ISSUE 48 | APRIL 2020 WWW.TAHAWULTECH.COM

RAQMIYAT AND SENTRYBAY: HOW TO ENSURE SECURITY WHILE WORKING REMOTELY

INTERVIEW: TECHNOLOGIES’ FREDY ISSA

SECURITY AT YOUR FINGERTIPS: KEEPING MOBILE THREATS BAY

THE NEW NORMAL Navigating cybersecurity and remote working in the time of COVID-19

CONTENTS

10

26 12 The new normal How the coronavirus pandemic is impacting cybersecurity and the future of work 32

MOVERS AND SHAKERS FUELLING SECURITY CYBERSECURITY TRENDS 8 The latest people movement 22 Industry experts discuss the 34 FOR 2020 in the regional security cybersecurity challenges that Kaspersky’s Amir Kanaan industry oil and gas professionals highlights the latest trends that should be aware of will impact the ever-evolving SECURITY AT YOUR cybersecurity space 18 FINGERTIPS ADVANCE GUARD As private cybersecurity are becoming 28 CONNECTED CARS, CLOUD organisations’ roles in increasingly vital in the way 38 AND CYBERSECURITY policing the cyber space we do business, how can AWS on why cloud is vital in grow, is there a need for organisations keep mobile enabling the secure and seamless increased regulatory control security threats at bay? deployment of autonomous cars for this sector?

EDITORIAL STAY SAFE, STAY SECURE In the recent weeks, the way we live, attacks have also increased exponentially as work, learn and connect have changed in threat actors try to exploit remote workers. In unprecedented ways owing to the coronavirus this month’s Security Advisor ME, we spoke (COVID-19) pandemic. With over 2 million to industry experts on how organisations can confirmed cases globally, COVID-19 presents address the cybersecurity challenges in the not only a tremendous public health time of COVID-19, many of which have noted predicament but also an economic crisis. network security and phishing attacks as the As cities shut down and people engage in biggest cyber threats today. For more on this, Talk to us: E-mail: social distancing as a response to curb the go to page 12. adelle.geronimo@ outbreak, many individuals and organisations For organisations operating with fully cpimediagroup.com are embracing technology to cope to what remote workforces, it is essential to take currently seems to be the new normal. measures to protect your employees by Adelle Geronimo As the pandemic continues to proliferate, keeping them aware on how they can secure Editor dependency on digital tools multiplies. However, their devices and home networks. It is also while organisations are busy devising new imperative to help them understand the methods to keep their businesses cyber risks and how they can afloat – making sure they are “JUST AS WE’RE avoid falling victims to phishing still running during and after the PRACTICING and malware attacks. As what’s lockdowns – many are likely to MEASURES TO been in reiterated in the past, EVENTS neglect cybersecurity. Unfortunately, PREVENT THE cybersecurity is everyone’s SPREAD OF THE cybercriminals are also taking CORONAVIRUS IN responsibility. Just as we’re advantage of the situation. In the THE REAL WORLD, practicing measures to prevent the past few weeks, there has been WE SHOULD ALSO spread of the coronavirus in the a significant rise in coronavirus- DO OUR BEST IN real world, we should also do our themed websites, with more than KEEPING THE BAD best in keeping the bad guys away 30,000 new domains registered. GUYS AWAY IN THE in the cyber world. The number of social engineering CYBER WORLD.” Stay safe everyone!

Published by FOUNDER, CPI MEDIA GROUP Dominic De Sousa (1959-2015)

Publishing Director EDITORIAL DESIGN DIGITAL SERVICES Registered at Natasha Pendleton Online Editor Senior Designer Web Developer Dubai Production City, DCCA [email protected] Adelle Geronimo Analou Balbero Jefferson de Joya PO Box 13700 +971 4 440 9139 [email protected] [email protected] Abbas Madh Dubai, UAE +971 4 440 9135 +971 4 440 9140 ADVERTISING Photographer Tel: +971 4 440 9100 Group Sales Director Contributing Editors Designer Charls Thomas Fax: +971 4 447 2409 Kausar Syed Daniel Bardsley Mhar Delaben Maksym Poriechkin [email protected] Mark Forker [email protected] Printed by +971 4 440 9130 Giorgia Guantario +971 4 440 9156 [email protected] Emirates Printing Press LLC, Dubai Sharon Saldanha +971 4 440 9100 Business Development Manager PRODUCTION © Copyright 2020 CPI Youssef Hariz Operations Manager All rights reserved [email protected] Cherylann D’Abreo +971 4 440 9111 [email protected] While the publishers have made +971 4 440 9107 every effort to ensure the accuracy Senior Sales Manager of all information in this magazine, Sabita Miranda they will not be held responsible for [email protected] any errors therein. +971 4 440 9128 NEWS OOREDOO ACCELERATES REMOVING ADMIN RIGHTS CAN HELP CYBERSECURITY IN MITIGATE VULNERABILITIES: OMAN WITH NEW DEAL STUDY

Ooredoo, the digital partner of choice past year, a record-high number of for businesses in Oman, has entered into 858 Microsoft vulnerabilities were a strategic partnership with the National discovered and the number of reported Security Services Group (NSSG) to deliver vulnerabilities has risen 64 percent in enhanced cybersecurity in the Sultanate. the last five years – from 2015-2019. The agreement, which was signed by It also revealed that removing admin Abdul Razzaq Al Balushi, CFO and NSSG rights from endpoints would mitigate Chief Executive Officer, Talal Al Zubair, will 77 percent of all Critical Microsoft facilitate the joint delivery of cybersecurity vulnerabilities in 2019. services and cybersecurity consultancy, The report also noted that 100 such as architecture security consultancy, percent of critical vulnerabilities in phishing tests and vulnerability Internet Explorer would have been assessments to businesses in Oman. mitigated by removing admin rights. It is the latest partnership to be MOREY HABER, BEYONDTRUST “The rate at which vulnerabilities added to Ooredoo’s growing B2B are increasing is a significant concern portfolio, which helps business of all BeyondTrust has released the seventh for organizations committed to kinds meet the increasing demands of edition of its Microsoft Vulnerabilities protecting their networks from data the digital environment. Report, which showed provides the breaches,” said Morey Haber, CTO Talal Al Zubair, NSSG Chief Executive latest annual breakdown into security and CISO, BeyondTrust. “Recent Officer at NSSG, said, “As the country works vulnerabilities facing organisations today. global events have highlighted the towards achieving its grand vision of 2040, The report also shows a five- critical need to continue to focus our vision in parallel strives to ensure this year trends analysis to better equip on information security. The ability journey remains safe and secure. We are organisations to increase their IT to remove admin rights and control pleased to be joining hands with Ooredoo security posture and keep networks applications is no longer difficult to as we seek to fortify the nation through and systems safe. achieve, and least privilege should security, awareness, and innovation for a Key findings of the report include always be considered as part of a resilient digital future for Oman.” statistics showing that during the proactive security strategy.”

DUBAI WARNS AGAINST HEIGHTENED RISKS OF CYBER-ATTACKS

“Firms in the DIFC firms are called to closely with all government agencies in register to use the DFSA Cyber Threat that respect. Intelligence Platform (TIP) and make use As the DIFC is a global hub for of the cyber threat information available financial services, the DFSA noted that it on TIP to enhance their cybersecurity,” is in close and regular contact with local the organisations said in a statement. and international supervisory bodies. The organisation has also highlighted “As we have learned from our work that it continues to closely assess and in cyber resilience, public/private address the implications of the evolving partnerships will provide the best path The Dubai Financial Services situation of Covid-19 crisis. for solutions to this issue. The measures Authority (DFSA) has called on According to the DFSA, it will take all are vital to ensuring that the UAE and financial institutions to stay vigilant necessary proactive and precautionary the DIFC, along with other markets as cyber-attacks, phishing attempts measures to help Dubai and the UAE around the globe, can recover when the and fraud increase amid the in their efforts to contain the spread current situation eventually passes,” coronavirus pandemic. of Covid-19 and will continue to work said DFSA.

6 APRIL 2020 www.tahawultech.com NEWS THOMA BRAVO COMPLETES $3.9 NEW HACKING GROUP BILLION ACQUISITION OF SOPHOS TARGETS INDUSTRIAL FIRMS: KASPERSKY Sophos has announced the completion of its acquisition by Thoma Bravo, a global KRIS HAGERMAN, SOPHOS private equity firm focused on the Kaspersky has recently uncovered a new and technology-enabled services sectors, hacking group that is currently targeting in a cash transaction that values Sophos at mission to deliver the world’s most effective organisations in the industrial sector. approximately $3.9 billion. next-generation cybersecurity technology,” The cybersecurity firm’s Global The acquisition offer was announced on said Kris Hagerman, CEO, Sophos. Research and Analysis Team (GReAT) 14th October 2019. “Our transition to become a fully next-gen team has noted that the group, which Under the terms of the agreement, cybersecurity leader continues to rapidly has been dubbed as WildPressure, Sophos stockholders receive $7.40, per progress. Last quarter, our next-gen product has launched a campaign to distribute share. The price per share represents a 168 portfolio represented over 60 percent of our Milum—a malicious Trojan that percent premium to its IPO share price in entire business, and grew 44 percent year- gains remote control of devices in June 2015. Stockholders voted to approve over-year. And very recently, we launched various organisations, including those the transaction on Dec. 3, 2019. With the our most significant network security representing the industrial sector. completion of the acquisition, Sophos’ technology ever, the Sophos XG Firewall with So far, the team was able to identify common stock has ceased trading on the Xstream architecture. With Thoma Bravo as several, almost identical samples of London Stock Exchange. a partner, we believe we can accelerate our the “Milum” Trojan that share no code “Sophos is excited to work with Thoma progress and get to the future even faster, similarities with any known malicious Bravo as we begin our next chapter of with dramatic benefits for our customers, campaigns. All possess solid capabilities growth and success, continuing in our our partners and our company as a whole.” for remote device management, meaning once a system is affected, an attacker can take control from anywhere. Kaspersky’s GReAT team first SANS OFFERS FREE KIT TO SECURE HOME WORKERS witnessed the spread of the “Milum” Trojan in August 2019. The analysis of the malware’s code showed that the first Coronavirus has caused organisations three samples were created in March around the world to transition their 2019. Based on available telemetry, workforce away from an office Kaspersky researchers believe most of environment to work from home. Yet, many the targets of this campaign are located in organisations lack the policies, resources the Middle East, and the campaign itself is or training to enable their people to do so still ongoing. securely. Unfortunately, much is still unclear In response, SANS Security Awareness, about this campaign, including the exact a division of the SANS Institute, has mechanism of how Milum is spread. created the “Securely Working from Home” Deployment Kit. This free kit provides security awareness professionals with a LANCE SPITZNER, SANS step-by-step guide on how to rapidly deploy a training programme for their remote and digital signage in multiple languages staff. All training materials and resources all bundled in a single package that we necessary to secure a remote, multi-lingual are providing as a free resource to all who 74% workforce are included in the kit. need it. We understand that this is a unique OF ALL PRIVILEGE ACCESS ANOMALY SANS Director of Security Awareness situation and we want to do everything we BEHAVIOUR DETECTIONS COME FROM Lance Spitzner said, “The training can to help the community secure their POTENTIALLY MALICIOUS PRIVILEGE ACCESS materials are a combination of both workforce during these uncertain times.” FROM AN UNKNOWN HOST our public resources and paid training For additional details on SANS Security SOURCE: VECTRA materials. This comprehensive kit includes Awareness training, visit: https://www.sans. videos, infographics, podcasts, newsletters org/security-awareness-training

