ISSUE 31 | OCTOBER 2018 www.tahawultech.com
SECURITY SIMPLIFIED
JUNIPER NETWORKS’ HEAD OF META YAROB SAKHNINI ON HOW THE FIRM’S ENGINEERING SIMPLICITY VISION CAN HELP DRIVE SECURITY TRANSFORMATION HOW TO MINIMISE FUTURE SECURITY PHISHING THREATS AWARDS 2018
STEP UP TO 5TH GENERATION CYBER SECURITY THE FUTURE OF CYBER SECURITY IS HERE
CLOUD MOBILE T H R E AT P R E V E N T I O N LEARN MORE: checkpoint.com
CYBER EXPOSURE PARTNER
CYBERSECURITY SOLUTIONS PARTNER
CONTENTS
The Cyber Exposure Company FOUNDER, CPI MEDIA GROUP Dominic De Sousa (1959-2015) Publishing Director Natasha Pendleton natasha.pendleton@cpimediagroup.com +971 4 440 9139 EDITORIAL Managing Editor Michael Jabri-Pickett mjp@cpimediagroup.com +971 4 440 9158 Online Editor Adelle Geronimo adelle.geronimo@cpimediagroup.com +971 4 440 9135 Contributing Editors James Dartnell james.dartnell@cpimediagroup.com +971 4 440 9153 Janees Reghelini janees.reghelini@cpimediagroup.com +971 4 440 9167 DESIGN Senior Designer Analou Balbero analou.balbero@cpimediagroup.com +971 4 440 9140 Designer Mhar Delaben marlou.delaben@cpimediagroup.com +971 4 440 9156 ADVERTISING Group Sales Director Kausar Syed kausar.syed@cpimediagroup.com +971 4 440 9130 Senior Sales Manager Sabita Miranda sabita.miranda@cpimediagroup.com +971 4 440 9128
10
Sales Manager Nasir Bazaz nasir.bazaz@cpimediagroup.com +971 4 440 9147 Business Development Manager Youssef Hariz youssef.hariz@cpimediagroup.com +971 4 440 9111
SECURITY SIMPLIFIED
PRODUCTION Operations Manager Shweta Santosh shweta.santosh@cpimediagroup.com +971 4 440 9107
Juniper Networks’ Yarob Sakhnini shares how eradicating complexities can enable stronger security.
DIGITAL SERVICES Web Developer Jefferson de Joya Abbas Madh Photographer Charls Thomas Maksym Poriechkin webmaster@cpimediagroup.com +971 4 440 9100 Published by
Registered at Dubai Production City, DCCA PO Box 13700 Dubai, UAE Tel: +971 4 440 9100 Fax: +971 4 447 2409 Printed by Al Ghurair Printing and Publishing Regional partner of
© Copyright 2018 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.
04
THE FUTURE IS NOW
21
24
Tech players to watch out for at GITEX Technology Week 2018
DON’T TAKE THE BAIT
Practical steps individuals and organisations can take to fend off phishing scams
SECURING THE FUTURE Celebrating innovation and leadership in the regional IT security landscape
30
GAINING THE UPPER HAND
38
48
How deception technologies can give the defenders a unique security advantage
SAFE HAVEN
Protecting smart and connected homes
ON THE CUTTING EDGE
How biometric technologies can deliver better customer experiences
GITEX 2018
THE FUTURE IS NOW As people become more connected and cities grow to be smarter, security is now more important than ever to ensure success in the digital future. At the 38th GITEX Technology Week, tech players will be showcasing the latest innovations in artificial intelligence, blockchain, virtual reality, and, of course, IT security. Here are some of the top players who will be present at the show:
ATTIVO NETWORKS VISIT THEM AT: Sheikh Rashid Hall, SR-J9
Ray Kafity, META, Attivo Networks At GITEX Technology Week, Attivo Networks will illustrate the critical role that deception technology is playing in early and accurate in-network threat detection and accelerated incident response. The company will highlight 4
10.2018
the ThreatDefend Deception and Response solution, which provides immediate detection value by accurately alerting on attacker engagement with decoys or attempts to use deception credentials at the early stages of the attack cycle. “With rapidly expanding networks and evolving attack surfaces, many organisations are still searching for an efficient way to reduce dwell time and increase in-network visibility,” said Ray Kafity, vice president, META, Attivo Networks. “In addition, as dwell times remain high and the number of breaches continues to skyrocket, it is evident that prevention technologies alone aren’t enough. Early and accurate detection and remediation of in-network threats is more critical than ever before. “At GITEX Technology week,
we aim to increase the level of awareness and knowledge of deception technology’s role in providing accurate and efficient detection of in-network threats, reduced attacker dwell time, and simplified incident response,” said Kafity.
CENTRIFY VISIT THEM AT: Sheikh Rashid Hall, SR-J2
Kamel Heus, Centrify
The threat landscape is changing rapidly with a frightening sophistication and pace of data breaches. According to identity and access management company Centrify, this new threatscape requires Zero Trust Security, which assumes that untrusted actors already exist both inside and outside the network. Trust must therefore be entirely removed from the equation. “At GITEX Technology Week, we will advocate the new security mandate – never trust, always verify based on a zero-trust security approach,” said Kamel Heus, regional manager, Centrify. “We will also showcase our identity and access management solutions and demonstrate how these can help organisations secure their identities and critical data,” Centrify will conduct product presentations and www.tahawultech.com
GITEX 2018
demonstrations at the show. “Our experts will be available to meet customers and partners to discuss the evolving threat landscape and new security models, and raise awareness about the importance of securing identities and adopting a Zero Trust Security approach to reduce the risks of data breaches,” said Heus.
FIDELIS CYBERSECURITY VISIT THEM AT: Hall 1, SR-F5
Ivan Dolensky, Fidelis Cybersecurity Fidelis Cybersecurity will use GITEX as a platform to promote its latest managed detection and response (MDR) service. The 24×7 Fidelis MDR service provides a team of highly-skilled security experts, who leverage patented Fidelis technology, to analyse rich network and endpoint metadata, content, behavioural and asset characteristics, as well as enterprise IoT devices to aid in hunting and investigations. “This year GITEX comes at a time when security concerns are front and centre – organisations of all sizes are reporting new www.tahawultech.com
cyber intrusions every day, and the adversaries are unrelenting with seemingly unending success,” said Ivan Dolensky, vice president, International Sales at Fidelis Cybersecurity. “Over the recent past we all heard about British Airlines, Air Canada, T-Mobile and others suffering from successful attacks. We believe that these current events will encourage cyber defenders to attend the show to discuss and exchange information on how to be prepared for such types of advanced adversaries. “With GITEX being the largest technology show in the Middle East and Africa, it has always been successful in providing a knowledge sharing platform for cybersecurity experts. As such, it is important for the Fidelis senior technical team to take this opportunity to meet peers, partners and clients to discuss the rapid development of cyber threats and the best method to detect, prevent and respond to it,” Dolensky added.
FORTINET VISIT THEM AT: Sheikh Rashid Hall, SR- C4
Alain Penel, Fortinet
As organisations embark on their digital transformation journeys, it is crucial to understand that more than achieving growth and the associated business objectives it also requires an equivalent security transformation, according to global cybersecurity firm Fortinet. At GITEX Technology Week, Fortinet will highlight its vision of security transformation and hold customized demonstrations highlighting the key capabilities of the Fortinet Security Fabric. “The Fortinet Security Fabric brings together multiple security technologies to deliver comprehensive and collaborative security capabilities across the whole network and enable security transformation,” said Alain Penel, regional vice president, Middle East, Fortinet. “We will be introducing new capabilities across the key solution areas within the Fortinet Security Fabric architecture, including management and analytics, multi-cloud, network, advanced threat protection, unified access, web applications, email, IoT and endpoint security,” explained Penel. The company will also put focus on its secure SD-WAN functionality, threat detection services, and expanded visibility from IoT to multicloud networks protecting the vast attack surface resulting from digital transformation (DX) strategies.
KASPERSKY LAB VISIT THEM AT: Sheikh Rashid Hall, SR-C2
Amir Kanaan, Kaspersky Lab META At GITEX 2018, Kaspersky Lab will be presenting the Kaspersky Threat Management and Defense, along with its other solutions. “GITEX has established itself as the most successful IT shows in the Middle East, and it is the annual meeting for IT professionals and customers in the region,” Amir Kanaan, managing director, Kaspersky Lab for the Middle East, Turkey and Africa. “Kaspersky Lab is delighted to participate as we have done for many years and showcase its latest products, technologies, and solutions. We see this year’s edition as a great opportunity to raise the profile of Kaspersky further in the market and demonstrate our commitment to the UAE and the region.” Kaspersky Threat Management and Defense brings together and reinforces the capabilities of Kaspersky Anti Targeted Attack, Kaspersky Cybersecurity 10.2018
5
GITEX 2018
Services and the new Kaspersky EDR within a single platform. “It gives businesses and governments the opportunity to adopt a strategic approach to detect complex attacks across the corporate IT infrastructure, and successfully gain control and visibility of their security environment by mitigating risk in today’s digital world,” explained Kanaan.
MIMECAST VISIT THEM AT: Sheikh Rashid Hall, E-10
behaviour observations into actionable risk metrics.” Increased reliance on technology from governments, businesses and citizens demands a greater focus than ever before on securing the human. Cybercriminals continue to exploit vulnerabilities in defences and have clearly identified the human dimension as a weak link. “GITEX is an ideal venue for existing and potential customers alongside our trusted partners. We’re expecting more questions this year about how to build additional security and resilience into hosted or cloud email migrations,” Ogden said.
NETSCOUT VISIT THEM AT: Sheikh Rashid Hall, SR-F5A
Jeff Ogden, Mimecast Middle East Mimecast will feature its latest offering focused on creating a security-aware culture within organisations at GITEX Technology Week. “Employees have long been the weak link in cybersecurity and we need to find creative methods to encourage them to care enough to improve, and then do what’s right when it matters,” said Jeff Ogden, general manager, Mimecast Middle East. “At GITEX we will introduce the Mimecast Awareness Training. Visitors to our stand can learn how they can improve their defences by measuring cyber risk training effectiveness and converting 6
10.2018
company’s vice president of sales for South Asia, MEA and CIS Gaurav Mohan. “That’s why multi-layer DDoS protection is required, to stop availability threats like DDoS attacks before they can impact a service. If a service is unavailable to legitimate users, then everything done to deliver and market those services is wasted. Furthermore, if users can access those services, they have an expectation of them being secure, and of you protecting their personal information.” At GITEX Technology Week, Netscout will showcase its latest security offerings. “We’ll be featuring our market leading Arbor DDoS products and services,” said Mohan. “From the service assurance side of the business, we’ll be talking about our new vSCOUT and vSTREAM products which allow for pervasive visibility across hybrid environments at low cost.”
