With the ever-changing threat landscape and increasing sophistication of attacks, proactively hunting for threats with the aid of AI and machine learning technologies is the only way to stay one step ahead of hackers, according to some of the top CISOs and CIOs in the region.
Attending a roundtable discussion on the future of cybersecurity, organised by Security Advisor ME in association with Micro Focus, security leaders from the UAE brought to the fore some top challenges faced by CISOs today, which include lack of skilled resources, frequency of attacks in a complex environment and articulating the business value of security investments.
“There is no silver bullet to security issues today but you can take a silver gun approach – having multiple solutions working in tandem to solve the challenges. We need solutions that can help us actively hunt for threats, detect them and respond quickly. If there is a ransomware attack, we need tools that can help us understand the blast radius and take remedial measures immediately,” said Vivek Gupta, CISO of Landmark Group.
Speaking about the issue of privilege user abuse, which is a daunting challenge for many enterprises, Ashith Piriyattiath, CIO of Al Masah Capital, said the remedy is to integrate DLP and UBA tools into HR systems, and real-time analysis of live network traffic.
Though cybersecurity is now a boardroom agenda, finding funding for security projects and winning top management support can still be an issue for many CISOs. “One way to overcome this challenge is to talk the language of business to your board, and articulate the risk to business,” said George Eapen, CISO of GE. “You need to explain to your CFO the cost of not doing something and that would make it easier to get funding for your security projects.”
Anoop Kumar, CISO of Al Nisr Publishing, pointed out security is often treated as an after-thought in many organisations. “Business project managers fail to involve us right from the beginning and this could cause serious problems.”
Kuldeep Bhatnagar, CISO of Environment Agency, Abu Dhabi, said security tools itself can’t address the challenges. “You may invest in cutting-edge solutions or tools, but if you don’t make the best use of it, it is not going to help you. It is why the human factor is so important in security today,” he said.
Also speaking at the discussion were Venkatesh Mahadevan (CIO of Dubai Investments), Shailesh Mani (CIO of Flemingo International), VJ Srinivas (IT security head at EGA, RAK), Clen Richards (senior IT security officer at Meraas), Dirk Benecke and Markus Knorr (Micro Focus)