www.tahawultech.com APRIL 2020 7 MOVERS AND SHAKERS FORCEPOINT TO SENTINELONE APPOINTS NEW CHANNEL CHIEF ACCELERATE CLOUD-FIRST TO DRIVE EMEA EXPANSION SECURITY STRATEGY WITH NEW CPO SentinelOne, the autonomous cybersecurity platform company, has appointed cyber industry veteran Roland Stritt as Senior Director of Channel for EMEA. As part of his new role, Stritt will be responsible for driving channel engagement across the EMEA region to deliver hyper NICO POPP growth and value for SentinelOne’s growing community of committed partners. The move comes in the wake of a string of positive ROLAND STRITT developments for the company, including Global cybersecurity leader $200 million in new Series E funding, the when a truly disruptive, unique and original Forcepoint today announced appointment of Daniel Kollberg as VP EMEA, technology comes along – this is exactly Nico Popp has joined the and the recent unveiling of the unique, AI- what SentinelOne represents and the company as Chief Product powered Singularity XDR platform. opportunities are very exciting,” said Stritt. Officer (CPO). In this newly- With two decades of experience in senior “The SentinelOne sales growth through created role, Popp will sales and partner management roles at 2019 and into 2020 has been remarkable, oversee the global execution cyber and infrastructure vendors including particularly in EMEA, and the timing is right and strategic evolution of Palo Alto Networks, Roland Stritt joins to introduce a focused partner programme Forcepoint’s behavioral-based SentinelOne from Rubrik where he was that recognises the expertise and cloud security platform. This will formerly Director of EMEA Channels: commitment that existing and new partners include leadership of all product “Being closely aligned to the cybersecurity bring to the table, and gives them all the development, management and market for over 20 years, you understand support they need to be successful.” innovation, such as Forcepoint X-Labs, at the company while also leading the strategic integration of the overall product INDUSTRY VETERAN CHRIS PETERSON JOINS CENTRIFY and customer experience to empower Forcepoint’s global Centrify, a provider of cloud-ready customers for success. Zero Trust Privilege to secure modern A cloud-technology veteran, enterprises, has announced the appointment Popp brings more than 15 years of Chris Peterson as Vice President of of cloud operations and product Worldwide Channels & Alliances. development experience to In this role, Peterson will accelerate Forcepoint. “The race to embrace Centrify’s rapidly-growing channel partner digital transformation has ecosystem and will be responsible for leading created enormous opportunities all aspects the company’s global channels for global enterprises today. and alliances, with an emphasis on partner However, with these significant alignment, demand creation, accelerated CHRIS PETERSON gains in digital innovation and customer conversion and success. business productivity comes “Our partners are essential to helping That starts with providing a choice of solutions an added layer of security customers understand best practices for least and deployment options to our customers, as complexity. This complexity can privilege solutions, and how to best secure and well as a best-in-class selection of channel only be addressed by moving manage their infrastructure as they go through partners, technology partners and global traditional security to the cloud. cloud transformations,” said Peterson. “I’m systems integrators to reach and positively Forcepoint is uniquely positioned excited to join the Centrify team and optimize our impact the enterprise and key vertical markets.” to capture this industry shift partner ecosystem so we can more effectively Peterson brings more than 30 years of towards security-as-a-service,” communicate the value of an Identity-Centric enterprise channel, sales, and marketing said Popp. approach to Privileged Access Management. experience to Centrify.

8 APRIL 2020 www.tahawultech.com RAQMIYAT ANNOUNCES KEY CHANGE IN LEADERSHIP

Raqmiyat’s board of directors has company to further expand its operations strategies with higher diversification announced the appointment of Saeed and business. and expansion. I also would take this Mohammad Al Ghurair as the company’s “There has been tremendous growth opportunity to thank Khreino for his new managing director. and prosperity across all business lines contribution and dedication to Raqmiyat The company’s CEO for four years during the past many years,” said Shaikha throughout the past many years and wish Amer Khreino will be stepping down on Al Ghurair, Vice Chairman and Group him best in his future endeavor.” 15th April 2020. Managing Director. “We are looking to “It has been an honour and privilege to Saeed was elected as a board member cement our position further to accelerate work with Raqmiyat, its board members to Raqmiyat since September 2018, since our growth across digital banking, and staff throughout the past many then, he was working closely with the business transformation and IT Managed years,” said Amer Khreino. CEO and his executive team on forming Services under the new leadership. Saeed “Today, Raqmiyat enjoys a highly talented the vision and strategy of Raqmiyat 2023. enjoys a diverse experience across many leadership dedicated to make customer The handover process has started industries, with strong leadership skills experience more exciting and rewarding. The in early January 2020, to ensure that will allow him continue our growth diversity of our offerings, the unique value smooth management transition. proposition and high technical excellence Saeed is expected to announce key remain key in retaining and expanding Shaikha Al Ghurair, Raqmiyat new appointments in the coming few our customer base. I wish my successor, weeks, yet no immediate changes Saeed Al Ghurair all the best in making new are expected on business structure, “WE ARE LOOKING successes and in taking Raqmiyat to new business offerings or GTM during TO CEMENT OUR heights. Besides, I would like to record my 2020. Khreino will continue working POSITION FURTHER appreciation and gratitude to my leadership closely with the board of directors and TO ACCELERATE OUR team and all other staff members who the designated MD, till the change GROWTH ACROSS DIGITAL were instrumental in transforming our management is completed. business, let alone being supportive at all The board of directors is committed to BANKING, BUSINESS times. Last but not least, I sincerely wish the growth and prosperity of Raqmiyat TRANSFORMATION AND IT our distinguished customers, vendors and and hope the new appointment will only MANAGED SERVICES UNDER communities all success, prosperity and cement our market position and allow the THE NEW LEADERSHIP.” above all safety, in such extraordinary times.”

www.tahawultech.com APRIL 2020 9 INTERVIEW

BUILDING A SECURE DIGITAL FUTURE FREDY ISSA, SENIOR MANAGER – SURVEILLANCE AND SECURITY SOLUTIONS – MERAT, DELL TECHNOLOGIES, DELVES INTO THE NEED FOR MODERN IT INFRASTRUCTURES IN ENSURING THE SUCCESS OF SMART AND SAFE CITIES, AND DISCUSSES THE COMPANY’S ROLE IN ACCELERATING THE UAE’S DIGITAL FUTURE.

an you give an overview of Dell Technologies’ surveillance solutions? Surveillance technologies are becoming increasingly demanding and complex, particularly Cgiven the large spaces that organisations need to secure in today’s world and the regulatory compliance that poses additional challenges. Dell Technologies’ surveillance solutions have been developed with all of these nuances in mind. We have combined optimised hardware and software for surveillance needs along with management and orchestration capabilities to simplify the deployment of secure and scalable solutions for edge computing and IoT use cases.

Governments and private organisations across the globe are gearing up to build smarter cities, what are the challenges that they can expect? With the rise of the smart city comes multiple benefits, some of which we

