ISSUE 34 | JANUARY 2019
PREVIEW
Intersec 2019
WWW.TAHAWULTECH.COM
Movers & shakers
The latest news on who’s moving in the regional security industry
TRUSTING THE CLOUD Making the case for security investments
EAGLE EYE
JOSEPH JOHN ON HOW NORDEN COMMUNICATIONS MIDDLE EAST KEEPS WATCH ON FUTURE SMART CITIES
CYBER EXPOSURE PARTNER
CONTENTS
CYBERSECURITY SOLUTIONS PARTNER
The Cyber Exposure Company
FOUNDER, CPI MEDIA GROUP Dominic De Sousa (1959-2015) Publishing Director Natasha Pendleton natasha.pendleton@cpimediagroup.com +971 4 440 9139 EDITORIAL Managing Editor Michael Jabri-Pickett mjp@cpimediagroup.com +971 4 440 9158 Online Editor Adelle Geronimo adelle.geronimo@cpimediagroup.com +971 4 440 9135
16
Contributing Editors James Dartnell james.dartnell@cpimediagroup.com +971 4 440 9153 Janees Reghelini janees.reghelini@cpimediagroup.com +971 4 440 9167 DESIGN Senior Designer Analou Balbero analou.balbero@cpimediagroup.com +971 4 440 9140 Designer Mhar Delaben marlou.delaben@cpimediagroup.com +971 4 440 9156
19
ADVERTISING Group Sales Director Kausar Syed kausar.syed@cpimediagroup.com +971 4 440 9130
12
Senior Sales Manager Sabita Miranda sabita.miranda@cpimediagroup.com +971 4 440 9128 Sales Manager Nasir Bazaz nasir.bazaz@cpimediagroup.com +971 4 440 9147 Business Development Manager Youssef Hariz youssef.hariz@cpimediagroup.com +971 4 440 9111
EAGLE EYE
PRODUCTION Operations Manager Shweta Santosh shweta.santosh@cpimediagroup.com +971 4 440 9107
Norden Communications ME general manager Joseph John on the future of surveillance and physical security market.
DIGITAL SERVICES Web Developer Jefferson de Joya Abbas Madh Photographer Charls Thomas Maksym Poriechkin webmaster@cpimediagroup.com +971 4 440 9100 Published by
Registered at Dubai Production City, DCCA PO Box 13700 Dubai, UAE Tel: +971 4 440 9100 Fax: +971 4 447 2409
6
MOVERS AND SHAKERS
7
INTERSEC 2019
16
RISKY BUSINESS
Printed by Al Ghurair Printing and Publishing Regional partner of
© Copyright 2018 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.
The latest news on who’s moving in the regional security industry Top security vendors to watch at the regional trade show for security and safety The risk perception and privacy challenges of the cloud
22
22 MONEY TALKS
How to make the business case for security investments
32
CUTTING THROUGH THE NOISE
34
MIND THE GAP
Paladion on how to speed up incident detection and response amid growing volumes of threat data HPE’s Rabih Itani on how to close the cybersecurity gap in the digital era
NEWS
ESET JOINS GLOBAL ANTI-RANSOMWARE INITIATIVE
DR. KAREEM SABBAGH, DARKMATTER AND JAMAL HUWAIREB, MBRF
UAE TO DEVELOP LOCAL CYBERSECURITY TALENTS
ESET has been announced as the latest partner of No More Ransom, an international initiative between Europol, the Dutch National Police and major cybersecurity organisations in the fight against ransomware. The collaborative project helps victims of ransomware attacks recover their personal data and has so far managed to decrypt the infected computers of 72,000 victims worldwide. With its 130 partners, the No More Ransom online portal hosts a collection of 59 free decryption tools from multiple security software vendors, covering 91 ransomware families. Users from around the world can access the tools for free in order to recover data
The Mohammed bin Rashid Al Maktoum Knowledge Foundation (MBRF) and DarkMatter Group have partnered to develop the best digital talent for the UAE’s growing cybersecurity sector. DarkMatter Group has created the Associate Talent Programme, ATP, to partner with universities and government organisations across the UAE in a joint effort to create and employ local cybersecurity talent. The MBRF is the first signatory to the new programme. The agreement was signed by Jamal bin Huwaireb, Cultural Advisor to the Government of Dubai and CEO of MBRF, and Dr. Karim Sabbagh, CEO of DarkMatter Group. The ATP programme will be focused Hackers have reportedly stolen about on the acquisition of talent, promoting 500 million records from Marriott research and IP while supporting wider International’s Starwood Hotels moves towards digitisation for the whole reservation system in an attack that of the country. began four years ago, Reuters reported. Under the initiative, DarkMatter will The breach has exposed the personal hire and develop talented individuals data of customers including some currently studying in the fields of payment card numbers. computer science, software development, The hack reportedly began in data science, cybersecurity and STEM 2014, before Marriott offered to buy fields. MBRF will support by Starwood for $12.2 billion recruiting top graduates in November 2015, from across its network acquiring brands and partners, including Sheraton, which includes Ritz Carlton and the Ministry of PEOPLE IN UAE ADMIT TO HAVING the Autograph Youth, Emirates ISSUES WITH THEIR LOVED ONES AS Collection to Scientists Council, the A RESULT OF THEIR DEVICE RUNNING create the Ministry of world’s largest OUT OF BATTERY, BEING MISPLACED hotel operator. Education and OR GETTING STOLEN the United Nations The company Development closed the SOURCE: KASPERSKY LAB Programme, UNDP. Starwood deal in September 2016.
held hostage by ransomware attacks. Launched in 2016, No More Ransom decryption tools have so far kept around $22 million out of the pockets of cybercrimininals. The No More Ransom project recognises that the fight against ransomware requires a joint effort, and ESET’s involvement represents its ongoing commitment to partner with law enforcement to fight cybercrime and allow everyone to enjoy safer technology.
GLOBAL HOTEL CHAIN FACES LAWSUIT OVER MAJOR DATA BREACH
1-IN-5
4
JANUARY 2019
Marriott said for 327 million guests, compromised data could include passport details, phone numbers and email addresses. For some others, it could include credit card information, the Reuters report noted. Marriott said it first found out about the breach after an internal security tool sent an alert on 8th September. A class action lawsuit has reportedly been filed against the hotel chain and cybersecurity experts say the whole ordeal could have been detected years ago.
www.tahawultech.com
SAUDI ARAMCO INKS JV WITH US-BASED CYBER DEFENCE GIANT
SPIRE SOLUTIONS BOOSTS SECURITY OFFERINGS WITH CYBERSPONSE AVINASH ADVANI, SPIRE SOLUTIONS
Saudi Aramco and Raytheon Company, through its subsidiary Raytheon Saudi Arabia, have signed a Memorandum of Understanding to establish a joint venture company that will develop and provide cybersecurity services in the Kingdom and the region. The joint venture company will market and provide integrated defensive cybersecurity software and hardware capabilities and perform research and development activities. “We are excited about the joint venture which will support the Kingdom’s Vision 2030 by creating highly skilled jobs for Saudis in the cybersecurity sector and
will support the foundation for Saudi Arabia’s economic development,” said Saudi Aramco Senior Vice President of Finance, Strategy & Development Khalid H. Al-Dabbagh. In addition, the JV will increase the cybersecurity protections available to Saudi Aramco, its suppliers, customers and affiliates. It will also help build world-class cyber capabilities in Saudi Arabia and the region. “The partnership with Raytheon will help strengthen cybersecurity and enhance its infrastructure in Saudi Arabia and the broader region,” added Al-Dabbagh.
Spire Solutions has partnered with CyberSponse to enable organisations in the Middle East to adopt a holistic automation and orchestration platform to protect their most valuable assets, drive operational efficiencies and evolve against cyber threats through the integration of people, processes, and technology components of a security operations center. “Being the first and only patented platform to combine security orchestration, incident management and interactive investigation tools gives CyberSponse a competitive edge over other SOAR technologies. Our consistent efforts to focus on helping customers in region will only be strengthened by this partnership,” said Avinash Advani, CEO, Spire Solutions.
CYBER-ATTACK ON OIL FIRM TARGETS SERVERS IN THE GULF Italian oil services company Saipem said it had identified a cyber-attack out of India that had primarily affected its servers in the Middle East. “We are collecting all the elements useful for assessing the impact on our infrastructures and the actions to be taken to restore normal activities,” the firm said in a statement. Saipem’s head of digital and innovation, Mauro Piasere, told Reuters the attack had originated in Chennai, India. Servers in Saudi Arabia, the UAE and Kuwait had been attacked as too, partially, had infrastructure in Aberdeen in Scotland, he said.
www.tahawultech.com
But he added the group’s servers in its main operating centers in Italy, France and Britain had not been affected. “The servers involved have been shut down for the time being to assess the scale of the attack,” he said, adding that data back-up systems would be activated once the threat was eliminated. “There has been no loss of data because all our systems have back-ups,” he said. Saipem, which is controlled by Italian state lender CDP and oil major Eni, focuses on subsea engineering and construction.
JANUARY 2019
5
MOVERS AND SHAKERS
BT SECURITY NAMES KEVIN BROWN AS NEW MD
FIREEYE APPOINTS NEW CTO FOR EMEA > EHAB DERBAS, SPIRE SOLUTIONS
EHAB DERBAS LEADS SPIRE SOLUTIONS’S SAUDI OPERATIONS
> KEVIN BROWN, BT SECURITY
BT has announced the appointment of Kevin Brown as managing director of BT Security. As part of his new role within the company, Brown will be responsible for BT’s physical and cybersecurity activity around the world. Brown succeeds Mark Hughes, who is stepping down at the end of this year to take up a new position outside of BT. As a global cybersecurity services provider, BT has 3,000 experts around the world protecting its operations across 180 countries as well as its customers’ networks. Its global network of Security Operations Centres protects BT against 125,000 cyber-attacks every month and provides cybersecurity solutions and services to consumers, governments and businesses, including some of the world’s largest multinational organisations. Brown joined BT in 2012, following a 20-year career in law enforcement. He has specialised in security throughout his time at BT, and in previous roles has led its global investigation and intelligence teams and driven the modernisation of BT’s protection systems. In his previous role, Brown led BT Security’s engagement with international governments, and managed its relationships with international law enforcement agencies such as Interpol and Europol. “I’m thrilled to be leading BT’s security operations at a time when the need to protect households, business, governments and entire nation states from damaging cyber-attacks has never been greater,” said Brown. “Our global network gives us a ringside view of the latest threats so we can anticipate and mitigate emerging attacks before they impact our business or our customers. Our expertise in securing BT’s global network is why organisations around the world trust us to protect their most critical assets. I’m really looking forward to continuing the rapid growth that BT Security has seen in recent years.”
