Connect with us

Expert Speak

2022 Technology Predictions From Veeam

Published

on

Written by Danny Allan, Chief Technology Officer and Senior Vice President of Product Strategy at Veeam

Acquisitions will stagnate as company valuations outstrip available assets
In 2021, global M&A activity reached new highs aided by low-interest rates and high stock prices. In 2022, we will see that momentum shift. Larger acquisitions will be few and far between as company valuations continue to rise. Only well-established, cash-rich companies will have the money required to make new purchases. The higher purchase threshold will make it harder for medium- and small-sized companies to grow and evolve, giving the advantage to larger, established firms.

AI and automation will replace entry-level jobs in the finance, healthcare, legal and software industries
The talent shortage will leave many jobs unfilled, making way for the advancement of artificial intelligence and automation to fill new roles. We have seen technology begin its takeover in the service industry with the introduction of robotic waiters during the pandemic. In 2022, we will see AI and automation capable of filling positions in other hard-hit sectors like the finance, healthcare, legal, and software industries. These developments will mostly affect entry-level positions, like interns, making it harder for recent graduates entering the workforce to gain job experience in the future.

CI/CD will stabilize and standardize to become an IT team requirement
The Bill Gates memo in 2001 became the industry standard in how to design, develop and deliver complex software systems – and today it feels like there has been no standard since then. IT teams and developers fell into habits of adopting “known” technology systems, and not standardizing in new spaces, like continuous integration and continuous delivery (CI/CD). In 2022, we’re going to see a shift towards more stability and standardization for CI/CD. IT leaders have an opportunity to capitalize on this high-growth and high-valuation market to increase deployment activity and solve the “day two operations problem.”

Tech’s labor market will be met with big money and big challenges
The COVID-19 economy – and the subsequent great resignation – throughout the last two years certainly made its mark in the tech industry. As we continue to see turnover and lower employee retention, tech salaries will begin to grow in 2022 to incentivize talent to stay. I see this causing an interesting dynamic, presenting bigger challenges, especially to the folks in the startup and VC world. The bigger tech giants are the ones who can meet the high dollar demand and deliver benefits for a competitive workforce. It will be interesting to see in the years ahead what this does for innovation, which tends to come from the hungry startups where people work for very little for a long time. We could very well see a resurgence of tech talent returning to the “old guard” companies to meet their needs for stable (and large) salaries, forgoing the competitive, hard-knocks of startups that could cause skills and talent gap that lasts for years to come.

New privacy-focused legislation will shift attention to data sovereignty clouds
With increased focus on General Data Protection Regulation (GDPR) regulating data protection and privacy in the EU and the California Consumer Privacy Act (CCPA) enhancing privacy rights and consumer protection for Californians, other states and countries are facing pressure to enact comprehensive data privacy legislation. As this continues in 2022, I expect we’ll see much more focus on data sovereignty clouds to keep data within nations or within a certain physical location. This is a far more specified cloud model that we’re starting to see in EMEA with Gaia-X. Some will see this as an obstacle, but once implemented, this will be a good thing as it puts consumer privacy at the core of the business strategy.

Containers will become mainstream to support the cloud explosion of 2021
Businesses wrongly predicted that employees would return to the office, as normal, in 2021. Instead, remote working continued, and companies were forced to develop long-term remote working strategies to ensure efficiency, sustainability and to retain employees seeking flexibility. This remote work strategy demanded cloud-based solutions, resulting in an explosion of cloud service adoption. To meet this moment, containers will become mainstream in 2022, making the generational shift to the cloud much easier and more streamlined for organizations.

2022 Technology Predictions for the Middle East
Written by Claude Schuck, Regional Director, Middle East at Veeam

Every enterprise in the Middle East looking to build a strategy around Modern Data Protection should keep the three important pillars in mind – Cloud, Security, and Containers. Businesses need to have a good understanding of what the cloud brings to an organization and why it is important. Secondly, before the pandemic, we had a centralized office where employees were all in one place. With decentralization now, the boundaries of the organization have become invisible. Data is all over the place, necessitating a need for a comprehensive security strategy to safeguard all entry points. And finally, we see an increased interest in Kubernetes as a critical piece of an enterprise’s cloud infrastructure. This has created a new area around container-native data protection that needs addressing.

