ&#x20AC;&#x2122;s capabilities.

10 08 09

Security incidents on the rise in GCC: GBM study GBM research finds that 45 percent of respondents experienced a security incident in the past 12 months, highlighting a lack of regular IT security assessment within companies while employees are given more access to social media.

At the forefront Ralf Haubrich, VP, CEEMEA, Sophos, talks about the companyâ&#x20AC;&#x2122;s partner strategy and its value proposition to users. Keeping hackers at bay

Companies around the world turn to General Dynamics Cybersecurity Solutions for a comprehensive solution to the battles they wage protecting their networks from advanced persistent threats. Guarding the gates

John Spoor, Regional Manager, MEA, WatchGuard, discusses the ever-changing threat landscape and his companyâ&#x20AC;&#x2122;s go-to-market strategy in the region. Issue 04

Industry Focus

GBM

Hani Nofal, INS Director at GBM

Industry Focus

Issue 04

Finding the right fit A string of high-profile breaches in the region have kept security in the limelight. GBM, which is at the forefront of addressing challenges resulting from the everchanging threat landscape, recently unveiled its Security Framework to help users mitigate risks. Hani Nofal, INS Director at GBM, talks about the company’s capabilities.

o you see enterprises in the region realising that security is not an afterthought and budgeting for it? First of all, what companies have started to realise is that security is not just a bunch of products; it is a process that involves technology, people, training and auditing. Security has become a boardroom discussion and the regulatory environment is also driving it. If you look at Dubai, for example, the government has come up with some mandatory security policies for government entities and ADSEC is driving it in Abu Dhabi. It is the same across all the Gulf counties. Around five years ago, the only segment that had this kind of maturity from a law standpoint was banking and now you see it across all verticals.

What percentage of the total IT budget is being spent on security in the region? According to our survey, 42 percent of organisations spend up to 10 percent of the IT budget on security, which reflects the global trend generally. However, in certain industries, the penetration is really high and the figure is as high as 25 percent. Without doubt, our expectation is that this will be the norm in most enterprises as they embrace social media to foster collaboration and security will touch each and every aspect of the IT architecture. If you look at GBM, we are a company with 1,100 employees, seven to eight locations and we connect with our partners using B2B platforms. All these dynamics are driving our internal spend on security, which is going up significantly. This is a trend that you will see across the region over the next couple of years. Do companies need to rethink their approach to security?

Security is a journey and it is not a topic that started recently. You need to establish processes and policies that will help you safeguard your information assets. The enterprise world is getting more virtualised and applications are moving to the cloud. So your security needs will continue to evolve and change. In the survey, we asked enterprises if they are interested in outsourcing any apps or services over the next 12 to 18 months, and the majority of them said yes. However, around 60 percent said security is still a major concern when it comes to outsourcing.

criminals behind these cyber-crimes and it is a billion-dollar industry. What is GBM’s expertise in this domain? We have always done security. However, in the last 18 months or so, we have decided to rethink our approach to security, which was really in silos. We never had a consolidated approach to security. It is a complex domain and we see that customers are lost in the middle. It is very rare to find a player who can put all the pieces together. If you look at specific technology areas such as routing, switching or telephony, we all know

We have been around for a while now and we have always done security. However, in the last 18 months or so, we have decided to rethink our approach to security, which was really in silos.” The region had a false sense of security. Do you think this has changed now in the wake of the breaches we have seen in some key verticals? We are all aware that we have become a target. Cyber-crime is similar to conventional crime, and is motivated by clear agendas. We have seen cyberattacks motived by political agenda and we are part of the global fabric. No one is insulated. In fact, 67 percent of the respondents to our survey agreed that the Middle East has become a prime target.