PALO ALTO NETWORKS VISIT THEM AT: Cloud Hall, B6-10
Gaurav Mohan, Netscout Security must be a core component of any digital transformation initiative, according to application and network management firm Netscout. “Why invest resources on applications or create online services if they are going to be left vulnerable to security incidents that could impact the business and its customers,” said the
Samer El Kudsi, Palo Alto Networks At GITEX Technology Week, Palo Alto Networks will reveal its latest research on
cloud security concerns in the region. “A recent report commissioned by Palo Alto Networks found that 72 percent of cybersecurity professionals indicated that the speed of public cloud adoption is introducing preventable security risks to software updates,” said Samer El Kudsi, director – Channel Sales, Emerging Markets, Palo Alto Networks. The study further highlighted that cybersecurity is increasingly being overlooked and organisations are left vulnerable as companies further adapt DevOps models to reduce technical inefficiencies between IT, developers and security teams. At the show, Palo Alto Networks will demonstrate how it aims to support organisations in securely migrating their applications and workloads from onpremise data centres to the cloud. “As threat of cyberattacks looms over the region, organisations need to prioritise reducing their network complexity, and increasing automated threat detection to protect data and credentials in the network, in the cloud, or applications,” says El Kudsi. “We will be focusing on our cloud offering with a dedicated focus on customer success enablers. We will also highlight how the inline, APIbased and workload-based enforcement and intelligence gathering points of our Security Operating Platform work together to protect our digital way of life on the network, in the cloud and on the endpoint,” he adds. www.tahawultech.com
GITEX 2018
RING VISIT THEM AT: Hall 6, D6-30
At the event, Ring will demonstrate products such as the Video Doorbell 2 that allows you to communicate with visitors from anywhere; Ring Floodlight Cam, the first motion-activated floodlight camera with twoway audio, HD video, built in floodlights and a siren; and the Spotlight Cam Wired with two-way talk and a siren solution. The Ring Video Doorbell Pro and Elite as well as the new Spotlight Cam Battery will also be on display at the show.
Mohammad Meraj Hoda, Ring RUCKUS Having entered the market only last year, smart home security technology firm Ring has introduced numerous products over past months. As part of its participation at GITEX Technology Week, the company will showcase its complete suite of smart home security products available in the Middle East. “Following our successful inaugural participation at GITEX last year, we are excited to once again be part of the biggest technology exhibition in the region,” said Mohammad Meraj Hoda, vice president of Business Development, Middle East and Africa, Ring. The UAE is witnessing a positive growth in the property sector with many developers focusing on building masterplanned communities. Therefore, Ring is confident that its smart home security products will be well-accepted in this region, according to Hoda. “At GITEX, we want to create awareness of our brand and products, demonstrate how our products can offer better security, and meet with channel partners and sign on strong partners to expand our market reach,” he added. www.tahawultech.com
VISIT THEM AT: Hatta J Conference Room
Muetassem Raslan, Ruckus Networks At GITEX 2018, wired and wireless networking equipment and software company Ruckus will launched its new 802.11ax that was designed for highdensity connectivity, with the ability to support up to a fourfold capacity increase over its 802.11ac Wave 2 predecessor. “With 802.11ax, multiple APs used in dense device environments are collectively able to deliver required qualityof-service (QoS) to more clients with more diverse usage profiles due to the use of orthogonal frequency-division multiple access (OFDMA) and multi-user multiple-in multiple-out (MU-
MIMO) technologies,” explained Muetassem Raslan, regional sales director, Ruckus Networks MEA. GITEX is an excellent opportunity to meet technologists and entrepreneurs as well as to network with key market influencers and develop successful business partnerships. “The region is experiencing a boom in innovative technology from artificial intelligence to blockchain and augmented reality. It is certain that these implementations require high bandwidth and low-latency connectivity and that’s a key strength for us.” Putting the spotlight on security Raslan underlined that in the era of digital transformation, having a secured network has become a prerequisite rather than a luxury in the business world. “Companies today are becoming more aware about the security breaches and how they could protect their data. However, the complexity of cyber incidents is becoming more and more advanced with the evolution and development of technologies. Therefore, technology solutions should come with enough level of security to prevent cyber-attacks from happening.”
SOPHOS VISIT THEM AT: Sheikh Rashid Hall, SR-D4
Global security firm Sophos will showcase its latest security technology for endpoint, servers and security management at GITEX 2018. Visitors at the Sophos stand will get a chance to hear first-hand how Sophos deep learning technology goes beyond traditional machine learning. The company will also highlight how it is integrating its deep learning capabilities into its security solutions. “GITEX offers us a great opportunity to meet and interact with customers and partners to discuss their security priorities, but equally as the region’s premier ICT exhibition provides the ideal platform to sign new partners and strengthen our channel network,” said Harish Chib, vice president, Middle East and Africa, Sophos. According to Chib, deep learning is a powerful, groundbreaking tool for keeping unknown threats at bay. “It is the latest evolution of machine learning, which delivers a massively scalable detection model that is able to learn the entire observable threat landscape. “With the ability to process hundreds of millions of samples, deep learning can make predictions that are more accurate at a faster rate with far fewer false positives when compared to traditional machine learning,” he added.
GITEX Technology Week will run from 14th to 18th October 2018 at the Dubai World Trade Centre.
Harish Chib, Sophos 10.2018
7
FEATURE
‘INNOVATE FOR A DIGITAL MIDDLE EAST’ Alaa ElShimy, vice president and managing director of Huawei Enterprise Middle East, gives a preview of what GITEX Technology Week 2018 visitors can expect from the tech giant’s presence.
A
s ICT technologies develop rapidly and become integrated into more and more verticals, the digital economy is becoming the fastest-growing, most innovative, and widest-reaching economy. It is an important driver of global economic growth and recovery, playing a vital role in unleashing the potential of economic development, driving the transformation of traditional industries, fueling sustainable economic development, improving social management and services, and fostering innovation. New technologies like 5G, artificial intelligence, and smart cities are revolutionising how governments, businesses, and consumers interact with the world around them. Huawei is committed to helping our partners in the Middle East navigate the changing times. In the spirit of openness and sharing wisdom, we are hosting our 8
10.2018
third annual Innovation Day on the sidelines of GITEX Technology Week 2018. Held under the theme, ‘Innovate for a digital Middle East’ the one-day event is a platform for luminaries and industry experts to gather and discuss how all can work together to embrace digital transformation and forge ahead on the road to an intelligent world. With the aim of promoting a 5G ecosystem in the Middle East region, we will start the day with a 5G Ecosystem Conference held under the theme ‘5G is Now, from eMBB to Digital Society.’ The second part of the event will focus on AI and smart cities, under the theme ‘Embrace digital transformation, the road to intelligent world’, where discussions, opinions, and sharing experiences will take place on how AI and smart cities are transforming and reshaping the world we live in. As the Middle East undergoes rapid digital transformation, the leadership is putting in place strategies
to accommodate their digital agendas in their national visions. As a leading global provider of information and communications technology infrastructure and smart devices, Huawei views the Middle East as a significant market where the company can contribute to the development of the ICT industry, bringing digital to every person, home and organisation for a fully connected, intelligent world. Huawei’s end-to-end portfolio of products, solutions and services are both competitive and secure. Through open collaboration with ecosystem partners, we create lasting value for our customers, working to empower people, enrich home life, and inspire innovation in organisations of all shapes and sizes in the Middle East region. Driven by customer-centric innovation and open partnerships, Huawei has established an end-to-end ICT solutions portfolio that gives customers competitive advantages. Huawei is www.tahawultech.com
FEATURE
Huawei is committed to bringing its global expertise and latest innovations to the Middle East region.
Alaa ElShimy, vice president and managing director of Huawei Enterprise Middle East
committed to bringing its global expertise and latest innovations to the Middle East region and creating maximum value for governments, telecom operators, enterprises and consumers. We are rapidly progressing on the digital agenda and entering the all-intelligent world. Our long-term enterprise strategy in the region is to build a digital ecosystem through which Huawei can help our Middle East channel partners meet their customers’ needs by bringing in the most cuttingedge artificial intelligence products and solutions, enhancing connectivity and improving user experience across different domains. Through joint innovation with our customers, partners, and peers, we hope to achieve growth across all industries, creating a robust win-win ecosystem for organisations throughout the region. As one of the largest ICT expos in the world and a gathering place for the Middle East’s government and industry www.tahawultech.com
leaders, GITEX is an ideal opportunity for Huawei to showcase our innovative products and solutions which are being deployed across multiple vertical sectors. This year, our presence at GITEX will be building on the importance of AI as one of the future’s leading technologies. Our participating in GITEX is designed to help all businesses and organisations step over the threshold and stake their claim in the intelligent world. We will use GITEX as a platform to launch and showcase a range of exciting new products, with a particular focus on AI. These will include: • Huawei’s full-stack, all-scenario AI solutions • The FusionCloud 6.5, a nextgeneration enterprise-class full-stack intelligent private cloud solution • The FusionAtlas intelligent computing solutions: an AI enablement platform based on ‘One Cloud, One Lake and One Platform’
architecture to help enterprises accelerate cloud migration and achieve digital transformation • For unified cloud communication, we will showcase EC3000, the latest integrated platform to facilitate enterprise video conference and cloud communication • In the field of wireless technology, we will showcase the latest eLTEDSA solutions, which overcomes the challenge of insufficient continuous dedicated spectrum resources around the world by using 4.5G technology to aggregate traditional VHF/UHF narrowband discrete spectrum into broadband spectrum resources To make the most of opportunities in this new world, all organisations need to embrace and activate intelligence through digital platforms that are open, agile and equipped with state-of-theart AI capabilities. We look forward to seeing you there! 10.2018
9
COVER FEATURE
SECURITY SIMPLIFIED Yarob Sakhnini, Head of Middle East, Turkey and Africa, Juniper Networks, discusses how multicloud environments can enable organisations to address the ever-growing demands in the digital age, and highlights how the company’s new mantra can help drive security transformation.
