EXPERT OPINION
The CISO in 2021 : Coping with the not-so-calm after the storm
New research has revealed that the majority of Middle Eastern countries , especially those in the GCC , are a hot target for cyberattacks . Keith Bird , Senior Vice President , EMEA , Proofpoint , sheds light on understanding who in an organisation is now most vulnerable to attack and how to build a secure defence for a brighter future .
Keith Bird , Senior Vice President , EMEA , Proofpoint n the aftermath of
I the global pandemic , CISOs in the UAE and around the world are faced with supporting remote environments in the long term , in addition to hybrid environments , all the while deterring ever-more sophisticated cybercriminals emboldened by a year of disruption and uncertainty . The result is a broad and varied threat landscape , with numerous attack methods focused on users in relatively new working conditions across a much larger attack surface . It ’ s little wonder that CISOs around the world are feeling the pressure .
In the UAE , over two-thirds feel at risk of suffering a material cyberattack within the next 12 months . Furthermore , 71 % of CISOs in the UAE are more concerned about the repercussions of a cyberattack in 2021 than they were in 2020 , the highest percentage across the 14 global countries surveyed by Proofpoint . Even more concerning is that , despite knowing the risk , most CISOs feel unprepared . Over two-thirds of CISOs in the UAE do not think their organisation could cope with a cyberattack .
As we move on from the pandemic , we need to understand who in our organisation is now most vulnerable to attack , the types of attack they are likely to face – and how everyone , from the CISO to the HR team , has a part to play in keeping those attacks at bay .
Facing threats , old and new
Modern organisations face an array of potential threats and cybercriminals continue to embrace them all , old and new . Of the attacks causing concern for CISOs in the UAE right now are insider threats ( 29 %), phishing ( 28 %), Business Email Compromise ( 25 %), supply chain attacks and ransomware ( 22 % each ). There is no one-size-fits-all defence against such a varied threat landscape . While some tools and technical controls may protect against more than one style of attack , that is just one facet of effective cyber defence .
A modern cyber strategy must have security awareness training at its heart . And , for maximum impact , this training needs to be tailored and adaptive – not just to certain threats but also to the users who are on the frontline . A lack of understanding about your most vulnerable users and the types of attacks they are likely to face makes www . intelligentciso . com
41