mena companies’ cybersecurity is in the mail
Last Updated : GMT 06:49:16
Arab Today, arab today
Arab Today, arab today
Last Updated : GMT 06:49:16
Arab Today, arab today

Mena companies’ cybersecurity is in the mail

Arab Today, arab today

Arab Today, arab today Mena companies’ cybersecurity is in the mail

Cyril Voisin, an executive security advisor at Microsoft, says that while the UAE
Dubai - Arab Today

The name and title of the recipient, a member of the armed forces, was correct. So was the context, about a collaborative proposal by a fellow military employee. And after sending the user to a malicious copy of the website, they were even forwarded to the real site.
But it was completely bogus, designed to entrap the user by encouraging them to download malware that would go on to infect his company’s entire IT network. "This is a real attack that we saw," says Cyril Voisin, an executive security adviser for the Enterprise Cybersecurity Group in France, the Middle East and Africa at Microsoft. "We had the authorisation from the victim to publish it to say this is what it looks like."
Microsoft experts analysed this common problem during the Cybersecurity and Threat Protection event it hosted in Dubai last week, where chief security officers from three UAE companies, including Emirates Group and National Bank of Abu Dhabi (NBAD, which rebranded this week as First Abu Dhabi Bank), revealed the online threats their companies face and the strategies they use to defeat them.
"Email is the predominant source for these malware attacks," says Ana Serrano, a product marketing manager for Office 365 at Microsoft Gulf. "Why? First of all, it is a very accessible entry point. Using email, the attack can take many different forms. So the attackers are being very creative with it. Finally, it can be very targeted for the user so it arouses zero suspicion for the person who receives the email."
In the UAE, 3.2 per cent of the machines Microsoft inspected were found to be infected by viruses, according to an average of the past four Microsoft Security Intelligence Reports. This is about triple the worldwide average of 1 per cent.
"We have a challenge, because we are a very sophisticated country. We are 10 years ahead in so many aspects, but on this we still have some work to do because we have more infections than the rest of the world," says Mr Voisin.
But companies are now fighting back. Sandro Bucchianeri, the head of cybersecurity, transformation and strategy at NBAD, who took part in the Microsoft event’s panel discussion, says two or three years ago he could not approach the board for a budget to tackle security. That has now changed.
"Now when I go and say we need money for this initiative or that initiative we get that support," says Mr Bucchianeri.
He says the bank has moved away from traditional methods of educating its employees about cybersecurity risks – such as using a 30-minute slide show – because it is not effective.
"We try to make it more interactive," he says. "We send them nasty emails for real-world experience, which is testing their ability. When we address security we bring it back down, so ‘how do you secure your Wi-Fi? What should you be looking for to secure your Facebook?’ We try to bring examples to our staff and by doing that we increase their awareness level."
His fellow panellist Thomas Heuckeroth, the vice president for cybersecurity and infrastructure management at Emirates Group, agrees that recurring 30-minute training sessions do not work. Instead, he says it is important to make the education role-specific.
"It is important that you speak differently to a finance manager than you speak to someone who is sitting in a day-to-day operational job because to them it is completely different," he says, adding that because most people have a Facebook account, they highlight cyber-attack stories from the media to their staff.
"Everyone has read them, [so we say] what can you do to protect yourself? That’s how we typically make it tangible," says Mr Heuckeroth.
Saqib Chaudhry, the chief information security officer at the Cleveland Clinic, says the hospital’s comprehensive security programme uses methods such as games to teach its employees about potential threats.
"We also use infographics to catch attention," he says. "To get the curiosity out there, we say ‘you don’t have to ask questions about securing devices at work, but what are your personal concerns about your computers at home, about how to protect your kids from social media?’"
Mr Chaudhry says the hospital is also looking into a rewards programme for employees who report a phishing email or another security control lapse.
But chief security officers still have work to do. The event heard that it takes on average 146 days globally to detect and deal with an attack. This was from the 2015 Mandiant M-Trends Emea report, released last June. In Europe, the Middle East and Africa, the "dwell time" is even higher at 469 days.
"My ideal world is within 15 to 20 minutes," says Mr Bucchianeri. "I need to know who is on my network and get them off it as soon as possible. I am under no illusion that my network will be breached. When I go to the board and they ask me how secure we are, I say, ‘We are as secure as everyone in this room. If any one of you clicks on a phishing email it negates what we have been trying to do’."

Source: The National

arabstoday
arabstoday

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

mena companies’ cybersecurity is in the mail mena companies’ cybersecurity is in the mail

 



Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

mena companies’ cybersecurity is in the mail mena companies’ cybersecurity is in the mail

 



GMT 10:59 2018 Friday ,07 December

Houthi militia shell commercial center in Hodeidah

GMT 21:12 2017 Sunday ,10 December

UAE, Sri Lanka advancing bilateral relations

GMT 19:21 2017 Wednesday ,08 November

Iqbal Day marked in Paris

GMT 18:14 2017 Wednesday ,31 May

A handbag? For $380k, it's yours

GMT 21:17 2017 Saturday ,21 October

EU summit to throw Britain a Brexit bone

GMT 15:45 2017 Friday ,04 August

Yemeni army liberated more areas in Shabwa

GMT 20:23 2017 Thursday ,14 September

Paul Auster tops shortlist for Man Booker prize

GMT 09:55 2017 Tuesday ,14 November

Horford leads way as Celtics win 12th straight

GMT 20:04 2018 Sunday ,02 September

Drive to teach food safety to housewives

GMT 08:54 2014 Monday ,17 November

German artist hits back at Bayreuth Festival

GMT 13:15 2018 Wednesday ,17 January

Bassil welcomes Ambassadors of Iraq, Hungary

GMT 01:05 2017 Thursday ,23 March

Strawberry prices fall to Dh10 a kilogram

GMT 08:33 2017 Tuesday ,14 February

Asian markets dip, dollar hit by Flynn resignation

GMT 15:53 2017 Wednesday ,23 August

Six dead as typhoon smashes into Macau and Hong Kong

GMT 19:43 2017 Sunday ,05 March

FNC Speaker, Irish official discuss cooperation

GMT 13:01 2017 Friday ,10 March

Hohns named as Australia chief cricket selector
Arab Today, arab today
 
 Arab Today Facebook,arab today facebook  Arab Today Twitter,arab today twitter Arab Today Rss,arab today rss  Arab Today Youtube,arab today youtube  Arab Today Youtube,arab today youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

arabstoday arabstoday arabstoday arabstoday
arabstoday arabstoday arabstoday
arabstoday
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
arabstoday, Arabstoday, Arabstoday