Securing the Digital Enterprise D
igital Security is of paramount importance as organizations are faced with continuous and evolving digital security threats and concerns with newer threats challenging data on daily basis. Solution providers are working overtime to identify and counter these challenges. In our 76th Edition of “The Integrator” we have put together the challenges faced in cybersecurity and how the best of brands and solution providers are addressing this issue and arresting threats. 2017 saw some of the biggest cyber threats in recent history, with millions of consumers and thousands of businesses affected by everything from the WannaCry attack to the Equifax and Uber data breaches. Worldwide, information security is touching $100 billion marks and cybercrime will be costing the world Trillions of dollars annually. Cyberattacks are looking at newer ways to create security breach crypto jacking,PowerShell-based attacks, Worms are branches and sub-sets of ever evolving cyber threats, security is also undergoing a paradigm shift specially with GDPR implementation’s data of individuals is become extremely important and government legalizations have ratified a full proof model which will enhance the security circle providing both privacy and stop frequent breaches. To enhance awareness, education and training of employees and IT staff is also important we have covered employee empowerments as well in this issue as well. Our editorial team have put deep work to bring together various facets of Securing the Digital Enterprise. Specialized interviews from industry leaders and spokespersons have been included to provide you a 360 view on the same. Just to quickly add we are proud to host 6th Annual “The Integrator” Awards 2018 and this year we received record number of nominations and voting process recorded 300% increase from previous recorded numbers. The combination of Jury voting with votes received from the channel and including our editorial voting will decide and decorate 2018’s best in business. Sincerely
Vivek Sharma Managing Editor
ontents
Editorial
Cover Feature
Securing the digital enterprise - 6
Feature Interviews
Cybersecurity Threats, Preparedness and Framework - 12 Safety First - 18
Enterprise security strategies - 14 Check and Mate - 20
News In Detail
Email security just got smarter - 22
Gemalto launches virtualized network encryption platform - 23
Paladion’s AI-driven MDR services - 24
Insight
ManageEngine unveils end-to-end IT operations for hybrid environments - 26
Mimecast and Vanson Bourne research - 27
Techknow
Tekla structures BIM software to construct 2018 World Cup stadium - 28 New SonicWall MSSP Program - 29
VMware delivers next-gen network functions for 5G and Multi-cloud Telco networks - 34
Published by: JNS Media International MFZE
Managing Editor: Vivek Sharma Art Director: Faiz Ahmed Sales Manager: Christopher David
P.O Box 121075, Dubai UAE, Tel: +971-4-3705022 Fax: +971-4-3706639, website: www.VARonline.com Sales Inquiries: sales@var-mea.com All other Inquiries: info@var-mea.com | Editorial: editor@var-mea.com Disclaimer: While the publishers have made every attempt possible to get accurate information on published content in this handbook they cannot be held liable for any errors herein.
News Bytes
Al Falak partners with ESET in KSA Al Falak Electronic Equipment & Supplies Co announced a partnership with IT security solutions provider ESET to promote and distribute ESET’s Endpoint Protection; Data Protection and Technology Alliances to meet the growing customer demandamong businesses in Saudi Arabia.The addition of ESET solutions to its portfolio will further strengthen the distributor’s market presence in the country. The signing ceremony, held at Novotel Riyadh Al Anoud Hotel, Riyadh, KSA, featured three sessions. The ‘ESET Endpoint Protection’ discussed ESET’s multilayered and cloud augmented malware protection system and multilayered protection, along with the MSP program.Ahmed Ashadawi, President and CEO, Al Falak, said: “With the rapid advancement of technology, security threat landscape is also evolving constantly. We are glad to partner with ESET to take their state-of-the-art IT security solutions to businesses in Saudi Arabia, thereby assisting them in mitigating the security challenges that form part of the era of digital transformation. We will be providing ESET with our channel expertise and the resources to facilitate market penetration and increased sales and market share in KSA.” Dimitris Raekos, General Manager, ESET Middle East, said: We are happy to partner with Al Falak, the attendance was great, and we will be hosting more events in Saudi such as the ESET Security Days."
4 | June 2018
Epicor introduces new ISV program for innovative solutions
Epicor Software Corporation has announced a new Alliance. Independent Software Vendor (ISV) program to benefit its customers by allowing them access to innovative technology solutions and expertise from a host of providers constituting the partner ecosystem. The new program will simplify the way the company engages, manages, and helps its Alliance ISV partner ecosystem to tap into the latest technology advances and growing market demand for its products. “Our goal is to build a strong collaborative relationship that offers our partners significant opportunities to grow their business in partnership with Epicor,” said Vish Thirumurthy, global head of alliance ISV partners, Epicor Software. The program features a developer enablement hub, training, solution certification program, and marketing support to help provide partners with significant opportunities to grow their business using Epicor’s product platform. The new Alliance ISV hub will provide access to the latest ERP code base, API tutorials, online help, user guides, and training that will allow partners to onboard new developers quickly. Also, certified products will be showcased in the new Epicor Alliance ISV Solution Gallery to allow for increased visibility in the competitive and dynamic ERP solution system.
Help AG is now Tenable Platinum Partner in the Middle East With the incorporation of Tenable’s Cyber Exposure solutions into its security architecture, Help AG has become the Middle East Platinum partner for Tenable, Inc., the cyber exposure company.With this inclusion, Help AG can leverage technology within its Cyber Security Operations Centre (CSOC) and enhance capabilities of its managed vulnerability scanning (MVS) service. This will enable Help AG to further its ability to identify and mitigate the threat of software vulnerabilities. The elevation to Platinum status is in recognition of Help AG’s value and pipeline contributions, and commitment to technical excellence through investments in Tenable’s training and certification program. Help AG has achieved proficiency in the Tenable Certified SCCV Sales Engineer (TCSSE), Tenable Certified Security Engineer (TCSE) technical certifications, and the Tenable Certified Security Analyst (TCSA) sales and presales certification, which enables it to deliver expertise in selecting and implementing the right solutions for customers. Stephan Berner, CEO at Help AG, says, “this achievement stands as an assurance to customers that when they select Help AG for their Tenable deployment, they will receive the most comprehensive and qualified support through every stage of the solution lifecycle.”
SAP expands partnership's for AI-Powered Innovation and Industry Solutions SAP SE has announced new products and partnerships to enable Middle East and North Africa enterprises to become more intelligent, with expanded capabilities from advanced technologies such as conversational artificial intelligence (AI), blockchain, and analytics. At the company’s recent annual SAPPHIRE NOW conference, SAP fulfilled its ambition to disrupt the marketplace for customer relationship management (CRM) with the formal introduction of a new suite of applications, SAP C/4HANA, to help businesses serve and retain customers. SAP also announced the SAP HANA Data Management Suite, the industry’s first comprehensive data management solution that enables companies to turn data sprawl into business value.
Intelligent New Products and Services To expand and accelerate global adoption and best practices of blockchain in the transportation industry, SAP has started a global blockchain consortium with seven founding members, including Intel Corp., Hewlett Packard Enterprise Co. (HPE) and A3 by Airbus SE.To help customers easily embed advanced technologies into their solutions, SAP released SAP Leonardo-based innovation kits for specific industries, including retail, life sciences, manufacturing and automotive. SAP launched the SAP Leonardo Partner Medallion Initiative for partners to embed industry solutions.
Gartner names Kaspersky Lab among top three EPP vendors In its latest ‘Critical Capabilities for Endpoint Protection Platforms’ report, Gartner has named Kaspersky Lab Endpoint Protection Solutions as one of the top three EPP vendors across all user groups. The report evaluated the capabilities of vendors to meet the needs of three distinct types of organization: those looking for flexible and customizable solutions; those demanding a blend of prevention and detection response capabilities; and those deploying prevention-focused solutions. The report analyzed and rated 21 vendors on the following critical capabilities: prevention, console alerting and reporting, EDR core functionality, EDR advanced response, third-party integration, EPP suite, managed services, geographic support, and OS support. “As security is a regularly shifting landscape, we are constantly updating our endpoint products to keep pace with every business need, helping organizations to stay one step ahead of the cyber threats which plague them on a daily basis. Achieving the top three position, across each user group, affirms our mission to provide relevant and reliable protection, for any type of threat and any type of business,” said Nikita Shvetsov, Chief Technology Officer at Kaspersky Lab.
