The Cyber Express May 2025 by The Cyber Express

Award Winning World’s Fastest Growing Cybersecurity Company

ISSUE 16

TheCyberExpress

Cyble VISION Beyond

Threat Intelligence

The Best Ai-Powered Threat INtel PLATFORM • Uncover hidden threats. • Predict and prevent attacks. • Empower informed decision-making. • Stay ahead of evolving risks. • Secure your digital ecosystem.

See Cyble Vision in Action

TheCyberExpress

ISSUE 16

Contents 6 FROM THE EDITOR

The Middle East: A Rising Star in Global Cybersecurity

10 VIEWPOINT Building a Cyber-Resilient Organization Strategies and Best Practices

14 TRENDS Navigating The Storm: Geopolitical Cyber Security Tension in Today’s World

20 CYBERVILLE Strengthening The Shield: Cybersecurity Strategies For SMEs

26 REGISTER AI and Misinformation Warfare: How Tech is Shaping the Geopolitical Landscape

30 PERSPECTIVES Building a Culture of Cybersecurity: Why Awareness and Training Matter

ISSUE 16

TheCyberExpress

36 THE COVER Achieving Cybersecurity Goals Through GRC Approach

46 DIGEST Dubai’s Strategic Integration Of Cybersecurity In Renewable Energy

52 HOT SEAT 7 Ways META Governments Are Boosting Cybersecurity

58 BOTTOMLINE Building a Secure OT Network: A Four-Phase Approach for the META Region

64 NUGGETS Promising Cybersecurity Trends in the META Region

70 INSIDER A Comparative Look at CYBERSECURITY Regulations Across the META Region

TheCyberExpress

ISSUE 16

Editorial

Management

Augustin Kurian

Rajashakher Intha

Editor-in-Chief editor@thecyberexpress.com

Director of Marketing And Product Management raj@thecyberexpress.com

Avantika Chopra Associate Editor avantika@thecyberexpress.com

Krishna Murthy Deputy Editor krishna.murthy@thecyberexpress.com

STAFF

Samiksha Jain

Ashish Jaiswal Conference Manager ashish.j@thecyberexpress.com

Anees Shaik Sponsorship Sales Manager anees.shaik@thecyberexpress.com

Magazine Producer

Priti Chaubey

samiksha.jain@thecyberexpress.com

Manager - Communications priti.c@thecyberexpress.com

Mihir Bagwe Principal Correspondent mihir.bagwe@thecyberexpress.com

Ravi Gupta SEO Analyst ravi@thecyberexpress.com

Ashish Khaitan Correspondent ashish@thecyberexpress.com

Vittal Chowdry Design Lead vittal@thecyberexpress.com

Alan Joseph Technical Writer alan.joseph@cyble.com

Image credits: Shutterstock & Freepik

*Responsible for selection of news under PRB Act. Printed & Published by Augustin Kurian, The Cyber Express LLC., The publishers regret that they cannot accept liability for errors & omissions contained in this publication, howsoever caused. The opinion & views contained in this publication are not necessarily those of the publisher. Readers are advised to seek specialist advice before acting on the information contained in the publication which is provided for general use & may not be appropriate for the readers’ particular circumstances. The ownership of trade marks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system, or transmitted in any form without the permission of the publishers in writing.

ISSUE 16

TheCyberExpress

From The Editor’s DESK Augustin Kurian Editor-in-Chief

Dear Readers, This edition of The Cyber Express focuses on the dynamic cybersecurity landscape of the Middle East—a region that has become a focal point for some of the world’s most sophisticated cyber operations. In recent years, the Middle East has witnessed a significant increase in cyber threats, ranging from statesponsored attacks to financial frauds, threatening the stability and security of its vast infrastructures. However, the response to this menace has been equally strong. The region has not only embraced advanced technological capabilities but has also fostered a culture of cyber awareness and stringent governance, setting a commendable standard for cybersecurity worldwide.

defenses. These tools are not just shields but also swords, providing the proactive capabilities needed to predict, prevent, and counter attacks before they inflict harm. Awareness is the next layer of our focus. The Middle East has made significant strides in educating its populace about the dangers lurking in the cyber realm. From national cyber awareness campaigns to mandatory cybersecurity education in schools and universities, the drive to equip every citizen with the knowledge and tools to safeguard themselves is a testament to the region’s commitment to cyber resilience.

Our journey into the heart of Middle Eastern cyber defense starts with the advanced capabilities now at the region’s disposal.

Governance, however, is what ties the region’s efforts together. Through rigorous legislative frameworks and compliance regulations, the Middle East has established a structured approach to cybersecurity, which ensures that both public and private sectors adhere to high standards of cyber hygiene.

Governments and private sectors alike have invested heavily in state-ofthe-art technologies such as artificial intelligence, machine learning, and blockchain to fortify their cyber

These laws are not static; they evolve as quickly as the threats they aim to neutralize, ensuring that the region remains a tough nut to crack for cyber adversaries.

In this edition, we explore these themes through authored articles by leading cybersecurity experts, in-depth analyses of recent cyber incidents, and discussions on the future trajectory of cyber defense strategies in the Middle East. Our goal is to provide you with a comprehensive view of how this vibrant region is securing its digital boundaries. As we navigate through these complex topics, we invite you to reflect on the lessons that can be drawn and the measures that can be implemented within your own spheres of influence. The battle against cyber threats is relentless, but with advanced capabilities, heightened awareness, and strong governance, the Middle East is setting a standard we can all aspire to. We welcome your feedback at editorial@thecyberexpress.com. Stay Informed, Stay Secure. Augustin Kurian Editor-in-Chief The Cyber Express

TheCyberExpress

ISSUE 16

ADVISORY BOARD

ISSUE 16

TheCyberExpress

David B. Cross

Jo Mikleus

Senior Vice President and CISO, Oracle

Advisory Board Convenor, The Cyber Express

Chuck Brooks President, Brooks Consulting International

Celia Mantshiyane CISO, MTN South Africa

Jane Teh SEA Cybersecurity Director - Risk Advisory, Public Speaker & Educator Deloitte

Holly Foxcroft Head of Neurodiversity, Cyber Research and Consulting, Stott and May Consulting

Lanx Goh Senior Director & Global Head of Privacy, Prudential plc

Ankur Ahuja Senior Vice President, CISO, Billtrust

Jennifer Cox Director for Ireland, Women in CyberSecurity (WiCyS) UK & Ireland

Asmae E. CISRCO, HPS

Kaustubh Medhe Vice President, Research and Cyber Threat Intelligence, Cyble Inc

Pooja Shimpi Founder, SyberNow

TheCyberExpress

ISSUE 16

VIEWPOINT

Building a Cyber-Resilient Organization Strategies and Best Practices

- By Eng. Dina Al-Salamen VP, Head of Cyber and Information Security Department at Bank ABC

In today’s interconnected digital landscape, cyber threats pose significant risks to organizations of all sizes and industries. From data breaches to ransomware attacks, the consequences of cyber incidents can be severe, including financial losses, reputational damage, and regulatory

ISSUE 16

TheCyberExpress

penalties. To effectively mitigate these risks and safeguard their operations, organizations must prioritize building cyber resilience. In this article, we’ll explore strategies and best practices for building a cyber-resilient organization.

TheCyberExpress

ISSUE 16

VIEWPOINT

Understand Your Risks

Implement Security Controls

The first step in building cyber resilience is understanding the unique risks facing your organization. Conduct a comprehensive risk assessment to identify potential threats, vulnerabilities, and their potential impact on your business operations. This assessment should encompass all aspects of your organization’s IT infrastructure, including networks, systems, applications, and data assets.

Deploy a range of security controls to protect your organization’s digital assets from cyber threats. These controls may include: •

Firewalls and Intrusion Detection Systems: Implement firewalls and intrusion detection systems to monitor and control network traffic, identifying and blocking malicious activities.

Develop a Cybersecurity Strategy

•

Endpoint Protection: Install endpoint protection solutions, such as antivirus software and endpoint detection and response (EDR) tools, to defend against malware and other malicious threats targeting end-user devices.

•

Data Encryption: Encrypt sensitive data both at rest and in transit to prevent unauthorized access and protect confidentiality.

•

Multi-Factor Authentication (MFA): Enable MFA for accessing critical systems and applications, adding an extra layer of security beyond passwords.

Based on your risk assessment, develop a robust cybersecurity strategy that aligns with your organization’s goals and priorities. This strategy should outline clear objectives, policies, and procedures for protecting against cyber threats. Key components of your cybersecurity strategy may include: •

•

Risk Management Framework: Establish a risk management framework to systematically identify, assess, and mitigate cyber risks across your organization. Security Controls: Implement a layered approach to cybersecurity by deploying a combination of preventive, detective, and responsive security controls.

•

Incident Response Plan: Develop a detailed incident response plan outlining procedures for detecting, responding to, and recovering from cyber incidents.

•

Employee Training and Awareness: Educate employees about cybersecurity best practices and raise awareness about the importance of security hygiene in everyday operations.

ISSUE 16

TheCyberExpress

Continuously Monitor and Assess FCyber threats are constantly evolving, so it’s essential to continuously monitor your organization’s security posture and assess for vulnerabilities. Implement threat detection tools and security monitoring systems to detect and respond to suspicious activities in realtime. Conduct regular security assessments, including penetration testing and vulnerability scanning, to identify weaknesses and address them proactively.

Foster a Culture of Cyber Resilience Building a cyber-resilient organization requires a collective effort from all stakeholders, from top management to frontline employees. Foster a culture of cyber resilience by promoting collaboration, accountability, and a shared responsibility for cybersecurity across the organization. Encourage open communication channels for reporting security incidents and provide support and resources for ongoing training and skill development.

Conclusion Building a cyber-resilient organization is an ongoing process that requires proactive planning, investment, and commitment from leadership and employees alike. By understanding your risks, developing a comprehensive cybersecurity strategy, implementing robust security controls, continuously monitoring and assessing your security posture, and fostering a culture of cyber resilience, you can strengthen your organization’s ability to withstand and recover from cyber threats, ensuring the continuity of your business operations in an increasingly digital world.

About Author: Eng. Dina Al-Salamen is the Vice President and Head of Cyber and Information Security. She has worked for international organizations including Arab Bank and Bank ABC for more than 17 years. Recently, she has been selected to be part of EC-Council International Advisory Board (CISO Program). She also gives keynote speeches on cybersecurity and has a genuine love for innovative technologies such as blockchain, big data, and artificial intelligence. Furthermore, she holds accreditation as a PECB Trainer and as a certified instructor by the EC-Council. She conducts several training sessions in the areas of cybersecurity, risk management, business continuity, and data privacy. Additionally, she participates in numerous advisory communities concerning cybersecurity and CBDC within Jordan’s financial sector.

TheCyberExpress

ISSUE 16

TRENDS

NAVIGATING THE STORM: GEOPOLITICAL CYBER SECURITY TENSION IN TODAY’S WORLD - By Maryam Eissa Alhammadi Head of Cyber Security Operation Center, Ministry of Interior UAE

“Cyber attacks are not new in Geo-Politics, but their frequency is rising” Critical infrastructure has become a weapon of war and the consequences are fundamental and extreme.

ISSUE 16

TheCyberExpress

ISSUE 16

DIGEST TRENDS

Understanding the Landscape of Geopolitical Cyber Security In today’s interconnected world, nations are facing increasing challenges in the realm of cyber security. The digitization of critical infrastructure and government operations has made countries more vulnerable to cyber attacks. As a result, geopolitical cyber security tensions between nations have been on the rise. In the ever-evolving arena of international relations, the role of cyberspace has become increasingly prominent. Geopolitical cyber security tension refers to the ongoing struggle between nations to secure their digital assets and infrastructure while simultaneously leveraging these assets for strategic advantage.

The Rise of Cyber Warfare As countries become more interconnected through the internet, the potential for cyber attacks has grown signifi cantly. From disrupting critical infrastructure to stealing sensitive information, cyber warfare has the power to inflict serious harm on a nation’s security and stability. The Stakes at Play In today’s world, the lines between physical and digital warfare are becoming blurred. As countries invest in building strong cyber capabilities, the potential for conflict in cyberspace continues to rise. The consequences of a successful cyber attack can be catastrophic, with the potential to disrupt entire economies and societies. Geopolitical factors play a crucial role in shaping cyber security tensions between nations. Issues such as territorial disputes, ideological differences,

ISSUE 16

TheCyberExpress

and economic competition can all fuel cyber conflicts. Understanding the geopolitical dynamics at play is essential for navigating the complex world of cyber security. The Impact of Geopolitical Cyber Security Tensions Geopolitical cyber security tensions have farreaching consequences, aff ecting not only government agencies but also businesses and individuals. Cyber attacks have the potential to disrupt essential services, compromise sensitive data, and even destabilize entire economies. As nations engage in cyber warfare, the stakes are higher than ever before. Strategies for Mitigating Geopolitical Cyber Security Tensions To navigate the complex landscape of geopolitical cyber security tensions, nations must prioritize collaboration and information sharing. By working together to address common threats and vulnerabilities, countries can strengthen their defenses against cyber attacks. Additionally, investing in robust cyber security measures and staying vigilant against emerging threats are critical steps in safeguarding national interests. The Role of International Cooperation in Cyber Security International cooperation plays a crucial role in mitigating geopolitical cyber security tensions. Through partnerships and agreements, countries can enhance their cyber capabilities and respond more effectively to cyber threats. By fostering a culture of transparency and trust, nations can lay the groundwork for a more secure and stable digital environment.