6
JANUARY 2019
> DAVID GROUT, FIREEYE
FireEye has appointed David Grout as CTO for EMEA to help drive regional sales and the technological development of products. As part of the CTO role, Grout will be looking to increase adoption and awareness of new products to support business growth. To achieve this, he will be engaging with customers to understand their needs and validate the technical direction and roadmaps of FireEye in EMEA. This regional insight will be fed back to the corporate engineering and product management teams.
Regional VAD Spire Solutions has announced that it will be expanding its footprint to Saudi Arabia with a local presence in Riyadh. The company has also appointed Ehab Derbas as the new country manager for Saudi Arabia. According to recent industry reports, Middle East’s cybersecurity market is expected to grow from $11.38 billion in 2017 to $22.4 billion in 2022, with Saudi Arabia expected to have the largest share during the five-year period. Spire Solutions aims to take advantage of the opportunities in the Kingdom with the launch of its local operations. “Saudi Arabia is one of the world’s highest spenders on cybersecurity, and with good reason,” said Ehab Derbas, country manager, Saudi Arabia, Spire Solutions. “It has a robust economy with some of the region’s biggest organisations, a large population, a strategic geographic location and a strong consumer spending power. All of this makes it an extremely attractive target for cyber criminals, which explains its growing need for security.”
“THE NEED HAS NEVER BEEN SO HIGH FOR INNOVATIVE TECHNICAL SOLUTIONS THAT COMBAT INCREASINGLY SOPHISTICATED CYBER-ATTACKS. THEREFORE, IT’S A GREAT TIME TO TAKE ON THIS NEW ROLE AND HELP DEVELOP TOOLS TO PROTECT ORGANISATIONS IN EMEA. THESE TECHNICAL SOLUTIONS COMBINED WITH THE THREAT INTELLIGENCE AND EXPERTISE OF FIREEYE MEANS WE CAN OFFER A HIGH LEVEL OF PROTECTION FOR OUR CUSTOMERS.” www.tahawultech.com
PREVIEW
INTERSEC 2019 THE LATEST EDITION OF INTERSEC IS EXPECTED TO DRAW IN MORE THAN 1,300 EXHIBITORS FROM 59 COUNTRIES. TAKING PLACE ON 20TH TO 22ND JANUARY 2019 AT THE DUBAI WORLD TRADE CENTRE, THE THREE-DAY MEGA EVENT WILL FEATURE THE LATEST AND MOST PERTINENT SECURITY AND SAFETY SOLUTIONS. SECURITY ADVISOR MIDDLE EAST BRINGS YOU SOME OF THE VENDORS TO WATCH OUT FOR AT THE EVENT.
www.tahawultech.com
JANUARY 2019
7
PREVIEW
Company: HID Global Visit them at: Sheikh Saeed 1, I50
Wisam Yaghmour, Regional Sales Director, Middle East, HID Global What products and solutions are you showcasing at Intersec? We will unveil a number of new solutions at Intersec this year including: a new cloud-based solution that is built on HID’s proven access control infrastructure to help partners create seamless and intuitive workplace experiences; our new HID Reader Manager – a tool that streamlines management and field upgrades of iCLASS SE readers; and our new HID FARGO HDP6600 High Definition Printer/ Encoder that completely re-engineers the retransfer printing concept to save customers time, money and energy. In addition, we will also showcase our HID Mobile Access, which leverages HID’s Seos credential technology. How have the perimeter and physical security space evolved over the past year? Trusted identities are emerging as one of the fundamental building blocks for creating environments that more effectively connect an organization’s people, places and things. One of the most disruptive trends we’ve seen in 2018 was moving physical
8
JANUARY 2019
access control systems (PACS) to the cloud. Early adopters have charted a course for transforming entire industries by creating a unified mobile PACS experience that leverages the power of trusted IDs. How can your offerings enable smart and safe cities? HID’s Seos technology enables smart cities by making it possible to use multiple applications on a single smart card, smartphone or wearable to access doors, printers, cloud applications, computer networks and a variety of building services in a connected smart building or smart residence. Users simply tap their device to a reader or wireless lock for secure access to their home, parking garages, elevators and more.
Company: Lenovo DCG Visit them at: Sheikh Saeed 1, D14
Chris Cooper, Director MEA, Lenovo DCG What products and solutions are you showcasing at Intersec? At Intersec 2019 we will be showcasing Lenovo’s Smart Cities capabilities which include our recently announced strategic partnership with Pivot3. The partnership consists of developing a new set of
edge computing solutions optimized for mission-critical smart city security and the integrated appliances feature Lenovo Data Centre Group (DCG) ultra-reliable ThinkSystem servers which are powered by Pivot3 HCI software. In line with our strategy to empower ‘Intelligent Transformation’, we will also be showcasing an array of products and solutions that are fit for the ‘Intelligence Revolution’ era. Our latest offerings respond to the appetite for new technologies that meet the demands of customers and consumers, harnessing the potential of data, cloud computing and machine learning. How will AI and machine learning disrupt the physical security landscape? AI and machine learning are currently disrupting a myriad of sectors in the Middle East and the physical security landscape will not be left out, especially where infrastructure capabilities lie. A great example of how AI and machine learning are disrupting the physical security landscape is in our recent work with the City of Bogotá, Colombia with Pivot3. Bogotá needed to refresh its complex monitoring system of over 1000 cameras of different vendors, so they deployed our highly efficient Lenovo/Pivot3 edge computing solution to achieve maximum infrastructure efficiency and scale the entire security network into a central control centre, out of which at least four visualization locations operated by police is served. With this new deployment in edge computing, the City of Bogotá is now able to seamlessly scale performance requirements as surveillance needs grow. How can your offerings enable smart and safe cities? Our mission is to help solve humanity’s
www.tahawultech.com
greatest challenges through our innovative High-Performance Computing and Augmented Intelligence solutions. The innovations taking shape at Lenovo are creating the capacity and computing power for the connections that are changing the world of business, making our cities smarter and improving conditions in our society. Following our initial deployment of Lenovo/Pivot3 edge computing for the City of Bogotá, the suburbs of Bogotá additionally chose the combined Pivot3Lenovo technology for another 2,000 cameras. Widespread employment of the solution is currently underway as it is becoming available and installed in markets across the globe.
Company: Norden Communication Visit them at: SA- J17
Lindon Francis, technical manager, Norden Communication ME What products and solutions are you showcasing at Intersec? At this year’s Intersec, we will be featuring our fixed lens Dual Vision camera offering. This series provides an all-in-one solution that is beneficial for long distance video surveillance in outdoor applications. Together with thermal technology, the camera’s long
www.tahawultech.com
range capabilities are able to be utilised even at night. We will also introduce our latest Classic series products by upgrading H.265 encoding technology, bringing high efficient video compression. It saves bandwidth and storage, energy-saving design to enhance the monitoring system. In addition, the series offers features such as Smart IR technology, intelligent image analysis techniques. Furthermore, we will also showcase Eyenor’s multi-sensor camera, which allows organisations to capture wide area video surveillance. How will digital surveillance and video analytics technologies evolve in 2019? We can expect advancements in video quality in terms of quality, which will enable systems to better capture images in great detail even in long distances and in unideal environments. This provides benefits such as being able to search for a specific car number plate (ANPR detection) or a school going through a database of facial images to search for the location of a pupil. Imagine an art gallery raising an alarm should a picture be removed, caught by the change in pixels off the CCTV camera. Furthermore, we can expect surveillance technologies to be more consolidated this year. This will primarily due to organisations adopting technologies that have multiple capabilities thereby reducing the number of cameras in their systems. In addition, systems will also be using less storage space as video systems optimise more compressed recording resolutions. What have been the biggest challenges surrounding the perimeter security? The biggest challenges include data security and keeping the
recorded surveillance data for closed environment. Another challenge is being able to integrate the latest security solutions with the surveillance technologies available. Reducing storage capacity by reducing recoding bandwidth and finding new video compression techniques are also among the bottlenecks that organisations face. Furthermore, today’s attacks on perimeter security consist of complex and frequent threats, including hacking and cracking attacks; viruses, worms, and malware; and advanced persistent threats (APTs). In the past, attacks targeted a system’s default configurations or improper settings with the intention of defacement or possibly misuse of technology resources. Modern attacks, however, aim to capture valuable content, from financial assets to personnel data including surveillance records.
Company: Pivot3 Visit them at: Sheikh Saeed 1, D14
Ayaz Mohammed, regional sales director, MEA, Pivot3 What products and solutions are you showcasing at Intersec? We will be showcasing our solutions for
JANUARY 2019
9
PREVIEW
hyperconverged infrastructure for IoT and surveillance applications. How have the perimeter and physical security space evolved over the past year? With the rising threat levels worldwide and regional issues, leaders from both public and private sectors in the Middle East have been implementing multiple measures to safeguard and protect the critical infrastructure, national assets and prioritise safety for their citizens and expats. As technology continues to evolve and become more powerful, physical security solutions have undergone a massive shift in the way they are structured and deployed. It is no longer just about throwing in a bunch of sensors like cameras, perimeter detection, all over the facility and ticking the compliance box. High performance and intelligent infrastructure is the new norm which adds value to the customer and enhances overall security. How can your offerings enable smart and safe cities? Pivot3 has been at the forefront of the Hyperconverged Infrastructure especially in the IoT and IP Video Surveillance space long before the term was coined and when analogue solutions were still the major chunk of the market. The bottleneck in critical sites is not the edge sensors or the network, rather it’s the server/storage infrastructure. As applications become smarter, they require a fast-underlying architecture to function as they handle large datasets. We have been disrupting the market with our unique technology which gives the highest performance compute and storage across a virtual pool and seamlessly grows as the requirements
10
JANUARY 2019
increase. For example, with our latest portfolio, we can easily manage and record 15,000+ cameras at Full-HD (1080p), 12FPS as per local regulations, in a single pool of 12 x 2U Pivot3 appliances. This includes both the compute and storage in the same 24U Rackspace with hardware failover, thus eliminating the server to SAN bottleneck experienced by customers using traditional architecture. Swift data analysis and retrieval are also possible with our patented Erasure Coding and cross-node writes. It also means reduced cooling, Rackspace and enhanced high availability for the entire system. There’s absolutely no single point of failure and some components are even designed to withstand multiple component failure beyond n+1.