Pixcom and Avaya accelerate cloud-based solutions to SMEs Avaya Holdings Corpannounced that it is working with digital technology provider PixcomTechnologies to bring cutting-edge unified communications and contact center solutions to small and medium-sized enterprises (SMEs) across the UAE, all delivered seamlessly through the cloud. Under the Powered by Avaya cloud offering, Pixcom will market and sell Unified Communications as a Service (UCaaS) and Contact Center as a Service (CCaaS) solutions that help SMEs to reap the benefits of digital applications under a fixed pay-permonthagreement, allowing them to expand and contract capacity as needed, while controlling costs.It is a particularly attractive business model for SMEs Khalid Khan, Director of Cloud & Midmarket Segment at Avaya MEA, South Europe and Asia-Pacific, said: “Digital transformation is radically redefining how organizations do business. For small and mediumsized enterprises, cloud-based communications tools make it even easier to connect and empower employees so that they can focus on organizational growth. Our partnership with Pixcom underscores Avaya’s commitment to serving the SME community as a significant driver of the Middle East economy today.”
June 2018 | 5
Cover Feature | Security
SECURING THE DIGITAL ENTERPRISE In the digital era of specialised and targeted cyberattacks, organizations need a holistic approach not only to build resilience and meet impeding cyberthreats,but also secure critical crown-jewel assets to ensure business continuity
R
apid advancements in technology and increasing digitization are making enterprises more vulnerable to cyberattacks. Evolving digital technologies such as Internet of Things (IoT), cloud computing, mobility, and the like,are changing the landscape of how humans live as a society, transact business, or interact among themselves. However, the current cybersecurity metrics are incapable of fully capturing these changes and their dynamics, exposing enterprises and consumers, alike, to constantly evolving threats and cyberattacks. These cyberattacks are no
6  |  June 2018
longer amateur, as they are now becoming more specialised such as mutant variations of ransomware attacks.
The threats are real and growing The World Economic Forum’s 2018 Global Risks Report predicts that large-scale cyberattacks and major data breaches or fraud will be among the top five risks in the coming decade.By 2020 zeroday vulnerability to cyberattacks will be a fraction of 1 per cent, which implies there will be more familiar attacks as compared to newer attacks, according
to Gartner. In the wake of such targeted cyberattacks, organizations are at a greater risk than ever to colossal business losses, operational disruptions, and adverse effect to brand value. A 2016 report from the Executive Agency for SMEs at the European Commission has estimated that cybercrime will be the cause of global financial losses to the tune of at least 350 billion a year and these losses will reach 1.89 trillion by 2019.
Falling short on preparedness Despite the extent of threats, they are exposed to, there are fewer organizations
that are building cyber and privacy risk management into their digital transformation strategy correctly. PwC’s 2018 Global State of Information Security Survey (GSISS) says 44% of the respondents still lack an overall information security strategy. The same survey reveals that47% of global CEOs say they are investing in cybersecurity to a large extent and 44% say they are, to a large extent, creating transparency in the usage and storage of data. According to KPMG, the top five areas where organizations are providing investments for cybersecurity preparedness include: cyber awareness measures at 75%, cyber risk assessment at 73%, incident response planning at 65%, technology investment at 65%, and development of
Not just industry stalwarts but businesses of all sizes – small, medium, and large – need to proactively involve their boards to manage cyber and privacy risks. cybersecurity framework at 45%. But still, many businesses are at the beginner’s level when it comes to data-use governance.
Lot of room for all-round action Organizations must realise that cyberthreats are real and here to stay. And emphasis on cybersecurity should rank high in boardroom agenda. Not just industry stalwarts but businesses of all sizes – small, medium, and large – need to proactively involve their boards to manage cyber and privacy risks. Currently, board involvement, taking cognizance of cyber security
Tightening the cybersecurity noose with GDPR
T
he General Data Protection Regulation (GDPR) is a regulation in the EU law which provides for data protection and privacy of individuals in the European Union (EU) and European Economic Area (EEA). GDPR came into effect on May 28,2018 and regulates the flow of data out of the EU and the EEA. This regulation supersedes the Data Protection Directive 95/46/EC and provides directives for use of personally identifiable data of individuals in the EU. The regulation is also applicable to all enterprises transacting businesses in the EEA and requires that data be stored using pseudonymisation or full anonymisation. The regulation mandates that enterprises collecting data must expressly mention a lawful reason for data collection, explain clearly how they propose to process it, how long they will retain this data, and if they propose to share it with third parties or outside EU. Enterprises cannot use the data, so collected, to identify the data subject without additional information that must be stored separately. Enterprises are also prohibited from making the data publicly available without the express opt-in consent of the data subject, who enjoys the right to revoke the consent anytime. Users also enjoy the right to request for a copy of the data that an enterprise collects and can request deletion of data under certain specified circumstances. Public authorities or businesses, that have data processing as the core function, are required to depute a data protection officer (DPO) who is responsible for compliance with the GDPR. In case of data breaches, businesses must report them within 72 hours if user privacy is under threat.
preparedness of their organizations is low, with the situation only slightly better for organizations worth over $25 billion. Organizations, however, are realising the need for a chief privacy officer (CPO) or an executive at a similar level who can assume complete responsibility for security and privacy. While organizations are also realising the need to adopt limits on data they collect, measures to maintain the data so collected and following privacy policies, the on-ground implementation leaves a lot of room for implementation. This is especially true for businesses in Middle East and Europe that lag behind their counterparts in Asia, North America, and South America in developing and implementing an overall cyber security
Businesses in Middle East and Europe lag behind their counterparts in Asia, North and South America in developing and implementing an overall cyber security strategy and governance of data strategy and governance of data. The European Political Strategy Centre has pronounced Europe ‘insufficiently prepared’ for the impending cyberthreats while PwC suggests that companies in the Middle East suffer from a ‘false sense’ of being secured.
Securing the data castle In an effort to boost overall cyber resilience, the European Union issued the General Data Protection Regulation in the EU law to provide for protection and privacy for all individuals in the EU and the European Economic Area (EEA). The regulation came into effect in May 2018 and controls the June 2018 | 7
Cover Feature | Security
The Cyber Tech Accord
I
n a defining moment for cybersecurity, 34 global technology companies came together to sign the Cyber Tech Accord on April 17, 2018. The companies signing the Accord pledged to protect customers across geographies against malicious cyberattacks whether they are initiated by cybercriminals or are sponsored by nation-states. The participating companies pledged action in four areas namely: stronger defense against cyberattacks regardless of the motivation, no offense through denial of support to governments in launching cyberattacks against citizens, capacity building to empower people and businesses to protect themselves better, and promote collective action to build relationships with industry, society, and researchers for better technical collaboration to minimize the probabilities introducing malicious code in the cyberworld. Among the companies that came together to sign the Accord are ABB, Arm, Cisco, Facebook, HP, HPE, Microsoft, Nokia, Oracle, and Trend Micro. Security companies such as RSA, Avast, FireEye, and Symantec have also pledged support for the Accord. However, companies like Apple, Amazon, and Twitter, and those from Russia and China were not among the signatories.
8 | June 2018
way personal data is exported outside the EU and EEA. In addition, the EU’s directive on security of Network and Information Systems (NIS) also came into effect in May 2018. According to the NIS directive,businesses providing essential services and digital service providers must follow the prescribed directions for security and report incidents to the national authorities. Another notable effort towards securing customers from malicious cyberattacks globally is the Cyber Tech Accord with 34 global technology and security companies taking the pledge to work towards a more secure “Efforts such as GDPR, NIS, and Cyber Tech Accord aimed to boost security and data privacy coupled with regulatory measures are much more than just compliance workouts. They provide organizations with a strategic opportunity to drive their businesses to greater success in the data-driven digital world”cyber environment, in April 2018.” Efforts to boost security and data privacy coupled with regulatory measures are much more than just compliance workouts. They provide organizations with a strategic opportunity to drive their businesses to greater success in the data-driven digital world. And, with the emerging privacy rulesand regulations on how data flows across borders or is used, organizations are up against a greater challenge on achieving business success in the dynamic digital market landscape rife with continually evolving cyberthreats. Businesses need cyber security strategies that not only allow better governance of big data but also secure their businesses with robust defence and detection controls. Therefore, business leaders must align their business continuity strategies according to the cyber security principles as outlined by the World Economic Forum.