Economic Impact of Cyber at tacks In the face of escalating cyber threats, nations must adopt a proactive approach to cyber security. Investing in robust defense mechanisms, promoting international cooperation, and fostering a culture of cyber resilience are key steps towards addressing geopolitical cyber security tension. •

Rising cyber security geopolitical tensions between countries is a major issue in today’s world. As countries become more connected and more reliant on digital infrastructure, the likelihood of cyberattacks and cyberespionage between countries increases.

•

These tensions can arise from a variety of factors, such as political disputes, economic competition, military conflicts and intelligence operations. Nations are increasingly leveraging cyber capabilities to gain competitive advantage, disrupt or destabilize adversaries, and gather intelligence.

•

Over time, state-sponsored cyberattacks have become increasingly sophisticated and effective. Examples include the Stuxnet attack on Iran’s nuclear program, the NotPetya attack attributed to Russia, and the SolarWinds supply chain attack believed to have been

orchestrated by Russian state actors. These incidents highlight the potential for cyber operations to have profound impacts on national security and the global economy.

TheCyberExpress

ISSUE 16

DIGEST TRENDS

Collaboration & Information Sharing Collaboration and information sharing among businesses in the cyber domain are crucial for fostering a robust and collective defense against the myriad challenges posed by cyber threats. •

Rising tensions between nations could lead to an escalation in cyber activity, including attacks on critical infrastructure, government networks, military systems, and private sector organizations. Such activity may result in data breaches, service disruptions, intellectual property theft, and threats to national security.

Various international organizations such as the United Nations are working to develop frameworks and protocols to govern the behavior of states in cyberspace. However, progress has been slow and confidence-building measures remain a challenge. •

To address these tensions, organizations and governments must prioritize cyber defense and resilience. This includes robust cybersecurity measures, threat intelligence sharing, incident response capabilities and international cooperation. Public-private partnerships are also critical to address the evolving cyber threat landscape and build resilience against nation-state cyber threats

Efforts continue to reduce these tensions and establish norms of behavior in cyberspace.

About Author: As the Head of the Cybersecurity Operations Center at the Ministry of Interior, Maryam Eissa Alhammadi excels in leadership, communication, and problemsolving. Her extensive experience and dedication foster a hard-

ISSUE 16

TheCyberExpress

working and unified unit, ensuring smooth operations even in the face of complex challenges. She also serves as the MOI CIS Benchmarking Chairman, setting standards and ensuring compliance within the organization.

Maryam holds the position of Chairman of the AD Political Science Alumni Council, fostering connections within the alumni community. Additionally, she is Vice Chairman of the MOI Project Management Team, playing a pivotal role in steering strategic initiatives to success.

TheCyberExpress

ISSUE 16

CYBERVILLE

STRENGTHENING THE SHIELD:

CYBERSECURITY

Strategies for SMEs - By Abhilash Radhadevi Head of Cybersecurity at OQ Trading

In a progressively digital world, small and medium sized enterprises (SMEs) are not immune to cyber threats. Despite their size, SMEs are prime targets for cyberattacks due to their limited resources and perceived vulnerability.

ISSUE 16

TheCyberExpress

Therefore, implementing robust cybersecurity strategies is imperative to safeguard sensitive data, maintain customer trust, and ensure business continuity.

This article delves into five essential cybersecurity strategies tailored to SMEs, emphasizing their importance, and providing cost effective solutions.

TheCyberExpress

ISSUE 16

CYBERVILLE

Employee Education and Training One of the most critical cybersecurity strategies for SMEs is ensuring that employees are educated and trained in cybersecurity best practices. Human error remains a significant factor in cyber incidents, making cybersecurity awareness training indispensable. Employees should be educated on recognizing phishing attempts, creating strong passwords, and understanding the importance of software updates. Importance: Employees serve as the first line of defence against cyber threats, they are also the weakest links in cybersecurity. By educating them, SMEs can significantly reduce the risk of successful cyberattacks. Solutions: Implement regular cybersecurity training sessions for all employees, covering topics such as identifying suspicious emails, safe internet browsing practices, and responding to security incidents. Utilize online training resources and simulations to reinforce learning effectively. You can develop internal cybersecurity awareness materials using free or low cost presentation tools such as Google Slides or Microsoft PowerPoint. Create engaging presentations covering topics like identifying phishing emails, password best practices, and responding to security incidents. Additionally, leverage free online resources such as cybersecurity blogs, webinars, and tutorials to supplement

ISSUE 16

TheCyberExpress

employee training efforts. Encourage participation in online courses offered by reputable cybersecurity organizations, some of which may be available at no cost.

Implementing Multi-Factor Authentication (MFA) Multifactor authentication (MFA) adds an extra layer of security by requiring users to provide multiple forms of verification before accessing sensitive data or systems. This strategy helps mitigate the risk of unauthorized access, even if passwords are compromised. Importance: Passwords alone are no longer sufficient to protect against cyber threats. MFA significantly enhances security by requiring additional authentication factors, such as biometric data or one-time codes. Solutions: Implement MFA for all accounts with access to sensitive information or critical systems. Many cloudbased services and software applications offer builtin MFA capabilities, making implementation relatively straightforward and cost effective. Utilize built-in MFA features provided by cloud-based services and software applications, many of which offer MFA functionality at no additional cost. Implement open source MFA solutions that can be customized to fit the organization’s specific needs without incurring licensing fees. Alternatively, explore low-cost MFA options offered by third-party providers, ensuring compatibility with existing systems and scalability as the business grows.

Regular Data Backups

Network Security Measures

Data loss can have devastating consequences for SMEs, ranging from financial losses to reputational damage. Regularly backing up data is essential for mitigating the impact of ransomware attacks, hardware failures, or accidental deletions.

Securing the network infrastructure is crucial for protecting against external threats and unauthorized access.

Importance: Data backups serve as a safety net, allowing SMEs to recover quickly in the event of a cyber incident. Without backups, businesses risk permanent loss of valuable information. Solutions: Automate regular backups of critical data to secure cloud storage or offline storage devices. Utilize backup solutions that offer versioning capabilities, allowing businesses to restore data to previous states if necessary. Utilize cloud based backup solutions that offer affordable storage options and automated backup scheduling. Leverage free or low cost backup software with basic features for backing up critical data to secure cloud storage or external hard drives. Implement a combination of full and incremental backups to optimize storage space and minimize backup times. Explore open source backup solutions that provide flexibility and customization options without the need for expensive proprietary software.

SMEs should implement robust network security measures, such as firewalls, intrusion detection systems (IDS), and virtual private networks (VPNs). Importance: Networks are prime targets for cyberattacks, making network security measures essential for preventing unauthorized access and data breaches. Solutions: Deploy firewalls to monitor and control incoming and outgoing network traffic. Implement IDS to detect and respond to suspicious activities within the network. Utilize VPNs to encrypt data transmissions and establish secure connections for remote workers. Implement open source firewall solutions that provide robust network protection without the high cost associated with commercial firewalls. Utilize free or low cost intrusion detection system (IDS) software that offers essential features such as real time monitoring and threat detection. Explore cost effective virtual private network (VPN) solutions tailored to SMEs’ needs, such as subscription based services with affordable pricing plans and easy deployment for remote workers.

TheCyberExpress

ISSUE 16

CYBERVILLE

ISSUE 16

TheCyberExpress

Regular Security Assessments and Updates Cyber threats are constantly evolving, requiring SMEs to stay vigilant and proactive in their cybersecurity efforts. Regular security assessments and updates help identify vulnerabilities and ensure that systems and software are up to date with the latest security patches. Importance: Cyber threats are continuously evolving, making regular security assessments and updates essential for maintaining strong cybersecurity posture. Solutions: Conduct regular security assessments to identify potential vulnerabilities in systems, networks, and applications. Develop and implement a patch management strategy to ensure that software and firmware updates are applied promptly. Conduct internal security assessments using free or low cost vulnerability scanning tools to identify potential weaknesses in systems and networks. Utilize open source penetration testing frameworks to simulate cyberattacks and assess the effectiveness of existing security measures. Implement a systematic approach to applying security patches and updates, leveraging free tools provided by software vendors or community driven initiatives. Additionally, establish internal processes for monitoring security advisories and alerts issued by relevant authorities to stay informed about emerging threats and vulnerabilities. In conclusion, cybersecurity is a critical concern for SMEs in today’s digital landscape. By implementing the strategies explained above, SMEs can significantly enhance their cybersecurity posture without breaking the bank. Investing in cybersecurity is not only essential for protecting sensitive data and maintaining business operations but also for safeguarding the long-term viability and reputation of SMEs in an increasingly interconnected world.

About Author: Abhilash Radhadevi, a seasoned cybersecurity leader, serves as the Head of Cybersecurity at OQ Trading, bringing over two decades of comprehensive experience in the Banking, Financial, Oil and Energy sectors. Widely recognized for his adept leadership, Abhilash has effectively steered international organizations through intricate security challenges. His illustrious career includes spearheading pioneering cybersecurity strategies, resulting in prestigious awards and acclaim. Beyond his professional achievements, Abhilash maintains a global influence and demonstrates unwavering commitment to mentoring, showcasing his dedication to shaping the future landscape of cybersecurity.

TheCyberExpress

ISSUE 16

AI and Misinformation Warfare: How Tech is Shaping the Geopolitical Landscape - By Dr. Hoda A. Alkhzaimi President, Emirates Digital Association for Women, Co-Chair for Global Future Council for Cyber Security, World Economic Forum

The technological prowess of small nations is increasingly recognized as a significant driver of global economic power. This is because technology is a great equalizer; it can enable small nations to leapfrog development stages and compete on a global scale.

ISSUE 16

TheCyberExpress

For instance, the UNCTAD Technology and Innovation Report 2021 highlights that frontier technologies like AI, robotics, and biotechnology have the potential to significantly boost sustainable development, while also posing the risk of widening

the digital divide. Small nations, by embracing these technologies, can foster innovation, improve productivity, and create high-value industries that contribute to global trade and economic growth.

TheCyberExpress

ISSUE 16

REGISTER Moreover, the digital transformation allows for the democratization of information and resources, enabling smaller economies to participate in markets traditionally dominated by larger countries. The OECD also emphasizes the role of SMEs in adapting to a more open and digitalized environment, which is essential for inclusive globalization. Therefore, the technological development of small nations is not just about national progress; it’s about contributing to and shaping the global economic landscape. By investing in technology and innovation, small nations can assert their presence on the world stage, influencing global trends and economic policies. Cyber conflicts have emerged as a significant factor in international relations, influencing the dynamics of power in the digital age. The Atlantic Council’s Cyber Statecraft Initiative highlights the shift from traditional deterrence strategies to more proactive measures like Defend Forward and Persistent Engagement, reflecting the evolving nature of cyber threats. Research published in Armed Forces & Society suggests that cyber conflicts, termed ‘cool wars’, are reshaping interactions between states, with denial-of-service attacks and behaviourchanging tactics significantly affecting state relations. Moreover, the ICRC has raised concerns about the protection of civilians from cyber threats during armed conflicts, emphasizing the need for legal and policy frameworks to address the digital risks in warfare. The CyberPeace Institute’s analysis of cyberattacks in the context of the Ukraine conflict provides valuable data on the harm to civilians and the evolution of cyber threats. Additionally, the European Repository of Cyber Incidents offers an extensive database of cyber incidents,

ISSUE 16

TheCyberExpress

which can serve as a resource for understanding the scope and impact of cyber warfare. These insights underscore the importance of cyber capabilities in asserting influence and the need for robust cyber defence mechanisms to safeguard national security and civilian welfare in the face of digital threats. The interplay between cyber operations and political power is complex, and as technology continues to advance, the implications for international stability and power hierarchies will likely become even more pronounced.

The Role of Misinformation and Disinformation in Cyberconflict Misinformation and disinformation play a critical role in the landscape of cyberconflict, shaping public perception and influencing the dynamics of geopolitical tensions. A report by Full Fact highlights the detrimental impact of false information on democratic societies, emphasizing the need for informed citizenship to combat the spread of such information. Similarly, data from UNESCO underscores the pervasive risk of encountering disinformation across various media platforms, with statistics indicating a significant trust deficit in media and an increase in the manipulation of news consumption. The cybersecurity sector also recognizes disinformation as a substantial threat, with a study by the Institute for Public Relations revealing that 63% of Americans view disinformation as a major societal issue, and nearly half of cybersecurity professionals consider it a significant threat to security. These concerns are echoed globally, as a survey found that over 85% of people worry about the impact of online disinformation on their country’s politics.

The intertwining of misinformation, disinformation, and cyberconflict presents a complex challenge that requires a multifaceted approach, including media literacy, regulatory frameworks, and international cooperation to mitigate its effects and safeguard information integrity.

Rapid Alert System and the promotion of fact-checking and media literacy programs. In the United States, the Brennan Center for Justice advocates for active monitoring of false election information and collaboration with internet companies to curb digital disinformation.

The Role of Big Tech in Cyberconflict Interplay

Additionally, the North Carolina State Board of Elections (NCSBE) provides guidelines for the public to critically assess the credibility of election news sources and encourages the use of reputable outlets. These initiatives represent a multifaceted approach to safeguarding the integrity of elections by enhancing public awareness, improving digital literacy, and fostering collaboration between governments, tech companies, and civil society.

