Arabian Reseller - March 2023

Page 1

THE STATE OF MARCH 2023 Issue 22 www.arabianreseller.com ZERO TRUST

10. The Concepts of Zero-Trust Are Still Being Evaluated

10. Zero Trust Adoption is a Continuous Process

11. Zero Trust is an Increasingly Common Term Today

12. Zero Trust is Not a One-Time Project

13. Zero Trust is Not a Point Solution

14. Zero Trust is Already Mainstream

15. The So-Called Castle and Moat Security Model is Dead

16. ZTNA is Evolving to Deal With the Threat Landscape

17. Zero-Trust is Easier Said Than Done

18. To Get Started With Zero Trust, Do Not Start With a Vendor

19. Companies Must Place Greater Emphasis on Authenticating Digital Identities

20. The Energy Sector in Particular is Embracing Zero-Trust Technology

21. Zero Trust is Gaining Popularity

22. Zero Trust Will Reduce an Organization’s Attack Surface

REGULARS

06. News

31. Building a Security Culture in a Work-From-Anywhere World

32. Where Does ChatGPT Fit in Your Organisation?

4
ZERO TRUST
>>> CONTENTS 25 24
29
12 10 >>>
27 26
28

The Zero-Trust Framework is a Holistic Approach

Careful planning is necessary for securing, managing, and monitoring an enterprise IT infrastructure.

Rather than developing a framework from the ground up, security leaders can leverage publicly available methodologies to enhance their own information security programs.

The zero-trust security model is a wellknown framework that differs from other security approaches in terms of methodology and benefits. This model assumes that all users, devices, and resources are untrustworthy, regardless of their origin or connection to the corporate network.

This is a contrast to traditional security frameworks that establish security boundaries, where those outside are trusted less than those inside. In the zero-trust model, there are no boundaries, and nothing is inherently trusted.

Although this approach is more restrictive, its main advantage is that it provides a more secure environment, protecting against unauthorized access to sensitive data and digital assets.

The reason for this shift is due to the growing number of users, autonomous IoT devices, and networked applications that corporate networks must support.

Many organizations have already abandoned the traditional secure network perimeter security approach as they have moved their apps, data, and services to the cloud and edge compute locations.

The surge of remote workers is another reason for the increased adoption of the zero-trust model. It is clear that the change from boundary-based security to resource-based security was necessary due to the increased attack surface area caused by more distributed users, devices, and networked services.

In this month's issue, we speak to industry experts about the state of Zero Trust Network Architecture in 2023. We hope you enjoy reading the magazine. If you have any suggestions, please write to chris@ ryshamedia.com. Happy reading!

MARCH 2023

EDITOR-IN-CHIEF

Chris N. Fernando chris@ryshamedia.com

SALES AND MARKETING Ranbir Sen ranbir@ryshamedia.com

ASSISTANT EDITOR

Edward Frank edward@ryshamedia.com

COPY EDITOR Priyan Sampath priyan@ryshamedia.com

SENIOR WRITER Nisha Seth info@ryshamedia.com

WRITER Vishal Jagani info@ryshamedia.com

GRAPHICS DESIGNER

John Christy info@ryshamedia.com

EDITORIAL DIRECTOR Prarthana Mary prarthana@ryshamedia.com

DIGITAL TEAM Context Media LLP, Chennai, India. info@contextgroup.net www.arabianreseller.com

CONTACT INFORMATION

Rysha Media LLC, Sharjah Media City (SHAMS), Al Messaned, Al Bataeh, Sharjah, UAE.

sales@ryshamedia.com www.ryshamedia.com

ALL RIGHT RESERVED

While the publisher has made all efforts to ensure the accuracy of information in the magazine, they will not be held responsible for any errors whatsoever.

Copyright @2023

EDITORIAL
>>>
Chris N. Fernando
5

Macnica to Acquire CyberKnight

Macnica Inc, part of Macnica Holdings Inc., a $7.3 billion global value-added-distributor and solutions provider, has announced its intent to acquire a majority stake in Cyber Knight Technologies (CyberKnight).

ManageEngine’s 11th Middle East User Conference Focuses on the Future of Digital Enterprises

ManageEngine, the enterprise IT management division of Zoho Corporation, announced the successful conclusion of its recent 11th Middle East user conference, held at The Ritz Carlton, Dubai International Financial Centre. The conference was one of the largest customer events worldwide for the company, which celebrated its 20th anniversary, and brought together customers and partners from across the region.

The two-day event opened with a keynote by ManageEngine president Rajesh Ganesan, who focused on the future of work in the digital enterprise, and a presentation by Chad Routh, the principal analyst at Forrester. “While the expectation is that technologies like AI, edge computing, and extended reality will make future work efficient and optimal, making this technology itself work presents a big challenge for business leaders. ManageEngine’s mission is to address this challenge with a full-stack platform that inherently offers AI, ML, analytics, search, workflows, orchestration, and low code extensibility across the entire stack,” said Ganesan.

Routh highlighted future-fit technology and demonstrated how it enables organizations to reconfigure business structures quickly to ensure their capabilities meet future needs. “Technology executives are realizing that value creation is more important than many of the IT metrics that they have been focusing on all these years. They have discovered that to become a successful modern enterprise—being more adaptive,

creative, and resilient—they must first shift their focus from cost efficiency to business value effectiveness. Forrester calls this a Future Fit Technology strategy. Regardless of your current IT maturity levels, getting the right partners and platforms in place—focused on delivering business value—will help accelerate your organization’s success,” Routh remarked during his presentation.

His Excellency Dr. Mohamed Al Kuwaiti, head of cybersecurity, United Arab Emirates government, addressed the gathering on the second day of the event. Participants attended technical workshops on a range of domains such as IT security, identity and access management, IT service management, IT operations management, and unified endpoint management. The event also provided attendees with a platform for networking with their industry peers and one-onone meetings with company leaders.

“ManageEngine has listened to our requirements over the years and has proven its commitment by continuously enhancing its products and improving the customer experience. The conference gave us direct access and quality time to interact with both the technical and leadership teams of the company. Sharing our experiences and challenges with industry colleagues, as well as being able to attend the workshops, was invaluable,” said Jason Ahluwalia, director of global IT services, Kerzner International.

Headquartered in Shin-Yokohama, Japan, Macnica operates globally across Japan, USA, China, Southeast Asia, Australia, India, Brazil, and Europe and focuses on AI, IIoT, mobility, cyber security, big data, healthcare, biotech, retail, robotics, and semiconductors. Macnica’s product portfolio is based on some of the most advanced technologies in the world.

“The company is dedicated to providing customers with local engineering, technical services, support, and solutions. Macnica has been in the cybersecurity business for more than 20 years and has a wide range of cybersecurity solutions. CyberKnight was founded in 2019 by industry veterans Avinash Advani (CEO) and Vivek Gupta (COO) and has rapidly grown into one of the largest cybersecurity VADs in the Middle East in just three years,” the press statement said.

“The strategic relationship will support Macnica’s growth plans to expand its geographical footprint into the Middle East, and then Turkey and Africa in due course. Furthermore, the collaboration will bring together Macnica’s renowned Japanese technology and professional services excellence, paired with CyberKnight’s Zero Trust Security expertise and Middle East experience,” the companies announced.

“Headquartered in Dubai, CyberKnight’s 50+ team has an on-ground presence in key regional markets, including the UAE, Saudi Arabia, Qatar, Kuwait, Oman, Jordan, and Egypt. Since its inception, CyberKnight has developed a channel of more than 400 partners across the region including VARs, SIs, global SIs, MSSPs, and consultants, that have in turn sold one or more of CyberKnight’s 30-vendor cybersecurity portfolio solutions to over 600 enterprises, primarily in the banking & finance, telco, energy, and government sectors,” the press statement added.

6 NEWS // ARABIAN RESELLER - MARCH 2023

Midea Hosts UAE Business Partner Convention

Midea gathered 100 of the UAE’s top home appliance retailers for an interactive sales-driving event. The company provided the audience with an overview of its global growth ambitions and strategic focus in the UAE market, followed by a highlight of its latest cutting-edge technologies and flagship products in its 2023 lineup.

The event also gave an opportunity to thank and appreciate the partners for their commitment to promoting Midea products through their stores. Coincidentally, Midea achieved its all-time highest sales in UAE in the month of February. An engaging Q&A was hosted for the partners to seek answers directly from Midea management and below are some notable highlights.

Midea’s expansion into the UAE market is at an all-time high as it’s one of the fastest-growing brands in the UAE and the leader in home appliance sales of cooking ranges, microwave ovens, and refrigerators. Midea predicts a steady increase in year-on-year sales in 2023, after seeing a surge during the 2020 lockdown due to increased time spent at home, encouraging a positive impact on the overall UAE home appliance industry. Midea says a large percentage of consumers are choosing quality and affordable products alongside intuitive technology and purchasing convenience.

Scott Fu, President for EMEA region at Midea Group says of the event, “This is our first annual business partner convention since 2019, and we’re delighted to be hosting a physical event after the last few years of online interaction. It’s important for us to meet with our valued dealers to strengthen our partnership and share insights into the year ahead. This year saw Midea host a record number of attendees, announce growth in our product line available in the region and share updates on Midea’s overall strategy.”

Although Midea is focussing a lot on online strategy and sales, there is still a focus on driving offline business through retailers and dealers, ensuring customers always have the option to shop in-store. Midea will introduce more IOT-enabled appliances compatible with its M-smart home App that allows users to control their devices on the go. During 2020, thanks to the strong support of Eros Group, Midea was the first appliance brand to do an online dealer event to encourage continued growth in sales during an uncertain time for all.

Huawei Creates a “Tech Oasis” to Light Up MWC 2023 With Innovative Experiences

Huawei Consumer BG showcased its innovative technologies, flagship products, ecosystem, and so on. At the Mobile World Congress 2023 (MWC 2023), held in Barcelona from February 27 to March 2, 2023. With “GUIDE to the Intelligent World” as the theme, the exhibition area of Huawei Consumer BG is designed after the global high-end flagship store to create a “tech oasis” for an immersive experience integrating smart technology and trendy life scenarios.

The diverse range of innovative products showcased at the exhibition includes HUAWEI Mate 50 Pro, HUAWEI WATCH Buds, and HUAWEI WATCH GT Cyber. Huawei also held brand and technology exchange activities, in-depth conversations with global industry and ecological partners, and demonstrations of their latest innovations and future strategies.

“Huawei Consumer BG made a major appearance at MWC 2023 and believes in providing high-value innovative experiences and services for global consumers with high-end brands, innovative technologies, and high-quality products,” said Kevin Ho, Chief Operating Officer of Huawei Consumer BG, “Moving forward, Huawei will share more research and development results, and provide more innovative products and services, for users worldwide to enjoy.”

In 2022, Huawei maintained the lead in smartphone innovation with the breakthrough of the HUAWEI Mate Xs 2, the well-received HUAWEI Mate50 Pro, and the stylish HUAWEI nova 10 Series. At MWC 2023, these leading-edge products were on display to demonstrate Huawei’s imaging capabilities, leading folding technology, and understanding

of the needs of younger users.

The HUAWEI Mate50 Pro – the futuristic tech flagship smartphone with the ultimate Ultra Aperture XMAGE camera, leads the way with several breakthroughs. From the XMAGE imaging system to the ultra-reliable Kunlun Glass, it delivers the ultimate technological innovation experience. The ultra-light, ultra-flat, and super durable HUAWEI Mate Xs 2 propels the folding screen mobile phone to a new level. HUAWEI nova 10 Series continues leading the innovation of smartphone selfie camera imaging technology, providing features such as Portrait Close-up Camera, Front Dual-View Video, and Showcase Focus Front Camera.

Huawei continues to promote the development of advanced mobile camera imaging technology. On February 26, during the HUAWEI XMAGE Salon in Barcelona held by Huawei, it unveiled the “HUAWEI XMAGE Trend Report 2023” and invited experts to discuss research results and explore the evolving relationship between technology and creators.

