Connect with us


Companies Must Place Greater Emphasis on Authenticating Digital Identities



Saeed Ahmad, the Managing Director for Middle East and North Africa at Callsign, says organizations that employ Zero Trust 2.0 can better combat fraudulent activities by using unique employee behavioral profiles.

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?
As regional organizations try to manage the ever-changing threat landscape and secure a growing attack surface, the Zero Trust framework is becoming increasingly popular. As the name suggests, Zero Trust demands authentication at every connection to an organization’s network to create an impenetrable barrier around the organization.

The Zero Trust approach has developed over time from a Fort Knox-style approach which adds friction and can hinder employee experience and productivity, to one that employs intelligent passive indicators based on behavioral analytics.

The former necessitates authentication of every touchpoint connecting to an organization’s network. This strategy causes unnecessary friction, reducing staff productivity and putting security resources under strain. However, a new approach to security known as Zero Trust 2.0 enables organizations to maintain the same “Fort Knox” degree of security while also ensuring employee convenience and productivity.

The answer lies in passive behavioral indicators, for example, the pressure a person exerts when typing or the way they swipe a device is unique and inherent to each individual. This unique behavioral data, when combined with data from a user’s device and location, aids in positively identifying users, instead of just looking for fraudulent users which can result in lots of false positives and increase friction.

Zero Trust 2.0 layers passive behavioral indicators over knowledge-based passwords and location or device-based indicators used in the traditional Zero Trust strategy, allowing organizations to enhance their authentication process without adding friction.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?
In a nutshell, yes. With the work-from-anywhere culture gaining traction in the region, and multi-cloud strategies broadening the attack surface, it is critical for organizations to consider technologies that must protect their infrastructure from any device, from any location in real-time, but at the same time maintain convenient access and maintain productivity.

To do this successfully, companies must shift from an end-point focus to a people-focused approach to security. The traditional Zero Trust strategy is centered on authenticating each touch point with an organization’s network usually from one or the same location on the same device. This approach forces employees to constantly validate their identities at each point of entry but doesn’t necessarily identify if someone is gaining unauthorized access using stolen credentials, and only looks at a set number of interactions.

Organizations that employ Zero Trust 2.0 can better combat fraudulent activities by using unique employee behavioral profiles. Intelligent passive authenticators rely on behavioral analytics, which is data created by one’s digital transactions or online activity. This includes an employee’s network interactions from their workplace laptop, smartphone, or tablet.

Because these indicators are passive, such as the way a pin or passcode is typed, or the way a phone is swiped, it doesn’t add friction and can be deployed throughout the digital journey rather than at moments in time. This means organizations are protecting every interaction, and not just known entry points. This approach serves to identify that the users are who they say they are through unique inherence factors, whereas usernames and passwords alone don’t actually identify the genuine user, so a fraudulent entry could look like a genuine user.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?
As organisations scale up their cybersecurity measures, cybercriminals respond by demonstrating greater sophistication through their malicious campaigns. To ensure the integrity of their assets, organizations must place greater emphasis on authenticating digital identities in an intelligent manner.

The individual user and their behavior are the foundation of this identity. As an example, bad actors can often leverage sophisticated AI-based software to impersonate employees based on physical characteristics, such as facial recognition, or even circumvent it altogether by claiming it’s not working and inputting the step-up method of a pin or password instead. However, with Zero Trust 2.0’s intelligent passive authenticators, an organization’s employees can simply use their own personal behaviors to identify themselves to their organisations. An individual’s behaviors are based on unique muscle memory and are hard for a fraudster to imitate.

Cyber Security

Databases Are the Black Boxes for Most Organisations



Nik Koutsoukos, the Vice President of SolarWinds, says databases represent the most difficult ecosystems to observe, tune, manage, and scale

Tell us about the SolarWinds database observability platform.
Nearly everything a modern business does from a digital perspective requires data. Thus, databases are among the enterprise’s most valuable IT assets. This makes it critical for organisations to ensure their databases are optimised for performance and cost.

That said, databases represent the most difficult ecosystems to observe, tune, manage, and scale. Not only are there different types of databases that serve different purposes, but they are also populated by different types of data, adding to their complexity. The implications of not having visibility into your databases can be anywhere from a costly annoyance to a significant issue that causes business service disruption. For example, most application performance issues, between 70% and 88%, are rooted in the database.

For this reason, databases have largely been seen as a black box for most organisations. You know what goes into it. And you know what comes out and how long that took. However, the complexities that occur within the black box of the database are harder to discern.

