?
JEFF OGDEN,
GENERAL
MANAGER –
MIDDLE EAST,
MIMECAST
T
he World
Economic Forum
recently placed
cybersecurity as
the UAE’s biggest
risk for doing
business. As we
look towards 2019 and plan for the next
12 months, I believe this will remain true
and only become more of a concern.
CISOs need to be aware of the risks and
prepared for what’s in store.
The most insidious development in the
new year won’t be new attack types but
rather improved execution of existing
attack types through better social
engineering, more advanced phishing
attacks, increases in credential stuffing
attacks and more complicated malware
with multiple stages and different form
factors for transmission, making it
incredibly tricky to detect.
Phishing techniques like the use of
homoglyphs, elongated URLs, the use of
legitimate certifications (green lock) and
www.intelligentciso.com
|
Issue 09
credential harvesting sites will increase.
Flawless phishes will continue to prey on
the gap in human firewalls, intensifying
efforts to better educate all staff.
Cybersecurity awareness training,
which according to a global Mimecast
and Vanson Bourne study is only
continuously conducted by 11% of
global organisations, will need to receive
renewed attention as organisations
bolster the capabilities of their first line
of defence: their employees.
Cybercriminals will also shift focus to
countries and industry verticals that
lag in their adoption of more advanced
cyberdefences. More industrialised
countries are investing heavily in
cybersecurity, making them less
attractive to cybercriminals because they
are no longer easy targets.
Companies in particularly the Middle
East and Africa often assume their
security is sufficient without realising
that the threat landscape is drastically
shifting. This makes them easy targets
for cybercriminals who tend to follow the
path of least resistance. Attackers will
also continue to shift their attention away
from larger organisations to small and
medium businesses.
editor’s question
As a result, every security specialist,
no matter what the size of their
organisation, what country they operate
in or what vertical their business falls
into, will need to rethink their approach
to cybersecurity and implement a cyber-
resilience strategy.
Firstly, it’s important to have advanced
security in place. This involves ensuring
you have adequate threat protection
with a multi-layered inspection system
that is effective against both widely
used commodity attacks, as well as
customised and highly targeted attacks.
Insider threats are also on the rise, so
internal protection will need to be part of
any security strategy.
Next, organisations need to move and
adapt quickly to stay ahead of the
latest attacks. This will mean having
access to threat intelligence and the
right security staffing resources to
analyse threat data and deploy the
right technologies. Delivering inline
user education to help employees be
more aware and guarded is another
important part of being adaptable.
But what happens in the event of a
successful attack? As mentioned,
cybercriminals are becoming so
sophisticated and their techniques are
so advanced that a defence-only security
strategy alone is not going to protect
against the level and volume of attacks.
Email may be forced offline by a
cyberattack, or purposely by IT to
contain a threat.
Either way, disruption to email flow can
directly impact business operations
and limit the ability to communicate. All
organisations should strongly consider a
continuity solution that allows employees
to continue with business as usual.
CISOs should also ensure that data is
protected and accessible for users. In
the event of a cyberattack it’s important
to be able to recover all data and other
corporate IP after the incident.
29