In addition to its highly innovative hardware products, Huawei has made breakthroughs in software capabilities. Through self-developed innovations such as HUAWEI TruSeen, HUAWEI TruSport, HUAWEI TruSleep, Huawei’s wearables deliver professional health and exercise monitoring for users globally. Moving forward, Huawei wearables will continue to integrate the capabilities and advantages of software and hardware services to bring the ultimate sports and health experience to consumers worldwide.

7

GISEC Global 2023 Boosts Cyber Resilience of the Middle East Digital Economy

GISEC Global 2023, the Middle East’s largest and most impactful cybersecurity event, opened at the Dubai World Trade Centre (DWTC), bringing together the cybersecurity industry’s leading brands and experts to boost the cyber resilience of the region’s growing digital economy. H.E. Dr. Mohamed Al-Kuwaiti, Head of the UAE Cybersecurity Council, said: “To define the new cybersecurity paradigms, we are gathering an extraordinary league of cybersecurity leaders at GISEC Global. The UAE Cybersecurity Council fully supports GISEC’s initiative of creating an inner circle for InfoSec leaders to discuss critical challenges and help build the cyber resilience of businesses and enterprises in the UAE and the world.”

From 14-16 March 2023, GISEC is hosting a record 500-plus exhibitors from 53 countries. It also features over 200 hours of immersive content, 300-plus leading InfoSec speakers, and 1,000 of the world’s top ethical hackers to contribute to the burgeoning Middle East cybersecurity market that’s expected to reach $31 billion in value by 2030, according to analysts Frost & Sullivan. The research firm says the Middle East cybersecurity market was valued at US$7.5 billion in 2022 and is anticipated to grow at an annual rate of nearly 20 percent over the next seven years. With thriving cybersecurity ecosystems and supportive government initiatives and policies, UAE, Saudi Arabia, and Israel have emerged as preferred destinations for cybersecurity academics, businesses, research, and innovation.

On the Main Stage of GISEC Global, Dr. Madan Oberoi, Executive Director for Technology and Innovation, Interpol, Singapore, today introduced the first Global

Vertiv Launches Augmented Reality App for Immersive Product Exploration

Police Metaverse, the first virtual platform designed for the global law enforcement community. “Like all other ever-evolving technologies, the metaverse represents unique opportunities and challenges for law enforcement,” said Dr. Oberoi. “We, therefore, need to understand what harm can occur in or through the metaverse. These include offenses that mirror existing criminal threats like crimes against children, harassment, cybercrime, and fraud. At the same time, the metaverse will generate new forms of crime - called meta crimes – such as Darkverse or 3D virtual property crimes or harm to and misuse of avatars.”

GISEC Global is organised by DWTC and hosted by the UAE Cybersecurity Council. Dubai Electronic Security Center (DESC) is the Official Government Cyber Security Partner, and the Ministry of Interior, the Telecommunications and Digital Government Regulatory Authority (TDRA), and Dubai Police are Official Supporters. Trixie LohMirmand, Executive Vice President of Events Management at Dubai World Trade Centre, said: “The cybersecurity challenge facing organisations is formidable. By bringing together the world’s leading cybersecurity experts and digital trailblazers, GISEC Global paves the way for regional organisations to demystify the complex cyber threat landscape and unearth real-world solutions from global experts to build cyber-resilient digital businesses.”

This year, the region’s largest cybersecurity event is dismantling the greatest digital threats, from attacking botnet Mantis to hacking through ChatGPT.

Vertiv has announced the release of the Vertiv XR app, a tool in the data center space that allows data center operators, IT managers, and channel partners to visualise Vertiv products in the location they would occupy in any given facility. The virtual representation helps today’s data center decision-makers by providing a convenient tool to plan their space and provide support after installation, with the intent of improving their understanding of how the infrastructure will support their computing and impact the physical footprint. The app is available at the Apple App Store and the Google Play Store.

“With the Vertiv XR app, we are creating a bridge experience between in-person physical interactions and digital,” said Cristian Scarpa, CIO EMEA and Global VP Customer and Employee Technologies at Vertiv. “The app allows our customers and partners to make more informed buying decisions and recommendations, to visualize in a tangible way how new products will interact with their existing environments, and explore details about those products, all from the palm of their hand.”

The Vertiv XR app guides users through product selection and placement, using augmented reality to deliver an immersive, realistic depiction of the product in the location of their choosing – whether that’s a data center, office, lobby, or living room. It allows users to see and explore various Vertiv solutions when and where they choose, and stay engaged beyond purchase and installation by viewing complementary solutions and by streamlining the social sharing of their experiences with Vertiv.

“This type of technology has been used for various consumer applications, helping homeowners see how new cabinets might look in their kitchen or different siding may look on their house, but we’ve never seen this type of application in the data center,” said Martin Coulthard, global vice president for demand generation marketing at Vertiv. “We’re giving them the opportunity to see this equipment before they buy, enabling them to make their Vertiv purchase with confidence.”

8 NEWS // ARABIAN RESELLER - MARCH 2023
a

THE STATE OF ZERO TRUST IN 2023

The complexity and cost of ensuring network security and remote access for employees and key business partners can overwhelm smaller businesses. Higher cloud adoption, a distributed workforce, mobile employees, the proliferation of Internet of Things (IoT) devices, and increasingly sophisticated cyberattacks make traditional methods of ensuring secure communications across your organization overly complex and expensive. Zero Trust Network Access (ZTNA) reduces the surface area for attack by following zero trust tenets to provide access to applications. We speak to industry experts who shed more light on ZTNA and its use cases.

9

The Concepts of Zero-Trust Are Still Being Evaluated

Prasanth Prasad, the Director of Technology at Spire Solutions, says Zero-Trust has become a new market hype

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

Zero-trust has become a new market hype. There have been a lot of technological changes in solutions today to try and achieve Zero-Trust capability as this is proving to be a key strategy in achieving a robust cybersecurity architecture.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

Organizations today need to define a zero-trust strategy and baseline identity processes and tools before embarking on deploying solutions. Gartner defines zero trust as a security paradigm that explicitly identifies users and devices, and grants

them just the right amount of access so the business can operate with minimal friction while risks are reduced.

How can companies get started with zero trust?

Organizations must consider least privileged access, resource sensitivity, and the confidentiality of data secured within the zero-trust architecture while implementing zero trust. These ideas are not brand-new. In the past, numerous teams have attempted to implement least privileged access controls but ran into difficulties as they widened the scope and finer-grained the rules.

These problems do not exempt zero trust. To succeed with zero trust, businesses must plan, invest in people and resources, and refrain from viewing security as a one-

Zero Trust Adoption is a Continuous Process

Emad Fahmy, the Systems Engineering Manager for Middle East at NETSCOUT, says perimeter-based networks no longer possess the requisite access controls to be able to detect or prevent cyberattacks

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

The term 'Zero Trust' refers to a unique architectural approach to enterprise security in which inherent network trust is eliminated, the network is presumed hostile, and each request is examined based on an access policy. Over time this model has evolved from network-based perimeters to a sophisticated model based on users, assets, and resources.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did? Traditionally, the most effective method for

defending organizations against potential vulnerabilities consisted of establishing a strong exterior perimeter, a boundary between an organization's internal network and the neighbouring external networks. This premise, however, is no longer applicable today. With the rapid proliferation of cloud solutions and the rise of remote and hybrid workforces, the enterprise network and threat landscape has drastically transformed over recent years. Perimeter-based networks no longer possess the requisite access controls to be able to detect or prevent cyberattacks, due to the ever-growing threat surface and evolution of attack vectors. Cloud-based and remotely accessible infrastructure enable anybody to work and communicate from any location and on any device, but it is vital to

time, universal solution. Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate.

What according to you are the limitations of zero trust?

The concepts of zero trust are still being evaluated and tested. It needs to cater specifically to individual organizations, and this requires a lot of understanding and maturity.

The disconnect between the Board of Directors and CISO in an organization on risks to the organization just adds to the confusion. I would believe that the limitations are only from the clarity of definition and scalability that can be adopted by organizations that are lacking today.

guarantee that access is secure and centrally managed. This is where zero trust come

How can companies get started with zero trust?

Implementing and developing a Zero Trust model takes time and is an ongoing process of enhancements and adjustments. It requires the collaboration of multiple technologies, including multifactor authentication, endpoint security, and identity protection. As organizations begin and refine their Zero Trust architecture, their solutions increase in reliance on comprehensive visibility and monitoring, automated processes and systems, and integrating more fully across pillars, becoming more dynamic in their policy enforcement decisions.

10 ZERO TRUST // ARABIAN RESELLER - MARCH 2023

Zero Trust is an Increasingly Common Term Today

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

Zero Trust Network Architecture (ZTNA) was introduced with a focus on securing the perimeter of a network by removing the implicit trust that traditional network security architectures relied on. However, an ever-evolving IT environment and cyber-threat landscape have made legacy security infrastructures ineffective. Based on the outdated assumption that anything within the security perimeter can be trusted, they leave organizations exposed to cyber attacks.

Continuous monitoring of all network activity has become a key feature of ZTNA, in order to detect and respond to threats in real time. The increased complexity of networks has led to the adoption of automation to simplify management and reduce the risk of human error. Overall, the evolution of ZTNA has been driven by the need for more flexible, scalable, and adaptive security solutions that can keep up with the rapidly changing threat landscape.

Do you believe that technologies that support zero trust are moving into the mainstream?

The technologies that support Zero Trust are undoubtedly moving into the mainstream. As organizations increasingly adopt cloud computing, mobile devices, and other distributed technologies, the traditional perimeter-based security model has become less effective. This has led to a growing recognition of the need for Zero Trust security solutions that can continuously verify and monitor all users, devices, and applications attempting to access a network.

Many organizations are now actively investing in Zero Trust technologies,

such as multi-factor authentication, identity and access management (IAM), microsegmentation and encryption. In addition, cloud providers and other technology vendors are incorporating Zero Trust principles into their products and services, making it easier for organizations to adopt and implement Zero Trust solutions.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did? Historically, many organizations have had a perimeter-focused security model. This model is similar to that of a castle, where a perimeter wall keeps the potential attackers out, while everything inside of the perimeter is considered “trusted”. Under this security model, cybersecurity defenses are deployed at the network perimeter and inspect inbound and outbound traffic to block potential threats before they can cause harm to an organization.

However, this security model has its issues.

Like a castle, if someone inside the perimeter is a threat, then the defenses provide no protection against them. Additionally, any resources outside of the protected network perimeter – including an organization’s cloud infrastructure, remote workers, etc. – are not protected at all.

A zero trust security model is designed to eliminate the security risks associated with a perimeter-based model. Instead of blindly trusting anyone within the perimeter, access requests are granted on a case-by-case basis. These decisions are based upon role-based access controls, where a user’s or application’s permissions are derived from their role and

responsibilities within the organization.

How can companies get started with zero trust?

Zero Trust is an increasingly common term that is heard in the security industry. It’s both a mindset for thinking about security as well as a well-architected solution that helps to minimize risk from a changing working environment as well as an increasingly hostile world. Zero trust is an active approach and model that integrates continuous, context-aware analysis and verification of trust, in an effort to help ensure that users and devices on a network are not doing anything malicious. Zero trust models work as overlays on top of existing network and application topologies.

As such, having an agile data plane that can manage a distributed network and using a solution that is agentless is a key consideration, as it can make all the difference between having a solution and having a solution that can actually be deployed rapidly in a production environment. Consider zero trust tools with a host-based security model. In the modern world, many applications are delivered over the web and taking a host-based approach aligns with that model.

Understanding how encryption works in the zero trust model is also important. One option is to enforce encryption from end-to-end across a zero-trust deployment. Implementing Zero Trust using disparate technologies may result in inherent security gaps and complexities. That is why Check Point offers a holistic and practical approach to implementing Zero Trust based on Check Point Infinity, a consolidated security architecture.

11
Ram Narayanan, the Country Manager for the Middle East at Check Point Software, says uderstanding how encryption works in the zero trust model is also important

Zero Trust is Not a One-Time Project

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

In the cybersecurity domain, Zero Trust is no more a buzzword, it is a decade old concept that has been evolving for a while. It started as an concept introduced in 2010 in a Forrester research, by 2014 we had Google's Beyondcorp initiative which reimagined the security architecture and was one of the earliest enterprise deployment of the Zero trust. In 2019 we saw the expansion of Zero Trust to SASE and ZTNA.