Action steps for robust security architecture Cisco’s Global Cloud Index forecast says that by 2019, Middle East and Africa (MEA) will witness the world’s highest cloud traffic growth rate at 41%. Therefore, security must be the centrepiece of a
holistic business strategy for organizations in the MEA as there is much at stake for an organization, irrespective of its scale of operations. Organizations must consider including cyber and privacy risk management in their cyber security strategies to prepare better for disruptive cyber threats, ensure operational continuity, build a positive brand and business, gain greater customer trust, and gain competitive lead. The erstwhile approach of standalone security is woefully short on meeting the evolving cyberthreats. Therefore, organizations need a holistic security approach that allows them to secure every asset –from data centres to endpoint protection, in order to ensure business continuum. Organizations must consider implementing next-gen technologies such as exploit prevention, machine learning and behaviour monitoring to efficiently meet the targeted and specialized cyberattacks. According to Gartner, there are two key security issues that organizations must address. These include upgradation of perimeter and network-based security and focus on protection strategies on malicious content. Therefore, a comprehensive information security architecture is the prime requirement for an organization to achieve cybersecurity readiness. The modern data centres of today’s digital world are driven by virtualization, cloud, and software-defined networking where data, applications, and workloads traverse across multi-cloud environments. Also, it is the onus of the organization and not the cloud provider to secure their workloads, therefore, organizations need a businessdriven security strategy.
Building a holistic cybersecurity strategy To achieve a successful cybersecurity strategy, RSA Security suggests organizations should focus on the four pillars namely: full visibility, rapid insight, comprehensive response, and business context. Full visibility across all digital channels –from the endpoint to the cloud, supported bydetailed analytics, allows
security teams to identify and correlate security and business risks across the complete environment. Faster insights reduce response time to tackle an incident, which in turn reduces risks to the business. To convert insights into comprehensive response, automation is key, as it enables security teams to instantly deploy checks and measures to ensure security of critical assets assigning priority to business-critical assets. Therefore, organizations must consider solutions that allow them complete visibility of all traffic on the cloud or data centre network, control illegitimate access and threats by reducing the attack surface, and respond to the breach or network disruption quickly. Cisco’s threat protection and network security solutions help organizations identify breaches through multi-layered threat sensors and quickly detect, block/respond to data theft and/or disruption of operations. However, even a comprehensive cybersecurity strategy is as good as its implementation. As such, experts recommend that organizations should adopt ‘breach mentality’, assuming the environment has already been compromised. The security team must, therefore, detect these compromises and resume business operations quickly. Solutions that allow enterprises to discover, control, and protect cloud applications, as well as protect against data leakage, can be considered.
Hardware-enabled security Software solutions protecting software may not prove adequate when cyberthreats permeate through the various computing stacks – from software to hardware. For comprehensive security of the entire computing stack including hardware, firmware, operating systems, applications, networking, and the cloud, hardwareenabled security solutions may prove to be the right answer. For instance, organizations can incorporate hardware assisted technologies into security solutions for improved detection of advanced cyber threats. In addition, solutions are available
that can help organizations improve privacy, scalability, and trust in blockchain solutions.
Endpoint security Due to continual increase in malicious attacks targeting end users, endpoint security has garnered tremendous attention. McAfee advises organizations to enhance their security measures by adding additional modules such as machine learning, static analysis, and artificial intelligence (AI) to complement the traditional engines used for detection of malware. Solutions are available that run alert when viruses, spyware and other potentially malicious software attempts to compromise a virtual machine. For
events from multiple sources like endpoints, servers, and firewalls. This allows security teams to detect, stop, and analyse modern threats and hacker activity. Solutions such as Sophos Intercept X on workstations and servers can help organizations achieve next-gen protection mechanisms as well as root cause analysis to find out the real impact of the incident on files and systems and ways to prevent them in the future. Use of sophisticated techniques such as spear-phishing messages, network propagation mechanisms, spyware, tools for concealment, and so on, commonly called Advanced Persistent Threats (APT) are also on the rise and pose a threat to businesses of all sizes. These are malicious,complex
“Efforts such as GDPR, NIS, and Cyber Tech Accord aimed to boost security and data privacy coupled with regulatory measures are much more than just compliance workouts. They provide organizations with a strategic opportunity to drive their businesses to greater success in the data-driven digital world.”
low and medium threats, this allows for action to be taken on software. For severe threats, automatic actions are initiated to automatically remove malicious software and prevent further infection. Sophos suggests that all workstations and servers must get next-gen endpoint protection mechanisms in addition to the existing endpoint security. The next-gen protection mechanisms include machine learning/deep learning, exploit prevention, ransomware protection, behaviour monitoring and anti-hacker technologies. In addition, organizations must add endpoint detection and response (EDR) capabilities to collect and correlate security
cyberattacks designed for undetected access to sensitive information. To prevent fraud and manage such threats solutions such as application control and whitelisting can allow organizations to mitigate the effects of APTs.
Wired and wireless security: External and internal Organizations today have mobile workforce and accordingly need to provide high-speed access to resources over wired, wireless and mobile networks. But, these vectors also open up a large area for cybercriminals to initiate threats and zero-day attacks. Such cyberattacks can result in loss of June 2018 | 9
Cover Feature | Security
control on data especially in remote team environments that extensively use wireless and mobile networks tapping into cloud services. Any compromise in this
environment can disrupt access, give rise to shadow IT, and threaten overall security architecture. In such a scenario, organizations
Secure and extensible cloud environment A telecommunications company in the UAE made application deployment and operations much faster and secure through a scalable and secure cloud environment
The Challenge: One of Middle East’s fastest growing integrated telecommunications service providerhas an ongoing and growing demand for faster network access. The consumers and enterprises need speedy access to use multiple applications for business, home automation, and smart cities services. The company, therefore, needed a new data center network infrastructure that could meet the need for a highly dynamic and scalable cloud environment that would help make application deployment and operations much faster and secure.
The Solution: The company became the first telecom company in the world to use Cisco Application Centric Infrastructure (ACI) and Cisco Nexus 9000 Series Switches to power its next-generation data center. Using these solutions, the company could meet the ever-increasing demands for applications, hosting, and cloud services.The deployment of Cisco ACI has allowed the company to gain an agile,cost-effective, and scalable turnkey approach.
The Result: The solution not only provided the company with a competitive advantage in the market but also laid the foundation foran application-focused architecture for its cloud automation and composition.This has allowed the company to gain a cloud environment which is based on open standards and is highly secure and extensible. Powered by its next-generation data center, the company gained speed time to market for a host of services such as cloud-based hosting, multimedia (voice, data, video) services for mobile and fixed customers. The company is also able to provide service offerings to its enterprise business users and power its smart government initiatives. Automating the entire stackhas helped the company deploy customer applications with greater agility and to meet the speed requirements, that are critical in the digital marketplace.
10  |  June 2018
need solutions that allow for anytime, anywhere access to their information across devices, while maintaining access control policy and context-aware authorization. Organizations need solutions that allow them to stop zero-day and ransomware attacks by screening the files uploaded to the corporate networks. To adequately secure the networks, organizations can consider core nextgeneration firewall services, deep packet inspection of encrypted traffic (DPI-SSL), and cloud-based multi-engine sandboxing. For wireless network, organizations can consider the 802.11ac Wave 2 wireless technology to secure both indoor and outdoor environments. For mobile networks, multi-factor authentication and endpoint control can prove effective. Organizations can deploy solutions to verify device integrity with endpoint control, single sign-on, inspection of files uploaded to the network in a cloud-based multi-engine sandbox such that they can provide secure network access to their mobile workforce. Using solutionssuch as firewalls, wireless access points, and appliances for secure mobile access, organizations can detect and prevent threats across wired, wireless, and mobile networks. In addition, protection against DDoS, web-based and zombie attacks can be fortified using solutions such as web application firewall, geo IP detection and botnet protection. Apart from external threats, organizations must be wary of internal threats posed by employees accessing enterprise resources through multiple devices such as mobile phones, tablets, and laptops.According to Cisco Visual Networking Index(VNI) Global Mobile Data Traffic Forecast (2016 to 2021), by 2021, more members of the global population will use mobile phones (5.5 billion) than their bank accounts (5.4 billion). And with the latest trend of bring your own device (BYOD), organizations stand exposed to heightened internal threats with employees accessing enterprise resources through a variety of devices. McAfee Labs detected over 16 million
mobile malware infestations in the third quarter of 2017, almost double of the number seen a year earlier. Using McAfee’s consumer mobile protection solutions, users can defend against mobile malwares that compromise the devices. McAfee advises that while connecting these devices to the enterprises, users must enforce proper checks before granting permission to the critical network and keeping the business data separate from personal data.
