< Previous30 edge_april 2024 feature architectures, heightened focus on end-user device security, and increased awareness and training to combat evolving threats,” explains Baltagi Artificial intelligence has revolutionised cybersecurity, enabling sophisticated threat detection while presenting new challenges from adaptive adversaries. Baltagi emphasises on agility and adaptability. He believes organisations must invest in cybersecurity awareness, adopt zero-trust approaches, and fortify incident response plans. Quantum computing poses both opportunities and challenges, with the potential to disrupt encryption methods while offering unparalleled security through quantum encryption technologies like QKD. The rise of AI and machine learning for threat detection and automated responses, alongside investments in zero-trust architecture and supply chain security, reflects the evolving cybersecurity landscape. Strengthening compliance with global data protection laws underscores the imperative of prioritising privacy and security in the digital age. NICOLAI SOLLING CHIEF TECHNOLOGY OFFICER AT HELP AG Nicolai Solling’s journey into technology began at a young age, sparked by his first encounter with a PC at just 6 or 7 years old. While his peers were immersed in gaming systems, Nicolai explored the possibilities of an X86 system with a monochrome amber screen—a marvel of its time, now a relic in IT history. His fascination with technology grew rapidly, leading to his first paid job in the industry at 16, alongside his secondary education. Over the years, his interest in cybersecurity blossomed, initially the criticality of identity security, challenges posed by AI-powered deepfake technology, the human factor in cybersecurity breaches, managing AI risks, and the vulnerability of the supply chain. Each trend underscores the need for organisations to prioritise cybersecurity training, enforce policies to mitigate AI risks, and fortify supply chain security against emerging threats. As cyber threats evolve, proactive measures are imperative to safeguard against potential breaches and data compromises. NED BALTAGI MANAGING DIRECTOR – MIDDLE EAST, TURKEY AND AFRICA, SANS INSTITUTE Throughout Ned Baltagi’s career, he has championed innovation and leadership in technology and entrepreneurship, driven by a lifelong fascination with computers, coding, and automation. “Early on, I foresaw their potential to revolutionise business and improve lives. A pivotal moment arrived in the early ‘90s when I undertook the pioneering MCSE exams, positioning me as an early adopter in the field. Subsequent roles at leading firms like Sprint Paranet and Compaq Computer Corporation, which later merged with HP, honed my problem-solving skills and deepened my understanding of complex systems,” says Baltagi. Transitioning into entrepreneurial ventures, Baltagi founded successful startups across fintech, machine learning, and AI, spanning continents from the United States to the Middle East and Africa. “My journey led me to the SANS Institute, where I focused on advancing cybersecurity across diverse sectors, supporting Fortune 100 companies in their security endeavours,” adds Baltagi. The pandemic accelerated digital transformation, amplifying the importance of cybersecurity. “We’ve witnessed a shift towards zero-trust Ned Baltagi, Managing Director – Middle East, Turkey and Africa, SANS Institute Nicolai Solling , Chief Technology Officer, Help AGedge_april 2024 31 feature focusing on network security and later expanding to include a deeper understanding of threat actor motivations. Now, three decades later, cybersecurity remains Nicolai’s lifelong passion, albeit in a more vibrant digital landscape. He emphasises the importance of three fundamental principles—confidentiality, integrity, and availability—in navigating the complex world of digital security effectively. The post-pandemic era has ushered in a significant transformation in cybersecurity, marked by decentralisation and remote work. With the widespread adoption of remote work, organisations face new challenges in protecting dispersed systems and data. “In this decentralised environment, identity authentication has emerged as a critical security measure. As attackers target remote systems and workers, robust identity authentication becomes essential for safeguarding data integrity and security,” says Solling. Artificial intelligence has revolutionised the economics of cyberattacks, making sophisticated phishing campaigns more accessible and cost- effective for malicious actors. However, AI also serves as a crucial tool for cyber defenders, enabling proactive threat detection and response. In 2024, integrating an identity fabric framework and prioritising AI ethics and data privacy are essential for organisations. This unified approach, coupled with AI-driven cybersecurity tools, allows for proactive threat mitigation and compliance with evolving regulatory frameworks. Addressing the cybersecurity skills gap and preparing for the impact of quantum computing are also crucial steps for securing future digital assets. By adopting a strategic approach that encompasses these elements, organisations can establish a robust