New tech equals new security headaches
Mohammed Abukhater, regional director for MENA for FireEye on how explosion of user generated data has led to exposure to greater risks
The region has become prime target for cybercrime recently. How much of a concern is that?
The year 2015 was characterised by a spate of attacks on the oil and gas industry. The energy sector has long been the mainstay of regional economies and as the GCC consolidates its position as an economic hub, 2016 will witness further cyberattacks on this sector.
As smart city initiatives, centred on the Internet of Things, pick up in the region, various cybersecurity issues will need to be addressed. New internet-enabled devices are being released regularly these days, and many have weak security controls, allowing for new ways of accessing data. These “things” could be held hostage by ransomware, which will subsequently lead to extortion.
With digital transformation picking up pace in the region, regional IT spending will reach USD 44.5 billion in 2016, according to IDC. Moreover, smart city initiatives, the Internet of Things, Big Data, cloud, and social media are becoming crucial elements of business operations. The geopolitical developments in the region have also made it a hub for all manner of cyberattacks.
Discuss the effect of digitisation on cybersecurity
The rise of third platform technologies has increased business risks tremendously. Constant connectivity has resulted in an explosion of user generated data, leading to ample opportunities as well as exposure to greater risks. In addition, emerging technologies are adding immense pressure on enterprise IT and security experts to respond to complex and unprecedented cyber risks.
The growth of infrastructure-based attacks is a valid concern in 2016. There will be more visible attacks against industrial control systems (ICS). Additionally, environments shifting to Wi-Fi will broaden the attack surface, potentially opening the doors to in-creased cyber terrorism aimed at critical infrastructures. To stay ahead of all threats, the C-level and boards will need to address ICS security in their risk reviews and begin allotting a larger budget to protection.
The popularity of mobile wallets, magstripe readers and other similar payment systems is growing rapidly. The proliferation of these systems gives potential attackers another front to launch cyberattacks. As a result, we will likely see an increase in malware targeting these systems.
The cyberthreat landscape is constantly evolving and inexhaustibly complex. Hence, cybersecurity and innovation needs to be given equal footing in an organisation.
What is FireEye’s approach to combating modern attacks?
FireEye is committed to combating zero-day attacks, advanced cyber threats and data breaches. FireEye caters to over 4,700 customers across 67 countries, including more than 730 of the Forbes Global 2000. Organisations across various industries worldwide adopt security solutions by FireEye to secure their critical infrastructure, intellectual property and assets.
FireEye helps organisations detect advanced and unprecedented cyberattacks through multiple security alerts and defences. By working with FireEye, organisations can prioritise alerts, identify the connection between alerts and acquire actionable intelligence for prompt mitigation.
Once installed, organisations tend to discount cybersecurity solutions. This current practice outweighs the fact that cybercriminals can circumvent vulnerabilities using complex technology and are growing exorbitantly as compared to the short supply of experts. Hence, FireEye applies the right mix of expertise, technology and intelligence to provide an organisation with a flexible, agile and integrated protection against Advanced Persis-tent Threats (APTs).
Where are the key FireEye key strengths?
FireEye provides solutions for data centre security, industrial systems and critical infrastructure security, enterprise network security, endpoint and mobility and security for small and midsize businesses. We offer end-to-end cybersecurity platforms built around the core FireEye platform. By providing an effective blend of cybersecurity solutions, FireEye aims to offer insight, power and talent to organisation s. Our investment in R&D has given birth to next-generation products such as FireEye-as-a-Service, FireEye Threat Analytics Platform (TAP), FireEye Advanced Threat Intelligence (ATI) and FireEye Endpoint Threat Prevention Platform, among others.
FireEye consolidates and updates all data across decades of incident response cases. In addition, FireEye Labs identify and observe the latest technical innovations by cyber-criminals and track their behaviour patterns. Subsequently, the findings are posted to benefit the whole security community.