The role of big tech companies in cyber conflict is a complex and evolving issue. These companies often find themselves at the forefront of cyber conflict, whether as targets, mediators, or sometimes even participants. For instance, during civil conflicts, digital technologies have been used to recruit followers, finance activities, and control narratives, posing additional challenges for peacemakers. The explosive growth of digital technologies has also opened new potential domains for conflict, with state and non-state actors capable of carrying out attacks across international borders, affecting critical infrastructure and diminishing trust among states. In response to the invasion of Ukraine, big tech companies played crucial roles in addressing information warfare and cyber-attacks, showcasing their significant influence during times of conflict. Moreover, the technological competition between major powers like the United States and China further highlights the geopolitical dimension of big tech’s involvement in cyber conflict. These instances underscore the need for a robust framework to manage the participation of big tech in cyber conflict, ensuring that their capabilities are harnessed for peace and security rather than exacerbating tensions.

Hedging the Risks of Using AI and Emerging Tech To Scaleup Misinformation and Global Cyberconflicts In response to the growing threat of election misinformation, various initiatives have been undertaken globally. The World Economic Forum has identified misinformation as a top societal threat and emphasized the need for a concerted effort to combat it, especially in an election year with a significant global population going to the polls. The European Union has implemented a voluntary code of practice for online platforms to take proactive measures against disinformation, including the establishment of a

In the ongoing battle against election misinformation, several key alliances and actions have been formed. Notably, the AI Elections Accord was proposed for public signature at the Munich Security Conference on February 16, 2024. This accord represents a commitment by technology companies to combat deceptive AI content in elections. In a similar vein, Meta established a dedicated team on February 26, 2024, to address disinformation and the misuse of AI leading up to the European Parliament elections. Furthermore, the Federal Communications Commission (FCC) in the United States took a decisive step by making AI-generated voices in robocalls illegal on February 8, 2024, to prevent their use in misleading voters. These measures reflect a growing recognition of the need for collaborative efforts to safeguard the integrity of elections in the digital age. The alliances and regulations are pivotal in ensuring that the democratic process remains transparent and trustworthy amidst the challenges posed by advanced technologies.

About Author: Dr. Hoda Alkhzaimi is an experienced, motivated and innovative leader in industrialization, economic development, green field projects development and tech development. With over seventeen years of successfully driven numerous technological investments internationally and Locally especially in in the UAE. She has successfully led various projects towards achieving strategic, financial and operational efficiencies and synergies worldwide. She has a particular focus in leading and motivating tech-based industrial investments globally.

TheCyberExpress

ISSUE 16

PERSPECTIVES

Building a Culture of

Cybersecurity:

Why Awareness and Training Matter - By Sithembile (Nkosi) Songo Chief Information Security Officer, ESKOM

According to the Ultimate List of Cybersecurity Statistics, 98% of cyber attacks rely on social engineering. Social engineering and phishing attacks tactics keep on evolving and targeting a diversified audience form executives to normal employees. Advanced phishing

ISSUE 16

TheCyberExpress

attacks that can be launched using GEN AI. There is also a shift in motivation behind these attacks, such as financial gain, curiosity or data theft. Recent attacks have shown that cyber criminals continue to use

various social engineering tricks, exploiting human weaknesses. Attackers are evolving from only exploiting technology vulnerabilities such as using automated exploits to initiate fraudulent transactions, steal data, install malware and engage in other malicious activities.

TheCyberExpress

ISSUE 16

PERSPECTIVES

Furthermore, it is a well-documented fact that people are deemed to be the weakest link in the cybersecurity chain. Traditional security controls put more focus on the technical vulnerabilities as opposed to the human related vulnerabilities. Threat actors are transitioning from traditional system and or technology related cyber-attacks to human based attacks. The cyber criminals have identified and are now taking advantage of uninformed or untrained workforce by exploiting the human related vulnerabilities. Employees often make it too easy by posting a huge amount of information about themselves, including daily status, activities, hobbies, travel schedule and their network of family and friends. Even small snippets of information can be aggregated together. Bad guys can build an entire record on their targets. Employees, especially those that are targeted, should limit what they post. Bad guys leverage on other weaknesses, such as the improper destruction of information through dumpster diving and unencrypted data.The three most common delivery methods are email attachments,

ISSUE 16

TheCyberExpress

websites and USB removable media. Properly implemented USB policies and trained users can identify, stop and report phishing attacks. Well-educated workforces on all the different methods of social engineering attacks are more likely to identify and stop the delivery of these attacks. While malicious breaches are the most common, inadvertent breaches from human error and system glitches are still the root cause for most of the data breaches studied in the report. Human error as a root cause of a breach includes “inadvertent insiders” who may be compromised by phishing attacks or have their devices infected or lost/stolen Entrenching a security conscious culture is therefore extremely important in today’s digital age. Cyber awareness is of utmost importance in today’s digital age.

What is Security Culture? Security culture is the set of values shared by all the employees in an organization, which determine how people are expected to perceive and approach security.

It is the ideas, customs and social behaviours of an organization that influence its security. Security culture is the most crucial element in an organization’s security strategy as it is fundamental to its ability to protect information, data and employee and customer privacy. Perception about cybersecurity has a direct impact to the security culture. It could be either positive or negative. It’s deemed to be positive if information security is seen as a business enabler and viewed as a shared responsibility instead of becoming the CISO’s sole responsibility. On other hand it’s perceived negatively if security viewed a hindrance or a showstopper to business or production. A sustainable security culture requires care and feeding. It is not something that develops naturally, it requires nurturing, relevant investments. It is bigger than just adhoc events. When a security culture is sustainable, it transforms security from ad-hoc events into a lifecycle that generates security returns forever. Security culture determines

what happens with security when people are on their own. Do they make the right choices when faced with whether to click on a link? Do they know the steps that must be performed to ensure that a new product or offering is secure throughout the development life cycle. Security culture should be engaging and delivering value because people are always keen to participate in a security culture that is co-created and enjoyable. Furthermore, for people to invest their time and effort, they need to understand what they will get in return. In other words, it should provide a return on investment, such as improving a business solution, mitigating risks associated with cyber breaches. Culture change can either be driven from the top or be a bottomup approach, depending on the composition and culture of the organization. A bottom-up approach rollout allows engaged parties to feel they are defining the way forward rather than participating in a large prescriptive

corporate program, while support from the top helps to validate the change, regardless of how it is delivered. In particular, a top-down mandate helps to break down barriers between various business functions, information security, information technology, development team, operations, as well as being one of the few ways to reach beyond the technical teams and extend throughout the business. Organizations that have a Strong Cybersecurity culture have the following: •

Senior leadership support from Board and Exco that echo the importance of cybersecurity within the organization.

•

Defined a security awareness strategy and programme, including the Key Performance Indicators (KPIs).

•

Targeted awareness campaigns which segment staff based on risk. Grouping users by risk allows for messages and the frequency of messages to be tailored to the user group.

•

A cybersecurity champion programme which allows for a group of users embedded in the organization to drive the security message.

•

Usage of various of mediums to accommodate different types of people who learn differently.

•

Employees are always encouraged to report cybersecurity incidents and they know where and how and to report incidents.

•

Creating an organizational culture where people are encouraged to report mistakes could be the difference between containing a cyber incident or not.

•

Measurements to test effectiveness: This is often done with phishing simulations.

•

Employees have a clear understanding of what acceptable vs what is not acceptable.

•

Information security becomes a shared responsibility instead of CISO’s sole responsibility.

TheCyberExpress

ISSUE 16

DIGEST PERSPECTIVES The below image depicts percentage of adopted awareness capabilities

Security architecture principles such as Defence in Depth, the failure of a single component of the security architecture should not compromise the security of the entire system. A defense-in-depth mechanism should be applied to mitigate phishing related risks. This approach applies security in different layers of protection, which implies that if one control fails the next layers of controls will be able to block or stop the phishing attack. The controls involve a combination of people, processes and technologies. User behavior analytics (UBA) should be used to augment the awareness programme by detecting insider threats, targeted attacks, and financial fraud and track users’ activities. Advanced our phishing attack simulations by using GEN AI based simulations should also be conducted to combat advanced phishing attacks. Possible Measurements There are several measures that can be applied to measure the level of a security conscious culture: •

Employees attitudes towards security protocols and issues.

•

Behaviour and actions of employees that have direct and indirect security implications.

•

Employees understanding, knowledge and awareness of security issues and activities.

ISSUE 16

TheCyberExpress

•

How communication channels promote a sense of belonging and offer support related to security issues and incident reporting.

•

Employee knowledge, support and compliance to security policies, standards and procedures.

•

Knowledge and adherence to unwritten rules of conduct related to security.

•

How employees perceive their responsibilities as a critical success factor in mitigating cyber risks.

Conclusion According to Gartner, by 2025, 40% of cybersecurity programs will deploy socio-behavioural principles (such as nudge techniques ) to influence security culture across the organization. Recent human based cyber-attacks, together AI enabled phishing attacks, make it imperative to tighten human based controls. Promoting a security conscious culture will play a fundamental role in transforming people from being the weakest into the strongest link in the cybersecurity chain. Building a cybersecurity culture is crucial because it ensures that everyone understands the importance of cybersecurity, adherence to the relevant information security policies and procedures, increase the level of vigilance and mitigate risks associated with data breaches. Furthermore a strong cybersecurity culture fosters better collaboration, accountability and improved security maturity.

About Author: Ms. Sithembile Songo holds a Master of Science in Information Security from the University of London and cyber security professional certifications. She is a Chief Information Security Officer, CISO, heading the information security pillar at the state-owned energy entity, which produce 95% of South Africa’s electricity. Her strategic role primarily focuses on protecting the national critical infrastructure from potential cyber-attacks and ensure that cyber security issues do not contribute to the organizational challenges. She has been specializing in information security for more than 20 years now and her experience is augmented by several leadership roles in both public and private sectors, including Financial, Telecom, Public Sector, Consulting firm, Energy sector and other State-owned entities.

TheCyberExpress

ISSUE 16

THE COVER

ACHIEVING CYBERSECURITY GOALS THROUGH

GRC APPROACH - By Anoop Kumar Head of Information Security Governance Risk & Compliance at Gulf News

We are becoming ever more dependent on technology and digitization. As data increases in importance and volume, data protection and privacy are essential to safeguard the integrity of the systems we all use and depend on. Hence, our Resilience in terms of People, Process and Technology is very vital.

ISSUE 16

TheCyberExpress

Actors with ill intent never rest and are constantly evolving, so consumers, firms and governments will need to keep investing time, energy and money to stay ahead of the game. Cybersecurity solutions represent a powerful megatrend over the coming decades in both relevance and growth.

TheCyberExpress

ISSUE 16

THE COVER

The Problem Most of the organizations are firefighting with: • • • • • • • • • • • • • •

Too many incidents and faults Uncontrolled budget Uncontrolled projects Operational surprises and unexpected downtime Lack of compliance Uncontrolled removable media use Abused identity privileges Too long, too expensive Audits and unacceptable audit results Lot of rework Lack of ownership and accountabilities Poor customer service, both internal and external Expensive incident response activities Firefighting IT No transparency and visibility

We must consider a program to reduce operational complexities and surprises to concrete business sustainability and cyber resilience.

The program Cybersecurity GRC by design: Educate boardroom, a top down approach and enable from bottoms up. The frequency and negative impact of cybersecurity incidents on organizations continues to rise, undermining the confidence of the board and executives in their cybersecurity strategies. Security GRC by design is increasingly being adopted to enable stakeholders to draw a straight line between cybersecurity investment and the delivered Protection and improved Compliance levels it generates. We must consider Cybersecurity GRC by design to creating a defensible cybersecurity investment strategy, reflecting agreed protection levels with powerful properties, and in simple language that is explainable to non-IT executives. This provides a credible and defensible expression of risk appetite that supports direct investment to change protection levels. Also results in Reduced operation Cost, Risk and improved Performance. Here the relation among CXOs is key to convert the challenges to opportunities. Example: CIO-CFO always have communication gaps and disagreements in terms of ROI.

ISSUE 16

TheCyberExpress

Process to be agreed up on

Define and agree a pipeline with required controls

A well-defined process with adequate guidelines can create wonders in operations. Hence, draft a step by step process activities with defined roles and responsibilities. Slowly define and agree KPIs, but let all stakeholders embrace the process first. A collectively agreed process execution result in improved confidence among all signing authorities. How can we define this from concept stage to delivery stage with successful operational handover with desired compliance to both internal and external standards expectations? Let us define them:Define and agree a Concept Note Define and Distribute RFP Evaluate Product / Solutions Define and Agree a Must & Want Assess Strategical Risk Assess People Risk Assess Financial Risk Assess Architectural Risk Define and Approve Business Case Run Project Audit Project Phases Manage Changes Asses Compliance Manage Incidents and Problems Manage Issues and Risks Handover to Operations

People area of concern In order to define and agree a collective Cybersecurity GRC by design model, we must identify stakeholders from different organizational units to work together for a common goal(a cross functional team of HR, Finance, Legal, IT, GRC etc…). Educate them with a collectively agreed process with defined KPIs. This is achieved through a business process walkthrough to identify which people are involved and what data being operated (input and output).

Technology Consider a social technical environment: Where everyone’s culture and practices are embraced and aligned for better outcome. Agree on a paced layered technical architecture for agility.

