Written by Emile Abou Saleh, senior regional director, Middle East, Turkey, and Africa, Proofpoint
Protecting organizational data and credentials has never been more critical. Threat actors today realize that it’s more effective (and cheaper) to steal credentials and log in, than trying to hack through technical controls. Once they have siphoned access details from just one employee, they move laterally, stealing even more credentials, compromising servers and endpoints, and downloading sensitive organizational data. And most of these attacks start by targeting unsuspecting employees via email.
Cybercriminals understand that your people hold access to your crown jewels (your data), and that the majority can be relatively easily tricked into taking an action which could put the security of your organization in jeapordy.
Employees across all job levels and functions can put organizations at risk in numerous ways, from using weak passwords and sharing credentials to clicking on malicious links and downloading unauthorized applications. Unfortunately, many employees in the Middle East are demonstrating risky behaviours that could lead to a successful cyberattack.
According to Proofpoint data, the Middle East’s working professionals are putting their employers at risk through their cybersecurity negligence. There is a real lack of ownership when it comes to cyber security: with only 17 percent of employees in the UAE and 14 percent in KSA believing that they share the responsibility for cybersecurity in their organization.
Worryingly, today’s hybrid work environment has intensified the risky behaviours that facilitate successful cyberattacks. From using USB drives and downloading attachments and files from unknown sources to clicking on malicious URL links – Middle East organizations are at risk from many forms of insider threats. More than half (51 percent) of UAE employees and 44 percent of KSA-based employees have connected to home or public Wi-Fi networks without knowing if they are secure.
Driving behaviour change
So what can organizations do to reduce people-centric risk and drive behaviour change? As traditional working models evolve, the old ways of protecting data no longer work. Organizations will need to work together with their employees to up their game and adapt data loss prevention and insider risk solutions to protect endpoints, cloud apps, email, and the web. Data loss for organizations is more than an IT problem and employees must understand they play a critical role in preventing data breaches.
Cyber threat education for users is a part of the answer. A more sustainable and effective solution, albeit a more challenging one to implement, is building a security culture, that goes beyond compliance and training, and motivates and empowers users to keep their organizations safe.
Cybersecurity culture is defined as “the beliefs, values, and attitudes that drive employee behaviors to protect and defend the organization from cyberattacks.” It is a strong factor in the development of positive security behaviors. When employees feel responsible for helping prevent incidents it improves an organization’s overall security posture. When employees buy into the belief that security is everyone’s responsibility, it leads to higher vigilance, appropriate behavior, and prevention of data theft. Overall, it helps reduce people-centric risk.
With a strong cybersecurity culture, users learn to build sustainable habits that extend protection to their personal lives – which is even more vital in the hybrid work environment. After all, cyber threats and online scams do not end at work. Proofpoint data shows that 31 percent of working adults in the UAE and 29 percent in KSA had their social media accounts hacked in the past year. More than one in five also admit they suffered financial loss due to fraud, while 21 percent of UAE and 19 percent of KSA respondents had their online credentials stolen in the past year.
Along with the sense of ownership for an organization’s cyber security, all users need to be empowered with the right knowledge and tools to identify threats and feel responsible for doing their part to prevent attacks from disrupting or damaging the organization. When faced with threats after-hours, on personal devices, or when they least expect them, users then know how to thwart malicious cyber actors.
The good news is that organizations in the Middle East are taking the right steps to raise employee cybersecurity awareness. However, an effective and comprehensive cybersecurity awareness training program that adapts to the ever-evolving threat landscape is fundamental, as employees are increasingly accessing organizational data from multiple platforms, devices, and locations.
The Evolution of Cybersecurity in Banking
By Ricardo Ferreira, EMEA Field CISO at Fortinet
Changes in the banking sector associated with new digital initiatives have ushered in unprecedented cybersecurity risks. As highlighted in recent reports, key activities in the financial ecosystem can be disrupted by cyber incidents, so risk management and secure network protocols are paramount. With cybercriminals relentlessly pursuing financial gain, data breaches have become more frequent and sophisticated, underscoring vulnerabilities in the banking sector.
Regulatory approaches, such as EU DORA, G7, and reports from other central banks and regulators, emphasize the critical importance of cyber resilience in the banking sector. These regulations are reactive measures to past threats and proactive strategies designed to anticipate and mitigate future risks. Characterized by continuous digitization, increased third-party dependencies, and geopolitical tensions, the evolving cyber threat landscape demands a robust response from financial institutions.