Company: Western Digital Visit them at: Trade Centre Arena, H18
Khwaja Saifuddin, senior sales director, Middle East, Western Digital What products and solutions are you showcasing at Intersec? At this year’s Intersec, WDC will be showcasing its expanded range of AI-enabled edge to core surveillance
solutions. The video surveillance market in the Middle East is growing and this in turn puts the spotlight on storage solutions that support the exponential growth in surveillance data and footage. According to IDC, the amount of data generated by surveillance solutions is expected to grow by 25% per year through 2022 globally. As the surveillance industry moves to higher-resolution cameras and new applications requiring realtime analytics, WDC’s full edge-to-core surveillance portfolio shifts focus from ‘seeing’ to safety and insights. How has the surveillance storage market grown over the years and what trends should organisations look out for in 2019? In the Middle East, we see emerging demand for security and surveillance. Video surveillance technology has been developing in leaps and bounds and the storage solutions to support it have also been evolving. We have seen an increase in purpose-built storage for surveillance environments. WD has developed the best in class storage technology and solutions for surveillance integrators and systems vendors’ environments that enable capturing, preserving, transforming and accessing video as part of comprehensive surveillance solutions. We are constantly evolving our technology to ensure that we deliver what the market needs. The volume and complexity of data will only increase. This explosion of data brings with it unprecedented opportunities. Customers are looking for storage solutions that unlock the value of data. Storage technology needs to be geared towards enabling business leaders to make better, more informed and smarter decisions that are backed by not just data but by insights.
www.tahawultech.com
29th January 2019
Habtoor Grand Resort, Autograph Collection, Dubai Marina Recognise your technology leader as one of Dubai’s top 100 digital leaders CNME is now accepting nominations for its 2019 CIO 100 Awards. Is your organisation’s CIO one of Dubai’s best technology leaders or are you a CIO which has made innovative and transforming changes? If so, Nominate now! The CIO 100 Awards celebrate leaders who are driving digital change in the Middle East and constantly striving for innovative practices. CIO 100 winners will receive their award at our annual CIO 100 Awards Ceremony and will also be featured in the February 2019 issue of CNME magazine. *CIOs, CTOs, IT directors and equivalents are invited to take part in the CIO 100 nominations.
#CIO100ME www.tahawultech.com/cio100/2019/ For sponsorship enquiries Kausar Syed Group Sales Director kausar.syed@cpimediagroup.com +971 4 440 9130 / +971 50 758 6672
Youssef Hariz Business Development Manager youssef.Hariz@cpimediagroup.com +971 4 440 9111 / +971 56 665 8683
Sabita Miranda Senior Sales Manager sabita.miranda@cpimediagroup.com +971 4 440 9128 / +971 50 778 2771
Nasir Bazaz Sales Manager nasir.bazaz@cpimediagroup.com +971 4 440 9147 / +971 50 101 2027
PLATINUM PARTNER
STRATEGIC TECHNOLOGY PARTNER
DIGITAL TRANSFORMATION PARTNER
DIGITAL WORKSPACE PARTNER
STRATEGIC VAD PARTNER
GOLD PARTNER
CLOUD & MANAGED SERVICES PARTNER
HOSTED BY
CYBERSECURITY PARTNER
STRATEGIC ERP PARTNER ON CLOUD AND PREMISE
ORGANISER
COVER STORY
Joseph K John General manager, Norden
12
JANUARY 2019
www.tahawultech.com
EAGLE EYE
BUILDING ON ITS LEGACY AS A PLAYER IN THE IT INFRASTRUCTURE MARKET, NORDEN COMMUNICATIONS ME IS DEVELOPING ITS PRESENCE IN THE SURVEILLANCE MARKET WITH ITS EYENOR RANGE OF PRODUCTS. GENERAL MANAGER JOSEPH K JOHN SITS WITH SECURITY ADVISOR ME AND DELVES INTO THE LATEST TRENDS DRIVING THE PHYSICAL SECURITY MARKET.
“AS A STRUCTURED CABLING MANUFACTURER, WE HAVE EXTENSIVE EXPERTISE ON NETWORKING INFRASTRUCTURE, WHICH IS INSTRUMENTAL IN DEVELOPING SURVEILLANCE TECHNOLOGIES.” www.tahawultech.com
A
s cities become smarter, organisations from both public and private sectors are increasingly looking for innovative ways to use technology to ensure public safety and security. Video surveillance plays a key role in enabling smart and safe cities. According to the latest research report from Marketsandmarket, the video surveillance market is estimated to grow from $36.89 billion in 2018 to $68.34 billion by 2023.
JANUARY 2019
13
COVER STORY
Cities have long looked to video surveillance for crime deterrence and public safety and with advancements in technologies such as the Internet of Things video systems offer advanced smart capabilities as well. As a reputed brand in the structured cabling market, Norden Communication Middle East has dedicated its expertise in developing products that meet the end-to-end requirements of organisations in the telecommunications, industrial and utilities sectors. The Middle East arm of UKbased Norden Communications has started its regional operations in 2008 with Dubai as the hub. Today, the company has a presence across all GCC countries as well as in Africa, India and South East Asia.
14
JANUARY 2019
“Norden strives to provide regional organisations with a diverse range of solutions they need amid the growing digital landscape,” says Joseph K John, general manager, Norden Communication Middle East. The company offers an array of products from copper and fibre connectivity solutions, industrial cables,
“WE BELIEVE WE HAVE THE ADVANTAGE TO BECOME A ONE-STOPSHOP FOR PERIMETER SECURITY.”
telecommunication distribution and closets and NVS – public alarm systems. With the rise of the Internet of Things, where a whole gamut of security, communications and networking solution will be integrated, smart cities are rapidly becoming a reality. Having seen this transformation, Norden found an opportunity to deliver products that it believes will further add value to the changing physical security environments – surveillance systems. “IoT is helping create safer cities, homes, and businesses by enabling both private and public organisations to securely and remotely monitor facilities and public spaces in real-time with smart security and surveillance solutions,” says John. “As a structured cabling manufacturer,
www.tahawultech.com
we have extensive expertise on networking infrastructure, which is instrumental in developing surveillance technologies. Over the last few years, the company has made significant investments in R&D to develop new product innovations that will enable seamless integration of physical security systems. “We believe we have the advantage to become a one-stop-shop for perimeter security,” says John. “Our diverse knowledge of the industry standards and international protocols on networking systems as well as copper and fibre optic solutions give us a competitive advantage in producing top-grade surveillance solutions,” he adds.
www.tahawultech.com
“Basically, everything starts from the cable,” he says. “It is the foundation of the physical layer from connectors to internal switchers to other components such as cameras. That’s where our strength lies and that’s why we believe we have an edge in the market. In 2016, Norden has introduced its surveillance system product line – EyeNor, which includes Classic Series - IP System; Classic Series – Analogue System; Value Line Series - IP System; and Starlight and High-End series - IP based system – at Intersec Dubai. Demands for CCTV surveillance are increasingly evolving as organisations today are opting for IP video surveillance because of the various benefits offered by IP networks, according to John. “The shift from analogue to IP has led organisations to spend on technologies that add scalable security surveillance solutions to their physical security and we are well-equipped to assist them in that transition. Niche technologies such as thermal cameras also continue to see a demand in the market, with
$68.34 BILLION
FORECASTED VALUE OF THE VIDEO SURVEILLANCE MARKET BY 2023 SOURCE: MARKETSANDMARKETS
additional features that can stand up to the harsh weather conditions.” Looking ahead, John believes that 5G will have the biggest impact on future surveillance technologies. “5G is all about faster speeds,” he explains. “It will be instrumental in boosting the bandwidth that supports the transmission of high-quality videos. It will also enable real-time video surveillance and analytics. “In addition, we can expect artificial intelligence and machine learning technologies to be more integrated into surveillance products and solutions. AI and machine learning can dramatically increase the effectiveness and accelerate the analysis of the images from video surveillance cameras in order to recognise humans, vehicles or objects.” To demonstrate its commitment to the region and showcase its latest innovations, Norden will be taking part at this year’s Intersec, which will take place on 20th-22nd January in Dubai. At the show, Norden will place the spotlight on a range of its offerings including the EyeNor Dual Sensor Temperature Detection Bullet Camera with thermal imaging capabilities; EyeNor Multi-Sensor Panoramic IR IP camera, which supports 180-degree panoramic view; and the EyeNor IP Bullet Camera with Smart Analytics features. In the coming years, John says Norden will continue to make significant investments in innovating its products by keeping abreast with the latest technologies in the market. “We may not be as big as the ‘heavyweights’ in the market but our eyes are always on the horizon and we make sure that we are privy to the trends that will disrupt the market,” he says.
JANUARY 2019
15
FEATURE
RISKY BUSINESS THE CLOUD IS EVERYWHERE TODAY. HOWEVER, MANY ORGANISATIONS AS WELL AS INDIVIDUALS STILL DON’T FULLY TRUST THE NATURE OF THE CLOUD. SECURITY CORRESPONDENT DANIEL BARDSLEY SPEAKS TO EXPERTS ABOUT THE RISK PERCEPTION AND PRIVACY CHALLENGES OF THE CLOUD.