Run Post Project reviews

TheCyberExpress

ISSUE 16

THE COVER

Key considerations while selecting Technology solutions Generative AI: a double sided sword we need to operate by adequate Governance Cybersecurity leaders need to prepare for the swift evolution of GenAI, as large language model (LLM)applications like ChatGPT and Gemini are only the start of its disruption. Simultaneously, those are overwhelming with promises of productivity increases, skills gap reductions and other new benefits for cybersecurity. Is that wise using GenAI through proactive collaboration with business stakeholders to support the foundations for the ethical, safe and secure use of this disruptive technology? There’s solid long-term hope for the technology, but right now we’re more likely to experience prompt fatigue than two-digit productivity growth. Things will improve, so encourage experiments and manage expectations, especially outside of the security team by providing nonproduction environment like technical labs. Embrace innovations. Manage Third-Party Cybersecurity Risk: The inevitability of third parties experiencing cybersecurity incidents is pressuring security leaders to focus more on resilienceoriented investments and move away from front loaded due diligence activities. We must consider enhancing risk management (continuous) of third-party services and establish mutually beneficial relationships with important external partners, to ensure their most valuable assets are continuously safeguarded and start by strengthening contingency plans for third-party engagements that pose the highest cybersecurity risk by creating thirdparty-specific incident playbooks, conduct tabletop exercises and define a clear off-boarding strategy involving timely revocation of access and destruction of data. Continuously assess both internal and external attack surfaces: Continuous threat exposure management (CTEM) is a pragmatic and systemic approach we must practice to continually evaluate the accessibility, exposure and exploitability of digital and physical assets. Aligning assessment and remediation scopes with threat vectors or business projects rather than an infrastructure component, highlights vulnerabilities and unpatchable threats to reduce

ISSUE 16

TheCyberExpress

breaches. Security leaders must continuously monitor hybrid digital environments to enable early identification and optimal prioritization of vulnerabilities to help maintain a hardened organizational attack surface. Manage and Govern Identities: We are forced to move to an identity-first approach security, the focus shifts from network security and other traditional controls to IAM, making it critical to cybersecurity and business outcomes. Hence, the increased role for IAM in security programs, practices must evolve to focus more on fundamental hygiene and hardening of systems to improve resilience. We must focus on strengthening and leveraging our identity fabric and leverage identity threat detection and response to ensure IAM capabilities are best positioned to support the breadth of the overall security program

Conclusion This program intend to create a social technical collectively accepted approach to reduce operational cost, complexities, risk and improve operational performance and compliance. Here every stakeholders have a role to play with adequate responsibility. A well understood process with a cross functional team equipped with right technology can make wonders.

About Author: Anoop Kumar, Head of Information Security Governance, Risk, and Compliance at GulfNews, Al Nisr Publishing, brings over 25 years of experience in Information Technology (IT) GRC management to ensure robust project management, operational risk management, cost reduction, and improved performance in people, processes, and technology. He has a proven track record of enabling business-based decisions by defining Information Security Governance, Risk, and Compliance (GRC) strategies, including Cyber Security Framework implementation, and mitigating technology vulnerabilities and risks through effective risk and vulnerability management programs, vendor management, and organizational leadership.

TheCyberExpress

ISSUE 16

FORESIGHT

Redefining Cybersecurity Frontlines AI-Enhanced Operations and the Future of L1 Analysts - By Abdulla Bader Al Seiari Chief Executive Officer (CEO), Cyber 50 Defense – L.L.C. – O.P.C.

In an era marked by rapid technological advancement and escalating cyber threats, the strategic integration of Artificial Intelligence (AI) into cybersecurity operations emerges as a pivotal industry trend.

ISSUE 16

TheCyberExpress

This evolution promises not only to transform traditional defense paradigms but also to redefine the roles and responsibilities of Level 1 (L1) cybersecurity analysts.

TheCyberExpress

ISSUE 16

FORESIGHT

Strategic Imperatives for AI Adoption in Cybersecurity The digital threat landscape is characterized by its complexity and dynamism, challenging the traditional cybersecurity frameworks and necessitating a more agile and intelligent response mechanism. AI’s role in this context is twofold: augmenting human capabilities and enabling more sophisticated, real-time threat detection and mitigation strategies.

The Transformative Impact of AI on L1 Analysts •

Operational Efficiency: Leveraging AI for routine and volumetric threat detection tasks enhances operational efficiency, allowing analysts to concentrate on higherorder problem-solving and strategic decision-making.

•

Continuous Monitoring: AI’s capability for 24/7 surveillance addresses the limitations of humancentric monitoring, ensuring a proactive stance against potential security breaches.

•

Accuracy and Reliability: By minimizing human error, AI contributes to a more reliable threat detection process, underpinning a robust cybersecurity defense mechanism.

A Collaborative Future The narrative surrounding AI in cybersecurity transcends the simplistic notion of technology replacing human roles. Instead, it emphasizes a symbiotic relationship where AI enhances the analytical and operational capacities of L1 analysts. This collaborative approach envisions:

•

Elevated Analytical Roles: Analysts are liberated from the constraints of monitoring and preliminary analysis, enabling a focus on complex, strategic issues that demand expert judgment and creative problem-solving.

•

Continued Professional Development: The shift in responsibilities encourages L1 analysts to pursue advanced training and skill acquisition in areas such as threat intelligence, incident response, and cybersecurity policy, ensuring career growth and adaptation in a changing technological landscape.

ISSUE 16

TheCyberExpress

•

Strengthened Cyber Defenses: The integration of AI into cybersecurity operations fosters a more agile and resilient defense ecosystem, capable of responding to sophisticated threats with unprecedented speed and accuracy.

Conclusion The strategic integration of AI into cybersecurity heralds a new era for L1 analysts and the broader industry. This evolution is not a displacement but an enhancement of human capabilities, ensuring that cybersecurity professionals remain at the forefront of technological innovation and defense strategies.

About Author With an impressive 13-year tenure in governmental sectors, Abdulla Bader Al Seiari has cultivated a profound understanding of governmental intricacies and strategic organizational directives. Having transitioned this extensive expertise to the private sector, he currently serve as the Chief Executive Officer at a leading cybersecurity firm. His leadership style, defined by a visionary approach and unwavering commitment to objectives, has been acknowledged with numerous accolades. Moreover, his career serves as a testament to my steadfast dedication to excellence and influential leadership in both public and private domains.

TheCyberExpress

ISSUE 16

DIGEST

DUBAI’S STRATEGIC

Integration of Cybersecurity in Renewable Energy - By Avantika Chopra

Dubai is positioning itself as a global leader in sustainability and innovation, spearheading an ambitious push to reshape the future of energy. At the center of this effort is the Mohammed bin Rashid Al Maktoum Solar Park, projected to be one of the world’s largest solar projects with an expected capacity of 5,000 megawatts by 2030.

ISSUE 16

TheCyberExpress

Alongside this significant project, the Dubai Clean Energy Strategy 2050 outlines a firm pledge: to generate 75% of the city’s energy from renewable sources by the middle of the century. The shift toward a more sustainable future begins with embracing advanced technologies such as the Internet of Things (IoT),

artificial intelligence (AI), and cloud computing. These tools are key to increasing efficiency and reducing environmental impact, but they also bring new challenges. The interconnected nature of these technologies means that cybersecurity is more crucial than ever, as vulnerabilities could affect the entire energy infrastructure.

TheCyberExpress

ISSUE 16

DIGEST Highlighted in the Boston Consulting Group report, the UAE is poised to invest $20 billion in digital technology over the next three years, spanning IT, telecoms, and emerging fields such as AI, IoT, blockchain, and robotics. Dubai’s expansion into renewable energy is not merely about innovation but about assuming a leadership role in global sustainability. This journey involves integrating groundbreaking technologies while ensuring the reliability and security of the city’s energy systems. The Dubai Cyber Security Strategy 2023, with its comprehensive cybersecurity measures, stands as a pivotal element in this mission, strengthening critical infrastructure against cyber threats. By embedding these measures within its renewable energy initiatives, Dubai not only advances its infrastructure but also reinforces its commitment to a sustainable future on a global scale.

Role of Advanced Technologies in Dubai’s Energy Infrastructure The reliance on advanced technologies such as IoT, AI, and cloud computing is transforming Dubai’s energy infrastructure into a highly interconnected and intelligent network. Here’s a deeper look at how these technologies is being integrated: Internet of Things (IoT) Launched in October 2017 as part of the Smart Dubai initiative, Dubai’s IoT strategy is more than just a plan— it’s a vision for the future. This strategy aims to position Dubai as a global leader in IoT technology and rests on six strategic domains: governance, management, acceleration, deployment, monetization, and security.

Coursera, in collaboration with YouGov, revealed strong AI adoption among UAE businesses: 83% were prepared to integrate generative AI into their operations. Additionally, 82% of the surveyed group, which included over 500 business leaders in the UAE, had already incorporated AI into their existing offerings, with 51% reporting extensive implementation across all functions. Undoubtedly, artificial intelligence has seen remarkable progress and is poised to be a key component of future advancements. AI’s impact on predictive maintenance and operational efficiency is transformative. By employing machine learning algorithms, AI can preemptively identify potential equipment failures, significantly reducing downtime and prolonging the life of costly infrastructure. Additionally, AI plays a crucial role in optimizing energy production from renewable sources, skillfully analyzing weather patterns to fine-tune output, ensuring maximum efficiency.

Cloud Computing CAs Dubai pushes forward with its renewable energy initiatives, it’s also grappling with a range of cybersecurity challenges. The shift towards more technologically advanced energy systems offers immense benefits but also opens the door to potential vulnerabilities. From protecting critical data to integrating older systems with new technologies, here’s a breakdown of the major cybersecurity concerns Dubai must navigate as it pursues its clean energy ambitions: 1.

Increased Attack Surface: The integration of IoT devices into renewable energy systems expands the number of vulnerable points. Sensors, smart meters, and connected devices provide essential data for optimizing energy production and distribution but can also serve as entry points for cyberattacks.

Data Security and Privacy: Massive amounts of data collected from various devices are crucial for operational efficiency but pose significant risks if intercepted or tampered with.

Recent reports highlight the value of Dubai’s IoT infrastructure at over 69.78 trillion AED, which has contributed significantly to the city’s economy, boosting its GDP by 10.4 billion AED since 2021. IoT devices play a crucial role in renewable energy systems for real-time data collection and control. In solar parks like the Mohammed bin Rashid Al Maktoum Solar Park, IoT sensors monitor and adjust panel angles in response to the sun’s position to maximize energy absorption. Smart meters and grid management systems use IoT to balance supply and demand efficiently, enhancing grid stability. Artificial Intelligence (AI) A study conducted by the online learning platform

ISSUE 16

TheCyberExpress

Cybersecurity measures need to ensure the integrity and confidentiality of this data to prevent manipulations that could lead to energy disruptions.

Supply Chain Vulnerabilities: Renewable energy projects often involve a complex supply chain including numerous vendors and third-party service providers. Each entity may introduce vulnerabilities, making the entire network more susceptible to cyberattacks. Ensuring robust security measures across all partners is a daunting task.

Legacy Systems Integration: As new renewable technologies are deployed alongside existing infrastructures, the integration of legacy systems with modern, digital solutions creates compatibility issues and security gaps. These systems may not have been designed with cybersecurity in mind, making them particularly vulnerable.

TheCyberExpress

ISSUE 16

DIGEST

Innovations in Cybersecurity for Renewable Energy Advanced Threat Detection Systems Dubai’s commitment to securing its energy sector is highlighted by its investment in sophisticated AI and machine learning technologies for threat detection. These systems are designed to handle the immense scale of data produced by the city’s renewable energy infrastructure. Leveraging AI enables predictive analytics and proactive threat detection, empowering the sector to identify and respond to potential cyber risks swiftly. For example, the Dubai Electricity and Water Authority (DEWA) uses advanced AI algorithms that monitor and analyze data across its network to detect anomalies that could signify potential cyber threats. These systems can process and correlate data from millions of IoT devices and sensors in real-time, offering a swift response to threats. The predictive capabilities of AI are crucial in preempting breaches before they escalate, enhancing the resilience of the energy grid. Blockchain for Increased Transparency and Security Blockchain technology is gaining traction in Dubai’s renewable energy sector to enhance security and transparency. Its application ranges from securing transactions to managing the vast amount of data generated by IoT devices. For instance, blockchain’s decentralized nature allows for the creation

ISSUE 16

TheCyberExpress

of a tamper-proof record of all transactions and data exchanges, making it impossible for unauthorized alterations. Unlike centralized databases, where data is stored on a single server making it vulnerable to malicious attacks, blockchain distributes data across a network of nodes. This decentralization means that even if one part is compromised, the rest of the system remains secure, maintaining the integrity of the entire dataset. Additionally, blockchain not only stores current data but also records a history of all transactions, enhancing transparency and traceability. By integrating blockchain technology, transparent and tamper-proof energy transactions can be established, ensuring the integrity and authenticity of data across the renewable energy supply chain. Cybersecurity Fusion Centers The establishment of cybersecurity fusion centers has been a strategic move for Dubai to strengthen its cyber defense capabilities. These centers are state-of-the-art facilities that merge advanced technology, expert processes, and deep human expertise, specifically designed to fortify cybersecurity across essential sectors such as energy. The centers employ real-time threat intelligence sharing among public and private sectors, ensuring a coordinated response to cyber threats. They improve security through several critical functions such as: Centralized Threat Management: Acting like a central nervous system

for cybersecurity, these centers gather and integrate information from diverse sectors such as energy and finance. This centralized approach allows for faster and more coordinated responses to cyber threats. Advanced Threat Analysis: These centers go beyond merely collecting data; they employ expert analysts and advanced tools to actively analyze cyber threats in real-time. This capability enables them to spot and strategize against emerging threats swiftly. Enhanced Collaboration: Cybersecurity thrives on teamwork. Fusion centers facilitate stronger collaboration between government agencies, private companies, and key infrastructure providers, creating a more unified and effective defense network across Dubai. Regulatory Frameworks and Compliance Dubai’s proactive regulatory stance is evident through stringent cybersecurity standards mandated for the renewable energy sector. The Dubai Cyber Security Strategy aims to protect critical energy infrastructure from potential threats by enforcing rigorous compliance requirements. For instance, regulations mandate regular cybersecurity assessments and audits for all energy sector entities. These assessments help identify vulnerabilities and ensure that all system components comply with the highest security standards. The strategy also includes training and awareness programs to foster a cybersecurity culture among stakeholders.

