Since the beginning of the Covid-19 pandemic, IT experts in various industries have been faced with the task of supporting hybrid and remote working environments. Even if the situation in the Middle East eases, the trends of digital transformation and distributed work continue to increase. If companies do not have appropriate cybersecurity solutions in place, it leads to vulnerabilities and increased risks. Therefore, regional governments are striving to create a secure digital environment.
A strategic approach
In the United Arab Emirates, the government launched the National Cybersecurity Strategy, which aims to build a secure and solid cyber infrastructure that enables businesses to thrive. The strategy is based on five pillars and 60 initiatives that aim to mobilize the entire cybersecurity ecosystem across the country.
In Saudi Arabia, the government has set up the National Cybersecurity Authority (NCA) as the body responsible for cybersecurity. The NCA has both regulatory and operational functions related to cybersecurity. It works closely with public and private institutions to improve the country’s cybersecurity posture to protect its vital interests, high priority sectors, and government services and activities in line with Vision 2030.
Recently, the kingdom also launched a series of technology initiatives valued at over $ 1.2 billion to improve the digital skills of 100,000 Saudi youth by 2030. Initiatives included @HACK, the cybersecurity event (SAFCSP) organized by the Saudi Federation of Cybersecurity, Programming and Drones, and Informa Markets, in partnership with Black Hat. The three-day event, held from November 28-30, 2021, aimed to redefine the future of cybersecurity in the region. During the event, cybersecurity experts, ethical hackers, risk and IT professionals, policy makers, researchers and academics, and other security stakeholders discussed emerging security risks, cybersecurity best practices and new solutions to the far-reaching problems facing the global economy today. Further highlights of the fair were a SAR1m hacking contest, the participation of ICT companies and 600 hours of advanced training in cybersecurity.
Over 200 specialist speakers presented briefings on the latest developments in security. “What Riyadh did in one year would take 15 years elsewhere,” said Steve Wylie, vice president, cybersecurity market at Informa Tech, in a statement. Moving to Oman, one of the government initiatives, the Oman National Computer Readiness Team (OCERT), was launched to create a secure cyber environment for the country. This initiative is considered a hotspot for cybersecurity incidents in the sultanate. It also aims to develop security information strategies to maintain the online existence of government and private entities.
A collaborative approach
In line with the region’s robust cybersecurity foundation, private sectors are also helping organizations protect their sensitive data. According to research by the cybersecurity company Proofpoint, Chief Information Security Officers (CISO) in the United Arab Emirates and Saudi Arabia have seen more targeted attacks in the past year. With increasing cybercrime, the role of cybersecurity companies has become even more important, the company emphasized.
Andrew Schumer, Technical Director at Axon Technologies, says, “Companies used to focus on digital transformation, but now they focus heavily on what happens after the transformation. As a result, we see large numbers of phishing, malware and ransomware attacks. ”Schumer believes that effective cyber defense is a mix of the right people, processes and technologies. “We provide end-to-end services to help organizations predict, prevent, detect, and respond to attackers before, during, and after an incident,” he added.
Mahmoud Samy, Vice President – Regional Sales EMEA at Forcepoint, says IT and security teams had the unenviable job of ensuring business continuity during the rapid digital transformation phase. “The reality of today is that people work from everywhere, which means that the boundaries of companies are no longer physical boundaries. In this network environment without a perimeter, companies have to protect their sensitive data with a 360-degree approach.
Experts urge companies to take a holistic approach by making sure they understand all risks and partnering with companies that can support them. Cybersecurity firm Tenable advises CISOs to take a risk-based view of the company’s entire attack surface in order to quickly identify, investigate, and prioritize vulnerabilities. “You cannot protect what you cannot see. In order to reduce the risk of an attack, a specialized third-party check is essential. In addition, companies can never have a single silver bullet to reduce the risk of a cyber attack. It’s an equal partnership, which means that a company may need multiple technology partners working hand in hand to address cybersecurity breaches and risks, ”said Maher Jadallah, Senior Director – Middle East and North Africa, Tenable.
The digital world is changing daily due to technological advances in cloud computing and 5G networks, forcing hackers to use new methods of attack. While there are many benefits to digital transformation, cybersecurity must be given top priority. Cybersecurity should not only affect the IT and security departments, but the entire organization. Executives should take the time to identify the cyber risks their organizations are facing. In order to proactively manage risks, companies must also lay a solid foundation for cybersecurity in the long term. Organizations can achieve this by identifying potential risks, having complete network visibility and ensuring continuous monitoring of connected devices.
Read: Are Companies Prepared For New Cyber Security Risks?