C
an you please share some of the key highlights at the company over the last 12 months? In support of helping enterprises navigate through multicloud-ready infrastructure in order to meet the demands of today’s customers, Juniper Networks has continued to provide the building blocks for our unified cybersecurity platform that is powered by SoftwareDefined Secure Networks (SDSN). This solution integrates, centralises and automates defence for today’s sophisticated threat landscape. We have also continued to strengthen our security portfolio that extends threat prevention deeper into the network – down to the switch level. These new and upgraded solutions include Policy Enforcer, which automates the enforcement of security policies across the network and quarantines infected endpoints to prevent threats across firewalls and switches through Junos Space Security Director and Contrail Security, a solution specifically designed to allow enterprises and cloud providers 10
10.2018
to protect applications running in multiple cloud environments. We also introduced the Juniper Advanced Threat Prevention Appliance, an on-premises solution that absorbs threat data from multiple devices and then uses analytics to identify malicious traits which could be advanced or even zero-day attacks. The solution continually monitors web, email and lateral spread traffic to protect against the ever-changing threat landscape. Juniper has also been working with our partners in driving 5G in the region. Commercial 5G is expected to represent close to a quarter of all network traffic in the next five years and we have an immense market opportunity to help our customers simplify their journey to fully operational 5G networks. We have recently extended and strengthened our long-standing partnership with Ericsson to deliver a comprehensive end-to-end 5G solution leveraging both companies’ complementary portfolios. This will enable us to offer service providers a complete 5G transport network solution with single pane of glass visibility to manage the new requirements of next-generation mobile service delivery.
Enterprises are adopting more than just cloud – they are moving to multicloud. Multicloud is the operation of multiple cloud computing and storage services in a single infrastructure. The defining characteristic is managing the distributed resources as a single cohesive infrastructure. This requires a seamless operating environment that extends across the private and public clouds all the way out to the cloud that exist in the campus and branch. Juniper has announced its multicloud solutions offering customers a simplified journey to the secure and automated environments. As cloud environments become more ubiquitous, what are the key concerns organisations have when it comes to implementing cloud technologies? The promise of multicloud is to deliver a secure, ubiquitous, reliable, fungible infrastructure where the migration of workloads are straightforward. In my mind, for IT to succeed in becoming multicloud-ready, it is critical that organisations think about every aspect of their networks, from HQ to branch www.tahawultech.com
COVER FEATURE
Juniper Networks has always been about innovation that stems from a focus on engineering and we believe that creating simplicity through engineering is the highest form of innovation.
and campus, as well as the data centre and public cloud. Otherwise, enterprises could face fractured security and operations as network boundaries can get in the way of seamless, endto-end visibility and control. Eliminating these roadblocks that might detract from multicloud’s potential means that end-to-end security and automation must be integrated throughout the network. Many enterprises are already at different stages in their path toward a secure and automated multicloud architecture. Juniper’s extended offerings across its cloud portfolio are designed to enable customers to migrate to a multicloud architecture on their own terms, when it suits them but without ‘missing the multicloud boat’. www.tahawultech.com
10.2018 10.2018 11
COVER FEATURE
Can you tell us about Juniper Networks’ “Engineering Simplicity” vision? What was the driver behind this vision? Juniper Networks is getting back to basics with a focus on Engineering Simplicity. This is more than a marketing tagline – it’s an acknowledgement that in today’s complex world, the thing that most impedes our collective progress is complexity. As the technology industry’s challenges become more complex, so have the solutions. While we’re no longer physically tripping over ethernet cables, we are now caught between rigid network infrastructure and complicated programming interfaces. Engineering Simplicity is a move towards more userfriendly, intuitive networking. Juniper Networks has always been about innovation that stems from a focus on engineering and we believe that creating simplicity through engineering is the highest form of innovation. How can technologies around automation help accelerate network security? IT security is integral to the network, as much as the network is to business transformation. The biggest data security challenges faced by enterprises
are the evolving nature of attacks, the threat surface expanding exponentially and lastly, the struggle to keep up. In a recent study launched by Juniper Networks and Ponemon Institute, it is reported that fighting cybercrime will cost businesses globally more than $6 trillion annually and that there will be 3.5 million unfilled security jobs by 2021. Therefore, building automated security into the network fabric provides enterprises with a way to overcome the skills shortage but still maintain exceptional performance, reliability and intelligence to thwart attacks, minimise the disruption of services and maintain positive reputations amongst customers. Juniper’s unified cybersecurity platform is powered by virtualised routing and security elements, automated remediation and real-time intelligence shared across organisations via cloud and machine learning. With this approach, enterprise networks will know how to defend valuable data and infrastructure. This gives organisations an edge when defending assets from unknown or hard-to-detect malware such as ransomware that often leverages the attacker’s own automation to proliferate rapidly.
In my mind, for IT to succeed in becoming multicloud-ready, it is critical that organisations think about every aspect of their networks, from HQ to branch and campus, as well as the data centre and public cloud. Otherwise, enterprises could face fractured security and operations as network boundaries can get in the way of seamless, end-to-end visibility and control.
12
10.2018
What is the company’s primary objective for taking part at GITEX this year? Juniper’s primary objective at GITEX this year is to showcase to our customers the simple path to a secure and automated multicloud, which paves way to a successful digital transformation. We will share our insights into how simplicity in engineering can reduce operational complexity, secure network infrastructure effectively and innovate revenue-generating services as companies migrate to a 5G/IoT Distributed Mobile Cloud. Juniper will demonstrate how operators and enterprises alike can build an extensive, secure and robust infrastructure capable of meeting the performance, latency and massive scale demands of 5G and IoT services. In addition to showcasing our latest portfolio of endto-end secure network infrastructure solutions, we will also be developing a multi-touch interactive story board that will lay out the enterprise cloud transformation journey in a few clear steps for visitors to our booth.
C
M
Y
CM
MY
CY
CMY
What can we expect from Juniper Networks in the coming months? As we work through the year and shape up for 2019, Juniper Networks will continue to add value to our solutions and product sets. We will continue to drive digital transformation with our partners by equipping them with the tools they need to deploy network infrastructure solutions successfully for our customers. Partnerfocused marketing campaigns have enabled Juniper’s partners to tap into new business opportunities around data centre and network security. These campaigns arm partners with the tools they need to sell our entire, secure infrastructure solutions as well as understand the needs of specific environments like campus and data centre architecture. Juniper fundamentally believes in interoperability and choice, which helps our customers build and operate the exact secure network for their business needs. www.tahawultech.com
K
INTERVIEW
OUT OF SIGHT, OUT OF MIND Nicolai Solling, Help AG’s chief technology officer, gives his take on why excitement around cloud has caused many organisations to be complacent and hands-off in how they manage their data.
as a move to cloud finally become a realistic prospect for the Middle East, and what implications does that have on security? Just 12 months ago, it wasn’t being considered in certain sectors, but we’ve now seen a big shift around cloud perception. This creates a number of security issues that need to be addressed. We’ve looked long and hard at our own portfolio to figure out how to secure cloud. We also started migrating to cloud services ourselves, which is a good way to figure out what works and what doesn’t. We’ve learned that cloud is not necessarily secure.
H
Why is identity and access management so important to cloud security? Inside an office, you can clearly inspect and authorise users. With cloud, it’s different because you’re connecting over the Internet. Identity has to be addressed, and you need to create high levels of authentication. With infrastructure-as-a-service in particular you need to ensure you dictate who has admin controls, because that can be disastrous if you get it wrong. When moving to cloud, you need to make sure the data is still yours. Encryption helps in that sense. You need to instil your own data governance and encrypt data when it’s not in use for SaaS and IaaS environments. Not all 14
10.2018
cloud services are built the same way, and it’s critical to ensure that a cloud service is ethical around data. Is it fair to say that cloud is in some ways more secure than on-premise environments? I have full trust that any of the major cloud providers’ $1 billion or so annual spend on security is put to good use, but you could argue that because it’s a larger attack surface, you could also be part of a bigger target. Our risk assessment shows attacks are very different. Attackers won’t try to penetrate applications anymore, and you can’t just apply your own security of applications. Attackers are intelligent, and will change the way they attack. We’ve seen over the last couple of years that attacks will focus around users with social engineering. We need to prepare for a new threat scenario, and deal with new threats that come our way. Do customers make incorrect assumptions about cloud that risk compromising their security? When I’ve spoken to clients, what struck me was how they did not understand that they have to secure the cloud service themselves. It’s clear that cloud service providers take care of security, but what you put in the cloud is up to you. In the process of moving data to the cloud, a lot of organisations forget that this is all important. You need to think
What’s struck me is how clients do not understand that they have to secure cloud services themselves.
about when you put data into a cloud service, even if you want to move away from it, vendors may delete your data. What are Help AG’s main principles to cloud security? We offer managed security services, where we analyse events in customer environments. You need to take events generated by cloud and turn that into event data. It’s also important to deal with controls and ensure you have confidence that the right user identity is connecting to a service. Identity is the forefront of cybersecurity today. It’s also about endpoint controls, avoiding malware and malicious software, and tricking users into doing something. Many of the technologies that organisations currently use aren’t right for cloud. www.tahawultech.com
The InfoWatch Analytical Center analysed information security incidents over the period from July 1, 2017, to June 30, 2018 involving personal data, payment details and other confidential information leaks. The report examined 60 data breaches from businesses, public organisations, and governmental agencies in the region, while the global sample for the same period included 2,000+ data leaks.
FEATURE
EXECUTIVE MEASURES With data breaches, ransomware attacks, and zero-day vulnerabilities making headlines almost regularly, businesses can no longer afford to make security an afterthought. Yet, business leaders still fail to ensure the implementation of the right strategies, investments and policies when it comes to cybsersecurity.