defence against the multifaceted cybersecurity challenges of 2024, ensuring their resilience in an ever-changing threat landscape. SAMEER BASHA LEAD SECURITY CONSULTANT, GCC, CHECK POINT SOFTWARE TECHNOLOGIES On completing his bachelor’s degree in electronic and communication, Sameer Basha joined a Cybersecurity System Integrator as an IT Security Engineer, starting as an Implementation Engineer and later transitioning into the role of a Product Specialist. “After four fulfilling years, I moved to a government organisation as a Senior Officer in Information Security. I played a pivotal role in migrating the organisation to a secure infrastructure and focusing on risk management, aligning business requirements with cybersecurity measures,” says Basha. With valuable insights gained over another successful four-year period, Basha joined Check Point Software Technologies as a Security Consultant, where he spent the last five years understanding customer business security goals and facilitating their achievement. This 14-year journey has been immensely gratifying, allowing him to collaborate with industry leaders, navigate challenges, and appreciate the significance of teamwork in transforming challenges into successes. Professionally, it has shaped Basha into a proactive and responsible individual, extending cybersecurity principles to his personal life. The pandemic drove a significant business evolution through digital transformation, elevating business risks and prompting a thorough overhaul of the cybersecurity domain. Although the pandemic has ended, the transformations it initiated are poised to persist indefinitely, enhancing dynamism and resilience in the cybersecurity space. Artificial intelligence has revolutionised cybersecurity, enhancing detection accuracy, reducing false positives and negatives, bridging the cybersecurity skill gap, and improving operational efficiency. However, it has also empowered malicious entities, sparking an AI race against nefarious actors. To counter evolving threats effectively, the cybersecurity sector must accelerate AI integration to maintain a proactive stance in the rapidly evolving digital landscape. Staying updated on the threat landscape, controlling AI tool adoption, monitoring edge devices, mitigating cloud and SAAS application risks, evaluating SASE philosophy, and reinforcing defence in depth strategy are crucial steps organizations must take. “Ransomware will remain a major threat, with attackers exploiting email and web vectors. Hence, organizations must prioritise user awareness and innovation in engaging and conducting regular training sessions.” Sameer Basha , Lead Security Consultant, GCC, Check Point Software Technologies feature 32 edge_april 2024 The dual edge of artificial intelligence A deep dive into cybersecurity’s new frontier AI By Sindhu V Kashyap edge_april 2024 33 feature O ver $25 million, is what cost a multinational firm based out of Hong Kong, after one of its employee’s was tricked by a deepfake video of the company’s Chief Financial Officer. The employee, who worked in the company’s finance department, believed the video call to be real. But here is the catch. The email had clues of the potential fraud; it told the employee that the session would be about a secret transaction. The idea of these frauds is to get people to act fast and transfer funds by stating urgency. While the employee had his doubts, the people on the video looked and sounded just like his colleagues. And that is where deepfakes come in. Today, organisations are grappling with the complexities of defending against ever-evolving cyber threats, and in this the role of generative AI (GenAI) has become increasingly central in shaping the future of cybersecurity strategies. It is a dual-edged sword defence mechanisms to empowering malicious actors, AI’s dual nature poses intricate dilemmas for cybersecurity professionals tasked with safeguarding sensitive data and critical infrastructure. “At the crux of the AI revolution lies a fundamental dichotomy,” observed Michael Schwarz, Chief Economist at Microsoft, during the World Economic Forum. “While AI holds immense potential for driving productivity and innovation, its susceptibility to exploitation by malicious actors poses a formidable challenge for cybersecurity professionals.” Morey Haber, Chief Security Advisor at BeyondTrust, elucidates the multifaceted risks inherent in AI’s rapid evolution. “The proliferation of AI technologies has enabled the rapid development of code, including malicious components that pose significant threats to organisational security,” notes Haber. “While commercial AI engines may be constrained from generating full-fledged malware, their capacity to produce nefarious components necessitates robust governance frameworks to mitigate potential risks.” Chris Boyd, Staff Research Engineer at Tenable, underscores the nuances of AI-driven malware development. “AI may streamline certain aspects of malware creation, but its efficacy hinges on the expertise required to execute successful attacks,” explains Boyd. “Novice attackers armed with AI- driven tools can pose a formidable threat, emphasising the imperative of proactive cybersecurity