10 APRIL 2020 www.tahawultech.com are already seeing as governments The UAE is among the most active requirements, organisations now need a across the region embrace technology nations when it comes to smart and surveillance solution that can integrate and digitalisation. However, there are a safe city initiatives, how does Dell surveillance data as well as business data, number of challenges that come with Technologies aim to support the nation while being resilient, scalable and reliable. this too. Smart cities are made possible in this endeavour? Dell Technologies’ IoT Solution for by integrating IoT, cloud computing, and Dell Technologies provides advanced Surveillance has strongly integrated big data analytics. This allows for things technologies essential for the digital compute, storage, networking and like intelligent transport systems, smart transformation of the country. We enable virtualisation resources. This improves lighting and smart utility metering for the transformation of the country’s safety system performance and lowers total cost electricity and water. These technologies and security by delivering innovations of ownership – allowing organisations and and integrations are based on sensor- such as the Dell IoT Surveillance Solution venues that cater to these mega events to centered collection and analysis of data and the Dell OEM computer vision reach time-to-value faster. It is purpose and offer innovative and cost-effective solutions. Through these offerings, we built to a complex camera-on-cloud solutions to cities. Bearing this in mind, aim to help the nation become future infrastructure with support for demanding, some of the challenges that governments proof by supporting it in adapting to the mixed data sources including video, audio, and organisations may face revolve changing demands in IT advancements barometric pressure and more. Our solution around technology coverage and capacity and increasing the reliability of the takes the complex surveillance requirements and digital security. In addition, one of the systems guarding the country’s security. of these mega events into account core of the technologies enabling a smart A great example of our work in the and allows for automated deployment, city is data, which means organisations UAE is our partnership with DEWA in centralised management and massive on- that wish to harness the power of new Dubai. DEWA requires IoT technologies demand scalability while also minimising emerging trends will need to take steps to to connect solar energy to houses and downtime and increasing system reliability. effectively collect, process, store, analyse, buildings; smart applications that use manage and remediate data to keep up smart meters and grids that contribute What can regional customers expect with the rapid pace of innovation. to fast-service connection, predictive from Dell Technologies this 2020? As organisations and governments analytics for fast response, and for proper Dell Technologies’ end-to-end portfolio continue to adapt to the changing energy use rationing. Dell Technologies is captures essential services of edge, needs of citizens and employees, their foundational partner and has worked cloud, IoT, surveillance and unique now more than ever, it is important to with them to facilitate this transition. OEM capabilities. We will continue to ensure that investments are made to maintain focus on smart surveillance modernise infrastructures and prepare Mega events around the world are and ensure a broad ecosystem of for the future. Being dependent on increasingly becoming connected partners and solutions catering to the legacy systems will stem organisations as they utilise more advanced security requirements in the region from being fully future-proof and technologies, how has this trend through advanced video and sensor will hinder customer and employee impacted demands for smart services. We’re also currently focused on retention. Therefore, if organisations surveillance? supporting organisations with business are to take advantage of emerging With more and more mega events continuity; our research indicates that and transformative technology trends, being planned globally, and the sheer a decade from now, organisations that infrastructures need to be set in place to volume and scale of data that needs successfully achieve digital workplace accommodate them. to be analysed as part of surveillance transformations will be at an advantage over businesses struggling with legacy systems, massive amounts of data and workforces unprepared for change. “WE ENABLE THE TRANSFORMATION OF THE COUNTRY’S Therefore, we are committed to helping SAFETY AND SECURITY BY DELIVERING INNOVATIONS organisations to modernise their IT systems and deploy next-generation SUCH AS THE DELL IOT SURVEILLANCE SOLUTION AND technology infrastructure, which will lay THE DELL OEM COMPUTER VISION SOLUTIONS.” the groundwork for their digital-future.

www.tahawultech.com APRIL 2020 11 COVER FEATURE THE NEW NORMAL THE CORONAVIRUS (COVID-19) PANDEMIC HAS FORCED BUSINESSES TO UNDERGO SEISMIC CHANGES IN THE WAY THEY OPERATE. AS FLEXIBLE POLICIES BECOME STANDARD AND REMOTE WORK BECOMES A NORM, ANOTHER IMPORTANT CHALLENGE IS TAKING THE SPOTLIGHT – CYBERSECURITY.

12 APRIL 2020 www.tahawultech.com he coronavirus opportunities. Moreover, companies are pandemic presents rapidly adopting new ways to operate to a tremendous health maintain their businesses, many of which crisis that nations have been compelled to embrace remote across the globe working. are grappling with. However, with the coronavirus not With over 2 million showing any signs of slowing down confirmed cases anytime soon, enterprises are faced of infected people with the challenge of having to juggle a globally, the virus is range of new systems priorities such as causing a huge impact on people’s lives, ensuring the stability of critical business Tfamilies and communities. processes, workforce productivity and, of In addition to being a major public course, cybersecurity. The huge health issue, the COVID-19 crisis also Security Advisor ME speaks to industry amounts of brings about profound social and experts to get their insights on how the global uncertainty economic consequences, according to pandemic is impacting cybersecurity and and change that organisations the World Health Organisation (WHO) the future of work. are facing are what criminals are seeking Director-General Tedros Adhanom to capitalise on, according to Harish Ghebreyesus. RISKS AND CHALLENGES Chib, vice president – MEA, Sophos. Crisis-response efforts are in full For many businesses, the move to a These risks are further amplified by the motion in many countries across the remote working model came too swiftly. immediate and unforeseen IT challenges world. Healthcare organisations are Rather than being able to transition that companies are having to ensure their explicitly increasing their capacities and gradually, the quarantine measures staff can work from home. maximising their resources to cope with demanded a quick response, which has “Normal remote working is not a the rising demands to contain the virus. left CIOs and CISOs with little time to challenge as it gives organisations time Educational firms are shifting to online prepare and address the cybersecurity to implement it,” says Chib. “The current platforms to ensure ongoing learning challenges for remote working. scenario due to COVID-19 is different. This remote working is rapid, forceful and unplanned, and many organisations have relaxed their cybersecurity controls due to this. There are two areas which are Harish Chib, Sophos most likely to result in a cybersecurity incident due to the ongoing crisis: remote “NORMAL REMOTE WORKING IS NOT A access and phishing.” With a majority of employees working CHALLENGE AS IT GIVES ORGANISATIONS from home, business networks have been TIME TO IMPLEMENT IT. THE CURRENT exposed to countless untrusted networks SCENARIO DUE TO COVID-19 IS DIFFERENT. and unsanctioned devices. THIS REMOTE WORKING IS RAPID, “When employees connect to their FORCEFUL AND UNPLANNED AND MANY corporate networks from home, they ORGANISATIONS HAVE RELAXED THEIR expose numerous access points for CYBERSECURITY CONTROLS DUE TO THIS.” hackers to exploit,” says Subhalakshmi www.tahawultech.com APRIL 2020 13 COVER FEATURE

Ganapathy, Product Evangelist, ManageEngine. “These unprotected endpoints extend the corporate network perimeter, which increases the attack Robert Huber, Tenable surfaces for the hackers.” Ideally, whenever an employee is “SECURITY TEAMS SHOULD LOCK ARMS working remotely, they should be WITH IT TO SECURE ALL SOFTWARE-AS- accessing their organisation’s network A-SERVICE (SAAS) APPLICATIONS VIA and any software-as-a-service (SaaS) resources they need via a virtual private CLOUD ACCESS SECURITY BROKERS FOR network (VPN). CONFIGURATION, SECURITY AND DATA A VPN creates a safe, encrypted ‘tunnel’ LOSS PREVENTION.” from the user network, whether public or private Wi-Fi, across the public internet, and into the organisation’s network. According to Ganapathy, often ’s Gmail, which is being used by enterprises don’t have segment or limit over 1.5 billion users globally, has blocked their networks for VPN use as they are around 18 million hoax emails related to usually utilised by internal employees COVID-19 since the outbreak began. and/or trusted third-party vendors. There have also been numerous cases of However, with the sudden shift to remote coronavirus-themed emails being sent out, working, most IT teams wouldn’t have which have been designed to look like they had the time to segment their network for came from an organisations’ leadership the large VPN usage. team but are embedded with malware that “This could lead to channels used for would infect corporate networks. don’ts to reduce corporate risk remains a remote connections such as VPNs and “Humans are the weakest links in the constant challenge. other remote access platforms having security ecosystem,” says Sam Curry, Werno Gevers, cybersecurity specialist, umpteen security vulnerabilities that Chief Security Officer, Cybereason. Mimecast, says, “There is a general could be exploited by the hackers. A “Today, the biggest blunders include escalation in cybercrime during times of simple phishing attack on an unsecured opening email attachments that heightened disruption.” network can expose the entire sensitive end up being laced with malware or “Already, malicious actors are data of your company,” she explains. ransomware, visiting dubious websites spreading disinformation with the sole or downloading malicious software. The purpose of creating panic. People are THE HUMAN ELEMENT CEO of a company shouldn’t be emailing desperate to find out more about the More critically, IT and security leaders you a message asking for you to wire crisis and are letting their guards down, need to bear in mind that attackers will transfer $1 million to an account to deal clicking on just about anything sent to first and foremost take advantage of with COVID-19. That should raise a red them. Even one misclick on a link could human weaknesses. flag with any employee these days, but initiate malware and put the user – and In the last few weeks, there has been there are countless examples of this the organisation – at risk. an increase in the number of incidents of happening over the years.” “Webmail and private emails are individuals receiving a variety of emails, Curry further notes that even as unencrypted, leaving employee devices which impersonate authorities such as companies ramp up their security at significant risk of compromise via the WHO to persuade victims to download awareness programmes, the overall task interception or ‘man in the middle software or donate to bogus causes. of educating employees on the do’s and attacks,’ and can make home networks

14 APRIL 2020 www.tahawultech.com “It is hard to build a cybersecurity culture with employees and user slack is quite certain to take place,” says Rohit Bhargava, Practice Head - Could & Security of Cloud Box Technologies. “Not every employee understands the risks that the organisation could encounter equally. Bhargava emphasises that IT and business leaders need to look at training and cybersecurity awareness to be as regularly as possible. “Employees must be made aware of phishing emails and ransomware attacks, which must be reported in real-time to the concerned IT experts. There should be better systems in place to manage user sessions and strengthen IT processes and audits to ensure that information leaks are prevented.”

