Intelligent CIO Middle East Issue 34 - Page 68

CASE STUDY Here we speak to Wahid S Hammami, Information Technology Consultant and CIO at Ministry of Energy, Industry and Mineral Resources. What are the main security considerations in the region right now? The biggest threat posed by cybercriminals in the region today is their ability to remain undetected in the network for months, once they have bypassed perimeter defences. Closing this detection gap is critical for defending against an attack. The reality is that any organisation can be a target of information theft and ransomware attacks. In Saudi Arabia, financial institutions, governments and the energy sector are especially targeted due to their wealth of official information and personal data. Often, the attacks are extremely sophisticated and specifically targeted to increase the chances of success. Organisations in these industries need to invest in solutions that efficiently detect and respond to advanced attackers that breach their traditional security controls. Moreover, we in the Ministry of Energy, Industry and Mineral Resources are one of the highest Ray Kafity, Vice President, META, Attivo Networks DECEPTION TECHNOLOGY HAS BEEN CRITICAL FOR MITIGATING THE RISKS ASSOCIATED WITH THESE TARGETED ATTACKS. targeted agencies in the kingdom, due to multiple factors such as government data, energy, and minerals etc. How are you aiming to overcome these cybersecurity arrangements? Our aim is to detect attacks at an early stage to break the cycle and implement 68 INTELLIGENTCIO an effective actionable response. New technologies like deception-based threat detection are one of the techniques and investments we adopted to close the security gap and strengthen our overall defences. We chose the Attivo Networks ThreatDefend solution because it easily aligns with our business processes and other security controls to equip the ministry with post-breach early threat detection, accelerated cyber incident response and vulnerability visibility for attack prevention, thereby providing an additional and essential line of defence. Is there one security threat you are particularly concerned about? We are particularly concerned about targeted attacks, which are growing more sophisticated and numerous with every passing day. The energy sector is among the top five most targeted industries globally, and many organisations in this sector fear disruptive attacks regardless of whether they originate internally or externally. Deception Technology has been critical for mitigating the risks associated with these targeted attacks and has provided early and accurate detection so that we can promptly remediate in-network threats. n