The Middle East and other parts of the world are experiencing an increase in cyber threats, so TECHx spoke with some of the most experienced CSOs and CISOs to find out how they have dealt with them. Today’s focus is on Deryck Mitchelson, Field CISO and C-Suite Advisor, EMEA at Check Point Software Technologies Limited. To learn more about how Check Point is tackling growing cyber risks, read on.
TECHx: What are the most pressing cybersecurity concerns faced today by organizations in the Middle East?
Mitchelson: The landscape is changing, but only for the worse. The number of breaches and records exposed per year is escalating, despite billions of dollars of investment in cyber tools and the best efforts of security professionals. For quite some time now, cyberattacks have been a major concern for all organizations. In 2021, several cyberattacks demonstrated the willingness and ability of cyber threat actors to disrupt the operations of businesses and the supply chains that rely upon them. The total number of cyberattacks increased by 50% year over year globally and by 71% in the UAE in 2021.
Unprecedented levels of cyberattacks played out as large-scale, multi-vector mega attacks that inflicted major damage on business and reputation. As a result, we find ourselves in the midst of the fifth generation of cyberattacks such as Codecov in April and Kaseya in July, and the Log4j vulnerability which was exposed in December of last year. According to Check Point Software’s threat intelligence report, an organization in Middle East is being attacked on average 1472 times per week in the last 6 months, compared to 1168 attacks per organization globally. 80% of the malicious files in Middle East were delivered via email in the last 30 days and the most common vulnerability exploit type is Remote Code Execution, impacting 64% of the organizations.
TECHx: What are some of the best cybersecurity practices your company has adopted to ensure not only a secure working environment but also a simplified adoption process?
Mitchelson: As organizations become more distributed and remote work becomes more common, the endpoint has become a vital component of enterprise cybersecurity. There are all kinds of potential threats posed by a remote workforce, including the use of personal devices for work, the increased probability that remote employees will violate corporate security policies, and the fact that cybercriminals are taking advantage of the surge in remote work to exploit new attack vectors exposed by reliance on telework infrastructure.
We address organizations’ most imminent cyber security needs based on three core principles:
1. Prevention-first approach – deploy pre-emptive user protections to eliminate threats before they reach the users
2. Gold Standard Management – single pane of glass to manage the entire security estate
3. Consolidated Solution – realize complete, preemptive protection against the most advanced threats while achieving better operational efficiency
TECHx: Hybrid work culture is now a reality; how are you protecting your remote workforce from potential cyber threats?
Mitchelson: With the hybrid workplace in the limelight across many organisations, the important thing for IT professionals and SOC teams is to leverage unified solutions that will provide full end-to-end protection on multiple fronts. The keynote is that hybrid workplace has become a part of our everyday life and as IT professionals and security leaders it makes sense to consolidate the security solutions to ensure each possible endpoint is secured.
Leveraging existing Check Point security remote access tools, across laptops and mobiles together with cloud-native network security solutions, among others, for scalability were major assets on the path to remote work. When employees began working from home, the security team shared security policy do’s, don’ts, guidelines and best practices with everyone. Because not everyone implements policies, we also developed an integrated, innovative easy-to-use compliance scanner as a tool to validate safety of at-home computers. In parallel, we implemented monitoring tools in the Security Operations Center (SOC) to mitigate unauthorized access.
TECHx: The human factor remains one of the most serious threats to an organization’s cybersecurity; in light of this, what kind of security training should employees receive?
Mitchelson: As employees continue to prefer to work remotely, every company now needs to rely more on each one of its employees to guard its data and critical network credentials. To deal with these challenges, organizations need to recalibrate their cyber security approach around securing their corporate networks and datacenters, cloud environments and employees wherever they are. Our advice to businesses is to invest in educating users on how to spot and avoid potential security risks – this is the first step to preventing cyberattacks from the start. To boost that effort, Check Point Harmony is designed to help businesses protect remote employees, devices and internet connectivity from malicious attacks, while ensuring secure, remote zero-trust access at any scale to any corporate application.
TECHx: What is the best and most immediate strategy for CSOs/CISOs to implement if a data breach occurs in their organization?
Mitchelson: You can’t predict when cyberattacks will happen, but you can use proactive incident response to quickly mitigate its effects or prevent them altogether. If a data breach occurs in an organization, seek immediate support from a trusted incident response service provider such as Check Point Software to immediately isolate and contain the breach and assist with remediation activities to limit impact and disruption.
TECHx: What do you consider to be the most important skills of a modern CSO/CISO?
Mitchelson: CISOs need to have a versatile set of abilities since they must address such a wide range of issues. The CISO’s job now includes value development in addition to risk management. A CISO adds value by exercising effective security management and acts as the board’s trusted advisor on all things cyber related. Some CISOs come from technical backgrounds, while others come from business or risk management backgrounds. A CISO must effectively manage all three of those areas and more in order to succeed in the position.
TECHx: What advice or tips would you give to other CISOs in light of the current global cybersecurity landscape?Mitchelson: Today’s CISO role diverges substantially from that of the past. The position has transformed from an in-the-shadows, mid-level technical role into a multi-dimensional, high-visibility executive-level position centered around business leadership, corporate risk governance and driving security decisions. The contemporary CISO is responsible for risk identification, for developing a culture of shared risk ownership, and for active risk management. This person also bears responsibility for building trust among stakeholders at the most senior level. The latter responsibility is a newer one on the list and if not executed well, can lead to negative outcomes. CISOs need to understand the entirety of what’s going on within a corporation, from how their team’s decisions will impact business, to how the decisions of other departments will impact revenue streams. The ability to articulate business risks to the organization and to the board is also imperative. It’s not enough to simply maintain good cyber hygiene and to then tout strong security. Too much is at risk and CISOs can be held to serious account. In turn, CISOs can’t afford to under-invest in security architecture. It pays to spend. CISOs and teams need to tackle security with best-in-class solutions offered by mature vendor partners.