Discussions on cybersecurity investments have become integral boardroom conversations. Business decision makers who once left the task of cybersecurity investments to CIO’s and CTO’s are now playing an active role in helping them make the right decision. While making the right decision to invest in next-gen cybersecurity solutions to keep up with the rapidly changing threat landscape while ensuring growth of the business might be paradoxical, it is one decision that can ensure the business and its assets are secure.
In this series dedicated to cybersecurity, we hear the advice that leading vendors have for business decision makers. We’ve asked them essential questions that will help business decision makers understand how much they ought to know and do about their cybersecurity investments.
Our first guest is Ram Narayanan, Country Manager for Check Point Software Technologies Middle East. He gives us his thoughts and advice and how his company is helping CXO’s make better decisions when it comes to cyber security investments.
Dubai Diaries: How have businesses in the UAE been impacted by the recent cyberattacks? Are they more vulnerable to cyberattacks than other parts of the world?
Ram Narayanan: Businesses in UAE are targets for cyberattacks as we have see it increasing during the pandemic. According to Check Point Research’s recent statistics, organization in the UAE are being attacked 261 times per week in the last 6 months – this is much lower in comparison to the global average of 607 attacks and Middle East average of 734 attacks per week. The Trickbot Trojan continues to reign as the top malware targeting 7 percent of UAE businesses during the last couple of months. xHelper, a malicious application seen in the wild since March 2019, used for downloading other malicious apps and display advertisement, has seen an increase in activity as it targets to close to 6 percent of users in the UAE.
DD: What kind of attacks should businesses be prepared for considering the latest smart development vision for Dubai 2040?
RN: In the current threat landscape we can identify 4 key threat aspects.
- Cloud adoption races ahead of security. Digital transformation programs have advanced by five years and public cloud security is still a concern.
- Remote working is targeted, where attacks on remote workers are ramped up to steal data and infiltrate networks.
- Double-extortion ransomware attacks are on the rise with nearly half of all ransomware incidents involving the threat of releasing data stolen.
- Mobiles are moving targets. The increased use of mobile devices during the global lockdown has increased the number of mobile threats.
DD: How much information should decision makers have access to or need in order to oversee the cyber risks? What should this information be and how often should the board have access to this information?
RN: Cyber security is an integral part of the boardroom discussion and decisions because of the impact it has on the overall business. Most accurate and real-time information needs to be shared immediately, frequently, weekly or monthly, depending on the type of business and the intensity of the threats. For critical events affecting certain specific business verticals real-time updates are necessary. This helps set the stage for getting adequate management support for implementation on security across the organization.
Threat landscape is dynamic and decision makers should seek up-to-date contextualized threat information that their organizations are facing with the help of technology. They need to have 360-degree visibility of cyber threats that the organization is facing across all assets (Cloud, Network, Endpoints, and Mobile) and with that information they must invest in solutions to cover any gaps. If they don’t have the tools to provide the necessary visibility, then the first step is assess where they stand, and chart a roadmap of where they need to be.
DD: How do you advice decision makers on the effectiveness of their cybersecurity strategy at addressing the business risks?
RN: This is a continuous process and should be adapted as the threat landscape evolves. What was effective today might not be in the future. CXO’s must identify assets that they are tasked with protecting and making sure they have technology investments to help prevent attacks rather than detection after a breach. They must also ensure basic security hygiene by ensuring that most commonly known vulnerability are addressed. There should be a continuous assessment of risk from inside and outside the organization and security must be kept up to date. As organizations are going through rapid transformations at various levels, it is a very dynamic environment. Investments should be made progressively with the goal of embedding/automating security that cover all risks.
DD: Do you encourage businesses to have cyber-insurance? If yes/no then why is it important or not? Does your company offer or assist with it?
RN: We help businesses by providing them with state-of-the-art and advanced cyber security solutions that help prevent attacks in real time- across networks, endpoints, mobile and cloud. We do recommend that companies take up cyber insurance as an extra measure.
As a company, we don’t directly provide insurance services, however we work together with insurance companies in some regions to provide bundle offers.
DD: How do you help decision makers determine whether or not they have the right data governance strategy in place to minimize the cyber risk?
RN: The Check Point Software team assists in reviewing a businesses current strategy and provide recommendations for the best solution. Data Governance is a very important aspect as it helps enterprises manage internal and external data flow. It is a process that ensures the data is available at the right time to the right person in a reliable format. We also work with our partners to provide businesses with best practices. Together, we ensure that no matter the solution or vertical, enterprises have access to specialist partners who provide expert advice and guidance.
DD: What measures do you take to stay current on the cyber threat landscape? How do you share that with the business decision makers?
RN: Check Point has global threat intelligence and vulnerability research teams, called Check Point Research (CPR), dedicated to discovering new malware, threats, and developing solutions that benefit customers and organizations worldwide.
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 200 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.
Check Point Research provides cyber threat intelligence to Check Point Software customers and the larger intelligence community. The research teams’ findings can be found on CP<r> blog: https://research.checkpoint.com/
DD: Do you have a tested breach response plan? How do you assist businesses in setting this up?
RN: Check Point Software´s Incidence Response teamhas set the standard for cyber security across the evolving digital world for nearly thirty years. The Incidence Response team leverages this experience to provide advisory and assessment services to enterprises. They assist in reviewing an enterprises’ existing plans or in setting a new one. On the other hand, at any moment, organizations that are targeted by devastating cybercrime (you can’t predict when cyberattacks will happen) can use proactive incident response to quickly mitigate its effects or prevent them altogether. Check Point Incident Response is a proven 24x7x365 security incident handling service and help to contain the threat, minimize its impact, and keep your business running.
DD: How do you detect the cyber-attacks and respond to them?
RN: With Check Point´s ThreatCloud, the world’s most powerful threat intelligence is a dynamically updated service that is based on an innovative global network of threat sensors and organizations that share threat data and collaborate to fight against modern malware. We leverage ThreatCloud, enriched by advanced predictive intelligence engines, cutting-edge research from Check Point Research, and external intelligence feed. For example, Threat Cloud categorizes 3 billion websites and files, emulates 13 million files and detects 2000 zero day files, daily. ThreatCloud ensures informed, contextualized and automated actions and insights to all events, anomalies or potential threats.
DD: Do you have a message for your customers?
RN: In the post pandemic world, businesses are moving ahead with their plans and embracing digital transformation at a faster pace. Organizations are turning to IT as an enabler and more so when it comes to cyber security to maintain business continuity with the right level of access and protection across all their assets. It is a fine balance and only with right technologies it can be achieved. All current and future investments must be focused on prevention. Enterprises should work towards consolidation to have a better TCO, better operational efficiency and overall better security.