This is where the SolarWinds Database Observability comes in. This offering is built for the needs of the modern enterprise environment and helps ensure optimal performance by providing full, unified visibility and query-level workload monitoring across centralised, distributed, cloud-based, and on-premises databases. Organisations armed with SolarWinds Database Observability enhance their ability to understand database implications as new code is deployed, utilise real-time troubleshooting of database performance issues, and isolate unusual behaviour and potential issues within the database.

How does database observability help IT teams track and manage infrastructure, applications, and possible threats?
Database observability collects data about the performance, stability, and overall health of an organisation’s monitored databases to address and prevent issues, and provides deep database performance monitoring to drive speed, efficiency, and savings. With SolarWinds Observability — which supports MongoDB, MySQL, PostgreSQL, and SQL Server database instances — database performance, responsiveness, and error rate are conveniently displayed in dashboards.

Moreover, alerts can be configured to notify admins by email or other methods when user-defined thresholds are crossed. This allows them to identify and remedy issues before they can develop. By gaining insight into the activities taking place inside their database instances, teams can understand user experience as well as ensure systems can scale to meet demand.

What sort of enhancements has your observability platform received recently?
Just this November, we announced major enhancements in the Database Observability capability within our cloud-based SolarWinds Observability platform. SolarWinds Database Observability provides full visibility into open-source, cloud-enabled, and NoSQL databases to identify and address costly and critical threats to their systems and business. It is now possible to navigate across all of the samples collected globally, giving IT teams an empirical distribution of random samples, which resembles the main workload.

What factors according to you will drive the adoption of observability tools in the MEA region?
The Middle East, Türkiye, and Africa (META) are riding a wave of rampant digital transformation as organisations seek to remain competitive. According to IDC, digital transformation spending in the Middle East will accelerate at a compound annual growth rate (CAGR) of 16% over the five-year period, topping US$74 billion in 2026 and accounting for 43.2% of all ICT investments made that year. As organisations continue to shift workloads to multi- and hybrid-cloud environments, the complexity of their IT environments still continues to increase. This raises the potential for visibility and monitoring gaps which ultimately translate to underwhelming or outright frustrating experiences for end users.

Tell us about the top three trends you foresee for 2024.
There are clear signs of the continued adoption of cloud technologies to allow enterprises to become more agile, giving engineering teams the ability to focus on their core competencies and expand and contract on demand.

The adoption of Kubernetes is also increasing as the refocusing introduced by the cloud enables the move to microservices-based architectures which require sophisticated orchestration management.

Finally, we are starting to see an uptick in Vector databases, as applications demand better handling of relationships between data points.

What is going to be your top priority in terms of strategies for 2024?
We will continue to deliver on our vision of making observability easy. OpenTelemetry is driving observability, but data collection is nothing if it can’t provide insights. So, we aim to ensure the data is both collected and curated such that users find it easy to consume and extract valuable insight.

Regionally, through 2024, we will continue to focus on our key markets of the UAE and Saudi Arabia, the ongoing enhancement of our product portfolio, and the strengthening of our channel ecosystem to create more markets for our business and for our partners.

Continue Reading

Cyber Security

Helping Companies Stay Ahead of Cyber Threats



Ahmed El Saadi, the Vice President for Middle East and Africa at Splunk, says Splunk’s observability solutions empower IT teams, to effectively manage and optimise complex environments

How has the regional security threat landscape evolved recently?
The regional security threat landscape has witnessed a significant evolution in recent years. The Middle East and Africa region has become a prime target for cyber threats due to its rapid digital transformation and strategic importance. Cybercriminals are leveraging advanced techniques and exploiting vulnerabilities to launch sophisticated attacks on organisations and critical infrastructure. Threat actors are increasingly focused on data breaches and ransomware attacks. Moreover, the rise of cloud computing, AI, and IoT has expanded the attack surface, making it essential for organizations to strengthen their cybersecurity defences.

Splunk recognises the evolving threat landscape and helps organisations stay ahead of cyber threats. Our comprehensive cybersecurity solutions provide real-time threat detection, incident response, and compliance reporting. We leverage AI and machine learning to analyze vast datasets and identify anomalies, enabling proactive threat hunting. By empowering organizations with actionable insights and the ability to detect and respond to threats swiftly, Splunk enhances the regional security posture and helps protect critical assets.

