How has the cybersecurity industry evolved over the last two years? What are the current threats companies need to focus on?
The last couple of years has been far from ordinary, both for cybersecurity and businesses in general. As we all adapted to the new reality, companies of all sizes began to see remote work as a new opportunity for the future.
The new world of remote workforces drove a surge in cyberattacks and the risks continued to grow. The cybersecurity threat landscape is continually evolving, and occasionally, these advancements represent a new generation of cyberthreats. To date, we have experienced five generations of cyberthreats and solutions designed to mitigate them. To address this massive challenge, businesses now require the right architecture which creates a framework for a stable security platform and should focus on consolidation to allow for a higher level of security through superior integration versus decisions made across multiple vendor products.
Can you share some highlights from your 2022 cybersecurity report?
Our 2022 cybersecurity report reveals the key attack vectors and techniques that our researchers have observed over the past year. From a new generation of highly sophisticated supply-chain attack methods right through to the Log4j vulnerability exploit the rendered hundreds of thousands of businesses open to a potential breach.
Some of the highlights include:
• Supply chain attacks: the infamous SolarWinds attack laid the foundations for a supply chain attack frenzy. 2021 saw numerous sophisticated attacks such as Codecov, Kaseya and the Log4j vulnerability. The striking impact achieved by this one vulnerability in an open-source library demonstrates the immense inherent risk in software supply chains.
• Cyberattacks disrupting everyday life: 2021 saw a large number of attacks targeting critical infrastructure which led to huge disruption to individuals’ day-to-day lives, and in some cases even threatened their sense of physical security.
• Cloud services under attack: Cloud provider vulnerabilities became much more alarming in 2021 than they were previously. The vulnerabilities exposed throughout the year have allowed attackers, for varying timeframes, to execute arbitrary code, escalate to root privileges, access mass amounts of private content and even cross between different environments.
• Developments in the mobile landscape: Throughout the year, threat actors have increasingly used smishing (SMS phishing) for malware distribution and have invested substantial efforts in hacking social media accounts to obtain access to mobile devices. The continued digitisation of the banking sector in 2021 led to the introduction of various apps designed to limit face-to-face interactions, and those, in turn, have led to the distribution of new threats.
• Cracks in the ransomware ecosystem: Governments and law enforcement agencies changed their stance on organised ransomware groups in 2021, turning from preemptive and reactive measures to proactive offensive operations against the ransomware operators, their funds and supporting infrastructure. The major shift happened following the Colonial Pipeline incident in May which made the Biden administration realise they had to step up efforts to combat this threat.
With connected devices on the rise, the threat landscape is expanding. What types of products are most vulnerable to internet of things (IoT) hacking? What best practices should be followed by organisations?
Some of the best practices that organisations should follow are:
• IoT discovery and risk analysis: Identify, classify, and analyse every IoT device in any network and its risk.
• Zero-trust segmentation: Apply perfectly suited IoT policies across the entire network and its connected devices to prevent unauthorised access and lateral movement.
• IoT threat prevention: Prevent malicious traffic at the perimeter, network, and on the devices from zero-day attacks with virtual patching and real-time IoT threat intelligence.
• Detection and response: Identify, analyse, and quarantine infected devices and malicious behaviour.
When looking at implementing a new cybersecurity programme/model, what are the areas organisations should focus on?
It is important for companies to take a prevention first approach to the security model they implement. Organisations need to close security gaps and secure their networks, from employees’ home PCs and mobiles to the enterprise data centre, with a holistic, end-to end security architecture. Some of the areas that organisations should focus on while implementing a cybersecurity model are:
• Real-time prevention: Vaccination is better than treatment – even when it comes to cybersecurity. Real-time prevention of threats, before they can infiltrate the network, is the key to blocking future attacks.
• Secure your everything: The ‘new normal’ requires organisations to revisit and check the security level and relevance of their network’s infrastructures, processes, compliance of connected mobile and PC devices, IoT etc. The increased use of the cloud means an increased level of security, especially in technologies that secure workloads, containers and serverless applications on multi and hybrid cloud environments.
• Boost visibility: So many changes in the company’s infrastructure present a unique opportunity to check security investments. The highest level of visibility, reached through consolidation, will guarantee the best effectiveness.
Organisations must also revisit and check the security level and relevance of their network’s infrastructures, processes, compliance of connected mobile and endpoint devices, among others. The increased use of the cloud means an increased level of security, especially in technologies that secure workloads, containers, and serverless applications on multi and hybrid-cloud environments.
With Saudi Arabia making huge investments in technology, do you see it as a major growth market for your company? Can you also shed some light on your local collaborations in the kingdom?
Saudi Arabia is a huge market and is making new investments with the aim to become an innovation-based economy and with the kingdom’s ambitious Vision 2030, we see initiatives from government and private organisations towards imaginative digital technologies which encourage major growth opportunities.
We offer the solutions needed for organisations of all sizes to comply with the vision and regulatory framework within the kingdom and ensures the implementation of cybersecurity controls following international best practices. In 2022, we are ramping up our field team’s presence by investing additional resources (sales and technical consultants) in Saudi Arabia to reach more customers and increase our focus in the kingdom.
We are working in parallel with our channel partners and enabling them to provide the best value to their customers through our prevention first and consolidation approach. We are already engaged with key strategic accounts and senior decision-makers in the kingdom to showcase our solution portfolio and how we can partner with them to achieve their innovative goals.
What are your new strategies for the year ahead?
We are working on driving an impact and changing the cybersecurity game in the region with a series of new strategic directions. We believe this will reshape cybersecurity with the best and brightest thinking around new products, new experiences and a new mindset. We are expanding in the UAE by investing in additional sales and technical teams to continuously engage with our stakeholders and educate them on Gen V of threat protection and how our solutions can be of value to their organisations. We are progressing with a customer centric approach in the UAE by focusing on addressing customer needs through early involvement in the cycle from architecture, implementation and support. We are also expanding our professional services team in UAE for direct engagement and execution of some complex implementations and dedicated customer success managers to improve overall customer satisfaction. We will also be participating at Gisec this year to network with our partners and showcase our full solution portfolio. Our long term goal is to expand our reach – vertically and geographically – in the region by bringing our solutions to businesses in the public and private sectors and continuing to provide our focused insights into the cyberthreat landscape in the UAE and overall region.