Black Hat MEA
Sophos to Highlight its MDR Among Other Solutions at Black Hat MEA
Harish Chib, VP Emerging Markets, Middle East & Africa, Sophos, says his company will help businesses to protect their networks from even the most sophisticated attacks
How has the regional threat landscape evolved over the past few months?
The MENA region’s cybersecurity landscape is evolving, with governments placing greater emphasis on data privacy and protection regulations. Sophos is well-positioned to help organizations in the region meet these requirements through our cutting-edge solutions, including endpoint protection, firewalls, and managed services like MDR (Managed Detection and Response).
What are the five major cybersecurity predictions for the upcoming months?
- Supply Chain Attacks – The Comeback Threat: One of the most disruptive cybersecurity events of the past year, the ransomware attack on CDK Global—a leading software provider for car dealerships—highlighted the broad-reaching impact of supply chain attacks. The incident, which disrupted thousands of U.S. car dealerships for over a week, is a stark reminder of the cascading consequences that such attacks can have on interconnected industries.
- Ransomware Actors Pivot to Cloud Assets Amid Endpoint Security Gains: As organizations implement more advanced endpoint security tools, such as Sophos Endpoint Detection and Response (EDR) and Multi-Factor Authentication (MFA), attackers are increasingly targeting cloud environments, which are often less protected by MFA and other controls. With account access harder to compromise due to MFA, attackers are now exploiting cloud assets and authentication tokens to gain footholds
- Cybercriminals Use Noise and Distraction Tactics to Disorient Defenders: To evade detection, cybercriminals are using distraction tactics to pull incident responders’ attention away from their primary objective. By creating “noise”—such as minor attacks or false incidents—attackers can overwhelm response teams, allowing larger threats to advance undetected.
- Generative AI Lowers the Barrier for Cybercrime, Increasing Attack Volume: Generative AI platforms have made it easier for less-skilled attackers to create and launch credible cyberattacks. By using AI models to generate phishing emails, malware code, and other attack tools, novice attackers are flooding the digital landscape with new threats, creating a significant resource strain for defenders.
- Fatigue and Burnout Among Cybersecurity Professionals Reach Critical Levels: Cybersecurity teams are grappling with increasing levels of burnout as they contend with complex and evolving threats, a shortage of skilled professionals, and rising expectations. The intense workload, coupled with continuous cyber incidents, is driving high attrition rates, with many seasoned professionals choosing to leave the field.
What are your plans for Black Hat MEA?
At Black Hat MEA, Sophos will showcase our latest advancements in cybersecurity, particularly focusing on how our solutions can support organizations in Saudi Arabia in their journey toward Vision 2030. One key area of emphasis was the Sophos Firewall, which offers robust network security with advanced threat protection, web filtering and secure VPN access, ensuring that businesses can protect their networks from even the most sophisticated attacks.
We will also highlight Sophos Managed Detection and Response (MDR), our comprehensive threat detection service that combines machine learning and expert human analysis. With MDR, our security team actively monitors, detects and responds to threats 24/7, allowing organisations to focus on their core business while maintaining a strong cybersecurity posture. By integrating Sophos Firewall and MDR, we provide end-to-end security coverage that aligns with the Kingdom’s strategic goals for a resilient and secure digital infrastructure.
Tell us about your regional commitment in terms of expanding reach through partnerships.
We work hand-in-hand with local partners and organizations to develop and implement strategies tailored to Saudi Arabia’s specific needs. Our regional presence ensures that businesses and government institutions receive the expertise and support required to stay ahead of emerging threats.
Black Hat MEA
Phosphorus Cybersecurity to Partner with Cyberani for Black Hat MEA 2024
Osama Al-Zoubi, the Vice President of Phosphorus Cybersecurity, says over the next year, we will see more sophisticated OT-focused malware (more…)
Black Hat MEA
Black Hat MEA 2024 Expects to Host Over 40,000 Cybersecurity Professionals
The highly anticipated Black Hat MEA officially opened its doors yesterday in Saudi Arabia, marking a global record as the largest cybersecurity expo by space with an overall floor space of over 53,000 square meters. Running from November 26-28 at the Riyadh Exhibition and Convention Centre in Malham, the three-day mega-event launched with an engaging Executive Summit addressing critical topics such as the transformative impact of AI on cybersecurity, the rapidly shifting cyber threat landscape, and the challenges of hacking in outer space.
The opening ceremony was officially inaugurated by His Excellency Eng. Faisal Al-Khamisi, the Chairman of the Saudi Federation for Cybersecurity, Programming & Drones. In his opening remarks, Al-Khamisi underscored the event’s growth and importance.
“We take great pride in announcing that Black Hat MEA has officially become the world’s largest cybersecurity event by area, reflecting its remarkable growth and global stature,” he said. “Four years ago, we demonstrated the readiness of the Saudi market with the inaugural edition, and by Black Hat MEA 2023, it had grown to become the most-attended cybersecurity event globally. Over the next three days, attendees will experience a truly unique event featuring more than 350 speakers, 450 exhibiting companies, and participation in 10 diverse features.”
