Maxim Frolov, managing director, Middle East, Turkey and Africa, Kaspersky Lab, discusses why nations should start developing a holistic and sustainable approach to cybersecurity.
What has been Kaspersky Lab’s focus here in the region during the past 12 months?
Over the past year, we have made significant progress in the region.
We have successfully established our headquarters in Dubai as part of our operations in the Middle East, Africa and Turkey region. So, all the team members who were handling META accounts from Moscow have moved to be on ground here, which I believe demonstrates our commitment to our business in this part of the world.
In addition, we have also experienced noteworthy changes within the company. In order to address the massive opportunities in the region, we transformed our organisational structure and made it more enterprise focused and technology-oriented.
On the operational side, we have invested heavily into our workforce by adding more people into our account management, sales and engineering teams. Most importantly, we have introduced ‘segment’ specific roles such as Industrial Cybersecurity, an area that we believe to be one of the biggest and fast-growing in the Middle East.
We have had huge success in our regional initiatives, from partnerships and cybersecurity awareness events to roll-outs of our next-generation security products.
How has the region’s attitude towards IT security innovation evolved over the years?
In some ways, it is still a work in progress. But the good news is, organisations across a majority of industry verticals are already realising that there is no single solution that can guarantee the protection of their systems. We support them in this regard through a massive push in educational initiatives.
A year ago, we have made a brave and unusual move for a cybersecurity vendor. We changed the way we treat our customer relationships. We realised that almost all organisations, at a certain level, already have security technologies in place. However, while they may have the latest technologies, they might not necessarily be using them in a strategic manner. So, as a security technology vendor, instead of just trying to convince organisations to replace their current systems, we decided to take on the role of cybersecurity advisors.
Armed with the latest services portfolio that we have, which include a number of threat intelligence, detection and response, and security assessment services, we help enterprises asses their vulnerabilities and enhance their capabilities without necessarily pushing them to buy our products.
We also educate them on the kinds of solutions or products that best suit their requirements. We also guide them on how they can elevate the capabilities of their security operations centre and security teams.
What do you see as the biggest security challenge today?
Today, a holistic and sustainable approach to security is lacking. Cybersecurity should not be a concern for only individual organisations. We strongly believe that it is something that needs to be addressed by nations, as a whole.
First and foremost, it should be regulated and managed at a national level. If you think about it, ransomware is not the biggest security threat for the region. Yes, it is alarming and we shouldn’t ignore the damage it is capable of, but would it collapse a whole country? No, however, cyberterrorism most certainly has the potential to do that. There are three vital aspects for any country’s survival – critical infrastructure, financial sector and the young generation.
In the modern world, a cyber threat actor who wants to cause chaos to a nation could infiltrate or disrupt any of these within 20 hours. We have run multiple test scenarios and have proven that this can very much be a reality.
Cyber terrorists can shut down power plants and stop critical functions within a nation such as electricity, transportation (metro), cooling systems and the likes. They can disrupt our telecoms systems by sending alarming mass messages or by simply preventing everyone from making any calls.
Next, is the banking and financial sector where in cyber-attackers can target stock markets, hack ATM machines or mobile banking systems.
Imagine these things happening all at once, it will be total chaos.
Lastly, we have to look out for the younger generation. Today, they are the ones who are the most exposed to the digital world. They can be easily targeted and influenced by bad actors.
We must keep all these elements in mind and start thinking about long-term survival and sustainability when it comes to cybersecurity for entire nations.
How do you aim to help address this?
As a team, we are investing time and energy in educating customers on the importance of cybersecurity in a holistic approach. We conduct cybersecurity awareness programmes and organise a host of events such as trainings, workshops and conferences to highlight the impact that these issues can potentially have and educate firms, both in public and private sectors, on different best practices.
We are also working continuously with government organisations to identify new ways on how we can raise cyber resilience and awareness to a national level.
What are your plans for the coming months?
Our long-term plan includes the continuous push for more growth. The market will see us strengthening our regional team, especially as we have plans to expand to Bahrain. We will be rolling out our new solutions, which include our new endpoint detection and response (EDR) offering. We are planning to launch the piloting programme for Kaspersky EDR during our participation at GITEX Technology Week 2017.
We believe that EDR is one of the crucial parts of any cybersecurity strategy. Kaspersky EDR has capabilities such as enhanced incident mitigation, better visibility over endpoints, compatibility with traditional endpoint protection products and investigative capabilities for security teams and SOC (Security Operations Centre).