As the technology landscape shifts with the emergence of technologies such as AI, automation, cloud, and so on, how is Splunk supporting the partner ecosystem to sustain and stay relevant?
Splunk understands the importance of a strong partner ecosystem in navigating the evolving technology landscape. We actively collaborate with our partners in the Middle East and Africa region to ensure they can sustain and stay relevant in the face of technological advancements. Splunk provides comprehensive training and certification programs to enable partners to build expertise in our solutions and stay up to date with the latest industry trends.

We also offer extensive technical support, including partner enablement resources, co-marketing opportunities, and joint go-to-market initiatives. Through our Partner+ Program, we foster strong relationships with our partners, empowering them to deliver value-added services and solutions to customers. Moreover, Splunk’s open and extensible platform allows partners to develop their own applications and integrations, further expanding their offerings and differentiation in the market.

By supporting our partner ecosystem, Splunk ensures that organizations in the region have access to knowledgeable and skilled partners who can help them leverage emerging technologies effectively and drive digital transformation.

Why, according to you, should companies leverage AI, and how can Splunk help with that journey?
Companies should leverage AI to unlock the full potential of their data and gain actionable insights that drive innovation and competitive advantage. AI enables organizations to process and analyze large volumes of data at scale, identify patterns and anomalies, automate manual processes, and make data-driven decisions in real-time. By harnessing AI, companies can enhance operational efficiency, optimize customer experiences, and discover new business opportunities.

Splunk plays a pivotal role in helping organizations embark on their AI journey. Our platform integrates AI and machine learning capabilities, empowering organizations to leverage AI effectively. Splunk provides customizable ML tools to detect anomalies, predict system failures, and automate responses to threats or disruptions. We enable organizations to derive valuable insights from their data, automate critical processes, and respond promptly to issues. With Splunk, companies can unlock the power of AI to enhance operational resilience, drive innovation, and accelerate digital transformation.

What sort of market strategies do you have for the Middle East region?
Splunk has developed robust market strategies to address the unique needs and opportunities in the Middle East region. Our market strategies focus on three key pillars:

  1. Partnerships and Collaborations: We foster strong partnerships with local organizations, including technology partners, system integrators, and value-added resellers. By collaborating closely with these partners, we ensure that our solutions align with regional requirements and are tailored to local market dynamics.
  2. Customer Success and Enablement: We prioritise customer success by offering comprehensive support, training, and professional services. Our team works closely with customers to understand their specific challenges and provide tailored solutions that drive business value. We enable customers to extract maximum value from our platform and accelerate their digital transformation journey.
  3. Thought Leadership and Community Engagement: Splunk actively contributes to the regional tech ecosystem through thought leadership initiatives, industry events, and community engagement. We share best practices, insights, and success stories to foster a culture of innovation and collaboration. By participating in industry events and engaging with local communities, we aim to drive awareness, knowledge exchange, and technological advancements in the region.

Through these market strategies, Splunk aims to establish itself as a trusted partner for organisations in the Middle East, helping them navigate the complexities of digital transformation, strengthen their cybersecurity defences, and drive operational resilience.

What are the challenges faced by IT teams in managing complex environments, and how does Splunk help them overcome those challenges?
IT teams face numerous challenges in managing complex environments, including the need to monitor and troubleshoot a wide range of systems, applications, and infrastructure components. The increasing scale and complexity of IT environments make it difficult to detect and respond to issues promptly, leading to downtime, performance degradation, and customer dissatisfaction.

Splunk helps IT teams overcome these challenges through its observability solutions. Our platform provides end-to-end visibility into IT environments, consolidating data from various sources, and offering real-time insights into system health, performance, and user experiences. Splunk’s AI-powered analytics enable proactive detection of anomalies and predictive identification of potential issues, empowering IT teams to take preemptive actions and prevent disruptions.

Furthermore, Splunk’s automation capabilities streamline IT operations, enabling teams to automate routine tasks, accelerate troubleshooting, and improve incident response times. By leveraging Splunk’s automation features, IT teams can focus on strategic initiatives and deliver better customer experiences.

Overall, Splunk’s observability solutions empower IT teams to effectively manage and optimize complex environments, proactively identify issues, and ensure the smooth functioning of critical systems and applications.