Black Hat MEA 2024 promises to set a new benchmark for innovation, collaboration, and knowledge-sharing within the global cybersecurity community. Opening the Executive Summit was Kirsten Davies, Founder and CEO of the Institute for Cyber Civics, who conducted a session called ‘Guarding the Ballot’. Davies said that while there were enormous measures for securing the votes in the ballots, there were still quite a few cybersecurity headlines.
“We had issues in software systems with duplication ballots, where the registrations hadn’t been cleaned up before election day, meaning there were people voting who shouldn’t have been eligible to,” she said. “In some states, there were even cases where thousands of votes had no signatures or ID attached to them.
“As an industry, we are charged with protecting the most sensitive and critical data, and even in the most sacred parts of our governments and election processes, we need to be unafraid to look where the gaps are, where we should be doing risk analysis. With the adoption of artificial intelligence in its many forms, we could see the use of blockchain when it comes to voting, whether we want to transition to a fully digital platform or use mobile phone face scans to verify the ID of said voter.”
Discussing the complexities of cybersecurity and its multifaceted domain involving systems, people, and processes, Gary Hayslip, CISO at Softbank Advisors, highlighted the importance of understanding a company’s purpose, data usage, and stakeholder relationships to build resilient security programs. Hayslip shared his experiences from various roles, including the US Navy, the City of San Diego, Webroot, and Softbank Investment Advisors, detailing how he adapted different frameworks to fit each organization’s culture and needs.
“When I left the federal government and joined the city of San Diego as their first CISO, what was unique in this environment was the sheer scale of smart city projects and networks sprawling across the city, supplying services to over four million citizens,” Hayslip said. “When I first started, no one had any idea what a framework or system was, but they just knew they needed someone to manage everything. “Even though we were handling things such as credit card transactions, what I learned pretty quickly was that it was all about relationships.
Many of the stakeholders had known each other for years, so it was extremely important for me to take – what I call – the ‘fish taco’ approach, which is to invite them for lunch and get an understanding of their needs. I faced a lot of pushback, but occasionally, I would find someone who would be willing to take my help and do a project together, finding my champions. Once you do a few assessments around baseline risk and results start to show, that’s when things start to happen, and the net gets cast wider.”
In an insightful and slightly terrifying session surrounding deepfakes and the impact of such malicious AI attacks, Bilal Baig, Technical Director, Mediterranean, Middle East, and Africa, for Trend Micro, pondered how it is possible to keep up with what is happening with so much data, AI systems, and models being created and circulated. “The current threat landscape can be divided into three factors: Ransomware, data theft, and phishing. We have platforms such as YouTube, which are the perfect places for bad actors to use AI programs to scan the faces of a CEO or Chief Legal Officer [CLO] in videos, which are then used as tools to gain valuable company information,” said Baig.
“We have seen instances where a targeted email is sent to an employee requesting a Zoom call with the CEO and CLO, and the deepfake video is played during the call requesting the employee to upload sensitive financial company information ahead of a last-minute and important meeting with a client or government partner. To the untrained eye, it is hard to tell the difference, and these types of attacks work all the time.”
Day One of Black Hat MEA also heard from cybersecurity expert Umar Khan, who shed light on hacking satellites, rockets, and more at the Executive Summit. Khan, who is Chief Information Officer and Senior Vice President at Relativity Space, has worked with industry giants such as SpaceX and MaxLinear and highlighted the different components of satellites and rockets, explaining how they function and communicate. Highlighting the increasing accessibility of information due to the use of commercially available parts and open-source software, Khan argued how this public access has fed into new attack vectors for malicious actors.
“Satellites are no longer these mysterious black boxes,” Khan said. “Many are built with components we already know, such as smartphone processors and Linux operating systems. This makes it easier than ever for attackers to exploit weaknesses in the software and hardware. The rise of low-cost ground station technology means anyone with a US$35 software-defined radio and an internet connection can potentially eavesdrop on satellite communications or even take control of a spacecraft.” Khan concluded his session with a call to action for the cybersecurity community, emphasising the urgent need for secure-by-design principles in space systems, regular vulnerability scanning, and robust incident response plans.
“The resounding success of the first day of Black Hat MEA has surpassed all expectations. The energy, innovation, and collaboration on display have set a powerful tone for the days ahead,” said Annabelle Mander, Senior Vice President of Tahaluf. “It’s enlightening to see industry leaders, experts, and enthusiasts come together to address today’s most pressing cybersecurity challenges while shaping the future of digital resilience. This is more than an event – it’s a movement towards a safer, more connected world.”