The pandemic period was when Zero Trust gained major traction fueled by the aspects of fast paced digital transformation, shift to cloud and remote work. We also saw the evolution of standards and regulations related to Zero Trust - NIST published SP 800-207 as a unified framework for establishing Zero Trust architecture and last year we have the US government executive order mandate adoption of Zero trust principles for federal agencies.

Do you believe that technologies that support zero trust are moving into the mainstream?

The basic building blocks for implementing Zero Trust revolve around user identity management and device trust and identity. The technology solutions in these domains like SSO, MFA, Cloud based directory services, PAM, Unified endpoint management, MDM, EDR,XDR are already well mature and are an existing part of the security stack of many organizations.

The other crucial component of the Zero Trust Network Access (ZTNA) are the policy decision engine and policy enforcement engine. We have many existing security vendors extending their existing stack to provide agent based or gateway based ZTNA architecture solution. The technologies supporting Zero Trust are very much in mainstream adoption.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

Today’s digital-first enterprises are no longer operating within the confines of a traditional network perimeter. Apps are

everywhere and users are everywhere. With more than 80% of the organizations adopting a cloud strategy, the business apps are hosted outside the organization network boundary.

Hybrid model of work is here to stay, and employees want the seamless access to the business apps without any difference in experience based on the location from which they connect. BYOD is becoming a norm, with business data being accessed from personal devices that have lower security postures.

The traditional method of using network location, ownership, and control of physical assets as parameters for implicit trust is a flawed security paradigm. "Never Trust, Always Verify" should be the philosophy the IT department should internalise,implement and practice. Traditional tools like VPN are not designed to support remote access of this scale and do not offer flexible options for adaptive access control. It is imperative that the IT and Security departments work together to reinvent the security architecture in-line with the current evolving business models.

How can companies get started with zero trust?

Moving from theory to practice has been challenging with Zero trust. To many organizations, zero trust implementation is seen as a huge, expensive, and complex project. As it touches everything from user to device to network it involves various stakeholders within the organization. What works out practically is to start small, start from where you are and start with what you have as the current technology stack.

To initiate zero-trust implementation, organizations can start by defining a strategy and baseline prior to embarking on a wider zero-trust technology implementation. There should be an overall phased approach - Assess, focus on the top critical use cases, break into smaller achievable milestones, implement, and optimize over time.

We followed what we call the "Crawl, Walk and Run" approach in our organization. The initial crawl phase involved strengthening

the identity and device pillar focusing on the below activities

a.Implement SSO

b.Enforce MFA

c.Enrol corporate devices in UEM and MDM

d.Conditional access based on device certificates

This served as a good starting point and helped us to show the value early on to the users and the various stakeholders.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?

Zero trust is not a single silver bullet solution to all your security risks.There are other areas outside the scope of Zero trust like API security, hardware and software vulnerabilities, insider threats and supply chain attacks.Multi layered approach and defence in depth controls are very much needed besides implementing Zero Trust. Security awareness training, incident response planning ,regular monitoring and patching of systems and applications, comprehensive SOC capabilities and threat intelligence are required to tackle the current cybersecurity challenges faced by organizations.

What according to you are the limitations of zero trust?

Zero Trust as a cybersecurity paradigm is a great evolution, but where we see limitations are in the practical implementation and deployment.With any new security model we experience challenges as the scope is expanded the we try to increase the granularity of controls. Zero trust is not immune to this.

Zero trust is not a one-time project, it is a continuous journey towards better security. It is also not a one size fits all approach. Not every organization can follow the exact Beyondcorp approach, the strategy and roadmap need to be evolved according to the business need. Organizations should build a solid strategy and plan and invest in resources and people to succeed with Zero Trust.

Deepa Kuppuswamy, the Director of Security at Zoho, says the technologies supporting Zero Trust are very much in mainstream adoption
12 ZERO TRUST // ARABIAN RESELLER - MARCH 2023

Zero Trust is Not a Point Solution

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

Like many things in our industry, Zero Trust is a concept that can be distorted. For years, vendors have tried to redefine Zero Trust to align with their current product capabilities. But Zero Trust is not a point solution.

It’s about building a defense-in-depth strategy to ensure all assets have identity-based perimeters that are continuously monitored for user behaviors and device attributes to ensure that least-privileged access to enterprise resources is continually enforced. This must happen no matter where users, applications, or devices are located. Zero Trust is fundamentally dynamic and requires a modern approach to security to be effective.

Do you believe that technologies that support Zero Trust are moving into the mainstream?

Yes, and good solutions should make it easy for companies to implement Zero Trust. CrowdStrike, for example, do all of the heavy liftings for enterprise security teams to enforce frictionless Zero Trust with its industry-leading CrowdStrike Security Cloud — the world’s largest unified, threat-centric data fabric to stop breaches. The CrowdStrike Security Cloud processes trillions of events, enabling hyper-accurate attack correlation and real-time threat analytics and response that can scale any deployment model, whether they are multicloud or hybrid enterprises that may also run legacy and proprietary applications.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

Yes, with digital transformation and remote work, IT organizations need to adjust to today’s new way of working. It is vital for IT departments to move away from traditional network security which follows the “trust but verify” method. In the traditional model, users and endpoints within

the organization’s network perimeter were assumed to be trustworthy. This put the organization at risk from malicious internal actors and rogue credentials; it also inadvertently granted wide-reaching access to unauthorized users once inside the network.

Zero Trust is often used as an alternative to the virtual private network (VPN) model, which grants total network access to verified users. Given the shift to remote work, the use of VPN is increasingly seen as a cybersecurity risk, as organizations find it more difficult to monitor and analyze network traffic and application use across a wide variety of locations and devices.

How can companies get started with zero trust?

Zero Trust can be challenging to implement due to the complexity of the technology stack, cross-departmental organizational challenges, and mapping out a process for budgeting and execution. Although each organization’s needs are unique, I recommend the following three steps to move to Zero Trust:

• Visualize: In this stage, the intent is to understand all of the resources, their access points, and the risks involved. Discover endpoints, identities, and applications, visualize attack paths, and discover and assess multi-cloud workloads.

• Mitigate: In this stage, an organization should be ready to detect and stop threats or mitigate the impact of the breach in case a threat cannot be immediately stopped. At this point, endpoints should be protected, as well as identities, and workloads in real-time with behavioral and real-time analytics. Identities should be automatically segmented and telemetry enriched with threat context and intel.

• Optimize: At this stage, the goal is to extend protection to every aspect of the IT infrastructure and all resources regardless of location without creating a poor user experience (which

can lead to non-compliance and lower productivity). The key goal is to deploy conditional access for continuous verification without compromising a positive user experience. Best practices to avoid this include eliminating multi-factor authentication fatigue with risk-based, conditional access even for privileged users, extending multi-factor authentication protection to legacy systems to ensure no-gap coverage, and detecting and responding to threats for public clouds and SSO credentials even if a sensor/ agent is not possible to deploy.

What according to you are the limitations of zero trust?

Zero Trust Network Access (ZTNA) functions as a next-gen VPN replacement in that it ensures that only approved, authenticated users are granted access to an IT environment or resource. At the same time, it does not actively monitor or mitigate threats once a user has been granted access to a trusted zone.

Further, while secure access via ZTNA is a critical component of a comprehensive cybersecurity strategy, it is not effective at stopping modern cyberattacks such as ransomware or supply chain attacks. ZTNA must be combined with a secure access service edge (SASE) solution and other security tools and solutions to ensure complete protection.

In addition, ZTNA does not provide underlying identity protection capabilities, such as gathering activity data or endpoint details. In this way, the ZTNA solution cannot determine a baseline of standard user behavior, making it impossible to detect anomalies or deviations. Finally, most ZTNA solutions require a gateway, similar to what is used by a VPN. This requires careful planning to ensure the strongest possible protection without introducing significant friction within the user experience that could prevent valid users from accessing the tools and resources they need to perform their jobs.

13
Roland Daccache, Systems Engineering Manager for META at CrowdStrike, says to ensure a frictionless Zero Trust journey, organisations should consider using a cloud-native security platform approach

Zero Trust is Already Mainstream

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

Since analyst John Kindervag first implemented the term Zero Trust the evolution hasn’t come in the model itself as much as the technology that goes into implementing it. The model is clear and has been since the beginning. Having a broker or system in place to determine the least level of access needed to an application, service, or device. Then implementing that at every tier of access along the way of said applications, services, and devices in the infrastructure that a user or application would need to interact with.

The evolution of Zero Trust really comes in the form of the level of granularity that the model has achieved. Zero Trust has made it from perimeter-less networking for Google all the way down to kernel-level separation to isolate certain applications that only have pre-approved information flow to other kernel partitions in embedded systems. Zero Trust has made its way into every aspect of the computing world and will continue to follow as technology advances.

Do you believe that technologies that support zero trust are moving into the mainstream?

Zero Trust is already mainstream. We see it in every level of access modeling. Most major companies are offering Zero Trust applications as a part of their services such as Microsoft’s Zero Trust Business Plan, Google’s BeyondCorp, AWS ZCenter and within the integration to Fortinet firewalls. There are standalone Access Management brokers that provide Zero Trust model applications like Okta, Ping Identity, Symantec, and RSA. We also see file and service level management applications on both Active Directory and Linux LDAP environments embracing and following the Zero Trust model.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did? For sure, data supporting the thinking

that the original castle and moat system is highly vulnerable to privilege escalation and lateral movement attacks is prolific. IT departments should have full visibility to the privilege level of certain services within the kernel and all the way up to how users access their everyday apps, including on which devices and in what regions users are operating.

How can companies get started with zero trust?

Obviously, new businesses have a significant advantage in this regard. It’s much easier to build an environment from scratch which incorporates the Zero Trust model. Especially now that most companies have a Zero Trust service offered on their platforms. Established businesses migrating to a Zero Trust model have a more challenging process ahead of them due to the migration of legacy services and applications. But for each, the logical process is the same.

First, the business will have to inventory every service, application, and device in their environment which is required for ongoing operations. This might require them to use external tools to determine their cyber rating, threat intelligence, and third-party supplier risks. Then they have to determine which Zero Trust platfaorms are available and fit their business model. Then the implementation and/or migration phase begins.

The nice thing about Zero Trust is there is no grey area. You are either on a Zero Trust model or not. The migration pain from an established business can be somewhat mitigated if these phases can be done in parallel. For example, re-creating the company’s network and required services in a cloud platform. In this way, they are essentially starting from scratch. Then they can migrate operations from the legacy environment to the cloud platform once sufficient compatibility and operational testing have been completed.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be

done to address this?

With any new implementation of a security best practice, there will always be those that are going to devise methods to exploit weaknesses. The key to countering this is by actively monitoring each level. Early detection is essential in the prevention of critical data loss and service interruption.

That is where solutions such as cybersecurity monitoring and rating tools need to come in. Applications like SecurityScorecard analyze data from Identity and Access Management (IAM), End Point Detection and Response (EDR) applications, network devices, services, and file permissions on servers and devices in the network. There are services out there for each tier depending on your environment.

This along with implementing other security best practices such as strict password policies, MFA, geo-blocking, etc will go a long way to making things difficult for Threat Actors. Ultimately, the biggest security risk is human nature and with it the threat of social engineering by threat actors. Only continuous and consistent training can aid in mitigating this risk but, unfortunately, it will always be there.

What according to you are the limitations of zero trust?

The largest limitation, from a business perspective, is the impact zero trust can have on workflow. Users can get frustrated and become complacent because of this. It requires a complete mindset change at every level within the organization and total support from the highest management levels.

If your business offers any sort of application to provide services to your clients or customers, it can easily inadvertently introduce more complexity and consequently slower application speeds. With the ever-growing threat landscape, it is a delicate balancing act to justify these limitations or inconveniences against the security of businesses, employees, and customers.