Also, organizations must train greater focus on sensitizing employees and training them on the basic hygiene of cybersecurity policies such as not clicking on unknown links or not opening attachments from unsolicited or unknown sources. While employees can pose the greatest risk, but if trained adequately, they can be a great asset in fighting cybercrime.
Periodic audits
Every business is part of a bigger and complex ecosystem of information comprising third parties such as vendors, suppliers, and intermediaries, which may be a major security threat if their networks or practices are insecure. Therefore, organizations must prioritize these third parties according to the extent and criticality of information shared and advise security measures that may be found lacking.
Last, but not the least, organizations must conduct periodic internal audits to gauge the health of the security architecture and to ensure that all policies and procedures are in place and effective. While external audits may be required to fulfil compliance obligations and seeking recommendations on bridging the gaps in security strategies, internal audits can go a long way in ensuring implementation of necessary controls, risk management, regular updates to security plans, and effectiveness of the training sessions.
Cultural sensitization
Conclusion
Training allparticipantsacross the valuechain to prepare them for incident response is key to building a robust cybersecurity framework. Cultural sensitization to security practices through mock drills and spreading awareness about secure connection with networks outside of the workplace can significantly boost security of an organization. If employees are careless or unaware of the potential suspicious behaviours, all measures of security safeguards can result in a nought. KPMG warns that cybercriminals use phishing emails to employees with links that have malware embedded or attached. They also set up a 'watering hole' - a site most commonly used by staff, and compromise it,using embedded malware, to gain virtual foothold within an organisation. According to an IDC report, phishing is the biggest incidence of cybercrime, with 38 per cent of respondents admitting having fallen victim to it. To defend against such threats, KPMG suggests the 5D approach of Detect, Deny, Disrupt, Degrade, and Deceive.
An effective cyber risk management with good incident response is the prime objective of any security strategy. Earlier, cyber security was considered an issue to be handled by the Information Technology department or the security team with little or no involvement of the senior management or board. But now, cyber security is no longer the responsibility of the IT department alone. Boards are owning up the responsibility and ensuring the issue is managed and kept under control, as they are now seeing it more as a business issue. Rising threats and targeted cyberattacks make cyber security an organization-wide responsibility that begins at the board room and ends with each employee. Organizations that proactively take steps to build resilience to the impending cyberthreats with efficient data protection,management of privacy risks, and cultural sensitization can fare better in the data-driven economy and the digital society at large.
Threats from third parties
Facts and figures Organisations in Middle East and Africa lag behind Asia in overall security strategy: MEA at 31% against Asia's 59% (Source: PwC’s GSISS report 2018)
Businesses worth $25 billion, or more, are better at data-use governance (Source: PwC’s GSISS report 2018)
46% organizations believe they are not adequately prepared to handle ransomware attacks as a major threat (Source: KPMG Cyber Crime Survey 2017)
Data is being stolen via people through 81% of hacking- related breaches leveraged either stolen and/ or weak passwords, and with 86% of malicious payloads delivered through email 73% and web 13% (Source: Verizon 2017 Data Breach Investigation)
Estimated global financial losses due to cybercrime to be at least 350 billion a year and projected to reach 1.89 trillion by 2019 (Source: 2016 report from the Executive Agency for SMEs at the European Commission)
Security executives in the Middle East acknowledged the ramifications of a breach citing reputation (53%), financial loss (50%) and job security (49%) as the top concerns associated with falling victim to cyber- attacks. (Source: KPMG’s Consumer Loss Barometer, 2016)
June 2018 | 11
Interview | Cisco
Cybersecurity Threats, Preparedness and Framework Like the rest of the world, cybersecurity poses a major challenge for businesses in the Middle East and Africa (MEA). The Integrator spoke to Scott Manson, Cybersecurity Lead - Middle East and Africa, Cisco, to understand the threats enterprises face, the state of preparedness, and what steps they can take to build a robust security framework.
What is the one biggest network security threat for any enterprise? The market for network security products, technology and services is definitely growing in the Middle East. The evolving trends of Internet of Things (IoT), mobility, cloud computing, and collaboration are paving the way for new cybersecurity attacks that we couldn’t have anticipated just a few years ago and that require new techniques to defend against. The enterprise network today no longer sits within four secure walls. Employees today demand access to enterprise resources and they work via more mediums than ever before – by personal laptop from home networks, by tablets, and by smartphones. As more and more employees are using devices for both personal and business activities, the issues with potential loss of confidential company data increases as IT departments are less in control. This trend now known as Bring Your Own Device (BYOD) does bring complexity when it comes to security and IT support.
12 | June 2018
According to Cisco’s Global Cloud Index (GCI) Forecast, by 2019, it is estimated that the Middle East and Africa (MEA) will have the world’s highest cloud traffic growth rate, at 41 percent. By 2021, more members of the global population will use mobile phones (5.5 billion) than bank accounts (5.4 billion), running water (5.3 billion), or landlines (2.9 billion), according to the 11th annual Cisco Visual Networking Index (VNI) Global Mobile Data Traffic Forecast (2016 to 2021). How prepared are enterprises when it comes to making their networks secure? The sophistication of the technology and tactics used by online criminals have outpaced the ability of IT and security professionals to address these threats. Today, the key issue is that most organizations do not have the people, or the systems, to continuously monitor extended networks and detect infiltrations, and then apply protections, in a timely and effective manner.
Scott Manson Cybersecurity Lead , MEA Cisco
Cybercriminals have learned that harnessing the power of internet infrastructure yields far more benefits than simply gaining access to individual computers or devices. These infrastructurescale attacks seek to gain access to strategically positioned web hosting servers, nameservers and data centers— with the goal of proliferating attacks across legions of individual assets served by these resources. By targeting internet infrastructure, attackers undermine trust in everything connected to or enabled by it. Security needs to be part of the way organizations think—holistically—about their business. There is a great deal at stake: their brand, their reputation, their intellectual property, and their customers’ data. All of these things are at risk. Organizations need to take a systemic approach to minimizing that risk through an appropriate security posture. Today’s heterogeneous network environments demand flexible, integrated, open solutions that evolve as quickly as the threats themselves. Middle East
organizations need to be vigilant and secure their network beyond the data center to every connected object and device to provide insights during the entire attack continuum. Starting from the most senior level, CIOs and businesses must make cyber security a business process and deploy cybersecurity solutions that cover the entire attack continuum – before, during, and after a cyberattack. How can enterprises protect their Big Data in the wake of increased threats? We know Big Data is big business. And, according to Cisco 2018 Security Capabilities Benchmark Study, the use of on-premises and public cloud infrastructure is growing. Attackers are taking advantage of the fact that security teams are having difficulty defending evolving and expanding cloud environments. And, as security teams are spending an average of 76 percent of their attention focused on securing the
data center, organizations are finding that traditional, stand-alone methods for security are no longer enough to protect application workloads from threats. We have identified three nonnegotiable security features for implementing an effective workload protection strategy: 1. You must have real-time visibility across the extended network because you cannot protect what you cannot see. • The volume of traffic that needs to be inspected and secured inside the data center is increasing at unprecedented speeds. Being able to see all network activity and get actionable insights cannot be a bottleneck for critical business processes. 2. You must be able to reduce the attack surface and reduce the lag time between workflow provisioning and policy enforcement.
• Whether you are using a multilayered approach to segmentation or the Zero Trust security architecture model (as coined by Forrester), limiting access across the network to only those who need it is critical to protecting critical services and sensitive data. 3. You must be able to quickly detect, block, and automate responses to security incidents. • No network or data center is immune from potentially being compromised. It is important to remember – it is not a matter of if your network will be compromised but a matter of when. And an organization must be able contain the threat with integrated and automated solutions to limit exposure and liability. For more insights from Scott Manson, Cybersecurity Lead - Middle East and Africa, Cisco please visit www.varonline.com
June 2018 | 13
Interview | RSA Security
Enterprise security strategies
Rashmi Knowles Field CTO EMEA RSA Security
Evolving cyber threats are making enterprises more vulnerable to business losses and operational disruptions. To boost cyber resilience, enterprises need robust security strategies to protect their businesses. Rashmi Knowles, Field CTO EMEA for RSA Security, tells The Integrator how enterprises can build a holistic cyber strategy that works.