Central Bank Digital Currencies (CBDCs) add another layer of complexity. As CBDCs gain traction, they present both opportunities for financial inclusion and challenges in terms of cybersecurity. In this competitive landscape, where traditional banks, financial technology disruptors, and digital-native challenger banks strive for market share, delivering a seamless digital experience is crucial. However, institutions must not lose sight of potential vulnerabilities as they race to innovate. Embracing digital technologies is essential, but so is ensuring that these technologies are safeguarded against ever-evolving threats.
As banks and financial services providers continue to grow and innovate, a holistic approach to cybersecurity informed by the latest regulatory insights and threat intelligence will be crucial to ensure sustainable and secure progress.
Cybersecurity in Banking
In the rapidly evolving digital landscape of banking, cybersecurity teams are at the forefront of a complex battle. The financial sector is particularly vulnerable to cyber threats, including significant data breaches. The financial sector is a favourite target for attacks seeking financial gain, trade secrets, or service disruptions that bring publicity to social or political causes. In fact, financial and cybercrimes are now top global policy concerns, according to a new INTERPOL report.
Depending on the severity of the attack and the specific bank in question, a single successful breach can lead to serious damage to the brand. According to the European Union Agency for Cybersecurity (ENISA), more than 10 terabytes of data are stolen monthly, and more than 60% of organizations may have paid ransom demands. Another report states that 2022 was the biggest year ever for crypto hacking.
As digitization becomes an even greater necessity across the banking industry and security risks increase, executive teams need to ensure the resiliency of their business operations, compliance with government and industry regulations, and the effectiveness of their cybersecurity infrastructure to protect the expanding attack surface.
Financial services providers must defend against an onslaught of data breaches, ransomware, malware, phishing, and social engineering attacks growing in sophistication, frequency, and intensity. The challenges of fending off threats increase as the attack surface expands in breadth and complexity. In its 2023 Global Cyber Risk Outlook, Moody’s states that regulators and insurers are taking actions to reduce financial exposure to cyberattacks, and at the same time, demand for cyber insurance will outweigh supply.
To remain competitive and resilient in this environment, financial institutions must continue to innovate and ensure that those innovations are secure. This dual mandate becomes even more challenging given the expanding attack surface, driven by the rise of digital banking, fintech disruptors, and the introduction of CBDCs and the modernization of their core systems. Key cybersecurity imperatives for banking include:
- Visibility. Maintaining comprehensive network visibility is paramount with the proliferation of mobile banking, IoT integrations, and cloud deployments. As the cyber threat landscape becomes more intricate, having clear oversight of all network activities is crucial to prevent data breaches and manage cybersecurity risks.
- Automation and operational efficiency. The era of siloed security solutions is fading. Modern cybersecurity demands integrated solutions that can automate tasks, reducing the need for manual configurations and constant monitoring. Implementing “policy as code” can further streamline this process, ensuring that security policies are consistently and automatically enforced across a secure network.
- Flexibility. The diverse IT architectures, spanning multi-cloud and on-premises deployments, necessitate agile security controls and policies. As financial institutions navigate the complexities of digital transformation, their security solutions, including policy as code practices, must be adaptable, ensuring that security policies align seamlessly with infrastructure changes.
- Compliance reporting. Regulatory compliance is not just a checkbox exercise. With central banks and other supervising authorities emphasizing cyber-resilience regulations, security teams must strike a balance between adhering to these regulations and proactively defending against cyber threats. Utilizing policy as code can also aid in ensuring compliance by codifying and automating policy checks.
Lastly, the human element cannot be overlooked. Beyond state-of-the-art technology, financial institutions need skilled professionals who can harness the potential of new platforms and systems. The limited availability of specialists in niche areas and a potential knowledge gap in understanding intricate products, processes, and systems pose additional challenges.
As the banking sector continues its digital journey, a holistic, informed, and agile approach to cybersecurity, adopting and succeeding at digital initiatives to converge network and security, reskilling the workforce, and driving automation will be the linchpins of success. Ensuring a secure network and effective risk management in the face of potential data breaches and evolving threats is paramount.
Cybersecurity Regulatory Impacts
Although the banking sector is a beacon of financial stability, it is increasingly grappling with dual challenges: ensuring robust cybersecurity and adhering to evolving regulations. As financial institutions strive to meet customer demands and counteract cybersecurity risks, they are simultaneously navigating a labyrinth of stringent data privacy and security regulations. These regulatory measures, coupled with the expanding digital landscape, have inevitably escalated operating costs, particularly in the realms of compliance for both retail and corporate banks.
