CPI’s Nitya Ravi interviewed Jamil Abu Aqel, Sales Engineering Director, Emerging Region, Mandiant about their hopes for GISEC 2022 and what Mandiant Validation and how it helps businesses to get quantifiable cybersecurity data.
What products and solutions are Mandiant focusing on this GISEC?
From a solution perspective we are showcasing our Mandiant Advantage Platform. A set of closely integrated solutions make up this platform. We have our vendor agnostic XDR solution, our threat intelligence portfolio of solutions all plugged into Mandiant Advantage Platform. We also have Security validation, Attack Surface management and Managed Defense all integrated into the Mandiant Advantage Platform.
Ransomware attacks are on the rise across the world. Which countries and industries according to you are the most targeted in this region?
Ransomware is a problem that is causing a lot of damage everywhere. In our Mandiant prediction 2022 report we have raised this issue. In our Mtrends report, a report where we explain the latest security trends we saw take precedence the previous year, and where we add our predictions for the time to come, we highlighted the impact and the damage that is already been caused by ransomware and how the UAE was heavily targeted. UAE was one of the top countries in the region that was targeted by ransomware attackers with the engineering and construction sectors targeted the most followed by the retail sector.
How can organisations improve their security posture in this evolving threat landscape?
There is a saying that goes soldiers fight in war the way they train in peace. Organisations should ask themselves if their people are equipped and prepared to manage and handle any sort of cyberthreats or attacks. Being proactive, preparing for incidence, upskilling that is taking care of people in terms of enablement, training, having the right incidence response plan and practicing that also, partnering with the right partners and vendors that understands security and can help them in time of crisis is very essential.
How can business get quantifiable data on the effectiveness of their cybersecurity controls?
There is a new concept introduced by Mandiant called the Mandiant Validation which can be used by customers to take decisions based on facts rather than assumptions. The problem today is everybody has security controls, everybody has firewalls, antivirus and so on and we assume these technologies are doing what they are supposed to be doing whereas in many instances there are misconfigurations. Customers assume tools are patched, optimised, and working as expected whereas in real they are not. We must therefore continuously measure our actual readiness and our security posture to ensure it is where we think it is.
We must also train our people and ensure that when we find a gap, we learn from that and educate our people to avoid such issues, such gaps in the future.