Accelerated adoption of  loud technologies
Although the cloud is not yet mainstream in the region, adoption is expected to witness significant growth in the Middle East as enterprises begin to “trust” in-country offerings with the big public cloud players like Microsoft Azure and Amazon Web Services has opened data centers in the Middle East. Gartner forecasts end-user spending on public cloud services in the MENA region to grow 19% in 2022. Another big trend we see is that many governments across the Middle East are creating their own ‘Government Cloud’ in order to have control over their data and not let it reside in the public realm. With this acceleration, Veeam is investing in more headcount in the region to be able to assist organizations as they transition to the cloud.

Security – cybercrime
In the Middle East, security will always be a top priority. Not only can cyberattacks affect day-to-day business, impact revenue, and create other problems, but above all, it affects the brand reputation and workforce. Enterprises will continue to invest and safeguard themselves against the ever-growing increase in cyberattacks, especially ransomware. Although organizations in the Middle East, in general, spend a lot on security technologies, there is a huge gap when it comes to planning and executing a security strategy. This mainly boils down to the complexity of the IT environment. There are still a lot of legacy systems. Protecting these complicated environments is a big challenge and becomes even more so in the transition phase of moving to the cloud. Regional CISOs need to have a stringent security program in place which includes important elements like stress testing of IT Systems, backups, a disaster recovery strategy, and educating employees to become the first line of defense for improving organizational resilience.

Security – data privacy and protection
In early September 2021, the UAE announced the introduction of a new federal data protection law. With this, data privacy and security are set to take center stage as consumers demand transparency and their “right” to be forgotten. By having the option of opting out, consumers can ensure that their data is being handled in a correct way and they are not targeted by organizations. But more importantly, international corporations that are based in the UAE and the Middle East can be assured that policies are being applied when it comes to data in-country – whether it be in terms of the way data is stored, IP is managed, or how customer and consumer data is protected.

Digital transformation powers ahead thanks to containers
The rapid adoption of Containers in enterprises, the need for on-demand resources, and the flexibility of workloads will drive digital transformation. The Lack of skilled resources and understanding of the technology is a big challenge for enterprises in the Middle East. Veeam, through its acquisition of Kasten, is simplifying container strategy and delivering the industry’s leading Cloud Data Management platform that supports data protection for container-based applications built-in Kubernetes environments.

Cyber Security

Why Context is Everything When it Comes to Cybersecurity?

Published

on

Written by Hadi Jaafarawi, managing director – Middle East, Qualys

The cybersecurity threat landscape has never been more challenging, sophisticated, and severe. Research suggests that in the UAE alone, around $746 million is lost every year to cybercrime, and the country faced a 79% increase in the problem from 2019 to 2020. For firms and IT departments across the region, it’s a constant battle to stay ahead of the bad actors.

Add in the fact that several security teams are either stretched or under-skilled, not to mention, that many face pressure to keep budgets in check and it really is a perfect storm. In an effort to level the playing field, security teams are turning to technology. But that comes with challenges of its own.

A lack of clarity
There’s no shortage of security tools offering what professes to be the solution. And it’s no surprise that security teams reach for them in the hope of coping with the issue and reducing their risks. More and more, companies are adopting an increasing number of tools to add further layers of security and protect against risk. Today an organisation’s security infrastructure will include everything from Security Incident and Event Management (SIEM) and Security Orchestration Automation and Response (SOAR) to Network Detection & Response (NDR) and Extended Detection and Response (XDR)

Admittedly, the tools each have value, so that’s not the problem. The challenge is that each new tool adds another data silo. Each separately reports its own specific data based on its own particular use and area of the network. And it’s then down to the analysts, who are faced with multiple alerts from multiple systems and solutions, to make sense of it all.

