FEATURE: MULTI-LAYERED SECURITY
ABOUT
Rabih Dabboussi is Managing
Director for Cisco in the UAE.
As the General Manager of Cisco
UAE, Rabih leads all areas of Cisco’s
business across the UAE. Rabih’s
responsibilities also include driving
and forging close relationships
with the government and ensuring
that Cisco’s business objectives and
goals are closely aligned. With a key
focus around smart and connected
communities, Rabih is helping to drive
Cisco’s Smart City strategy in the UAE
as well as in the wider Middle East
region as a whole.
Rabih joined Cisco in 1996 in Re search
Triangle Park, NC, as a development
engineer. He worked on Cisco’s
flagship Internetworking Operating
System (IOS) development on Cisco’s
core routing platforms for six years,
before spending a further six years
in a worldwide customer-facing
and consultancy role in the ServiceProvider Technology Group’s Mobile
Business Unit.
Along his journey, Rabih has achieved
several US technology patents that
have helped differentiate Cisco’s
products and solutions, and has lived
and worked in the US, Europe, Asia
and the Middle East.
Rabih holds a BS in Computer Science
from North Carolina State University.
awareness, and then analysing it
continually to surface IoCs that would
otherwise go unnoticed. With these
IoCs, we can prioritize events and stop
threats sooner, hopefully before much
damage is done, essentially providing
an ‘early warning system’ for unknown
cyber attacks.
In the Middle East, integrated threat
defence provides better and faster
protection at multi-gigabit speeds –
before you have a known signature,
before valuable data is stolen and
before a third party discovers and
alerts you to the breach. And it does
so while simplifying an organisation’s
security architecture with fewer
security devices to manage and
deploy. By gaining full contextual
42
INTELLIGENTCIO
awareness that is continuously
updated, defenders can assess all
threats, correlate intelligence, and
optimize defences.
There are other aspects of joining
forces, besides integrating security
functions. At the industry level,
open source is a valuable tool for
defenders in the Middle East as they
rapidly innovate to close security
gaps and gather great intelligence
about potential threats. New open
standards and efforts to create, share
and implement custom application
detection and custom IoCs empower
defenders to further reduce the attack
surface and better identify anomalous
behaviour. The ability to share realtime threat intelligence and protection
across a community of users is another
prime example of working together for
greater security effectiveness.
IT IS IMPORTANT
TO CONSIDER THE
EXPLOIT PATHS TAKEN
BY ATTACKERS AND
MALWARE WHEN YOU
THINK OF LAYERED
SECURITY. MOST OF
THE ATTACKS START
WITH A TARGETED
PHISHING ATTACK
AGAINST A USER AND
WHEN THE USER FALLS
FOR IT, THE ENDPOINT
GETS AFFECTED
When developing or refining their IT
risk management strategy, IT groups
in the Middle East should focus on
the following three important security
enforcement points in particular:
Internet Use Protection
• Protect resources from the spread
and execution of viruses, worms, and
Trojans.
• Verify user credentials and system
security posture.
• Control user access to specific
applications or other system
resources.
• Prevent the introduction of threats
to the infrastructure from trusted
computers by enforcing endpoint
security policies.
Attack and Intrusion
Protection
• Control access to servers and
applications containing sensitive
information.
• Assure application and user data
transmissions are in conformance
with application access rules and
protocols.
• Monitor transmissions for end
system vulnerability exploitation
attempts.
• Prevent intrusions to servers,
www.intelligentcio.com