Future Directions in Cybersecurity for Dubai’s Renewable Energy Sector Dubai’s strategic approach to implementing cybersecurity technologies has significantly boosted both the security and efficiency of its renewable energy systems. The latest data highlights the impact of these initiatives. In 2022, the Dubai Electricity and Water Authority (DEWA) reported a significant 35% reduction in potential security incidents, attributed to the implementation of AI-based threat detection systems. The integration of blockchain technology has also streamlined energy transactions, cutting down transaction times by over 40%. By combining advanced technologies like AI and blockchain with a sturdy regulatory framework, Dubai is not only strengthening its cybersecurity but also setting an international benchmark for safeguarding renewable energy infrastructures from cyber threats. As Dubai pushes forward with its renewable energy goals, the need for enhanced cybersecurity measures grows. The sector must stay proactive and vigilant, continuously updating its defenses to keep pace with rapid technological advances and the changing landscape of cyber threats.

Looking ahead, collaboration will be key. Sharing knowledge and best practices globally will build stronger defenses and encourage innovation in cybersecurity strategies. Such international collaboration could lead to more robust frameworks that protect against current and future threats. Dubai is also planning new projects to strengthen its leadership in renewable energy. These include expanding the Mohammed bin Rashid Al Maktoum Solar Park, which will not only boost capacity but also introduce modern technologies like energy storage solutions to improve grid stability. Furthermore, Dubai is exploring the potential of offshore wind farms to diversify its energy mix. These projects will employ innovative technologies that demand sophisticated cybersecurity protections. In summary, the security of technological infrastructure is integral to Dubai’s renewable energy strategy. Cybersecurity is not just a protective measure—it is a foundational aspect of ensuring that the city’s energy sector remains resilient, efficient, and secure. Dubai’s proactive, forward-thinking approach highlights its commitment to sustainability and innovation, setting the stage for a brighter and more secure energy future.

TheCyberExpress

ISSUE 16

HOT SEAT

7 Ways META Governments Are Boosting Cybersecurity - By Ashish Khaitan

The 2024 cybersecurity landscape is witnessing one of the most phenomenal transformations in the META regions as several nations are fortifying their cyber defenses to counteract the explosive rise in cybercrime activities. Recent initiatives and insights from global government initiatives, cybersecurity summits, and collaborative efforts are being implemented to safeguard critical infrastructure and digital assets.

ISSUE 16

TheCyberExpress

These national-level efforts are visible as they highlight the importance of enhancing cybersecurity infrastructure across the Middle East, Turkey, and Africa (META), as governments within these regions rally to bolster defenses against hackers, ransomware groups, cybercriminals, and other cybercrime actors.

As technology continues to advance at a rapid pace, so do the threats posed by cybercriminals. Governments across META are stepping up their game to protect their nations from digital attacks. Join us as we explore 7 innovative ways these governments are enhancing cybersecurity measures to protect their citizens and critical infrastructure.

TheCyberExpress

ISSUE 16

HOT SEAT

The Cybersecurity Landscape of the Middle East, Turkey, and Africa (META) The cybersecurity industry in the Middle East, Turkey, and Africa (META) is constantly evolving as digital transformation sweeps across the region. With increased connectivity comes a heightened risk of cyber threats targeting governments, businesses, and individuals alike. During the Kaspersky Lab Security Analyst Summit for cybersecurity in the META region, which took place in Budapest, Hungary from April 20th to 24th, 2024, specialists from Kaspersky Lab’s Global Research and Analysis Team (GReAT), alongside invited IT-security experts, engaged with leading media representatives from the region. Maxim Frolov, Head of Business Operations, Emerging Markets at Kaspersky Lab, emphasized the global nature of cybercrime, stating, “Today cybercrime is reaching across geographical boundaries and has become a major global problem affecting almost every country in the world.” Sergey Novikov, Deputy Director of GReAT, discussed the issues and protection measures in the META region. In the past year alone, Kaspersky Lab’s products thwarted over 132 million cyberattacks in the Middle East, 41.5 million in Turkey, and 214 million in Africa, marking a significant increase compared to previous years. The statistics further revealed that a substantial proportion of users encountered web-related threats and security incidents stemming from local networks and removable media.

ISSUE 16

TheCyberExpress

In response to escalating cybersecurity concerns, governments in the META region are also enacting better data protection laws to fortify cybersecurity measures. These laws aim to safeguard sensitive information and personal data from unauthorized access, use, or disclosure, compelling organizations to prioritize cybersecurity and invest in robust security measures. Additionally, data protection laws promote transparency and accountability, mandating organizations to disclose data breaches promptly, minimizing their impact, and facilitating timely mitigation efforts.

Seven Strategies META Governments Employ to Enhance Cybersecurity Countries in META are recognizing the importance of investing in robust cybersecurity measures to protect against malicious attacks. From ransomware incidents to data breaches, the stakes are higher than ever before. As a result, governments are ramping up efforts to bolster their cyber defenses through strategic initiatives and partnerships with industry experts. Cybersecurity is no longer just a tech issue – it’s a national security priority that requires coordinated action on multiple fronts, including better cybersecurity policies, global collaborations, and training.

Enhancing Legal Frameworks Governments across the Middle East, Turkey, and Africa (META) are recognizing the critical need to bolster their legal frameworks to effectively

combat emerging cyber threats. In the United Arab Emirates (UAE), the enactment of Federal Decree-Law No. 34 of 2021 marks a significant milestone in addressing cybercrime and safeguarding sensitive information. This comprehensive law aims to combat rumors and cybercrimes by establishing a robust framework to tackle online misuse, protect government websites and databases, combat the dissemination of false information, and prevent electronic fraud and privacy breaches. Similarly, Turkey is closely monitoring European Union (EU) legal developments and plans to integrate provisions of the NIS2 Directive into its legislation to enhance network and information security. Furthermore, amendments to data protection laws align with the standards set by the General Data Protection Regulation (GDPR), expanding legal bases for processing personal data and introducing new rules for cross-border data transfers. In Africa, the Cybercrimes Act 19 of 2020 represents a significant step towards aligning cybersecurity legislation with global standards. This legislation mandates the reporting of cybersecurity breaches to law enforcement and criminalizes harmful data messages, cyber fraud, extortion, forgery, and unlawful access to computer systems. By enacting and enforcing such laws, governments in META are striving to create a legal framework that promotes transparency, accountability, and compliance with international cybersecurity standards.

Adoption of Modern Security Measures The adoption of modern security measures is no longer an option but an immediate necessity. These measures will help in strengthening cybersecurity resilience across the META region. In the UAE, the Dubai Electronic Security Centre, established in 2014, has been instrumental in leading the country’s cybersecurity efforts. Through initiatives like the First Phase Cybersecurity Strategy launched in 2017, the UAE has made significant contributions in adopting advanced security measures to mitigate cyber risks effectively. Turkey’s Information and Communication Technology (ICT) sector has witnessed remarkable growth, driven by government policies and the pivotal role of the Information and Communication Technologies Authority (BTK). Recent legal changes in Turkey impact digital privacy, free expression, and data localization, necessitating the enactment of specialized cybercrime legislation to address evolving threats effectively. Africa’s technological advancements have brought about cybersecurity challenges, but protective measures against modern-day threats like AI-driven attacks and Advanced Persistent Threats (APTs) have significantly improved. This has led to the emergence of cybersecurity startups in Africa, reflecting the region’s commitment to leveraging technology to enhance cybersecurity resilience.

TheCyberExpress

ISSUE 16

HOT SEAT

Comprehensive Testing and Policy Implementation Comprehensive testing and policy implementation are essential components of effective cybersecurity strategies in the META region. In the UAE, initiatives like the UAE Computer Emergency Response Team (aeCERT) and the multiple cybersecurity start-ups aim to promote cyber awareness and create a safe cyberculture. The establishment of the UAE Cybersecurity Council in 2020 highlights the government’s commitment to developing a comprehensive cybersecurity strategy. In Turkey, cybersecurity startups and global collaboration with the Turkish government have played a crucial role in shaping cybersecurity strategies by identifying key technologies and addressing emerging threats. However, challenges such as rapid economic growth and digital transformation highlight the need for efficient policy implementation based on industry standards to strengthen cyber resilience effectively. Africa faces similar challenges in implementing cybersecurity policies, with limited legislation and awareness posing significant hurdles. Initiatives aimed at raising public awareness, establishing threat intelligence-sharing platforms, and fostering international cooperation are essential for addressing these challenges and strengthening cybersecurity capabilities in the region.

Collaborative International Efforts TRecognizing the borderless nature of cyber threats, META countries are increasingly engaging in collaborative efforts to combat cybercrime. By partnering with other nations and sharing best practices, threat intelligence, and resources, governments in the region can bolster their cybersecurity posture and foster collective security against cyber attacks. In the UAE, government-led proactive measures like collaboration with international partners aim to fortify the country’s digital realm against cyber threats. Similarly, Turkey’s initiatives to establish public-private partnerships and engage in joint exercises with international partners demonstrate a commitment to strengthening cybersecurity capabilities through collaboration. In Africa, collaborative initiatives focused on capacity building, innovation, and government commitment are essential for addressing cybersecurity challenges effectively. By fostering cooperation among governments, private sector entities, civil society, and academia, META countries are enhancing their cybersecurity resilience and walking together with other leading nations in the IT and security domain.

ISSUE 16

TheCyberExpress

Regulatory and Infrastructure Investments Governments across META are intensifying their focus on cybersecurity regulation and infrastructure investment to promote cybersecurity in the region. In the UAE, stringent regulations like the Cybercrime Law mandate businesses to safeguard sensitive data and fortify defenses against cyber threats. Compliance with these regulations is crucial for ensuring a resilient cybersecurity posture in the face of evolving cyber threats. Similarly, Africa’s digital revolution has brought about immense opportunities, but it also poses cybersecurity challenges. Investments in infrastructure, regulatory development, and cross-sector collaboration have proven essential in strengthening Africa’s cybersecurity resilience and adoption of new technologies. Turkey’s proactive cybersecurity measures, exemplified by its National Cybersecurity Strategy and Action Plan, aim to elevate national cyber resilience. By fostering collaboration among different sections of societies and businesses, Turkey strives to lead the way in global cybersecurity and position itself as a cybersecurity leader on the global stage with other META nations.

Cybersecurity Task Forces and Training META governments are ramping up their cybersecurity efforts by establishing dedicated task forces, analyzing emerging threats, and coordinating cybersecurity strategies across various sectors. These collaborative approaches strengthen the region’s overall cybersecurity posture and enable effective responses to evolving cyber threats.

In the UAE, initiatives like the ‘Cyber Pulse’ campaign aim to engage the community in cybersecurity efforts by raising awareness and providing training on cyber threats and preventive measures. Similarly, Turkey’s focus on investing in human capital and fostering collaboration among stakeholders highlights its commitment to cybersecurity awareness. In Africa, inclusive cybersecurity strategies are gaining traction, recognizing the importance of broad-based trust, transparency, and information sharing among governments, private sector entities, civil society, and academia. By investing in cyber capacitybuilding programs and training the next generation of cybersecurity professionals, META countries can address cybersecurity challenges effectively and bridge the skills gap.

Expanding Cybersecurity Capabilities Through Strategic Investments Strategic investments in cybersecurity capabilities are crucial for

organizations in META to combat cybercrime effectively. By allocating resources toward infrastructure enhancement, talent development, and cutting-edge technologies, organizations can strengthen their defenses against malicious actors and safeguard their digital assets. The UAE’s IT services market is witnessing unprecedented growth, driven by government-led digital initiatives and investments in smart city projects. Startups are thriving, and the government’s emphasis on cybersecurity is accelerating market growth and fostering innovation in cybersecurity solutions. In Africa, efforts to bridge the cybersecurity skills gap and invest in cyber capacity-building programs reflect a collective approach to fortifying cyber defenses and helping African citizens enjoy data privacy. By fostering collaboration, investing in human capital, and developing homegrown cybersecurity solutions, META countries can increase their cyber presence and ensure a safer digital future for their citizens.

Summing Up! In conclusion, governments, organizations, and individuals across the Middle East, Turkey, and Africa are collaborating and investing in sturdy cybersecurity measures to safeguard their digital assets and mitigate cyber risks effectively. Through proactive initiatives, collaborative efforts, and strategic investments, the META region is poised to lead global cybersecurity efforts. By prioritizing cybersecurity resilience and adopting a comprehensive approach to cybersecurity, META countries can create a safe and secure digital environment for their citizens, businesses, and critical infrastructure. With continued investment in cybersecurity capabilities, regulatory frameworks, and international collaboration, the META region can effectively combat cyber threats and ensure the integrity of its digital ecosystem for years to come.

TheCyberExpress

ISSUE 16

BOTTOMLINE

Building a Secure OT Network: A Four-Phase Approach for the META Region - By Mihir Bagwe In the field of business operations in the META region, operational technology (OT) acts as a backbone, facilitating system maintenance, control, and optimization. From factories to energy projects, OT systems play an important role in increasing efficiency, ensuring safety, and maintaining reliability.

ISSUE 16

TheCyberExpress

However, with the increasing interconnectivity between OT and the Internet of Things (IoT), as well as the growing threat landscape, securing OT environments has never been more crucial.

