Recent research has shown that 36 per cent of respondents in the UAE said that the biggest IT challenge their organisation has faced as a result of the shift to remote work was securing the data of their employees remotely
The shift to remote working will continue to pose a challenge for many organisations across the UAE and Middle East region, especially when it comes to ensuring an organisation-wide multi-layered cybersecurity plan.
Speaking to Khaleej Times at the GISEC 2021 exhibition, cybersecurity experts noted that the continued migration towards remote working, due to the Covid-19 pandemic, had created several vulnerabilities that organisations have to tackle. Held at the Dubai World Trade Centre under the theme ‘Enabling Resilience in Digital Economies’, the event opened its doors on Monday and welcomed several international experts who will collaborate to curate regional cybersecurity agendas.
“People have started to depend more and more on remote connectivity,” said Maher Jadallah, regional director for the Middle East at Tenable. “They have been using all types of devices such as laptops, smartphones, and tablets to complete tasks such as remote working and distance learning. The more you are connected, the more you are exposed to cyberattacks.”
Previously, employees working in an office setting would benefit from the greater security measures in place, he explained. However, remote working has given way to increased vulnerabilities that affect productivity, intellectual property, and customer credentials. “When you use a corporate network, you are protected by a very good firewall and various other technologies, but once you go home, you are off the grid.”
Growing awareness about the threat landscape
Recent research has shown that 36 per cent of respondents in the UAE said that the biggest IT challenge their organisation has faced as a result of the shift to remote work was securing the data of their employees remotely. Another 45 per cent said that their organisation experienced data loss which resulted in business downtime.
However, Jadallah also highlighted how awareness among consumers had been steadily increasing, and that they were proving to be more knowledgeable about the cybersecurity threat landscape. “They think twice about which sites to access, if it is safe to connect to a network from a coffee shop, and many other things. I believe that the responsibility of security has to come from everyone in the company, not just the IT department. In addition, it is always a good idea to sit with experts and consult with them on how you can protect your data and intellectual property.”
Jadallah’s words were echoed by Col. Saeed M. Al Hajri, director of Cybercrime Department, Dubai Police, who said that as cybercriminals become more sophisticated and more bold, the vigilance of governments, businesses and citizens is more important than ever. “The borderless nature of cybercrime means that organisations and individuals can be targeted from anywhere; it is imperative that we collaborate in order to develop strategies to help us navigate these complexities and so many others that are associated with cybercrime.”
Misconceptions can be deadly
Bachir Moussa, regional sales director for the Middle East, Africa & Russia at Nozomi Networks, notes that there is a misconception about which industries are the most common target of cybercriminals.
“Cyberattackers are always on the lookout for different areas from which they can get in,” he said. “The security landscape has always been the same, but what has changed is that industries are becoming much more connected; as a result, it is possible to attack them more easily now and hackers have a greater area to play with. In addition to attacks on the banking sector, we have seen attacks on the healthcare, education, logistics, and industrial sectors. Take for example the cyberattack on the Colonial Pipeline and how it resulted in people running out of gas. Imagine an attack on vaccine manufacturers and how deadly its impact will be on millions of people.”
“Our most recent security report found that ransomware activities and supply chain threats and vulnerabilities will continue to dominate the threat landscape,” he added. “Organisations must invest in advanced cybersecurity solutions to secure their increasingly converged environments. Most importantly, you have to have visibility; security without visibility is not very beneficial. If you don’t know what assets you have, then you have no idea about where attackers can possibly come in from. Think of it with the Zero Trust formula and have your defense cover multiple levels.”