Larry Slusser, the Senior Director of Cybersecurity Operations at SecurityScorecard, says the nice thing about Zero Trust is there is no grey area
14 ZERO TRUST // ARABIAN RESELLER - MARCH 2023

The So-Called Castle and Moat Security Model is Dead

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

On paper, zero-trust network architecture is the natural successor to the perimeter-based security model. The preceding model, which gives unfettered access to any user upon completion of initial verification is no longer fit for purpose, especially given the vast numbers of individuals now working in a remote or hybrid setting following the COVID-19 pandemic.

Zero Trust Network Architecture (ZTNA) as a concept has gained significant traction within the cybersecurity space, and more companies are beginning to implement this form of security infrastructure, although many so-called ZTNA solutions still only scratch the surface. Indeed, the strive towards ZTNA has played a major role in the wide-scale adoption of multi-factor authentication (MFA) as an industry standard, and the increasing utilization of technologies such as identity-aware proxies and software-defined perimeters is removing some of the user experience (UX) barriers that implementing ZTNA could create.

For zero trust to be effective, companies require a universal access control system that works seamlessly with all operating systems and software and can be connected and integrated anywhere. Companies must also ensure they protect against any hidden backdoors and potential supply chain attacks by regularly verifying and auditing their processes and procedures.

Do you believe that technologies that support zero trust are moving into the mainstream?

The aim of creating and implementing ZTNA is one that has entered the mainstream. However, we are still a long way from a one-size-fits-all solution that will allow businesses and organizations to establish ZTNA on their networks. Technologies that embrace ZT principles are becoming more widely available on the market, and a large number of cloud

service providers have crafted products containing security features that adhere to the tenets of ZT. That being said, if companies are truly committed to implementing ZTNA, piecemeal solutions won’t work. Companies and organizations must take an all-in approach for ZT to become an industry benchmark.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

The so-called castle and moat security model is dead, and it’s not coming back. Castles (companies) are now too big, their digital infrastructure is so vast, and their attack perimeter is so large, that it’s now impossible to build a moat (security perimeter) around them. According to a recent FlexJobs survey, 87% of workers are looking for jobs that will allow them to work in a remote or hybrid environment, creating endpoint security risks as individuals use personal devices for work purposes. Furthermore, password policies, firewalls, and VPNs are becoming less reliable, given that they are often based on implicit trust.

Cybercriminals, who have shown time and again that they are highly adaptive and opportunistic, are incredibly skilled at exploiting the implicit trust contained in traditional defensive measures. With ZTNA, the new perimeter starts with each endpoint. Instead of relying on IP addresses in isolation, networks with ZTNA can authenticate resources and use them individually. Microsegmentation, a central concept of establishing ZTNA, is also vital to reducing attack surfaces and hindering attackers from moving laterally across networks. In short, ZT can make companies more resilient and responsive to new attacks.

How can companies get started with zero trust?

Firstly, companies must start from the concept that ZT is a system where every person, device, file, and application is considered to be a threat until properly

verified. Additionally, to establish a ZT framework, companies must adhere to three core principles: that authorization may be granted only after explicit verification, that companies must enforce a least-privileged model and limit access to a need-to-know basis, and that all traffic must be continuously inspected and logged to verify user behaviour.

ZT policy, like any cybersecurity plan, must be tailored to a business or organization’s interests and needs. For example, the introduction of multiple new solutions to meet ZT goals could in fact create new security gaps that threat actors could exploit. At Group-IB, our audit and consulting team can provide companies with all they need to evaluate their infrastructures and processes, and give them the required information to understand what their current security risks are, and how to mitigate them. A thorough audit can be an invaluable tool for companies looking to implement ZT, as it can provide a much-needed reality check along with an implementation action plan.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?

Zero Trust may be the gold standard for cybersecurity, but it is by no means a silver bullet. Additional measures and solutions will always be required to complement any Zero Trust architecture. This includes services such as Managed Extended Detection and Response and data loss prevention solutions.

Organizations should ensure that they are up-to-date with the latest Threat Intelligence research produced by vendors, and they should conduct regular security checks, including audits, compromise assessments, and penetration testing exercises to ensure that their security perimeter can stand strong against the threats of today and tomorrow.

15
Vitaliy Trifonov, the Creative Technical Director at Group-IB, says the aim of creating and implementing ZTNA is one that has entered the mainstream

ZTNA is Evolving to Deal With the Threat Landscape

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did? In some ways, it does require new thinking, in what and who you can trust. In other ways, the same thinking still applies: that you need to protect your network from unauthorized access. Whether your network is still largely centralized and surrounded by a castle wall and moat, or highly distributed with infrastructure and applications in the cloud and users working remotely, you still need to protect it.

So that hasn’t changed. What has changed is how you best protect it - who and what can you trust? Can you trust a user’s credentials? No. You need to verify they are who they say they are. Can you trust their device is compliant and risk free? No. You need to verify it’s healthy and compliant. Even then, should you trust them to access whatever they want on the network? No. You need to only allow access to specific applications or resources that individual users need to do their jobs.  This should not be new thinking, but it is for many.

How can companies get started with zero trust?

Getting started with zero trust these days is very easy. You will need to have a few prerequisites such as applications you host or own either in the cloud or on-premise that you need to protect and control access to. You’ll also need an identity provider (or IDP) such as Azure Active Directory to facilitate authentication and MFA.

Then you’ll need to pick a ZTNA solution vendor: Look for one that offers an integrated agent for your desktop AV protection and ZTNA in a single agent, a cloud based solution to make deployment easy, and a single cloud management console that allows you to manage all your cybersecurity products together

using a single pane of glass. Then start by evaluating it yourself, using it to access one application you use often. See how easy it is to setup, to manage, and how seamless and secure it can be. Then roll it out to more of your users when you’re ready.

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

Zero Trust, like cybersecurity protection mechanisms, is continually evolving to deal with the threat landscape. Zero Trust architecture and approaches for zero trust have manifested themselves more predominantly into product features with a natural evolution of products that have been designed with zero trust principles at the core.

It’s important to keep in mind that Zero Trust architecture provides guiding principles and no single product deployment will make your environment “Zero Trust”. Vendors have made concerted strides to discuss how their products and approaches support zero-trust environments.

Do you believe that technologies that support zero trust are moving into the mainstream?

Many organizations are challenged with securing their environment but when their environment is no longer centralized but rather quite distributed in terms of where their data, applications, and users live, historical approaches are found wanting. We’ve seen a rapid evolution of solutions and products that support zero trust in recent years.

As one example, the challenge of providing secure application access has taken the front stage with the evolution of ZTNA. Security-minded organizations are looking to remove the implicit trust that comes with VPN-esque style deployments, recognizing the benefits that come from removing endpoint from

the network and providing them with discrete application access instead of broad network access.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?

Cybersecurity is certainly a challenging problem for many organizations which is why it also attracts a lot of talent to help combat the dynamic threat landscape. I think it’s important to understand that there are no silver bullets when it comes to dealing with the complex nature of cyber attacks.

Zero trust approaches help prevent and mitigate the damage from a diverse set of threats. For example, a common technique for malware is to use lateral movement within a network to identify other assets for compromise. By removing the ability for a  given host to easily navigate the networking, including assets that the device doesn’t need access to, you help mitigate the blast radius for an impacted host.

Rob Andrews, the Senior Director for Product Management at Sophos, says there are no silver bullets when it comes to dealing with the complex nature of cyber attacks
16 ZERO TRUST // ARABIAN RESELLER - MARCH 2023

Zero-Trust is Easier Said Than Done

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

Zero Trust Network Architecture has been evolving since its inception in 2010 to include the latest technologies, best practices, and recommended cybersecurity frameworks. Initially, it was built on the principle of not trusting any user or device trying to connect to the network, or trying to access applications and data, unless such users and devices are being verified and have the right privileges of access and authorisation.

Do you believe that technologies that support zero trust are moving into the mainstream?

No doubt that technologies that enable Zero Trust are gaining wider adoption and interest. As more organizations are adopting work-from-home business models and embracing cloud-based services (SaaS/IaaS/PaaS), the need for secure access to sensitive data and resources has become increasingly critical.

As a result, there is growing interested in implementing Zero Trust principles and related technologies, such as Data Protection, Identity and Access Management solutions, Visibility, Network Segmentation, Multi-factor authentication, and more. We will increasingly start hearing more about AI-based technologies being integrated with or within the Zero-Trust model.

At the same time, traditional Workfrom-Office organizations, continue to improve their cybersecurity posture and protect against evolving threats with Zero Trust. In other words, the Zero-Trust model is suited for both traditional as well as modern networks.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

The changing nature of IT and business services, and the technologies that empower such services, would mean that organizations must continuously re-evaluate and assess new ways of architectures and practices to address evolving security threats.

Zero-Trust is not a set-in-stone model or a network architecture. It can evolve to address new challenges and threats, such as AI adoption by malicious activities. In other words, organisations should consider leveraging AI and Machine Learning (ML) to detect and respond to threats in real-time, and they should continuously update their security protocols to stay ahead of emerging threats. Regular employee training and awareness programs can also help mitigate risks, which is often a leading cause of security breaches for now.

How can companies get started with zero trust?

First, you need to have the buy-in from all the C-levels of the organization, led by a CIO or CISO’s conviction. Second, acquiring the right skill sets, whether with training and/or hiring is at the top of the list as an action item. Third, organizations should identify their critical assets and determine who needs access to them, from where, and when.

Fourth, you need to identify the technologies and potential vendors you would require, by inviting relevant manufacturers and solution integrators for discussions and demos. Fifth, is budgeting. This is where you need to determine the budget based on the potential risks that you could have, and then prioritize

it. And lastly, implementing the technologies and utilising them to their maximum potential.

Overall, companies should take a holistic and planned approach to Zero Trust, integrating it throughout their entire IT infrastructure and organization.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?

Today AI can be leveraged by malicious activities, and it might be an advantage to bad actors on one hand. Yet on the other hand, the Zero Trust model should evolve so that the existing AI and machine learning technologies learn to identify and mitigate security risks. By analyzing data from various sources and detecting anomalous behavior, AI-powered security tools can help organizations prevent attacks before they occur.

However, with potentially having AI on the offensive side of the threat versus AI on the defensive side of the organization, adopting such a new approach requires a fundamental shift in mindset and a commitment to integrating the latest cybersecurity and practices throughout all aspects of the IT infrastructure, from the network to applications, users, and devices.

With AI, the volume and destruction of cyber-attacks will be extreme to unprecedented or even unimaged levels, disrupting human lives and putting nations into chaos. Zero-Trust would then need to further evolve, to alleviate the damage that AI can bring when leveraged by malicious activities.

17
Mohammad Jamal Tabbara, the Senior Manager for Technical Sales (Middle East, Turkey, and Africa) at Infoblox, says there is growing interested in implementing Zero-Trust principles and related technologies

To Get Started With Zero Trust, Do Not Start With a Vendor

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

When the term Zero Trust Network Architectures was coined in 2010, the tools, concepts, and implementations seemed excessive for the threats at the time. In the past decade, threat actors have evolved their attack vectors from vulnerabilities to identities and the need to protect assets, resources, and data has increased due to the continued development of technology. In addition, as a work from anywhere world has truly become a reality since the pandemic, traditional security models that rely on a perimeter defense have become grossly inadequate for the challenges ahead.

Do you believe that technologies that support zero trust are moving into the mainstream?

In this security professional’s opinion, I do believe technologies that support zero trust are moving into mainstream. However, products themselves are not zero trust. They may be deployed using models that support zero trust network architectures but they must be implemented and operated with the principles of zero trust in order to achieve the desired goals.

Cyber security vendors that offer zero trust solutions are using clever marketing terminology to achieve this goal but in reality, no product enables zero trust on its own. This is a nuance that security professionals and executives in organization must be fully aware of. If an analogy is needed to describe this marketing exercise, would you purchase a car that is advertised as “fully self driving”?

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

I do believe organizations should consider a new way of thinking if castle and moat security architectures of the past

are a potential risk. I should highlight “consider” because zero trust does not apply to every organization. Why? Organizations, governments, military, etc that rely on air gapped networks, that are geographically inaccessible outside of a very specific location, can benefit from zero trust, but it is not a necessity.

