At the global series of events called as World Cyber Security Summit, you will have heard just how significant cybercrime and cyberattacks are, and know that they can have just as significant an impact in the Middle East as any other country.
Recently the head of UAE Government Cyber Security told CNBC that the UAE had seen a 250 per cent increase in cyberattacks in 2020, while data breaches in Middle Eastern countries cost an average of US$ 6 million per incident, according to an independent report commissioned by IBM Security.
We can separate cyberattacks into two broad categories: those undertaken for pure financial gain and those driven by political motivations. However, regardless of the motive, the impact on businesses can be the same: downtime, data loss and digital damage.
The digital transformation the region has gone through in the last year is extraordinary. Prior to COVID-19, only ten per cent of workers in the UAE reported working from home one to two days per week, compared to a global average of 62 per cent, according to a 2019 survey by International Workplace Group. This means that the trend to transition to the cloud was accelerated, and the network perimeter has truly dissolved.
Data-Centric SASE
To help regional CISOs combat the evolving threat landscape, Forcepoint is focusing on two fronts – cloud security and data protection. Forcepoint’s suite of data-centric SASE (Secure Access Service Edge) solutions allow organizations moving to the cloud and considering SASE to take these steps in confidence.
Most Middle Eastern government entities and enterprises do have cybersecurity strategies to safeguard national critical information infrastructure, protect critical citizen data, and respond to and recover from cyber-attacks and establish safe and secure cyberspace. Enterprises are evolving, moving steadily to the cloud, and adopting new security architectures such as SASE and Zero Trust.
But given the ever-evolving threat landscape and the increase in attack surface posed by digital transformation and remote working, more can still be done. Attacks such as Sunburst/Solarigate really shine a light on the interconnected nature of government and enterprises, and require business leaders to take a critical look at supply chain networks.
Where to start? Eight Kick-Off Questions
So where to start when overhauling cybersecurity? In my view, government entities and enterprises should look for solutions that can deliver multiple security services to where employees are working today, while making it easy to scale, manage and control costs. Consider the following eight questions as you evaluate your current system and any future suppliers:
- Your data is your organization’s lifeblood. Does any proposed solution offer data protection to safeguard remote workers in the web and cloud? In what ways do your proposed vendors safeguard usage and provide ongoing control of your critical data and intellectual property once the data is downloaded from apps?
- What threat protection defences are offered? Look for a combination of edge protection, deep content inspection, advanced malware detection, and remote browser isolation. All of these protect against external attackers trying to get in.
- You need ways to discover and control Shadow IT and stop employees from skirting corporate policies. Do the proposed vendors provide application security that gives you visibility into both sanctioned and unsanctioned applications that include data sharing capabilities?
- How comprehensive is the network security offered? Does it encompass cloud- and site-based firewall services to enable safe access to the internet and defences against advanced network threats?
- What network connectivity options are offered? How will the vendor connect branch offices and remote sites? Does the vendor support SD-WAN for more cost-effective local connections and how will remote employees connect to services?
- How the security services are managed has a huge impact on operational cost and efficiency. Implementing multiple point products is a non-starter. Does the solution converge capabilities in a cloud-delivered platform that can ensure security is in place wherever data is used? Can security administrators define security policies once and enforce them everywhere?
- Understanding a person’s intent and the nuances of behavior help reduce false alarms and provide context for the security response. Can the security product continuously monitor user risk?
- What deployment options are offered. Not every app should be hosted in a public cloud for competitive or compliance reasons, particularly in the Middle East where data sovereignty is important. Can your security support hybrid cloud environments?
The Unbound Enterprise
Because of the cloud and the pandemic, an enterprise’s highly distributed employees are working in unmanaged home networks and directly connecting to cloud services with IP addresses they didn’t receive from corporate IT. Forcepoint calls this the 'unbound enterprise' – and it offers huge advantages as well as a cybersecurity challenge!
Cloud services can reduce costs, remote working can drive innovation and new cybersecurity technologies can anticipate incidents before they happen, becoming less intrusive and allowing employees to get on with their jobs without technology blockers.
To secure this unbound enterprise, security teams should put data and the centre of their cybersecurity strategies and look to SASE with Zero Trust to provide a new foundation for both empowering and securing their remote workforces.
Author
Jawad Toukna, Director of Regional Sales, Middle East & North Africa, Forcepoint
Catch some of the top global cyber security experts speak at the Qatar edition of the World Cyber Security Summit which is officially powered by Forcepoint taking place on 7 July 2021.
About Forcepoint
Forcepoint is the human-centric cybersecurity company that understands behavior and adapts security response and enforcement to risk. The Forcepoint Human Point platform delivers Risk-Adaptive Protection to continuously ensure trusted use of critical data and systems. Based in Austin, Texas, Forcepoint protects data and identities for thousands of enterprise and government customers in more than 150 countries.
About World Cyber Security Summit
World Cyber Security Summit is a thought-leadership driven, business-focused initiative that provides a platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.
The series is virtually hosting CISOs across industry sectors who will meet, network, learn and engage with some of the world’s renowned technology thought-leaders, subject matter experts and technology innovators in a constructive, open-dialogue environment to find solutions for issues hindering their information/cyber security.
To register, visit - World Cyber Security Summit – Qatar.
For further details, please contact:
Karthik A
Marketing Lead
Comments