Intelligent CISO Issue 57 - Page 49

The Middle East and Africa ( MEA ) region was ranked fourth worldwide for the most ransomware attacks . www . intelligentciso . com

C

CSOs , CIOs and CISOs have never had it so tough . Alongside their traditional responsibilities , they must now face a cybersecurity threat environment that is growing exponentially , as well as a growing cyberskills gap . As a result , many of them are reporting burnout .
Today , ransomware has become one of the greatest network security threats organisations have had to deal with . Increasingly sophisticated and distributed at a high speed via the Internet and private networks using military-grade encryption , today ’ s ransomware attacks demand multimillion-dollar ransoms . As per the findings of the 2022 IBM Security X-Force Threat Intelligence Index , the Middle East and Africa ( MEA ) region was ranked fourth worldwide for the most ransomware attacks . According to a report by Group-IB , between Q1 2021 and Q1 2022 , the data belonging to 147 companies from the MEA region was uploaded on ransomware dedicated leak sites ( DLS ). And this is only one of the many threats targeting organisations .
There are also Distributed Denial of Service ( DDoS ) attacks , Man in the Middle ( MitM ) attacks , social engineering , insider threats , malware and advanced persistent threats ( APTs ) to contend with – and those are just the most common network security threats .
Here are four strategies to make cybersecurity professionals ’ organisations safer from the countless network security threats they ’ ll be facing in the near future :
1 . Create a ‘ security-first ’ culture
FEATURE
four in 10 respondents said insider threat programs were a high priority .
Organisations must look to create a robust and distributed digital immune system with a radical re-engineering of staff behaviour . Business leaders need to have accountability for cybersecurity ; security teams need to collaborate with business leaders to create and implement policies that will actually work and those policies need to be routinely re-evaluated and tested .
2 . Create a continuous security education programme
A ‘ security-first ’ culture requires that all members of the culture appreciate the concept of network security threats . For this to actually have an impact on culture , however , staff must be trained routinely to ensure their knowledge is current .
3 . Implement a Zero Trust model throughout the business
Well-trained staff and a monitored environment are crucial to the successful protection of any organisation but without a foundational Zero Trust environment , defences will be intrinsically weak .
The Zero Trust model is a strategy for preventing network security threats that all enterprises and governments should be using to defend their networks . It consists of four components :
• Network traffic control : Engineering networks to have micro-segments and micro-perimeters ensures that network traffic flow is restricted and
Adrian Taylor , Regional VP of Sales at A10 Networks
The problem for CSOs is that , while most employees have some basic knowledge of cybersecurity best practices , that is pretty much all they have . Without ongoing training , knowledge testing and awareness , staff behaviour is one of the biggest cybersecurity risks that organisations face .
A study by Accenture revealed that less than half of new employees receive cybersecurity training and regular updates throughout their career . Just

The Middle East and Africa ( MEA ) region was ranked fourth worldwide for the most ransomware attacks . www . intelligentciso . com

49