Legacy perimeter based defenses are still applicable against cyber attacks but if the assets within communicate with the internet, users response to email, or allow remote access, then need is paramount to reconsider.

Only true air gapped networks do not necessarily need to adopt zero trust but in today’s modern world, these environments are becoming far fewer then the past. Therefore, everyone should consider zero trust but not everyone may really need it.

How can companies get started with zero trust?

For organizations that want to get started with zero trust, do not start with a vendor. The best place to start is with theory from NIST and leading analysts in the industry. Once the concepts are understood, and how they can apply to your organization, then consider speaking with vendors.

Zero trust is one cyber security concept where vendors are misleading organizations to sell product but, they all may not be the proper fit and in some cases, you may already have the tooling to perform zero trust. Modernizing workflows and processes may be all that is needed to close the gap verses licensing a solution.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?

While some industry experts have

warned about attack vectors that zero trust can’t mitigate, I would recommend to everyone that zero trust is just a security model to be applied to existing security controls.

Organizations must continue investing in cyber security basics like vulnerability, patch, configuration, log, anti-malware, and privileged management in order to protect assets, resources, and data, just as before. Zero trust does not replace existing security controls — it is a layer above that makes these solutions better and when done correctly, will greatly reduce many false positives in them.

What according to you are the limitations of zero trust?

I talk about this in Chapter 22 of my book “Privileged Attack Vectors” from Apress Media. Quoting from the book, “Zero Trust has been developed in response to industry trends that include remote users and cloud-based assets that are not located within a traditional enterprise perimeter. It focuses on protecting resources, not logical network segments, as network segmentation is no longer seen as the prime component to the security posture of the resource. This in itself begins the discussion of why Zero Trust may not be for everyone and may not be compatible with existing systems leveraging PAM. Many times a hybrid approach is needed the borrows some characteristics from zero trust but does not constitute a true zero trust architecture."

Therefore, a few obstacles that are the most common considering Forrester’s and NIST’s models include technical debt, legacy systems, peer-to-peer technologies, and digital transformation

Morey Haber, the Chief Security Officer at BeyondTrust, says Zero Trust is no longer an abstract concept with principles that were stretch goals for any organization’s security program
18 ZERO TRUST // ARABIAN RESELLER - MARCH 2023

Companies Must Place Greater Emphasis on Authenticating Digital Identities

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

As regional organizations try to manage the ever-changing threat landscape and secure a growing attack surface, the Zero Trust framework is becoming increasingly popular. As the name suggests, Zero Trust demands authentication at every connection to an organization's network to create an impenetrable barrier around the organization.

The Zero Trust approach has developed over time from a Fort Knox-style approach which adds friction and can hinder employee experience and productivity, to one that employs intelligent passive indicators based on behavioral analytics.

The former necessitates authentication of every touchpoint connecting to an organization's network. This strategy causes unnecessary friction, reducing staff productivity and putting security resources under strain. However, a new approach to security known as Zero Trust 2.0 enables organizations to maintain the same "Fort Knox" degree of security while also ensuring employee convenience and productivity.

The answer lies in passive behavioral indicators, for example the pressure a person exerts when typing or the way they swipe a device is unique and inherent to each individual. This unique behavioral data, when combined with data from a user's device and location, aid in positively identifying users, instead of just looking for fraudulent users which can result in lots of false positives and increase friction.

Zero Trust 2.0 layers passive behavioral indicators over of knowledge-based

passwords and location or device-based indicators used in the traditional Zero Trust strategy, allowing organizations to enhance their authentication process without adding friction.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

In a nutshell, yes. With the work-fromanywhere culture gaining traction in the region, and multi-cloud strategies broadening the attack surface, it is critical for organizations to consider technologies must protect their infrastructure from any device, from any location in real time, but at the same time maintain convenient access and maintain productivity.

To do this successfully, companies must shift from an end-point-focus to a people-focused approach to security. The traditional Zero Trust strategy is centered on authenticating each touch point with an organization's network usually from one or the same location on the same device. This approach forces employees to constantly validate their identities at each point of entry but doesn’t necessarily identify if someone is gaining unauthorized access using stolen credentials, and only looks at a set number of interactions.

Organizations that employ Zero Trust 2.0 can better combat fraudulent activities by using unique employee behavioral profiles. Intelligent passive authenticators rely on behavioral analytics, which is data created by one's digital transactions or online activity. This includes an employee's network interactions from their workplace laptop, smartphone, or tablet.

Because these indicators are passive, such as the way a pin or passcode is typed, or the way a phone is swiped, it doesn’t add friction, and can be deployed throughout the digital journey rather than at moments in time. This means organizations are protecting every interaction, and not just known entry points. This approach serves to identify that the users is who they say they are through unique inherence factors, whereas usernames and passwords alone don’t actually identify the genuine user, so a fraudulent entry could look like a genuine user.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?

As organisations scale up their cybersecurity measures, cybercriminals respond by demonstrating greater sophistication through their malicious campaigns. To ensure the integrity of their assets, organizations must place greater emphasis on authenticating digital identities in an intelligent manner.

The individual user and their behavior are the foundation of this identity. As an example, bad actors can often leverage sophisticated AI-based software to impersonate employees based on physical characteristics, such as facial recognition, or even circumvent it altogether by claiming it’s not working and inputting the step-up method of a pin or password instead. However, with Zero Trust 2.0's intelligent passive authenticators, an organization's employees can simply use their own personal behaviors to identify themselves to their organisations. An individual’s behaviors are based on unique muscle memory and are hard for a fraudster to imitate.

19
Saeed Ahmad, the Managing Director for Middle East and North Africa at Callsign, says organizations that employ Zero Trust 2.0 can better combat fraudulent activities by using unique employee behavioral profiles.

The Energy Sector in Particular is Embracing Zero-Trust Technology

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

The Zero Trust Network Architecture has evolved significantly since its inception in 2010. The concept was based on the principle of not trusting any user or device within the network perimeter. Over the years, this concept has been developed and expanded upon, and the modern approach to Zero Trust involves continuous monitoring and authentication, as well as using encryption and other security measures to ensure that only authorized users and devices can access resources. This approach is especially relevant today, with the increasing prevalence of remote work and cloud-based services. It has become an important framework for organizations to protect their data and systems from both internal and external threats.

Do you believe that technologies that support zero trust are moving into the mainstream?

The adoption of technologies that support the zero-trust model is indeed increasing. The pandemic has forced organizations to accelerate their digital transformation efforts, including the adoption of cloudbased solutions and remote work. As a result, there is a greater need for robust security measures to protect critical assets and sensitive data. Zero trust has emerged as a leading security framework that can help organizations secure their digital assets and reduce the risk of cyberattacks.

The energy sector in particular is embracing zero-trust technology. The energy industry is a critical infrastructure sector that is vulnerable to cyber-attacks, and as a result, has become a top target for cybercriminals. The implementation of zero-trust technology can help mitigate these risks by providing a more comprehensive security approach that protects against both internal and external threats.

Additionally, regulatory requirements and

compliance frameworks such as NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) mandate the use of zero-trust principles to ensure the security and reliability of the grid. Many energy companies have recognized the importance of zero trust and are investing in the technology to improve their cybersecurity posture.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

The traditional model of securing the "castle" or perimeter of the network is no longer effective. With the rise of cloud computing, mobile devices, and remote work, the network perimeter has become more fluid, and traditional security measures are no longer sufficient to protect against modern threats. This is what led to the emergence of the Zero-Trust model, which assumes that no user or device can be trusted, even if they are within the network perimeter.

As a result, IT departments must adopt a new way of thinking that involves continuous monitoring, risk assessment, and access control to ensure the security of their systems and data. This requires a shift away from a perimeter-based security approach to one that is always focused on protecting individual devices and data, regardless of where they are located.

How can companies get started with zero trust?

To get started with zero trust, companies should begin by identifying their critical assets and mapping out their data flows. They should then implement strong authentication and access controls, as well as continuously monitor and analyze their systems for potential threats. Companies can also leverage the use of micro-segmentation, which can help to limit lateral movement and contain any potential breaches. Finally, it is important to have a plan in place for incident response and to

regularly review and update security protocols as needed.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?

It is important to acknowledge that cyber-attacks can pose a significant threat to the safety and reliability of critical infrastructure like Energy grids. While implementing zero-trust controls is a good start, it's also important to recognize that While zero trust is an effective security strategy, it is not a silver bullet that can address all types of cyber threats.

To mitigate the risks of the threats that zero trust cannot control, companies can adopt additional security measures such as advanced threat detection, security information and event management (SIEM), and continuous monitoring of their network infrastructure. It's also essential to keep the workforce well-informed about the potential threats and ensure they are following best practices, such as strong password policies and multi-factor authentication. A proactive approach to cybersecurity that combines multiple layers of protection can help companies stay ahead of evolving cyber threats.

What according to you are the limitations of zero trust?

Complexity and cost of implementation are the biggest limitations, as well as potential challenges in integrating with legacy systems. Additionally, zero trust does not provide complete protection against all types of cyber-attacks, such as those that rely on social engineering or other human-based tactics. Finally, zero trust requires ongoing monitoring and maintenance, which can be challenging for organizations with limited resources.

Dr. Mostafa AlGuezeri, the Managing Director of UAE and its Oversight Countries, at Hitachi Energy, says the adoption of technologies that support the zero-trust model is indeed increasing
20 ZERO TRUST // ARABIAN RESELLER - MARCH 2023

Zero Trust is Gaining Popularity

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

Zero Trust Network Architecture has evolved significantly since it was first introduced. Initially, the concept of Zero Trust focused on authenticating and authorizing users and devices before granting them access to the network.

Over time, the concept has expanded with the digital landscape to include the authentication and authorization of applications, data, and devices, both on-premises and in the cloud. The approach has moved from being a network-centric model to an identity-centric model, emphasizing the importance of identity management and continuous monitoring.

Do you believe that technologies that support zero trust are moving into the mainstream?

Yes, definitely, with the increasing number of cyberattacks and data breaches, organizations are looking for more robust and reliable security solutions, and Zero Trust is gaining popularity as an effective approach to securing digital assets.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?

Yes, I believe that IT departments require a new way of thinking because the traditional castle and moat approach of securing the perimeter is no longer a valid singular approach to security in today's complex and dynamic IT environments.

With the adoption of cloud-based services, mobile devices, and remote working, the perimeter has become porous, making it easier for cybercriminals to

breach the network. The Zero Trust approach, which focuses on identity and access management, continuous monitoring, and data protection, along with vulnerability management and remediation programs is a more effective way of securing the digital assets in today's world.

How can companies get started with zero trust?

That is indeed a broad question that can take some time to answer. However, some steps I would recommend that companies can take to start their Zero Trust journey include conducting a comprehensive inventory of their digital assets, identifying their critical data and applications, mapping their data flows and processes, implementing multi-factor authentication and least-privilege access policies, and continuously monitoring and auditing their environment for anomalous activities.

What according to you are the limitations of zero trust?

Like any security concept, there are limitations. First is complexity — implementing Zero Trust requires significant resources, including time, money, and expertise, which can be challenging for small and medium-sized organizations.

People that are wanting to consume Zero Trust as a security module must understand this is not an all-in-one solution that you can buy of the shelf — Zero Trust is a concept and there is a lot of work around identifying and documenting internal processes.

Secondly, like Data Loss Protection (DLP), Zero Trust touches the entire organization, changing how people work. Implementing strong security controls, such as multi-factor authentication, can

sometimes lead to a poor user experience, which can affect productivity and adoption rates.

Zero Trust can produce a lot of false positives in its early stages of implementation, so companies need to watch out for any loss of productivity due to hard stop rules being implemented. It can also generate an inordinate amount of security alerts that security teams need to deal with, which in turn can mean positive alerts are being ignored.

Finally, implementing a Zero Trust program does not provide a fool proof protection against every type of cyber-attack and can be vulnerable to certain types of advanced threats such as supply chain attacks and insider threats.

Therefore, it's important to complement Zero Trust with other security measures such as threat intelligence, incident response, vulnerability management and remediation, and backup and recovery plans.

