cyber trends
Some of the
countries in the Gulf
area tend to hire
local or national
resources to keep
the confidentiality
of the data.
In reality we still need third-party
agencies to help identify these attacks
and notify organisations. But we hope
that this should decrease as much as
possible so we reach a point where we
don’t need a third-party agency any
more to notify other organisations about
data breaches.
This is because if they are notified by a
third-party agency this means they are
already exposed which means it’s too
late. So I don’t think organisations should
take comfort if they are notified by a third-
party agency that their data is exposed.
The report mentions nation state
threat actors. In recent years
how have they become more
aggressive and persistent?
Should organisations take
comfort from the fact that there
are third-party organisations
detecting data breaches?
Countries across the globe have
started to establish entities owned by
the government to look after national
cybersecurity. These are what we call
the external or third-party agencies
or entities. In the past year we have
noticed countries in the Middle East,
or more specifically in the GCC, have
built an entity to manage the national
www.intelligentciso.com
|
Issue 14
cybersecurity strategy and they
managed to create many restrictions
especially for government organisations
or organisations that will have an
impact on national productivity or
national security.
This is good. I feel that this has given
comfort to organisations to see that each
government can give guidelines in how
to tackle the shift in the sophistication of
cyberattacks. But if you look to me as a
cyber-specialist I don’t think this is really
something we should take comfort from.
In 2018 we saw more attacks that were
made public and attributed to nation
states like the Iranian group that is
believed to be linked to the Iranian
government or the Chinese group that
we believe is linked to the Chinese
government. Such groups have managed
to secure huge funds in terms of money
and logistics from governments that help
them to upscale their skills. This has
helped the groups to specialise and go
after certain targets so they can have a
focus on different industries.
We heard about the attacks on the
aviation sector, the attacks on the
banks, and other attacks that went after
specific needs either to effect a certain
deal that might happen or effect the
19