When there are too many alerts, issues can be notified to lots of different teams, or worse missed altogether. Alert fatigue — where the team is exposed to constant alerts and consequently fails to act when it really matters — is a real problem. This is why XDR tools are designed as a holistic, top-layer solution that collects data from multiple sources to provide a comprehensive picture, enabling real-time incident detection and response. But again, it’s not that simple, as XDRs vary in quality, effectiveness, and even function.

Some SIEM and XDR tools simply deliver raw data to analysts, who then have to interpret the data and make endless decisions about any actions that are needed. They collect disparate, unrelated data, and it’s up to the analyst to deal with the notifications, analyse, prioritise and then act, or not. Busy security analysts are likely to be faced with multiple alerts in any given day, many of which are actually false alarms. It’s little wonder that it’s easy to miss or ignore that one really vital alert.

Context is key
Enter the value of contextual insight. Rather than simply churning out data and leaving it to the over-worked analyst to handle, some XDR tools can go a step further by providing that all-important context. All alerts may look basically the same in one tool. But, when brought together with external threat intelligence and other security data, that harmless-looking alert will suddenly have more meaning and jump up the priority list. XDR is designed to break down data silos and provide the context required to help analysts get better insight, by creating a consolidated view of the entire enterprise technology stack and any threats. It pulls together all security solutions and functions into one place, giving analysts a single, comprehensive view of threats across the entire network.

By correlating data from asset inventory and vulnerability information, high-quality threat intelligence, network endpoint telemetry, and third-party log data, analysts get more context on what’s happening — leading to a far more effective and quicker response to threats. Without this context, too much time is wasted on manual tasks and important alerts can easily be missed. This context allows the rapid, focused investigation to be carried out where it’s actually needed.

Providing context using XDR gives security professionals the visibility and insights they need to reduce risks and improve their security approach. It empowers busy teams with the clarity and context to enable them to make the right decisions and deal with potential issues — and quickly.

Continue Reading

Cyber Security

How Cybersecurity Readiness Prevents SMBs from Fuelling Supply Chain Attacks

Published

on

Written by Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East

Supply chain attacks aren’t new. If the past couple of years has taught businesses anything, it’s that the impact of supply chain cyber-attacks is now, universal, from the fallout of the SolarWinds software breach to the exposed Apache Log4j vulnerability and Kaseya last year. Unfortunately, when such supply chain attacks hit smaller businesses who are usually the suppliers to larger enterprises, their impact is especially prohibitive.

For SMBs already feeling the prolonged impact of the pandemic, the added pressure of dealing with sophisticated and frequent cyber attacks in real-time, is a heavy burden, as they try to protect their business against financial, legal, and reputational damage, as well as their own suppliers and larger clients’ security. It is now more important than ever for SMBs to implement strict security hygiene and effective cybersecurity processes to ensure their business is prepared for the event of cyber attacks happening.

SMBs as an indirect avenue of cyber attacks
The ‘new normal’ opened the door to several new vulnerabilities; cyber-attacks globally increased by 50% on average in 2021, compared to 2020. Our Check Point Threat Intelligence report revealed that an organisation in the United Arab Emirates is being attacked on average 906 times per week in the last six months. While security breaches are on the rise, the top threats impacting SMBs have remained the same. In Check Point’s Small and Medium Business Security Report from 2020/2021, we revealed phishing, malware, credential theft, and ransomware to be the top four threats impacting these businesses. So, what does this mean for them?

The reality is threat actors have taken advantage not only of the now-entrenched remote working model to target organisations, but also the usual limits preventing SMBs from bulking up on their cyber security defenses, mainly lack of budget and expertise. SMBs often do not have a dedicated IT or security department, meaning with no in-house security expertise and reduced focus on security patching, these companies are easier to socially engineer and infiltrate.

Adding to this, SMBs usually have employees doing multiple roles, and thus wider access to valuable areas of the business and information is given to them, and so if breached, they pose a  threat to multiple areas within the business. In addition, the business IT infrastructure is often shared for personal use communication as well eg. social media, personal emails allowing easier access to hackers, as the data is often not secured.

