CNME Editor Mark Forker spoke to Tamer Odeh, Regional Director at SentinelOne, Middle East, onsite at GISEC 2021, to find out how their patented AI technology is equipping businesses with the solutions required to deter, mitigate and stop ransomware attacks and why the end-point has become the first line of defence for enterprises.
Over the last six months there has been a plethora of ransomware attacks from the high-profile SolarWinds hack to the vulnerability that was exposed in Microsoft Exchange – and most recently the Colonial Pipeline attack in the United States.
Since conducting this interview with SentinelOne at GISEC, there has been another huge ransomware attack, this time on the world’s largest meat processing company JBS.
In a compelling interview, Odeh was candid about the severity of the ransomware problem on a global scale, but he highlighted how their Singularity XDR platform is helping enterprises to better prevent, detect and respond to ransomware attacks.
“We have never seen so many ransomware attacks in such a short period of time that has impacted so many different industry verticals. There is nobody in the security ecosystem that can present a solution and say that this is the remedy to deter and prevent ransomware attacks. However, what distinguishes the XDR Singularity platform developed by SentinelOne, compared to other security vendors is our patented technology in leveraging AI. What that allows us to do is to stop ransomware attacks in their tracks. We can detect them at the very inception of the attack, and we can detect them in motion, and we have the capacity to stop it, mitigate it, and provide further analysis of the attack”, said Odeh.
Odeh also added that their mission was to not only stop attacks from happening, but to educate their customers through the compilation of their intelligence reports to give them the knowledge to improve their security posture in the future.
SentinelOne has enjoyed strong growth over the last few quarters, and many IT analysts have credited their success as a direct result of the unique capabilities provided by its XDR Singularity platform which is empowering enterprises to bolster their security portfolio.
“One of the key differentiators of the XDR Singularity platform against all the other market competition out there is that we utilise behavioural analytics through machine learning and AI to quickly detect an attack, or a malicious activity. Other market players have an element of the human factor, or a process in which the decision-making is delegated to an outside source, be it a cloud, or a managed detection and response service. However, what SentinelOne does is provide intelligence that is based at the agent level, so even if the end point, or the agent is in a remote location with no connectivity it can understand and analyse the attack and defend itself automatically”, said Odeh.
The acceleration towards the cloud has undoubtedly been accelerated by the COVID-19 pandemic, but what has become evident is that many businesses are struggling to adapt to the demands of cloud transformation.
However, Odeh believes the pandemic has also resulted in a dramatic mindset shift from both CISOs and CIOs across the region, but said many businesses have overlooked their security strategy in order to facilitate their move to the cloud.
“The COVID-19 pandemic has applied a lot of pressure on CISOs and CIOs in relation to their cloud migration journeys towards digital transformation. The trend that we see in the Middle East is that we were very heavy on on-prem technology, and that was the most common architecture that we had. As a result, moving to the cloud was very steady, but also very slow, but the global health crisis and the need for digital transformation has accelerated that. There is a cost involved in this type of transformation, but unfortunately many businesses compensated their security offerings to raise the capital needed for migrating towards the cloud”, said Odeh.
The regional director at SentinelOne also highlighted how their approach during the pandemic was very much customer-centric.
“At SentinelOne, we said come and use our platform for FREE, and make sure that your environment is secure and don’t worry about that, instead worry about the safety of your business. We approached certain industries, such as the healthcare and education sector and said to them let us help you build out your security roadmap and accelerate that through various means, whether it was through offering the solution at an affordable cost, or through our services”, said Odeh.
In April 2020, Odeh had previously stressed the importance of CISO’s reviewing and bolstering their end-point security policies, especially given the number of businesses that were adopting to remote working models. 12 months on he believes there is acceptance in the industry that now that the end-point is the first line of defense.
“The dialogue around end-point protection has increased as has the consolidation of protection on the end-point. In the past significant investments were made into resources and technology being within the perimeter of the enterprise, but once we introduced working remotely the perimeter expanded and the vectors of attacks also expanded. Your average person now is working from home, and they are connected to an unsecured Wi-Fi connection. The perimeter has widened and the end-point has become your first line of defense towards your weakest link, which is us. We are the most vulnerable and susceptible to a phishing email and attackers are preying on this. However, the end-point is the one point that gives you visibility in terms of how the attacker is trying to penetrate and infiltrate than most of the other technologies that are around”, said Odeh.
SentinelOne as aforementioned above have enjoyed strong growth, and Odeh declared that their mission was to continue that growth journey.
“Our mission is to protect customers from breaches and the best way to do that is by getting closer to the customer. We have invested in channel programs to get closer to our customers across the Middle East, Turkey and Africa. We also want to add to our team and increase the resources that we have both from a sales perspective and a support perspective. It’s not just about breaching the technology, it’s also about the after-sales element, as we want to maintain a consistent experience to our customers. The region is witnessing an immense amount of growth, and we are very fortunate to be centralised in Dubai, and are very close to all our major markets”, said Odeh.