What are some of these solutions that can ensure cyber security for the enterprises? The combined pressures of modernization, malice, and mandates are spurring a new way of thinking about security strategy, marked by a convergence of security and business risk in the enterprise. Some organizations are starting to develop security strategies in collaboration with the broader IT, fraud, risk and business functions, seeking to inform security with relevant, context-specific information about what the business values most. Organizations looking to adopt such a business-driven security strategy should focus on four pillars to assure success:
Full Visibility The security team must be able to see across all digital channels. Only with visibility from the endpoint to the cloud, with detailed analytics, can organizations identify and correlate security and business risks across the whole environment.
Rapid Insight Why do enterprises need a holistic approach to cyber security? Worldwide security spending on information security products and services is expected to grow to $93 billion in 2018, according to the latest forecast from Gartner. Despite this level of spending, we have seen nearly 2,000 data breaches and nearly two billion personal records stolen. Security technology alone cannot solve the risks to our business. Siloed security and business functions result in poor visibility and communication with each function only focusing on their priorities. Connecting a security incident to a business context should be the ultimate goal of all organizations so security teams and the business need to close what RSA call the ‘The Gap of Grief’.
14 | June 2018
A number of forces make the Gap of Grief more treacherous: • Modernization – Quickening pace of digital transformation • Malice – Increasingly hazardous threat landscape • Mandates – Industry and government forcing the issue The demands of interoperability and availability, along with consumers’ and organizations’ appetites for modernization and innovation, can present constant challenges. The stealth persistence and resourcefulness of malicious actors only seem to be increasing. On top of that, new and more stringent mandates continue to raise the bar for compliance and digital risk strategies.
Faster insight through better analytics is paramount. The modern business environment has a plethora of business and security tools and the more time needed to interpret an event or incident, the greater the risk.
Comprehensive Response Security teams today take their finding from security tools and remediate in a way that is not scalable. The most effective way to turn insights into action is to orchestrate and automate the response. For example, when security spots a user acting suspiciously through a deviation on a baseline, they can enable the identity plane to take actions stepping up authentication to ensure confidence that the user is legitimate.
Business Context Security and fraud teams can’t rely on what they see in their own environments. Contextual intelligence facilitates faster and better decisions for the business. For security teams understanding business context – such as the criticality of an asset can help prioritize work and determine urgency when managing incidents. To deliver these capabilities requires a comprehensive threat detection platform like an advanced SIEM to provide complete end-to-end visibility, automated behavior analytics, and machine learning to find both known and unknown threats and provide enriched data with business context and threat intelligence. Identity is replacing perimeter as the primary defensive frontline. Every transaction begins with some form of identity – a machine or a user, therefore
a comprehensive identity and access management (IAM) platform is mandatory as a key building block. Today’s IAM platforms must provide complete flexibility for the user and insight to the business to manage identities. And finally, a comprehensive governance, risk and compliance (GRC) platform provides the glue to connect a security incident to a business context to determine the severity of the incident. For example, if a security team detected unusual activity on a file server and had to make the decision to shut the server down, then most organizations lack the insight to determine what business process runs on the server and any other systems that could be impacted by the action. Criticality of the business process and data also need to be determined.
What will be the key drivers for holistic cyber security solutions? Three key factors will drive the demand for holistic cyber security solutions Modernisation, Malice and Mandates. As mentioned above, the stealth persistence and resourcefulness of malicious actors only seem to be increasing. On top of that, new and more stringent mandates continue to raise the bar for compliance and digital risk strategies. Hence, organizations need to adopt a holistic cybersecurity approach - one which connects a security incident to a business context and result in high visibility and rapid response. For more insights from Rashmi Knowles, Field CTO EMEA for RSA Security please visit www.varonline.com
– Amanulla Khan Managing Director, Belkin
June 2018 | 15
All Day, Every Day Safety Surveillance Network Video Recorders Surveillance Digital Video Recorders
Hybrid sDVR (analog & IP) RAID storage arrays for surveillance
With increase in scales of security camera systems, the number of HDDs for storing video data is also increasing
Salient Features Connects up to
Workload of
180 per year
64
Optimized
Best in class 1 million hour MTBF
7200rpm
Maximum transmission rate 237MB/s
TB
Operating temperature
0-70
o
Field proven air ďŹ lling multiple shock sensors for worry free usage
600,000
load/unload cycles
Number of HDDs required for 1 month of recording #
4
Full HD
8
Full HD
16
Full HD
4K
cameras
4K
cameras
Capacity 4TB 5TB
cameras
6TB
8TB
4K
10TB
4TB
2TB
1.3 HDDs 2.6 HDDs
3.2 HDDs 6.5 HDDs
6.5 HDDs 13 HDDs
2.6 HDDs 5.2 HDDs
6.5 HDDs 13 HDDs
13 HDDs 25.9 HDDs
5.2 HDDs 10.4 HDDs
13 HDDs 25.9 HDDs
25.9 HDDs 51.8 HDDs
#
Full HD calculated assuming 1080p, 30fps, transmission rate of 10Mbps. 4K calculated with 2160p, 30fps, transmission rate of 20Mbps.
10TB
Key Advantages
Designed for large scale server or storage systems
Supports up to 64 cameras* and 8+ multi-RAID Drive Bays system
Optimized seek speed
Low power consumption*
Less environmental noise
Less vibration emission
High performance at optimal cost**
* In high operating environments ** Due to high-endurance electronics & ramp loading technology
Interview | McAfee
Safety First Enterprises, and consumers alike, need to take safety measures to ensure their data is protected from cyber criminals. Vibin Shaju, Director, PreSales, McAfee tells The Integrator about the various safety measures that can be taken at each step to safeguard and maintain data integrity
What security measures can enterprises adopt for transitioning to cloud environment? Cloud is an extension to enterprise network and so is the security. Organisation is responsible for securing cloud workloads not the cloud provider. Security planning should be in line with the cloud adaptation plans to tackle cyber risks. What possible security solutions should enterprises consider for smarter incident response? Above the solutions, it’s the readiness of the people which is key for incident response. Stakeholders needs to be trained on how to respond to an incident by constant practice like table top exercises, mock drills, etc. Solutions should complement these tasks, making the process faster. To enhance endpoint security, what steps should enterprises take? Endpoint security has gained a lot of traction recently with more attacks targeting end users. Enterprises should add additional modules like machine learning, static analysis, and artificial intelligence (AI) complimenting the traditional engines for detecting targeted malwares. Intelligent sharing is key across endpoint, to share the threat data across enterprise, making the solution smarter and faster
18 | June 2018
overtime. Securing fixed machines while listing solutions is also highly recommended. With Big Data comes big security concerns. How can enterprises safeguard data integrity? Data Integrity will always be a critical part of data management. We have a field term Garbage In = Garbage Out. Therefore, data Integrity should be enforced at the source to the greatest extent possible, to avoid unnecessary work at the end. How can enterprises identify the security gaps and take remedial actions? Knowing your organisation is the key in identifying the gaps. Pushing the logs and vulnerability information to a correlation engine will give indicators of abnormal activity. Having this data mapped against threat intelligence feeds will enrich the information. A threat hunter, with an AI tool to assist, can identify the gaps and issues faster to take proactive measures of security. There are various ways, but the key is to have the processes in place to have them running continuously. With consumers connected 24/7 through smartphones, how can identity and privacy protection be ensured? Mobile threat is on the rise. McAfee Labs detected over 16 million mobile
Vibin Shaju Director, Pre-Sales McAfee
malware infestations in the third quarter of 2017 alone, nearly double the number we saw a year earlier. Being aware of the apps to use and the permissions to be granted is the place to start. Vendors like McAfee provide consumer mobile protection solutions that assist users to take the right decision and protect from mobile malwares that can potentially compromise the devices. While connecting these devices to the enterprises, it is key that proper checks be enforced before granting permission to the critical network; and keeping business data separate from personal data. How will GDPR impact cyber security and data privacy/integrity? The EU GDPR marks a turning point in the policymaking arena due to one fundamental premise. Under the GDPR, individuals have the right to privacy and to control what happens to their data. This means all personally identifying information (PII), that a company uses, is now under the control of the individual and companies must comply with all requests and permissions regarding an individual’s PII. It is quite clear that GDPR is touching the fundamentals of data handling, whether it is protection against unauthorised or unlawful processing and accidental loss, destruction or damage of data. GDPR reinstates the fact that cybersecurity is the business enabler.
