Abhijit Mahadik, Director, Cybersecurity & Infrastructure, UAE & KSA, Raqmiyat, speaks to Anita Joseph, Editor, SAME about the evolving cybersecurity landscape, the threats organisations need to watch out for and how the security priorities of organisations have shifted since the pandemic last year.
At the outset, let me share with you a statement that clouds my mind.
Isn’t the cybersecurity market overcrowded already? Yet there is an ever-increasing influx! This brings me to another question: If so, then why are perpetrators always ahead of the game?
‘Attacks against remote access protocols in the UAE reached 15.8 million in 2020,’ according to a report by global cybersecurity company, Kaspersky.
Let me give you another outlook- today, 90% of cybersecurity professionals in the US and Japan anticipate malicious AI-powered attacks. This is because AI research is publicly available and it can be used to build intelligent, continuously learning exploits by attackers. In adversarial attacks, attackers even change the inputs of machine learning models to cause the model to make mistakes. Even if we all tend to agree that it’s not a human scale problem anymore, how may we box the billions of data bits and time-varying signals sent from all corners? While new layers and surfaces both horizontally and vertically keep getting added to the organisation’s tech processes a recent survey showed that while 85% of CISO’s prime objective is protection from ‘unknown’ adversarial attacks, 76% are also wary of regulatory non-conformities, 72% are grappling with cybercrimes and frauds too.
Tell us about the cyberattack landscape in the Middle East right now. What should we be worried about?
The Middle East region is facing a “cyber pandemic” as hackers take advantage of the Covid-related digital adoption, with a 250% increase in cyberattacks this year, and phishing and ransomware incidents increasing in frequency and becoming a soft target of “huge attacks,” according to the head of the UAE Government’s Cyber Security division.
However, to look at the sunny side of things, the Middle East is on a perfect journey of digitisation and complete transformation programs have been rolled out to bolster capabilities across infra, telco, banking, energy, utilities, government as well as the entertainment sectors. Initiatives such as the KSA Transformational Program as well as Dubai’s aim to become the best place to live by 2030 provides ample proof that it is truly a national drive.
On the other hand, Middle East governments are acutely aware of the new threat landscape associated with digitisation. In fact, to bolster their national cyber-security capabilities and elevate the protection level of their critical national information infrastructures, many of them have stepped up their cyber-security activities in recent years. Also, organisations in the region are facing more stringent regulations, forcing them to take greater responsibility for the protection of sensitive data. In short, it has become clear that security must keep pace with the speed of national initiatives.
What are some of the less common but extremely dangerous cyber-attacks that enterprises must be aware of? What can they do to prevent this?
Public Infrastructure Systems and Government IT systems have become a target of choice for hackers globally. As in the news, malicious actors, backdoors, commodity ransoms, etc are all knocking government agencies and financial institutions across. Newer APT groups are targeting the airline and hotel sectors in the wake of the Covid-19 pandemic. It won’t be out of place to say that we are in the middle of a “Cyber Pandemic,” too.
What are some of the less common but extremely dangerous cyber-attacks that enterprises must be aware of? What can they do to prevent this?
NotPetya Smaller footprints but bigger damage than Wannacry – Costliest attack globally but not heard of much in the Middle East today.
StuxNet which has rocked governments-a complex, multifaceted malware that can reprogram controllers at nuclear reactors.
Mirai another one that is termed as a giant botnet for large scale DDOS and has also been known to infect Playstations at large.
These are the less common but more dangerous ones. To begin with, a Cyber Resilience Check-up is the key to understand to what extent your defences are adequate. There is also a need to strengthen supply chain resilience capabilities, as that is one of the most vulnerable spots where most of the attacks have increased beyond control.
How have the security priorities of organisations shifted post the Covid-19 pandemic?
The shift in roles and responsibilities for the protection of sensitive data can be seen in the kind of initiatives taken up regarding data classification, the protection of crown jewels. There is also significant emphasis on business continuity planning in automation and sustenance in the wake of attacks and non-conformities found. Continuous Compliance Monitoring has also been embraced by telecom giants in the region.
In the context of shifting priorities and evolving cyberattacks, how do AI and machine learning step in, to accelerate enterprise security?
AI and Machine learning have been instrumental to some extent in alleviating ‘alert fatigue’ and ‘false positives’, recognising patterns and managing accurate response and threats before a disaster occurs, that too without the need for human intervention. However, the perpetrators bring in a far more focused AI and ML-based attack vector array. Here, contextualisation and prioritisation are key. Therefore, cybersecurity needs to be a board-room focus area to bring in the right business context-based cyber resilience into play.
What is your advice to organisations looking to strengthen their cybersecurity infrastructure?
There are some key aspects here: the first would be to bring in real-time visibility of business exposure due to cyber risks. The other factors would be to draw a correlation between the ROI of cyber investments and losses owing to cybersecurity, detect and eliminate overlapping security technologies and bring in near real-time visibility and transparency on business exposure.