mena companies’ cybersecurity is in the mail
Last Updated : GMT 09:07:40
Egypt Today, egypt today
Egypt Today, egypt today
Last Updated : GMT 09:07:40
Egypt Today, egypt today

Mena companies’ cybersecurity is in the mail

Egypt Today, egypt today

Egypt Today, egypt today Mena companies’ cybersecurity is in the mail

Cyril Voisin, an executive security advisor at Microsoft, says that while the UAE
Dubai - Arab Today

The name and title of the recipient, a member of the armed forces, was correct. So was the context, about a collaborative proposal by a fellow military employee. And after sending the user to a malicious copy of the website, they were even forwarded to the real site.
But it was completely bogus, designed to entrap the user by encouraging them to download malware that would go on to infect his company’s entire IT network. "This is a real attack that we saw," says Cyril Voisin, an executive security adviser for the Enterprise Cybersecurity Group in France, the Middle East and Africa at Microsoft. "We had the authorisation from the victim to publish it to say this is what it looks like."
Microsoft experts analysed this common problem during the Cybersecurity and Threat Protection event it hosted in Dubai last week, where chief security officers from three UAE companies, including Emirates Group and National Bank of Abu Dhabi (NBAD, which rebranded this week as First Abu Dhabi Bank), revealed the online threats their companies face and the strategies they use to defeat them.
"Email is the predominant source for these malware attacks," says Ana Serrano, a product marketing manager for Office 365 at Microsoft Gulf. "Why? First of all, it is a very accessible entry point. Using email, the attack can take many different forms. So the attackers are being very creative with it. Finally, it can be very targeted for the user so it arouses zero suspicion for the person who receives the email."
In the UAE, 3.2 per cent of the machines Microsoft inspected were found to be infected by viruses, according to an average of the past four Microsoft Security Intelligence Reports. This is about triple the worldwide average of 1 per cent.
"We have a challenge, because we are a very sophisticated country. We are 10 years ahead in so many aspects, but on this we still have some work to do because we have more infections than the rest of the world," says Mr Voisin.
But companies are now fighting back. Sandro Bucchianeri, the head of cybersecurity, transformation and strategy at NBAD, who took part in the Microsoft event’s panel discussion, says two or three years ago he could not approach the board for a budget to tackle security. That has now changed.
"Now when I go and say we need money for this initiative or that initiative we get that support," says Mr Bucchianeri.
He says the bank has moved away from traditional methods of educating its employees about cybersecurity risks – such as using a 30-minute slide show – because it is not effective.
"We try to make it more interactive," he says. "We send them nasty emails for real-world experience, which is testing their ability. When we address security we bring it back down, so ‘how do you secure your Wi-Fi? What should you be looking for to secure your Facebook?’ We try to bring examples to our staff and by doing that we increase their awareness level."
His fellow panellist Thomas Heuckeroth, the vice president for cybersecurity and infrastructure management at Emirates Group, agrees that recurring 30-minute training sessions do not work. Instead, he says it is important to make the education role-specific.
"It is important that you speak differently to a finance manager than you speak to someone who is sitting in a day-to-day operational job because to them it is completely different," he says, adding that because most people have a Facebook account, they highlight cyber-attack stories from the media to their staff.
"Everyone has read them, [so we say] what can you do to protect yourself? That’s how we typically make it tangible," says Mr Heuckeroth.
Saqib Chaudhry, the chief information security officer at the Cleveland Clinic, says the hospital’s comprehensive security programme uses methods such as games to teach its employees about potential threats.
"We also use infographics to catch attention," he says. "To get the curiosity out there, we say ‘you don’t have to ask questions about securing devices at work, but what are your personal concerns about your computers at home, about how to protect your kids from social media?’"
Mr Chaudhry says the hospital is also looking into a rewards programme for employees who report a phishing email or another security control lapse.
But chief security officers still have work to do. The event heard that it takes on average 146 days globally to detect and deal with an attack. This was from the 2015 Mandiant M-Trends Emea report, released last June. In Europe, the Middle East and Africa, the "dwell time" is even higher at 469 days.
"My ideal world is within 15 to 20 minutes," says Mr Bucchianeri. "I need to know who is on my network and get them off it as soon as possible. I am under no illusion that my network will be breached. When I go to the board and they ask me how secure we are, I say, ‘We are as secure as everyone in this room. If any one of you clicks on a phishing email it negates what we have been trying to do’."

Source: The National

egypttoday
egypttoday

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

mena companies’ cybersecurity is in the mail mena companies’ cybersecurity is in the mail



GMT 10:42 2017 Sunday ,20 August

Jordan king condemns Barcelona attack

GMT 06:26 2015 Saturday ,12 December

Saudi holds first ever election open to women

GMT 16:32 2018 Wednesday ,24 October

Kremlin comments on US decision to quit INF treaty

GMT 06:10 2015 Tuesday ,27 January

Drone targets 'Qaeda' in crisis-hit Yemen

GMT 12:58 2013 Monday ,16 September

Somali activist opens \'Desert Flower\'

GMT 06:53 2011 Wednesday ,06 July

Dubai Airport expansion plan endorsed

GMT 07:20 2011 Thursday ,16 June

Sales of Samsung\'s TVs top 2 mln in 3 months

GMT 18:16 2012 Wednesday ,18 April

Bashir threatens overthrow of S Sudan govt

GMT 17:50 2014 Sunday ,14 September

3 Pakistani soldiers killed in rocket attack

GMT 12:23 2017 Friday ,17 March

S&P cuts troubled Toshiba's credit rating

GMT 05:01 2017 Friday ,05 May

Arab Media Forum begins in Dubai

GMT 02:38 2017 Wednesday ,01 February

Of school kitchens and a ‘healthy’

GMT 07:22 2017 Thursday ,20 July

Tunisian efforts to eliminate corruption

GMT 07:57 2017 Wednesday ,08 November

A year on, NRIs debate effects of note ban

GMT 06:37 2012 Monday ,20 February

The vision of a new Arab president

GMT 08:24 2018 Thursday ,04 January

The literary canary in India's coalmine

GMT 00:42 2016 Monday ,21 November

36 killed in Syria's Aleppo clashes, bombing

GMT 08:31 2017 Thursday ,06 July

Qatar’s response negative

GMT 19:03 2012 Thursday ,26 January

Residents alerted as cold spell continues in UAE

GMT 01:52 2014 Thursday ,19 June

Investors pour $1m in app that just says 'Yo'

GMT 14:30 2013 Sunday ,28 July

Iraq, US reach deal on stolen artefacts
 
 Egypt Today Facebook,egypt today facebook  Egypt Today Twitter,egypt today twitter Egypt Today Rss,egypt today rss  Egypt Today Youtube,egypt today youtube  Egypt Today Youtube,egypt today youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

egypttoday egypttoday egypttoday egypttoday
egypttoday egypttoday egypttoday
egypttoday
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
egypttoday, Egypttoday, Egypttoday