Interview | DTS Solution
Empowering Employees for cyber security Organizations in the Middle East are prime targets of cyberattacks such as ransomware attacks. Shah H. Sheikh, Co-founder and Senior Cybersecurity Consultant & Advisor,DTS Solution, Shah H. Sheikh Co-founder and Senior Cybersecurity Consultant & Advisor, DTS Solution
tells The Integrator that the best way to protect against such attacks is to train the employees according to their unique roles and adopting ‘secure-by-design’ mentality
What are the most challenging security threats that enterprises are susceptible to? Organizations in the Middle East are prime targets for various reasons. Over the last year we have seen an increase in ransomware attacks, crypto-jacking and infecting corporate websites with cryptocurrency mining software, significant rise in targeted spear-phishing email campaigns targeting employees are a few of the threats we have observed specifically in the region. With rising virus, malware, and ransomware attacks, what can enterprises do to stay protected? Such threats are not easily preventable by technical solutions. So, they require cross development of comprehensive training programs to develop secureby-design mental thinking across all employees. Employees from different departments play unique roles within their
organizations. They deal with different entities and units; so, training programs should be catered towards individual departments as opposed to just basic blanket security awareness training. Security awareness which would address the human weakness needs also to be gamified to make the whole experience memorable as information security can be a dull subject. What is the ground report when it comes to cybersecurity preparedness of the enterprises in the Middle East? Many organizations are ill-prepared when it comes to incident response and cyber resilience. We encourage organizations to perform Simulated Targeted Attack and Response (STAR) on a frequent basis. We also promote organizations to conduct war-gaming activities across executive management, mid-management, and subordinate levels to ensure cyber resilience
is not only built at the technical level, but across the security ecosystem. Will GDPR drive greater data-privacy and efforts for enhanced cybersecurity? GDPR (EU) applicability in the Middle East is over-hyped. Many organizations still do not understand its applicability. As with all data security controls and governance framework, which by the way has been practiced for decades (various frameworks such as ISO27K1, PCI-DSS, NESA), does not need to be re-invented because of GDPR. Sensitive and confidential information and data related to corporate or personal information should be protected. Data classification, labelling, and data protection should be implemented regardless of GDPR. Yes, it introduces accountability and holds organizations liable if data is misused or breached, but this should be part of any organization’s strategy, in any case, regardless of GDPR. That is our take on it. June 2018 | 19
TechKnow | Sophos
Check and Mate With rising virus, malware, and ransomware attacks, how can enterprises ensure security of their physical and virtual (cloud) data centers? Modern threats require modern ways of protection. In addition to the traditional anti-virus, firewall, IPS and email/ web security, which cannot stop highly customized and targeted attacks any more reliably, new “next-gen” technologies have to be implemented. These next-gen technologies include exploit prevention, machine learning, and behaviour monitoring. There are various stacks that data travels through. How can enterprises ensure security for each stack? It is necessary to put as many layers of protection between the attacker and the workstation or server. On the gateway level the traditional AV, web security, web application firewall and IPS protection must be supplemented by sandboxing solutions (e.g. Sophos Sandstorm) with behaviour monitoring and machine learning. On the endpoint and server machines (either physical or virtual) the full set of features like machine learning, exploit prevention, and behaviour detection must be added to the traditional endpoint security. Sophos offers these next-gen endpoint protection functions in Sophos Intercept X (for workstations) and Intercept X for Servers. When an incident is detected, how do enterprises respond without compromising on server performance? It is imperative not to lose time when an incident is detected. If human interaction is necessary i.e. an administrator needs to be alarmed and needs to take manual action, a lot of damage can be caused until counter measures are taken. Modern security systems communicate with each other. They act as a system and react automatically when an incident is detected. For example, if an endpoint or server detects malicious behaviour
20 | June 2018
In a digitized work and data environment, endpoint protection has gained enormous significance. Michael Veit, Technology Evangelist, Sophos, tells The Integrator what enterprises can do to fortify defense of this important checkpoint and how GDPR will impact data integrity like ransomware or data theft, this is communicated to the firewall which automatically isolates this device from the internet and the internal network. The Sophos Synchronized Security concept lets all Sophos security solutions – on the endpoint and the gateway – to talk to each other, in order to identify hacker attacks and respond automatically. These next-gen features, while dramatically increasing the protection level, do not decrease server performance. On the contrary, machine learning, for example, is much faster the traditional AV scan and anti-exploit; and behaviour monitoring costs virtually no performance at all. What endpoint security measures can enterprises take to minimise security threats? All workstations and servers need to get next-gen endpoint protection mechanisms in addition to the existing endpoint security. The next-gen protection mechanisms include machine learning/ deep learning, exploit prevention, ransomware protection, behaviour monitoring, and anti-hacker technologies. In addition, Endpoint Detection and Response (EDR) capabilities need to be
Michael Veit Technology Evangelist Sophos
added, which collects and correlates security events from multiple sources like endpoints, servers, and firewalls. This allows modern threats and hacker activity to be detected, stopped, and analyzed. Sophos Intercept X on workstations and servers provides these next-gen protection mechanisms as well as root cause analysis to find out what happened during an incident, which processes, files and systems were affected – and how to prevent this in the future. What impact will GDPR have on cyber security and data privacy/integrity? GDPR will have two effects: First, cybercriminals will double their efforts to get hold of confidential information, especially personally identifiable information. They will use this stolen data to extort high ransoms from companies who failed to protect their data – by threatening to publish this fact to the public and to the regulatory authority. So, this will boost cybercrime industry and we will see even more sophisticated threats. For more insights from Michael Veit, Technology Evangelist, Sophos please visit www.varonline.com
Dell Accelerates Toward 2020 Legacy of Good Goals
D
ell Inc. released its annual 2020 Legacy of good update today, continuingthe company’s long-term commitment to society, team members and the environment. The report and corresponding activities are rooted in Dell’s acknowledgement of its responsibility to realize a sustainable and prosperous future. Dell’s purpose as a company is to drive human progress through technology. One of the waysthe company brings that to life is through itsLegacy of Good commitment –to put Dell technology and expertiseto work where they can do the most good for people and the planet. For Dell that means investing in innovation that reduces environmental impact, supports a transparent supply chain, ensures an inclusive future workforce and advances underserved communities.
Sustainable design and innovation Dell believes transitioning to a circular economyis critical to enable human progress in the future. The company’s deep supply chain expertise, design
strategy and global electronics recycling infrastructure puts the company in a unique position to advance a circular model. Dell has pioneered sustainable design innovationina multitude of areas, including: • Closed-loop recycling: In the reported period,Dell brought closed-loop plastics recycling to its enterprise portfolio in Europe, recycling more than 35,000 lbs. of plastic from e-waste into new enterprise products.Cumulatively, Dell has used 73 million pounds of recycled material in new productssince 2013, keeping the company on track to meet 2020 goal of 100 million pounds. • Gold reclamation: At the same time, Dell closed the loop on gold, upcycling used gold from e-wasteinto new motherboards in the Dell Latitude 5285 2-in-1 and into a jewelry line, The Circular Collection, in partnership with Bayou with Love, founded by Nikki Reed. • Global e-wastetracking: This year, Dell is piloting the use of global
tracking technology to monitor the responsible recycling of used electronics. In addition to piloting its own electronic tracking program, Dell has partnered with Basel Action Network to deploy trackers across Dell’s consumer takeback programs. Results will be reported in approximately 12 months following the pilot period. • Intercepting ocean-bound plastics: Dell’s XPS 13 2-in-1 laptop ships in packaging made with recovered ocean-bound plastics. The packaging, which received a Best of Innovation Award at CES, will begin shipping on the broader XPS line and commercial product portfolio later this year. To scale the work, Dell in partnership with the Lonely Whale created NextWave, a consortium of companies dedicated to scaling use cases for ocean-bound plastic materials in manufacturing while creating economic and social benefits for stakeholders. NextWave hopes to divert 3 million pounds of plastics over five years, the equivalent of keeping 66 million water bottles from washing out to sea. June 2018 | 21
News In Detail
Bill Lucchini Senior Vice President, GM Sophos
S
ophos has announced the availability of Sophos Email Advanced, an email protection solution boosted by artificial intelligence and deep learning. It offers predictive security with active threat protection (ATP), anti-phishing email authentication, and outbound scanning and policy support. According to Sophos Labs research, 75 percent of malware in an organization constitutes zero-day attacks. To combat such attacks, deep learning neural network integrated into the Sophos Email sandboxing technology can help organizations identify never-before-seen malicious files sent in email. Email continues to be a primary attack vector for cybercriminals to launch a spear-phishing, localized or ‘spray
22 | June 2018
With deep learning,Sophos Email Advanced makes email security smarter
and pray’ campaign. Email is also the primary method for cyber-attackers to spread ransomware. According to Sophos, approximately 80 percent of the emails categorized as spam are found to have a malicious payload. Sophos Email Advanced includes CryptoGuard technology in the sandbox thathelps stop ransomware before reaching an employee’s inbox. Another defence against ransomware and phishing attacks is Time-of-Click protection, which scans the URL at the time of click, preventing stealthy and delayed attacks. Outbound scanning and multiple policy support can prevent a compromised organization from unintentionally forwarding malware or sending spam out to customers
or partners, reducing the community impact of an attack and protecting an organization’s reputation. Bill Lucchini, senior vice president and general manager, Messaging Security Group at Sophos, says “IT needs smarter, predictive security to detect and stop today’s threats. Sophos Central cloud-based management of Sophos Email Advanced can deliver the highest levels of protection to secure any email platform, allowing every user to trust their inbox again.” Sophos secure email gateways can be deployed as an on-premise appliance or within the latest version of the Sophos XG Firewall and are available through Sophos Central cloud-based management platform.