TheCyberExpress

ISSUE 16

DIGEST BOTTOMLINE

Understanding Operational Technology OT encompasses the hardware and software utilized to monitor and control physical devices and processes within industrial operations, including sectors such as manufacturing, energy, transportation, and utilities. It comprises of two main categories: Internet of Things (IoT) devices, which introduce networking capabilities to traditional OT systems, and Industrial Control Systems (ICS) - specialized systems dedicated to monitoring and controlling industrial processes. Key functions of OT include: •

Driving innovation, improving productivity, ensuring safety, reliability, and maintaining critical infrastructure.

•

Enhancing efficiency by automating and optimizing processes, minimizing downtime, reducing waste, and maximizing output.

•

Ensuring safety by monitoring environmental conditions, detecting abnormalities, and triggering automated responses to prevent accidents.

•

Providing reliable performance in harsh environments to prevent financial losses and risks to public safety.

•

Maintaining product quality and consistency by monitoring and adjusting production processes.

•

Enabling data-driven decisionmaking by generating insights into operations.

•

Managing critical infrastructure such as energy grids, water treatment plants, and transportation networks.

ISSUE 16

TheCyberExpress

Differentiating OT from IT While Operational Technology shares similarities with Information Technology (IT), it differs in several key aspects. IT focuses on managing digital information within organizations and OT controls highly technical specialist systems crucial for ensuring the smooth operation of critical processes. These systems include Supervisory Control and Data Acquisition (SCADA) systems, Programmable Logic Controllers (PLCs), sensors, and actuators, among others. OT is not just limited to manufacturing but can also be found in warehouses and in daily outdoor areas such as parking lots and highways. Some examples of OT include ATMs and other kiosks, connected buses, trains, and service fleets, weather stations, and even electric vehicles charging systems. The key difference between IT and OT is that IT is centered on an organization’s front-end informational activities, while OT is focused on their back-end production. The merging of OT with IT, known as IT/OT convergence, aims at enhancing efficiency, safety, and security in industrial operations, yet also introduces challenges regarding cybersecurity as OT systems become more interconnected with IT networks.

IoT and OT Cybersecurity Forecast for META in 2024 Cybersecurity stands as a paramount concern for executives across various OT sectors in the META region. As the region witnesses a surge in cyber threats, organizations are increasingly investing in cybersecurity services and solutions to safeguard critical infrastructure and sensitive data.

Modernization and optimization top the cyber-investment priorities for 2024, according to Pwc Digital Trust Insights 2024-Middle East Findings Report. More than half (53%) of chose optimization of existing technologies and investments in order to identify those with the highest potential to create value, while 43% selected technology modernization, including cyber infrastructure. The year 2024 is poised to bring new challenges and advancements in IoT and OT security, shaping the cybersecurity landscape in the META region. Geopolitical Threats and APT Activity With geopolitical tensions shaping the cybersecurity landscape, the META region is anticipated to witness heightened levels of Advanced Persistent Threat (APT) activity. Critical infrastructure, including shipping, power, and communications, will remain prime targets for cyber adversaries seeking to disrupt operations and undermine stability. Escalating Costs of Cyberattacks The cost of cyberattacks is expected to escalate further in 2024, driven by an increase in ransom demands. Recent years have seen a significant rise in ransomware attacks globally, with cybercriminals targeting sectors such as healthcare and manufacturing. As ransom demands soar, organizations in the META region must bolster their cybersecurity defenses to mitigate financial and operational risks. Heightened Threats to IoT and OT Deployments Cyber threats targeting IoT and OT deployments are poised to intensify, posing significant risks to critical infrastructure and industrial systems.

Health and safety departments, Industrial Control Systems (ICS), and IoT networks will remain prime targets for cyber adversaries, necessitating proactive cybersecurity measures to mitigate potential threats. Focus on Network and Device Vulnerabilities Cybercriminals will continue to exploit network and device vulnerabilities, highlighting the importance of robust patching and vulnerability scanning practices. Government infrastructures, finance, and retail sectors are particularly vulnerable to phishing attacks, underscoring the need for enhanced cybersecurity measures and employee awareness training.

Lookout for AI With AI coming to the fore and large language models helping cybercriminals from drafting phishing mails to making AI-based robo-calling the surge of AI needs to be kept an eye on and better regulations will be the need of the hour. On the defense front, many vendors are also pushing the limits of GenAI, testing what’s possible. It could be some time before we see broad-scale use of defenceGPTs. In the meantime, here are the three most promising areas for using GenAI in cyber defence: Threat detection and analysis; cyber risk and incident reporting; and adaptive controls that are tailored for organizations threat profile, technologies and business objectives.

TheCyberExpress

ISSUE 16

BOTTOMLINE Emphasis on Supply Chain Security In 2024, supply chain vetting and internal security methods will become mainstream, as organizations strive to fortify their defenses against supply chain attacks. With compliance orders shifting from voluntary to mandatory, enterprises will be required to align with cybersecurity standards such as IEC 62443 to mitigate supply chain risks effectively. Rise of Cyber Threat Intelligence The year 2024 is poised to witness a surge in cyber threat intelligence investments, as organizations seek to enhance their threat detection and response capabilities. With C-level management increasingly involved in cybersecurity decision-making, enterprises will prioritize cyber threat intelligence feeds to bolster their security posture and safeguard critical infrastructure. Expansion of Attack Surfaces As digital transformation accelerates across sectors, the OT attack surface is expected to expand, providing cyber adversaries with new opportunities to exploit vulnerabilities. Industries such as manufacturing and healthcare must exercise caution and diligence in navigating the complexities of digital transformation to mitigate emerging cyber threats effectively.

This involves implementing comprehensive security measures and adhering to industry best practices. A four-phase approach can guide organizations in building a secure OT network: •

Assess: Conduct an assessment to evaluate the current OT environment against industry standards and identify risks and vulnerabilities.

•

Design: Develop a comprehensive design considering elements such as network segmentation, vendor security, and defense-in-depth strategies.

•

Implement: Implement changes into the OT network while ensuring interoperability and compatibility with existing systems.

•

Monitor and Respond: Establish mechanisms for detection and response to security incidents, enabling a dedicated security team to contain and eradicate threats effectively.

Structuring a Secure OT Network Despite its critical importance, OT faces significant vulnerabilities, particularly concerning cybersecurity. As OT systems become increasingly interconnected with IT networks and the IoT, they become more exposed to cyber threats. Moreover, the inability to shut down OT systems for maintenance or upgrades poses challenges in implementing security measures effectively. With the steady adoption of IoT and personal connected devices, an increase of over 4-fold in IoT malware attacks year-over-year has been reported in the Middle East region alone. This highlights persistence and ability of the cybercriminals to adapt to evolving conditions in launching IoT malware attacks. They are targeting legacy vulnerabilities, with 34 of the 39 most popular IoT exploits specifically directed at vulnerabilities that have existed for over three years. The biggest receiver of these attacks has been manufacturing, followed by oil & gas, power grids and maritime. To address these challenges, organizations must adopt a proactive approach to building secure OT environments.

ISSUE 16

TheCyberExpress

In addition to the four-phase approach, organizations can implement other security best practices, including access control, patch management, incident response planning, physical security measures, employee training, and vendor security assessments. By adopting a holistic approach to OT security and implementing robust security measures, organizations can mitigate cyber threats, protect critical infrastructure, and maintain the integrity and reliability of their operational systems. In an era of evolving cyber threats, securing Operational Technology is paramount to safeguarding industrial operations and ensuring the resilience of modern societies.

TheCyberExpress

ISSUE 16

NUGGETS

PROMISING CYBERSECURITY TRENDS IN THE

META REGION - By Samiksha Jain The United Arab Emirates (UAE) has carved a niche for itself as a beacon of innovation and technological advancement in the Middle East. The country’s vision for a hyper-connected future, with flourishing smart cities and a booming digital economy, hinges on one crucial element: cybersecurity. Cyber threats are a constant reality in our increasingly interconnected world, and the UAE is no exception. As the nation’s digital footprint expands, so too does the potential for cyberattacks that could cripple critical infrastructure, disrupt financial systems, and compromise sensitive data.

ISSUE 16

TheCyberExpress

Recent statistics paint a concerning picture. The 2024 State of the UAE Cybersecurity report reveals a significant increase in the country’s vulnerability to cyberattacks, particularly ransomware and DDoS attacks. The report, co-authored by the UAE government and CPX security, identifies nearly 155,000 vulnerable points within the UAE, including insecure network devices, filesharing platforms, email systems, and remote access points. Notably, almost 70% of these vulnerabilities are concentrated in Dubai.

TheCyberExpress

ISSUE 16

DIGEST NUGGETS The report also raises concerns about a growing threat: insider attacks. These attacks involve individuals within organizations misusing their access to steal data. Experts warn that as the UAE embraces cloud computing, artificial intelligence, and machine learning, the potential attack surface will inevitably expand, creating more opportunities for criminals. The financial consequences of data breaches in the Middle East are also on the rise, making the region second only to the US in data breach costs. The average cost of a data breach in the Middle East surpassed $8 million in 2023, reflecting a significant year-on-year increase and nearly double the global average. The report identifies government, energy, and IT sectors as prime targets, yet a separate study reveals a critical gap – nearly a quarter of oil and gas companies and government entities in the region lack dedicated cybersecurity teams. However, the UAE is not passively accepting this situation. It’s actively building a enhanced cybersecurity shield through a multi-pronged approach. This article delves into promising trends that are shaping the UAE’s cybersecurity landscape in 2024, showcasing the country’s commitment to safeguarding its digital future.

Advanced Threat Detection Recognizing the limitations of traditional security methods, the UAE is making a significant financial commitment to advanced threat detection systems. These systems, powered by cuttingedge technologies like artificial intelligence (AI), machine learning (ML), and behavioral analytics, can uncover and respond to sophisticated cyber threats in real-time. A recent Cisco study reinforces this trend, revealing that a staggering 91% of UAE organizations are integrating AI into their security strategies, primarily for threat detection, response, and recovery. This focus on AI aligns with broader regional trends. Industry experts at Strategy& predict a booming GenAI (General AI) market in the Arab Gulf region, reaching an annual value of $23.5 billion by 2030. Furthermore, Gartner research indicates that nearly half of executives are exploring GenAI capabilities. With such a promising financial future on the horizon, the UAE and other countries are actively implementing AI solutions across various sectors, including cybersecurity.

Public-Private Partnerships (PPPs) for Enhanced Security The UAE is taking a multi-pronged approach to fortifying its cybersecurity. Recognizing that online threats require a united front, they’re forging Public-Private Partnerships (PPPs). These collaborations leverage government oversight and private sector innovation.

ISSUE 16

TheCyberExpress

For example, the UAE Cyber Security Council is working with the UN’s ITU to boost cybersecurity expertise and share best practices. This partnership extends beyond education, with joint exercises simulating cyberattacks to test defenses. Additionally, the UAE has established its own cybersecurity authority, demonstrating a strong commitment to digital security. They’re not going it alone - memorandums of understanding with leading cybersecurity firms, like GroupIB, show a willingness to combine resources and develop new technologies. This focus on collaboration extends even further, with partnerships like the one between the UAE government and Mastercard aiming to leverage AI for financial crime prevention. By fostering a culture of information sharing, training, and technological advancement, the UAE is wellpositioned to address the evolving landscape of cyber threats.

Cloud Security on the Rise The United Arab Emirates is experiencing a surge in cloud security solutions as businesses increasingly rely on cloud storage and processing. This growth, projected at a rate of over 13% annually until 2027, is fueled by several factors. Firstly, cloud service providers are investing heavily in the region. Secondly, the government is taking proactive steps to improve cybersecurity. Finally, businesses are turning to cloud services for scalability, cost-efficiency, and enhanced protection against cyberattacks. This widespread adoption of cloud technology in both government and private sectors has created a robust cloud environment, but it has also highlighted the need for robust security measures. As a result, the demand for cloud security solutions in the UAE is rapidly growing.

Cybersecurity Education and Training Awareness and education are key components of any effective cybersecurity strategy. The UAE is investing in cybersecurity education and training programs to equip professionals with the skills needed to combat cyber threats. From specialized courses in universities to workshops and seminars for businesses, there is a concerted effort to build a strong cybersecurity workforce in the country. Zero Trust Security Model gaining Traction: In the UAE, a growing security trend is the adoption of zerotrust security. This model ditches the idea of inherent trust within a network and instead constantly verifies users and devices before granting access to resources.

TheCyberExpress

ISSUE 16

NUGGETS

This method is particularly appealing as businesses move away from traditional network perimeters and embrace a more open, cloud-based environment. Experts predict a tenfold increase in zero-trust security use across the Gulf region by 2025, with critical sectors like finance and oil and gas taking the lead. This rapid growth is anticipated to see 10% of large UAE enterprises establish comprehensive zero-trust programs within the next two years, a significant jump from near non-existence in 2023. While the UAE’s zero-trust journey is in its early stages, the presence of numerous international security vendors in the region could significantly accelerate adoption.

Regulatory Compliance The UAE has implemented stringent cybersecurity regulations to safeguard critical infrastructure and sensitive data. Compliance with these regulations, such as the UAE Information Assurance Regulations (UAE IA) and the Dubai Electronic Security Center (DESC), is mandatory for organizations operating in the country. Moreover, the Dubai Cybersecurity Law, issued in 2018, focuses on safeguarding vital data, establishing cybersecurity standards, and outlining penalties for cybercrimes. Adhering to these regulations ensures a baseline level of cybersecurity and helps prevent potential cyber threats.

Quantum Cryptography With the rise of quantum computing, traditional encryption methods are at risk of being compromised. Quantum cryptography offers a solution by leveraging the principles of quantum

ISSUE 16

TheCyberExpress

mechanics to secure communications. The UAE is investing in research and development of quantum cryptography technologies to protect against future cyber threats posed by quantum computers.