Are the attacks becoming sophisticated and targeted? Yes, absolutely, and we have seen examples of that in the last couple of years. It is no longer a teenager sitting in his dad’s garage doing this for fun; you have organised

who the industry leaders are. Security is very different. So we decided, as a solution provider, that we want to play a part and bring all these different pieces together and define a single roadmap for the customers. We have created the GBM Security Framework, which may not solve all the issues but it does solve all the key ones. It is built on the skills, partners and capabilities that we already have. In other words, this framework ties up all the capabilities we have and leverages the strength of our partners. We have just celebrated the closing of 50 security consultancy projects this year. This is substantial because these are pure consultancy projects and you know, in this part of the world, customers normally expect the services to be free. And many of these customers are big names. Issue 04

Industry Focus

GBM

ore than 65 percent of IT experts in the GCC believe the region is a prime target for cyber-criminals, according to research conducted by Gulf Business Machines (GBM). The results reveal that 35 percent of incidents are staff related, which can be avoided by increasing employee awareness. Cybersecurity risks are also potentially increasing with social media becoming more available within companies, announced GBM, the region’s leading IT solutions provider. The security landscape in the GCC has continually evolved in recent years, largely due to the increase of cybercrime. The results of the research also highlight that 25 percent of respondents said their organisations have not been conducting regular proactive screenings to ensure that their IT infrastructure and critical data are protected. Respondents 6

Industry Focus

Issue 04

are expressing a false sense of security as the survey shows that 60 percent of respondents believe that the number of successful attacks will decrease in the next 12 months. “Companies are more aware of IT security issues than ever before. Although organisations are showing more interest in pre-emptive measures against possible cyber-threats, they are not always taking the appropriate measures,” said Hani Nofal, director of Intelligent Network Solutions (INS) at GBM. “Nearly half of the organisations polled spend up to 10 percent of their IT budget on security. However, we expect this number to increase in the future.” Similar GBM research conducted last year showed that just over a third of those polled claimed that their organisations’ IT policies completely prohibited access to social networking websites. Today, this number has been cut in half, indicating

that more businesses are adopting and embracing social media. “Companies in the region have been exploring social media as a new way of communicating with the public. Enterprises are, therefore, opening their internal networks and allowing access to social media. This is increasing the potential of cyber-risks for organisations, and making them more vulnerable to cyber-security attacks,” said Nofal. Since GBM’s foundation in 1990, the company has been at the forefront of addressing challenges resulting from an ever-changing cyber-crime eco-system in the region. The research coincides with the launch of GBM’s Security Framework, which assists users with mitigating risks. At the core of its IT security offering, the Security Framework enables customers to meet and exceed IT industry best practices in order to secure their infrastructure.

IT Security landscape in the GCC

The result are based on a survey conducted by Gulf business machines (GBM) and targeted a sample of it professionals in the region

To prevent staff misuse of the Web and social networking sites

Cyber crime in the Middle East 67 % 33 %

of respondents think the ME region was a prime target for cyber crime

5 %

55 %

minor security incident

accidental security incident

serious security inciden

no security incidents

The major sources of information security incidents are

42%

22%

Block social networking websites

Block inappropriate websites

In the lat 12 months respondents are aware that their organisation had 7%

18%

Restrict Internet access

the ME region was no different than the rest of the world

33 %

18%

Monitor staff activity on the networkÂ

42% of the organisations are spending up to 10% of their budget on information security Respondents represent different organisation sizes

below 50 employees

50-250 employees

13% 250-1000 employees

26% above 1000 employees

25%

36%

29%

UAE

of the organisations carry a fomal regular information security assessment

And they live in the following countries Bahrain

76%

System failure or data corruption

Kuwait

Unauthorised outsider (external)

Qatar

Staff related incidents (internal)

KSA

36%

Oman

35%

10%

65%

SOURCE: GBM

Interview

At the forefront

Ralf Haubrich, VP, CEEMEA, Sophos, talks about the company’s partner strategy and its value proposition to users.

step of the way. When you partner with us, we help you identify opportunities to retain and grow your customer base and increase profits. You’ll be rewarded with deal registration protection, attractive margins, and joint lead-generation programmes. We also support you with up-to-date training and certification, so your sales and technical teams are fully qualified in our latest solutions. Our approach is unique—we are 100 percent channel-focused. We continuously invest in our partner relationships. It’s our mission to help your organisation flourish.

How do you plan to offer training to your partners and customers in the region? Although I cannot tell you all our secrets, I can share with you that we have a unique training plan and a path that offers more than any other vendor in regards to technical skills. We look at each partner’s strengths and build upon these. For this, we have a dedicated team of sales engineers that build the regional skills together with our channel managers and execs. Think of this as building your own company and investing time and effort to scale up and get to work.