Gemalto launches virtualized network encryption platform
Todd Moore Senior Vice President, Encryption Products Gemalto
G
emalto has launched SafeNet Virtual Encryptor CV1000, a new virtual network encryption platform that will allows organizations to simplify management and deployment in encrypting traffic across all network layers at a lower cost of ownership. With the launch of the platform, Gemalto can address the rapidly changing data security needs of organizations worldwide. Enterprises and service providers use network functions virtualization (NFV) and software-defined networking (SDN) technologies to design, deploy and manage their networks and cloud-based services. While these software-based technologies give organizations cost and operational benefits, they also present additional security challenges for protecting sensitive data that runs across these networks.
The SafeNet Virtual Encryptor CV1000 is a hardened virtual security appliance designed to secure data in motion across both software-defined wide area networks (SDWAN) and traditional networks. The SafeNet Virtual Encryptor CV1000 is developed by Gemalto’s high speed encryption partner, Senetas, and can encrypt data in motion at data-rates up to 5 Gbps. SafeNet High Speed Encryptors offer Transport Independent Mode, which enables organizations to encrypt data across mixed high-speed WAN links (Layers 2, 3 and 4), providing them with the best performance and secure encryption, regardless of the network layer. This feature is currently available for the SafeNet Virtual Encryptor CV1000 and will be available for the hardware-based SafeNet High Speed Encryptors later this year.
“Gemalto’s launch of a virtualized network encryption platform redefines network data security by providing the crypto-agility required to ensure sensitive data and transmissions remain secure, regardless of network design,” says Todd Moore, senior vice president of Encryption Products at Gemalto. Key features and benefits of the SafeNet Virtual Encryptor CV1000 include: • Virtualized network functionality • Reduced cost of ownership • Rapid deployment and • Crypto-agile encryption across all network layers • Combined encryption key management
June 2018 | 23
News In Detail
Paladion’s AI-driven MDR services announced P
aladion has announced its fully integrated AI-driven Managed Detection and Response services at Gartner Security & Risk Management Summit 2018. The new-generation, high-speed cyber defense, using Paladion’s AI.saac platform,will allow security experts to defend against the increasing volume and diversity of cyber threats through faster, more accurate, more effective threat anticipation, security analytics, and response actions. The AI-driven MDR services use Paladion’s patent-pending AI platform AI.saac and its global team of over a thousand human security experts to ensure cyber defense for customers across their entire IT stacks. The unified
24 | June 2018
application of AI on all data provides greater protection against blended threats that older silo-oriented approaches cannot offer. “Traditional SIEM-based security monitoring cannot analyze the big data of modern cyber-attacks fast enough. It also misses the big picture, by failing to detect complex, targeted, or unknown attacks,” said CEO, Paladion, Rajat Mohanty. According to Paladion, AI.saac offers the first fully integrated platform to support “left-of-hack-to-right-of-hack” cyber defense services. Services of threat anticipation, threat hunting, and security monitoring have been enhanced. So, too are incident analysis, incident response, and breach management (after possible compromise or “right-of-hack”). The
Rajat Mohanty CEO Paladion
AI.saac platform allows high-speed detection by deploying techniques that include supervised, unsupervised, and deep learning, as well as natural language processing (NLP). Actions that previously took hours, days or even weeks before, will likely be accomplished in minutes or less. AI.saac has the capability to sift through billions of terabytes at speeds greater than other security platforms. Paladion’s global security operations centers (SOCs) leverage AI.saac to detect, understand, and eliminate threats, repulsing attackers before they can turn breaches into catastrophes. With appropriate customer authorization, AI.saac can also allow automation of response to known threats for near real-time network protection.
Insight | ManageEngine
ManageEngine unveils end-to-end IT operations management for hybrid environments
M
anageEngine has announced addition of storage monitoring capabilities to OpManager, its unified IT monitoring software to provide endto-end IT operations management for hybrid environments. Combined with Applications Manager – company’s application performance software, OpManagercan offer end-to-end visibility allowing network administrators to monitor performance of their entire IT operations from a single console. ManageEngine has also added maps of performance data from both OpManager and Applications Manager to provide a complete, unified picture of an enterprise’s entire IT infrastructure.
Hybrid IT adoption and challenges Owing to flexibility at reduced costs, more businesses are moving their legacy applications — non-critical or datasensitive parts of IT infrastructure— to the cloud.However, despite Gartner’s estimates of worldwide public cloud revenue growing 21.4 percent in 2018, many companies prefer keeping their business-critical services on-premises to comply with data security regulations more readily. In such a hybrid IT environment, businesses face complex management demands such as data silos and increased time taken to troubleshoot and find the root cause of an issue.
Addressing the challenges Integration of OpManager with Applications Manager bridges the gap between on-premises and cloud infrastructure, allowing monitoringof
26 | June 2018
Mathivanan Venkatachalam Vice President ManageEngine
networks, servers, storage, and onpremises and cloud applications. Network administrators can monitor over 1,000 device vendors, over 100 applications, and both on-premises and cloud IT environments, from a single console. This reduces the complexity of monitoring siloed data, allows IT teams to visualize the performance of hybrid IT environment, and act immediately when an issue arises, reducing the to identify and troubleshoot
the root cause of an issue. Mathivanan Venkatachalam, vice president at ManageEngine says, “Our end-to-end monitoring lets you detect outages anywhere in your interdependent IT network, both on-premises and in the cloud. By providing a proper visualization of network infrastructure and connected applications, we help you locate faults faster.”
Insight | Mimecast
Mimecast and Vanson Bourne Research Reveals 53% Predict Their Organization Will Suffer from an Email-borne Attack in 2018
Ed Jennings Chief Operating Officer Mimecast
M
imecast Limited a leading email and data security company, has announced enhancements to its Targeted Threat Protection services - Impersonation Protect, URL Protect, and Internal Email Protect – engineered to combat and remediate the evolving threat landscape. New features include supply chain impersonation protection, similar domain detection, the integration of new automated intelligence feeds, as well as the introduction of automated threat remediation capabilities.