16
JANUARY 2019
www.tahawultech.com
N
o brand is more iconic than CocaCola, a beverage powerhouse with a global reach that, despite growing health concerns over sugar-rich fizzy drinks, helped its parent firm to make profits of more than $1 billion last year. Coca-Cola may trace its history back to the 19th century, but The Coca-Cola Company is not stuck in the past: in today’s digitised world, cloud computing is playing a central role in streamlining the production and distribution of the household-name drink. “We wanted to use the cloud because we wanted to automate everything – from the moment we make the bottle to reaching the customer,” says Luciano Ludwig, a system solution architect for The Coca-Cola Company. Headquartered in Atlanta, Georgia, The Coca-Cola Company has developed a cloud-based system involving NetApp HCI, a hyper-converged infrastructure produced by NetApp, the Californianbased cloud data services company. Ludwig, speaking to Security Advisor Middle East at the recent NetApp Insight 2018 event in Barcelona, the cloud data services company’s annual gathering for EMEA, says the automation extends even to ensuring that delivery trucks have fuel to reach businesses that require the drinks. The programme that Ludwig has been involved with “didn’t find any security problems” linked specifically to the use of the cloud. However, the recently released “Cloud Adoption and Risk Report 2019” from the cybersecurity provider McAfee highlights a range of cloud-related potential security issues.
www.tahawultech.com
A key finding of the report is how many files with sensitive data are now being shared in the cloud, with the number having increased 53 percent year-onyear. What is behind this increase? “There are now more cloud applications for businesses to store information in than before. There are many HR applications and healthcare applications that are cloud-based,” says Nigel Hawthorn, McAfee’s spokesperson for EMEA. “But there’s a second, perhaps more hidden, reason: we as individuals are trusting the cloud more than before. “As data increases generally because of the merging of personal and business life, our own information – financial information, health information, photocopies of passports – are also in the cloud because we recognise that’s where data is often stored. “I, as an individual, have a lot more data in the cloud. That’s not necessarily a bad thing but it’s data that we wouldn’t worry about controlling before.” Hawthorn says the problem is not the fact that the data is in the cloud, but that it may have been shared with someone with whom it should not have been shared. It is easy to share files, but also easy to share a folder and, a few months later, to add more files to that folder, or to share a folder while forgetting that it contains another folder with sensitive information. In these ways information gets shared almost unintentionally. “It’s not down to IT on their own. Employees have to take their responsibility, but they need to be trained to understand the issues,” says Hawthorn. A dramatic finding of the report is the huge disparity between the number of cloud services that companies think they are using – the average is 31 – and the actual number, which is 1,935. Hawthorn says people sometimes look at him in disbelief when they hear figures like these. But if services such
THE HYBRID CLOUD AND MULTI-CLOUD At the recent NetApp Insight 2018 event in Barcelona, multi-cloud and hybrid cloud environments are at the centre of discussions. Multicloud is a common arrangement involving the use of more than one public cloud provider. For example, the majority of Amazon Web Services (AWS) users also make use of Microsoft’s Azure technology. When third-party public clouds and on-premises private clouds are used together, the term hybrid cloud is used. What cybersecurity vulnerabilities, if any, do these arrangements create? Kirk Ryan, a lead cloud solutions architect at NetApp, does not think they present risks in themselves. However, as cloud environments become more complex, he does have concerns over the potential for a “skills gap” over how to deal with the myriad threats that exist. It can be difficult, according to Ryan, to learn the various security protocols of more complex set-ups. “For example: does the team doing AWS as well as cloud on-prem know how to monitor that?” says Ryan. Nigel Hawthorn of McAfee says that more complex arrangements such as hybrid clouds require organisations to look for potential problems in multiple places. “You need to look at all your cloud environments, both private and public, to try to ensure that you’re putting in the security measures that you need,” he says. “I recommend having a system that provides a holistic view of cloud services, which makes securing such environments more effective and easier to manage.”
JANUARY 2019
17
FEATURE
as pdf converters and booking systems for hotels are taken into account, it becomes easier to understand why the numbers are so high. “All of these are typically cloud services where somebody may well choose to upload information without thinking about the securing issues around that,” he says. “The biggest question for every IT manager is, ‘What’s that gap? There’s over 1,000 services I didn’t know about. What are they? What are they being used for? Are they low or high risk? Are they OK for my users to use?’ “In the Middle East, where people typically think cloud is less used, when we’ve done tests we’ve also found at least 1,000 different services.” As enterprises move to the cloud “very fast”, after what could have been decades of security measures for an onpremises network, Hawthorn says they must ask questions of themselves. “Are you going to keep these same policies and processes when moving data to the cloud? It can be done, but you need to think that, in your rush to the cloud, you don’t forget to have these security measures installed,” he says. A common concern over cloud services is that users rely too heavily on cloud providers to deal with security. Hawthorn reminds users that cloud service providers are responsible
KEY FINDINGS OF MCAFEE’S CLOUD ADOPTION AND RISK REPORT 2019
21%
31.3
53%
27.7%
PROPORTION OF FILES IN THE CLOUD CONTAINING SENSITIVE DATA.
ANNUAL INCREASE IN NUMBER OF FILES WITH SENSITIVE INFORMATION SHARED IN THE CLOUD.
3.2 BILLION 80% NUMBER OF EVENTS IN THE CLOUD THAT THE AVERAGE ORGANISATION GENERATES PER MONTH.
for the “low-level security”, which includes patching the operating system, connectivity and the servers. “But don’t let that lead you into a false assumption that everything is the responsibility of the cloud service provider,” says Hawthorn. “It’s always the company’s responsibility to decide which users can
“WE WANTED TO USE THE CLOUD BECAUSE WE WANTED TO AUTOMATE EVERYTHING – FROM THE MOMENT WE MAKE THE BOTTLE TO REACHING THE CUSTOMER.” JANUARY 2019
ANNUAL INCREASE IN THE NUMBER OF THREAT EVENTS (COMPROMISED ACCOUNT, PRIVILEGED USER OR INSIDER THREAT) IN THE CLOUD.
OVER
Luciano Ludwig, The Coca-Cola Company
18
NUMBER OF THESE EVENTS WHICH ARE THREAT EVENTS.
PROPORTION OF ORGANISATIONS EXPERIENCING AT LEAST ONE COMPROMISED ACCOUNT THREAT PER MONTH.
use it; it’s the company’s responsibility to have data loss prevention if they want to.” An increasingly popular technology for highlighting potential cybersecurity breaches is behaviour analytics, which uses artificial intelligence to analyse past activities. This, in turn, can identify unusual events that could indicate fraud. “The company has five years of data on me and the devices I use, the cloud services I use, the amounts of data I put there and use, the countries I visit,” says Hawthorn. “In the last five years I’ve been to the USA and all around EMEA, but I haven’t been anywhere in Asia. If, all of a sudden, I try to log onto an Android device in China, two things pop up: I’m in a different country and I’m using a different application. It’s strange behaviour; let’s force them to re-authenticate.”
www.tahawultech.com
FEATURE
PREMIUM PROTECTION AS THE THREAT LANDSCAPE CONTINUES TO GROW, THE FIGHT BETWEEN ORGANISATIONS AND CYBERCRIMINALS CAN OFTEN FEEL LIKE A HIGH-STAKES CAT-AND-MOUSE GAME. TO REDUCE THE IMPACT OF CYBER-ATTACKS AND DATA BREACHES, COMPANIES TODAY NEED TO BE FINANCIALLY PREPARED AND HAVING A CYBER INSURANCE MAKES SMART BUSINESS SENSE, SECURITY CORRESPONDENT DANIEL BARDSLEY REPORTS.
D
r Florian Kerschbaum, the executive director of the Waterloo Cybersecurity and Privacy Institute in Canada, has been observing the cyber insurance market since the late 1990s. More recently, his personal experiences, not just his academic work,
www.tahawultech.com
have indicated to him the possible need that both individuals and businesses may have for cyber insurance. “I’ve been offered identify fraud insurance by a whole bunch of insurers which would be targeting the individual,” says Dr Kerschbaum, an associate professor at the University of Waterloo, where the institute he directs is based. “And I know a local doctor in the town who’s been hacked. Their general liability insurance in this case covered cyber
security and they were covering the costs of [fixing] the system so I think particularly the small [businesses] are the ones who should take out cyber insurance.” Dr Kerschbaum’s experiences hint at a wider trend: as cyber threats appear to grow, cyber insurance is becoming ever more important and the sector is expanding fast, in contrast to earlier years, when it often failed to meet growth forecasts. The increased profile of the sector has been noticed by others.
JANUARY 2019
19
FEATURE
“I’ve been dealing for the last two years with SMEs [small and medium-sized enterprises]. At the start of 2016, very few had even heard of cyber insurance. Today, a majority of SMEs have implemented it in some level. That might be very, very low level, but they’ve got some support,” says Jake Moore, a cybersecurity specialist with the UK-based internet security and anti-virus company ESET. Statistics back this up. The cyber insurance market was worth $4.2 billion in 2017, according to Indian-based Zion Market Research, approximately a tenfold increase on a decade earlier. The overwhelming majority of coverage was in the United States. In addition, over the past decade or so, the number of insurers offering cyber insurance has, according to reports quoting the insurer Chubb, increased almost four-fold to about 65. The forecasts are for cyber insurance to keep expanding at a breathless pace, with turnover likely to exceed $8 billion by 2020, according to Morgan Stanley. Annual growth is running at more than 25 percent, according to Zion Market Research, thanks to the rapid growth in online shopping, the digitisation of government data and the enforcement of legislation on data breaches, especially in the United States. Cyber insurance policies can cover a wide variety of incidents, ranging from hacking to extortion to the costs of dealing with the fallout of data breaches,
which includes contacting customers and even paying fines for breaching regulations on data security. Yet, for all that cyber insurance is becoming increasingly mainstream and offered by larger numbers of insurers, difficulties remain. “The primary factor that has limited the growth of cyber insurance has been the lack of good data about how frequently cybersecurity incidents occur and how much they cost. This makes it extremely difficult to build reliable actuarial models,” says Dr Josephine Wolff, the author of the book You’ll see this message when it is too late:
Dr Josephine Wolff
“THE PRIMARY FACTOR THAT HAS LIMITED THE GROWTH OF CYBER INSURANCE HAS BEEN THE LACK OF GOOD DATA ABOUT HOW FREQUENTLY CYBERSECURITY INCIDENTS OCCUR AND HOW MUCH THEY COST.” 20
JANUARY 2019
The Legal and Economic Aftermath of Cybersecurity Breaches. Wolff, an assistant professor in the Rochester Institute of Technology’s Department of Public Policy in the United States, says that the data is improving for certain types of incidents such as data breaches, because companies are required to report many of these by law. “For other types of incidents, such as ransomware or denial-of-service attacks, the data is not improving as rapidly and there are still significant challenges,” she says. Observers have pointed out that risks do not remain static and, because they are often linked to human behaviour, can be hard to quantify. Despite concerns that some insurers are exposing themselves to risks they do not fully understand, cyber insurance appears so far to be as profitable as other forms of insurance, with reports indicating that the ratio of losses to premiums is about 55 percent. Even some large incidents, such as
www.tahawultech.com
2017’s WannaCry ransomware attack, have not required vast payouts. But there are signs that this is changing. The June 2017 NotPetya cyber-attack affecting the pharmaceutical company Merck is thought to be likely to cost insurers well over $200 million, possibly an expensive portent of things to come. Risks are expanding thanks to the march of digitisation, the way that the Internet of Things is extending its reach into more industries, and the reality that hackers are becoming ever more sophisticated. “I think that there are a number of potential threats that we only very rarely hear incidents about [yet],” says Kerschbaum. “One is critical infrastructure, including life-threatening kinds of incidents. So, if you are able to melt a nuclear power plant, that’s a very different kind of threat scenario. “We’ve seen these cyber-physical systems pose completely different threat levels to those right now.” Kerschbaum also sees digital currencies and the banking system as being at risk of major attacks that could, in turn, hit insurers hard. Aside from the question of how cyber insurers will fare is the issue of whether companies themselves benefit from being insured and what possible negative incentives the existence of cyber insurance creates. “Depending on what your insurance policy covers, it’s possible that insurance will lead to companies being more willing to pay ransoms or create moral hazards problems where companies do less to secure their own data because they know any losses will be covered by their insurers,” warns Wolff. Concerns have even been expressed by others that insurers could end up paying ransoms to “terrorist” cyber attackers.
