Digital technology experts on Monday called for increased efforts to combat the growing threat of cyberattacks in the Middle East and North Africa (MENA) region. Delegates attending a major international conference on the issue, being staged in the Saudi capital, were told that education and awareness were critical to strengthening the cybersecurity culture.
Opening the 7th edition of the MENA Information Security Conference in Riyadh, VirtuPort CEO Samer Omar stressed the importance of this year’s meeting in helping to tackle the “unprecedented challenges” currently facing the data sector.
“The conference will play an integral role in sustaining the communications between senior information security professionals in the MENA region, and contributing to strengthening the necessary cybersecurity culture such as compliance, legislation, governance and cloud security,” he said.
Under the title “Cyberspace, The New Frontier: Deception, Orchestration and Blackholes,” the conference will address how deception technology has greatly improved by being active in luring and baiting attackers to deception environments and creating decoys.
Speaking exclusively to Arab News, Omar said: “The conference is part of VirtuPort’s efforts to deliver cybersecurity through leadership. We are strong believers that the way to make change in cybersecurity is to change people by bringing them together, sharing information and creating a unique experience so that attendees truly benefit and take something back that is actionable in their workplace.
“We also combined it (the conference) with our sister offering called Cyber Saber Hackathon. This is our educational component combined with entertainment to create a complex and advanced smart city which models the real world we are living in with smart devices, IoT (the Internet of Things) and the risks to those devices if they are not secured correctly,” he added.
Hackathon attracted students from throughout Saudi Arabia to try their skills at hacking and defending a model smart city with the aim of developing offensive and defensive capabilities for positive use, Omar said. “By doing this we hope that the students will look over to the conference and find professionals, make good careers and do things in the right way.”
On the growing threats to cybersecurity, Omar said: “There is no such thing as 100 percent security, or 100 percent privacy. We have to understand that we live in a world where everything is being digitized and there is no silver bullet or absolute insecurity.
“However, when the proper controls, procedures and activities by the individuals responsible for securing and using data and transmitting it, is done correctly, you can achieve a very high percentage of reliability and security for your data, and privacy,” he added.
The technology chief said the challenges in cybersecurity were changing dramatically, which was why the conference’s training and technical sessions were important in refreshing
the knowledge of delegates.
Asked if cybercrime laws were strong enough, Omar said: “The cybersecurity regulations in Saudi Arabia are maturing every year. The Communications and Information Technology Commission (CITC) had regulations years ago that touched on cybersecurity and cyber-relevant rules and penalties that helped in dealing with it.”
The establishment of the Saudi National Cybersecurity Authority (NCA) was a critical and positive step in creating improved cybersecurity governance and standards, he added.
“I am very happy with the way that organizations like the NCA and the Saudi Federation for Cybersecurity, Programming and Drones are bringing Saudis together to tackle the issue and educate people.”
On social media, Omar predicted more regulation around data protection and privacy in the Kingdom. Saudi Arabia recently announced the establishment of an artificial intelligence (AI) and data management authority to protect the privacy of information.
Scott Manson, managing director of computer security firm McAfee, told Arab News there had been “amazing progress” in combating cybercrime through laws and regulation. He said education and awareness was extremely important in highlighting to users of social media apps the risks of attacks from hackers.
Speaking on deception-based threats, Bahi Hour, Attivo Networks’ SE director for the Middle East, Turkey and Africa, said that 87 percent of breaches took place in just minutes. Only 3 percent were discovered as quickly, while 68 percent of breaches took months or years to be discovered.
“Despite the misconception that deception is hard to deploy, the reality is machine learning, centralized management, and AI make this easy,” said Hour.
“Another widely held misconception is that deception won’t work against real attackers, but the reality is that accurate, realistic, and authentic deception technology can fool even the most experienced attackers.”
Hussam Abu-Rida, technical lead for Saudi Arabia at IT security firm Trend Micro, said that the increasing sophistication of threats had made it harder than ever for IT managers to protect their organizations.
Director of Cisco Customer Experience, David Williamson, said many companies remained hesitant about introducing automated processes and controls.
With 5G networks now entering markets around the globe, Lee Chen, founder and CEO of A10, said the most common challenge facing 5G technology was security.
SOURCE : ARABNEWS