Black Hat MEA
Axidian Unveils Advanced Identity Security Solutions at Black Hat MEA 2024
Axidian is set to showcase its innovative product portfolio at Black Hat Middle East & Africa (MEA) 2024, taking place in Riyadh, Saudi Arabia. The company will introduce its flagship product for 2025, Axidian Shield, an advanced Identity Threat Detection and Response (ITDR) solution, alongside its other solutions including Privileged Access Management (PAM), Identity and Access Management (IAM), and Public Key Infrastructure (PKI) management.
Axidian will be exhibiting at booth number H2.H31 at Black Hat MEA, and its participation comes as Saudi Arabia accelerates its digital transformation, with rapid advancements in technology driven by the country’s Vision 2030 initiative. As organizations in Saudi Arabia adopt new technologies, maintaining robust IT security has become critical.
Axidian views Black Hat MEA as a pivotal platform for advancing innovation within Saudi Arabia’s tech industry. The event not only raises awareness of modern security solutions but also encourages local organizations to adopt the latest technologies, ultimately fostering a culture of cybersecurity excellence and innovation in the Kingdom.
“Black Hat MEA plays a key role in driving the adoption of progressive security tools in Saudi Arabia. It’s an excellent forum for showcasing advanced technologies and building partnerships that contribute to the growth of the local tech ecosystem. We are proud to contribute to the country’s growing cybersecurity landscape and support the Kingdom’s Vision 2030 goals”, Georgy Ovanesyan, CEO of Axidian, highlighted.
Axidian is committed to expanding its footprint in Saudi Arabia and aligning with the country’s long-term technological goals. The company is already working with leading organizations across the Kingdom, providing tailored identity security solutions that meet local regulatory requirements and business needs. Axidian plans to establish a branch in Saudi Arabia, reinforcing its dedication to local business development and expanding its network of partners. Axidian is focused on supporting Saudi Arabia’s Vision 2030 and its aspirations to become a global leader in technology and innovation.
The vision shared by Axidian’s CEO, Georgy Ovanesyan, “As Saudi Arabia continues to evolve as a global tech hub, organizations must stay vigilant in the face of increasing cybersecurity threats. At Axidian, we specialize in identity security, and our participation at Black Hat MEA allows us to demonstrate how our solutions help businesses mitigate these risks. We are especially excited to unveil Axidian Shield, a pioneering Identity Threat Detection and Response (ITDR) solution, which is poised to transform the way organizations protect user identities. Another thing that we observe in the region and the industry is that having a reliable product or the most advanced technology is vital but it is not enough. That is why Axidian provides training, consulting, implementation and support as a part of our recent initiative called Axidian Academy. We understand that to use the product efficiently organisations have to create the infrastructure for it, implement it and support it.”
The launch of Axidian Shield marks a major milestone for the company as it expands its presence in the Middle East, a region that is experiencing significant growth in the cybersecurity sector. With its ability to detect and respond to credential-related attacks, adaptive multi-factor authentication (MFA), and enhanced protection beyond traditional MFA methods, Axidian Shield is designed to integrate seamlessly into existing infrastructures while minimizing disruptions to business processes.
At the event, Axidian will also showcase its thought leadership with daily presentations at its booth (Stand # H2.H31). Key spokespeople, including Georgy Ovanesyan (CEO), Anna Surovova (Head of Global Sales and Partnerships), and Kirill Bondarenko (Regional Sales Director), will present insights on global and regional trends in cybersecurity, the importance of identity security, and the evolving threat landscape. These presentations aim to provide attendees with a deeper understanding of the challenges organizations face and how Axidian’s solutions can help mitigate those risks.
In addition to product showcases and presentations, Axidian is using the event as an opportunity to expand its network of strategic partnerships. The company is engaging with potential partners to strengthen its regional presence and explore new collaborations, furthering its commitment to supporting cybersecurity initiatives across the Middle East. As a global company based in UAE Axidian is growing its footprint not just in its local region but also globally. The company has surpassed 150 partners across 25 countries, serving over 100 customers in sectors including banking, government, telecommunications, IT, and more.
-
Cyber Security5 days ago
Positive Technologies and MCS Join Forces as MEA Cyber Threats Surge
-
Cyber Security5 days ago
ESET Unveils Security Integrations with Major Vendors
-
Expert Speak5 days ago
Advanced Cyberthreats Targeting Holiday Shoppers, Says Fortinet
-
Cyber Security2 days ago
OPSWAT and TCC Partner to Secure Saudi Arabia’s Critical Infrastructure
-
News2 days ago
Tenable Forecasts Cloud Data Security to Lead as AI Accelerates in 2025
-
Cyber Security1 day ago
Here’s How Smart Devices are Eroding Privacy and Security
-
Market Research18 hours ago
AI to Power Over Half of Cyberattack Techniques Soon, Says Positive Technologies
-
News1 day ago
NetApp Names Suhail Hasanain Regional Senior Director for MEA