FEATURE : CYBERSECURITY
“ That priority is the protection of corporate data – including personally identifiable information – that is leaving the corporate infrastructure . This could be due to remote workers , new cloud-based SaaS solutions required for Business Continuity due to COVID-19 and even vendors working remotely since on premise contract work was no longer feasible ,” he said . “ Therefore , the biggest challenge for CIOs this year was and continues to be , the plethora of new data leaving the organisation for any and every reason and how to track and protect it from threat actors including the unintentional insider abuse , outside of the corporate perimeter .”
With cybersecurity taking centre stage in many organisations in MEA industry experts highlight pitfalls CIOs and CISOs should avoid .
Mahmoud Samy , Vice President and Managing Director – EMEA Emerging Markets and Eastern Europe , Forcepoint , said remote work has shifted the Edge to the users . “ The top priority must be to protect this edge and avoid any security gaps as outlined above . One way to do this is through comprehensive Security-as-a-Service ( SaaS ) platforms . Forcepoint uses cloudbased security platforms that use behaviour analytics to understand human behaviour to proactively detect risk and secure data and IP . As mentioned , these incorporate both CARTA and SASE approaches as industry best practices ,” he said .
Penel added that the role of the CIO is rapidly changing in many organisations . “ There is not a business strategy in organisations that does not involve some technology aspect and digital innovation ( DI ) is often the primary ingredient underlying the business initiative . The CIO is no longer an operational executive , but an orchestration executive . In a rapidly evolving marketplace , creating new approaches to product development , customer engagement and operations can mean the difference between success and failure for the company ,” he said .
Aside from the pitfalls CIOs and CISOs should prevent , the skills challenge in the cybersecurity space and IT industry in general continues to be a huge problem in the Middle East and Africa market .
John Mc Loughlin , CEO , J2 , said : “ It is real and it is a real challenge . The reality is that while the shortage is real , nobody is doing anything to fix it . Business expects to find people with 5 to 10 years ’ experience in a wide range of areas , but are not willing to invest in junior skills and nurture the talent up the ladder . When you do not adopt this approach what happens is the few senior people who are available become overworked and are expected to do it all , this in turn results in them moving elsewhere .”
Mc Loughlin said good cybersecurity people love to share their knowledge and skills to those who are still learning and thrive in an environment that encourages learning , mentorship and open communication . “ The right mix of junior and senior people will organically provide you with a thriving ecosystem of security professionals .”
Assad Arabi , Managing Director – Gulf Cluster , Trend Micro , agreed with Mc Loughlin and pointed out that the cybersecurity skills challenge is significant and Trend Micro takes a multi-layered approach to support the cybersecurity industry skills shortage . “ We recruit and train cybersecurity professionals and build enhanced automation in our products and services for detection and response to take the pressure off stretched IT security teams . Trend Micro is empowering empowering talented individuals to strengthen their skill sets in crucial areas . For example , Trend Micro and CyberTalents are currently hosting our sixth annual Oman Capture the Flag ( CTF ) Competition in the Arab World , which provides hands on experience to nurture the talent of more cybersecurity professionals . Regional winners advance to the global finals on the weekend of December 18 2020 ,” he said .
Arabi said the Trend Micro Academy for Cybersecurity , which is expanding across the MENA region , is a two-year long certification programme that is intended to address the shortage of local expertise in IT security and related disciplines .
Given that most organisations are promoting remote working and adopting hybrid work models , CIOs and CISOs need to design robust strategies when developing a comprehensive cybersecurity plan .
Fortinet ’ s Penel said transitioning most or all of an organisation ’ s employees to remote work creates significant security challenges for any organisation .
He said that an organisation ’ s Business Continuity plan should take these challenges into account and include solutions to address these new risks .
“ The first step in a secure telework strategy is ensuring that remote workers have the ability to connect securely to the enterprise network . There are challenges both in securing remote connectivity and in maintaining user productivity over the remote connection . These have to do with the home networks , the users themselves and the network equipment at the corporate office ,” he noted . “ Key considerations must include the fact that one size does not fit all and security protocols must be set based on individual roles and user types such as general workers , power users and super users .” • www . intelligentcio . com INTELLIGENTCIO
53