A massive move to remote work and rising geopolitical tensions that threaten critical infrastructure have caused many a sleepless night for CIOs and CSOs in the Middle East over the past year. They are also giving technology leaders gathering this week in Dubai at GISEC, the largest security conference in the Middle East, plenty to talk about.
Enterprises and government entities face increasingly complex IT infrastructure. While digital transformation projects were bringing business processes and consumer services online, the pandemic acted as an accelerant, for example leading the UAE to remove restrictions on internet communications applications such as Zoom and Skype, and causing Gulf area governments to impose rules, such as requiring companies to offer cashless payment options, that fuelled e-commerce.
“The pandemic broke all the shackles and we now exist in a perimeter-less network environment,” said Veneeth Purushotaman, Group CIO at Aster DM Healthcare, based in Dubai. “This no doubt makes the topic of information security, data security all the more relevant and top of the mind. There can’t be a more relevant topic than information security.”
GISEC attendees will get a chance to hear what more than 180 speakers say about how to protect their network infrastructure, and check out security applications from over 150 different vendors.
While major vendors such as Google, Microsoft, Etisalat Digital, and Huawei will be participating in panel sessions and exhibiting at the conference, attendees will also get a chance to hear from a wide range of smaller companies offering specialized security technology as well as government security officials and researchers laying out best practices for defending complex IT infrastructure.
Cybersecurity faces geopolitics
Defending against nation-state actors, always an issue in the Middle East, takes on more urgency this year at GISEC, given recent events such as the attack on Iran’s Natanz nuclear facility — widely attributed to Israel and for which Iran has vowed retribution — and a growing number of apparently state-sponsored cyberattacks.
The GISEC panel ‘Cyber operations of Iran-linked threat actor the MABNA Institute’, for example, will examine the TTPs (tactics, techniques and procedures) used by MABNA, a threat actor which has been associated with the Islamic Revolutionary Guard Corps. (IRGC) and which has launched large-scale phishing and credential theft operations.
“The most important cybersecurity topics in the Middle East are for sure aligned with global topics but the Middle East is always special since political issues make us see many ‘nation-state attacks’, ” said Dr. Erdal Ozkaya, CISO at tech vendor Confidential and up until last month the regional CISO for Standard Chartered Bank in Dubai.
To help governments and businesses identify nation-state threat actors, and defend against them, Chris Kubecka, Distinguished Chair at the Middle East Institute’s Cyber Program, will be taking a look at ‘The geopolitics of cyber security: Defending against nation state actors’.
In the wake of last year’s normalization deals between Israel and Gulf states UAE and Bahrain, a new twist at GISEC this year is the presence of Israeli enterprise and government officials, who will be conducting a series of panels examining state-sponsored cyberthreats and ways to mitigate them.
Erez Tidhar, executive director of the Israeli National Computer Emergency Response Center (CERT), will head a panel examining ‘Intelligence in the service of cybersecurity defence centres’, and Uri Levy, senior vice president at Israel-based XM Cyber, will hold a talk on attack-based vulnerabiity management, which involves continuously scanning networks to identify exploitable vulnerabilities, misconfigurations, poorly managed credentials and risky user activities.
Critical infrastructure is a target
As an increasing amount of commerce is conducted online, and municipal authorities deploy IoT and 5G networks for smart city initiatives, consumers and businesses stand to benefit from efficient new services. The downside: these new services also open up attack vectors for hackers that can turn dreams of smart cities into nightmare scenarios for security-minded technology executives.
In a talk on ‘When cybersecurity meets the physical,’ Michael Arov, head of the Cyber Business Unit at Israeli defence tech company Rafael Advanced Defense Systems will examine threats to critical infrastructure.
“The landscape of cyberwarfare is rapidly changing, with a growing emphasis on the targeting and disruption of physical civilian critical infrastructure,” according to a statement from Arov. “As the physical world increasingly becomes just a group of internet-connected devices, the future is one in which physical security will become one with cyber security.”
Vendors such as Waterfall Security Solutions and Harmony IoT will also be on hand leading discussions on techniques to monitor and protect IoT systems for municipal and industrial networks.
Security automation for extended networks
As enterprise and municipal networks grow in complexity, automated security systems are increasingly seen as essential. GISEC attendees will get a chance to hear how a variety of vendors are offering automated security services such as AI-based system penetration testing
“It doesn’t matter if you’re a CISO, infrastructure manager, MSSP or helpdesk manager; if the business is small, medium or large – security automation is not a luxury anymore, it’s a life-saver,” according to according to a statement from Cyberm8, which will be holding a panel titled ‘Work smarter, not harder: Why everyone should implement security automation!’
Cyberm8 offers a security automation platform that includes task delegation, rules engine, event parser and scheduling components.
On its part, Dartrace, an AI company specializing in cyberdefense, will be hosting a talk on ‘The battle of the algorithms’, examining how cybercriminals are leveraging AI tools to create sophisticated cyberweapons, what an AI-powered spoofing threat may look like, and why defensive AI technologies are uniquely positioned to fight back.
Pcysys, a maker of automated penetration technology, will hold several sessions on strategies for validating the effectiveness and accuracy of enterprises’ cybersecurity, laying out best practices for continuous security control validation.
Many enterprise security professionals, though, feel that the most important opportunity at GISEC is to share stories about how technology leaders have dealt with the challenges of the past year.
“We experienced a very special year which brought all of us different lessons!” said Erdal Ozkaya, the Confidential CISO. “And the best way to learn is usually to read or listen to people who have experience, and ask them questions.”
(Additional reporting, Andrea Benito in Dubai.)