21
Paul Baird, the CTSO at Qualys, says implementing Zero Trust requires significant resources, including time, money, and expertise

Zero Trust Will Reduce an Organization’s Attack Surface

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?

The Zero Trust Model was a term first coined in 2010 – it codified two basic concepts:

• Being present on a particular network should not grant any additional trust to a device or user

• Permissions granted to a user or device should be as granular as possible rather than granting broad access to all applications on a network.

At the time of its definition by John Kindervag of Forrester Research, the concept mainly applied to on-premise networks — a year before this research was published, Google’s in-house implementation of what came be known as Zero Trust called BeyondCorp illustrated this point.

Over the intervening years, Zero Trust has become more “cloudy” and has often become synonymous with SaaS-delivered Zero Trust Network Access (ZTNA) which is the modern replacement of VPNs which conform to the Zero Trust ethos.

Do you believe that technologies that support zero trust are moving into the mainstream?

Yes, they are. The concept of least-privilege is a pillar of Zero Trust and focus on this approach can be seen in many identity platforms. ZTNA offerings are part of the reimagined virtual network which connects users to the internet and corporate applications which are part of a network renaissance called Security Service Edge (SSE). And micro-segmentation efforts in networks are also part of the Zero Trust model.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no

longer exists in isolation as it once did?

Yes. While the trend toward use of SaaS applications and public clouds was already well underway by 2020, the pandemic put this migration into overdrive. When most of an organization’s staff were sent home and became remote employees, Zero Trust became table stakes.

In addition, IT departments are realizing that 3rd and 4th parties are required to run many of their process, thus pushing the concepts of Zero Trust beyond the castle walls to mitigate risks of those parties.

How can companies get started with zero trust?

I would recommend starting with:

• Constrain the privilege granted to end-users while aiming for a reasonable approximation of least-privilege.

• Constrain network connectivity by implementing more granular firewall policies while aiming for a reasonable approximation of micro-segmentation.

• Replace your VPN with a ZTNA offering with granular access policies.

• Given that all of the above will take time, strengthen your detection and response coverage to protect you through this journey.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?

No technology or approach is a silver bullet. The Zero Trust approach will reduce an organization’s attack surface. But attacks which remain within the granted privileges of the user and within the firewall policies of the network can still wreak havoc. To protect against in-policy attack techniques, the best practice is to rely on sophisticated detection and response capabilities for

each of your five attack surfaces: endpoint, network, public cloud, identity, and SaaS applications.

What according to you are the limitations of zero trust?

Any one security approach or philosophy solves only part of the security puzzle. Broadly speaking, several approaches (including Zero Trust and timely patching of vulnerabilities) reduce your attack surface, thus making an attack less likely to succeed and constraining its blast radius when it gets past the first line of defense.

Detection and response coverage takes up where attack surface reduction leaves off and your in-house or managed SOC will need to handle alerts which can signal an attack that is progressing towards a high-value target in your environment. The mission of the SOC is to head off such an attack before it does undue harm.

Oliver Tavakoli, the CTO at Vectra AI, says the concept of least-privilege is a pillar of Zero Trust and focus on this approach can be seen in many identity platforms.
22 ZERO TRUST // ARABIAN RESELLER - MARCH 2023

GISEC 2023: CONNECTING MINDS, BOOSTING CYBER RESILIENCE

23

InoGates to Present HarfangLab at the GISEC 2023

Tell us about the cybersecurity trends for 2023.

InoGates consultants are monitoring the threat level for several years and have noticed a permanent increase. With the political situation in Europe, such a curve is not going to reverse. With almost 20% of Cyber Security worldwide market growth in less than a decade and 50% of Endpoints not protected, we decided to select HarfangLab and promote it in the MEA region.

A major consequence in 2023 is the lack of skills. More than ever, there is a need to develop cyber talents to meet the needs of companies and government organizations. Faced with this requirement, there are two options for solution providers.

Either take advantage of the opportunity to sequester their customers by providing a complete solution management package. Or to consider that each company is the most capable of identifying the cyber strategy best suited to its challenges, context, and resources and work to promote the development of talents.

What is the theme of your participation at GISEC 2023?

We have been interested at InoGates in discussing with HarfangLab about their international expansion outside Europe. The MEA region was one of the 3 selected geographies for its great growth potential.

HarfangLab is a great alternative to other solutions and is very well adapted to regional security challenges. Let CISOs

own their strategic Cyber Security roadmap with a very effective EDR.

Which products and solutions will you be showcasing at GISEC 2023?

We will be showcasing HarfangLab, an EDR (Endpoint Detection and Response) software that detects, neutralises, and remediates cybersecurity threats. Certified by ANSSI, the French national cybersecurity agency, and used in almost all of Europe.

The solution is designed to be available both on-premises and on the cloud (SaaS mode). We are participating in GISEC 2023 to demonstrate how the EDR from HarfangLab is able to respect the countries’ data privacy acts as well as the ability to be included in a complete Cyber Security XDR offering thanks to its simple use and openness.

How are you equipped to help companies overcome digital security and privacy challenges?

HarfangLab EDR has high capacities for detection and response to incidents, notably via AI and its numerous automation.

We aim to help SOC analysts to better understand security events through our transparency. Unlike our competitors, all the detection rules are visible.

Add to that, the openness and the numerous connectors of our solution make the integration and interoperability with other solutions easier. Being a European company, we are very used to GDPR and all privacy considerations. when offering an EDR service to our

client, we, therefore, think that the MEA region is also sensitive to such important topics.

Being a 100% indirect selling model, we build partnerships and accompany our business partners in training and skills augmentation through our learning program.

Is there a skills gap in the cybersecurity industry? What needs to be done in order to bridge that gap?

There is a skills shortage in Cyber Security. At InoGates and HarfangLab, we believe that the role of the software providers goes beyond offering software.

Our duty is to ensure that the onboarding of the stakeholders contributes to the overall increase of skills/knowledge on cyber subjects.

Many new solutions are becoming very sophisticated, there will be a need for higher skills. But where to locate these resources?

The cyber security market needs to rely more on service providers. This will allow skills development. Naturally, we think that the next generation of cyber protection is going to be serviced with highly developed Service Level Agreements coming from the MSSPs.

Marc Kassis, the Founder and General Manager at InoGates FZCO, speaks about his company’s participation at GISEC 2023
GISEC 2023 // ARABIAN RESELLER - MARCH 2023 24

Check Point to Focus on Unified Security Architecture

Ram Narayanan, the Country Manager at Check Point Software Technologies for the Middle East, says hacktivism, deep fakes, attacks on business collaboration tools, new regulatory mandates, and pressure to cut complexity will top organizations’ security agendas over the coming year

Tell us about the cybersecurity trends for 2023.

We’re entering a new era of hacktivism, with increasing attacks motivated by political and social causes. According to Check Point Software’s cyber security predictions for 2023, Hacktivism, deep fakes, attacks on business collaboration tools, new regulatory mandates, and pressure to cut complexity will top organizations’ security agendas over the coming year.

Business and technology executives need to have cyber security as the top priority in view of the fact that cyber-attacks are becoming more sophisticated and their numbers have only increased during the last year. Furthermore, as businesses look to remove cost and complexity from the entire digital and security stack, consolidation will become a “real” priority.

What is the theme of your participation at GISEC 2023?

Check Point Software’s theme of participation at GISEC 2023 is centered around the concept of Unified Security Architecture. We believe that prevention is the best security solution and our focus is on delivering comprehensive, consolidated, and collaborative cybersecurity solutions to our customers and partners.

In addition to showcasing its latest security solutions, Check Point Software will be highlighting its commitment to leveling up its engagement with customers and partners to provide the best customer experience.

Which products and solutions will you be showcasing at GISEC 2023?

GISEC is the largest cyber security exhibition and conference in the Middle East and provides a premier platform for industry leaders to showcase the latest innovations and solutions.

At the event, Check Point Software will be showcasing the company’s latest prevention-first best solutions including Check Point CloudGuard, Check Point Harmony, Check Point Quantum, and Check Point Horizon.

How are you equipped to help companies overcome digital security and privacy challenges?

Check Point Software offers a range of cyber security solutions that help organizations secure their networks, cloud infrastructure, endpoints, and mobile devices from 5th-generation cyber-attacks.

By leveraging advanced threat prevention technologies and centralized management, Check Point Software enables its customers to defend against cyberattacks and prevent data breaches with an industry-leading catch rate of malware, ransomware, and other types of attacks.

Is there a skills gap in the cybersecurity industry? What needs to be done in order to bridge that gap?

Certainly, there is a significant skills gap in the cybersecurity industry. As technology advances, there is a growing need for cybersecurity experts, but there is a shortage of skilled workers to meet this demand.

Bridging the skills gap requires a multi-faceted approach that involves education, training, and certification

programs, as well as public-private partnerships and government initiatives.

To address the skills gap, cybersecurity companies must invest in employee training and development programs, and partner with educational institutions to promote cybersecurity education and training programs.

By taking a proactive approach to addressing the skills gap, the cybersecurity industry can help ensure that there is a pipeline of skilled cybersecurity professionals to meet the growing demand for cybersecurity talent.

25

Claroty to Showcase its Cyber-Physical Systems Protection Solutions

Tell us about the cybersecurity trends for 2023.

Highly interconnected cyber-physical systems including operational technology (OT), the Internet of Medical Things (IoMT), building management systems (BMS) and more – collectively known as the Extended Internet of Things (XIoT) – have become pervasive as organizations across critical sectors seek to modernize their environments via digital transformation.

While the ever-growing XIoT delivers a number of business benefits that drive innovation, resilience, productivity and sustainability, it can also increase exposure to cyber and operational risks if not properly secured.

Additionally, as CISOs become increasingly responsible for securing their organization’s cyber-physical systems, they cannot rely solely on traditional IT security solutions to provide sufficient visibility into these assets without disrupting mission-critical operations.

What is the theme of your participation at GISEC 2023?

Given the growing demand for cybersecurity solutions that are purpose-built for cyber-physical systems in the Middle East and around the world, our focus will be engaging with the GISEC community in order to find ways to work together to protect the critical systems that power our way of life – from the food we eat and water we drink, to the energy sources that power our homes and cities, to life-saving medical care.

Which products and solutions will you

be showcasing at GISEC 2023?

Claroty offers a portfolio for cyber-physical systems protection solutions that integrate seamlessly with customers’ existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, network segmentation, threat detection, and secure remote access. These solutions include:

1. Continuous Threat Detection (CTD): Claroty’s flagship product, delivers comprehensive asset visibility and security controls for industrial environments

2. Secure Remote Access (SRA): Delivers frictionless, reliable, and highly secure remote access to industrial environments for internal and third-party users

3. Medigate by Claroty: A modular, SaaS-powered healthcare cybersecurity platform, which was brought into the Claroty portfolio following our acquisition of Medigate in January 2022

4. xDome: A modular, SaaS-powered industrial cybersecurity platform launched in August 2022, combining Claroty and Medigate’s deep domain expertise and specialized technologies for industrial and healthcare environments into a single platform

How are you equipped to help companies overcome digital security and privacy challenges?

As our physical world connects more deeply and broadly with our digital world, organizations are recognizing that they need to take a holistic ap -

proach to securing the wide range of connected assets within their environments.

Understanding the need to secure enterprise XIoT environments holistically, Claroty’s cyber-physical system protection solutions integrate seamlessly with customers’ existing infrastructure to provide full visibility, protection, and threat detection for all connected assets.

Powered by deep domain expertise, its award-winning threat research group Team82, and a robust partner ecosystem, Claroty’s solutions are designed to meet the unique challenges and requirements of securing any XIoT environment, ensuring cyber and operational resilience for the connected organizations that sustain our lives.

Is there a skills gap in the cybersecurity industry? What needs to be done to bridge that gap?

Absolutely. The gap in very specialized OT cybersecurity is even greater, since IT has a decades-long head start in building expertise and, therefore, a larger talent pool.

There are no easy solutions to close the OT cybersecurity talent gap, but there are still a number of steps that organizations can take such as cross-training IT security staff to familiarize them with the world of OT, engaging with educational institutions to attract recent grads, and leaning into technology solutions that can increase productivity through automating certain time-consuming tasks.