A
ccording to a recent study by the Ponemon Institute, the average cost of a successful cyber-attack is over $5 million, or $301 per employee. While the financial setback is alarming, it is not the only aspect to consider, there’s also the reputational damage which often exceeds the direct impact on revenue. However, despite the scale and potential harm from the massive hacks and other breaches that made headlines in the recent years, 18
10.2018
organisations everywhere still lack the necessary measures to defend themselves against attacks. In fact, a recent report by Cognizant’s Center for the Future of Work titled, “Securing the Digital Future,” found that 45 percent of senior execs view cybersecurity as purely an IT initiative and only nine percent regard it as a top priority of the board. “Our research revealed that a primary reason for conflicting cybersecurity strategies and spending is that C-level executives and technical managers don’t always see eye-to-eye regarding security
priorities, and a misaligned C-Suite can put the organisation at risk,” says Kamel Heus, regional manager, Centrify. However, this is increasingly changing and the days where C-suite executives were unaware of cyber threats are over, says Vahe Daghlian, co-founder and managing director, DTS Solutions. “CXO’s today do understand the importance and potential ramifications of cybersecurity and the need to invest in initiatives that would improve their overall cyber posture. “It is no longer a matter of whether C-suite executives are aware or not. It is www.tahawultech.com
FEATURE
Our research revealed that a primary reason for conflicting cybersecurity strategies and spending is that C-level executives and technical managers don’t always see eye-to-eye regarding security priorities, and a misaligned C-Suite can put the organisation at risk. - Kamel Heus, Centrify
now more about them ensuring that their ogranisation’s current cybersecurity programmes and initiatives can adequately deal with, evaluate and remediate cyber threats,” he adds. Eyad Shihabi, vice president, Middle East, Africa, and Turkey, BT, agrees saying when it comes to digital ambition, some CEOs consider cybersecurity measures a necessary evil, while others take a more constructive view that security is an opportunity to create differentiation. “This view is especially prevalent in consumer-facing sectors. Research www.tahawultech.com
suggests CEOs feel that security should not hold back any digital transformation progress, although when asked about specific barriers and concerns, security does feature highly,” he says. Although awareness of cyber threats has never been higher, many businesses continue to fall into dangerous traps as they deal with the complexity of securing a digital enterprise. A research study with Dow Jones Customer Intelligence, “CEO Disconnect is Weakening Cybersecurity” revealed that a misalignment between CEOs and Technical Officers is weakening enterprise cybersecurity postures. The report highlights that CEOs are incorrectly focused on malware, creating a disconnect within the C-suite, which results in undue risk exposure and prevents organisations from effectively stopping breaches. “Business leaders should therefore rethink security and apply a Zero Trust Security approach that verifies every user, validates their devices, and limits access and privilege,” says Heus.
This is primarily because as majority of boards and non-IT C-level leaders are well-equipped to deal with and prioritise financial planning, compliance and growth strategies, cybersecurity is often lower down in the pecking order. But recent regulatory implementations have been pushing organisations across the regional space to re-think their security measures and take action towards better security and data protection. “The enactment of the General Data Protection Regulation (GDPR) has definitely brought a great deal of attention to the issue security and privacy,” says Gaurav Mohan, VP sales, South Asia, MEA and CIS, Netscout. “The penalties are severe, and that was done by design as an incentive for business to put the proper controls in place. While GDPR is thought of as an EU regulation, its impact has been felt around the world.” CEOs and boards of directors are considered most accountable for major cybersecurity incidents, says Fady 10.2018
19
FEATURE
Younes, Cybersecurity Director, Middle East and Africa, Cisco. “But executives in charge of enterprise risk, chief information security officers (CISOs) and CIOs, and department heads all share the accountability when things go wrong. In today’s connected era, Cybersecurity accountability extends all the way to the top. “GDPR is founded on taking care of, and lawfully processing personal data. It forces organisations to approach data protection at various levels and ensure that it is embedded in their business, strategies, transformation and commercial arrangements. Data protection doesn’t have to be expensive. It needs to be focused in the right areas that will provide a demonstrable return and a demonstrable improvement from a current position.” More than GDPR, security experts say that there are a number of potential measures that would motivate decision-makers to make security a business priority. “In terms of motivations, it’s usually the avoidance of the financial and reputational repercussions of a potential data breach,” says Patrick Grillo, senior director, Solutions Marketing at Fortinet.
“More importantly, as organisations increasingly rely on technology to achieve business objectives, they must realise how critical it is to safeguard the same technologies to avoid operational disruptions. Executive sponsorship and awareness of the need, role and implementation of security is an absolute necessity.” There’s a common wisdom in the security landscape inferring that it’s not if but when your organisation will be infiltrated. We should keep in mind then that cybersecurity is a top concern for all C-level execs in any organisation today. “There are a few motivations that effect decision-makers and help them identify security as a priority,” says Morey Haber, CTO, BeyondTrust. “Among those are mandatory security audits and/or implementing regulatory compliance penalties; a breach in a peer, competitor, or even within the organisation; and contractual requirements that force policies, procedures, and attestation reporting in order to conduct business “C-level executives should be involved in every major security initiative. Security is not just a technology and cost centre, it is a culture. Cultures arise from management and their
The enactment of GDPR has definitely brought a great deal of attention to the issue security and privacy. The penalties are severe, and that was done by design as an incentive for business to put the proper controls in place. - Gaurav Mohan, Netscout
20
10.2018
guidance. They help enforce their strengths and squash their weaknesses. It is, therefore, vital that all layers of the organisation are involved in security, starting from the top down.” The Cognizant study also cited the lack of expertise by executives as a reason behind why they fail to prioritise cybersecurity. It also highlighted that the Board and the C-level management should be involved in ensuring IT and cybersecurity integration in building their cyber defences from the get-go, it said. This begs the question – should technology and security expertise be soon a required qualification for appointing future CEOs? “No, a good CEO knows how to delegate,” says Haber. “He doesn’t necessarily need to be a security or technology expert. However, he will need to have an understanding of cybersecurity risks and translate them into business metrics. There are many roles under a CEO that can handle these requirements. So as long as they properly communicate business risks and requirements, it will not be a requirement. “That being said, it would be beneficial if the company itself specialises in technology or security,” he adds. Hadi Jaafarawi, managing director, Qualys Middle East, seconds this notion, saying managing business risk, and even firefighting, is part of the job description, and planning to prevent the cyber-attack is what successful companies do. “Hence, CEOs and other members of the C-suite should be wellversed in dealing with security risks. CEOs should meet regularly with the CISO, review reports, ask questions, and d support security best practices in front of the other executives and board. They should also endorse, support and implement security policies.” Security should be at the core of the digital transformation of any business. Therefore, the C-suite and Board members need to take full leadership position on cybersecurity to win against cyber adversaries. www.tahawultech.com
FEATURE
DON’T TAKE THE BAIT Hackers today are getting smarter and are continually honing their skills and tactics to exploit the weak links of an organisation, and oftentimes it’s the company employees. Security Advisor ME speaks to industry experts to find out about practical steps individuals and organisations can take to fend of phishing scams.
www.tahawultech.com
P
hishing attacks continue to threaten organisations’ digital security in droves. A significant number of data breaches and online attacks have at some point involved a phishing attempt to steal credentials, launch fraudulent transactions or to lure someone into downloading malware. Organisations across all industries no matter how big or small are impacted by phishing attacks. In fact, even Internet giants such as Facebook and Google have been duped out of $100 million through an email phishing scheme when a hacker impersonated a computer-parts vendor. In fact, a study conducted by cybersecurity firm Wombat Security found that 76 percent of organisations have experienced phishing attacks in 2017. Phishing attacks typically come in the form of fake emails that seem to come from legitimate sources such as 10.2018
21
FEATURE
the company’s management, banks, a frequently visited website and the likes. “Mass phishing is the most prevalent type of phishing method,” says Harish Chib, vice president, Middle East and Africa, Sophos. “These attacks are largely opportunistic and takes advantage of a company’s brand name to try and lure the brand’s customers to spoofed sites where they are tricked into parting with credit card information, login credentials, and other personal information that will be later resold for financial gain.” Such attacks frequently rely on email spoofing, where an email’s “from” field is forged to make the message appear as if it was sent by a trusted sender. The idea is to get the victims to click a link in an email and after doing so they are taken to a website that looks reliable, but in reality, it has been created to steal information. Another kind of phishing attack that’s extremely successful is spear phishing. This type of attack specifically targets high-value victims and organisations. Instead of trying to get banking credentials of thousands of consumers, the attackers deem it more lucrative to target a handful of businesses. It usually uses tactics that trick users into a false sense of trust by crafting information specific to the recipient.
Don’t rely on just one single vendor or service to block all inbound attacks. There is a better chance of staying protected with a layered security model. - Jeff Ogden, Mimecast
The victims are then fooled into clicking or downloading a malicious payload or into prompting an undesired action such as a money wire transfer. Business Email Compromise (BEC) is yet another commonly used phishing scheme. This form of cyber-attack is even more targeted as it focuses on key individuals in specific departments of an organisation typically those who are involved in the finance function. “This is also often referred to as ‘CEO fraud’,” explains Chib. “These attacks are so-named because they’re associated with employee email accounts being
It is imperative to ensure that your employees are prepared to handle security related incidents, as the success and failure of your organisation’s security measures begin and end with your employees. - Mathivanan Venkatachalam, ManageEngine.
22
10.2018
impersonated – often financial officers and CEOs – rather than the sender address is spoofed. This makes attacks much harder to spot by end users.” BEC may involve malware, social engineering or a combination of the two. Since phishing attacks target and trick people using sophisticated yet practical techniques, no business is immune to them. Social media has also advanced phishing attacks to become more targeted, highly relevant and personalised. Nobody wants to fall prey to a phishing scam. A successful phishing attack could cost your company anywhere from thousands to millions of dollars. Fortunately, there are ways to avoid becoming victims to such attacks. Here are a few tips to minimise the risks of phishing attacks: • Stop phishing threats at the door While it is impossible to preemptively block all phishing attempts it is ideal to roll out solutions and strategies to stop malicious URLs from even getting into your email and online gateways. “Use security solutions with dedicated functionality aimed at detecting, filtering and blocking phishing attempts,” says Amir Kanaan, managing director, META, Kaspersky Lab. “These solutions should be integrated into email systems whether it is on-premise or in the cloud.” www.tahawultech.com
FEATURE
It is always important to keep in mind that there’ no one-size-fits-all solution against cybercrime. Jeff Ogden, general manager, Middle East, Mimecast, says, “Don’t rely on just one single vendor or service to block all inbound attacks. There is a better chance of staying protected with a layered security model.” In addition, make sure to keep all systems current with the latest security patches and updates. • Encourage suspicion Often, phishing scams come in the form of links in emails that appear to be sent from people or organisations you know and trust. Organisations should encourage employees to be more suspicious. Instill a “think before you click” campaign and make sure users within the firm remember to always check links address and the sender’s email before clicking anything. “Email was never designed with security in mind yet it has become the default mode of important Internet communication between organisations,” explains Ogden. “It’s no surprise that human error is involved in 95 percent of all cyber breaches, which seriously undermines technology-based efforts to defend against spear-phishing, supply chain impersonation, ransomware and a whole host of new threats,” he adds. According to a recent study of consumers conducted by Kaspersky Lab and B2B International, lack of IT security awareness remains a worrying reality for businesses around the world. “The research further found that only 18 percent of employed respondents in the META region are fully aware of the IT security policies and rules set in their workplace,” says Kanaan. IT teams should also restrict employees from downloading suspicious email attachments. • Ensure secure connections Encourage employees to avoid using unsecured network connections when accessing websites that require personal www.tahawultech.com
and financial information as well as company emails. Hackers can capture sensitive password data for banking, email or shopping sent on a public Wi-Fi even though your browser shows the traditional key icon denoting security. “Organisations need to ensure that all of their endpoints, whether it be laptops, smartphones, tablets and the likes, are secure to effectively counter phishing attacks,” explains Mathivanan Venkatachalam, vice president, ManageEngine.