www.tahawultech.com
Jake Moore, ESET
“COMPANIES NEED TO AVOID USING CYBER INSURANCE AS AN ALTERNATIVE TO ROBUST CYBER DEFENCES.” Wolff adds, though, that most policies do not cover extortion and many have relatively high deductibles, which helps to drive down some of these unintended consequences. There is no question, according to Wolff, that companies of all sizes are now buying cyber insurance, perhaps especially small and medium-sized enterprises that cannot afford to invest in security in-house. She does not see this, however, as a case of businesses buying insurance as an alternative to investing in cyber defences. “Many smaller companies do not have the resources to employ and support their own in-house security staffs and therefore have to rely more on third parties and insurance policies for protection,” she says.
$8 BILLION
FORECASTED VALUE OF THE GLOBAL CYBER INSURANCE MARKET BY 2020 SOURCE: MORGAN STANLEY
Indeed, ESET’s Moore warns companies against using cyber insurance as an alternative to robust cyber defences. “Companies need to prevent it from happening because they cannot simply rely on insurance,” he says. What can cyber insurance do in the event of a ransomware attack? When it comes to ransomware attacks, a key benefit of having cyber insurance may be access to experts who can advise on how to respond, something likely to be especially welcome given the stresses that such events create. According to a briefing document by JLT Specialty, an insurance broker, background knowledge can help a company that has fallen victim decide whether or not to pay up. The nature of the attacker, the question of whether data can be recovered and the likely results if a ransom is paid should be factored in when determining whether to pay. The insurer may be able to carry out the negotiations on behalf of the client, determine if paying up breaches regulations, actually make the payment, typically in a cryptocurrency, and eliminate the risk of further incidents. There are moral considerations too, ones that have raised concerns with Jake Moore, a cybersecurity specialist with ESET, who says there have been “unethical” cases of attackers being paid off.
JANUARY 2019
21
FEATURE
MONEY TALKS THE THREAT LANDSCAPE IS IN CONSTANT MOTION – EVER EVOLVING. DESPITE NEW THREATS EVERYDAY AND CRIMINALS REGULARLY DIVERSIFYING THEIR ATTACKS, MAKING A STRONG CASE FOR SECURITY TO MANAGEMENT REMAINS AS A CHALLENGE FOR MANY IT SECURITY TEAMS. SECURITY ADVISOR MIDDLE EAST SPEAKS TO INDUSTRY EXPERTS TO GET INSIGHTS ON HOW IT SECURITY LEADERS CAN BEST JUSTIFY INVESTMENTS.
22
JANUARY 2019
www.tahawultech.com
W
hich IT security technologies will see increased uptake in 2019? As the threat landscape evolves, so do IT security technologies. The IT market has seen the new technologies emerge including: blockchain, Internet of Things (IoT) and many others. This has prompted an increasing reliance on the cloud. However, most companies are not doing anywhere near as much work as they need to be doing to protect the cloud especially when it comes down to protecting data centres and the ‘bad guys’ know this. There is a reason why roughly 20 percent of the incident responses and breaches we are working on involve the cloud. With cloud, there’s a whole chunk of attack surface that doesn’t have advanced technology to detect malicious activity. The primary focus with cloud security should be on email threats, because phishing is very hard to defend against. Longer term, beginning from 2019 and beyond, there are two major technologies that everyone knows about, but that many people don’t consider the security implications of enough. One is AI, which will significantly transform the threat landscape. The other technology is quantum computing. The estimates for when quantum computing (and quantum key distribution, which is already going on) will really take off range anywhere from five to 20 years from now. With that technology, the scaling of computations goes up dramatically, to the point where the time needed for breaking traditional encryption would shrink to weeks, or maybe even minutes.
www.tahawultech.com
Yazan Hammoudah, manager, Systems Engineering Middle East and Africa, FireEye
2018 saw a growing list of cloud cybersecurity incidents and we can expect this to continue this year due to a lack of security fundamentals. I believe that these gaps are typically a result of the lack of engagement between IT and security teams when it comes to developing cloud projects. This year, organisations need to invest in and strengthen their cloud security. They need to adopt solutions that will give them better visibility on their cloud environments. Furthermore, they need to make sure that their security teams are involved in cloud projects right from its inception as this will allow them to then audit fundamentals, assign a security champion to the project and bring it into your scope to manage the risks. Haider Pasha, senior director and CSO, Emerging Markets, Palo Alto Networks
Which industries are most inclined to make significant cybersecurity investments in the coming year? All organisations face cyber threats and therefore should make significant investment in cybersecurity in the coming year. Globally, we will continue to see financial services, energy and utilities, retail, healthcare and public sector will invest heavily in cybersecurity, as these industries tend to hold sensitive data and are, therefore, vulnerable targets for cyber-threats.
The more attractive target an organisation is, the more it needs to focus on security. Additionally, companies with large amounts of sensitive or customer data are most attractive, and those firms within their supply chain. Similarly, organisations that are poorly secured are also more likely to be targeted. Gordon Love, vice president, EMEA Emerging Region, Symantec
Industries that are inclined to make the most significant cybersecurity investments in 2019 are the ones that have the most to lose. However, we are not only talking about financial losses due to data breach, but also financial impacts that could be imposed on the organisation due to regulatory compliance fines or lost revenue. For example, the data breach Starwood Hotels, while significant, didn’t push customers to move on to other hotel chains for future visits. The incident did not impact the firm’s bottom line in the same way it did for Target, when it experienced a breach. Nonetheless, the hotel chain still needed to pay fines like GDPR and unplanned investments to shore up security defences and improve threat detection. Ultimately, the companies that will potentially increase their security investments are those that are trying to avoid huge financial impacts from a breach.
Morey Haber, CTO, BeyondTrust
JANUARY 2019
23
FEATURE
What are the challenges IT security leaders face when justifying spending/ budgets? What kind of methods or strategies should they take to better justify future security investments? It is almost always challenging for IT security leaders to numerically quantify the value that specific security controls deliver. However, it is important to remember that cybersecurity controls are designed to reduce risks and protect an organisation’s most critical assets and data. In addition, organisations should consider how security can help improve operational efficiency and bring competitive advantage to their services. Overall, the best way to secure funding is to make sure cybersecurity is part of an executive and Board-level agenda item. Ray Kafity, vice president, Middle East, Turkey and Africa, Attivo Networks Yasser Zeineldin, CEO, eHosting DataFort One of the biggest challenges in cybersecurity budget allocations is that there is no one-size-fits-all. Every industry varies and has their unique needs and it is sometimes difficult to put this into perspective. One such area is the onboarding of skilled professionals. At a time when there is a severe lack of skills, the amounts spent on attracting, recruiting and retaining these professionals also increases the overall Human Resource spend. Educational and training programmes are an additional cost to organisations and this has been steadily increasing over the years. Organisations should also look at IT security as not just the job of the IT department but a responsibility of everyone within the company.
24
JANUARY 2019
According to an F5-comissioned research by the Ponemon Institute, found that only 19 percent of CISOs reported all data breaches to the CEO and board of directors. It also found that only 45 percent had emergency funds to deal with a serious security incident that may require additional resources. We also found an alarming disconnect between IT and other business departments with 58 percent of CISOs’s companies had IT security as a standalone function, which means most of them lack an IT security strategy spanning the entire enterprise. These factors need to change. CISOs need to
step up and become more influential at the highest level backed by executive management and the Board. The measure of any organisation is how it pre-empts and responds to risk and, now more than ever, CISOs must lead the charge in this respect. Tabrez Surve, regional head of security, Middle East, Turkey and Africa, F5 Networks
As organisations gain clearer understanding of the need for cybersecurity, we will no doubt see spending increase. There will, however, be areas that warrant greater attention and investment than others. For example, I expect there to be less emphasis on traditional security
www.tahawultech.com
infrastructure such as firewalls. Instead be on protecting data, identity, endpoints and platforms that help secure cloud environments. We can also expect to see more investment into solution, event and process management with relation to cybersecurity. Given that hiring, training and retaining the skilled experts needed to carry out this management can be a challenge, organisations will look for support from third-party specialists. This was evident through 2018 with the growing interest in Managed Security Services, which will no doubt only increase in the year ahead. Oftentimes, businesses today put too much focus on simply purchasing best-of-breed products without taking the necessary steps of that will enable them to properly utilise such solutions. Many organisations fail to recognise the need to invest in services from cybersecurity providers that have the technical skills to implement, configure and support them in implementing the solutions that they are paying for. Remedying this calls for education and a better understanding of how to evaluate cybersecurity providers.
