mena companies’ cybersecurity is in the mail
Last Updated : GMT 09:40:38
Themuslimchronicle, themuslimchronicle
Themuslimchronicle, themuslimchronicle
Last Updated : GMT 09:40:38
Themuslimchronicle, themuslimchronicle

Mena companies’ cybersecurity is in the mail

Themuslimchronicle, themuslimchronicle

Themuslimchronicle, themuslimchronicleMena companies’ cybersecurity is in the mail

Cyril Voisin, an executive security advisor at Microsoft, says that while the UAE
Dubai - Arab Today

The name and title of the recipient, a member of the armed forces, was correct. So was the context, about a collaborative proposal by a fellow military employee. And after sending the user to a malicious copy of the website, they were even forwarded to the real site.
But it was completely bogus, designed to entrap the user by encouraging them to download malware that would go on to infect his company’s entire IT network. "This is a real attack that we saw," says Cyril Voisin, an executive security adviser for the Enterprise Cybersecurity Group in France, the Middle East and Africa at Microsoft. "We had the authorisation from the victim to publish it to say this is what it looks like."
Microsoft experts analysed this common problem during the Cybersecurity and Threat Protection event it hosted in Dubai last week, where chief security officers from three UAE companies, including Emirates Group and National Bank of Abu Dhabi (NBAD, which rebranded this week as First Abu Dhabi Bank), revealed the online threats their companies face and the strategies they use to defeat them.
"Email is the predominant source for these malware attacks," says Ana Serrano, a product marketing manager for Office 365 at Microsoft Gulf. "Why? First of all, it is a very accessible entry point. Using email, the attack can take many different forms. So the attackers are being very creative with it. Finally, it can be very targeted for the user so it arouses zero suspicion for the person who receives the email."
In the UAE, 3.2 per cent of the machines Microsoft inspected were found to be infected by viruses, according to an average of the past four Microsoft Security Intelligence Reports. This is about triple the worldwide average of 1 per cent.
"We have a challenge, because we are a very sophisticated country. We are 10 years ahead in so many aspects, but on this we still have some work to do because we have more infections than the rest of the world," says Mr Voisin.
But companies are now fighting back. Sandro Bucchianeri, the head of cybersecurity, transformation and strategy at NBAD, who took part in the Microsoft event’s panel discussion, says two or three years ago he could not approach the board for a budget to tackle security. That has now changed.
"Now when I go and say we need money for this initiative or that initiative we get that support," says Mr Bucchianeri.
He says the bank has moved away from traditional methods of educating its employees about cybersecurity risks – such as using a 30-minute slide show – because it is not effective.
"We try to make it more interactive," he says. "We send them nasty emails for real-world experience, which is testing their ability. When we address security we bring it back down, so ‘how do you secure your Wi-Fi? What should you be looking for to secure your Facebook?’ We try to bring examples to our staff and by doing that we increase their awareness level."
His fellow panellist Thomas Heuckeroth, the vice president for cybersecurity and infrastructure management at Emirates Group, agrees that recurring 30-minute training sessions do not work. Instead, he says it is important to make the education role-specific.
"It is important that you speak differently to a finance manager than you speak to someone who is sitting in a day-to-day operational job because to them it is completely different," he says, adding that because most people have a Facebook account, they highlight cyber-attack stories from the media to their staff.
"Everyone has read them, [so we say] what can you do to protect yourself? That’s how we typically make it tangible," says Mr Heuckeroth.
Saqib Chaudhry, the chief information security officer at the Cleveland Clinic, says the hospital’s comprehensive security programme uses methods such as games to teach its employees about potential threats.
"We also use infographics to catch attention," he says. "To get the curiosity out there, we say ‘you don’t have to ask questions about securing devices at work, but what are your personal concerns about your computers at home, about how to protect your kids from social media?’"
Mr Chaudhry says the hospital is also looking into a rewards programme for employees who report a phishing email or another security control lapse.
But chief security officers still have work to do. The event heard that it takes on average 146 days globally to detect and deal with an attack. This was from the 2015 Mandiant M-Trends Emea report, released last June. In Europe, the Middle East and Africa, the "dwell time" is even higher at 469 days.
"My ideal world is within 15 to 20 minutes," says Mr Bucchianeri. "I need to know who is on my network and get them off it as soon as possible. I am under no illusion that my network will be breached. When I go to the board and they ask me how secure we are, I say, ‘We are as secure as everyone in this room. If any one of you clicks on a phishing email it negates what we have been trying to do’."

Source: The National

themuslimchronicle
themuslimchronicle

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

mena companies’ cybersecurity is in the mail mena companies’ cybersecurity is in the mail

 



Themuslimchronicle, themuslimchronicle

GMT 08:26 2018 Tuesday ,23 January

Five things to know about Davos

GMT 21:30 2017 Wednesday ,01 November

New York Times’ third-quarter revenue up 6.1%

GMT 11:09 2017 Friday ,24 November

Berlin police seeking more missing John Lennon items

GMT 06:34 2017 Saturday ,09 December

Rockets down Jazz for eighth straight NBA win

GMT 23:25 2017 Thursday ,16 February

Pakistan adds 16 new fighter jets to its fleet

GMT 10:50 2018 Tuesday ,23 January

Saudi university to open driving school for women

GMT 03:31 2017 Saturday ,07 January

Sharjah launches award for refugee support

GMT 21:54 2016 Wednesday ,01 June

December 21 - January 18

GMT 16:05 2017 Monday ,24 April

Sharapova's return divides rivals

GMT 13:50 2012 Sunday ,22 January

Egyptians can now remove any regime

GMT 07:26 2017 Sunday ,23 July

70 villagers kidnapped in Afghanistan
Themuslimchronicle, themuslimchronicle
Themuslimchronicle, themuslimchronicle
 
 Themuslimchronicle Facebook,themuslimchronicle facebook  Themuslimchronicle Twitter,themuslimchronicle twitter Themuslimchronicle Rss,themuslimchronicle rss  Themuslimchronicle Youtube,themuslimchronicle youtube  Themuslimchronicle Youtube,themuslimchronicle youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2023 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2023 ©

muslimchronicle muslimchronicle muslimchronicle muslimchronicle
themuslimchronicle themuslimchronicle themuslimchronicle
themuslimchronicle
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
themuslimchronicle, themuslimchronicle, themuslimchronicle