Interview: Positive Technologies maps cybersecurity trends in MENA

Image credit: Getty Images

Ransomware, phishing, attacks by hacktivists are just some of the cyberthreats impacting governments and private enterprises in the MENA region. Evgeniya Popova, director of International Business Development at Positive Technologies and Alexey Lukatsky, Information Security Business Consultant, Positive Technologies share their insight on the cybersecurity trends faced by enterprises and governments in the UAE, Saudi Arabia and other GCC countries.

Q. What are the cybersecurity trends that Positive Technologies has observed for the MENA region?

EP: If we look at some of the trends from the business side of things, I’ve noticed the region taking a leading role in global cybersecurity initiatives. There’s a focus on spreading cybersecurity knowledge across society, from common citizens to critical infrastructure companies.

That is one of the reasons that we were at GITEX GLOBAL this year with a team that is based locally. As the region takes a leading role in tackling new threats arising in the cyber sphere, we have an expert team that allows us to connect with customers on a personal level.

Additionally, the UAE plays a key role and contributes to the global cybersecurity agenda, hosting various events and informative sessions to raise awareness and take preventive actions. There’s a thriving collaboration for startups, with initiatives making it easier to set up businesses in the UAE, attracting global talent.

There is a growing emphasis on cloud security due to the increasing reliance on cloud solutions, with a focus on keeping data local, ensuring the country’s independence and companies’ security.

Q. What cybersecurity threats are ogranisations having to protect themselves from?

AL: Positive Technologies operates globally and conducts threat research on a regular basis. In the Middle East, our findings suggest that around 56-59 per cent of attacks come from state actors, primarily targeting government organisations.

For example, messages on the dark web most commonly mention government and financial institutions. Hacktivists attack government agencies because of political motives. Malicious actors of various kinds, including ransomware groups, attack financial institutions. According to our data, every second attack on organisations around the world involves ransomware. Additionally, the number of phishing letters with malicious attachments (credentials stealers) is growing.

The cost of access is low which allows even inexperienced attackers with a limited budget to successfully attack organisations. However, there are also expensive offers of access to large companies with high turnover. More sophisticated hackers may use access to these companies to perform complex attacks.

This differs from other regions where business and corporates are often the primary targets for hackers.

To counter these trends and prevalent threats, companies and governments in the MENA region should adopt a comprehensive approach that addresses three main points: the attackers, the targets, and the attack channels. Strategies can be developed to combat threats at each point, such as seeking out and closing hacker infrastructures, employing cybersecurity technologies for target protection, and optimising response times using AI and threat intelligence.

Q. How can companies and governments prepare themselves against these emerging threats in the MENA region?

AL: From a tech perspective, strategies can focus on three points: the attacker, target, and the attack channel. For attackers, it involves tracking hackers online, closing their infrastructures, and domains. For targets, it means deploying traditional cybersecurity technologies and strategies. Attack channels can be addressed by making attacks costlier or longer for the hackers and implementing technologies based on AI and threat intelligence to detect and respond to attacks more efficiently.

There are numerous strategies around these three points to enhance cybersecurity. The approach that Positive Technologies offers is distinctive and tackles all these factors.

Q: Why do you call your cybersecurity solutions a comprehensive, results-oriented approach?

Al: Many see cybersecurity as an ongoing process without clear results.

For us, the main aim is to define business-related results, particularly preventing catastrophic consequences, monetary loss, or production shutdowns. We map these non-tolerable events to IT infrastructure and focus on the prevention of such events rather than just ordinary security events. Our approach revolves around the prevention of unacceptable outcomes.

EP: We focus on delivering concrete, results-oriented cybersecurity solutions rather than viewing cybersecurity as an ongoing process. The company defines non-tolerable events from a business perspective, focusing on preventing catastrophic consequences and securing critical systems, aiming for a proactive next-generation Security Operations Center (SOC).