Nicolai Solling, CTO at Help AG
Which areas of security should organisations focus their investments on in 2019? Cybersecurity awareness training for employees is set to grow rapidly in 2019, following a raft of M&A and market consolidation. Human error continues to be the weakest link that criminals exploit for common spear-phishing, social-engineering and drive-by download attacks.
www.tahawultech.com
An estimated 90 percent of organisations have seen phishing attacks increase through the last year, but only about 11 percent say they continuously train employees on how to spot cyberattacks. As the Middle East region expands its use of cloud computing, additional security layers and monitoring will also be required to protect valuable data. It’s vital that organisations adapt quickly to stay ahead of the latest attacks. But technology is only part of a successful approach. The right security staffing resources combined with employee awareness and education are key. Organisations need to invest in third-party threat intelligence, continually assess and deploy leading technologies, conduct ongoing threat analysis, automate remediation services and deliver inline user education to help employees be more aware and guarded.
Jeff Ogden, general manager, Mimecast Middle East
For many years, both the network and security teams have shared very similar capabilities. Both are charged with policing enterprise networks, services, and applications, looking for system faults or anomalies that could be the result of failures or malicious activity. The integration of the network operations center and the security operations center will produce tangible benefits for the enterprise. The two departments will operate in tandem, successfully managing, monitoring, and defending enterprise networks. They will be able to communicate and coordinate seamlessly, which will increase efficiencies, optimise resources, and lower costs.
The worlds of assurance and DDoS security are finally coming together to provide in-house security and network operations teams with a platform that provides the highest degree of visibility possible on the market today. This combined proposition is underpinned by smart data and analytics that will provide security and network teams with comprehensive visibility of what is happening across their entire IT infrastructure in real time, empowering them to make decisions that will have an immediate impact. Emad Fahmy, Consulting Engineering Team Lead for Middle East, Netscout Arbor
As the threat landscape continues to evolve and become more sophisticated and evasive, security vendors are innovating by creating unconventional security mitigation solutions, to disrupt and contain these advanced and unprecedented threats, derived from analytics and machine learning. There is no doubt that threat intelligence, cybersecurity ecosystem integration between multi-vendor, and machine learning key priorities for CIOs and CISOs today. This is what the majority of the security vendors are trying to offer, coupled with educating their customers, to differentiate themselves from other security players. Hence, the competition between the security vendors will rise, making the market more innovative and competitive, all for the benefit of the cybersecurity market. Mohammad Jamal Tabbara, senior systems engineer – UAE and Channel, Infoblox
JANUARY 2019
25
INTERVIEW
WINNING THE CYBER ARMS RACE
MICHAEL BERG, EXECUTIVE DIRECTOR, EMEA SALES, SONICWALL, SITS DOWN WITH SECURITY ADVISOR ME TO DISCUSS THE COMPANY’S CONTINUOUS COMMITMENT TO THE REGION AND SHARES HIS VIEWS ON HOW THE SECURITY SPACE WILL EVOLVE IN 2019.
W
hat has been the primary focus at SonicWall over the past year? It has been two years since we have become independent from Dell. Since then we have placed a lot of focus on developing innovative solutions and on being at the forefront of the evolving cybersecurity landscape. Over the last couple of years, we have developed 24 new products, re-written 160 million lines of code and have made significant investments into R&D. The cyber arms race between the bad guys and good guys is accelerating. However, unfortunately, our adversaries are getting better every day. Our goal is to make sure that we stay on top of the cyber arms race by ensuring customers, enterprises, companies are protected and can protect themselves against cybercriminals. We aim to address this with our new product innovations, which have all been developed in-house and integrated into all our platforms. In addition, we are keeping our focus on developing cloud-based products from email security, endpoint security and network security among others. This is because we want to break the
26
JANUARY 2019
silos between the different kind of threat factors. We aim to achieve this with our platform which is the Capture Security Center in the cloud. Having all these solutions in one platform, under one single pane of glass enables more efficient and effective data management, reporting and analysis. Furthermore, having such solutions in the cloud allows them to speak and learn from each other. How would you define your recent move to set up a new office in Dubai? Dubai is a very important market for SonicWall. Our new office in DAFZA demonstrates our commitment to the region and it signifies a new era for us, which we SonicWall 2.0. This new era is focused on our move from our traditional business which was primarily networking-centric to platform solutions that provide end-to-end protection. How has the increasing move to the cloud impacted organisations’ demands when it comes to security? What are your offerings in helping keep cloud environments secure? More and more organisations are recognising the many benefits of the cloud starting from cost-effectiveness to operations agility and flexibility
among others. Consequently, they are also acknowledging the need to have a secure way to access the assets they have in the cloud. We have numerous offerings such as the “Secure Mobile Access,” which is a unified secure access gateway that enables organisations to securely access data anytime, anywhere and any device. It also allows them to track, manage and monitor the activities in cloud environments in a very simple manner. This is one of the products we have in our portfolio which we have developed over the years to support various cloud environments. Another key cloud offering from SonicWall is our “Capture Security Center,” which is a cloud management and analytics platform. This allows organisations to secure cloud applications at the same time it enables security operations and services with greater clarity, precision and speed – all from a single pane of glass. What kind of threats should we be preparing for this 2019? What technologies will disrupt the security industry this year? Over the last few years, the threat landscape has grown significantly with new
www.tahawultech.com
strains of malware emerging almost on a regular basis. This is why we believe that there is a strong demand for behavioural based detection rather than the traditional signature-based technologies. This demand for behavioural-based technologies will only continue advance as organisations recognise the need quickly predict, identify and understand if an object or event is malicious or not. With this in mind, the key question we need to ask this year is: What is the next step that the bad guys will take? Among the cyber threats that enterprises need to be wary of this year is encrypted malware. 95 percent of the companies are not inspecting encrypted traffic. Last year, we have seen over a thousand encrypted malware attacks per customer and we can expect this to continue this year. Threat actors today can easily access services such that will allow them to anonymously encrypt malware and send it to any company they desire. Organisations should also keep an eye on web attacks and data leakage. In 2018, we have seen companies such as British Airways and Marriott lose huge amounts of customer data. Cybercriminals were able to get a hold of sensitive customer data such as passport information, credit card details and other credentials only through the websites of these organisations. Therefore, solutions such as web application firewalls (WAF) that build a proxy in front of websites should be a key priority for enterprises this year.
“THE KEY QUESTION WE NEED TO ASK IS: WHAT IS THE NEXT STEP THAT THE BAD GUYS WILL TAKE” Furthermore, as bad guys become smarter, cloud-based sandbox solutions could be key as an additional layer of protection against security threats, such as stealthy attacks and exploits that use zero-day vulnerabilities.
ABOUT
MICHAEL BERG HEADS THE EMEA CHANNEL SALES TEAM AT SONICWALL. AS PART OF HIS ROLE, HE LEADS THE TEAM IN SUPPORTING SONICWALL’S SMB CUSTOMERS AND MANY KEY ENTERPRISES TO STAY AHEAD IN THE CYBER ARMS RACE.
www.tahawultech.com
JANUARY 2019
27
FEATURE
MINE OF INFORMATION BY DANIEL BARDSLEY
28
JANUARY 2019
www.tahawultech.com
N
o one needs to be told that the cyber threats facing businesses today are both numerous and diverse, ranging from data breaches to ransomware to distributed denial of service attacks. There are thousands of ransomware attacks every day, for example, and numbers are increasing by more than a third each year, while almost a quarter of a million malware samples (whether trojan horses, worms, viruses or others) are produced every 24 hours. In such a seemingly hostile environment for businesses large and small – a reported 43 percent of cyberattacks are aimed at small businesses – organisations are faced with understanding, organising and analysing the threats they face. This is what cyber threat intelligence (CTI) is about. It is applied widely, almost universally in cybersecurity, yet it has also been described as an “elusive” concept. “Most organisations will have some use of threat intelligence; it’s a core part of establishing effective security controls and is practically mandated by common information security management standards,” says Sam Pumphrey, head of digital security at Cambridge Consultants, a technology
consultancy based in Cambridge in the United Kingdom. “The interesting challenge is how do you get good threat intelligence. You want up-to-date intelligence that is actionable and drives immediate improvements in operational security. The best will account for your specific security and operational context. “Most of the innovations in threat intelligence are about how you can get better, more timely, more targeted threat intelligence.” This is, says Pumphrey, where the value of cyber threat intelligence comes from: in keeping on top of the everevolving threat landscape. “It’s never been evolving at such a pace, so the value of good threat intelligence has never been greater,” he says. “Every week there’s many hundreds of new vulnerabilities discovered. Any company’s system can be suddenly a lot more vulnerable than it was the day before. “The sooner you know that and can act on that and address the vulnerability, the more secure your system and data.” Pumphrey says that most organisations are not yet using threat intelligence as an ongoing, timely data source. “Perhaps limited by the costs or quality of the intelligence – it’s often quite generic – they will typically only do it once as part of the initial risk assessment when they set up their security,” he says.
Sam Pumphrey, Cambridge Consultants
“THE SOONER YOU KNOW THAT AND CAN ACT ON THAT AND ADDRESS THE VULNERABILITY, THE MORE SECURE YOUR SYSTEM AND DATA.”