Continue Reading

Artificial Intelligence

Cybersecurity Defences Employing AI Can Combat Threats with Greater Speeds



Emile Abou Saleh, the Senior Director for Middle East, Turkey and Africa at Proofpoint, says a proactive approach to cybersecurity robustly protects organizations against a wide range of threats in an increasingly complex digital landscape

What have we achieved so far in terms of use case scenarios of Gen AI in the realm of cybersecurity?
Generative AI has gained considerable attention in the news lately, and like any new technology, there’s a lot of excitement around it. Today’s Generative AI tools go beyond traditional chatbots; they are becoming more advanced. Generative AI’s potential reaches far and wide, benefiting professionals across different industries. Financial advisers can use it to analyze market trends, educators can tailor lessons to students’ needs, and it’s also proving useful in the field of cybersecurity. Security analysts can leverage Generative AI to examine user behaviour and detect patterns that could indicate potential data breaches.

One of the standout features of Generative AI in cybersecurity is its ability to quickly and accurately process vast amounts of data related to emerging threats. Security administrators can use these tools to run queries quickly, and in just a few minutes, these tools can summarize current credential compromise threats and highlight specific indicators to watch out for.

Why according to you should cybersecurity companies leverage generative AI?
Our lives and work cultures are forever changed, with so many people working and interacting digitally—and the velocity of business and the volume of corporate data we generate growing exponentially, across multiple digital platforms.

Many organizations across all industries have found that implementing artificial intelligence (AI) into business systems has helped them to ensure continuity, with one main aspect being increased productivity. When looking at this from a cybersecurity point of view, there are many ways AI and machine learning (ML) can bolster an organization’s overall cybersecurity posture.

Today’s threat landscape is characterized by attackers preying on human vulnerability. Proofpoint research shows that nearly 99% of all threats require some sort of human interaction. Whether it is malware-free threats such as the different types of Business Email Compromise (BEC) or Email Account Compromise (EAC) like payroll diversion, account takeover, and executive impersonation, or malware-based threats, people are falling victim to these attacks day-in and day-out. And all it takes is one click, from one employee for a threat actor to infiltrate an organization’s systems, no matter how complex the environment.

To stop these types of attacks, organizations need to deploy a security solution that can stay ahead of the ever-changing landscape and adapt to the way humans act. AI and ML are critical components in a robust cybersecurity detection strategy. It’s faster and more effective than manual analysis and can quickly adapt to new and evolving threats and trends. Cybersecurity defences that employ AI can combat such threats with greater speed, relying on data and learnings from previous, similar attacks to predict and prevent their spread.

What are the cybersecurity challenges facing companies with the adoption of AI and how can they be overcome?
With the adoption of AI, organizations face a set of cybersecurity challenges that need immediate attention. While AI has shown remarkable progress in defending against common threats, it has also opened doors for cybercriminals.

Take phishing: AI has the potential to supercharge this threat, increasing the speed and accuracy in which these phishing emails are sent to victims. However, it’s important to remember that many social engineering emails aren’t designed to be “perfect” – they are intentionally written poorly to find people who are more likely to engage.

That’s also only one part of the threat. Headers, senders, attachments, and URLs are among the many other threat indicators that are analyzed by robust detection technologies. Even where there would be a substantial benefit to having better-crafted emails, like many business email compromise scenarios, there is a lot of other information the threat actor needs to have access to. They need to know who is paying what money to whom and at what dates, which they probably have already accessed in a different way. They don’t necessarily need AI assistance when they already have access to that person’s inbox and they can merely copy an old email.

It’s crucial for organizations to note that no matter the attack vector, or how complex it is, the majority of cyberattacks require human interaction to be successful. By tricking just one employee, threat actors can circumvent security tools and siphon sensitive corporate data. Organizations must implement a people-centric cybersecurity strategy, consistently training employees at all levels of the business, in cybersecurity best practices so they are aware of the latest cyber threats and are able to detect them, report them, and not fall victim to them.

How can organizations use their resources effectively to leverage Gen AI to gain a competitive edge in the cybersecurity landscape?
To effectively leverage Generative AI and gain a competitive advantage in the cybersecurity landscape, organizations should focus on two vital aspects. It is firstly essential to embrace a people-centric security model for data loss prevention, acknowledging that individuals often play a pivotal role in the movement of data. This approach encompasses content awareness, behavioural analysis, and threat awareness, granting in-depth insights into how employees interact with sensitive data.

Increased visibility facilitates real-time detection and prevention of data loss incidents. Secondly, organizations should integrate artificial intelligence (AI) and machine learning (ML) technologies into their cybersecurity practices. For instance, in email security solutions, AI and ML swiftly identify and thwart phishing campaigns, malicious URLs, imposter messages, and unusual user activity in cloud accounts. A proactive approach to cybersecurity robustly protects organizations against a wide range of threats in an increasingly complex digital landscape.

Continue Reading

Follow Us


Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.