The seventh annual Enterprise Security 360 Roadshow took place last month, reaching Riyadh, Dubai and Doha, the show covered a variety of issues surrounding the ever-changing cybersecurity landscape. Security Advisor ME reports from the UAE leg of the show.
The increasing complexities of the IT landscape and sophistication of cyber-attacks across the globe are compelling enterprises to adopt in-depth defence strategies to protect their valuable digital assets.
What’s more is at a time when third platform technologies such as cloud and BYOD are dominating the market traditional security approaches are simply not enough. Last month, one of the most prominent financial institutions in the region, Qatar National Bank, fell victim to a hacking incident where 1.5GB of the bank’s data were stolen and leaked online.
The likes of these issues and how enterprises can adopt a 360 degree strategy for security to keep both external and internal threats at bay dominated the agenda.
Microsoft Gulf’s Senior Premium Field Engineer Humberto da Silva started off the proceedings with a presentation that explained the growing importance of identity management and security in the cloud. “According to an IDC study, 70 percent of CIOs will embrace a cloud-first strategy in 2016,” he said. “However, numerous organisations cited concerns around data security as a barrier to cloud adoption. What they need to realise is that cloud can bring security benefits they didn’t previously have on-premises. Utilising the cloud can enable them to obtain security and identity authentication strategies that will ease the work of end users and at the same time protect corporate’s data and IP.”
Ayyman Mukaddam, System Engineer, Aruba, an HP Enterprise company, then took the stage and shared insights on top IT security considerations when dealing with a mobile workforce. With users carrying both IT-managed and personal devices, and connecting from anywhere to perform work related tasks, IT now has to deal with internal resources being accessed from various endpoints. “The BYOD and mobility trends are not going to slow down and will continue to grow. To enable the secure use of personal devices in the workplace, IT needs a way to automate who and what can be used.”
Mukaddam discussed the benefits of Aruba ClearPass, which has guest and device registration tools and enables better management and monitoring of user activities within the workplace.
Another crucial issue IT leaders need to keep an eye on is network and traffic security. Due to the increasing cases of malware most organisations are turning to encryption to ensure that their data is protected. Karthik Ramakrishnan, Senior Systems Engineer, Blue Coat, discussed that numerous organisations across various industries utilises Secure Sockets Layer (SSL) and Transport Layer Security (TLS) as part of their security protocol. “However, increasing cases of advanced persistent threats (APT) are using SSL as a transport into systems,” he said. “Therefore, it is highly ideal that enterprises find an effective strategy to manage SSL/TLS, doing so will give them better visibility of any threat actors within their network,” he added.
Next up was Samir Kirouani, Technical Manager, MEA and Indian Subcontinent, Centrify, who talked about best practices when managing privileged access. “Most enterprise security models today are built to try and keep the attackers out of the network. But the problem is today’s attacks are becoming more advanced and persistent.”
According to Kirouani, as the new threat landscape is far more sophisticated than ever before eventually threat actors will penetrate our networks. What’s worse is that among the most persistent security breaches are caused by compromised identities. “There are a variety of ways to minimise the attack surface to mitigate these kinds of threats,” he said. “Identity consolidation is the first step towards gaining control over your environment. IT leaders also need to minimise user access rights across the enterprise and set up various parameters in assigning employees with privileged access.”
Dell Security’s Solution Architect for Security, Rajesh Agnihotri presented ‘Connected Security’ strategy, which is focused on combining technologies and solutions to effectively and efficiently mitigate threats. “Security solutions have to evolve, and connected security is not only desirable – it’s essential,” he said. “An ideal defence strategy entail a layered and threat centric model. This model entails three D’s – defend, which means before an attack you should fortify your position to give yourself the best chance of preventing a breach; detect, which involves ensuring that your tools can identify the threat during an attack and act quickly to prevent it; and lastly, discover, which means after penetration ensure visibility un-masks the threat quickly to minimise loss.”
Following Agnihotri’s speech was Ibrahim Alaeddin, Business Manager, Fortinet, Exclusive Networks, who gave a presentation focused on the pervasive issue of ransomware. “In most cases, a ransomware will claim that you have done something illegal with your PC, and will ask you to pay a significant amount of money as a fine to government agency of some sort,” he explained. “However, there is no guarantee that paying the fine or doing what the ransomware asks you will bring access to your PC or files again. Detect, identify, mitigate and act are the key steps to effectively thwart any kind of malware.”
Umberto Sanso Vini, Channel Sales Manager South EMEA, CyberArk, gave a presentation that delved on security within an organisation’s perimeter. “The new battleground for cyber-attacks is not outside the perimeter, it’s actually inside your network,” he said. “Enterprises should look into a strategy that delivers both proactive protection and threat detection in the critical path of privileged accounts. They should also consider the combination of monitoring admin rights and application controls. This approach can reduce the attack surface by preventing known bad applications from executing and limit what malware can do by limiting the privileges granted to unknown applications.”
Next up was Jude Pereira, Managing Director, Nanjgel Solutions, who discussed the various approaches in building a cybersecurity framework. “Organisations need to speed up breach detection and apply security intelligence, which provides actionable and comprehensive insights for mitigating threats from protection, detection through remediation,” he said. “Another important noteworthy approach is ensuring that you get full visibility into your environment. You should understand what is happening and what is not. Use insights and analytics to identify outliers. Then, develop an integrated approach to stay ahead of the threat. Finally, innovate and Use cloud and mobile for better security.”
The last speaker of the day was Thomas Fischer, Global Security Advocate, Digital Guardian. During his presentation he looked into how the tools organisations possess can be better used to investigate and detect insider threats as well as expand visibility on external threats. “The key is having an intelligence in real-time that will inform us as to what is happening on the endpoint and to be able to take action to stop malicious activity,” he noted. “This can be achieved by enhancing our network visibility through detecting insider and external threats before damaging incidents occur. Then, organisations need to establish control and enforce data rights policies in real time for privileged users online or offline. Next, they should establish data chain-of-custody and incident context for investigations, in real time. Finally, ensure the access and uses of sensitive data are continuously audited and consistently managed.”
The Riyadh leg of the event featured the following speakers: Tamer Adil, Senior Systems Engineer, Blue Coat; Ahmed Ibrahim, Solution Architect, HP Enterprise; Sameh Gamil, Pre-sales Engineer, Dell Security; Hamza Al-Qudah, Technical Consultant, Exclusive Networks; AbdulRahman Al-Dalbahi, System Engineer, Intel Security; and Javed Abassi, GISBA Group.
In Doha, the line up of expert speakers also included Kamel Heus, Regional Sales Manager, Centrify; Wesam Alassaf, Enterprise Sales Manager, HP Enterprise; Mohammed Ameen, Network Security Consultant, Westcon ME; Robert Wickberg Taylar, ME Sales Manager and Surmed Shaikh, Akamai Technologies; and Shahul Hameed, Partner Technology Strategist, Microsoft Qatar.