After a long summer break, CNME kicked off its long-anticipated event season with the return of the fifth annual Enterprise Security 360 Roadshow. Reaching Riyadh, Dubai and Doha, the show covered a range of issues that are never far from the thoughts of Middle Eastern CIOs. CNME reports from the UAE leg of the show.
IT security professionals from across the Middle East gathered to hear industry experts discuss the enterprise security issues that they felt are most pertinent in 2014.
With overall business increasing in the region, Middle Eastern companies are becoming more enticing prospects for cybercriminals. The Shamoon virus in 2012 wiped out data on 30,000 of Aramco’s – Saudi Arabia’s largest oil producer – computers, and the Stuxnet worm of 2010 destroyed a fifth of Iran’s nuclear centrifuges.
The likes of these issues, and the changing nature of the threat landscape within the enterprise itself dominated the agenda.
Shenoy Sandeep, AVP, Spire Solutions, kicked off proceedings with a presentation on effective vulnerability management. “It is not unreasonable to expect systems, servers, desktops and applications to be effectively monitored for threats,” he said. “A solution must be able to determine what attackers are doing on the system. A flexible and scalable architecture is an important catalyst for this.”
Next up was Jude Pereira, Managing Director, Nanjgel Solutions, who covered the ever-present issue of insider threats. Pereira used the analogy of identifying the insider threat to “finding a needle in a stack of needles.” He said, “Companies need to distinguish between the ‘known bad’ and ‘assumed good’ threats within an organisation. Accountability is key in this respect. Do people who have privileged access to the network abuse that power? Do they even need it?”
Pereira went on to discuss his preferred methods for channeling efforts into insider threat detection. “Don’t waste your time and money on the impossible,” he said. IT could be chasing shadows by trying to predict rare threats. Instead, organisations should look for the ‘observable red flags’ who can be identified via predictive and then diagnostic analytics. Furthermore, a multi-layered defense architecture, with network visibility, device profiling and endpoint compliance are all necessary in this battle.”
Moving on to an unavoidable issue in the context of the third platform of computing, Ahmad El Soufi, Technical Manager, UAE, Aruba Networks, took the audience through the challenges of secure enterprise mobility. “The way the network is accessed today has evolved,” he says. “The difficulties are a lack of visibility and the improvisation of devices connected to the enterprise network that often pose security threats.”
Rounding things off was Will Gray, Sales Director, UK and Middle East, Damballa, who discussed the inevitability of breaches and data security. He use several alarming statistics to set the tone and convey the vulnerability of the enterprise, “59 percent of security professionals say that if prevention fails, their high value assets aren’t secure,” he said. “Reports say that the average time a hacker will spend on a company’s network once in is 220 days. The longer these threats go undetected, the higher the risk to the enterprise. It’s vital that the enterprise can detect hidden threats that were previously unknown. In this context, unvalidated alerts are ultimately unhelpful, it is much more useful to build faith in alerts through evidence and context; low volume and high fidelity of alerts is more useful.”
Gray went on to highlight how automated and proactive strategies were needed to combat malware that has evolved. “Infected devices now initiate communications to attackers,” he said. “With 66 percent of CISOs saying they are short-staffed, processes need to be automated to detect this malware. In addition, ‘capture the flag’ exercises – can I get into the CEO’s laptop – are useful, and beat traditional penetration testing.”
In Riyadh, speakers included Samesh Sabry, Regional Manager, Spire Solutions; Javed Abbasi, Principal Consultant, GISBA Group; and Ahmed Enaya, Senior SE Manager, Aruba Networks. In Doha, expert speakers included Malik Nawaz, Regional Sales Manager, Airtight Networks; Saadi Kawkji, Senior Technical Manager, Aruba Networks; and Simon Edwards, Senior Security Consultant, Damaballa.