measures.” “AI-powered malware variants continuously mutate code to evade detection by traditional antivirus solutions, perpetuating a cat- and-mouse game between attackers and defenders”34 edge_april 2024 In response to the escalating threat landscape, organisations are grappling with the imperative to fortify their defences against AI-enabled cyber threats. Kalle Bjorn, Senior Director of Systems Engineering at Fortinet, emphasises the critical importance of adaptive governance frameworks to mitigate AI-related risks. “The weaponisation of AI has amplified the sophistication of cyber threats, necessitating stringent controls to ensure responsible AI usage,” says Bjorn. “Organisations must proactively safeguard against malicious exploitation while harnessing AI’s transformative potential in bolstering cybersecurity defences.” Ezzeldin Hussein, Regional Senior Director of Sales Engineering at SentinelOne, delves into the evolving tactics employed by cybercriminals. “AI- powered malware variants continuously mutate code to evade detection by traditional antivirus solutions, perpetuating a cat-and-mouse game between attackers and defenders,” notes Hussein. AI-driven phishing attacks leverage natural language processing to craft highly convincing messages, posing a formidable challenge to email security protocols. Considering these challenges, organisations are increasingly turning to AI-powered solutions to bolster their cybersecurity posture. Ram Narayan, Country Manager at Check Point Software Technologies, underscores AI’s pivotal role in threat feature detection and analysis. “AI-powered cybersecurity systems excel at identifying anomalies and detecting previously unseen attack patterns, empowering organisations to proactively mitigate potential risks,” says Narayan. “By leveraging machine learning algorithms, organisations can bolster their defence mechanisms against emerging threats.” Ben Gelman, Senior Data Scientist at Sophos, highlights the symbiotic relationship between human analysts and AI-powered security solutions. “AI augments human capabilities in threat detection and analysis, enabling security personnel to focus on critical areas where human intervention is indispensable,” explains Gelman. “However, cybersecurity must remain a priority at all levels of an organisation, with regular education and a culture fostering awareness.” To effectively address the multifaceted challenges posed by AI-driven cyber threats, organisations must adopt a holistic and proactive approach to cybersecurity. Several key factors play a crucial role in ensuring comprehensive cybersecurity. Implementing stringent controls and governance frameworks is essential to ensure responsible AI usage and mitigate the risks associated with AI- driven cyber threats. Organisations must establish clear policies and procedures governing the development, deployment, and usage of AI technologies to safeguard against malicious exploitation. “Governance frameworks are critical in mitigating the risks associated with AI-driven cyber threats,” affirms Haber. “By establishing clear policies and procedures, organisations can ensure responsible AI usage and mitigate the potential Weaponising AI, has amplified cyber threatsedge_april 2024 35 feature risks posed by AI-enabled attacks.” Cybersecurity awareness and education programmes are vital for fostering a culture of security within organisations. Regular training sessions and awareness campaigns can empower employees to recognise and mitigate potential cyber threats, reducing the likelihood of falling victim to AI-driven attacks such as phishing and social engineering scams. “Education and awareness are key components of a robust cybersecurity strategy,” says Gelman. “By equipping employees with the knowledge and skills to identify and mitigate cyber threats, organisations can strengthen their overall security posture.” Traditional cybersecurity measures alone are insufficient to combat the evolving tactics employed by cybercriminals leveraging AI. Organisations must invest in adaptive defence mechanisms that leverage AI-powered solutions for threat detection, analysis, and response. By continuously adapting to emerging threats, organisations can stay one step ahead of cyber adversaries. “Adaptive defence mechanisms are crucial in mitigating the evolving threat landscape,” explains Bjorn. “By leveraging AI-powered solutions, organisations can detect and respond to emerging threats in real-time, thereby enhancing their overall cybersecurity resilience.” Collaborative intelligence sharing initiatives play a crucial role in enhancing cybersecurity resilience across industries. By sharing threat intelligence and best practices, organisations can collectively identify and mitigate emerging cyber threats, bolstering the overall cybersecurity posture of the ecosystem. “Collaborative intelligence sharing is essential in combating cyber threats,” states Hussein. “By sharing threat intelligence and best practices, organisations can strengthen their defences against AI-driven cyber-attacks and enhance their overall cybersecurity resilience.” Compliance with regulatory requirements and adherence to industry standards are essential aspects