NEW PLATFORMS vulnerable to compromise as attackers sell it for profit,” In order to maintain may piggyback on these end-users he says. productivity and ensure to compromise an otherwise secure “They also business continuity, environment,” he adds. forget about securing organisations have also opted However, Centrify regional director outsourced IT and other to deploy new applications to allow for Northern, Southern Europe, Middle third-parties who are not employees users to perform work-related tasks East and Africa Kamel Heus points out but may have elevated privileges. Many remotely. However, the rapid escalation that one of the most common risks that times, those third parties are simply of the pandemic has left them with little organisations make is focusing only using a VPN to access the network, which time to prepare the security measures in on securing remote access for regular leaves a gaping hole in the security of the utilising such platforms. employees. They often forget about the enterprise. IT staff, whether employees “Many companies that did not privileged users such as management or consultants, need to have secure initially have remote work capabilities teams, IT staff and database remote access for privileged users that have rushed to use consumer-grade administrators among others, who goes above and beyond the solutions solutions like Zoom, Facebook and many often have privileged access to critical being made to the collective at-home others,” says John Pescatore, director of infrastructure and sensitive data. workforce.” emerging security trends, SANS. “Zoom “Those are the credentials that cyber- This being said, CIOs and CISOs need has recently admitted it wasn’t ready for attackers are most commonly after since to ensure that their workforce maintains this level and type of use and is focusing they offer the most power and ability to a comprehensive understanding of the 100 percent on security and has already move laterally, find and extract data, and cybersecurity risks. taken some steps. Also, users are often

www.tahawultech.com APRIL 2020 15 COVER FEATURE

sharing or storing business-sensitive “It is possible there will be heavier an organisation’s sensitive information on these services, which use of cloud-based storage (OneDrive, data to the outside world. increases the odds it will be exposed.” Google Drive, etc.) rather than corporate It’s essential to educate A majority of new home workers have file servers to share information. This employees on the risks also adopted third-party applications and means more valuable information could associated with how data is use non-corporate remote access tools be placed into cloud storage than would transferred and offer them the such as GoToMyPC and TeamViewer, which have with most workers on-prem. The tools they need before they go increases the risks of data breaches. way that the remote host is connected out on their own looking.” “Use of unapproved cloud storage will impact what level of cloud storage Furthermore, Bandos points makes it more difficult to detect attackers visibility is available,” he explains. out that inter-office chat platforms that are trying to exfiltrate data,” says Walmsley reiterates that security can come with inherent risks as well. Matt Walmsley, director – EMEA, teams must rigorously identify, “Companies that don’t subscribe to an Vectra. “It also creates regulatory and understand and protect the newly industry-recognised service like Slack compliance issues.” expanded attack surface that the move to or Microsoft Teams could be in danger increased remote working has created. of having data exposed. Chat platforms Digital Guardian VP for like WeChat, Telegram, Viber and the Cybersecurity Tim Bandos likes are all free but when it comes to shares these views as well, experience and security, namely end-to- saying that with the rapid end encryption, users’ mileage may vary. transition to remote work, “Additionally, phishing attacks are data sharing has become no longer just an email issue. If you a bit of a nightmare for can be contacted by individuals outside organisations and their your organisation via these apps, the employees. platforms can open the door for phishing “With the right tools in scams,” he adds. place, transferring large files while at work may have NEXT STEPS been easy in the past,” says So, what kinds of tools and solutions can Bandos. “Without these organisations utilise to ensure cybersecurity tools, employees may look for amid the COVID-19 pandemic? workarounds if they’re unable to According to Help AG CTO use corporate email. Employees Nicolai Solling, one of may be tempted to leverage sites the key elements of a that are typically blocked while robust and secure at work such as Dropbox or work-from-home Box. These workarounds strategy is can add risk when it secure remote comes to exposing

16 APRIL 2020 www.tahawultech.com access as working Robert Huber, chief security officer, to leverage business and IT processes.” remotely radically Tenable, says, “Security teams should In the past, remote employees often changes how lock arms with IT to secure all software- report flexibility and focus as the users, services and as-a-service (SaaS) applications via cloud biggest benefits, which enables their data are protected. access security brokers for configuration, productivity. It has also proven to be the “As a bare security and data loss prevention. In best resort for many businesses who minimum, any tandem, integrate all SaaS solutions want to ensure the continuity of their remote access into one central identity and access activity amid the pandemic. solution should offer management solution. This will not only “We think that this crisis will drastically two-factor authentication save time but also reduce headaches too.” change the working habits in many (2FA),” he says. “2FA combines organisations, and some of them might something the user knows – like THE FUTURE OF WORK find advantages in remote working,” a password – with something that they If done correctly and securely, remote says Asif Hashim, Middle East Business have. Today, 2FA can be easily delivered working can yield a range of benefits for Manager, WALLIX. “Employees might as a app. It is quick, easy both employers and employees. enjoy the extra time at home, and and cost-effective to deploy.” “The COVID-19 pandemic has forced employers might find that it reduces But it is important to understand many companies to have to enable and costs. If organisations opt to continue with that when evaluating your remote exponentially ramp up remote working, this way of working moving forward, this access solution there’s no ‘one-size- for a vast majority of their workforces,” will most likely increase the use of cloud- fits-all’ solution. says Marco Marco Rottigni, chief based services and remote connection “You may even have existing IT technical security officer, EMEA, Qualys. tools and therefore make organisations investments which can effectively support “This has highlighted several risks more vulnerable to security breaches.” your remote workforce when evaluated which would otherwise not have been Remote working might not be the right and re-purposed correctly,” explains considered if remote working had been option for everyone. But if the future of Solling. “In these unprecedented times, approached as an IT project. I believe work drives a big portion of workforces several technology vendors have provided that this experience will bring a better to work remotely, then organisations promotional programmes and extended awareness in companies and among will have to develop new solutions to the licenses to help organisations overcome employees about the huge advantages challenges of working remotely. security challenges. With the support of a of smart working; this will hopefully “Remote work is not the norm in many highly-skilled implementation and support increase the overall operational cultures and regions,” says Huber from partner such as Help AG, most of these efficiency once this crisis is behind us. Tenable. “While I do not anticipate a solutions can be delivered with extreme Organisations will also gain a better monumental shift to remote work as a speed and with fantastic security features.” understanding of the importance of SaaS result of the crisis, it will certainly become a valid option for business continuity events. This will, however, require additional security policies, solutions Marco Rottigni, Qualys and education to ensure that the same protections applied within an office will be “I BELIEVE THAT THIS EXPERIENCE sustained when working remote.” WILL BRING A BETTER AWARENESS IN Whether this is the future of work COMPANIES AND AMONG EMPLOYEES for businesses is yet to be determined. However, in this unprecedented new reality ABOUT THE HUGE ADVANTAGES OF SMART that we’re in, we are witnessing a dramatic WORKING; THIS WILL HOPEFULLY INCREASE restructuring of the economic and social THE OVERALL OPERATIONAL EFFICIENCY order, which is shaping remote work as ONCE THIS CRISIS IS BEHIND US.” the new normal for the near term.

www.tahawultech.com APRIL 2020 17 FEATURE SECURITY AT YOUR FINGERTIPS AS THE WORLD BECOMES MORE MOBILE, SMARTPHONES ARE BECOMING INCREASINGLY VITAL NOT ONLY IN THE WAY WE COMMUNICATE BUT ALSO IN THE WAY WE DO BUSINESS. AS SUCH, THEY BECOME REPOSITORIES FOR VALUABLE DATA THAT CAN BE TARGETED BY HACKERS AND MALWARE. SECURITY CORRESPONDENT DANIEL BARDSLEY SPEAKS TO INDUSTRY EXPERTS ON HOW TO KEEP MOBILE SECURITY THREATS AT BAY.

18 APRIL 2020 www.tahawultech.com oday, the unveiling of Among the malware they could be a new smartphone vulnerable to are BlueFrag, which uses model does not quite up data and spreads further malware, generate the buzz that as well as Joker, which can result in it did a few years ago, additional charges on a user’s bill, and yet manufacturers Stagefright, which can give ransomware are still putting new hackers control over a device. devices onto the Given the scale of the threat, Which? market at a brisk pace. says device manufacturers and Google Earlier this year, should level with consumers as to how we have been treated to the launch of long updates will be available for and AndroidT mobiles including the foldable what they should do when they are no Galaxy Z Flip and P40, longer issued. with the Zenfone 7 and the OnePlus Marco Rottigni, chief technical security 8, to name but a few still to come. officer EMEA at the cybersecurity For those with a few dirhams to spend company Qualys, says there should on a top-of-the-range new mobile, times be “much better attention” paid to the are still good, but many consumers provision of security updates by the likes and employees will, instead, stick with of device manufacturers and operating more modest devices, some dating back system providers. several years. “On the other side, we as users should A recent survey shows how many increase our awareness that we should mobile users may face cybersecurity keep technology updated. If we’re not risks as a consequence. Data from the able to do that, we’re putting ourselves at consumer organisation Which? indicates risk,” he says. that hundreds of millions of Android Morey Haber, the chief technology phones may no longer be receiving officer and chief information security security updates, increasing their risk of officer for BeyondTrust, which provides falling victim to attackers. privileged identity management (PIM) and Which? quotes Android’s own other solutions, says that the updates information suggesting that last year issue is “truly a Google problem.” there were no security patches released “In the licensing of the Android for devices using Android 6.0 or earlier , Google should enforce operating systems. that vendors will incorporate security Given that about 42 per cent of Android updates within a reasonable time frame mobiles fall into this category, that works from release, and that updates will be out at more than one billion devices not available for at least several years after being updated. the current model is end of life,” he says. “Trying to hold the device manufacturer to these service-level agreements without Vibin Shaju, McAfee Google’s enforcement is futile.” Haber does not, however, think that providers are obliged to provide security “IF YOU HAVE CONFIDENTIAL DATA FROM updates for as long as, say, Microsoft YOUR BUSINESS ON YOUR MOBILE DEVICE, does for versions of Windows. Typically, IT’S NOT ONLY ABOUT YOUR DATA, IT’S security updates for Windows continue ABOUT YOUR ORGANISATION’S DATA.” for more than a decade.