Ralf Haubrich, VP ,CEEMEA, Sophos

an you outline some of the major trends forcing enterprises to change their approach to IT security? We are seeing a few trends, which are evolving malware that is getting more intelligent, and as a result causes more widespread and faster damage globally. We also see that security teams are struggling to keep up with ever-morecomplex consoles and point solutions that are way too complex to configure, manage and administrate, causing higher operational costs. If a product 8

Industry Focus

Issue 04

is too complex and (supposedly) offers everything, it still has minimal value to front-line security teams fighting criminal hackers and espionage hackers.

What is your ‘channel first’ strategy? We’ve made it simple to partner with us—with a flexible and generous partner programme, delivered by dedicated channel relationship managers. And, of course, we do this in cooperation with motivated distribution partners. Even though we work with more than 12,000 partners, you’ll feel supported every

Can you tell us more about your mobile apps for anti-malware and encryption? Our Mobile Security app enables the user or console to activate and define security functions on the device. Some services we offer are anti-virus, Web protection, and easy-to-use wizards that help set security options and encryption on the mobile device. This can be managed centrally, via our mobile control solution that can automatically configure these devices and inform the admin when devices are stolen, or are not compliant. Lastly we have mobile encryption. This is a cornerstone to our ‘encryption everywhere’ vision in that encryption is done across devices and integrates to how users actually work in reality. This version now has a keychain and can view encrypted data. More functions are planned for the near future.

What is Sophos’ unique value proposition compared to the other vendors? Security made simple—for small and medium-sized businesses and the channel. And doing this as the world’s best security solution provider. Simple!

Analysis

Keeping hackers at bay Companies around the world turn to General Dynamics Fidelis Cybersecurity Solutions for a comprehensive solution to the battles they wage protecting their networks from advanced persistent threats.

nterprises are being forced to evolve their strategies for IT security due to an everincreasing need to secure their data and the emergence of cloud computing as a viable solution. A large number of customers now see BYOD and a remote workplace as a necessity and this increases the need for control of end-user ability to access corporate resources securely rather than securing the assets itself. All these reduce the effectiveness of traditional network security as it does not follow the trust-untrust model enterprises are used to. “With the rise of APT attacks, there is a strong need to be able to understand network traffic down to the session and packet level—the ability to extract content and analyse it for attacks is paramount. All enterprises have an overarching need to secure their networks from APTs and data loss,” says Gene Savchuk, CTO of General Dynamics Fidelis Cybersecurity Solutions. General Dynamics Fidelis recommends defence in depth to secure enterprises in the context of the dissolving network perimeters. “Customers understand that no network is 100-percent secure. Securing-critical assets have to be given the highest priority, but with the rising number of breaches which were caused by initial exploitation of endpoints, they should not be ignored. Inspection of all network traffic—not just the perimeter for indicators of a breach—will allow network security teams to detect zeroday attacks faster, especially in the case of targeted attacks,” says Savchuk. According to him, a strong and uniform security policy and education of users on safe computing is important, strong user authentication and access control with a focus on users not re-using passwords will go a long way in limiting

the impact of incidents when they occur. Advanced persistent threats (APT) have emerged as more of a mainstream security problem, getting more evasive and persistent. “APTs have been talked about frequently in the past year due to the number of breaches that have been disclosed. This has created the opinion that there are solutions in the market that can reliably solve this problem. On the contrary, consistent monitoring of network traffic for suspect traffic and investigation of the source of this traffic is the only reliable way to stop breaches,” says Savchuk. General Dynamics Fidelis is bullish about the business opportunities in the Middle East. “A number of enterprises in the ME region have been breached recently. Like elsewhere, they are very concerned about protecting their critical data from being stolen by threat actors responsible for these attacks. General Dynamics Fidelis offers best-in-class APT mitigation capabilities and services. Our Fidelis XPS network security solution received a 98.4 percent overall breach detection rating from NSS Labs for its breach detection capabilities in one easy-to-deploy solution,” explains Savchuk.

