Veronica Martin caught up with Ashraf Koheil, with at Group-IB, Regional Director, Middle East, Africa and Turkey during GISEC 2023 to discuss the products and solutions they are showcasing this year, their plans for the region and the importance of cyber education in today’s landscape.
What products/solutions are you showcasing at GISEC this year?
Cybersecurity today is about platform players or ecosystem player and the way Group-IB has been positioning itself is not about replacing anything, but how to make your environment better, how we look at the market and see the threat profile and the threat landscape progressing. We are showcasing the latest in threat intelligence and attribution.
How do you know who’s targeting you, your industry, equipment manufacturers and so forth? We are showcasing our Fraud Protection, outlining the new trends in fraud, the latest in Digital Risk Protection, our XDR, which gives organizations all they need to repel very advanced malware attacks.
This means not just defending yourself but preparing yourself for a counterattack as well. Our capabilities in the digital forensics have moved forward a lot and we are in a position where we can provide not only digital forensic support, but expert witness as well.
Why GISEC is important for your company?
GISEC is important for a number of things. It’s a place, a meeting point where everyone showcases their best and latest solutions, so it’s always important to find out how good we are compared to others and learn from each other. At the end of the day, vendors need to partner together to move forward.
It’s also a way for the team to connect internally and spend time together, recognize them with awards, train them on the latest to service our clients better, celebrate success and learn new things.
What are your plans for the region in 2023?
More growth! We are launching a cyber academy and expanding the resources on ground right now. We have built a very agile model where sales, presales and professional services will be in-country, not remotely. We are expanding our partner ecosystem with our in-country cloud.
We want more growth, learning and partnerships with other vendors. We have a lot of initiatives and are hiring a lot more brilliant young people.
What are some of the leading security trends companies should watch out for this year?
There are a number of trends. The first one is that clients are moving away from point solutions provided by different vendors because they need to have one accountability. Second, there is a widening gap in the industry and thirdly, SLAs, KPIs and APIs are becoming an issue of the past.
People used to share RFPs, but now they actually spend time designing their own requirements, so we need to understand the needs of our clients and add value to their businesses to stay competitive.
What’s the importance of cyber education and skills training in today’s landscape?
Everyone is talking about the skills gap, so we decided to move into action to attract the best skills and talent. Our academy will train students to acquire the same skills as their instructors.
We start by assessing the current skillset on a scale of one to five and, from there, we analyse how to develop these skills further and put a plan together.
Another issue is skill retention. Once you train someone to a high level of skill set, all of a sudden you cannot give the person a 5% pay rise anymore because of the consumer index, so to retain talent, you need to invest in them.
If there is one thing we have learnt in the last 30, 40 years is that technology will always let you down. We have seen so many cases where banks would have a multimillion dollar infrastructure and then the whole bank got taken down, the accounts got leaked because one person clicked the wrong email and did nothing, so we have developed an executive scorecard for organizations where there are rewards and penalties to help them establish a baseline and see how they are progressing by department. Security needs to be introduced as a KPI inside organizations so employees are aware of the dangers of cyber security.