www.tahawultech.com APRIL 2020 19 FEATURE

One factor is that new mobile devices Even if the operating system is Rottigni at Qualys says, though, that and versions of Android are released receiving security updates, if malicious accessing an account on a mobile much more often than are iterations activity is detected, the device will device is not necessarily an action that of Windows. Also, Haber notes that typically be quarantined. is vulnerable to cyber threats. Indeed, technology from Wi-Fi to biometrics is Vibin notes, though, that the approach he describes himself as “a big fan of changing “at an accelerated rate.” that companies take may vary according mobile banking”. However, he adds that “While Windows can add drivers and to the sector they operate in. A bank, in mobile devices are “a bit more difficult to support for new technologies, since it particular, is likely to be very strict when it monitor” than laptops or desktops. is not ‘married’ to the hardware, mobile comes to BYOD devices; a retail organisation “It’s harder for a monitoring solution devices do not have that flexibility. may strike a slightly difference compromise to install apps or solutions that have Therefore, a shorter duration is between security and the adoption of devices. complete visibility on the mobile state. It’s reasonable based on the production cycle The threat landscape that mobiles have harder but it’s not impossible,” he says. of the device,” he says. to navigate is evolving fast, as shown Mobile security should, says Rottigni, A lack of security updates on older by another report, “Mobile Malware include a “holistic” element: organisations mobiles may be a particular concern to Evolution” from Kaspersky. should have a vision of what’s happening companies whose staff use their personal The report notes that 7.6 percent of on the mobile. To achieve this, he says mobiles for work purposes on a bring- cyber-attacks in the UAE involve mobile that organisations can employ Qualys’s your-own-device (BYOD) basis. threats, compared to almost 28 percent Secure Enterprise Mobility cloud-based Rottigni quips that, from the perspective of cyber-attacks in Saudi Arabia, the solution for mobile devices. of chief information security officers, this ninth-highest figure in the world. “Security should be ergonomic. It can feel more like “bring your own disease.” Nonetheless, Vibin Shaju, director of sales engineering for the UK, Middle East Marco Rottigni, Qualys and Africa for the cybersecurity company McAfee, which offers a free-to-download mobile security app, says that BYOD is “SECURITY SHOULD BE ERGONOMIC. IT “becoming very popular.” SHOULD EMPOWER THE USER IN THEIR “We see more and more applications WORKING ENVIRONMENT AND NOT BE are getting a business use. If you have PERCEIVED AS AN OBSTACLE.” confidential data from your business on your mobile device, it’s not only about your data, it’s about your organisation’s According to the report, there has should empower the user in their working data,” he says. been rapid growth in the number of environment and not be perceived as an Shaju says devices that are not mobile advertising trojans, which display obstacle,” he says. receiving regular security updates will intrusive banner advertisements based on By using mobile security solutions from suffer “some compromise”, but adds that the private information that they collect. companies like Qualys, Rottigni says that with the right security software installed, As well as facing the potential irritation users can be protected by as many as it should usually be possible to detect caused by these advertisements, users four factors, including pin numbers and malicious software. may also risk having their data finding its facial biometrics, when mobile banking. “If [however] there’s a completely new way onto third-party servers. Furthermore, users need to also keep targeted attack and a weakness of the Kaspersky also highlights the in mind security measures advised by operating system, you’re talking about a emergence of what it says is the first Kaspersky, such as not downloading bigger problem,” he says. mobile financial malware, called apps from unknown sources, keeping “There has to be a time the user or Accessibility, which allows attackers to gain devices updated (if possible) and regularly organisation has to decide that this control of banking apps. Accounts may be running system scans, they should operating system should not be allowed stripped bare and ransomware Trojans and keep their devices secure – despite the on their network.” other malware may be installed. growing list of threats.

20 APRIL 2020 www.tahawultech.com Advert_CSG_207x270.pdf 1 26/07/2019 08:49

C

M

Y

CM

MY

CY

CMY

K FEATURE

FUELLING SECURITY AS THE OIL AND GAS SECTOR AND ITS SUPPLY CHAIN CONTINUE TO BUILD OUT DIGITALLY CONNECTED INFRASTRUCTURES, THEY FACE INCREASED CYBERSECURITY RISKS FROM BOTH EXTERNAL AND INTERNAL ACTORS. INDUSTRY EXPERTS DISCUSS THE CYBERSECURITY CHALLENGES THAT OIL AND GAS PROFESSIONALS SHOULD BE AWARE OF.

22 APRIL 2020 www.tahawultech.com everal cyber He says that in this region, in particular, “Whether the intention is malicious or breaches in the cyber-attacks affecting the energy purely accidental, it can have the same energy industry have industry tend to be more targeted – and impact. For example, a contractor may hit the headlines, often state-sponsored – than is typically plug a malware-infected PC into a remote including tales of the case in other parts of the world. site,” he says. oil rigs riddled with The Iranian-backed Shamoon attack on As well as disrupting operations, malware or leaning the Saudi Arabian oil and gas company leading to financial losses, Deloitte’s heavily because Aramco is one prominent example. report points out that attacks can they have become There are many motivations other threaten worker safety, particularly corrupted. than cyberwarfare, among them because of the cyberphysical dimensions While some such stories have been cyberespionage in the form of stealing of systems, harm a company’s reputation Sdistorted as they have spread online, there field data, and financial gain, such as and cause environmental destruction if is no doubt that cybersecurity has become when ransomware is deployed. pollution results. an increasing issue for the sector. Looking at the threats facing the Given all of this, it is no wonder that, Indeed, a recent report from Deloitte, sector’s operational technology (OT) and in recent years, cybersecurity has moved Protecting the Connected Barrels, stated operational process vulnerabilities (as much higher up the agenda of the that in 2016, energy was the second-most- opposed to those targeting corporate region’s energy companies. targeted industry in term of cyber-attacks. networks), “criminal activity and “Every single large customer and Everyone from state-sponsored ransomware impacts are on the rise medium-sized customer has projects in attackers through to ransomware and of growing concern,” according to this space, and they wouldn’t be spending fraudsters is looking to exploit Tim Conway, a technical director at the time and effort unless they were worried,” vulnerabilities in the oil and gas industry. cybersecurity training organisation the says Josefsson. “Most of the attacks we’ve seen SANS Institute. As well as having diverse origins, the have been to control the networks. It “Criminal threat actors are typically vulnerabilities are varied too, ranging depends on who’s running it. A lot of taking advantage of opportunistic attacks from upstream to downstream and Iranian or North Korean attacks have due to poor access control protections, everywhere in between. been destructive – to wipe out hard segmentation within the OT environments, Among upstream operations, drives,” says Jonathan Couch, senior vice remote access, and general lack of OT development drilling and production tends president for strategy at the cybersecurity detection capability,” he says. to face greater cyber risks than another key company ThreatQuotient. Threats are not all external, as they activity, seismic imaging, but because the Few people have observed the oil can come from inside companies, says latter is now digitising, new vulnerabilities and gas cybersecurity landscape in the Barak Perelman, the vice president of OT are set to be exposed in future. Middle East more closely than Marcus security at Tenable. There are disgruntled “The most destructive attacks are Josefsson, the MEA sales director for employees, third-party contractors and upstream because you have much more risk Nozomi Networks. human error to consider. in the physical dimension,” says Jean Abbal, strategic and channel partners manager for the MENA region at Nozomi Networks. Abbal says that it is much more difficult Tim Conway, SANS Institute to stop production upstream than it is downstream, where a suspension to allow “CRIMINAL THREAT ACTORS ARE TYPICALLY things to recover is much easier. TAKING ADVANTAGE OF OPPORTUNISTIC Downstream there is, however, a wider range of potential threats, with ATTACKS DUE TO POOR ACCESS CONTROL “many different systems to optimise the PROTECTIONS, SEGMENTATION WITHIN THE chemical reactions,” as Abbal puts it. OT ENVIRONMENTS, REMOTE ACCESS, AND “Everything is run by computers,” he GENERAL LACK OF OT DETECTION CAPABILITY.” says of downstream operations.

www.tahawultech.com APRIL 2020 23 FEATURE

Pipelines too can be vulnerable to Jean Abbal, Nozomi Networks attacks that may, for example, attempt to increase the pressure of the oil passing through – with devastating consequences. “THE MOST DESTRUCTIVE ATTACKS ARE An incident as far back as 2008 in UPSTREAM BECAUSE YOU HAVE MUCH which a Turkish oil pipeline caught fire MORE RISK IN THE PHYSICAL DIMENSION.” may, according to reports, have been caused by Russian attackers. They are suspected to have altered the pipeline’s pressure after hacking into computers at technology, which is typically focused Perelman says that Tenable helps valve stations. primarily on safety, are often not the energy firms identify any threat that The barriers to dealing with threats are same as those who work in information can disrupt their OT network by numerous, including that attack surfaces technology, where cybersecurity is the providing “a unified, risk-based view of can be large and spread across a wide key aim. IT and OT security”. area, with remote operational sites. It The oil and gas sector may be “This allows security teams to view may also be difficult to pinpoint attacks. particularly vulnerable because, as and manage OT security issues alongside “In OT networks we have large security ThreatQuotient’s Couch points out, IT vulnerabilities, from assessment gaps because many don’t know which there is widespread use of legacy through closed-loop remediation assets and devices are in the network,” technology. Indeed, he has dealt with verification,” he says. says Tenable’s Perelman. companies still using Windows 95. He says that covering every target in “And it’s one thing knowing about these Patching is often inadequate. both the IT and OT networks is important, devices and keeping an inventory – it’s a “A lot of it is driven by the consumer including not just Windows PCs and whole other thing to actually keep track software as well as other regular servers, but also ICS devices, including of changes in configuration that alert you commercial technology. It’s not up to industrial controllers. to risks and remediation taken.” date,” he says. “We recommend organisations ensure Perelman also notes that much Perelman says that, when most that they have the most productive and of a network’s critical information is industrial devices were designed and comprehensive alerts. This means transferred using communications that manufactured in the late 1980s and monitoring both the network itself for are proprietary to the industrial vendors, 1990s, “security wasn’t a top concern and traffic by connecting to a SPAN port, be they Siemens, ABB, Honeywell, cybersecurity wasn’t even a term”. while also collecting information from Rockwell or others. “Obviously those devices have many the devices themselves for a complete “This makes standard IT monitoring more vulnerabilities, and those are the picture,” he says. tools blind to the most sensitive same devices used in most industrial The importance of developing the information in the network that requires networks globally,” he says. expertise of staff in ICS cybersecurity is analysis,” he says. Many approaches are being taken emphasised by the SANS Institute, which Another issue is that the priorities to protect oil and gas companies from provides education resources, training and of those working with operational cybersecurity attacks. validation for professionals responsible for defending OT environments in sectors including oil and gas. The organisation uses instructors who have real-world Barak Perelman, Tenable experience in the industry. So, although the motivations of “IN OT NETWORKS WE HAVE LARGE SECURITY the attackers are numerous, and the vulnerabilities are many, there is plenty GAPS BECAUSE MANY DON’T KNOW WHICH that energy companies can do and are ASSETS AND DEVICES ARE IN THE NETWORK.” doing to protect themselves.

