By Mazen Dohaji, VP, Regional Sales iMETA, LogRhythm
Over the last 12 months, organizations across the Middle East have been adapting to business disruption and embracing new working environments. Since the start of the pandemic, working from home has become much more widespread across the Middle East and the rest of the world. While this approach is convenient and has many benefits, it also exposes businesses to a range of new and emerging cybersecurity risks.
According to a report from the TRA, the UAE saw cyberattacks increase from 21,000 in January 2020 to 103,408 in June and 123,000 in December. The report also outlined that the top threat at the end of 2020 was malware attacks, which contributed to 62% of all cybersecurity attacks in December.
As more businesses move from a temporary solution towards a more holistic ‘work from anywhere’ approach, organizations in the Middle East need to increase awareness of emerging cybersecurity trends in order to safely maintain a flexible working environment and prevent attacks before they begin.
When it comes to protecting your organization, the speed that you can detect and respond to a threat is crucial. Implementing automation tools can optimize an organization’s time to qualify (TTQ) and mean time to respond (MTTR) to a security threat. A Security Information and Event Management (SIEM) solution with Security Orchestration, Automation and Response (SOAR) capabilities can be deployed to remove human error from operations and maximize efficiency.
Prioritizing cybersecurity best practices will allow Middle Eastern organizations to achieve the best outcomes for their employees, customers and operations. Business leaders must update their employees on security protocols and educate users about policies and guidelines that will ensure that teams stay aligned with current operational norms.
Security Operations Center (SOC) teams should review their cybersecurity efforts to match the requirements of a new hybrid working environment. The majority of breaches today are identity-related meaning strong access control is a must to protect businesses and their customers within remote environments. Adopting a flexible multi-factor authentication (MFA) can safeguard user credentials and minimize opportunities for hackers to gain unauthorized access through phishing attacks.
On top of this, visibility and protection of the endpoint have become paramount in the remote workforce model. Greater visibility across endpoints, networks, and the cloud will allow SOC teams serve both remote and office-based operations. SIEM helps remote workforce visibility use cases by providing businesses with immediate visibility into their remote environments.
Harnessing high-value insights can assist security and IT operations teams in delivering an effective and secure remote working capability. Dashboards can help SOC teams gain vision into the remote habits of a workforce can also provide useful pointers for where additional alerts will give the most value. Every organization should be able to search rich forensic data to understand when and how an incident occurred, and at the same time, contain the compromise with an endpoint lockdown.
Organizations across the Middle East can achieve greater network protection by implementing security solutions empowered with network threat protection, multi-factor authentication, and automated security awareness services.
As digital trends across the region continue to accelerate, it is expected that more businesses will embrace a flexible work environment. Organizations in the Middle East do not need to reinvent their approach to cybersecurity. They can simply streamline existing cybersecurity solutions to future-proof their operations and help them meet local compliance requirements.
Digital transformation will only deliver Return on Investment (ROI) if organizations can navigate risk and reduce vulnerabilities. SOC teams should be applying the lessons learned in 2020 and beyond to guide the future of their organization’s dynamic.
