Cybersecurity: Evolving threats for enterprise ecosystems

Dr Moataz Bin Ali, Regional Vice-President, and Managing Director – MMEA of Trend Micro gives an insight into the cybersecurity challenges impacting the MENA region.

What are the types of cybersecurity threats and how to detect them?

There are different types of cyber security threats, and some of them are human error based, while others are technology based. You’ll find others that are process based, which falls within the attack surface. If you combine your different cyber security assets in your organisation, that’s how you secure your technology assets, such as laptops, PCs, servers, printers, data centres, clouds, and networks. And you combine the different types of attacks that can possibly be used to attack an organisation, whether it be a phishing attack, penetration, SQL injection type of attack, a worm, trojan, or malware, if you combine all these together, see it as a horizontal line and a vertical line, the space in between, is your attack surface which are the areas in which your organisation is prone to be attacked.

It’s a unique way to think of, let’s say, the gaps map. The map of gaps in your organisation that can be attacked. This is an area Trend Micro specialises in. We cover this entire map and all the vulnerabilities.

Are there more gaps evolving as time goes on?

Yes definitely. So as technology evolves, as digital information and digital transformation occurs more and more, you’ll find organisations are utilising different and new technologies via IT, IOT, blockchain, and of course, the theme of the year – AI. The more technologies an organisation adopts, the more gaps it must secure. Especially if this technology has not yet reached a mature level when it comes to defence.

In terms of defence, companies are still very prone to attacks. Why is it so?

Yes. You’ll find that, if we’re taking AI as an example, lots of people on the internet manage to circumvent the normal protection process in apps like ChatGPT, and convince ChatGPT, one way or another, to produce a malware programme. Which supposedly, it shouldn’t. But people are being more creative.

What are the chances, in percentage, for an organisation to face a breach in a given year / lifetime?

I don’t think you can really weigh it from a percentage point of view because organisation sizes differ. You cannot apply the same percentage for a small organisation as a large organisation. Moreover, a large organisation will have many digital assets. Much more then smaller organisations. But from a number’s point of view, you can think of, this year alone, Trend Micro stopped more than 37 million malicious attacks in the UAE and more than 435 million attacks across the Middle Eastern and African region. So that’s a very big and significant number of attacks. Divide that by, if you want, an average of that mathematically, the number of organisations and it comes to a very huge number. At least every organisation gets attacked a hundred times a year if you look at from this perspective.

What are the number of threats detected in 2023 in the MENA region?

The threats that Trend Micro stopped in the MENA region would be over 272 million attacks across the region. Take these attacks and segment them into different types and you’ll find the malwares, you’ll find the trojans, you’ll find the worms, you’ll find the viruses, you’ll find email attacks, you’ll find phishing attacks, its very different but they’re all considered threats.

What are the different types of cybersecurity threats that will dominate 2024 and how to tackle them?

Let’s take this year as an example, you’ll see that at GITEX, the theme of this year revolves around AI. Rightfully so because it’s the theme of everything in technology. Not just AI as a standalone, but AI in cloud, AI in cybersecurity, AI in IT, AI in IOT. Now looking at AI from a cybersecurity point of view, it’s a double-edged sword. Because it could be used for attack, and it can be used for defence. And if cyber security vendors don’t start to up their game when it comes to AI, they’ll ultimately be faced with the larger AI superpower of attack. So be able to fight that, you need to fight fire with fire. You need to take your AI solutions and technologies to the next level when it comes to cyber security to be able to combat against the cyber security AI threats.

So, it would be AI itself that is the biggest threat?

Yes. It is the biggest threat, and the biggest opportunity. So that’s why it’s a double-edged sword.

How many organisations in the MENA region were affected by these threats (approximate percentage)?

I can say that over hundreds of thousands of organisations. It will not be inaccurate to say millions actually. I think this number is still very significant compared to the global landscape. I also think the MENA region has a very high adoption rate of global emerging technologies. We are a region of explorers. So if anything new pops up, the MENA region will be among the first in the world to say hey, lets explore this. While that is very innovative and helps speed up or accelerate the digital transformation process in the region, it also creates a lot of gaps and holes as well.

What are the best practices for organisations in the MENA region to fight these threats?

I get asked this question a lot. And the way I look at it, there is a three-factor approach to dealing with this problem. The first one is the platform. You want to work with a cyber security vendor that has a complete end to end platform to be able to cover the entire attack surface in your organisation. A lot of organisations prefer to adopt the best agreed type of approach. Which is a good approach however, it leaves open a lot of gaps. Because these solutions ultimately do not communicate.

Moreover, you’ll have to find expert resources in every solution to be able to cater to it from your organisation’s perspective, which takes the cost of employment, cost of training to operate these solutions higher. So, ultimately the best solution is to take care of that by finding a cyber security platform that encompasses the full attack surface and helps the organisation counter them. That’s number one. The second one is about resources, about people.

When it comes to the perspective of resources and people, awareness is important, training is important, development is important. Some organisations could have the best solutions in the world to protect themselves, but still, human error is a human error.

Training your people in cyber security practices, making them aware of the dangers and threats is very essential for any organisation. There is, ultimately, a make it or break it type of approach to deal within the organisation. We talked about the platform, we talked about the people. Last but not least, I would like to talk about the regulation.

Regulation is very important because with the evolution of the regulatory landscape in any country, you’ll find cyber security practices becoming more evolved. Because laws and regulation drives compliance, and compliance drives security. So you cannot come and say to a cyber security vendor that is operating in the country that doesn’t have the right regulations, give me full protection. And then as an organisation, you choose what you want to take and what you don’t want to take. It’s not a buffet. That’s why it needs to come from a compliance perspective. You’ll find some of the countries in the region they have very powerful laws when it comes to data sovereignty. Which doesn’t just require cyber security but requires sovereign cyber security.

So think of it as sovereign SaaS or sovereign solutions that sit inside the country’s borders and operate from local data centres. This is very important because this is the difference between data residency to data sovereignty to data privacy and all of that.

If any country, any organisation, any system has the three different aspects, you’ve got the cornerstone to making sure that you are solidly secure no matter what you do, no matter what industry you work in, no matter what aspects on business you deal with. Its people, technology, and process. People is the resource, technology is the platform, and the process is the regulation, the compliance and everything else.