COUNTRY FOCUS: BAHRAIN
organisations to prioritise Indicators of Warning (IOW) and Indicators
of Attack (IOA). To properly tackle cyberthreats, it is essential that we
give sufficient attention to all stages of the Cyber Kill Chain rather
than focusing on one segment alone. techniques and threats will help reduce the risk of malware or
compromised data.
Another way to help is to ensure that all organisations have DMARC
appropriately configured on their domains. DMARC stands for
Domain-based Message Authentication, Reporting and Conformance
and is fast becoming a global standard. The most worrying threat is when an organisation's system gets
compromised and can no longer be used (i.e Shamoon attack). This
is one of the most disruptive types of attacks because it can hold
the system down and the user has no control whatsoever. Another
example that is also worrisome is when a widespread breach
happens which causes one or more organisations to block their
systems temporarily. Though reversible, it is still destructive.
The effectiveness of this standard has also inspired the origination
of DMARC360, another one of my technology start-ups, with a
mission to ensure all organisations are DMARC compliant. Through
DMARC360, organisations are able to implement digital signatures
on their domains to avoid common email threats, including
impersonations (BEC), spoof emails and scams that damage an
organisation’s brand reputation.
What is the best way for companies to protect
themselves from phishing?
This has to be addressed in two parts. Firstly, through technology
to ensure organisations block all known ‘phish’ URLs. Secondly,
since cybercriminals are continually finding new ways to attack,
organisations should always expect that many attacks will reach
their staff, and the only real defence towards this is to train and
educate staff to be more vigilant. Conducting awareness sessions
and regularly updating your employees on the latest attack
50
INTELLIGENTCIO
What are the most worrying security threats in the region?
What advice would you give to CIOs, so they deliver an
effective multi-layered approach to security?
The best advice is to identify and fill gaps through a multi-layered
approach. More often than not, security teams focus more on one
layer and neglect the rest. The problem is sometimes, a particular
attack type arises which leaves security teams to focus on one layer
and completely lose sight of all other segments. It is best to ensure
that security is practiced in a balanced manner to have full visibility
and sufficient attention to all layers of security. To do this, it is crucial
that IT security, information security, and cybersecurity teams
collaborate and tackle threats together. Finally, put a stress on training
and educating all levels of staff on being more vigilant when it comes
to cybersecurity, this should include board members and executives as
they are highly targeted individuals. n
www.intelligentcio.com