24 APRIL 2020 www.tahawultech.com WE’RE NOT JUST FIREWALLS. THE CAPTURE CLOUD PLATFORM

SonicWall automated, real-time breach detection and prevention The SonicWall Capture Cloud Platform underpins our complete portfolio of high-performance layers proven cybersecurity across your entire organization. hardware, virtual appliances and clients to harness the power of the cloud. The platform combines the global security intelligence of the Capture Threat Network with the You know SonicWall because of our rich history designing high-performance firewalls. But like your organization, SonicWall has evolved. cloud-based management, reporting and analytics of the Capture Security Center and the real-time attack prevention of the multi-engine Capture Advanced Threat Protection (ATP) sandbox. Today, the modern SonicWall Capture Cloud Platform delivers automated, real-time breach detection and prevention to safeguard your business or organization.

With this layered approach, you can stop the most malicious cyberattacks, including ransomware and encrypted threats, from compromising your network and damaging your .

CAPTURE ATP • SSL DPI • ANTI-MALWARE • IPS • CLOUD APPLICATION SECURITY • ANTI-PHISHING • URL FILTERING

THREAT PREVENTION MANAGEMENT REPORTING / ANALYTICS

Physical & Virtual Multi-Engine Public & Private Endpoint Secure Real-time email security. Defend your endpoints. Firewalls Cloud Sandbox Cloud Security Protection Email Powered by the cloud. Automatically.

Protect your organization from email-borne With a next-generation malware protection threats such as ransomware, zero-day threats, engine powered by SentinelOne, Capture Client spear-phishing and business email compromise applies advanced threat protection techniques, (BEC) — all via affordable, predictable and flexible such as machine learning, network sandbox monthly or annual subscription options. integration and system rollback, to ensure your endpoints aren’t compromised by today’s most Available integration with the SonicWall Capture malicious malware, including ransomware. Advance Threat Protection (ATP) sandbox service lets you dynamically scan all suspicious email After stopping attacks, Capture Client can quickly attachments and URLs, and block dangerous files roll back modifications and auto-immunize your Cloud Application SD-WAN Web Application Secure Remote Unified Management or URLs before they reach your network. It even endpoints — all with a single click. Easily return to Security Firewall & Wireless Access & Reporting delivers advanced threat protection for Office a previous ‘healthy state’ and get your employees 365 and G Suite services. back to productivity.

Social icon Rounded square

Only use blue and/or white.

For more details check out our www.SonicWall.com Brand Guidelines. @SonicWall SonicWall SonicWall_Inc

© 2019 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is a trademark or registered trademark of SonicWall Inc. and/or its affiliates in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective owners.

SNWL-2Page-Ad-GMM-KJ-MKTG5175.indd 1 2/13/19 12:00 PM INTERVIEW

ACCELERATING SECURITY GOVIND HARIDAS, BUSINESS HEAD – CYBER SECURITY, HIPERDIST, SHARES INSIGHTS INTO THE LATEST CHALLENGES IMPACTING ENTERPRISES AND WHAT THE FUTURE HOLDS FOR THE SECURITY INDUSTRY.

hat do you think will be to be wary of. Another issue that IT the next ‘game-changing’ security leaders will also face is getting technology in the budgetary approvals for cybersecurity cybersecurity space? initiatives and investments due to Artificial intelligence the current economic conditions. (AI)W and machine learning are Additionally, the recent coronavirus increasingly playing big roles in (COVID-19) pandemic has pushed many transforming multiple areas of IT and organisations to implement remote cybersecurity is no different. Therefore, working schemes, which have increased we can expect to see more and more their vulnerability to cyber-attacks. AI-driven cybersecurity solutions What are the biggest cybersecurity Which disruptive technologies should challenges regional enterprises need to organisations invest in to boost their watch out for in 2020? cybersecurity strategies? Phishing attacks, financial crimes, AI-based machine learning, ransomware and lack of skilled blockchain and IOT/OT security are resources are some of the primary the disruptive technologies that challenges that enterprises need organisations should invest in to boost their cybersecurity strategies.

How will your offerings be “AI-BASED MACHINE LEARNING, BLOCKCHAIN AND instrumental in enabling organisations IOT/OT SECURITY ARE THE DISRUPTIVE TECHNOLOGIES become cyber resilient? Our cybersecurity offerings focus on THAT ORGANISATIONS SHOULD INVEST IN TO BOOST early detection, which is the key to THEIR CYBERSECURITY STRATEGIES.” becoming cyber resilient. Instead of

26 APRIL 2020 www.tahawultech.com out some fantastic results in a short timeframe. We are also in the final stages of signing up one of the leading AI vendors in the world whose offerings will be a game changer in the market.

How do you see global regulations around IT security evolving in the next few years? Hackers are becoming more sophisticated and organisations are increasingly adopting new and more complex technologies, which contribute to the expansion of the Govind Haridas, Hiperdist attack surface. I believe this will prompt increased focusing on protection solutions, our global regulations cyber portfolio has advanced tools around IT security, which proactively detects threats before which are focused they disrupt the business operations. on data protection and cloud security. What advice would you give organisations to ensure they succeed in their security transformation initiatives? We advise our customers to follow the best practices of cybersecurity. We focus on the critical controls that would give enhanced protections to our customer which ensures business continuity. Followed by providing them with next-gen disruptive technology controls to protect against sophisticated attacks.

How are you leveraging technologies around artificial intelligence and machine learning to enhance your offerings? Our digital marketing team already leverages an AI-based tool for lead generation and has churned FEATURE

ADVANCE GUARD AS PRIVATE CYBERSECURITY ORGANISATIONS’ ROLES IN POLICING THE CYBER SPACE GROW, IS THERE A NEED FOR INCREASED REGULATORY CONTROL FOR THIS SECTOR? DANIEL BARDSLEY INVESTIGATES.

28 APRIL 2020 www.tahawultech.com few decades Regulatory Questions, suggests that ago, researchers there has been little debate among talked of a “quiet researchers about the implications of the revolution” sector’s growth or of the policies needed brought about by to govern the new landscape. the growth of the “Most of the issues, the questions that private security arise with physical security, also arise in industry. the cyber world. There are some areas Where once where I would be very surprised if there only the police isn’t need for some kind of regulation,” held sway, in the brave new world of says Button. theA 1970s and 1980s, a parallel private “The issue off competence in the security sector developed. physical world, that’s been a major Nightclubs, industrial facilities and problem – of cowboy operators. Is that other premises were being guarded by the same in the cybersecurity world? Are private operators who would sometimes companies offering services they’re not use physical force against those who they capable of [delivering]? felt had breached the rules. “By making private cybersecurity While the quiet revolution term originated providers stronger by some kind of in North America, a similar phenomenon control, would that be an opportunity was seen in many other regions. to further enhance organisations In response, governments and local purchasing their services because their authorities began regulating the private performance would be so much higher?” security sector, keen to ensure that it The paucity of official action against operated within reasonable parameters. cybercrime is shown by the fact that Now, a researcher has described the there are just a few dozen prosecutions development of the private cybersecurity annually in, for example, the United industry as being a “second quiet Kingdom for crimes linked to hacking, revolution” and has asked if regulations viruses, ransomware and distributed are needed to govern it too. denial of service (DDoS) attacks. In a paper published this year in the “The police do have good people, Journal of Contemporary Criminal but the numbers that you would need Justice, Professor Mark Button, of the to supply that to the large number of University of Portsmouth in the United organisations and individuals who have Kingdom, notes that this sector is fast been attacked is not enough,” says Button. eclipsing the physical private security Although governments have set up industry in revenue and scale. organisations to focus specifically on Button, whose paper is entitled, The cybersecurity, it is largely private companies “New” Private Security Industry, the that try to keep a lid on cybercrime through Private Policing of Cyberspace and the actions that are as much preventative as reactive. Potential worries over these companies’ actions are largely focused on Jonathan Couch, ThreatQuotient privacy and the use of sensitive data. “Imagine if you’re doing work for a large organisation with large access to “I WOULDN’T SUPPORT REGULATION THAT personal information of individuals. It’s MAY SLOW DOWN OUR ABILITY OR IMPEDE incredibly important that that information OUR ABILITY TO BE MORE AGILE.” is protected,” says Button.