Threat actors often target SMBs as low-hanging fruit for their vital role in supply chains. This is especially so as such attacks wreak havoc on not only one organisation but entire businesses within the supply networks. By leveraging tactics such as phishing, cybercriminals gain access to an organisation to launch a malware attack, steal data and credentials or instigate ransomware.

Take, for example, the attack against Target USA where hackers used stolen credentials from an SMB vendor that serviced the HVAC systems in Target stores, to gain access to the retailer’s network and then laterally move to the systems that kept customer payment information. As a result, the global retailer was breached and 40 million credit and debit card details stolen.

The key factor to preventing cyberattacks is threat prevention. With minimal time and lack of cyber expertise or manpower, SMBs must adopt a prevention mindset to minimise potential cyber-attacks and threats.

Why cybersecurity readiness is paramount for SMBs
Beyond the immediate financial impact and reputational blow as a trustworthy, reliable partner, SMBs can also face legal or regulatory repercussions, operational disruption, flow-on costs for system remediation and cyberattack response, customer churn, and the loss of competitive advantage that can make or break a smaller business. In fact, a tarnished reputation as an avenue of attack can be even more detrimental to an SMB organisation, as the loss of trust with a larger organisation could mean a loss of potential business and revenue down the line with them or other new, potential customers.

With this in mind, budgetary constraints to keep computers and corporate networks protected should never be an excuse, as keeping sensitive data and information protected will bring many advantages and benefits to companies. This can range from overall cost savings, compliance with data protection laws, gaining the trust of customers and suppliers, to protecting your documents and information to the maximum by preventing any type of data breach.

How SMBs can prevent supply chain attacks
By applying stronger cyber defences, SMBs are in a position to provide larger organisations with assurance that larger companies they supply to will not be compromised via the SMB partner or third-party vendor. Whilst there are multiple means to prevent such supply chain attacks, the first step is to have good software capable of covering the entire company, protecting the company’s endpoints and devices, supported by regular backups so that, in the event of a cyberattack, they have the possibility of restoring all the data.

Any device that connects to the network can become a security breach, so it is important to secure all endpoints. It is especially critical for remote or hybrid workforces to avoid security breaches and data compromise. Also, all employees should be trained in cybersecurity so that they themselves become the first barrier to any attempted attack, such as phishing via email or SMS. Keep in mind that prevention is one of the best protection measures available.

A viable option for SMBs is to also consider engaging an experienced Managed Security Service Provider (MSSP), who will have the skilled resources, updated security software and experienced expertise to monitor for and analyse threats on behalf of the SMB player. This is especially useful for SMBs who have neither the time nor resources to adequately enforce threat detection and response.

Partnering with a cybersecurity expert equipped with best-in-class security and scalable solution such as Check Point Software can put SMBs in good stead to protect against the most sophisticated attacks and generate trust among larger potential players. Ultimately, SMBs seek a simple plug-and-play solution with best-in-class threat protection, given their lack of financial funding and skills. With an effective cybersecurity strategy, SMBs are better placed to demonstrate their credibility as secure partners to larger organisations, opening up more business opportunities.

Continue Reading

Cyber Security

How Cybercriminals Target Cryptocurrency

Published

on

Written by Sherrod DeGrippo, Vice President for Threat Research and Detection at Proofpoint

As cryptocurrency and non-fungible tokens (NFTs) become more mainstream, and capture headlines for their volatility, there is a greater likelihood of more individuals falling victim to fraud attempting to exploit people for digital currencies.  The rise and proliferation of cryptocurrency have also provided attackers with a new method of financial extraction. It’s commonly believed that cryptocurrency provides more anonymity via less governmental and organizational oversight and visibility coupled with the inherent fungibility, thus making it an appealing financial resource for threat actors. The financially motivated attacks targeting cryptocurrency have largely coalesced under pre-existing attack patterns observed in the phishing landscape prior to the rise of blockchain based currency.