Focus on Critical Infrastructure Protection Protecting critical infrastructure, such as energy, transportation, and healthcare systems, is a top priority in the META region. Governments are implementing specific measures to safeguard these vital sectors from cyber threats. For instance, the UAE’s National Cybersecurity Strategy includes provisions for protecting critical infrastructure. These measures are essential for maintaining national security and ensuring the continuity of essential services. Similarly, Saudi Arabia’s Vision 2030 includes significant investments in cybersecurity to support its digital economy ambitions.

Growth of Cybersecurity Startups and Innovations The META region is witnessing a surge in cybersecurity startups and innovations. Local entrepreneurs are developing cutting-edge solutions tailored to the region’s specific needs. Initiatives like Dubai’s Innovation Hub and Saudi Arabia’s cybersecurity accelerators are fostering a conducive environment for startups to thrive. These startups are focusing on areas such as threat intelligence, endpoint security, and identity management, contributing to the overall cybersecurity landscape.

Cyber Threat Intelligence Sharing Sharing cyber threat intelligence (CTI) is becoming increasingly important in the META region. Governments and organizations are establishing platforms and frameworks for real-time sharing of threat information. This collaborative approach helps in identifying and mitigating cyber threats more effectively. Regional initiatives, such as the GCC Cybersecurity Center, facilitate CTI sharing among member countries to enhance collective cybersecurity defense.

To Wrap Up The UAE’s cybersecurity landscape is a microcosm of the global battle against cybercrime. While the country’s advancements in AI, PPPs, and cloud security are commendable, a crucial question lingers: can these advancements stay ahead of the ever-evolving tactics of cybercriminals? The future of cybersecurity hinges on the UAE’s ability to not only adopt cutting-edge solutions but also anticipate and adapt to the next wave of threats, potentially including those born from the very technologies it champions, like AI. Will the UAE’s proactive approach be enough to safeguard its digital future, or will a new breed of cyber threats emerge, demanding even more innovative solutions? Only time will tell, but one thing is certain: the UAE’s journey in cybersecurity is a story worth watching, with valuable lessons for nations around the globe.

TheCyberExpress

ISSUE 16

INSIDER

A Comparative Look at

CYBERSECURITY Regulations Across the

META Region - By Alan Joseph

The META region (Middle East, Turkey, and Africa) is experiencing a digital surge, with interconnectedness weaving its way into businesses, governments, and individual lives. This burgeoning digital landscape, however, comes with a dark side: a rising tide of cyber threats ranging from simple phishing attacks to sophisticated ransomware and espionage campaigns. Recognizing this, governments across the region are actively building their cyber defenses, enacting a complex tapestry of cybersecurity laws and regulations.

ISSUE 16

TheCyberExpress

Forming robust cybersecurity regulations for Middle East governments and businesses is not merely a legal obligation; it is also a strategic imperative to safeguard data, privacy, and stability of operations. Understanding the intricate web of cybersecurity laws is paramount for businesses and individuals to navigate the digital landscape while avoiding unforeseen risks.

TheCyberExpress

ISSUE 16

INSIDER

Recommendations in Building a Strong Cyber Ecosystem and Drafting Adequate Laws:

National CIRTs should monitor threats and help organizations recover. Countries with existing CIRTs should establish sectoral teams and collaborate regionally.

To effectively combat cyber threats, a strategic approach to law implementation and regulation is paramount. This approach should pay special attention to understanding the needs of all involved in the ecosystem, and fostering collaboration through integrated planning and implementation. Key elements include:

Cooperate Internationally: Support regional and international efforts to combat cybercrime, share evidence, and extradite cybercriminals. International collaboration keeps governments informed about cyberthreats and strengthens cybersecurity norms.

Establish a Central National Cybersecurity Body and Strategy: This independent body should define and supervise the national cybersecurity agenda to ensure credibility and authority over public and private organizations. Identifying and Addressing Stakeholder Needs: Mapping out key private and public entities, including government agencies, businesses, and cybersecurity firms, and outlining their roles in the national cybersecurity program. Establish Dialogue: Governments and businesses should foster dialogue across stakeholders to encourage collaboration. This could take the form of a governance body assessing the specific needs of each stakeholder, such as access to threat intelligence, training, or technical expertise, and incorporating these needs into a holistic cybersecurity program. Co-ordinated Efforts and Planning: Governments and authorities must create a collaborative approach that ensures participation from all stakeholders while avoiding siloed efforts. Adopt National Information Security Policies: Develop, implement, and update national cybersecurity policies and strategies with thorough funding and political support that are publically considered and reviewed regularly.

Key Trends Across the Region: Data Protection: Data localization, where companies are required to store data within national borders, is becoming increasingly common. Countries like Saudi Arabia and the UAE have implemented strict data protection laws, mirroring the European Union’s General Data Protection Regulation (GDPR). Critical Infrastructure Protection: Governments are prioritizing the protection of critical infrastructure from cyberattacks. Countries like Israel and Turkey have established dedicated cybersecurity agencies and implemented regulations for operators of critical infrastructure in sectors like energy, finance, and healthcare. Cybercrime Legislation: Laws addressing cybercrime, including hacking, phishing, and online fraud, are being strengthened. For instance, Egypt recently introduced a comprehensive cybercrime law with severe penalties for offenders. Incident Reporting: Mandatory incident reporting requirements are becoming increasingly common. Companies are obligated to report cybersecurity incidents to relevant authorities, allowing for timely response and mitigation.

Country-Specific Examples of Regulations

Develop Personal Data Protection Legislation: Create and implement comprehensive legislation to protect personal data, combat cybercrime, and maintain digital security.

Middle East

Protect Critical Information Infrastructure: Identify critical infrastructure sectors and prioritize their protection. Governments should ensure the security of power supply networks, diversify providers, and encourage local enterprises to safeguard critical information.

•

Create National Cyber Incident Response Teams:

ISSUE 16

TheCyberExpress

United Arab Emirates (UAE): The UAE stands out for its proactive approach to cybersecurity regulation. UAE Cybercrime Law (Federal Decree-Law No. 34 of 2021): Criminalizes a range of cyber activities, from hacking and phishing to spreading misinformation online. Introduces harsh penalties for cybercrimes involving critical infrastructure.

•

National Cybersecurity Strategy (2019): Aims to create a safe and resilient cyber infrastructure in the UAE. Key pillars include enhancing cybersecurity laws and fostering international collaboration. Data Protection Law (Federal Decree-Law No. 45 of 2021): Aligns closely with GDPR principles, securing personal data protection and ensuring organizations implement robust data security measures.

•

National Cybersecurity Authority (NCA): Established in 2017 to oversee cybersecurity regulations and policies.

•

Essential Cybersecurity Controls (ECC): Comprehensive cybersecurity guidelines mandated by the NCA.

•

Personal Data Protection Law (2021): Grants citizens more control over their personal data and aligns with international standards.

•

Anti-Cyber Crime Law (2007): Covers offenses like hacking, phishing, and electronic fraud.

•

In a move indicative of its rapid development, the NCA introduced a new regulatory framework in 2024 to bolster the cybersecurity landscape.

•

Managed Security Operation Centre (MSOC) Policy: The policy aims to regulate MSOC services and restricts organizations from providing services crossborder rather than sharing with the entire ecosystem.

Upcoming Developments: Critical Infrastructure Protection Framework: A framework to safeguard critical infrastructure against cyber threats. Saudi Arabia Saudi Arabia has adopted a rigorous stance on cybersecurity, reflecting its Vision 2030 ambitions.

TheCyberExpress

ISSUE 16

INSIDER

Upcoming Developments: National Cybersecurity Strategy 2023-2027: Expected to emphasize incident response, international collaboration, and innovation. Qatar It continues to fortify its cyber defenses, particularly drawing on lessons learned from experiencing cyberattacks during the 2022 FIFA World Cup. •

Qatar Cybercrime Prevention Law (2014): Criminalizes a range of cyber offenses, including hacking, phishing, and online fraud.

•

Qatar National Cybersecurity Strategy (2014): Lays out the framework for securing critical infrastructure and enhancing cybersecurity awareness.

•

Data Privacy Protection Law (2016): Focuses on personal data protection and mandates data localization requirements.

Upcoming Developments: New Cybersecurity Strategy (2024-2030): Expected to incorporate lessons learned from hacks and intrusions during the FIFA World Cup. Bahrain Since 2018, Bahrain’s Personal Data Protection Law has established guidelines for data quality control, incident response, and consumer rights.

•

Law on Protection of Personal Data (No. 6698): Enacted in 2016, this law closely follows GDPR principles.

•

Personal Data Protection Law (2018): Most similar to the GDPR among Middle Eastern privacy laws. Data transfers are allowed to pre-approved adequate countries.

•

National Cybersecurity Strategy and Action Plan (2020-2023): Focuses on securing critical infrastructure, enhancing public awareness, and fostering international cooperation.

•

Key Differences from GDPR: The right to access personal data is not clearly articulated. Limited enforcement history leaves the robustness of this right uncertain.

•

Regulation on Information Systems of Banks (2020): Mandates strict cybersecurity requirements for financial

Upcoming Developments: Turkey Turkey has comprehensive cybersecurity regulations to address increasing cyber threats.

ISSUE 16

TheCyberExpress

Increased commitment to cybersecurity issues: Turkey reportedly seeks to increase its commitment to cybersecurity as part of the Development Plan for 2024– 2028.

Kenya Kenya has taken significant steps to enhance cybersecurity. •

Data Protection Act (2019): Provides comprehensive guidelines for personal data protection and aligns with GDPR.

•

Computer Misuse and Cybercrimes Act (2018): Criminalizes cyber offenses like hacking and online fraud.

•

National ICT Policy (2019): Includes a dedicated cybersecurity strategy focusing on infrastructure security.

Upcoming Developments: Revised Cybersecurity Strategy (2022-2027): Expected to incorporate best practices and strengthen data security. Nigeria Nigeria, Africa’s largest economy, is increasingly prioritizing cybersecurity. •

Cybercrimes (Prohibition, Prevention, etc.) Act (2015): Criminalizes cyber offenses like hacking and identity theft.

•

Nigeria Data Protection Regulation (NDPR, 2019): The primary data protection framework.

South Africa

Upcoming Developments:

South Africa leads the continent in cybersecurity regulation with its progressive legislation.

Data Protection Bill (2024): Aims to replace NDPR with comprehensive legislation.

•

Conclusion:

•

Protection of Personal Information Act (POPIA, 2013): Enforced in 2021, this comprehensive data protection law aligns with GDPR. Cybercrimes Act (2020): Consolidates and criminalizes various cyber offenses, including hacking and cyber fraud.

Upcoming Developments: National Cybersecurity Policy Framework (NCPF): Revisions are underway to address emerging cyber threats.

Harmonizing regulations and laws, along with the raising of awareness among public officials, businesses and citizens across the META region is crucial for effective cybersecurity collaboration. The META region presents a unique opportunity for cybersecurity innovation. Regional collaboration can foster knowledge sharing and strengthen cyber resilience across the META landscape, as local startups develop tailored solutions. While each country adopts unique strategies tailored to its socio-economic context, there is a clear trend towards developing with global best practices like the GDPR.

TheCyberExpress

ISSUE 16

SCOOP

META BANKS: LEVERAGING AI FOR EFFICIENCY, SECURITY, AND GROWTH - By Ashish Khaitan The banking industry is one of the main pillars of any nation and they have been an integral part of the critical infrastructure. The government and private banks in the Middle East, Turkey, and Africa (META) region have also gone through several transformations, and with the advancement of AI, these

ISSUE 16

TheCyberExpress

financial institutions have adopted artificial intelligence to streamline the banking experience for the common citizens while also ensuring robust cybersecurity measures. These banks offer a wide range of services beyond traditional banking, including investment banking, insurance, and asset management.

As the financial landscape becomes increasingly complex, meta-banks are turning to artificial intelligence (AI) to streamline operations, enhance customer experiences, and mitigate risks.

TheCyberExpress

ISSUE 16

DIGEST SCOOP

The GenAI industry, projected to reach $23.5 billion annually by 2030 in the Arab Gulf region, highlights both the opportunities and risks associated with AI. Bridging the technology gap is imperative, as highlighted by Trellix’s ‘Mind of the CISO: Behind the Breach’ report, revealing that nearly 64% of respondents in the UAE reported missed attacks due to resource constraints or insufficient skills to manage complex incidents effectively. However, with the advancement of modern technology and its seamless integration into the banking sector, the META regions are witnessing a resonance of cybersecurity in the finance industry. The Cyber Express explores the AI revolution taking place in META banks across the region and its benefits, challenges, and prospects of this transformative technology.

The AI Revolution in META Banks The UAE Cyber Security Council has reported over 50,000 daily cyberattacks targeting various sectors, including banking, finance, health, and oil and gas. Undetected, these attacks pose significant risks to operations, revenue, and reputation. However, with the help of AI, all these cyberattacks were successfully thwarted daily, highlighting the wide scale implementation of artificial intelligence in UAE. For other nations in the META region, the advent of AI has pushed conventional banking into a new era of endless possibilities. With its ability to process vast amounts of data and perform complex tasks with speed and accuracy, AI has become a gamechanger in the financial industry. META banks are leveraging AI algorithms and machine learning techniques to automate routine

ISSUE 16

TheCyberExpress

processes, analyze customer behavior, and make data-driven decisions. By harnessing the power of AI, these banks can gain a competitive edge by offering personalized products and services, reducing operational costs, and improving overall efficiency. AI is revolutionizing various aspects of metabanking, from customer service to risk management. Chatbots, powered by AI, have become the face of customer interactions, providing round-the-clock assistance and resolving queries in real time. These virtual assistants not only enhance customer satisfaction but also free up human resources to focus on more complex tasks. Additionally, AI-powered predictive analytics enable banks in the META region to identify patterns and trends in customer behavior, helping them tailor their offerings to meet individual needs. Moreover, AI algorithms are proving invaluable in detecting fraudulent activities, enhancing compliance, and minimizing financial risks.