The imperative for heightened security and compliance in banking is underscored by the need to protect sensitive personal data, maintain transactional integrity, and safeguard the health of national and global economies. Yet, a recent International Monetary Fund (IMF) survey paints a concerning picture of the regulatory landscape. Covering 51 countries, the survey revealed:
- 56% of central banks or supervisory authorities lack a dedicated national cyber strategy for the financial sector.
- 42% lack specific cybersecurity or technology risk-management regulation, and a staggering 68% do not have a specialized risk unit within their supervisory department.
- 64% have not mandated testing or provided guidance on cybersecurity measures.
- 54% do not possess a dedicated regime for reporting cyber incidents.
- 48% are without specific regulations addressing cybercrime.
While these statistics might paint a bleak picture, it’s essential to view regulatory and security requirements not as hindrances but as catalysts for innovation and risk management. For example, McKinsey highlights the potential of data analytics in banking, suggesting that it can lead to risk-reduction savings valued at up to $1 billion annually for some large banks. These savings encompass reduced fines, enhanced compliance reporting accuracy, improved management of sensitive data, and the mitigation of various other risks.
As the banking sector continues its digital evolution, striking a balance between innovation, cybersecurity risks, and regulatory compliance will be pivotal. Embracing this triad can unlock unprecedented opportunities, ensuring a secure, compliant, and forward-looking financial landscape.
Cybersecurity Risk Management for Banks
Cyber-risk management in today’s banking landscape extends beyond technical measures to encompass a holistic, organization-wide approach. However, many institutions grapple with limited tools to gauge cybersecurity risks, especially when integrating new digital partners and technologies.
Recent regulations emphasize operational resilience, advocating for a globally aligned risk management framework. This international convergence seeks to standardize practices, reducing fragmentation. A notable aspect of these regulations is the scrutiny of third-party providers, given their growing significance in the financial ecosystem.
While banks are traditionally cautious in IT vendor selection, the rise of innovative startups offers a number of promising solutions. Yet, this openness must be balanced with due diligence, especially when third-party relationships can introduce cybersecurity vulnerabilities. As banks evolve digitally, a harmonized approach to risk management that considers global regulations and third-party integrations is essential for a secure and progressive banking sector.
Banking Cybersecurity Challenges
Historically, banks have operated as siloed entities. Distinct departments, each with unique objectives, often rely on separate systems. This fragmented approach has inhibited growth, restricted scalability, and diminished customer satisfaction. Traditional banks, particularly, have garnered a reputation for cumbersome processes, especially when customers seek new services or support.
Implementing a unified platform that centralizes data and bridges the gap among various systems can effectively counteract the challenges posed by these silos. However, information silos also amplify cybersecurity risks, data breaches, and compliance concerns beyond operational inefficiencies, which are all pressing issues in today’s banking landscape.
The integrity of the IT infrastructure and the vast amount of data it houses remain a paramount concern in banks’ digital transformation journey. Addressing technical debt is crucial. This debt is often a byproduct of historical underspending and the juxtaposition of modern technologies atop outdated infrastructure. To navigate these challenges, banks should establish dedicated units or expert teams focused on innovating and ensuring that their offerings remain competitive. Assigning clear responsibilities for these innovation projects is pivotal.
Gone are the days when IT security in banking was a linear affair. Today’s banking ecosystem comprises tens or even hundreds of thousands of interconnected devices ranging from computers to Internet-of-Things (IoT) integrations. And when the proliferation of social, cloud, and mobile channels is factored in, the potential attack surface for data breaches and cybersecurity risks magnifies exponentially. The pressing question remains. How can banks ensure a secure network amid such vast complexity?
Although the need for financial organizations to embark on digital initiatives is essential, it accentuates the need for scalable security and compliance solutions. As banks evolve, the scalability offered by Software-as-a-Service (SaaS) solutions becomes indispensable, especially in the retail banking sector. Organizations must ensure that risk management remains agile and responsive to the ever-expanding digital landscape.
Secure Networking Solutions for Financial Organizations
Whether an organization has cutting-edge or legacy technology, infrastructure vulnerabilities can become prime targets for cybercriminals. As these adversaries relentlessly exploit weaknesses, financial institutions face the potential for significant financial losses, operational downtime, brand damage, and regulatory fines. Financial leaders must prioritize the resilience and overall health of their institutions.
Financial institutions should consider converging networking and security into a single secure networking solution to address these challenges. They can apply consistent threat intelligence and security services by consolidating disparate point products into an integrated cybersecurity platform.
