Securing the perimeter

CTM360’S Asrar Mirza Baig and Attivo Networks’ Ray Kafity discuss the potential secruity threats of 2017, and explain how businesses can strengthen their defences

Tags: Attivo Networks ( ( crimeCyber warfareUnited Arab Emirates
  • E-Mail
Securing the perimeter Asrar Mirza Baig founder & CEO of CTM360
More pics ›
By  Asrar Mirza Baig and Ray Kafity Published  January 9, 2017

Asrar Mirza Baig, founder & CEO of CTM360

CTM360’s leader highlights the latest developments within the cyber threat landscape and how organisations should be preparing themselves

ACN: What do you see being the most pressing cybersecurity threats for enterprises in 2017?

Asrar Mirza Baig: We expect a rapid increase in targeted ransomware attacks. With the growth of anonymous networks, new payment methods and a wider criminal darknet community, the security industry should be prepared for the threat of new variants of ransomware cropping up. Attackers regularly use reconnaissance to understand a target and deploy sophisticated intrusion techniques to deliver advanced ransomware towards specific attack points. Examples of attacker tactics include social engineering attacks on employees, preying on an employee’s inattention to deliver malware via clickable files, exploiting system vulnerabilities due to careless configurations and also, compromising third-party vendor/VPN.

ACN: In what ways is your organisation expanding its capabilities to deliver more a more effective defence for your customers? Which of these will be unveiled over 2017?

AMB: Over the last two years, we have expanded with a 24 x 7 x 365 dedicated Cyber Incident Response Team, which proactively identifies and mitigates cyber threats. To date, we have managed over 30,000 distinct cyber incidents. Beyond this, we fortify our members’ cyber footprint to secure online assets and enable the member to remain a resilient target. Remaining situationally aware is another key component of our offering where the CTM360 team analyses new trends, including identification of new attack types, delivery mechanisms and the rationale of an attack. We have evolved with 10 service modules and the goal remains to make our members cyber resilient and cyber vigilant at all times. By Q2 2017, we will have completed in-house development on 35 additional web and app-based components.

ACN: What are some key elements of an effective security strategy from the perspective of cyber security?

AMB: The key element of any effective strategy is collaboration. With evolving threat vectors, sharing and discussing issues is the most effective method. It is vital to be aware of what is going on, which helps in identifying and building an effective response strategy. Additionally, having a cyber incident response team on-hand strengthens an organisation’s defence and forms the backbone of the security strategy. Lastly, it is also essential to properly define and differentiate between information security and cyber security as globally this remains a cause of confusion and role-conflict.

ACN: With more enterprises digitising their infrastructure and activities and moving everything onto the cloud, how is evolving the cybersecurity discipline?

AMB: Transformation to the cloud has seen a considerable increase over the last couple of years. More and more organisations are migrating, which has helped them ease reliance on IT infrastructure; securing cloud servers are an inevitable part of this transformation. The cyber security industry has therefore evolved as cloud service providers require cyber security strategies to be implemented in the cloud. Having said so, this transformation does not shift the liability to the service provider but remains with the business owner.

ACN: To what extent would you say organisations in the Middle East have adopted an effective cybersecurity posture? What are some areas they could improve?

AMB: Situations in the Middle East are no different from rest of the world as organisations globally face evolving cyber security challenges. Attacks and attackers are growing at an exponential rate and the current preventive and defensive mechanisms keep falling short of tackling this issue. Additionally, there is a shortage of expertise and personnel which unfortunately fails to keep up with the demands of the cyber security community in the region. This has adversely contributed in the Middle East having an ineffective cybersecurity posture. This can be improved by checking if appropriate controls for current attack trends are in place. Also, an effective strategy is to fortify an organisation’s cyber footprint as there is a deficiency in the region.

ACN: What IT trends do you see coming to the fore in 2017, which will impact how IT security solution providers and organisations approach their defence?

AMB: We are likely to witness more organisations shifting their IT infrastructure to the cloud. This would result in a surge of new cloud security solution providers and a proportional decline in Information Security providers handling IT infrastructure for organisations. On the flip side, the increase of cloud threats and ransomware, would see the SME sector focusing and investing more in technology.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code