of effective cybersecurity governance. Organisations must ensure compliance with relevant data protection regulations and industry standards, implementing robust security measures to protect sensitive data and mitigate the risk of regulatory penalties. “Regulatory compliance and standards adherence are critical in ensuring data security and privacy,” emphasises Narayan. “By adhering to regulatory requirements and industry standards, organisations can protect sensitive data and mitigate the risk of regulatory penalties.” Proactive risk management practices are essential for identifying and mitigating potential cybersecurity risks before they escalate. Regular risk assessments, vulnerability scans, and penetration tests enable organisations to identify and prioritise security vulnerabilities, implementing remediation measures to mitigate potential risks effectively. “Proactive risk management is key to staying ahead of cyber threats,” affirms Boyd. “By conducting regular risk assessments and vulnerability scans, organisations can identify potential security weaknesses and implement proactive measures to mitigate risks before they are exploited by malicious actors.” Investment in advanced cybersecurity technologies, including AI-powered solutions, is crucial for staying ahead of evolving cyber threats. By leveraging AI-driven technologies for threat detection, analysis, and response, organisations can enhance their cybersecurity resilience and adaptability in the face of increasingly sophisticated cyber-attacks. “Investing in advanced cybersecurity technologies is essential for bolstering defences against AI-driven cyber threats,” states Bjorn. “By leveraging AI-powered solutions, organisations can detect and respond to emerging threats with greater efficiency and accuracy, thereby strengthening their overall cybersecurity posture.” As organisations navigate the complexities of AI- driven cyber threats, a proactive and comprehensive approach to cybersecurity is paramount. In today’s rapidly evolving threat landscape, organisations must remain vigilant and proactive in their cybersecurity efforts. By adopting a holistic approach leveraging the transformative potential of AI-powered solutions, organisations can stay ahead of cyber threats and safeguard their critical assets against emerging security challenges.” Cybersecurity awareness, are vital for fostering a culture of securityfeature 36 edge_april 2024 weaving intricate webs of deceit that ensnare even the most discerning individuals. In the corporate arena, the stakes are particularly high, with these scams posing a significant threat to businesses across industries. The vulnerability of employees to these schemes in an era defined by remote work and virtual collaboration underscores the critical need for robust cybersecurity protocols and comprehensive training initiatives. Consider the recent case of a prominent financial institution rocked by scandal when one of its top officials fell victim to a sophisticated scam, resulting in the embezzlement of millions of dollars. Such breaches not only erode trust among stakeholders but also expose organisations to legal and regulatory scrutiny, threatening their very survival in an unforgiving landscape. The financial implications of these romance based scams are equally dire, with fraudulent transactions draining company coffers and disrupting financial operations. The ripple effects of these scams extend far beyond the initial loss, encompassing the costs of investigation, remediation, and reputational damage. To mitigate these risks, businesses must adopt a multi-pronged approach to cybersecurity, integrating technological solutions with human vigilance. From advanced authentication protocols to AI-driven analytics, the arsenal of tools at our disposal must evolve in tandem with the ever-changing threat landscape. Morey Haber, Chief Security Advisor at BeyondTrust, offers valuable insights into the Cyber intrigue unveiled Exploring the depths of romance and approval phishing scams CYBERSECURITY By Sindhu V Kashyap I n the vast expanse of the digital realm, where the lines between reality and ‘virtuality’ blur, the insidious presence of several romance and approval phishing scams looms large, threatening the very fabric of online security. With $75 billion lost to these clandestine operations, the urgency to unravel their complexities and fortify our defences has never been more pronounced. In the interconnected web of digital interactions, these scams represent a sinister evolution of cybercrime and cryptocurrency frauds, all exploiting human vulnerabilities with surgical precision. As we navigate this digital wilderness, the need for heightened awareness and proactive measures becomes increasingly imperative. At the heart of these scams lies a delicate balance between technological sophistication and psychological manipulation. Cybercriminals, armed with an arsenal of tactics, prey on our innate desire for connection and validation, feature edge_april 2024 37 underlying mechanisms of approval phishing scams, drawing parallels to historical cyber threats while elucidating the nuances of contemporary social engineering tactics. His observations