Key features of an ideal security solution include:
- Visibility: Comprehensive oversight across the entire digital attack surface
- Advanced protection: Defense mechanisms against threats that are growing in volume and sophistication
- Intelligent integration: Seamless integration within a smart IT architecture
- Automation: Leveraging technology to address the shortage of skilled human talent
- Simplified compliance: Streamlined processes to ensure adherence to data privacy regulations
How to Enjoy Threads and Keep High Levels of Privacy and Security
Recently Threads released a new Web version allowing users to finally search for content and use other features from any of their desktop devices. For those who still use Threads, Kaspersky experts have compiled a list of tips on how to do it securely, protect personal data, and avoid scammers.
Kaspersky experts have previously discovered phishing pages imitating the web version of the social network and collecting users’ logins and passwords, as well as offers of a so-called “Threads Coin” promising to “connect users to the Metaverse,” which was fake and sold for cryptocurrency on the Web. It is important for users to always be on alert when exploring new social media platforms.
- What is important to know regarding security settings in Threads:
- Threads offers a Security Checkup. This feature shows key security-related data about Threads, Instagram or Facebook accounts. It reflects currently connected email addresses, mobile phone numbers, the last time the password was changed and whether two-factor authentication (2FA) is on or not.
- Users should not forget to set up 2FA. Threads is connected to the Instagram profile and uses the same logging details, so users should remember: one password gives access to two accounts! It’s always more secure to use 2FA as a security layer that protects accounts from unauthorized access. Modern reliable password managers can also generate and store unique one-time passwords for 2FA, that’s why one doesn’t need to install and use a separate solution for authentication.
- It’s impossible to delete the Threads account alone – the connected Instagram profile will be deleted as well, which means that all data will be concealed from other users of the social network.
- To do this, users need to go to Settings -> Account -> Deactivate profile and press Deactivate Threads profile.
- As for privacy, a user can limit who can contact them by muting, restricting or blocking someone. In all these cases, none of the contacts will be notified of these actions.
- If you don’t want to see someone’s post, you can mute the user. In case you don’t want to receive notifications of someone’s actions such as likes, replies, and so on, you can restrict the user. If you block a user, they won’t be able to find your profile or account – the list of blocked users is shared between Threads and Instagram.
- To mute, restrict or block someone, go to their profile, click on the three dots in the upper right corner and select the action.
- To strengthen the privacy level in your Threads account, the following tips can be useful:
- You can monitor and set up, who can mention you in posts with ‘@’ symbol.
- Threads is trying to fight against offensive language, so users can filter offensive language in responses to their posts. The platform offers several tools, like automatic filtering with built-in lists or manually adding specific phrases and words.
Achieving a Successful Continuous Threat Exposure Management Program
Written by Lydia Zhang, the President and Co-founder of Ridge Security
If your organization is concerned about increasing and expanding cyber threats, you are not alone. While many enterprises recognize the need to create a multi-layered security posture, this article explores the importance of Continuous Threat Exposure Management (CTEM) and how it can help proactively manage risks and bolster defences against growing cyber threats.
CTEM is a cybersecurity program that goes beyond simply responding to threats. It leverages proactive attack testing and simulation to identify and mitigate vulnerabilities before real attackers exploit them. Organizations can prioritize and allocate resources more effectively by continuously monitoring and evaluating security risks. This systematic approach allows for a more robust defence in the face of a rapidly expanding attack surface.
Primary Benefits of Implementing a CTEM Program
Let’s take a closer look at some of the key advantages of implementing CTEM. By continuously scanning and monitoring your digital infrastructure, you can proactively stay one step ahead of cyber threats. CTEM prioritizes threats based on their potential impact and likelihood of occurrence. This way, resources can be efficiently allocated to tackle the most significant risks first. By following an iterative approach, CTEM allows you to learn from each assessment and adapt defences accordingly. You can implement effective remediation measures and continuously improve your security posture by generating actionable insights from real-time threat data.
This data-driven approach ensures decisions are made based on the latest threat intelligence. This empowers security teams to make more targeted and effective remediation efforts by leveraging real-time data. To maximize the effectiveness of a CTEM program it must be aligned with the organization’s business objectives. This also helps achieve adaptability and continuous protection against the ever-evolving threat landscape. By incorporating your strategic business goals into the CTEM program, you can ensure that it works hand-in-hand with your overall cybersecurity strategy.