Fidelis also offers services available from its network defence and forensics teams, which enable enterprises to defend themselves against advanced adversaries and sophisticated attacks at any stage of the threat life cycle. What is Fidelis’ unique value proposition compared to the other vendors? The vendor offers independently validated, best-performing products for APT mitigation, scoring 98.4 percent in independent testing performed by NSS and is recognised as a visionary in the Network DLP market space by Gartner. “Our ability to scale to multi-gigabit speeds, single-sensor multi-protocol inspection and detection rates are unmatched by any other vendor. Our network defense and forensics team has decades of experience, having successfully handled more than 3,500 cases, including several of the world’s largest commercial intrusions to date. Fidelis also has unique experience working with large enterprises creating highly sophisticated high-capacity multitier systems and also providing a 'set it and forget it' experience for businesses who seek simplicity and peace of mind without employing teams of network analysts, “ says Savchuk. Issue 04

Industry Focus

Interview

Guarding the gates John Spoor, Regional Manager, MEA, WatchGuard, discusses the ever-changing threat landscape and his company’s go-to-market strategy in the region. This trend has been labeled Shadow IT. Enterprises must find new ways to manage this new porous environment, and should concentrate as much on protecting data, as protecting networks and endpoints.

John Spoor, Regional Manager, MEA, WatchGuard

an you outline some of the major trends forcing enterprises to change their approach to IT security? There are a number of trends that are changing the ways IT approaches information security. There's been an increase in sophisticated, targeted attacks. While opportunistic criminal attacks will continue and grow, today enterprises are also dealing with much more targeted, advanced attackers. At a high level, these attacks and malware use many of the same techniques we’ve seen from criminals, except they leverage the latest exploits, technologies, and evasion tactics. In short, there are more sophisticated and polished than amateur attacks, and usually much more targeted. The adoption of personal mobile devices in the workplace has also changed things. Everyone’s heard of BYOD. Today, most employees expect to be allowed to use their own personal mobile device at work. Cloud services help support this new paradigm, making it very easy for employees to access many types of business services from their mobile devices, without the need of IT assistance. 10

Industry Focus

Issue 04

What kind of security framework and architecture would you recommend as the traditional security perimeter is dissolving ? The perimeter will never completely dissolve, rather it will concentrate down to our enterprise data centres. In the past, our perimeters included our local employees, not just our servers and data centres. Nowadays, these employees are connecting to headquarters through many different means, and have moved outside the perimeter. However, that doesn’t mean the perimeter disappears. Instead the perimeter should focus on what has always been the most important asset of enterprises—our data. Chances are that your most important data will always reside on servers you control. This is where you will still have a perimeter. Sure, data has also become more 'mobile' in this new ecosphere, but you still control what data you want to allow outside the organisation and what you do not.

What kind of opportunities do you see in the Middle East and what is your goto-market strategy here? The Middle East is a big IT growth spot, which was one of the key factors for WatchGuard when deciding to open an office in the region in early 2013. There is a lot of opportunity for IT security solutions within the Middle East. As a global business hub, cyberthreats in the Middle East are predicted to increase due to growing business prominence and companies moving to the region. The risk of threat in the Middle East is equivalent to any prominent business destination worldwide—the more happening, the more interest

hackers have in targeting businesses. Due to the porous nature of business, no region can claim to be safer than another, and many recent breaches have targeted multiple regions. However, in saying that, geopolitical reasons mean that there cyber-security incidents in the Middle East do seem to be more prominent. Whether it’s nation-state sponsored attacks to infrastructure in the region, or heavy hacktivist activity, there is a lot of opportunity for security solutions to help prevent attacks. For these reasons, all enterprises should be proactively protecting themselves against the threat of security breaches.

How do you plan guide partners to transition to a service delivery model? At WatchGuard, we believe that our relationship with channel partners differs from many other companies. We are 100-percent channel, 100 percent of the time. We work with our partners and trust them to sell and support WatchGuard, while managing sales and implementing software and products. WatchGuard has never dealt with the service side of client relations, and allows partners to develop this area of business. Secondly, we look for partners that are skilled and have experience in delivering services to clients. We also support partners that are trained in specific areas such as UTM software and products, rather than the whole range of solutions that we offer. Finally, we give our channel partners as much support as we possibly can. We give them the tools to represent WatchGuard products with detailed knowledge of products, implementation and benefits. Working together allows us to share possible opportunities with partners. We invest for the long run, and we believe that strengthening bonds and working on relationships benefits everyone, including end users.