whose employees are not trained to recognise phishing attempts are more vulnerable to such attacks.” It is important to remember that a company’s cybersecurity strategy is only as strong as the weakest link – its employees. “It is imperative to ensure that your employees are prepared to handle security-related incidents, as the success and failure of your organisation’s security measures begin and end with your employees,” says
Use security solutions with dedicated functionality aimed at detecting, filtering and blocking phishing attempts. These solutions should be integrated into email systems whether it is on-premise or in the cloud.” - Amir Kanaan, Kaspersky Lab
“Whenever possible, ensure secure VPN access to corporate resources even when the user’s device is connected to untrusted public WiFi. As much as possible, prevent man-in-the-middle attacks by allowing devices to connect only to the corporate WiFi,” he adds. • Create a cybersecurity-aware culture Organisations need to educate employees and conduct training sessions on how they can recognise and respond to phishing attacks. Addressing phishing threats requires more than building or deploying a security solution. “Human behaviour is a critical element of security against phishing attacks,” says Chib. “Organisations
Venkatachalam. “A comprehensive user education programme goes beyond just the occasional enterprise-wide corporate security seminar. “To be successful, organisations need to ensure that the employees take the programme seriously. So, start off by making your employees aware of the gravity of such an attack and train them on the best practices to counter phishing attempts,” he adds. No silver bullet exists when it comes to security. For measures against phishing attacks to be successful, there needs to be a right combination of people, processes and technologies. Furthermore, we must take proactive steps to ensure that our organisations are protected and resilient. 10.2018
23
AWARDS
SECURING THE FUTURE TahawulTech.com Future Security Awards celebrated and recognised accomplishments in the regional IT security landscape.
T
he journey towards digital transformation coupled with the rise of cyber incidents is driving enterprises to invest in cybersecurity. TahawulTech.com Future Security Awards recognised individuals and organisations who have shown prowess and leadership in building the foundation of a digital future with security innovation. The 2018 edition of Future Security Awards ceremony, which kicked off on 17th September 2018 at the Habtoor Grand Hotel in Dubai, was attended by 200 industry stalwarts, and recognised 20 organisations and IT security leaders. Future Security Awards received over 150 nominations from both enduser and vendor categories. Winners were chosen by a panel of esteemed judges who have evaluated the set of nominations from across the region in a ten-day process to decide the most-deserving candidates.
24
10.2018
Our esteemed judges:
Bhavani Suresh, president, ISACA UAE Chapter
Irene Corpuz, Manager for Transformational Projects, UAE Federal Entity
Javed Abbasi, principal consultant and founder, GISBA
Megha Kumar, research director, Software and Cloud, IDC META
www.tahawultech.com
AWARDS
Top CISO of the Year
Ahmad Al Emadi, Dubai Municipality
Best IT Security Project – Public Sector Dubai Municipality
Best IT Security Project – Private Sector RAKBANK
Personal Contribution to IT Security Tushar Vartak, Director of Information Security, RAKBANK (In photo: Jaykumar Ramasamy, head of SOC, RAKBANK)
Most Outstanding Security Team Network International
www.tahawultech.com
10.2018
25
AWARDS
Best Security Systems Integrator AGC Networks
Best Cloud Security Vendor Check Point
Best Identity and Access Management Vendor Cisco
Best Encryption Vendor Endpoint Protector
26
10.2018
www.tahawultech.com
AWARDS
Best Security VAD Exclusive Networks
Best Managed Security Services Provider Help AG
Best Network Security Vendor Juniper Networks
www.tahawultech.com
10.2018
27
AWARDS
Best Anti-Malware Vendor Kaspersky Lab
Best Mobile Security Vendor ManageEngine
Best Managed Detection and Response Service Provider Paladion
Best Anti-Spam Vendor Sophos
28
10.2018
www.tahawultech.com
AWARDS
EDITOR’S CHOICE: Innovative Security Distributor Arrow ECS
EDITOR’S CHOICE: Network Security Vendor Barracuda Networks
EDITOR’S CHOICE: Cloud Security Vendor Fortinet
EDITOR’S CHOICE: Vulnerability Management Provider Ivanti
www.tahawultech.com
10.2018
29
FEATURE
GAINING THE UPPER HAND
In cybersecurity there is an adage that the adversaries only need to be right once to succeed, while the good guys have to be right every single time or face severe consequences. Therefore, security teams need to stay vigilant all the time. Daniel Bardsley explores how deception technologies can give the defenders a unique advantage against attackers.
30 10.2018
www.tahawultech.com
FEATURE
D
eception technology, according to Ori Bach of the Californian-headquartered cybersecurity company TrapX, is nothing less than a paradigm changer. It used to be the case, he says, that the “good guys needed to win every time and the bad guys only needed to win one time”. Now, though, things are turned on their head. “It’s not about reducing the attack surface; it’s about increasing attack surfaces, creating more fake attacks,” he says. “With deception, the bad guys constantly have to be careful not to touch one of our traps. The moment they hit one of our traps, it’s over for them. We sit back and watch them fail.” Drawing parallels with military deception, which has been a key element of warfare down the millennia, deception involves luring in cyber-attackers by offering up enticing targets that are, actually, part of a decoy system. Deception technology can be relatively simple, such as encouraging attackers to go after false leads by deploying text that is attractive to hackers in the network.
Or it may involve having a shadow network that has many parallels with the real thing, which is always changing. The use of deception technology is not just an acknowledgement that a perfect firewall, able to keep all attackers out, is an unattainable goal. It also reflects the fact that benefits can accrue from having attackers inside a system revealing how they operate. When deception is being employed, it can sometimes be better to let an attack, once detected, continue for a while rather than shutting it down immediately. The details of what takes place are recorded, and the greater understanding of how attackers operate, and the way the attack highlights software vulnerabilities – which attackers may have had to pay to acquire – can make it is easier to prevent a recurrence. It also serves to waste attackers’ time and, because time is money, this represents an economic cost. Using it could mean that the nefarious activities of attackers are no longer worth their while. Deception technology, suggests Ray Kafity, vice president, Middle East, Turkey and Africa for Attivo Networks, overcomes
Deception technology is already gaining importance as cyber-attacks become more sophisticated and attackers target non-traditional attack surfaces. Overall, deception is one of the most efficient and effective detection solutions, and the next leap forward that organisations are taking to close the detection gap. - Ray Kafity, Attivo Networks
www.tahawultech.com
a number of drawbacks of preventiononly defence. “While there are several detection solutions available, the challenge with many of them is that they are reliant on signatures, pattern matching or behavioural anomaly detection and, as such, are often too complex or resource-intensive for organisations to operate,” he says. “The learning curve and tuning process associated with these solutions will also inherently produce false positive noise, resulting in alert fatigue and notifications being ignored, all too often defeating their purpose or resulting in them becoming silenced or shelfware.” By contrast, deception typically involves early detection of in-network threats and this cuts the dwell time (the period during which the attacker is inside the system undetected), since engaging with decoys or other facets of the defence triggers an alert. There is much to suggest that deception technology is becoming more widely adopted. Indeed, research has suggested that the global market for it will exceed $1 billion in 2021. Just a few years TrapX, a deception technology specialist that employs about 80 people, around half of whom build code, was having to convince customers of its relevance in improving operational security. Today, the company is seeing deception being optimised in sectors ranging from manufacturing to healthcare. It is also, says Bach, being used more often within the cloud. “Clouds are a good [space] for deception – they’re large and distributed networks where deception plays well,” he says. Deception also ties in well with the use of the Internet of Things, he says, while a further trend Bach has observed is the closer integration between different defensive platforms. “As [deception] is becoming more common, it’s become more integrated into the broader security ecosystem,” he says. Taking a similar view about the growth of deception technology, Professor 10.2018
31
FEATURE
Kevin Curran, professor of cybersecurity at Ulster University, says it “will only become more widespread”. “Technology generally gets easier and applied into more products, then the suppliers of firewalls will start to use something like this,” he says. “I can only see it increasing. It’s a simple technique to use, yet it’s very effective.” The growth in the deployment of deception technology saw Attivo Networks grow 300 percent last year, with rapid growth in 2018 as well, according to Kafity. “Deception technology is already gaining importance as cyber-attacks become more sophisticated and attackers target non-traditional attack surfaces,” he said. “Overall, deception is one of the most efficient and effective detection solutions, and the next leap forward that organisations are taking to close the detection gap.” Deception technology evolved from the use of “honeypots”, which are pieces of data typically held outside the network. While honeypots have proved useful, they had their disadvantages, explains Kafity. “While the data collected was interesting, creating and managing these emulated decoys was highly time- and resourceintensive, which is why it was never widely adopted by enterprises,” he says.
As [deception] is becoming more common, it’s become more integrated into the broader security ecosystem.
32
10.2018
With deception, the bad guys constantly have to be careful not to touch one of our traps. The moment they hit one of our traps, it’s over for them. We sit back and watch them fail. - Ori Bach, TrapX
“Today, deception technology has evolved from limited, static capabilities to adaptive, machine learning deception that is designed for ease of use and scalability.” Honeypots tended to be something that is primarily used by large enterprises, typically because of the resources required. However, the use of automation means that deception is now accessible to much smaller users, according to Bach. “We have fully automated the solution, so the customer can use it at the click of a button,” he says. “Some of these companies with less than 100 employees can use the technology. “By integrating deception into their existing anti-virus endpoint, they’re able to pick up the bad guys.” Like Bach, Kafity sees deception as being a realistic solution for all types of companies, describing commercially available options as “simple” and suitable even for organisations with “the most limited resources”. “Additionally, for those who do not want to manage security services inhouse, they have the option to purchase deception services through a managed service provider,” he says. “It has never been easier or more practical to achieve accurate and early threat detection for organisations of all sizes.”
