Companies need to focus on real time monitoring and intel based protection to tackle cyber attacks

Mohammad AbuKhater, vice-president for FireEye Middle East and Africa speaks to Anita Joseph about the cybersecurity landscape in the region, the need for companies, especially small businesses, to wake up to their vulnerabilities, and take steps for 24/7 monitoring of threats, in order to effectively safeguard businesses from cyber-attacks.


How has the cybersecurity landscape in the MENA region changed over time?

Around 4 years ago, I’d say cybersecurity was a complementary aspect for organizations in the MENA region, both large and small. But now it is compulsory, and in fact, crucial to the business success of organizations. This fact is being increasingly recognized by firms in this region and huge budgets are being earmarked for cybersecurity. I don’t have figures for the Middle East in particular, but globally, the cybersecurity market could be worth as much as $23 billion dollars by 2023. Countries such as UAE and Saudi have especially created entities to deal with cybersecurity. Moreover, the volatile political situation in the region makes countries more at risk of attacks and so it becomes critical to stay protected. I’m saying this to show how much cybersecurity has grown in importance over the years. It is now a very vital aspect for the security and stability of organizations, and therefore, receives considerable attention and focus.

Given that cybersecurity is so vital, how prepared are organizations in the region, to deal with attacks of all kinds?

The level of preparedness depends from organization to organization-their size, budgets and other factors. In the UAE, large government organizations have set up dedicated cybersecurity entities, and have national strategies in place to deal with threats and attacks. However, the smaller organizations are not mature enough to deal with sophisticated threats and attacks, not because of budget constraints, but because of the way they are structured. But what they don’t realize is that small organizations are very often, an entry point for attackers to gain access to larger, more important organizations. Attackers know that by targeting small subcontractors, they gain a huge window to gain easy access to the larger companies that matter. Based on the studies that FireEye has done in mature countries such as UAE and Saudi, we realize that as many as 90 per cent of small organizations are hackable. This is because attack types are changing and hacking is becoming more and more sophisticated and attackers are bypassing multilayers with ease. Let me give you some global statistics on hacking. Studies say that as many as 68 per cent of malware is used in single organizations and as many as 80 per cent of observed malware appears only once (which means they are not used again). This just shows how complicated the attacks are, and how hackers wipe all trace of their job once they’re done. Therefore, it is not possible for a single organization to prevent attacks or do anything about it, there needs to be an integrated, comprehensive approach to dealing with cyber-attacks.

So, how can companies prepare for attacks?

Look, there is no book that they can follow, to stay alert and prepared. It is a journey and there are three things to keep in mind, to tackle threats effectively:

  • Following a proper process
  • Having specially trained staff
  • Employing the right technology

A combination of these three aspects will be a good starting point. Then again, companies need real-time monitoring and 24/7 intelligent surveillance. I would say they need ‘intel-based protection’ to know who is behind the attack, and their attack techniques. Small organizations, in particular, need to rely on larger, specialized organizations to help them monitor and hunt for attacks, classify data, and the like, because most often, they don’t have the resources to employ dedicated cybersecurity teams.

What about the large private sector organizations? How are they coping?

Large private organizations, especially in the retail and education sectors, are increasingly waking up to the reality of cyber threats and vulnerabilities. The retail sector, especially is a minefield for the attackers, considering the number of credit card transactions and loyalty programs that are part of the sector. Attackers get a huge database for social engineering activities and they are able to thrive here. Therefore, now, large retail organizations now rely on 3rd party cloud monitoring solutions and managed security to deal with cybersecurity. They are also stepping up on employee awareness and training professionals to tackle attacks. The pace is slow, but hopefully, it will gather momentum before a rude shock wakes them up. In terms of maturity in investing in cybersecurity, UAE, Saudi and Egypt rank on top.

How does FireEye step into this scene? What services and solutions does it provide?

FireEye helps clients by providing services and solutions in three broad areas: Technology, Consultancy and Intelligence. As far as technology goes, we protect companies from the entry points of hackers, such as endpoints, the Internet, emails and files. As part of our consultancy services, we build up the process of organizations based on their attack position: Before attack, during attack and after attack, and provide solutions. Then again, we provide actionable intelligence services, where we identify the attacker for companies, identify their time and place of operation and other similar statistics and help them take suitable action.