As digital transformation is picking up momentum and expanding fast, there could be an increase in phishing and ransomware attacks in the region. In that context, it is imperative that cybersecurity is made the core business priority, says Mazen Dohaji, VP, Regional Sales iMETA, LogRhythm
Since the start of the pandemic, organisations across the Middle East have adopted the hybrid working environments in response to continued business disruption and rapid digital transformation. We know digital transformation is still expanding, and as a result, we are seeing an increase in phishing and ransomware attacks in the region.
The traditional risks that come with deploying digital technologies are intensified by a larger threat landscape, rapid cloud adoption, implementation of BYOD, and devolved work environments. Whilst these risks aren’t exclusive to the Middle East, its speed of innovation adds an extra layer to its challenges.
In 2021, we witnessed notable examples of attacks on critical industry sectors in the Middle East. Threat actors have set their sights on bigger targets to extort larger ransom demands, and organisations of all sizes are now at risk of malicious attacks. This trend is likely to shape the Middle East’s cybersecurity landscape.
To overcome new and evolving threats in the Middle East, businesses must shift their priorities and move forward with a ‘security-first’ mindset. Organisations in the region need to focus on deploying a solid strategy that puts cybersecurity at the front and centre of their operations.
Part of this strategy includes deploying a Zero-Trust security model, ensuring no device, user or system is trusted by default, regardless of location. Placing more levels of authentication on the network allows security teams to equip themselves with the intelligence needed to mitigate an evolving threat landscape, providing increased visibility into user activity within devolved work environments and enables enhanced control of access points.
At the same time, implementing automation tools can optimise an organisation’s mean time to detect (MTTD) and mean time to respond (MTTR) to a security threat. A Security Information and Event Management (SIEM) solution with Security Orchestration, Automation and Response (SOAR) capabilities can be deployed to remove human error from operations, maximise efficiency, and improve response times.
As explained above, cybersecurity capabilities must be enhanced and optimised to serve a changing digital environment. Organisations across the Middle East need to operate with new levels of automation and visibility across their cybersecurity operations to achieve regional regulatory compliance. To this end, over the last 18 months, LogRhythm has launched automation tools for rapid regulatory compliance in the Kingdom of Saudi Arabia, Qatar, and the UAE. Our predefined reports and use cases ensure that more organisations can secure their digital ecosystems and remove the barriers to transforming their operations, making world-class cybersecurity solutions simple and easy to adopt in local markets.
The reports and use cases can be deployed in LogRhythm’s NextGen SIEM platform to create a secure foundation for digital transformation with one-click, out-of-the-box automation in support of cybersecurity requirements. It ensures that organisations in the Middle East can match the standards for data privacy and security that apply to their industry, location, and business functions.
Transforming the technology and security infrastructure within an organisation does not happen overnight. Deploying Zero-Trust is a continuous process requiring time, resource investment, and executive-level support. Every organisation’s path to Zero-Trust can look different and it’s important to be patient and prioritise initiatives one step at a time. From small to large companies, expect the process to be a marathon, not a sprint.
The seamless implementation of Zero Trust relies on one critical component — clear communication between IT teams and security teams. Security teams cannot deploy elements of Zero Trust alone, they must combine intelligence with IT to help deploy software and address vulnerabilities. There is no silver bullet to stop all breaches, but Zero-Trust gives businesses a good chance of mitigating an incident before it causes irreversible damage.
Large-scale events could be a lucrative target by cybercriminals looking to utilise phishing and social engineering tactics to steal personal and financial information for monetary gains. Cybercriminals will recognise the measures taken by event organisers to protect the event and will focus on exploiting human nature instead.
Individuals attending large events need to be aware of the potential cyberthreats, such as phishing websites disguised as legitimate ticketing, hotel booking, and reservation sites, as they trick visitors into letting their guard down and disclosing sensitive information. There needs to be a greater push to keep individuals from being a big security target within these types of events.
CISOs and security teams in the Middle East can take the key learnings from 2021 and build new adaptability and flexibility into their security strategy to improve their overall risk posture. Large-scale attacks witnessed throughout this year will help build greater resiliency and prepare organisations for handling more sophisticated threats.
In 2022, I recommend CISOs take the lead to communicate concerns to the executive leadership team and make cybersecurity a core business priority, and not just an IT priority. Only then can CISOs efficiently secure a comprehensive cybersecurity environment and set the standard for cyber resiliency in the workplace. This will put them in a solid position to tackle future threats with a unified business approach to security.
