Intelligent CIO Middle East Issue 47 | Page 25

//////////////////////////////////////////////////////////////////// second most targeted country in the world for cybercrime, costing the Emirates an estimated US$1.4 billion per year. Evidently, there Hassan El- is a strong need Banna, Business for organisations Development to implement risk Manager, META, Genetec assessment. Risk assessment tests should be conducted on a recurring basis in order to catch vulnerabilities, inefficiencies and non-compliances with standards for security policies. If an organisation does not assess and manage risks, they are vulnerable to attacks. Today, technologies are continuously evolving so your organisation must assume that cyberattacks will evolve too. Taking time to implement a cybersecurity risk assessment to educate your workforce and prevent malicious attacks is vital. in the Middle East alone has reached US$4.94 million. In addition, cyberattacks are now targeting IOT devices such as video surveillance, access control, alarms and communications. According to industry analyst firm, Gartner, by 2020 more than 25% of cyberattacks in enterprises will involve IoT devices. And yes, that includes the very devices that are supposed to help keep us safe. That alone could give businesses a false sense of security. Rajesh Ganesan, Vice President – ManageEngine Of course, every region has its own set of cybersecurity threats and challenges and hence has to formulate a specific plan to manage cyber-risks based on their financial, political and cultural demographics. For example, the relatively high concentration “ THE RELATIVELY HIGH CONCENTRATION OF OIL AND GAS COMPANIES IN THE GCC REGION MAKES THEM AN EXCLUSIVE TARGET FOR HACKERS LIKE ORGANISED RANSOMWARE GROUPS. become one of the most digitally connected. In the same vein, while the states are trying to bring about legislative measures to counter cyberthreats, arriving at a common technical and legal framework and implementing it across the region has been a challenge. This has a profound impact on the companies of the region too. Cyberattacks are no longer simply a technology issue. They affect the entire business and can have a huge financial impact on an organisation. The costs can include cleaning up and restoring a network as well as re-establishing trust with partners and customers alike. According to a 2017 research study conducted by the Ponemon Institute, the average cost of a data breach TAKING TIME TO IMPLEMENT A CYBERSECURITY RISK ASSESSMENT TO EDUCATE YOUR WORKFORCE AND PREVENT MALICIOUS ATTACKS IS VITAL. “ TRENDING Rajesh Ganesan, Vice President – ManageEngine of oil and gas companies in the GCC region makes them an exclusive target for hackers like organised ransomware groups. Due to the enormity of the financial and operational impact it can make, such groups work with high levels of motivation to leverage the same type of attacks across multiple companies. To combat this, companies must get their act together and learn from each other to build strong layers of security. Similarly, the GCC countries are also some of the pioneers of having digitisation as an important government policy which is driving the entire region to And the cultural aspect plays a critical role too as the GCC region has been most welcoming to many expats, who in fact outnumber the locals in some states. The multiculturalism brings many advantages but also paves way to multiple threats in the form of residents who are either temporary or have their own jurisdiction. It has been well-established that while the number of incidents because of insiders is always typically low, the consequence of any insider attack has always been enormous and catastrophic. Bringing together people of varied culture and approach to handling sensitive business information is a top challenge in any company’s list. While technologies evolve very fast, the adoption is caught up globally, fairly easily, and the application of technology is getting to be standardised. In addition to standard information security procedures, CISOs should also focus on the strong regional factors that could pose strong cybersecurity threats. n INTELLIGENTCIO 25