Proofpoint researchers observe multiple objectives demonstrated by cybercriminal threat actors relating to digital tokens and finance such as traditional fraud leveraging business email compromise (BEC) to target individuals, and activity targeting decentralized finance (DeFi) organizations that facilitate cryptocurrency storage and transactions for possible follow-on activity. Both of these threat types contributed to a reported $14 billion in cryptocurrency losses in 2021. In fact, Business Email Compromise topped the list of types of attacks CISOs in UAE expect to face in the coming months with 35% of CISO’s being concerned of potential BEC attacks.

While most attacks require a basic understanding of how cryptocurrency transfers and wallets function, they do not require sophisticated tooling to find success. Common techniques observed when targeting cryptocurrency over email include credential harvesting, the use of basic malware stealers that target cryptocurrency credentials and cryptocurrency transfer solicitation like BEC. These techniques are viable methods of capturing sensitive values which facilitate the transfer and spending of cryptocurrency.

There are multiple DeFi applications and platforms – such as cryptocurrency exchanges – that people can use to manage their cryptocurrency. These platforms often require usernames and passwords, which are potential targets for financially motivated threat actors.

Despite public keys being “safe” to share, researchers are seeing actors solicit the transfer of cryptocurrency funds via BEC type emails that include threat actor-controlled public keys and cryptocurrency addresses. These email campaigns rely on social engineering to secure the transfer of funds from targeted victims.

Credential Harvesting and Cryptocurrency
In 2022 Proofpoint has observed regular attempts to compromise user’s cryptocurrency wallets using credential harvesting. This method often relies on the delivery of a URL within an email body or formatted object which redirects to a credential harvesting landing page. Notably these landing pages have begun to solicit values utilized in the transfer and conversion of cryptocurrencies.

Crypto Phishing Kits
Credential harvesting landing pages are often built with phish kits that can be used to create multiple landing pages and used in multiple campaigns. Phish kits give threat actors the ability to deploy an effective phishing page regardless of their skill level. They are pre-packaged sets of files that contain all the code, graphics, and configuration files to be deployed to make a credential capture web page. These are designed to be easy to deploy as well as reusable. They are usually sold as a zip file and ready to be unzipped and deployed without a lot of “behind the scenes” knowledge or technical skill.

It is no wonder that CISOs around the world consider phishing as one of the most prevalent and challenging cybersecurity threats. A 2021 Proofpoint study found that almost a third of CISOs in the UAE believed they were at risk of suffering a phishing attack. Proofpoint researchers have observed multiple examples of phishing threat actors create and deploy phishing kits to harvest both login credentials to cryptocurrency related sites and cryptocurrency wallet credentials or passphrases.

Business Email Compromise – But For Crypto
A popular form of financial crime vectored through phishing is business email compromise (“BEC”). In 2022 Proofpoint regularly observes cryptocurrency transfer within the context of BEC attempts. Primarily these requests are observed in the context of employee targeting, using impersonation as a deception, and often leveraging advanced fee fraud, extortion, payroll redirect, or invoicing as themes.

The initial BEC email often contains the safe for public consumption values, including public keys and cryptocurrency addresses. By impersonating an entity known to the user and listing an actor-controlled public key or address, actors are attempting to deceive users into transferring funds from their account willingly based on social-engineering content. This is like the way actors use routing and bank account numbers during BEC phishing campaigns.

Conclusion
Financially motivated threat actor activity attempting to steal or extort cryptocurrency is not new. However, cryptocurrencies, digital tokens, and “Web3” concepts are becoming more widely known and accepted in society. Where once “crypto” was a concept that thrived in certain parts of the internet, it is now a mainstream idea, with cryptocurrency apps and services advertised by professional athletes and celebrities, and major events sponsored by cryptocurrency and block chain companies.

But threat actors are way ahead of general adoption of cryptocurrency, with existing infrastructure and ecosystems long established for stealing and using it. And as mainstream awareness and interest increases, it is more likely people will trust or engage with threat actors trying to steal cryptocurrency because they better understand how DeFi operates or are interested in being a part of “the next big thing”.

Users should be aware of common social engineering and exploitation mechanisms used by threat actors aiming to steal cryptocurrencies.

Continue Reading
Advertisement


Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.