www.tahawultech.com APRIL 2020 29 FEATURE

The private cybersecurity sector may I’m not convinced that we have a surplus “The certifications that have been also wield, Button notes, cyber tools that of bad people in the sector,” he says. developed even by industry don’t necessarily can be used for harmful activities such as While the likes of CISOs could use mean that you’re any better or you know any cyber-espionage. The sector carries out their position to cause a great deal of more than anyone else,” he says. functions that private citizens would not damage, Boiten says that the same Regulations over the use of data, such undertake, something that Button suggests could be said of people in many other as the EU’s General Data Protection may indicate a need for regulation. senior corporate roles. Regulation (GDPR), mean that additional Another issue highlighted by Button According to Jonathan Couch, requirements such as licensing may be concerns companies that offer data- ThreatQuotient’s senior vice president, unnecessary, according to Professor Siraj related services. Their use can result in strategy, regulations and licensing Shaikh, a professor of systems security customers being branded – often unfairly requirements could lead to box-ticking. at Coventry University in the United – as fraudsters when transactions are He suggests that this has happened with Kingdom. Specific sectors, such as analysed. While some nations have tough the emphasis on governance, risk and finance, have their own regulations. data-processing rules, Button says that compliance (GRC) in organisations. “I don’t think an introduction of another these do not cover many activities of the “It would be like GRC – it gets so level of regulation would happen,” he says. new security sector. regulated, you have compliance and not He does, however, suggest that Although parallels can be drawn security. [If] you have a CISO who has a licensing could be used to promote between the private physical security tonne of credentials … it doesn’t mean training or continuous professional industry and the private cybersecurity they’re any better at their job,” he says. development (CPD, also sometimes sector, Button points out clear differences. Also, Couch suggests that more written as continuing professional Barriers to entry in terms of skills are regulation could hamper the activity of a development), which is a requirement in typically higher in cybersecurity, which may keep out some of the unsavoury element sometimes associated with Professor Siraj Shaikh, Coventry University physical security. Also, although ethical hackers might sometimes be recruited into penetration “IN CYBERSECURITY, ONE OF THE testing roles, Button notes that there have ELEMENTS IS TO KEEP ABREAST OF been few scandals sparked by criminal THREATS. IT’S A VERY DYNAMIC AREA AND involvement in private cybersecurity. IT WILL REMAIN THIS WAY.” Nonetheless, he raises the question of whether penetration testers, security architects, chief information security cybersecurity sector that is battling fast- some other professions, such as medicine, officers (CISOs) and internet moderators moving attackers. where practitioners are licensed. (who may have access to illegal material Militaries have to go through what “In cybersecurity, one of the elements and other information that should not be American strategists have called the is to keep abreast of threats. It’s a very in the public domain) should be licensed. OODA loop – observe, orient, decide dynamic area and it will remain this way,” Professor Eerke Boiten, director of the and act – faster than their adversaries. says Shaikh. Cyber Technology Institute at De Montfort Similarly, effective cybersecurity requires While some experts are doubtful University, Leicester in the United Kingdom, organisations to complete these actions about the need for licensing, Button says says that it is unclear to him whether at a brisk pace. that he is not so much calling for more licensing is needed. He suggests that “I wouldn’t support regulation that regulation but is primarily focused on companies are able to assess the worth of may slow down our ability or impede our sparking debate about what rules could cybersecurity services that they are buying. ability to be more agile,” he says. or should be introduced. In his paper, he “When you hire a company, you Couch is also sceptical about the value says there is “a regulatory gap” when it interview them and check their of the numerous certifications available comes to the new private security sector qualifications, and there are plenty of in the cybersecurity sector, saying that he and in his view, more research is needed qualifications in the cybersecurity sector. has tended to let his own lapse. to fill this void.

30 APRIL 2020 www.tahawultech.com

INSIGHT HOW TO ENSURE SECURITY WHILE WORKING REMOTELY MARCUS WHITTINGTON, CO-FOUNDER AND COO, SENTRYBAY AND ABHIJIT MAHADIK, DIRECTOR – CYBERSECURITY SOLUTIONS, RAQMIYAT, DISCUSS THE RISKS OF ENABLING REMOTE ACCESS FROM UNMANAGED DEVICES AND HOW SENTRYBAY’S SOLUTIONS CAN HELP ENTERPRISES STAY SECURE.

ith the outbreak of or internet security software; they offer COVID-19, there are a higher risk of compromise because widespread extended they might be running counterfeit or requirements for unlicensed solutions, or they are on staff to work from untrusted networks. The enterprises home.W The phrase “work-from-home” have little or no control over what brings-in fears on data security and software is running or has previously data-pilferage risks from unmanaged been executed on the devices. end-user owned remote desktops, These unmanaged devices pose PCs and laptops that would be used as a higher risk of sensitive data being endpoints by staff and external vendors, stolen (including corporate credentials) partners and contractors. from attacks involving keylogging, Remote access from unmanaged which along with spyware is ranked the devices introduces elevated risks. Often highest global malware, according to these devices have a lower security the NTT Security Threat Intelligence posture, possibly out-of-date anti-virus report. Other attacks to be wary of include screen-capture, screen- grabbing, man-in-the-browser, saved Abhijit Mahadik, Raqmiyat account detail harvesting, screen- mirroring, man-in-the-middle, DLL injection and RDP double-hop. During “BY PARTNERING WITH SENTRYBAY, WE ARE the coronavirus crisis, the risk is OFFERING THIS SECURED SOLUTION TO HELP exponentially much higher. VPN is the commonly utilised form OUR CUSTOMERS WITHOUT SACRIFICING THEIR of connectivity to ensure that remote SECURITY POSTURE.” devices can connect to corporate

32 APRIL 2020 www.tahawultech.com Abhijit Mahadik, Raqmiyat Marcus Whittington, Sentrybay

networks. However, VPN does not install from pre-configured software which offers a very unique secured protect the user from malware that is the preferred option. This means browser that provides anti-key logging, records the keystrokes entered or selecting proven anti-keylogging anti-screen capture and anti-screen takes pictures or videos of the user’s software that can protect every keystroke scrap features, thus, enabling a endpoint in order to steal data. They into any application and prevent secured browsing environment for scrape up passwords, credit card and screen-scraping malware from stealing sensitive work to be done irrespective banking information, personal details, credentials and sensitive corporate data. these malwares on the PCs. and more, to use in identity theft and Raqmiyat, an authorised reseller The best part of this offering is that other malicious deeds. Every piece of of Sentrybay, provides secured work- it creates separate user and desktop data entered into applications such as from-home solutions. “During this sessions and leaves no-trace upon Word, Excel, Outlook, other Office apps, challenging time, organisations closing. With the latest enhancements, corporate apps, browser, webmail and struggle to provide a secured work- it can be installed as a pseudo-remote SaaS applications by the home-based from-home solution. By partnering access solution to lock down use of, say, employee, contractor or supplier such with Sentrybay, we are offering this Office365, SaaS apps, web browsing and as, can be lifted from the endpoint itself secured solution to help our customers more. It can also be deployed for Citrix, by malware. This can then be sent out without sacrificing their security Vmware or any other remote access to the command and control server of posture,” says Abhijit Mahadik, director solution deployed. the cybercriminal. In summary, all this – Cybersecurity Solutions, Raqmiyat. “We have experienced a huge surge data can be stolen by cybercriminals Unlike other cybersecurity vendors in demand worldwide, especially in even before it enters the VPN tunnel. who only worry about cleaning and the UAE for this niche solution from Ideally, with virtually no time for protecting endpoints, SentryBay cares Sentrybay. Some of our largest banking preparation, customers should look for about data security and uses patented clients have added licenses in the products that can be deployed quickly technology of anti-keyloggers and anti- past week, specifically to enable more (i.e. within 24 hours) and which do not screen captures to achieve this. employees to work from home,” says involve specially configured software Armoured Browser from SentryBay Marcus Whittington, co-founder and or hardware – a simple download and provides a browser on Mac & Windows, COO, Sentrybay. INSIGHT

CYBERSECURITY TRENDS FOR 2020 AMIR KANAAN, MANAGING DIRECTOR, MIDDLE EAST, TURKEY & AFRICA, KASPERSKY, SHARES INSIGHTS INTO THE LATEST TRENDS THAT WILL IMPACT THE EVER-EVOLVING CYBERSECURITY SPACE.

he year 2019 was another busy one for the cybersecurity industry. Worldwide spending on security solutions is expected to achieve a growth rate of 9.2 Tpercent over the 2018-2022 forecast period and total $133.8 billion in 2022. The average cost of an attack, meanwhile, ranged from $108,000 for an SME to $1.4 million for a large enterprise. We can be certain that the year 2020 will be another hectic one for cybersecurity professionals. As ever, cybercriminals will modify their strategies, particularly as more and more organisations migrate to the public cloud and networks finally begin to come online. As we do every year, Kaspersky has delved into its collective knowledge base to identify key cybersecurity trends for the year ahead.

Confusion in the cloud ICT departments are transitioning rapidly from on-premise models to assets deployed in the public cloud. As this migration takes place, there Amir Kanaan, Kaspersky is a possibility that gaps may appear

34 APRIL 2020 www.tahawultech.com in corporate cybersecurity strategies. leading platforms for cybersecurity start to finally come online. The boost it Organisations embracing the public breaches. According to the RSA, more will provide to connectivity speeds will cloud as they transform their ICT than 60 percent of online fraud originates be significant and there will be even infrastructure should understand from mobile devices and 80 percent of more data moving across networks that they will retain at least partial mobile fraud comes from mobile apps, than ever before. This will give a boost responsibility for security of their data rather than mobile browsers. to the Internet of Things and it will even after it has been migrated. It is up to As consumers now do so much of allow companies to capture more both providers and users to keep cloud- their business on their phones, a phone data than ever before, supporting Big located data safe and responsibilities is a potential goldmine of both personal Data and AI strategies. There will, must be clearly defined in contracts and corporate information. Hackers will however, be significant risk as hackers between providers and customers. While continue to focus considerable effort on target networks in an effort to retrieve agreements should be read closely, phishing, spear phishing and malware data related to health, safety & the customers should assume that they are attacks targeted at smartphones. Users environment (HSE), personal health responsible for protecting the operating will need to be much more aware of the and corporate performance. A recent systems, applications and data that they threat and how to deal with it. European Union report identifies potential themselves deploy in the cloud. key threats to 5G networks, particularly Artificial intelligence: a double- their increasing reliance on software. Any Continued attacks via IoT devices edged sword flaws in the applications used to manage There will be 75 billion connected, Artificial intelligence is a double-edged networks could enable malicious actors Internet of Things (IoT) devices around sword for the cybersecurity industry. On to insert backdoors and begin to siphon the world by 2025, according to Statista. the one hand, organisations are using off data. While consumers love their smart it to identify and prevent attacks. On the TVs and connected baby monitors, IoT other hand, cybercriminals can use AI to Multi-factor authentication becomes devices are typically perceived as being make their attacks more ‘intelligent’ and prevalent vulnerable to hacks, particularly on the thus able to avoid detection. The password remains the most default settings that home users usually Artificial intelligence could also help common method of protecting sensitive forget to change when setting up devices. hackers make their social engineering data, but it is now just a first of line of A hacked IoT device can represent a strategies more effective. This defence. While two and three-factor major vulnerability. As well as being popular hacking technique effectively authentication is not a new concept, used to spy on individuals, it could also involves tricking individuals to divulge uptake has been slow, with just 20 become part of a botnet and used to information that can compromise percent of Office 365 subscribers using carry out DDoS attacks, like the notorious personal or corporate security. AI could it as of the middle of 2018. Expect to see Mirai botnet that brought down several be used to trawl for sensitive information a much more rapid uptake of one-time online services in 2016. Hackers will keep on individuals and organisations, as well passwords and biometrics over the on targeting IoT devices, so users must as being used to create content that next year as companies embrace the make sure to follow basic rules on how to can pass through typical cybersecurity principle of multi-factor authentication keep them secure. filters, such as e-mail messages that (MFA). While MFA is often seen as look like they were written by humans. cumbersome by users, it has benefits Phishing via messaging beyond offering more secure access to Far from being immune to attacks, 5G networks will come under attack a particular application. It also counters smartphones have become one of the The year 2020 will see 5G networks the phenomena known as ‘credential stuffing’, where users tend to use the same password across several accounts. Gaining access to that one password “HACKERS WILL KEEP ON TARGETING IOT DEVICES, by infiltrating a poorly secured service can open up access to all or many of SO USERS MUST MAKE SURE TO FOLLOW BASIC a person’s other accounts. MFA helps RULES ON HOW TO KEEP THEM SECURE.” avoid this.