underscore the intricate interplay between human psychology and technological innovation, illuminating the path forward in our battle against digital deception. Reflecting on the evolution of digital fraud, Haber traces the origins of approval phishing scams to historical email viruses and social engineering ploys, highlighting the enduring appeal of exploiting human emotions for financial gain. In a landscape defined by perpetual innovation, the adaptability of cybercriminals remains a formidable adversary, requiring constant vigilance and ingenuity on our part. “Diving deep into the psyche of cybercriminals reveals a sophisticated understanding of human behaviour,” says Haber. “These scams thrive on exploiting our innate desires for connection and validation, creating a perfect storm of vulnerability in the digital realm.” Doros Hadjizenonos, Regional Director at Fortinet, delves into the prevalence and impact of these scams in the digital sphere, shedding light on the staggering statistics of financial losses and emotional trauma inflicted upon unsuspecting victims worldwide. His call for technological interventions and proactive measures resonates with a sense of urgency, urging industry leaders to rise to the challenge and confront the evolving threat landscape head-on. “Romance based scams have emerged as a global epidemic, preying on the trust and goodwill of individuals and organisations alike,” says Hadjizenonos. “To combat this pervasive threat, we must adopt a proactive stance, leveraging technology and education to empower individuals and fortify our defences.” Tony Zabaneh, Manager of Systems Engineering at Fortinet, echoes Hadjizenonos’s sentiments, however cautioning against over-reliance on AI solutions and emphasising the indispensable role of human vigilance in our defence against cyber threats. While technology may serve as a force multiplier, it is ultimately our collective awareness and resilience that will determine our success in thwarting sophisticated scams. In cryptocurrency fraud, Sean Gallagher, Principal Threat Researcher at Sophos, unveils the alarming sophistication and global reach of sha zhu pan scams, shedding light on the commodification of cybercrime “as-a-service.” His insights underscore the urgent need for collaboration and innovation in our quest to safeguard the digital frontier. “In the digital arms race, cybercriminals continually adapt and evolve their tactics to evade detection and exploit vulnerabilities,” says Gallagher. “To stay ahead of the curve, we must adopt a holistic approach to cybersecurity, combining technological innovation with human intelligence and collaboration.” Eric Jardine, Cybercrime Research Lead at Chainalysis, provides a sobering analysis of the rising prevalence of approval phishing scams and their far-reaching ramifications. His advocacy for user education and industry collaboration serves as a rallying cry for action, galvanising stakeholders to unite in our common pursuit of digital security. “Romance based scams exploit the fundamental aspects of human nature, leveraging trust and emotional manipulation to achieve their nefarious objectives,” says Jardine. “To effectively combat these threats, we must empower individuals with the knowledge and tools to recognise and resist manipulation, while also fostering a culture of collaboration and information-sharing within the cybersecurity community.” As digital interactions continue to shape our lives, the battle against romance based scams demands a collective effort, transcending boundaries of geography and industry. In a world defined by uncertainty and complexity, our ability to adapt, innovate, and collaborate will ultimately determine our success in safeguarding the digital realm for generations to come. The battle against scams, demands collective efforts “Romance based scams exploit the fundamental aspects of human nature, leveraging trust and emotional manipulation to achieve their nefarious objectives”opinion 38 edge_april 2024 T he Arab Gulf’s governments have their eyes fixed on prosperous futures. Through economic vision programmes, they continue to grow. To do so they rely upon critical infrastructure. If these facilities falter or collapse, economic growth grinds to a halt. And so, these systems, whether information technology (IT), operational technology (OT), or a mix, must be protected from a threat landscape that is also evolving. Any organisation that provides critical infrastructure will have cybersecurity and risk- mitigation strategies in place, but when budgeting for procurement it will be important to choose the right security partner — one who understands and aligns with the unique goals of the business. And your goals really are unique, determined by your size, industry, regulatory ecosystem, technology stack, talent pool, and more. Robust security requires that senior executives work closely and effectively with IT staff, security staff, and other department heads to ensure you can accurately communicate your unique requirements to cybersecurity providers — your core processes, recovery point objectives (RPOs), recovery time objectives (RTOs), and a range of risk factors identified through formal