ENTERPRISE TECHNOLOGY
Scott Manson, Cybersecurity Lead – Middle
East and Africa, Cisco.
to the cloud. Cloud-based services are
making our lives easier, but new security
risks for large enterprises, which present
a complex challenge for channel partners,
need to be addressed. When it comes to the
Internet of Things (IoT), we’re only seeing
the tip of the iceberg for security breaches.
With devices connecting at a spectacular
rate – often with security as an afterthought
– it’s only a matter of time before we start
to see significant IoT breaches. These
breaches can cause service disruptions and/
or serve as an entry point to take down the
entire ecosystem. Heated IoT topics have
been vulnerabilities in smart cars, smart
houses and even medical devices. Channel
partners need to help their customers
protect data and applications in the cloud,
and yet the security requirements in the
cloud are often dynamic, very complex and
require a level of integration that is difficult
for channel partners to do on their own.
Partnering with strategic security experts
with an integrated platform will become
key for channel partners to be successful.
Partnering with
strategic security
experts with
an integrated
platform will
become key for
channel partners to
be successful.
Scott Manson, Cybersecurity Lead
– Middle East and Africa, Cisco
Cybercriminals, likely in response to
the shifts in the exploit kit marketplace,
have been turning to (or back to) email to
deliver ransomware and other malware
quickly and cost-effectively. They are
also getting creative with their methods
to evade detection. For example, Cisco
threat researchers have observed growth
in spam containing macro-laden malicious
documents, including Word documents,
Excel files and PDFs, which can defeat many
sandboxing technologies by requiring user
interaction to infect systems and deliver
payloads. There is little doubt we will see a
resurgence in the exploit kit market, given
that crimeware is an industry worth billions.
A fragmented and multiproduct security
approach hinders an organisation’s ability
to manage threats. It also exponentially
increases the number of security triggers
that resource-strapped security teams
must review. When security teams can
consolidate the number of vendors used
– and adopt an open, integrated and
simplified approach to security – they can
reduce their exposure to threats.
The days of concentrating only
on preventing security incidents are
behind us. Going forward, your security
programme needs to include monitoring/
detecting security threats as well as having
a strong incident response plan in place.
threat landscapes we are seeing today. Many
of these security trends fall under network
security, which can be divided into three
fundamental security aspects:
1. Infrastructure protection: Modern
networks are increasingly made up
of mixed physical, virtual and cloud
components distributed across
geographies. As your clients’ networks
grow more diverse, it can become
extremely difficult for them to confirm
the security of all assets. For example,
clients may not even know when new
devices or virtual machines join the
network, much less whether they are
compliant or contain vulnerabilities.
This lack of visibility greatly increases
risks for your clients’ businesses.
2. Malware mitigation and data leakage
mitigation: More than 90% of malware
uses DNS at various stages of the cyber
kill chain to penetrate the network,
infect devices, propagate laterally
and exfiltrate data. According to
INFOBLOX
Mohammad Jamal Tabbara,
Senior Systems Engineer – UAE
at Infoblox
Today there is no doubt that cybersecurity
is one of the hottest topics in the realm
of Information Technology. With almost
every new technology trend there is a new
form of cybersecurity that evolves with it.
With the advent of relatively new
technology initiatives we are seeing today,
such as IoT, NGDC (Next Generation
Data Centre), cloud adoption, whether
it’s public/private/hybrid; the digital
economy, IT compliance, BYOD and
shadow IT among others, cybersecurity
has to address all of these trends.
With that, security trends such as IoT
security, cloud security, NGDC security for
SDN & NFV, CBSA (Cloud-based Services
and Applications) and so on are becoming
key for the channel business; alongside
both new and traditional cyber mitigation
solutions for the unprecedented and existing
Mohammad Jamal Tabbara, Senior Systems
Engineer – UAE at Infoblox.
recent surveys, 46% of respondents
experienced DNS-based data
exfiltration and 45% experienced DNS
tunnelling. Malware and data theft are
pervasive, largely because conventional
cybersecurity solutions are not designed
to protect DNS.
3. Threat containment and operations:
If your clients’ organisations are like
most, you need to be aware that these
common operational gaps are hindering
their threat containment efforts:
Siloed threat intelligence. Today’s
security teams rely on threat
information from disconnected, often
conflicting sources. This results in
higher false positive rates, increased
costs, reduced effectiveness and
17