Digitization initiatives have continued to be successful in the Middle East, and with the rapid adoption of digital technologies comes added and growing exposure to the risks of cyber-attacks. These attacks are growing in sophistication and have the potential to derail the progress and benefits of digitization.
Chief information security officers (CISOs) of organizations across the region play a significant role in navigating and mitigating these risks to ensure that the right strategic approaches are implemented to safeguard digital assets.
Cisco's CISO Advisory experts are sharing key topics to keep in mind when CISOs prepare to reduce threats this year:
Getting the Basics Right
The role of a CISO has become all the more challenging. In addition to a scarcity of resources, there are more sophisticated attacks, more challenges to effective communication with the board and more demanding regulations being implemented rapidly within the region.
With so much to consider, it is vital that CISOs have a clear understanding of the core elements of what they protect. Questions like “where is the data?”, “who is accessing it?”, “what applications is the organization using?” and “where and what is in the cloud?” will continue to be asked, with an overriding need to make management of the security function more flexible and simpler for the user. This visibility will also inevitably help with quicker decision-making and lower operational overhead when it comes to regulatory compliance.
Increasing Demands From Insurers
Cyber insurance or coverage plays an increasingly vital role in risk management strategy in the Middle East. Even though a new and rapidly evolving topic, as it stands, cyber insurance provides financial protection that enables innovation and risk-taking in digitization. The subject will continue to be in focus this year, with insurers demanding greater attribution, which can be defined as the science of identifying the perpetrator of a cybercrime by comparing the evidence gathered from a recent attack with that gathered from earlier attacks that have been attributed to known perpetrators. Greater preparation and crystal-clear clarity of the extent to which attribution has taken place when negotiating contracts will be an essential element for CISOs going forward.
How Zero Trust Will Progress
Zero-Trust implementations, while being the most secure approach a firm can take, are long journeys that can take multiple years for major enterprises to carry out. It is therefore vital that they start with the intention of continuing. This can be easier said than done, however, as, in many cases, the principles within Zero Trust fundamentally turn traditional security methods on their head, from protecting from the outside-in (guarding your company’s parameter against external threats) to protecting from the inside-out (guarding individual assets against all threats, both internal and external). This is particularly challenging for large enterprises with a multitude of different silos, stakeholders and business divisions to consider.
The key to success on a Zero-Trust journey is to set up the right governance mode with the relevant stakeholders and consistently communicate all changes.
Dealing With Ransomware
As it was last year, ransomware continues to be the main tactical issue and concern facing CISOs. More specifically, the uncertainty around when and how an attack could be launched against the organization is a constant threat.
CISOs will continue to keep a focus on the core basics to prevent or limit the impact of an attack and, again, have a closer look at how any ransomware payment may or may not be paid and who will authorize payment.
From Security Awareness to Culture Change
Traditionally, CISOs have discussed the importance of improving security awareness, a focus that has resulted in the growth of those test phishing emails. There is increased conversation now about the limited impact of this approach.
For the most effective security awareness, culture is key. This means that everyone should see themselves as part of the security team, like the approach that has been taken when navigating the issue of safety in many high-risk industries. CISOs this year will now be keen to bring about a change to a security culture by making security inclusive, looking to create security champions within the organization, and finding new methods to communicate the security message.
Resignations, Recruitment and Retention
With hybrid work becoming the norm, not having flexible infrastructure can deter the best talent from joining or staying within an organization. Overly restrictive security practices burdensome security with too many friction points and limitations around resources and tools can all contribute to this factor.
CISOs don’t need that extra worry of being an additional cause of “brain drain.” So, security will need to focus on supporting the flexibility and the ease of user experience; this can include passwordless or risk-based authentication.
Don’t Sleep On the Impact of MFA Fatigue
Just when we thought it was safe to go back into the organization with multi-factor authentication (MFA) protecting us, along come methods of attack that rely on push-based authentication vulnerabilities, including:
• The barrage of push notifications: Multiple successive push notifications can bother a user into accepting a push for a fraudulent login attempt;
• Push Fatigue: Constant MFA means users pay less attention to the details of their login, causing a user to accept a push login without thinking.
In the coming year, CISOs will look to update their solutions and introduce new ways to authenticate while increasing their communications with users on the topic.