Yaniv Vardi, the Chief Executive Officer at Claroty, says the skills gap in the very specialised OT cybersecurity arena is even greater
GISEC 2023 // ARABIAN RESELLER - MARCH 2023 26

Edgio to Show Off Holistic Web Application and API Protection Solutions

Tell us about the cybersecurity trends for 2023.

We continue to see an uptick in cyber attacks – which is probably no surprise to anyone, but the driving forces change over time. We saw attacks accelerate during the pandemic as life shifted even more online due to necessity, and today we find that the trend is at least partially attributed to the ongoing war in Ukraine and other major conflicts across the globe.

Criminal organizations are finding nation-state buyers happy to pay handsomely to DDoS adversaries and their allies.

Additionally, the number of vulnerabilities (CVEs) discovered in the software supply chain rises every year (23.92% YoY in 2022) along with the discovery of critical zero-day vulnerabilities seems to become more frequent: Log4j, Spring4shell, to name a few.

Compromising web applications to steal valuable data never goes out of style. Lastly to mention, as IoT devices proliferate, we see an increase in bad bot activity with bad guys having greater incentives than ever before to innovate, and build new evasive behaviors as the value of commerce applications continues to rise.

Even as crypto prices fell from their peak in 2021, ransomware attacks rise as many organizations are underprepared to deal with the threat, and unfortunately see no choice but to pay their captors to (hopefully) release their stranglehold on their critical systems and data.

What is the theme of your participation at GISEC 2023?

Edgio will discuss several current cybersecurity trends on the topics of DDoS attacks, the bot problem, and security supply chain concerns (CVEs, zero-day vulnerabilities).

We will share some best practices to get organizations prepared to address the latest threats as well as present our approach to mitigating the latest attacks while improving performance and efficiency.

Which products and solutions will you be showcasing at GISEC 2023?

Edgio will showcase our holistic Web Application and API Protection (WAAP), which lowers risk by providing protection for web applications and APIs that is accurate, and was built by design to increase performance, and developer velocity and reduce infrastructure + operational costs.

How are you equipped to help companies overcome digital security and privacy challenges?

Edgio’s WAAP solution addresses a wide range of digital security concerns related to securing applications and the critical data behind them using a variety of innovative detection techniques as well as leveraging the benefit of our expansive global network which gives us the privilege to inspect millions of packets per second.

In addition to the innovative protections in place to guard PII stored behind applications, Edgio invested heavily in compliance measures including PCI-DSS Level

1, SOC2, and ISO27001 to meet the most stringent requirements of nearly all organizations and entities, lowering their burden when it comes to protecting their stakeholders’ privacy.

Is there a skills gap in the cybersecurity industry? What needs to be done in order to bridge that gap?

There is definitely a skills gap in the cybersecurity industry. According to the SANS Institute, there’s currently more than 3.5 million global cybersecurity talent shortage. It’s confirmed by the customers we speak with every day.

This customer reality guides Edgio’s strategy, from a product and services perspective in several ways:

• We design products and services in ways that are highly intuitive, developer-friendly, and with automation in mind

• Our solutions are designed to help customers accelerate detection & response time to new threats

• Our detection/decision engines are carefully designed and updated to reduce false positives to cut down on alert fatigue

Edgio’s solutions are built for self-service, but our managed security services can help with day-to-day operations and our 24×7 SOC is there for you before, during, and after an attack.

Richard Yew, the Senior Director for Product Management – Security at Edgio, says ransomware attacks rise as many organizations are underprepared to deal with the threat
27

Fortinet to Focus on Zero Trust Access, Secure Networking, Cloud Security, and Security Operation Solutions

Tell us about the cybersecurity trends for 2023.

The threat landscape continues to evolve and 2023 is predicted to bring forth both old and new threat tactics. CIO and CISO teams are being asked to overcome significant challenges as they work to manage business-critical initiatives such as securing work-fromanywhere, enabling digital acceleration, staying ahead of increased cyber risk, and supporting sustainability goals.

Last year many organizations faced increased cyber risks resulting from the convergence of IT and operational technology (OT) networks. So, investment in solutions like FortiNDR can allow organizations to quickly identify anomalies, analyze emerging threats in real-time, and automate responses to mitigate cyberattacks.

With attacks increasing in speed, agility, and sophistication, it is also critical to maximize artificial intelligence and machine learning approaches to defend against evolving attack techniques. Given that most organizations are still struggling with talent shortages for skilled cyber workers, organizations should strongly consider services like FortiGuard AI-Powered Response.

Organizations should also consider deception technology. Deception can provide value across the attack chain by not only deceiving adversaries, but also detecting, enabling forensics data, or even helping with real-time mitigation.

What is the theme of your participation at GISEC 2023?

As has been the case for many years, GISEC is a key platform for industry leaders to meet and discuss cybersecurity challenges as we face an increasing

number of cyberattacks and see the nature of threats changing due to digital transformation. As an industry leader in cybersecurity, for more than 20 years, it was an obvious choice for Fortinet to participate in this major event. We will be present on stand A90 (Exclusive Networks).

At Fortinet, innovation lies at the heart of everything we do and is rooted in over 20 years of prioritizing research and development in our company’s culture which has resulted in the industry’s broadest portfolio of cybersecurity solutions with over 50 security-related products. We offer a wide range of technologies, including Secure SDWAN, next-generation firewalls, 5G, and OT security, which can be delivered in software, hardware, cloud, and as a service.

Which products and solutions will you be showcasing at GISEC 2023?

Thanks to a dedicated pod on the booth, visitors will be able to discover our latest solutions from the Fortinet Security Fabric, the platform at the heart of the Fortinet security strategy. The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications across all network edges.

Zero Trust Access, Secure Networking, Cloud Security, and Security Operation solutions, among others, will all be available for on-demand demonstrations.

How are you equipped to help companies overcome digital security and privacy challenges?

Well over half a million customers trust

Fortinet’s solutions. Our security solutions are the most deployed, most patented, and among the most validated in the industry. Our broad, complementary portfolio of cybersecurity solutions is built with integration and automation in mind, enabling more efficient, self-healing operations and rapid response to known and unknown threats.

Just recently, we announced new security operations center (SOC) augmentation services designed to help strengthen organizations’ cyber resiliency and support short-staffed teams strained by the talent shortage.

Is there a skills gap in the cybersecurity industry? What needs to be done in order to bridge that gap?

The cybersecurity skills gap continues to be a serious problem worldwide. According to the Fortinet 2022 Cybersecurity Skills Gap Report, the organizations surveyed say that the cybersecurity skills gap has contributed to 80% of breaches. Inadequately trained employees and short-staffed cybersecurity teams are making it difficult for organizations globally to keep their critical digital assets safe from threats, which is why cybersecurity awareness and training, among other things, is a critical part of any security strategy to protect organizations against threats.

Fortinet wants to be a significant contributor to bridging the talent shortage. As part of this commitment, Fortinet has pledged to train one million people in cybersecurity by 2026. The Fortinet Training Advancement Agenda (TAA) and Training Institute programs are our initiatives focused on educating individuals and providing certifications to anyone who wants to expand their knowledge base.

Alain Penel, the Regional VP for ME and Turkey, at Fortinet, says it is critical to maximise artificial intelligence and machine learning approaches to defend against evolving attack techniques
GISEC 2023 // ARABIAN RESELLER - MARCH 2023 28

Nozomi Networks to Showcase OT and IoT Security Solutions

Tell us about the cybersecurity trends for 2023.

In 2023, we can expect:

Hybrid threat tactics – the lines that once categorized diverse types of threat actors have blurred, which could significantly change the threat actor landscape. For example, November’s Continental ransomware attack was launched by hacktivists who used nation-state tactics to cause physical disruption to railroads. Meanwhile, nation-state threat actors have been leveraging cyber-criminal tactics, such as ransomware, to cause disruption in critical environments. It will become increasingly difficult to categorize threat groups based on TTPs and motives, which have aided in attribution efforts in the past.

Quantum cybersecurity threats – as threat actors use the “store now, decrypt later” (SNDL) technique in preparation for quantum decryption, governments are taking steps to defend against this future threat. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released its post-quantum cryptography initiative on July 6, 2022, to prepare and safeguard critical infrastructure companies during this transition. As CISA rolls out this guidance, more companies will shift their focus to safeguarding their data now to reduce the risks of quantum decryption later.

The medical device exploits – many medical devices are susceptible to cyberattacks due to the fact that the legacy systems they are using are no longer being manufactured and/or the software no longer supported. Threat actors use scanners and other types of tools to identify and exploit vulnerabilities in these devices and perform manipulative tactics or even launch cyberattacks. Apart from

using scanners to exploit vulnerabilities, threat actors can access medical systems used to aggregate device data for broader analysis and monitoring. This manipulation could lead to malfunctions, misreadings, or even overdoses in the automatic release of medication.

Cyber insurance inflection point – while cyber insurance is an important part of a comprehensive cybersecurity strategy, cybercriminals are conducting reconnaissance on cyber insurance policies and tailoring their ransom requests to match the amount of a cyber insurance payout. This could either cause premiums to significantly increase, or even dry out cyber insurance resources, making it more difficult to file serious claims and receive payouts. Cyber insurance is not a cure for cyberattacks; in fact, it could motivate cybercriminals. Companies should invest in cyber prevention, protection, and remediation as a first line of defense.

What is the theme of your participation at GISEC 2023?

We will demonstrate how our extensive suite of leading OT and IoT security solutions can be leveraged to protect critical infrastructure, industrial networks, and government organizations from cyber threats, all while maximizing operational resilience.

Which products and solutions will you be showcasing at GISEC 2023?

We will be showcasing our entire suite of IT, OT, and IoT solutions, but this year, we are extremely excited to introduce the newest member of our product portfolio, Nozomi Arc, to our GISEC lineup. Nozomi Arc is our first endpoint security sensor for OT that complements Guardian and Vantage deployments with more visibility into a host’s attack surfaces and anomalies, to give a more detailed view

of your complete OT/ICS environment. It improves operational resiliency by significantly extending visibility across endpoint attack surfaces, dramatically reducing security threats, and speeding deployments across all assets and sites.

How are you equipped to help companies overcome digital security and privacy challenges?

Often, cybersecurity is an afterthought as traditional cybersecurity solutions can’t keep pace with the growing number of smart devices and vast volumes of sensitive data that are a part of or connected to critical infrastructure. As an example, many of the IoT and OT devices in municipal infrastructure lack even basic cybersecurity features and are essentially not visible to traditional IT cybersecurity programs.

Furthermore, growing compliance requirements and competing compliance frameworks increase pressure to achieve sound technology governance. Failing to protect these environments can result in identity theft, consumer data breach, delay or failure of critical services such as power or transportation, costly ransomware attacks, and safety risks such as compromised water supplies. Protecting customer data and providing reliable city services is paramount in the face of the cyber threats smart cities must confront.

These types of environments need help in various phases of the security lifecycle across all their services and deployments. Bringing these together in a comprehensive platform can deliver new levels of efficiency and automation to cybersecurity teams. Nozomi Networks breakdown the incident lifecycle into three phases that align with various admin tasks and security processes: Anticipate, Diagnose, and Respond.

According to Anton Shipulin, Industrial Cybersecurity Evangelist, Nozomi Networks, often, cybersecurity is an afterthought as traditional cybersecurity solutions can’t keep pace with the growing number of smart devices
29

SANS Institute to Provide Visitors With the Latest Industry Trends

Ned

Tell us about the cybersecurity trends for 2023.

In 2023, we can expect to see several emerging cybersecurity trends. Firstly, while mobile phones are generally considered more secure than desktops, we will also see a rise in stalkerware included in downloaded apps that target consumers, as hackers are creating malicious stalkerware apps and placing them in app stores.

Secondly, data backup ransomware attacks will increase, as attackers target backups that are less frequently monitored, provide ongoing access to data, and may be less secure or from forgotten older files. Thirdly, we can expect a surge in MFA bypass attacks, as more organizations adopt multifactor authentication and other additional layers of security.