Experts have highlighted a number of characteristics required if deception is to be successful. Key among them is that the decoy should seem authentic in order to attract attackers. Other important attributes include the absence of false positives, which can be an issue with traditional cybersecurity technology; and ensuring that the system is capable of dealing with an evolving attack surface. This last point means that cybersecurity systems should use multiple types of deception to deal with various methods of attack. Effective deception systems are able to deal with everything from man-inthe-middle attacks, in which an attacker compromises the communication between two parties, through to credential theft, and attacks that involve lateral movement, a reference to the way the attackers move through the target system. As Kafity puts it, deception can detect and respond to in-network threats “regardless of the attack vector or attack surface”. He says a “distributed deception platform” offered by companies such as his offers early detection, enhanced threat visibility and accelerated response. So, organisations large or small can do much worse than look to deception as they bid to secure their networks and outfox the fraudsters. www.tahawultech.com
FEATURE
THE NEXT BIG SECURITY WORRY By Daniel Bardsley
34 10.2018
www.tahawultech.com
FEATURE
O
ne of the most notorious hacks of recent times was the late 2017 database breach suffered by the consumer credit reporting agency Equifax, which saw huge numbers of records compromised. Cybercriminals accessed the details of about 150 million consumers, most of them Americans but with others coming from the United Kingdom and Canada. Equifax faced a storm of criticism over the release of what was in many cases sensitive information, and a major classaction lawsuit was launched in the United States not long after the breach occurred. The issue has also been significant enough for the American senator Elizabeth Warren, a tough-talking consumer advocate, to deliver a volley of criticism the company’s way. Warren also asked probing questions about exactly what details had been stolen, and it turned out that everything from dates of birth to addresses to payment card details to driving licence numbers had been accessed. And as recently as September this year, the Information Commissioner’s Office, Britain’s data watchdog, fined Equifax £500,000 over the breach, its largest possible sanction. What characterised the hack was that it was a “fileless” attack, a name that
references the fact that such incidents do not involve malware. In this case, it exploited instead a command injection vulnerability, meaning that it allowed for remote execution of code so that external hackers could manipulate an opensource enterprise software called Apache Struts. Also known as zero footprint, nonmalware, in-memory and a host of other names, such attacks are becoming increasingly common as fraudsters look for new ways to circumvent cyber defences. “There’s rogue code that resides in the memory and it’s very difficult to detect. That’s increasingly happening,” says Paula Thomas, a cybersecurity specialist and academic subject leader for technical and applied computing at the University of Gloucestershire in the United Kingdom. “Anti-virus technologies are becoming quite sophisticated, so they’re able to detect all sorts of issues – there are few ways in. Whereas memory is largely unprotected – there are tools you can inject directly into memory.” One factor in the growth of fileless attacks is the wider availability of hacker toolkits that facilitate their deployment. Previously, the significant technological demands of launching fileless attacks meant that large and
We’re starting to use technologies like machine learning to block file-based attacks. With fileless it is a little bit easier to bypass these defences. They’ve always been there, but the growth is now definitely greater than we’ve seen before. - Vibin Shaju, McAfee
www.tahawultech.com
well-resourced hacking operations, such as those run by nation states, were typically responsible for them. Today, though, much smaller and less sophisticated operations run by cybercriminals, whose sights are on financial gain rather than geopolitical disruption, are often to blame. “People have had so many problems with ransomware. Fileless attacks are a major part of the success factor,” says Nicolai Solling, the Dubai-based chief technology officer for the Middle East operation of the cybersecurity company Help AG. “Cyber threats such as ransomware and cryptomining utilise elements of fileless attacks – all of these different things have been the latest big security issues. That’s really an indicator that this is an area that we should start focusing on.” Plenty of statistics, such as those released by the Massachusetts-based cybersecurity company Carbon Black, back up the perception that fileless attacks are an increasing threat. In early 2016, just a handful of a percent of attacks were said to be fileless, with malware-based deployment still far more of a problem. In the relatively short period of time since, the situation has changed dramatically. Recent figures indicate that there is a fileless component to one in three cyber-attacks, and that more than half of all successful attacks are fileless. Indeed, some experts have said that fileless attacks are as much as ten times as likely to succeed as their file-based equivalents. “We’re starting to use technologies like machine learning to block filebased attacks. With fileless it is a little bit easier to bypass these defences. They’ve always been there, but the growth is now definitely greater than we’ve seen before,” says Vibin Shaju, pre-sales director for southern Europe and the Middle East at the cybersecurity company McAfee. Fileless attacks typically get through defences by exploiting vulnerabilities in apparently safe applications, such as browsers or document readers, that are 10.2018
35
FEATURE
already installed in a computer. That was the case with the Equifax hack. “It completely exists in the memory. It exploits the trust and makes sure there’s no files in the hard drive,” says Shaju. There is no doubt, then, that fileless attacks are now ubiquitous and often highly dangerous. So, what can individuals and organisations do to defend against them? Basic housekeeping measures, especially in relation to keeping everything up to date – including operating systems, browsers and applications/software – are critical, as these can reduce the likelihood that there will be vulnerabilities that hackers can exploit. “You can ensure that your computer’s software is securely patched, your operating system is securely patched. You need to have good anti-virus software,” says Thomas from the University of Gloucestershire. These common-sense measures are not always followed: a patch that could have prevented the Equifax breach had been made available many weeks before the attack. It is no wonder then that Equifax’s reputation has suffered so heavily in the wake of the scandal. Cybersecurity companies too have had to respond and adapt their technologies so that they are able to identify and neutralise fileless attacks. “It’s been very challenging for the legacy cybersecurity vendors
If someone is able to execute PowerShell with malicious intent, you can very easily create havoc on that machine. When it’s executed, from a file perspective it’s completely secure – we trust the file and everything is fine around it, but the outcome of using that file, when it’s malicious, could be catastrophic. - Nicolai Solling, Help AG
looking for file execution,” says Help AG’s Solling. As an example, Solling cites the exploitation of PowerShell, Microsoft’s “task-based command-line shell and scripting language”, which allows the automation of tasks for the management of operating systems such as Windows. “The attackers are trying to utilise functions that would turn the system against itself,” says Solling. “If someone is able to execute PowerShell with malicious intent, you can very easily create havoc on that machine. “When it’s executed, from a file perspective it’s completely secure – we
You can ensure that your computer’s software is securely patched, your operating system is securely patched. You need to have good anti-virus software. - Paula Thomas, University of Gloucestershire
36
10.2018
trust the file and everything is fine around it, but the outcome of using that file, when it’s malicious, could be catastrophic. “A normal anti-virus that looks at the content will not be able detect anything other than a PowerShell file. That’s the biggest danger of fileless attacks.” To deal with such threats, there has had to be a change from trying to identify a specific file – a method that would not show up a threat from a fileless attack – to attempting to understand the behaviour of that file, because this can highlight that something is amiss. Behaviour-based analysis has, as a result, been the focus of much recent research-and-development activity in cybersecurity companies. For instance, Solling says that a particular PowerShell script could be signed, meaning that it is trusted and can therefore run, while the absence of such a signature could be used to identify cases where there is the threat of an attack. “You might have another PowerShell script trying to run from a Word document you get from a third-party email. That’s not authorised, so it cannot run,” he says. So, although fileless attacks represent a strengthening of the armory of cyberattackers, their malign efforts are being met with heavy resistance. www.tahawultech.com
Sophos @ GITEX 2018 Visit Sophos booth SR-D4 in Rashid Hall.
Intercept X for Server
Unmatched Server Protection Protect the critical applications and data at the core of your organization, with these essential protections:
• Deep Learning Neural Network: Protects against never-before-seen malware • Anti-Exploit: Prevents an attacker from leveraging common hacking techniques • Server Lockdown: Provides application whitelisting with a single click Get Free Trial www.sophos.com/server
Endpoint Security Software Vendor of the Year
Best Encryption Vendor of the Year
Best UTM Vendor of the Year
Innovative Vendor in Endpoint Security
Top Vendor Endpoint Security of the Year
FEATURE
SAFE HAVEN Homes today are increasingly becoming connected as more and more people use devices aimed specifically at making our lives easier. However, while connected devices can make daily chores more convenient, it could also be a doorway for hackers, Daniel Bardsley investigates.Â
38
10.2018
www.tahawultech.com
FEATURE
A
few months ago, a team of researchers set out to find out how easy it would be to hack Internet of Things devices in the home, from doorbells to baby monitors to security cameras. The results were a stark wake-up call: One of those involved in the study said it was “frightening” how easy it would be for someone with ill-intent to take over devices. It took less than 30 minutes to get into some of the off-the-shelf devices, with a simple Google search for default passwords enough for the researchers to gain access. Similarly, a host of ingenious attacks have been devised for, to give one example, Amazon Echo, Amazon’s brand of smart speakers. Whether it is turning early versions of the Echo into a bugging device by attaching an SD card reader and then manipulating it for various malign reasons (admittedly not a straightforward hack) through to asking the Alexa personal assistant to unlock the front door, there are multiple potential vulnerabilities. Indeed, as these few examples show, the consequences of a hack could be
Many companies offering connected devices are not investing in security in the way they should be. They don’t care about cybersecurity. They only care about profit – that’s my concern every time a new device appears. - Abdullahi Arabo, University of the West of England Bristol
serious indeed, from letting thieves enter a home, to allowing voyeurs to spy on residents, to causing a thermostat to make a house overheat and possibly catch fire. Also, accounts linked to devices could be hacked. The subject throws up myriad issues: how seriously device manufacturers are taking security; what action governments should take to protect consumers; whether governments are
As consumers, in my opinion, we should be trying to pay a bit more for our devices – not go to eBay or Amazon and buy a cheap device. That can be problematic. - Professor Miguel Rio, University College London
www.tahawultech.com
even capable of regulating the sector; whether consumers are ultimately responsible for protecting themselves. Few people have looked into the the security of connected devices in the home in greater depth than Dr Abdullahi Arabo, a senior lecturer in computer networks and mobile technology at the University of the West of England Bristol in the United Kingdom. As well as writing academic papers on the subject, he has also developed security frameworks for the private sector. In his view, many companies offering connected devices are not investing in security in the way they should be. “They don’t care about cybersecurity. They only care about profit – that’s my concern every time a new device appears,” he says. “It’s the last thing on their agenda and they don’t want to spend money on it. The only concern is to have the devices ready and sell them and make money and that’s it. They have little or no budget for security.” Such concerns are shared by Professor Miguel Rio, a professor of computer networks in the Department 10.2018
39
FEATURE
of Electrical Engineering at University College London. “There are lots of products on the market without the proper security framework or being certified. These are dangerous,” he says. Although some manufacturers, such as Amazon, are seen as more reliable in security terms, the multiple hacks demonstrated for Amazon Echo show that none is immune. And in any case, not everyone can afford the big-name brands with a better reputation. Could stricter regulation ensure that a good minimum security level is applied across the board? The situation is “moving much faster than governments can keep up with,” says Rio, so developing a robust regulatory regime is no easy task. Drawing parallels with other types of devices, Rio expects, however, that in time the IoT landscape will settle, making regulation easier. “Smartphones, they’ve been pretty stable for the last five years. We know how the ecosystem works. Once the main players get the main ecosystems stable for their homes, there’s a possibility for telecoms regulators to get into rolling out regulations,” he said. Ollie Whitehouse, global chief technology officer of the UK-based information assurance company NCC Group, which has more than 35 offices globally, including one in Dubai, said improvements at the design stage are already being seen. “Embedding security within the manufacturing process is becoming more common within the industry, with many adjusting defences to keep devices secure, but there is a long way to go,” he says. Whitehouse calls for an ongoing dialogue between manufacturers, regulators and consumers when it comes to expectations, and between manufacturers and the security industry when it comes to best practice. Regulating devices in the home, suggests Rio, is more problematic than 40
10.2018
WHAT CONSUMERS CAN DO When it comes to the security of Internet of Things (IoT) devices in the home, there are numerous measures consumers can take. Ollie Whitehouse, global chief technology officer of NCC Group, says there are “simple habits” that should not be forgotten. Echoing the comments of other specialists, he advises consumers to buy devices from reputable manufacturers and vendors. “Consumers can be swayed by cheaper models, but it’s most likely that these won’t have the right level of security needed to keep your personal information safe,” he says. “A number of very large highprofile vendors are able to invest in security due to their understanding and ability. However, for the most part, vendors are not.” Brands often considered to be more reliable in security terms include Google, Amazon and Apple. “Apple, for example, is very tough. All the information goes through Apple, so the devices are not freely connected to the outside world. That gives it, I wouldn’t say guarantees, but [it makes it] much more robust,” says Professor Miguel Rio, a professor of computer networks in the Department of Electrical Engineering at University College London. “As consumers, in my opinion we
doing so for IoT products used in other arenas. So perhaps the onus will remain on consumers to ensure their home devices – and remain safe. “There are other things like transport, cities, workplaces – these are more easy to regulate because they’re in a
should be trying to pay a bit more for our devices – not go to eBay or Amazon and buy a cheap device. That can be problematic.” Whitehouse says businesses and brands should encourage customers to practice good security hygiene by regularly updating software and passwords, having antivirus software in place and being vigilant about how they are using devices. Simple steps, but often forgotten. Also, frequently neglected is the device manual, but Whitehouse advises buyers to ensure that they read it thoroughly to understand the security configurations embedded in the device. This can ensure that basic security measures, such as changing default passwords, are not forgotten. It will also highlight additional controls that are not enabled by default, but which improve security and privacy if used. “All of this then needs to be supported by a secure perimeter to the home network – your router. This is incredibly important, because if a home router is compromised, all of the devices to this network will be at the mercy of the hacker,” says Whitehouse. In terms of a WiFi connection, Whitehouse advises only using WiFi Protected Access II (WPA2) and choosing a robust password.