New research from Mimecast and Vanson Bourne revealed that organizations are not only facing a variety of different threats, but the volume and frequency of these attacks continue their upward trajectory. In fact, 53 percent expect a negative business impact from these email-borne threats in 2018. Impersonation attacks commonly use social engineering, and are designed to trick users such as finance managers, executive assistants, and HR representatives into making wire transfers or providing
information which can be monetized by cybercriminals. Normally, these attacks target people from within the same company; however, attackers have started to impersonate senders from so called trusted third parties that the target company does business with regularly. New Mimecast and Vanson Bourne research found that 40 percent of the 800 IT-decision makers who responded said they saw an increase of these types of attacks over the past 12 months. Impersonation Protect, from Mimecast, will offer supply chain impersonation protection to guard companies against similar or lookalike 3rd party email domains, helping to stop these attacks before they could cause any issue. Attackers are now using non-western character sets to display letters that look identical to the naked eye, such as the Cyrillic in comparison to the Western “a”. This tactic helps to mask the true destination of a link. Mimecast has incorporated new capabilities within Impersonation Protect and URL Protect that are designed to use new algorithms to protect internal users from similar or lookalike domains. New real-time data feeds have also been added to Impersonation Protect engineered to better identify newly observed and registered domains to further enhance Mimecast’s ability to detect security threats. Additionally, using Mimecast’s global threat intelligence network, Internal Email Protect can help customers more quickly remediate security threats that originate from any email account inside or outside the organization. Internal Email Protect will constantly monitor and re-check the status of all file attachment “fingerprints” globally. If the security posture of a delivered file changes, the service is designed to quickly alert and update administrators, automatically or manually remediate attachment-based malware and will log incident actions. June 2018 | 27
TechKnow | Tekla
Tekla Structures BIM Software Used to Construct 2018 World Cup Stadiums E
ight of the twelve stadiums that will host the 2018 World Cup in Russia
have been constructed using Trimble's Tekla Structures software. They are now ready to welcome football fans in Moscow, Saint Petersburg, Saransk, Volgograd, Nizhny Novgorod, Samara, Sochi, and Kazan. Tekla Structures is a Building Information Modeling (BIM) tool, which allows the designers, contractors, and construction organizations behind the stadiums to complete high quality work. Each stadium constructed for the World Cup has its own unique, spectacular structural details.
almost. By using Tekla Structures, they
to streamline their workflow and ensure
were able to identify potential collisions
productive communication among
up to 45,000 spectators during the 2018
and avoid unnecessary work at the
different divisions.
World Cup. Thick-walled pipes were
construction site, resulting in quick
used in the construction, which made it
compliance with FIFA requirements.
four matches and seat 45 000 people,
possible to reduce metal consumption
According to Kurganstalmost, the use of
features a unique cable-stayed roof and
by 1.3% as a result, the roof weighs a
BIM technology was critical, especially
openwork wicker-themed façade. The
relatively lightweight 8 500 tons. With
given the tight schedule.
stadium’s technical complexity made it
Moscow’s Spartak Stadium will seat
Volgograd Arena, which will host
necessary for supply and construction to
Tekla’s 3D model files working together
The oval-shaped Mordovia Arena,
with automated production, the project
located in Saransk, will host four matches
work closely to ensure optimal accuracy in
flowed smoothly from the drawing phase
and seat up to 44,000 spectators. The
both manufacturing and assembly. In order
to the manufacture phase.
base of the stadium is composed of 88
to manage such a difficult task, the right
interlinking consoles 40 meters high with
technical equipment was needed. Tekla’s
by architect Kisho Kurokawa, will seat
a span of 49 meters. Belenergomash,
BIM technology integrated all available
67 000 spectators while hosting seven
Mordovia Arena’s steel fabricator,
information about the facility’s construction
World Cup 2018 matches. The stadium’s
also produced complex 60-meter
into one information-packed 3D model.
structural features include a roll-out
metal structures with an accuracy of
Data could be transferred straight from
field and 286-meter-wide retractable
up to 10 mm, and a large number of
the model to machine, allowing more
roof. After ten years of construction,
welded joints. With BIM technology,
flexibility and more accuracy, as well as
the project was taken over by Kurganst
Belenergomash’s specialists were able
significantly reducing production times.
Saint Petersburg Stadium, designed
28 | June 2018
TechKnow | SonicWall
Bill Conner President & CEO SonicWall
SecureFirst MSSP program introduced for SonicWall partners
S
onicWall’s new managed security service provider (MSSP) programwill help partners fill their customers’ widening security skills gap by building and scaling their managed security services to deliver optimal security outcomes. “The swift rise and sophistication of data breaches and network threats is forcing well-intentioned organizations to outsource network and data protection to MSSPs,” said SonicWall Senior Vice President and Chief Revenue Officer Steve Pataky. “This opens many opportunities for SecureFirst Partners to deliver or resell expert 24/7 managed security services,” he added. The new MSSP program is available
to SecureFirst Silver, Gold or Platinum Partners and allows them to deliver the best value, security and service to end customers. It includes options for monthly billing through Security-as-a-Service pricing model, multi-tenant capabilities, and goto-market branding opportunities. The program will use threat intelligence data from SonicWall Capture Labs to empower partners with the critical threat visibility and offer ongoing and proactive protection to the customers. “The absence of an in-house security team often compels some enterprises and SMBs to outsource their entire security program to a capable MSSP,” said SonicWall President and CEO Bill Conner. “It is all
about managing and reducing risksand responding fast to security events — that’s where many of our partners truly excel.” The SecureFirst MSSP program will equip partners with managed services “blueprints” that provide the training, tools, and support required to deliver a range of managed service offerings based on SonicWall solutions. The program will also expand opportunities for SecureFirst Partners that do not presently offer managed security services and have traditional value-added reseller (VAR) business model. Such partners can resell pre-defined managed service options through a select group of SecureFirst MSSP Partners. June 2018 | 29
TechKnow | VMware
VMware Delivers Next-Generation Network Functions Virtualization Platform for 5G and Multi-Cloud Telco Networks
Shekar Ayyar Executive Vice President and General Manager Telco NFV Group, VMware
V
Mware, Inc. announced VMware vCloud NFV-OpenStack Edition 3.0, the next generation of the company’s production-proven network functions virtualization (NFV) platform for communications service providers (CSPs). With this new version of vCloud NFV-OpenStack Edition, which will include VMware Integrated OpenStackCarrier Edition 5.0, VMware will be able to deliver breakthrough improvements in network performance, new carriergrade networking capabilities, and intent-based service assurance to help improve the total economics of software-defined, open standards-based 5G and multi-cloud telco networks. “VMware’s NFV solution is deployed in more than 50 CSPs globally supporting a wide variety of use cases and more than 300 million mobile subscribers. And with the imminent arrival of 5G, a new approach to the telco network and cloud is required to solve for the hyper distribution of
30 | June 2018
virtual network functions, applications and data,” said Shekar Ayyar, executive vice president and general manager, Telco NFV Group, VMware. “With VMware vCloud NFV-OpenStack 3.0, service providers will be able to build software-defined, programmable, highly-distributed Telco Distributed Clouds based on open standards to deliver new advanced services to consumers, and quality-of-service-based network slices to serve the application needs for a wide variety of industries.” VMware vCloud NFV delivers a 5G-ready NFV infrastructure (NFVI) platform, tuned to support rapid rollout of next-generation services with low latency and high network throughput, and support for a massively distributed set of end points and devices. VMware vCloud NFV enables CSPs to create an end-to-end software-based network architecture to deliver consistent, pervasive connectivity and intrinsic
security to applications and virtual network functions wherever they are located, at global scale from core to cloud to edge, and independent of underlying physical infrastructure or location. “A highly performant and reliable NFV platform is key to unlocking the cloud efficiencies that NFV promised,” said Caroline Chappell, Research Director and lead analyst for Analysys Mason’s Software-Controlled Networking research program. “It’s important that operators gain the benefits of a carrier-grade and scalable NFVI without sacrificing support for open industry standards and the ability to execute virtual network functions from multiple vendors. As operators begin to scale commercial NFV deployments, they will need robust platform features and the potential in future to run the same NFVI in multiple clouds.”
Ready for Mass Production PANORAMIC IP CAMERAS
Superior Stitching
Natural Color-tuning
Real-time algorithm instead of static scene stitching
Exposure technology eliminates light differences
Seamless Situational Awareness
Immersive View Experience
Coherent panoramic view gives you the full picture
Ultra High Definition Image
Put yourself inside the scene
360
Up to 96 MP resolution
Vandal-proof
WDR
Achieve 180/360 degree field of view
Ultra Low-light
Rugged and can withstand high impact force and shock
Super
No Blind Spots
Detailed colour images at very low lux
Super WDR
130 dB wide dynamic range allowing a clear image regardless of back light or high contrast situations
www.camscan.ca
Everybody.
Everywhere.
Every day.
Ordinary days require extraordinary protection.
genetec.com
Find out more about the software behind the everyday at genetec.com/protectingeveryday
Š 2017 Genetec Inc. GENETEC and the GENETEC LOGO are trademarks of Genetec Inc., and may be registered or pending registration in several jurisdictions.