www.tahawultech.com
“You don’t generally redo the risk assessment often – yearly or every couple of years. That’s when people typically revisit their threat model.” Another challenge is finding a way to tie together the many threat intelligence sources that a company is presented with, according to Ashraf Sheet, the UAEbased Middle East and Africa regional director for Infoblox, the network automation and security company. “Companies are getting threat intelligence with almost every security solution they procure. Unfortunately, this makes it difficult to centrally manage the threat intelligence feeds and makes it ineffective incidence response,” he says. “Companies are investing in threat analysis, but they are only using it with limited security solutions because they only bought it with that security solution.” As an example, he says that if an organisation needs to block a custom list of new threats in their security infrastructure, it involves a manual process. The same applies if threats have to be removed from the custom list. Disparate threat intelligence feeds also limit the use of the threat information to the security solution it came with, adds Sheet. “A more effective way will be a centralised threat intelligence platform that can take multiple threat feeds from different sources including custom feeds, curate them into a single CTI repository, then share selective feeds with the security infrastructure,” he says. This way, information about threats is curated centrally before being distributed to multiple security solutions. Infoblox has, says Sheet, solutions that achieve this security ecosystem integration and it is something, says Sheet, that even small organisations may have to implement. It contrasts with the way things often work. “The reality is that companies are investing in threat analysis, but they can
JANUARY 2019
29
FEATURE
only use it with limited security solutions because they only bought it with that security solution,” he says. As an example of this, Sheet says that if an anti-malware sandboxing solution (something that separates programs) detects a zero-day threat (a threat that exploits an unidentified vulnerability), it blocks it at its own level, but does not share this with the rest of the security infrastructure. “Integration among security solutions is very important in the new world of responding to threats. If we have three security solutions, instead of having one plus one plus one plus one equals three, it becomes effectively 10 or 100 with integrated cybersecurity solutions,” says Sheet. Pumphrey identifies additional ways in which cyber threat intelligence can be improved. Some threat intelligence sources, he says, report only on emerging generic threats, such as the latest reported breach tactics, malware mechanisms and identified or patched vulnerabilities. Others provide more directly actionable intelligence, although Pumphrey says he has not evaluated the offerings of companies providing such services. “Good threat intelligence should provide a tailored feed based on a range of factors – it could be company size; it could be company market sector (whether you’re a financial institution, energy supplier, or retailer, for example); it could be location,” says Pumphrey. “And it’s worth noting that these
threats aren’t always digital, “We analyse a specific type but could include physical of data collected from break-ins to companies the entire internet. We or data centres in work with darknet your area.” data; this data is Box: How very passive … It darknet traffic collects internet analysis can traffic from all the strengthen cyber internet entities. OF CYBER-ATTACKS ARE AIMED threat intelligence We can build a AT SMALL BUSINESSES Researchers are model to analyse working on using the data,” says internet traffic analysis Bou-Harb, speaking and algorithms to detect from Dubai, where he was suspicious activities, a cyber attending a conference. threat intelligence approach that “If you want to go down complements other security measures. microscopically, to a specific company, Dr Elias Bou-Harb, a research you can do that, or macroscopically, to assistant professor in Florida Atlantic look at the UK or the UAE or the US. University’s Department of Computer “If you want to analyse a problem Science, is using these methods. related to financial institutions, you “My work is mostly focusing on should have access to the data coming network traffic analysis to generate in and getting out of the financial actionable insights to address institution to allow you to analyse traffic different types of objectives – it could tailored to that organisation.” be detection of malware, viruses or Often the insights provided by cyber ransomware, or [for] victims of denial threat intelligence are not actionable of service attacks, mitigation of these enough, according to Bou-Harb. attacks,” he says. Correlating these insights with the Bou-Harb and his research group look information provided by analysis of at data from the darknet, the portion darknet traffic could help to change this. of the internet that is – deliberately The methods used date back, says Bou– not open to public view and which Harb, to the 1990s, but they have been does not show up on searches by the developing and improving since then. likes of Yahoo or Google. This research “Now we’re using large darknet indicates where threats are more likely sensors observing 100GB of data an to be present. hour. Most of the stuff that we focus on are particularly related to infections,” says Bou-Harb. “We always say this specific approach involving passive measurements is a complementary approach, but it will Ashraf Sheet, Infoblox always be there to supplement your cybersecurity capabilities.” “INTEGRATION AMONG SECURITY SOLUTIONS The method could help to protect IS VERY IMPORTANT IN THE NEW WORLD OF cyber-physical systems, which are RESPONDING TO THREATS.” vulnerable to some of the most dangerous cybersecurity vulnerabilities.
30
JANUARY 2019
43%
www.tahawultech.com
A CLOSER LOOK WE GO UP CLOSE AND PERSONAL WITH KRISTINA TANTSYURA, MANAGING DIRECTOR, INFOWATCH GULF, ON HER LIFE INSIDE AND OUTSIDE THE OFFICE.
WHAT’S THE ONE THING YOU CAN’T LEAVE THE HOUSE WITHOUT? My iPhone. Also, kissing my family and a smile.
WHAT IS THE FIRST THING YOU DO WHEN YOU ARE AT YOUR OFFICE DESK?
ABOUT Kristina spearheads the MENAwide strategy of InfoWatch Group, an information security technology firm based in Russia. With over 10 years of experience, Kristina has held strategic roles in both the IT and Digital/Internet sectors.
Asking my team how they are, check my schedule and task list.
WHO CAN YOU SAY IS YOUR INSPIRATION? WHEN DID YOU OWN YOUR VERY FIRST MOBILE PHONE? I got my first mobile phone in 1999. It was a Siemens phone.
WHAT’S THE BEST PART OF YOUR JOB? I think the best part is meeting new people and getting to know them.
www.tahawultech.com
My family and my team.
HOW OFTEN DO YOU CHECK YOUR SOCIAL MEDIA ACCOUNTS? For me, social media networks are the best platforms for keeping up with the latest news and staying in touch with my friends. I check my Facebook and Instagram accounts for about 2 hours each per day; I check Twitter 3 times per day – normally in the morning, during lunch and in the evening; and I check my LinkedIn account at least once per day.
WHAT’S THE LAST THING YOU DO BEFORE YOU LEAVE THE OFFICE? I’m usually the last one to leave the office because I enjoy working in the evening when it’s quiet. So, before leaving I make sure that my desk is neat and I lock up the office.
IF YOU’RE NOT WORKING IN THE TECH INDUSTRY, WHERE WOULD YOU BE? I’ll be in the fashion industry. I’m actually planning on creating and releasing my own clothing brand in the near future.
JANUARY 2019
31
INTERVIEW
CUTTING THROUGH THE NOISE AMIT ROY, EXECUTIVE VICE PRESIDENT AND REGIONAL HEAD, EMEA, PALADION, DISCUSSES HOW ORGANISATIONS CAN SPEED UP INCIDENT DETECTION AND RESPONSE AMID GROWING VOLUMES OF THREAT DATA.
C
patterns. Cybercriminals are becoming more creative and organisations are increasingly facing unknown actors. This pushes security teams to develop newer strategies and solutions to detect such threats.
What are the most common methods regional organisations are taking to detect security breaches? Unfortunately, the most common detection method remains old-school signature-based detection of known threats. It is important to note that this detection method is still important. This is because attackers still flood organisations with so many traditional attacks from known sources, that internal security teams are working overtime just to deal with the attacks they can see coming. However, today’s worst threats don’t conform to known methods or known
What factors are causing slow detection times? How can automation and machine learning enable faster and more effective threat detection? Most organisations lack the ability to proactively detect today’s complex, creative, unknown attacks. They only “detect” nextgeneration attacks after those attacks have already done visible harm. Most organisations are slow in detecting and responding to cyber threats because of two primary factors – they are underfunded, and they are understaffed. Fundamentally, they lack the internal resources required to quickly process the deluge of attacks, false positives, and security “noise” created by today’s cybercriminals. Automation can speed up threat anticipation by injecting the latest threat intelligence and business profile to security monitoring, containing threats by swiftly executing playbooks, and speeding up response by helping incident responders execute remediation steps faster. Not only does automation assist in completing these activities much faster than any human-only team could, it also
an you please describe the current state of security in the Middle East? The region has remained an attractive target for advanced threat vectors. According to a study by the Ponemon Institute, in addition to financially motivated data breaches, organisations in the Middle East face more politically-motived attacks from “hacktivists” than companies in any other region and they spend $1.43 million on an average to resolve each data breach. What’s more, regional firms are rapidly embracing digital initiatives adopting emerging technologies thereby expanding the threat surface, making everyone— from enterprises to SMBs to government entities—easier to target and breach.
32
JANUARY 2019
frees internal security resources to focus on bigger-picture activities. In addition, technologies around machine learning can make correlations between seemingly unrelated anomalous behaviours, detecting tricky coordinated attacks that no human would ever have noticed— before they are obvious threats. How can Paladion help organisations enhance their incident detection and response programmes? We can assist organisations, big and small, at any stage of their security maturity. Some organisations just need help filling in their security gaps. They might hire us just to monitor their entire stack 24/7/365, or to provide cloud security services, or to respond to a tricky immediate threat, and that’s it. As organisations realise that they need to adopt a proactive approach to cyber defence, Paladion offers MDR and MSSP services in through our AI-Driven MDR programme. This does not only provide organisations with the fastest detection and response capabilities available today, but also helps enterprises confirm to international security regulations. Paladion’s AI-Driven MDR service is recognised by several technology advisory firms, and was recently awarded the Best MDR Provider by an independent panel of security and technology experts led by CPI Media Group.
www.tahawultech.com
CO-LOCATED EVENTS
1 – 3 APRIL 2019
| DUBAI WORLD TRADE CENTRE, UAE
SECURITY FOR DIGITAL INNOVATION The Largest cyber security exhibition & conference in Middle East, Africa and Asia.
12,000+
170+
300+
300+
ATTENDEES ACROSS THREE CO-LOCATED SHOWS
TECH COMPANIES EXHIBITING
LECTURES & WORKSHOPS ACROSS THREE SHOWS
SPEAKERS
USD 270 million
the amount visitors reported they will spend within 12 months of the show
BOOK A STAND NOW! gisec@dwtc.com |
OFFICIALLY SUPPORTED BY
www.gisec.ae
OFFICIAL DISTRIBUTION PARTNER
GOLD SPONSORS
DIGITAL WORKPLACE PARTNER
STRATEGIC PARTNERS
POWERED BY
ORGANISED BY
INSIGHT
HOW TO CLOSE THE CYBERSECURITY GAP IN THE DIGITAL ERA BY RABIH ITANI, REGIONAL BUSINESS DEVELOPMENT MANAGER, SECURITY, MIDDLE EAST AND TURKEY AT ARUBA, A HEWLETT PACKARD ENTERPRISE COMPANY
W
hat’s stopping global businesses from protecting their assets despite significant investments in cybersecurity programmes? That’s the question we asked ourselves when trying to determine the reasons are behind the dangerous gap in modern IT security. We define the gap as the inability of an organisation’s people, processes and technologies to keep up with a constantly changing threat landscape.