public space,” says Rio. “If you want to put sensors on trains or planes, there are regulations looking at that. The home is your castle, so it’s much more up to you. These are very challenging times for devices, and security is the main thing.” www.tahawultech.com
SONICWALL RECEIVES STRONG NSS LABS RATING. AGAIN. NSa 2650 Awarded ‘Recommended’ Rating in 2018 NSS Labs NGFW Group Test After putting the NSa 2650 through rigorous testing, NSS Labs validated SonicWall next-generation firewall value and security effectiveness by placing SonicWall in the coveted ‘Recommended’ quadrant of its 2018 NGFW Group Test.
98.8%
100%
100%
Block Rate
Evasions
Stability & Reliability
www.sonicwall.com
INSIGHT
HOW TO KEEP YOUR JOB AFTER A CYBER-ATTACK Paul Proctor, vice president and distinguished analyst, Gartner, explains seven reasons why more CEOs will be fired over cybersecurity breaches — and how to prevent it.
42 10.2018
www.tahawultech.com
INSIGHT
T
he theft of private data on 143 million Americans made the Equifax cyberattack one of the biggest in history. The company’s handling of the breach came under intense scrutiny, resulting in CEO Richard Smith resigning in September 2017 amid the turmoil. It’s a sobering reminder for any CEO of the perils involved with data breaches. Regulatory trends indicate increasing responsibility for boards and executives in reporting and preventing cyberattacks. While you can’t control if you get attacked, you can control your organisation’s readiness to respond and weather the storm. Gartner has identified seven reasons why more CEOs will be fired over cybersecurity breaches and how they can hold onto their jobs.
CEOs need to reset their approach to risk and security to avoid getting fired. The purpose of the security programme is to create a balance between the need to protect and the need to run the business.
www.tahawultech.com
Many boards still believe cybersecurity is a technical problem handled by technical people, buried in IT. By hiring the right people with the right technical knowledge, you can lessen the chance of being attacked and stay out of the headlines.
No. 1. Accountability is broken More CEOs will be “held accountable.” Without good risk engagement there’s no accountability – “I just did what the security people told me to do.” Sell your executives on defensibility of decisions, not protection. Strong accountability models, in which risks rest with those that have the authority to address them, ensure that systemic security problems are not allowed to fester.
business outcomes they don’t understand. Engage your executives — this is their risk.
No. 2. The cultural disconnect Many boards still believe cybersecurity is a technical problem handled by technical people, buried in IT. By hiring the right people with the right technical knowledge, you can lessen the chance of being attacked and stay out of the headlines.
No. 6. Risk tolerance and appetite are fluffy Organisations create generic high-level statements about their risk appetite that don’t support good decision making. Avoid promising to only engage in low risk activities. This is counter to good business and creates another good reason to fire you if you engage in risky activities.
No. 3. The server that never got patched While there may be a legitimate business reason, many organisations have a handful of servers that never get patched. Conscious business decisions need to be made regarding what an organisation will do, but more importantly, what it won’t do to protect itself. No. 4. Your security officer is the defender of your organisation Security staff are hired because they’re experts and their job is to protect the organisation. These silos the issue, placing people in charge of protecting
No. 5. Throw money at the problem You can’t buy your way out — you still won’t be perfectly protected. Avoid negatively impacting business outcomes by raising ongoing operational costs and potentially damaging the ability of the organisation to function.
No. 7. Social pressure Blaming an organisation for getting hacked is like blaming a bank for getting robbed. The difference is that the banks are defensible — most organisations aren’t. The first step to recovery is to admit you have a problem. Your actions reinforce how people perceive the problem. CEOs need to reset their approach to risk and security to avoid getting fired. The purpose of the security programme is to create a balance between the need to protect and the need to run the business. 10.2018
43
INTERVIEW
THE BUSINESS OF TRUST Abdulrahman Alshetwey, CEO, Innovative Solutions, discusses the importance of security awareness and building trust in the digital age.
W
hat are some of the highlights at Innovative Solutions over the last 12 months? It has been an interesting last 12 months. We have seen customers become more in tuned and focused when it comes to improving their security operations. Customers are increasingly recognising the different challenges in the industry such as attracting and retaining IT security talents as well as effectively managing and monitoring complex security environments on a regular basis. Following our discussions with our clients, we found that there is a strong demand for solutions and strategies on how to optimise security operations and how to utilise managed services to ensure continuous and uninterrupted operations. Furthermore, we also observed that as organisations continue adopting cloud environments whether it be public, private or hybrid security remain a key concern. We have been actively communicating with our customer on developing the right solutions to address their concerns and requirements – and this is where we believe are continuously adding value. How is security important for an organisation’s digital transformation strategy? Building trust is the cornerstone of any successful digital transformation. Users play a very important role in this 44
10.2018
transformation, therefore, it is vital to create an environment of trust within an organisation. That’s why we believe security leaders need to pay more attention to user experience and bring in convenience when implementing their controls. How does Innovative Solutions aim to help Middle East businesses attain a secure digital environment? We always emphasise that technology is just one facet of security. It is important to remember that the people is just as important as implementing the latest technologies in the market. Organisations who have been compromised in the past had utilised various security solutions with some even deployed advanced protection mechanisms. However, 90 percent of the time a breach occurs because of human error such as employees falling victim to phishing attacks. Innovative Solutions has been actively focused on enabling organisations address the awareness gap through a comprehensive education and training programmes that include a learning management system to elevate the maturity of the human side when it comes to cybersecurity. What are the technologies that you think will make an impact on the security landscape in the coming years? Aside from IOT, SCADA Systems and 3D
printing and the hype of AI becoming the unpaid car driver, I do believe cloud and Machine Learning (ML) will have major impact in improving cybersecurity. Cloud will improve security on the long run and push the core business to finally take the lead from IT. ML has been around in different forms and names over the last 25 years. It has not really changed except for hardware improvements and cloud offerings that made it mainstream. ML technologies have the potential to relieve teams from the tedious day to day operations and focus on the real issues. Furthermore, the wealth of data being generated today has made ML algorithms learn better and faster. However, looking forward it is worth examining how ML can be regulated in the future to prevent privacy issues. What do you aim to showcase at GITEX this year? GITEX has been a platform for us to showcase our new and improved products. We will be showcasing our SaaS Security Awareness platform InfoShield. We believe that building trust starts with having no trust. As an industry, passwords proved to be a dark point in our quest to secure our assets. It is a psychological torture to keep believing otherwise. Therefore, would like to introduce in GITEX, our new and improved multi factor solution mPass and carry on a conversation on how we can keep customers’ business secure. www.tahawultech.com
INSIGHT
IS IT BECOMING EASIER FOR CYBERCRIMINALS TO ACCESS COMPANY DATA? By Ashraf Sheet, regional director, Middle East and Africa, Infoblox
W
e are in the age of the ‘office of the future’, every company now battles it out to attract staff and clients by having the most fun office, with the newest gadgets and apps. This has seen countless consumer toys become ‘business critical equipment.’ But has our love for consumer technologies made this the easiest time for cybercriminals to hack businesses? In a word, yes. At Infoblox we recently conducted a Shadow IoT research report, entitled ‘What is lurking in your network’, that found fitness trackers, smart TVs, virtual assistants and games consoles are increasingly becoming part of the office furniture. These devices open up a whole new myriad of ways cybercriminals can access company data. In the same report, it was found that over a third of companies in the US, UK and Germany (35 percent) reported more than 5,000 non-business devices connecting to their networks each day. This is essentially 5,000 non-business critical cybercrime risks. What’s the issue? These devices and consumer apps often make their way on to company’s 46
10.2018
networks without following the IT department’s guidelines. Nearly a quarter of employees from the US and UK that we surveyed did not know if their organisation had a security policy and out of those that did, 20 percent of UK respondents admitted rarely or never following it. And only one fifth of respondents in the US and UK said they followed it by the book. This increases the potential for an attack. We have previously seen personal devices undergo numerous malware attacks, for instance in 2017 McAfee researchers identified 144 apps on the Google Play store that contained a new malware strain, Grabos. If this malware was downloaded on the company network it could lead to a data breach disaster. How to avoid this but still give employees freedom? One option to avoid these breaches is to block personal devices and using social media in the work place. However, the fact is, employees want to use their new gadgets and access apps in the office, and companies want to entice new staff by allowing them. Rather than restrict employees it is important to educate them on what is likely a phishing scam or a malware
riddled piece of software and help them become the first line of defence. Businesses can also ensure they are avoiding major data breaches by having full visibility over what devices are on connected to their network. Using systems that identify all devices on the network at any given time, like an IP address management system, can provide real-time visibility of anything connected to the company network. They can also secure their network through DNS security solutions that will alert them of any new assets or devices that are joining the system so they can identify and block malicious activity quickly. Get ahead of the cybercriminals Personal devices and consumer apps aren’t going to go away from the workplace. In fact, each year a new device will be on trend and people will immediately want it on their desk. These will provide a whole new host of ways that make it much easier for cybercriminals to access company data. We are essentially making it easier for them each time we buy a new toy. But, the war is not lost. With the right solutions companies can get ahead of their staff and protect networks no matter what new gadgets are suddenly connected to them. www.tahawultech.com
Special discount for readers! Save $300 on standard registration with code CPI
Gartner Security & Risk Management Summit 2018 October 22 - 23 / Dubai, UAE gartner.com/me/security
Securing Digital Business: Adapt. Transform. Scale. Discover the latest research and recommendations to transform your security strategy and build resilience across the enterprise. Special discount for readers! Save $300 on standard registration with code CPI
Š 2018 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. For more information, email info@gartner.com or visit gartner.com.