The Lifecycle Process of an Effective CTEM Program
A successful CTEM program follows a comprehensive lifecycle process. Let’s break it down into key steps. In the initial phase, the security team identifies and analyzes the infrastructure assets to be included in the program. This analysis encompasses both internal and external attack surfaces, including on-premises and multi-cloud infrastructures.
Each asset’s risk profile is evaluated, covering explicit vulnerabilities and weaknesses like misconfigurations. Understanding the potential impact of vulnerabilities on business operations is essential. Gaps in the security infrastructure are identified, such as logging and detection gaps, and missing, fragmented, meaningless detection rules.
Cybersecurity capabilities, such as automated pen-testing, controlled attack simulation, and adversary emulation, are carried out within DevOps and production environments. These activities verify cybersecurity weak points and assess the effectiveness of your remediation efforts. Automation plays a crucial role in the CTEM process. It enables organizations to continuously identify, prioritize, validate, and address vulnerabilities and threats. By leveraging automation, you can stay ahead of the evolving threat landscape and constantly improve your security posture.
How to Tell If Your CTEM Program Is Working
Once you have a CTEM program, how do you know if it’s making a difference? There are some key indicators that can help measure the success of your CTEM program.
The first and most obvious sign of a successful CTEM program is decreased security risks. You want to see fewer vulnerabilities popping up, and when they do, you want faster resolutions. You also want to see a drop in successful attacks or breaches. In this cyber game of cat and mouse — your CTEM program should be the cat!
An effective CTEM program will see an improvement in your ability to detect bad actors trying to disrupt systems. It’s not just about quantity; you also want to see the increased complexity of threats detected. After all, cybercriminals are constantly evolving, so your CTEM program needs to keep up!
Time is of the essence when it comes to cybersecurity. A successful CTEM program should help you reduce the time between discovering and fixing a threat. The quicker you respond, the less damage, so keep an eye on how fast you’re remedying those vulnerabilities.
Automated pen-testing, workflow segmentation and Breach and Attack Simulation are ways of measuring how well your security controls are performing. You want to see those controls becoming more effective over time. It’s training your defences to be stronger and smarter.
Compliance is essential if you’re in an industry with regulatory requirements. A successful CTEM program should help you meet and maintain those compliance standards. So, pay attention to any decrease in compliance violations or issues. It’s a good sign that your program is on the right track.
Now that you know how to assess the success of your CTEM program, keep an eye on these indicators, and remember, it’s all about reducing risks, improving threat detection, responding faster, enhancing security controls, staying compliant, and protecting what matters most to your business.
Cybersecurity Collaboration Holds Immense Significance in Today’s Threat Landscape
Sophos to Focus on Cybersecurity as a Service (CSaaS) at GITEX 2023
42 Abu Dhabi Hosts Coding Hackathon in Collaboration with Al Hathboor Bikal.ai
Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape
The Average Time to Investigate a Cybersecurity Incident is Around 26.1 Days, says Binalyze
Check Point Software Announces the Launch of the Check Point Infinity Portal in the UAE
CyberKnight Signs up as Official Distribution Partner for MENA ISC 2023
Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape
Ongoing Large-Scale Effort to Illegally Obtain Zimbra Email User Credentials Detected
IDC Predicts ICT Expenditure in Saudi Arabia to Exceed $34.5 Billion This Year
Video: Edgio Says Automation Will Bridge the Talent Gap in the Security Industry at GISEC 2023
Video: Tenable Throws the Spotlight on its Exposure Management Platform at GISEC 2023
Video: SANS Institute Focuses on Cyber Security Training to Bridge the Skills Gap at GISEC 2023
Video: Nozomi Networks Focusses on OT and IoT Security, and Network Visibility at GISEC 2023
Video: Inogates and Harfanglab Focus on EDR Solutions at GISEC 2023
Cyber Security5 days ago
Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape
Channel Talk7 days ago
CyberKnight Partners with NightDragon to Bring New Cybersecurity Innovations to the META Region
Artificial Intelligence5 days ago
The 43rd Edition of GITEX GLOBAL to Take Place From 16th to 20th October 2023
Artificial Intelligence1 week ago
F5 to Show Off Multi-Cloud Networking and AI Solutions at GITEX 2023
Channel Talk1 week ago
CrowdStrike Intros Accelerate Partner Program
News1 week ago
Check Point Software Completes Acquisition of Perimeter 81
Cyber Security7 days ago
Cybercriminals Used Malware in 7 Out of 10 Attacks on Individuals in the Middle East
Cyber Security5 days ago
The Average Time to Investigate a Cybersecurity Incident is Around 26.1 Days, says Binalyze