Furthermore, AI enhances risk management capabilities in META banks. With AI algorithms constantly monitoring transactions and analyzing patterns, potential fraudulent activities can be detected and flagged in real time. This not only protects the interests of customers but also safeguards the reputation of META banks. AI-powered cybersecurity is a key component of this risk management strategy. By utilizing AI to identify and counter cyber threats, banks in the Middle East, Turkey, and Africa can ensure the security of their systems and protect sensitive customer data from unauthorized access. To enable this change, AI, especially generative AI (GenAI), has emerged as a prominent topic in the Middle East. GenAI holds significant promise, with projections indicating a potential annual industry value of $23.5 billion by 2030 in the Arab Gulf region. Additionally, Gartner’s research reveals that 45% of executives are currently exploring GenAI applications.

Benefits of Artificial Intelligence-led Banking in the META Region

Implementing Artificial Intelligence in META Banks

The benefits of AI in banking are manifold. Firstly, AI enables these banks to improve operational efficiency by automating repetitive tasks and reducing human error. This not only saves time but also lowers costs, allowing banks to allocate resources more effectively.

Implementing AI in the banking sector requires careful planning and strategic execution. The first step is to identify the areas where AI can bring the most value. This could include customer service, risk management, compliance, or data analytics. Once the areas are identified, META banks need to invest in the right AI technologies and infrastructure. This includes acquiring AI software, hardware, and the necessary IT resources to support AI implementation.

By leveraging AI-powered analytics, META banks can gain valuable insights into customer preferences, enabling them to offer personalized products and services. This not only enhances customer satisfaction but also fosters loyalty and drives revenue growth.

Data plays a crucial role in the success of AI implementation. Banks in the META region need to ensure

that they have access to high-quality, structured data that can be used to train AI algorithms. This may require data integration and consolidation efforts across different systems and departments within the bank. Additionally, both private and government banks need to establish governance frameworks and protocols to ensure the ethical and responsible use of AI. This includes addressing issues such as bias, transparency, and accountability. Cybersecurity is a top concern for financial institutions, given the sensitive nature of the data they handle. AI is proving to be a powerful tool in combating cyber threats and protecting customer information. AI-powered cybersecurity systems can analyze vast amounts of data in real time, detecting anomalies and identifying potential threats. These systems can learn from past attacks and adapt their defenses accordingly, making them more effective against cybercrime actors.

unauthorized access to customer accounts. By continuously monitoring network traffic and user behavior, AI-powered cybersecurity systems can swiftly respond to potential threats, mitigating the risk of data breaches. Furthermore, AI can assist in fraud detection by identifying suspicious transactions or activities that deviate from normal customer behavior. Moreover, the Middle East is now leading the charge in the implementation of AI into digital banking revolution, shifting from traditional to tech-driven finance. With a staggering 52% annual growth rate, the region is rewriting finance rules. Around 38 digital banking services cater to 32 million customers (about twice the population of New York), with the UAE spearheading the movement, introducing five new neobanking brands like #WioBank and #Zand. This surge reflects the region’s commitment to financial inclusion and economic diversification through technology.

AI algorithms can detect patterns and behaviors that may indicate a cyber attack, such as unusual login attempts or

TheCyberExpress

ISSUE 16

SCOOP Challenges and Risks of AI in META Banks While the benefits of AI in META banks are undeniable, some challenges and risks need to be addressed. One of the major challenges is the availability of quality data. AI algorithms rely on large volumes of accurate and relevant data to make accurate predictions and decisions. META banks need to ensure that their data is clean, well-structured, and easily accessible to maximize the effectiveness of AI. This may require investments in data management and data governance processes. Another challenge is the ethical use of AI. As AI becomes more integrated into banking operations, concerns arise regarding bias, transparency, and privacy. AI algorithms can inadvertently perpetuate biases present in the data they are trained on, leading to unfair or discriminatory outcomes. META banks must establish ethical frameworks and guidelines to ensure that AI is used responsibly and in a manner that respects individual privacy and rights. The future of AI in META banks is promising. As AI technologies continue to advance, banks in the META region will be able to further enhance their operations and customer experiences. One area with immense potential is predictive analytics. By leveraging AI algorithms, META banks can predict customer behavior, market trends, and economic indicators, enabling them to make informed business decisions and stay ahead of the competition. Additionally, the rise of big data and the Internet of Things (IoT) will create new opportunities for AI in the META region. The ability to collect and analyze vast amounts of data from diverse sources will enable banks in the META region to gain deeper insights into customer preferences, market dynamics, and risk factors. AI-powered chatbots will become even more sophisticated, providing personalized recommendations and engaging in natural language conversations with customers.

Conclusion The AI revolution is reshaping the banking sector in the Middle East, Turkey, and Africa. By embracing AI technologies, banks in the META region can unlock a multitude of benefits, including improved operational efficiency, enhanced risk management, and personalized customer experiences. However, the successful implementation of AI requires careful planning, investment in infrastructure, and the ethical use of data. Despite the challenges and risks, the future of AI in META banks is bright, with the potential to revolutionize the way financial services are delivered and experienced.

ISSUE 16

TheCyberExpress

ISSUE 16

ROUND UP

May 2024 Security Round Up: Breaches, Battles, and Big Attacks

ISSUE 16

TheCyberExpress

The Monthly Round-Up

Cisco Duo Data Breach Exposes User Information

Recently, Cisco’s Duo security product encountered a breach that exposed information related to multifactor authentication (MFA). The breach, facilitated by a phishing attack through SMS and VOIP, targeted employee details and impacted Duo’s MFA service. As a result, usernames, email addresses, and MFA device information were potentially compromised. However, Cisco has reassured users that sensitive information such as passwords or authentication methods remained secure. In response to the incident, Cisco promptly notified affected users and implemented necessary security measures to prevent further breaches. Nevertheless, users have been advised to remain vigilant and monitor their accounts for any signs of suspicious activity.

TheCyberExpress

ISSUE 16

ROUND UP

Ransomware Attack Targets UNDP, Stealing HR Data The United Nations Development Programme (UNDP) recently experienced a cyberattack resulting in the breach of Human Resources (HR) data. The attack compromised the personal information of current and former employees at a branch in Denmark, including staff contracts and internal documents. UNDP issued a notice acknowledging that they had received a threat intelligence notification indicating that a data extortion actor had stolen certain human resources and procurement information.

ISSUE 16

TheCyberExpress

Taking swift action, UNDP promptly implemented necessary precautions and is currently conducting a comprehensive assessment to determine the nature and extent of the cyberattack.

UnitedHealth Takes $1.6 Billion Hit from Change Healthcare Cyberattack UnitedHealth Group, one of the largest healthcare companies in the U.S., recently issued a warning about a cyberattack that resulted in a potential financial impact of $1.6 billion. The attack, targeting Change, led to disruptions in payments to doctors and healthcare facilities nationwide, as well as adversely affecting community health centers serving over 30 million impoverished and uninsured patients for a month. UnitedHealth estimates that the hack will reduce profits by $1.15 to $1.35 per share this year but emphasises that the impact is not as severe as initially anticipated. While the company has not yet disclosed the extent of the personal data breached in the attack, federal law mandates that they do so within 60 days.

TheCyberExpress

ISSUE 16

ROUND UP

Paris Olympics Braces for Cyber Siege: Millions of Hacking Attempts Expected Paris Olympic organizers are preparing for a hoard of cyberattacks during this year’s events, as officials expect millions of hacking attempts. These attacks could entail minor issues like inconveniencing processes, or major damages that could result in the event being stunted. The organizers are preparing themselves by offering bug bounties to those who can scope out vulnerabilities in systems; Additionally,

ISSUE 16

TheCyberExpress

they are training staff to be able to recognize and respond to phishing scams. While fans and spectators are potential victims, there are also issues with smart equipment like CCTV cameras, alarm systems, badges, etc. The 2021 Tokyo Olympics reportedly faced about 450 million hacking attempts, and this year is predicted to be almost 8 to 12 times that number.

TikTok Faces Potential US Ban as Lawmakers Pass Bill Forcing Sale Lawmakers in the U.S. recently passed a bill that would have banned the app in the country if TikTok’s Chinese owner, ByteDance, had refused to sell its stake in the American business. TikTok’s head of public policy for the U.S. stated that the bill was unconstitutional, going against the First Amendment, and that TikTok would fight it in the courts. TikTok has always denied any affiliation with Beijing authorities and any access to user data by them. They also stated they would always refuse if asked to do so. Yet, TikTok still faced scrutiny and pressure from lawmakers in the US and other Western politicians, including in the UK, over suspicions that users’ data was accessible by the Chinese government. The bill is now headed towards President Joe Biden, who has stated, “I will sign this bill into law and address the American people as soon as it reaches my desk.”

TheCyberExpress

ISSUE 16

ROUND UP

Deepfakes Threaten Music Industry, Warns Singer FKA Twigs Singer-songwriter FKA Twigs recently testified before the U.S. Senate, expressing her concerns about AI and its detrimental impact on the music industry. The singer stated, “In the past year, I developed my own deepfake version of myself that was not only trained in my personality but could also use my exact tone of voice to speak many languages.” FKA Twigs highlighted how deepfakes might have positive applications in contexts where consent is given but emphasized the need for governments and people in power to regulate AI technology. This is due to the vastness of the internet and the numerous issues it can cause.

ISSUE 16

TheCyberExpress

EU Data Watchdog Rejects Meta’s “Pay or Okay” Privacy Model The European Data Protection Board (EDPB) shared their opinion on Meta’s “pay or okay” business model, expressing disapproval for its non-compliance with EU data privacy rules. Introduced last year, this business model allowed customers to either use Meta’s services for free, consenting to the company processing their private data, or choose to subscribe and pay for Meta not to do so. The Board stated, “The offering of (only) a paid alternative to the service which includes processing for behavioural advertising purposes should not be the default way forward for controllers.” Meta, however, responded that the board’s opinion did not matter as the Court of Justice of the European Union had ruled their actions legal. Additionally, two national data authorities also agreed that it breached the General Data Protection Regulation (GDPR), indicating that users entered the contract after it was mentioned in the Terms of Service rather than being given a clear yes/no option.

TheCyberExpress

ISSUE 16

ROUND UP

Names and Emails of Parents, Teachers at 127 Singapore Schools Leaked in Mobile Guardian Hack Mobile Guardian recently experienced a hacking incident that resulted in the compromise and leakage of the names and email addresses of parents and teachers from 127 schools in Singapore, which accounts for a third of all schools in the country. The Ministry of Education (MOE) reportedly took steps to inform affected parents and advised them on preventive measures against future incidents.

ISSUE 16

TheCyberExpress

Mobile Guardian has apologized for the breach and stated that they became aware of it “via email from the intruder to the unauthorized entry,” which was initially flagged as phishing until another email surfaced a few days later. The company confirmed that no sensitive information was compromised, stating that “all passwords are encrypted and therefore not stored in a readable format, and thus have not been compromised.”

How Hackers Exploited Nespresso to Steal Logins Earlier this month, Nespresso’s website experienced a bug that allowed phishing attacks to occur. Here’s how it worked: An email, purportedly from the Bank of America, prompted recipients to check their recent email sign-in activity. This action is common and seemingly unsuspicious. However, upon clicking the link, users were directed to an actual Nespresso URL, albeit infected. Since the URL was linked to Nespresso, the site displayed no security warnings. This allowed a malicious .html file, disguised as a Microsoft login page, to appear, stealing information. Nespresso has confirmed that its customers’ data was not compromised in any way. They’ve urged people to remain vigilant against such attempts.

TheCyberExpress

ISSUE 16

ROUND UP

Ramadan Shopping Boom Creates $100 Million Cybercrime Windfall in Middle East In early April, amidst the observance of Ramadan, data breaches appeared to be quite prevalent due to an increase in purchases of food, clothing, decorations, etc. Endpoint protection firm Resecurity revealed a significant uptick in cybercrime during this period. The company calculated that the fallout from these cyberattacks amounted to about $100 million in the Middle East. This estimation of money encompasses fraud against a range of individuals, from citizens to foreign visitors. Various types of fraud were observed, including fraudulent campaigns, e-commerce fraud, wire fraud, and phishing. Resecurity emphasized the importance of users staying safe and refraining from sharing personal information during this time.

ISSUE 16

TheCyberExpress

NoName Attacks Moldova’s Governmental Websites The ransomware group known as NoName reportedly launched a strategic cyberattack on the government websites of Moldova. Among the branches of the government affected are the Presidency, Ministry of Foreign Affairs, Ministry of Internal Affairs, the State Registry, and others. The cyberattack renders the sites inaccessible, displaying the message “This Site Can’t be Reached” when accessed.

The motive behind the cyberattack appears to be political. A message attributed to the group explains, “In order to discourage the local government from advocating Russophobia.” NoName has been involved in similar attacks in the past, and this one is powerful enough to threaten not only Moldova’s digital infrastructure but also its national security.

TheCyberExpress

ISSUE 16

TheCyberExpress

ISSUE 16

SCAN AND STAY UPDATED WITH REAL TIME CYBERSECURITY NEWS To advertise with us, write to: marketing@thecyberexpress.com

The Cyber Express May 2025

Articles inside

From The Editor’s DESK