Based out of Bahrain, CTM360 offers a cyber threat management platform that covers all aspects of prevention, detection and response. The company’s CEO Mirza Asrar Baig talks about the ways organisations can tackle cyber threats in real time.
How do you see the threat landscape evolving in 2017?
We anticipate substantial growth in cyber threats with an expected rise in integrated / hybrid attack types. It is imperative to differentiate between threat vectors and the corresponding attack types; dealing with hybrid attack types is challenging given that a single threat vector can be used in a variety of ways such as a social media profile perpetrating ransomware, conducting Advance Fee Fraud (AFF) and dispatching phishing URLs. One recent example is that of Cyber Evil Twin Sites, where a single website is the source of multiple threats containing investment scams, job scams, AFF and phishing; many practitioners miss these upon a cursory glance. In short, the threat landscape will most definitely see a sharp spike in growth via such integrated threats during 2017.
Do regional enterprises need to rethink their security strategies to protect against advanced threats?
Yes. Rethinking strategies is definitely necessary. This must start with the deployment and leverage of appropriate technologies and must be followed by a change in the industry’s current approach to this type of situations. Current threats always remain a high priority and should immediately be addressed and focused on; however, there is also a visible lack of skills, knowledge and coordination within the cybersecurity industry.
A change in mindset is very much needed, as a communication gap is also apparent. People are still cautious of disclosing the details of an event from the fear of losing credibility. This coupled with the fact that threats keep evolving at an exponential pace makes addressing these issues critical. Additionally, there is too much technology being deployed, but not being used efficiently.
What kind of security strategy do you recommend for them?
The key element of any effective strategy is collaboration. With constantly evolving threat vectors, sharing information and discussing issues remains the most effective method. It is vital to be constantly aware of what is going on, which helps in identifying threats early and building an effective counteractive response strategy.
Additionally, having a cyber incident response unit on-hand can assist in strengthening an organisation’s defence, and forming the backbone of the security strategy. Finally, it is essential to properly define and differentiate between information security and cybersecurity, as this remains a cause for confusion and role-conflict globally.
How can enterprises speed up the time to detect and respond to incidents?
The initial process is to understand that a threat has many elements and then to identify each of them; being one step ahead gives an upper hand in eliminating a cyber threat. When a targeted email is received, the hacker has already done sufficient reconnaissance to reach the target inbox. Organisations need to harden themselves to prevent such threats by identifying them earlier along the cyber kill chain process. Engaging with a cyber incident response unit locally, can help to better identify and mitigate current threats within the region.
What is CTM360’s value proposition to the regional security market?
Over the last two years, we have expanded with a 24 x 7 x 365 dedicated cyber incident response team, which proactively identifies and mitigates cyber threats. To date, we have managed 30,000 plus unique cyber incidents.
Beyond this, we fortify our members’ cyber footprint to secure online assets and enable the member to remain a resilient target. Remaining situationally aware is another key component of our offering, wherein the CTM360 team analyses new trends, including identification of new attack types, delivery mechanisms and the rationale of an attack. We have evolved with 10 service modules and the goal remains to make our members cyber resilient and cyber vigilant always. By Q2 2017, we will complete in-house development on 35 plus additional web and app-based components.