INSIGHT
ON THE CUTTING EDGE By Raphael de Cormis, VP Innovation Labs, Gemalto
T
he use of traditional cybersecurity can be a tedious day-to-day hassle, typing encrypted password or PINs onto small keyboards, which can easily be forgotten or stolen. With that in mind, the advancement of technology in the UAE is rapidly changing as more and more consumers expect a higher level of convenience and greater assurances around digital security. As biometric technology takes the spotlight, the flawed and laborious, password-based approach will be confined to history and the digital experience will no longer be compromised by an endless treadmill of usernames, passwords and PINs. All too often, these are over-simplified or carelessly stored, creating a fundamentally weak link in the cyber-defences. The advanced replacement will be solutions that can simultaneously fulfil the two compelling priorities of the 21st century consumer: convenience and security. Recent insights highlight that UAE consumers, in particular, are looking for more biometric technologies to be 48
10.2018
incorporated into their everyday lives. According to a survey conducted by Visa, 98 percent of UAE consumers would like to have the option to use at least one method of biometrics to make payments, 69 percent were interested in using fingerprint recognition to make payments and 56 percent were interested in eyescanning technology. The survey also states that 77 percent of UAE consumers recognise biometrics as a faster alternative to typed-in passwords and 79 percent perceive them as an easier option compared to
other security methods. Many UAE consumers are already familiar with biometric technology, i.e. unlocking a smartphone with a fingerprint or selfie. But there is a whole undiscovered world where the possibilities are endless if the full potential of biometric technology is unlocked, dramatically strengthening protections against modern threats such as cybercrime, identity theft and fraud. As a result, confidence in the online domain, and opportunities for greater convergence with the physical world, will flourish and the digital lifestyles of consumers
It is clear that biometric technologies have the potential to offer endless possibilities, creating an even more seamless and secure user-experience.
www.tahawultech.com
INSIGHT
will no longer be limited to usernames, passwords and easily forgotten PINs. Another global research report carried out by HSBC, Trust in Technology, talks about UAE being more technologically advanced compared to the other countries. The research revealed that UAE residents are early adopters of the latest technology due to a wider understanding and eagerness to experience the new innovations. UAE residents are easily influenced by new technology so much so, according to the same report, almost a third of residents was ready to switch to new bank services if there was a new bank offering better technology. Recent years have seen a dramatic acceleration in the breadth and depth of biometric deployments. Initially, governments and public authorities took the lead, most notably with the introduction of the e-passport, with the UAE introducing these new passports in 2011. In addition, anyone who has been through the Dubai airport can see the significant impact that biometric technology has had on air travel, both in terms of convenience and security. The introduction of smart gates uses www.tahawultech.com
the latest face-recognition software, allowing travelers to use biometric electronic passports or ID cards to seamlessly pass through security, rather lengthy procedure of getting the passport stamped by the authorities. Increasingly, the same approach is being applied to national ID schemes, as well as healthcare, welfare, civil registry and voting programs. The success of these initiatives has in turn simulated the interest of the commercial world. Here the launch of the iPhone 5s in 2013 proved a major milestone, introducing millions of people to the fingerprint scanner. Adoption was remarkably quick, with consumers demonstrating boundless enthusiasm for the idea of using unique personal characteristics to confirm their identity. Subsequently, the development of new technologies and techniques has been swift. They encompass physiological biometrics - including fingerprint, facial and iris recognition, as well as the shape of a hand or vein pattern - and behavioural characteristics, such as the way an individual walks, types on a keyboard or talks. Alongside this compelling enduser appeal, the key to biometrics’
transformative power lies in the fact that so many of the secure transactions that are undertaken – in both the physical and digital domains – are built around the principle of ‘two factor authentication”. To date, that has typically meant a combination of something a person already has in their possession, such as a payment card or mobile phone, and something they already know, like a pre-existing password or PIN, essentially something that cannot be readily copied, forgotten, lost or stolen. Extending the benefits even further, biometric techniques can now be combined with systems that use the very latest risk scoring, behavioural biometrics and machine learning systems to create rich, multidimensional portraits of each individual, and then ensure that authentication processes always match the true risk posed by a transaction. Moreover, it is now possible to tailor authentication not just to the level of assurance needed, but also the personal preferences of each individual end user. For service providers, biometrics therefore provide a means of staying one step ahead of the bad guys, whilst delivering new standards of customer satisfaction through highly customised processes. It is clear that biometric technologies have the potential to offer endless possibilities, creating an even more seamless and secure userexperience. It is also clear that the UAE, in comparison to other nations, is particularly ripe for the introduction of these technologies as an early adopter of the latest innovative solutions. It is therefore vital that companies, such as banks, mobile phone manufacturers, and eCommerce platforms, introduce biometric technologies in order to maintain and attract consumers. Now, more than ever, it is crucial to remain on the cutting edge. 10.2018
49
INSIGHT
Five steps SMBs can take for stronger security By Hadi Jaafarawi, managing director, Qualys Middle East
I
n any economy, SMBs and entrepreneurship play a key role in ensuring economic growth, innovation and job creation of the country. The SMB sector represents more than 94 percent of the total number of companies operating in the country and provide jobs for more than 86 percent of the private sector’s workforce. However, it is also true that SMBs face a mountain of challenges to achieve success. This can be overwhelming, especially for addressing a technical challenge like cybersecurity. SMBs can face even greater challenges to network security—from smaller budgets to fewer qualified staff. UAE’s Telecommunications Regulatory Authority (TRA), out of the 155 UAE attacks in Q1 of 2018, 35 of those had a significant impact. 45 percent cyber-attacks involved fraud and phishing and a further 26 percent cyber-attacks aimed to leak information, while others involved defamation and similar purposes. Since it is not possible to do everything with limited resources, SMBs must look for smarter ways to increase security. Following the recent announcement of its Community Edition, a free cloudbased service giving small organisations unified visibility of their own or their clients’ IT and web assets, and the ability to easily assess security and compliance postures. Here are five steps that security teams at organisations can adopt to improve their security posture: STEP 1: ALWAYS KEEP AN UP-TO-DATE INVENTORY Unknown devices are often conduits for 50
10.2018
an attack. It’s important to inventory all devices on your network, whether it is a server, client, printer, switch or other device, and without regard to its ownership. This includes smartphones, tablets or notebook computers that employees use to access corporate resources. Not just hardware, but also software needs to be thoroughly checked and monitored. Introducing a labelling scheme that includes categories of systems (e.g., infrastructure servers, engineering workstations and business laptops) and creating a list of allowed software for each category can go a long way to track vulnerabilities. This hardware inventory—when combined with an associated software inventory and managed configurations—will be the foundation for all of your other security efforts. STEP 2: KEEP A TAB ON CONFIGURATIONS Understanding and controlling device configurations is a key component of overall security. Improper configurations— whether deliberate or accidental—can trigger vulnerabilities. That’s why developing and actively managing secure configuration baselines for all devices will help create stronger security. A tool for controlling these will enforce the use of authorised configurations and block unauthorised changes. STEP 3: PRIORITISE VULNERABILITIES Thousands of new vulnerabilities are disclosed every year. Because not all vulnerabilities are created equal, some are trivial, while others can be disastrous, pinpointing the software that must be patched with the greatest urgency is
essential, especially with SMBs that often find themselves with limited resources. It’s important to understand how a vulnerability can be exploited so you can take a look at the assets within your organisation to figure out where patches need to be prioritised and applied. Ultimately, organisations should evolve from vulnerability management to vulnerability risk management. C
M
STEP 4: AUTOMATE ENDPOINT DEFENCES Criminals often target endpoints, so protecting your network must include an endpoint security suite. Tools should include antivirus, endpoint protection, intrusion prevention and a personal firewall. In addition, your tool should block incoming executables while controlling and limiting the use of HTML content embedded in email. Email— through attachments and web links embedded in the body of a message—is a common point of compromise. Y
CM
MY
CY
CMY
K
STEP 5: LIMIT, CONTROL ADMINISTRATIVE ACCESS The most damaging component of malicious code is the ability to run as the system administrator. If a system is infected but the damage can be controlled, the attack’s impact is manageable. However, if malicious code has full administrative access, the damage can be extreme. Limiting and controlling administrative access is thus critical to security. In many SMBs, several people often have unnecessary administrative access. That’s one of the riskiest situations. You must monitor such access and control accounts holding administrative privileges. www.tahawultech.com
On-demand Adaptation Layered Intelligence Collaboration Continuous Evolution
Software Defined Camera
Activate Intelligence
GITEX Technology Week 2018 Oct 14 – 18, 2018, DWTC, UAE Visit Us at #Z-D10, Za’abeel Hall #HWGITEX18 | enterpriseME@huawei.com
Huawei GITEX Mini-site
e.huawei.com/ae
@Huawei_ME
THE REGION’S NUMBER ONE PROVIDER OF IT SOLUTIONS
DRIVE REAL BUSINESS RESULTS WITH OUR LATEST IT TECHNOLOGIES COGNITIVE SOLUTIONS
IOT
CLOUD
SECURITY
ANALYTICS
www.gbmme.com