Organizations must be proactive in closing the cybersecurity skills gap by investing in offensive training and threat hunting to address an expanded attack surface from a continued hybrid workforce. This will be especially important as organizations need to upskill and train their existing staff to defend against attacks.

Lastly, attackers are expected to increase their focus on exploiting vulnerabilities in cloud-based infrastructures and applications. Organizations should invest in cloud security solutions to ensure that their systems are secure and that their data is protected from malicious actors. Additionally, they should consider using security automation tools to help detect and respond to threats quickly. In summary, organizations must stay vigilant and proactive in their approach to cybersecurity in 2023 to stay ahead of these emerging threats.

What is the theme of your participation at GISEC 2023?

This year, our participation aims to provide

visitors with the latest industry trends and best practices, with cloud security being of paramount importance in digital environments.

Which products and solutions will you be showcasing at GISEC 2023?

We’re excited to showcase our advanced suite of cybersecurity offerings. The range of products and services is designed to cater to the evolving challenges of the cybersecurity landscape through specialised training courses fully aligned with GIAC certifications, Security Awareness Training products, Cyber Ranges for immersive training experiences, and an advanced ECE curriculum that covers digital forensics, penetration testing, and reverse engineering.

Our comprehensive range of cybersecurity solutions is aimed at enhancing your technical proficiency and equipping you with the knowledge and skills required to succeed in today's dynamic cybersecurity landscape. We will also highlight our CyberTalent offering, which includes various academy programs that we provide to both government partners and individual organizations, to identify hidden cybersecurity talent within their existing workforce.

Additionally, on Tuesday, 14th March, SANS Senior Instructor, Kevin Ripa, will have two speaker sessions, at the Dark Stage, and at X LABS. Alongside these two talks, Kevin and his fellow SANS instructors, Maxim Deweerdt and Michael Hoffman, will be providing workshops each day at Hackstage360. We are also excited to host our highly engaging mini Capture-the-Flag event onsite at our stand (D50 Hall 7), where visitors will have the chance to test their skills in a simulated cybersecurity environment.

How are you equipped to help companies overcome digital security and privacy challenges?

The SANS Institute is well-positioned to help companies overcome digital security and privacy challenges through a range of services and resources. Our training programs cover a wide range of cybersecurity topics, taught by experienced practitioners who bring real-world experience to the classroom, and training materials that are continually updated to reflect the latest threats and vulnerabilities.

Research by our faculty members into emerging threats and trends is shared with the cybersecurity community through publications and events, including webcasts, conferences, and summits. Additionally, the institute has a strong focus on community building, which fosters collaboration and knowledge-sharing among cybersecurity professionals. Overall, the SANS Institute's goal is to help organizations build more secure and resilient systems that can withstand the evolving threat landscape.

Is there a skills gap in the cybersecurity industry? What needs to be done in order to bridge that gap?

There is a significant skills gap in the cybersecurity industry. This gap is mainly due to the rapid evolution of technology and the increasing complexity of cyber threats, which make it difficult for organizations to find and retain skilled cybersecurity professionals. To address this, we need to focus on increasing cybersecurity education and training through academic and industry certification programs, while also creating a supportive work environment that emphasizes ongoing training and development opportunities.

Baltagi, the Managing Director for Middle East and Africa at SANS Institute, says attackers are expected to increase their focus on exploiting vulnerabilities in cloudbased infrastructures and applications
GISEC 2023 // ARABIAN RESELLER - MARCH 2023 30

BUILDING A SECURITY CULTURE IN A WORK-FROM-ANYWHERE WORLD

Protecting organizational data and credentials has never been more critical. Threat actors today realize that it’s more effective (and cheaper) to steal credentials and log in, than trying to hack through technical controls.

Once they have siphoned access details from just one employee, they move laterally, stealing even more credentials, compromising servers and endpoints, and downloading sensitive organizational data. And most of these attacks start by targeting unsuspecting employees via email.

Cybercriminals understand that your people hold access to your crown jewels (your data), and that the majority can be relatively easily tricked into taking an action which could put the security of your organization in jeapordy.

Employees across all job levels and functions can put organizations at risk in numerous ways, from using weak passwords and sharing credentials to clicking on malicious links and downloading unauthorized applications. Unfortunately, many employees in the Middle East are demonstrating risky behaviours that could lead to a successful cyberattack.

According to Proofpoint data, the Middle East’s working professionals are putting their employers at risk through their cybersecurity negligence. There is a real lack of ownership when it comes to cyber security: with only 17 percent of employees in the UAE and 14 percent in KSA believing that they share the responsibility for cybersecurity in their organization.

Worryingly, today’s hybrid work environment has intensified the risky behaviours that facilitate successful cyberattacks. From using USB drives and downloading attachments and files from unknown sources to clicking on malicious URL links – Middle East

organizations are at risk from many forms of insider threats. More than half (51 percent) of UAE employees and 44 percent of KSA-based employees have connected to home or public Wi-Fi networks without knowing if they are secure.

Driving behavior change

So what can organizations do to reduce people-centric risk and drive behaviour change? As traditional working models evolve, the old ways of protecting data no longer work.

Organizations will need to work together with their employees to up their game and adapt data loss prevention and insider risk solutions to protect endpoints, cloud apps, email, and the web. Data loss for organizations is more than an IT problem and employees must understand they play a critical role in preventing data breaches.

Cyber threat education for users is a part of the answer. A more sustainable and effective solution, albeit a more challenging one to implement, is building a security culture, that goes beyond compliance and training, and motivates and empowers users to keep their organizations safe.

Cybersecurity culture is defined as “the beliefs, values and attitudes that drive employee behaviors to protect and defend the organization from cyberattacks.” It is a strong factor in the development of positive security behaviors.

When employees feel responsible for helping prevent incidents it improves an organization’s overall security posture. When employees buy into the belief that security is everyone’s responsibility, it leads to higher vigilance, appropriate behavior and prevention of data theft. Overall, it helps reduce people-centric risk.

With a strong cybersecurity culture,

users learn to build sustainable habits that extend protection to their personal lives – which is even more vital in the hybrid work environment. After all, cyber threats and online scams do not end at work.

Proofpoint data shows that 31 percent of working adults in the UAE and 29 percent in KSA had their social media accounts hacked in the past year. More than one in five also admit they suffered financial loss due to fraud, while 21 percent of UAE and 19 percent of KSA respondents had their online credentials stolen in the past year.

Along with the sense of ownership for an organization’s cyber security, all users need to be empowered with the right knowledge and tools to identify threats and feel responsible for doing their part to prevent attacks from disrupting or damaging the organization. When faced with threats after-hours, on personal devices or when they least expect them, users then know how to thwart malicious cyber actors.

The good news is that organizations in the Middle East are taking the right steps to raise employee cybersecurity awareness. However, an effective and comprehensive cybersecurity awareness training program that adapts to the ever-evolving threat landscape is fundamental, as employees are increasingly accessing organizational data from multiple platforms, devices, and locations.

ARABIAN RESELLER - MARCH 2023 // EXPERT SPEAK 31

WHERE DOES CHATGPT FIT IN YOUR ORGANISATION?

ChatGPT is a viral sensation and we’re just at the beginning. Open AI’s ChatGPT is a cutting-edge AI technology that serves as an online chat interface. It uses natural language processing (NLP) and deep learning to process and respond to input prompts. What stands out the most about ChatGPT is that it is open to the public and accessible to all.

Although ChatGPT has been blowing up in popularity recently, its long-term impact is yet to be seen. There’s been plenty of speculation about ChatGPT overhauling the way we do things in business—from customer service to sales and marketing—and can easily replace traditional chatbots.

Moreover, what one must understand is that ChatGPT is not a tool that knows it all. The accuracy of ChatGPT is still under scrutiny. Large amounts of data are fed into the system, allowing it to string words in a seemingly meaningful way.

However, it is trained to be read as natural-sounding human language, not to be factually correct. So while ChatGPT shows short-term promise for handling simple interactions, the reality of a full-fledged AI assistant is still off in the distance.

Applications of ChatGPT

Let’s run down a list of business

operations where ChatGPT can lend assistance or overhaul the process.

Programming

The launch of ChatGPT spread existential dread among programmers. ChatGPT can scan through numerous lines of code in minutes and rectify errors, making it much more efficient than human coders. It also can generate boilerplate code and build applications, allowing the developers to work on intensive functions such as cybersecurity or optimizing the IT infrastructure.

Customer service

Existing online chatbots resolve repetitive queries effectively, however, they aren’t as powerful as ChatGPT’s ability to converse with customers with personalized predictive answers that are human-like.

Sales and marketing

ChatGPT can aid in effective lead generation and close deals by guiding customers through the buying process. It can also offer valuable insights that allow sales and marketing teams to make informative decisions and optimize the business strategy.

Copywriting

Its ability to summarize large texts and generate essays on various topics elevates the workload of a copywriter. While

editing and some types of writing require a human copywriter, easier tasks such as content for social media, product descriptions, and guides can be done by utilizing ChatGPT.

Translation

ChatGPT translates large texts coherently and allows human translators to dedicate their time to intensive tasks like documentation, which might be hard for AI to interpret.

Where does ChapGPT stand for business right now?

ChatGPT possesses helpful use cases, however, it isn’t the most accurate AI tool in the industry right now. Nevertheless, ChatGPT has the potential to transform the way we interact and become far more advanced than traditional chatbots.

From an enterprise IT perspective, ManageEngine’s AI-enabled solutions continue to prove their worth as they make IT admins’ lives easier by automating help desk operations, providing real-time insights about potential security incidents, offering conversational assistance, and providing preemptive solutions to customers’ problems using predictive analysis. These solutions provide value now, rather than relying on future developments to be business-ready.

FEATURE // ARABIAN RESELLER - MARCH 2023 32

YOU DESERVE THE BEST SECURITY

Only the best security can protect you from today’s complex cyber threats. Large scale, multi-vector attacks now threaten the fabric of organizations around the globe.

Check Point fully protects you against these Gen V attacks. Our transformative product innovations protect better than all other options.

In a world where threats are ever growing, you deserve the best security. Check Point.

CloudGuard
checkpoint.com
Harmony Horizon Quantum

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

WHERE DOES CHATGPT FIT IN YOUR ORGANISATION?

2min
page 32

BUILDING A SECURITY CULTURE IN A WORK-FROM-ANYWHERE WORLD

3min
page 31

SANS Institute to Provide Visitors With the Latest Industry Trends

3min
page 30

Nozomi Networks to Showcase OT and IoT Security Solutions

3min
page 29

Fortinet to Focus on Zero Trust Access, Secure Networking, Cloud Security, and Security Operation Solutions

2min
page 28

Edgio to Show Off Holistic Web Application and API Protection Solutions

2min
page 27

Claroty to Showcase its Cyber-Physical Systems Protection Solutions

2min
page 26

Check Point to Focus on Unified Security Architecture

2min
page 25

InoGates to Present HarfangLab at the GISEC 2023

2min
page 24

Zero Trust Will Reduce an Organization’s Attack Surface

2min
page 22

Zero Trust is Gaining Popularity

2min
page 21

The Energy Sector in Particular is Embracing Zero-Trust Technology

3min
page 20

Companies Must Place Greater Emphasis on Authenticating Digital Identities

2min
page 19

To Get Started With Zero Trust, Do Not Start With a Vendor

3min
page 18

Zero-Trust is Easier Said Than Done

3min
page 17

ZTNA is Evolving to Deal With the Threat Landscape

3min
page 16

The So-Called Castle and Moat Security Model is Dead

3min
page 15

Zero Trust is Already Mainstream

3min
page 14

Zero Trust is Not a Point Solution

3min
page 13

Zero Trust is Not a One-Time Project

3min
page 12

Zero Trust is an Increasingly Common Term Today

3min
page 11

Zero Trust Adoption is a Continuous Process

1min
page 10

The Concepts of Zero-Trust Are Still Being Evaluated

1min
page 10

Midea Hosts UAE Business Partner Convention

6min
pages 7-8

The Zero-Trust Framework is a Holistic Approach

4min
pages 5-6
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.