Complex Made Simple

Exclusive: Cyberattacks – how safe is your business?

J. Peter Bruzzese, an eight-time awarded Microsoft MVP at Mimecast, emphasizes the importance of cybersecurity and cloud services for government entities, established companies, and local businesses in the UAE.

“All industries are currently vulnerable to cyberthreat, especially industries that are slow to upgrade their technology” “Most IT personnel can’t juggle it all, which is why a move to the cloud can provide improved levels of security” About 32 percent of businesses in the UAE are not even using a firewall gateway for basic information security

Cybersecurity has become an extremely serious concern in the UAE and the Middle East. According to the 2019 Darkmatter Cybersecurity Report, threats in the Middle East region are increasing with Financial Firms, Oil and Gas, Transportation, and Electricity and Water being identified as “critical infrastructure sectors”. 

A 2018 Forbes report pointed to financial firms being targeted 300 times more than other industries, while a Siemens and Ponemon Institute report showed that more than half of all cyberattacks in the Middle region targeted the operations technology (OT) environments in the oil and gas sector. Meanwhile, transportation services including air, bus, rail, and water accounted for 13 percent of all cyberattacks globally, an IBM report stated. The UAE government has already taken cognizance of the potential threat to its electricity and water infrastructure and have put defense steps in place to counter such threats.

The threat for businesses is real. A large number of businesses in the Middle East are unprepared for cyberattacks. The organizations remain vulnerable due to either negligent or disordered systems, the Darkmatter report states. This may be in the form of outdated and unsupported software, negligent systems, insecure protocols, and even unrestricted networks. Where it gets truly incredible is this: A survey conducted by Mimecast and Vanson-Bourne showed that although 69 percent of UAE respondents agreed on the importance of cyber threat intelligence, about 32 percent of businesses in the UAE are not even using a firewall gateway for basic information security.

“All industries are currently vulnerable to cyberthreats, especially industries that are slow to upgrade their technology. This is the case with law firms, finance, governments, healthcare  – anytime you have a legacy architecture or legacy infrastructure, it will cause problems when it comes to security. Here in the Middle East, there are a lot of on-premises systems that haven’t moved to the cloud … and that’s partially due to the fact that there haven’t been great opportunities in that regard until recently,” says J. Peter Bruzzese, an eight-time awarded Microsoft MVP at Mimecast and an internationally-acclaimed author, in an exclusive conversation with AMEinfo.

Source – Darkmatter Cybersecurity Report 2019

Incidents investigated by Security
Operations Centers (SOCs) run by DarkMatter 
between November 2018 and March 2019

How does the cloud help?

In June 2019, Microsoft announced that its data centers in Dubai and Abu Dhabi were online, offering access to Azure’s cloud computing service, Office 365, with support on its Power Platform and Dynamic 365 expected in late-2019. Alibaba Cloud and Oracle have also entered the UAE cloud services space. Amazon Web Services (AWS) has further established a strong cloud presence in the region with data centers in the UAE and Bahrain.

“Having a lot of on-premises infrastructure in the Middle East and the UAE could cause vulnerabilities with regard to cybersecurity depending on whether or not the organizations and businesses maintain an up-to-date infrastructure. Most IT personnel can’t juggle it all, which is why a move to the cloud can provide improved levels of security,” J. Peter Bruzzese added.

Microsoft, Amazon, and Google all have a large customer base which allows security providers to foresee threats by handling a larger threat intel landscape. Microsoft alone has more than 180 million customers worldwide that it can rely on for information and threat intelligence. This provides a better way to protect the end-user by sharing threat intelligence across the board. For instance, Mimecast can use its large threat intelligence base to warn the IT admins of what is coming their way – on the email level as well as on the DNS levels and other levels of layered security. 

“There’s no silver bullet in the security landscape. There’s no one solution that can do it all.  However, by creating an ability to connect different solutions through APIs that can leverage solutions that organizations are already investing in, this provides businesses the opportunity to make the most of multiple solutions in the fight against cyber threats. Ultimately, all of this is the result of the cloud. These are things that you couldn’t do with on-premises infrastructure,” Bruzzese added.

Source: The State of Email Security Report 2019 – Mimecast

Watch out: Emails are still the biggest threat!

According to The State of Email Security Report 2019 released by Mimecast, organizations witnessed a 67 percent increase in impersonation fraud, 88 percent affected by email-based spoofing of business partners or vendors, and a 26 percent year-on-year increase in ransomware.

“Traditionally, the end-user gets blamed for all the attacks that get through emails. While there’s some validity to this given that it’s the end-user that opens the link or accesses the attachment, it must also be made clear that a lot of these attacks are very, very sophisticated. Homoglyph, malware and ransomware attacks are good examples. 

“The only way to combat this is a combination of technology and training. It’s important to have technology on the front end, that does its best to protect the end user from receiving these types of attacks. Mimecast technology such as ‘static file analysis’ is a futuristic form of scanning documentation that helps avoid such malware or ransomware attacks. In addition to that, there is also a need to provide end-user security awareness training to bolster the organization’s human firewall, which prevents end-users from clicking the links they shouldn’t, and helps them detect social engineering attacks,” Bruzzese said.

The knowledge that a cyberattack is not merely likely, but also inevitable, should spur businesses to action. Data loss, direct financial loss, and a loss of clients and customers are real consequences that business in the region cannot afford to overlook. Given that the red team always seems to have an edge over the blue team, with the blue team constantly playing catch-up, it’s imperative for businesses to be ready to have a strategy for action before, during, and after a cyberattack.

“Cyber resilience as a strategy is what we’re looking at while trying to cope with attacks today. Maybe artificial intelligence and machine learning will be the future, but with them, we’ll have to wait and see. Right now my money is set on cyber resilience – in current cyberattacks such as the most “ransomcloud attacks”, there’s no way to prevent the before; this is not something that one can prevent. In such an instance, it’s important to be cyber resilient and create a strategy for what you’re going to do during and after the attack,” Bruzzese concluded.

Already, Mimecast provides solutions, which protects not just emails but also Dropbox and OneDrive and other applications, through a layered approach. Mimecast Web Security provides DNS and cloud security. The company also provides cybersecurity awareness training through a firm that it acquired called Ataata. Combining technology and training with advanced systems such as “user behavior analytics”, and an “all-in-one” cloud-based email disaster recovery solutions, organizations such as Mimecast are helping businesses stay ahead of the curve to prevent and protect their systems.

The question is: how protected is your business or industry?

Source: The State of Email Security Report 2019 – Mimecast