www.tahawultech.com APRIL 2020 35 INSIGHT

WHAT THE CORONAVIRUS OUTBREAK CAN TEACH US ABOUT CYBERSECURITY BRIAN PINNOCK, CYBER RESILIENCE EXPERT, MIMECAST, DISCUSSES THE UNCANNY SIMILARITIES BETWEEN THE HUMAN RESPONSES TO THE CORONAVIRUS OUTBREAK AND CYBERSECURITY INCIDENTS.

n 2015 the World Health The coronavirus has brought into stark Organisation raised the risk of relief some elements of basic human “Disease-X”. At the time it was nature that come into play in both a unknown and they projected it had health crisis and a cybersecurity incident. the potential to trigger a global There is initial complacency along with a pandemic,I with no known treatments tolerance for risky behaviour. Only once or vaccines, leading to loss of lives and visible danger strikes is there a frantic, massive economic disruption. In a slightly even draconian response, usually focused similar vein, Lloyd’s of London annually on saving the image of the infected model a cyber-attack pandemic, started organisation rather than protecting their by threat actors who hold the only known stakeholders and the wider community. cure. The predicted consequences for A deeper look shows that the economies and human lives of both similarities between the human predictions are devastating. responses to the coronavirus outbreak Today, both of these forecasts have Brian Pinnock, Mimecast and cybersecurity incidents are not just real-world comparisons. In 2017 the superficial but remain uncannily close in NotPetya virus became a global cyber- One reason for the seismic disruptions many respects. pandemic that spread from the Ukraine caused by both medical and cyber around the world in a few short hours. pathogens is the interconnectedness Risky behaviour exposes everyone to danger NotPetya paralysed organisations, of the global economy. Supply chains Reports suggest that the coronavirus crippled shipping ports and shut down now span multiple continents. Air originated from animals such as bats, government agencies globally. It caused travel passenger volumes have pangolins or civets. Cross species over $10 billion in damages. In the world doubled. Disruption in China is leading transfer possibly occurred in a market of healthcare, the Coronavirus (now to disruption everywhere. The same in Wuhan. Researchers found that the named Covid-19) has infected more than dynamic is true for cyber-pandemics tolerated risky behaviour of consuming 170,000 people in 157 countries and could because digital supply chains span exotic animal parts triggered a single cause in excess of $1 trillion of economic continents and cloud computing has introduction into humans, which was damage. That’s more than 3 times that of become ubiquitous, leading to a digital followed by human-to-human spread. SARS – a similar virus that broke out 17 interconnected web which is fragile and Similarly, employees engaging in risky years ago. can be easily broken. behaviour that is tolerated outside of

36 APRIL 2020 www.tahawultech.com work, such as visiting adult or dark web sites or downloading files from non- work-related portals, can let malware into the organisation that spreads from one user to another.

Transparency is critical in containing outbreaks Too often, keeping silent exacerbates the situation and puts business communities at risk. China has received some backlash from global observers, with reports emerging that the Chinese government at first played down the risk of outbreak and later the extent of the problem. Transparency is a major contributor to effectively managing the potential fallout from a viral disease. Even today, we are unsure of the extent of cybercriminals’ tasks harder we enable and protect their systems or train their the coronavirus outbreak. them by staying silent and ineffectually people are the equivalent of the those Similarly, by the time senior sharing the symptoms and preventative who won’t or can’t vaccinate their management are made aware of a measures of the cyber disease. families. An expectation of herd immunity serious cyber incident, the infection has is often misplaced both when it comes to usually been incubating and spreading in The importance of basic (security) hygiene human health and for cybersecurity. an organisation for weeks or sometimes Demand for face masks is surging in In the UK an auditor general report on months. The organisation can become countries close to the epicentre of the NHS disruptions caused by the WannaCry the source of further infection via their coronavirus. But face masks aren’t as virus, showed they all had unpatched own email systems. Coverups mostly effective as most people think. Unfortunately, or unsupported operating systems. In don’t work and hide the extent of the people are drawn to visible controls rather addition, other security controls in the problem to the wider community which than invisible ones. But medical authorities NHS would have prevented the rapid leads to misinformed complacency about suggest that basic practices, like regular spread and subsequent deaths and fiscal the risks we face. handwashing, are more effective at costs. But they were incorrectly configured Many organisations don’t share threat preventing the spread of the virus. which allowed the virus to spread. intelligence effectively or at all. This is The equivalent of handwashing in a gift to cyber criminals who employ cybersecurity is focusing on basic Cybersecurity and human infections the same attack method repeatedly controls first. Have effective and regular share one last similarity: we can never against multiple organisations because patch management practices, implement prevent all infections and we can never it keeps working. Instead of making controls to detect and prevent the spread anticipate every eventuality. Diseases will of malware, adopt regular employee continue to jump the species barrier and awareness training to equip people with zero-day malware will continue to appear. the appropriate knowledge to avoid risky What we can do however is become more “CYBERSECURITY AND HUMAN behaviour. It is mostly invisible and not transparent, be more community focused INFECTIONS SHARE ONE LAST very sexy, but it is a critical layer in the and make ourselves more resilient. If not, SIMILARITY: WE CAN NEVER defence against cybercrime. we remain exposed to a “Disease-X” – either in the medical or cyber domains PREVENT ALL INFECTIONS AND Herd immunity and misinformed – with no known treatments or vaccines WE CAN NEVER ANTICIPATE complacency and at the risk of devastating economic EVERY EVENTUALITY.” Organisations who can’t or won’t patch and human losses.

www.tahawultech.com APRIL 2020 37 INSIGHT CONNECTED CARS, CLOUD AND CYBERSECURITY WEB SERVICES (AWS) SHARES INSIGHTS INTO WHY CLOUD IS VITAL IN ENABLING THE SECURE AND SEAMLESS DEPLOYMENT OF AUTONOMOUS CARS.

utonomous or self-driving cars Toyota Research Institute (TRI) believes waiting for data processing in the cloud. will make driving safer, smarter that accurately training autonomous Therefore, organisations need to look and more efficient. Equipped cars requires trillions of miles of testing. for cloud providers with integrated with internet connections, often To deliver on this, it has a fleet of test edge solutions. These allow analysis wireless local area networks, cars equipped with Light Direction and of mission-critical data at the source Aenables self-driving cars to speak to Ranging (Lidar) Sensors to record data, and reducing the cost of transmitting each other and the environment around collecting terabytes of data every day, additional data to the cloud. them. One feature allows the cars to keep needing quick retrieval and analyses. their distance and synchronise braking TRI uses AWS to manage this data and Security in the cloud to avoid accidents. Autonomous cars access the processing power required to Cybersecurity is important when will include features such as lane assist, train machine learning models quickly. developing safety-focused autonomous collision avoidance and automatic calls Using cloud infrastructure, it has gained cars. Each vehicle becomes a new to emergency services to create a safer the ability to spin up compute and storage endpoint which must be secured. driving experience. Some automotive resources on demand and blend these Protection from hackers and malware are taking automation a step with management and orchestration must be a top priority to ensure they further, innovating to enable vehicles to services. TRI now retrains vehicle models, cannot gain access to driving controls or communicate with nearby infrastructure increases accuracy, and introduces new the data that runs through each vehicle. and even pedestrians, adding a new features faster. By following similar Autonomous car producers are turning dimension to how automation can models, more automotive businesses will to the cloud in order to support and run benefit society. accelerate the development of safer cars. connected cars. AWS delivers automated AWS believes that the right technology security services which apply machine infrastructure is critical for the production Edging forward learning to proactively manage tasks of these vehicles, which require high- Enabling autonomous cars to make including security assessments, threat performance computing capacity, rapid, data-driven decisions will make detection, and policy management. By seamless cybersecurity, and the ability to our roads safer. These machines need having security baked in, manufacturers manage vast data sets. Here are some of backing by reliable infrastructure with can be confident that they have the the key reasons why many organisations low latency and high availability. They solutions in place to detect new and are turning to the cloud to develop and also need to analyse information in real emerging vulnerabilities and threats deploy autonomous cars at scale: time, including data on road conditions, which will reduce harm to drivers and weather, and the behaviour of other lower the risk of a breach. Training and testing vehicles. Applying AI allows the car to Autonomous cars are our future; however, Autonomous cars strive to create vehicles react swiftly and safely to road conditions. to drive adoption, manufacturers must that operate more safely than humans. Edge computing allows this core ensure they are secure and supported by Delivering on this ambition requires in-car technology to perform its in-car robust infrastructure. With the right cloud extensive modelling and testing. The data crunching. When a second of lag infrastructure, organisations to focus ability to collect, store, and manage data can make the difference between a safe their resources on building differentiated is critical, as are advanced machine or dangerous response, autonomous automotive experiences, rather than learning techniques. vehicles do not have the luxury of managing IT infrastructure.

38 APRIL 2020 www.tahawultech.com 25 PERFORMANCE WARRANTY years AltraNET by