34
JANUARY 2019
And, given that data breaches are now so common that on average 58 records are stolen every second, we know it’s a problem that needs to be addressed urgently. Here’s a closer look at some of the hurdles that are stopping businesses from identifying, detecting, containing and resolving data breaches and other security incidents in an IoT era. Expanding and blurring the line of the corporate perimeter Firstly, it’s no secret that the volume
of IoT devices connecting to corporate networks has exploded – eclipsing that of the global population. This level of proliferation is impacting the requirements each organisation has when it comes to network security. Over half (fifty-five percent) of respondents from our global study with The Ponemon Institute said it is hard to protect the expanding and blurring IT perimeter considering IoT, especially with BYOD, cloud and the opening up of networks to partners. A clear lack in security strategy around
www.tahawultech.com
IoT is only compounding this problem. In fact, only 24 percent of respondents said that their organisation’s IoT devices are appropriately secured with a proper security strategy in place. Tackling the security issue without the skills and expertise A big part of this problem is rooted in the difficulty organisations have in recruiting security staff with the necessary skills and expertise to protect complex and dynamically changing attack surfaces. Half of Ponemon’s respondents said staff lack the crucial expertise to match the risks these attackers and corresponding threats present, citing it as the main reason behind security gaps. Accountability is another issue for consideration. When asked who inside their organisation was responsible for IoT security, responses ranged from CTO, CIO, CISO and line-ofbusiness leaders. Lack of ownership of course impacts the ability of an organisation to tackle complex cybersecurity threats – as there is no clear consensus over where the responsibility lies. A disconnect on IT process and training In addition to this, employees lack security understanding. For example, in a previous study, over 70 percent of global employees revealed they were compromising network security by sharing passwords and devices. It’s these kind of behaviours that can cause immense damage. Just imagine an employee with local administrator rights disabling security solutions on their PC. It could allow an infection to spread onto the entire corporate network. To keep up with these threats and future-proof against the insider
www.tahawultech.com
“A BIG PART OF THIS PROBLEM IS ROOTED IN THE DIFFICULTY ORGANISATIONS HAVE IN RECRUITING SECURITY STAFF WITH THE NECESSARY SKILLS AND EXPERTISE TO PROTECT COMPLEX AND DYNAMICALLY CHANGING ATTACK SURFACES.” threat, of course training is valuable, but we also need to keep ahead of sophisticated and well financed attackers by being able to act with speed and deep visibility into user activity. That way we can spot potential changes in behaviour and
70% OVER
OF GLOBAL EMPLOYEES COMPROMISE NETWORK SECURITY BY SHARING PASSWORDS AND DEVICES
respond quickly enough to threats before it is too late. Closing the gap: pairing human and technical People and process must be prioritised if we’re to close the IT security gap, but there are also technical steps that can support organisations in tackling these hurdles while also augmenting the existing work security staff are doing. And businesses are starting to catch on. We know from Ponemon’s study that more than a quarter of security professionals are already embedding AI into security systems. Doing so, they’re able to reduce false positives, improve the efficiency of security investigations and detect attacks that are evading traditional perimeter defences. Using a combination of AI and machine learning, IT staff can recognise, profile and connect every device accessing their network, giving each its own risk profile, and raising an alert if unusual behaviour is detected. In fact, over half (64 percent) of IT professionals confirmed that these new technologies, like machine learning, are needed to discover and understand threats that are active in the IT infrastructure. A similar number (51 percent) agreed that AI technologies like machine learning and behavioural analytics are essential to detecting attacks on the inside before they do damage. Against this backdrop, AI-based security tools, which can automate tasks and free up IT personnel to manage other aspects of a security programme, were viewed as critical for helping businesses keep up with increasing threat levels. What steps are you taking to address the IT security gap?
JANUARY 2019
35
OPINION
WHY SECURITY IN THE CONNECTED WORKPLACE IS EVERYONE’S BUSINESS BY MOHAMED EL BAHRAWY, MARKETING MANAGER – B2B, CANON MIDDLE EAST
T
here was a time when cyber security was limited to a desktop computer with antivirus software. In today’s digital world, risks to networks and devices come in more forms and from more directions than ever before where destructive threats emerge every day and undiscovered vulnerabilities are exposed, proving that you can never be too secure. As attacks have become more sophisticated and widespread in the last few years, companies are rethinking security in the workplace. From identity theft and intellectual property loss to infections by viruses and malware, IT administrators are tasked with adequately protecting information and assets from threats from the outside as well as within.
36
JANUARY 2019
In the Middle East and North Africa region, security represents one of the major risks affecting businesses and individuals today. According to the latest forecast from Gartner, spending on enterprise information security technology and services is on pace to reach $1.9 billion in 2019, an increase of 9.8 percent over 2018. IT administrators are increasingly recognising the need for a holistic security strategy that can be applied at every level of the organisation — from servers, desktops and devices such as printers and multifunction devices, to the networks that connect them all. Although most companies have invested in preventing external attacks, 35 percent of all electronic crime is committed from malicious insiders and a third of data leaks come from within. There is a vital need to help limit data
loss, protect against unwanted device use, and mitigate the risk of information networks being compromised. With evolving communication technologies, we’re far more interconnected than ever before. Highly confidential, sensitive and business-critical data is transmitted via a range of devices and information networks. It’s not enough to secure this data securely. If a business isn’t equipped to also secure the transmission of this data, they make themselves vulnerable to a potential information security breach. Organisations can secure their information by managing the critical aspects of people, documents, devices and the network. Encouraging a security culture among employees:
www.tahawultech.com
One of the biggest security threats is end user carelessness or human error. These mistakes include sharing passwords, leaving devices unattended, not deleting old information, carrying unnecessary documents outside the office, to name a few. These errors can be easily avoided by implementing a written security policy, ensuring restriction to critical data, destroying old data in a timely manner and conducting awareness trainings to educate employees. Managing and monitoring access goes a long way in ensuring risk management and protecting critical information. At an organisational level, device security protocol can be designed at an individual level by assigning each employee with particular credentials, or at a resource level where access can be determined according to roles and responsibilities. Promoting document and data protection: According to the recent Canon Office Insights 2018 research, incidences of documents going missing have happened to around 70 percent of businesses in the Middle East. The most common consequence this seems to have had is additional spend to reproduce lost documents, in 47 percent of cases. A few ways to add a layer of security include document password protection, encrypting features, secure watermarks on corporate information and secure disposal of unattended or older documents. The research shows that around 40 percent of staff in the region worry about the consequences of staff losing or leaving unsecure documents, and around 20 percent agree entirely that most employees are unaware of the risks of data loss through documents. A variety of controls should be implemented to help prevent unclaimed printed documents from sitting openly in the exit tray of
www.tahawultech.com
“WHAT MANY ORGANISATIONS DON’T CONSIDER IS THAT EVEN WHEN DISPOSING OF OLD PRINTERS AND MULTIFUNCTIONAL DEVICES, OR RETURNING THEM AFTER LEASE, RESIDUAL INFORMATION CAN REMAIN ON THE HARD DRIVE.” the device, to encrypt data in transit to the printer or stored on the device’s internal hard disk drive, to help protect information on documents scanned and sent from a Multifunction Printer, and to help protect all passwords, address books, encryption keys and certificates that may be stored on the device. The good news, highlighted in the Office Insights 2018 research, is that 46 percent of businesses in the Middle East region are most likely to be enhancing document security in the next 1 or 2 years whereas the average for other regions around the globe is only 25 percent. This concern is translating into real-world action in this region, with
40%
OF STAFF IN THE MIDDLE EAST WORRY ABOUT THE CONSEQUENCES OF STAFF LOSING OR LEAVING UNSECURE DOCUMENTS
55 percent consulting with external specialists to help them with document management solutions, and 67 percent opting to use cloud-based solutions. Securing the end points: Technologies like multifunctional printing, copying and scanning devices are some of the world’s most popular business-communication tools. But as an input and output product, an unsophisticated device can leave your business vulnerable. This is exacerbated by the risk of exposed hard drives, which can further compromise the protection of confidential material. Often, networked printers and multifunction devices are ‘end points’ that could be entry points for malicious activity. In general, these devices should not be allowed to have an open connection to the internet, should have a private IP address and should always be placed behind a corporate firewall, among other protections. There should also be a number of network security features incorporated in the device which helps guard against the consequences of unauthorised network intrusions. What many organisations don’t consider is that even when disposing of old printers and multifunctional devices, or returning them after lease, residual information can remain on the hard drive and it is essential to clear this prior to moving these out of the secure working environment. Whether it’s through digitising hard copies or ensuring information seamlessly interacts within a business, keeping data secure is integral to everything. Sensitive data in the wrong hands can not only lead to the end of a business but can also have other severe consequences such as exploitation. With information being a prized asset for organisations, information security becomes the responsibility of everyone, from employees to business leaders, at the workplace.
JANUARY 2019
37
ON THE WATCH
ONLINE EDITOR ADELLE GERONIMO SHARES HER VIEWS ON THE LATEST DEVELOPMENTS IN THE SECURITY LANDSCAPE.
SILVER LININGS T
he cloud has undeniably become one of the most overhyped technologies in decades and rightly so. Analyst firm Gartner predicts that the cloud market is projected to reach a staggering $206 billion in this year, from $175 billion in 2018. Cloud computing technology entirely relies on the virtualisations of hardware and software and its service-oriented architecture delivers a number of value-added services. Whether it’s on backing up, storing and recovering data; developing apps and services; or analysing data, cloud computing’s “asa-service” offerings have transformed business models. It enabled organisations, small or big, to achieve business agility, scalability, efficiencies and cost-savings. As businesses continue to enjoy its tangible benefits, cloud computing technologies will only continue to grow in prevalence in the IT and business landscapes in the coming year.
38
JANUARY 2019
In fact, in Saudi Arabia, a majority of organisations are expected to increase their spending on the technology in 2019. Dubbing it the year of the “cloudfirst approach,” SAP said the industry will reach a “tipping point” and further drive cloud-based digital transformation journeys in the Kingdom. However, the is no one-size-fits-all when it comes to cloud. While the business advantages are significant, this rapid migration is also introducing complexities and risks that few organisations have adequately prepared for due to multiple services and entry points. All of this requires a new approach to security. This means legacy security solutions should be replaced with tools that can operate seamlessly and consistently across any environment, whether physical or cloud. More importantly, organisations need to make sure that CIOs and CISOs are on the same page when it comes to cloud projects. This ensures that security is integrated into cloud deployments from day one.
www.tahawultech.com
SAVE THE DATE 16-18 April 2019
2019 BICSI Middle East & Africa District Conference & Exhibition Dubai World Trade Centre Sheikh Maktoum Hall | Dubai, UAE
bicsi.org/mea2019
From AI to Zettabytes:
A Connected Future!