frameworks. And then there is procurement itself, consisting of a series of assessments, from the solution and By Rami Nehme, Regional Sales Director, OPSWAT Seven pointers to guide GCC critical- infrastructure providers to their ideal cybersecurity partner From understanding lifecycles, to understanding the business needs, and long term requirements, these pointers help you find the ideal cybersecurity partner CYBERSECURITY its capabilities to the vendor and all of its third- party risks. But much has changed in the global cybersecurity community over the past few years, so here are seven additional considerations that will help steer you towards the right solution — one that will protect your critical infrastructure from data breaches, malware infections, denial-of-service attacks, and more. 1. The solution’s lifecycle Functionality aside, the procurement team must be sure of certain milestones regarding the product that will protect critical infrastructure from threat actors. Release schedules for updates, end of sale, end of support, and end of life are some examples. Some of this information may preclude the purchase of the solution entirely while the rest is critical for business planning. 2. Services and support Integration of service with your existing team should be a priority. Just as the product must be a good functional fit, so should any service be a natural extension of your talent pool — reliable and backed by Service Level Agreements (SLAs) and Experience Level Agreements (XLAs). When an incident occurs, you need to be able to count on the availability and expertise of the solution provider.opinion edge_april 2024 39 3. Beware the fearmonger There is, unfortunately, a tendency to leverage the dread of an incident to make a sale. Cybersecurity salespeople may come at you with a lot of hyperbole to create a sense of urgency. By focusing on the solution being offered and having established your own requirements, you can ensure your decision is based on real-world facts and that your return on investment emanates from real risk reduction. 4. Be familiar with your metrics Your organisation’s operating goals, such as RTOs and RPOs, along with your budget, regulatory obligations, growth targets, and the ins and outs of your IT infrastructure, are data points that should be kept front of mind by your procurement team. These are the numbers that will lead to the best decisions because they will allow more detailed assessment of vendors. 5. Watch the cybersecurity market The cybersecurity industry is currently in the midst of market consolidation. While fewer vendors may seem like a welcome simplification of the procurement and support processes, they may also bring more risk during a major incident. Look for records of innovation among vendors. Is the company financially stable? What is its reputation? How open and interoperable is it? You should consider your organisation’s unique risk tolerance and ensure that the vendor you choose is one from which you can extricate yourself if it stops aligning with your needs. Some vendors are in aggressive acquisition mode to shore up their capabilities in a changing threat landscape. It is important to remember that this can impact pricing and limit your options with regard to integration and support. 6. Examine licensing structure Make sure that you thoroughly review licensing models. They can have significant impacts on costs, but also on flexibility and scalability. Product bundles are only as viable as their cost-effectiveness and capability to fit requirements. There is no point in paying for features that will never be used. 7. Full integration of cybersecurity partners If you find a partner you can trust, you can strengthen your security posture by the integration of its team. You gain access to a wealth of solutions and expertise, and you can end up reducing costs and increasing efficiency because you have minimised the number of solutions in your stack. Follow the data The cybersecurity market is becoming more competitive. Your procurement team faces a stiff challenge as it sifts through many vendors, value- added distributors, resellers, and systems integrators for the one partner that can fulfill your business’s needs. Always remember to agree internally on what is required before launching the procurement process. Business goals and strategies are just as significant as the current state of the threat landscape or any trends within the cybersecurity industry. A disciplined approach to evaluation must include these factors along with the functionality of the solution and the viability of its vendor. Never lose sight of your own unique risk and business objectives. They will keep you focused as you consider things such as pricing structure and functionality. A data-driven investment now will reap many benefits in the months and years ahead. Running critical infrastructure is a responsibility that sits apart from other economic activities. The harm to your organisation — financial and reputational — pales in comparison to potential wider economic impact. These considerations will allow you to partner with an organisation that understands these issues and help against the cyber menace. Next >