How do you see the current Middle East threat landscape, specifically the UAE and Saudi Arabia?
The Middle East has long been a developing and advancing region when it comes to technology and security. In fact, the UAE and Saudi Arabia are front-runners in the regional digitalisation race. In today’s connected world, our increasing dependency on computer systems and mobile devices creates more opportunities for information misuse, theft, and ransomware scams. Despite the risks, connectivity has become essential to consumers, enterprises, and governments during the pandemic, and we don’t expect that trend to change. Users also developed higher expectations for instant access, zero lag and constant availability. The dark side of pervasive connectivity is a rapidly expanding attack surface. More access by more users and more devices creates a seemingly infinite number of potential entry points. As a result, severe vulnerabilities are possible within communications networks, defence systems, industrial IoT deployments, connected cars, and more.
Zero trust being a buzzword of all time, what is your take on this approach? How can organisations successfully implement zero trust?
Zero trust is one of the most effective security approaches in today’s ever-changing threat landscape. Various zero trust models are increasingly being adopted by enterprises and government security teams worldwide. With perimeter security no longer effective by itself, new cloud models, and current remote/hybrid working initiatives, a zero trust architecture is needed now more than ever. The key to successful zero trust is visibility and validation.
Tools like next generation firewall, security information event management, asset discovery, endpoint detection and response all play an essential part in a cybersecurity framework. But organisations have to ensure that these tools are getting all the data they need to do their jobs and that they have been implemented and configured correctly. An intelligent visibility solution provides security and monitoring tools with easy access to all required traffic from the hybrid IT environment – networks, data centres, and private and public clouds. Moreover, once armed with the right data, organisations should continuously and automatically verify that their security architecture detects and blocks threats as planned. Finally, organisations should evaluate their investment in security tools and identify misconfigurations that can compromise their zero trust strategy.
What measures do you think organisations can take to build greater cyber resilience?
In the current digital revolution, it is not a question of if a network will be attacked but when it will be attacked. The foundation of security and cyber resilience is network visibility. Security tools and technologies are only as good as the network data they receive for analysis. A best practice is to integrate the security architecture with network visibility (monitoring) architecture.
Moreover, to build better resilience, preparation is crucial. Rather than reactively responding to cyberattacks, proactive testing of cyber defences is needed to reduce risk and minimise consequential losses. One way of doing these breach and attack simulation to validate their security architecture. This will help them evaluate the cybersecurity effectiveness of live networks – all the time, improve the effectiveness of your existing security tools before investing in more devices, quickly identify misconfigurations and policy gaps, and analyse detection and blocking capabilities.
Rawad Darwich is the regional sales manager – GCC, Network Solutions Sales at Keysight Technologies
Read: What drives private equity firms to acquire cybersecurity companies