< Previous“With a scattered security approach, IT managers constantly have to go over hurdles to keep firms safe.” Dr Moataz Bin Ali, Trend Micro MENA QUOTED Dubai hosts “Capture the Flag” cybersecurity challenge Cybersecurity enthusiasts went head to head in a Dubai Police- sponsored competition that took place last month. The Capture the Flag (CTF) competition is designed to en- courage the security professionals and/or students to develop ideas and solutions through a cyberse- curity problem-solving challenge that encompasses forensics and defence methods. The challenge provided an op- portunity to apply penetration testing and analytical skills in a re- al-world cybersecurity scenario. His Excellency Major Gen- eral Abdullah Khalifa Al Marri, Commander-in-Chief of Dubai Police, highlights the importance of events such as the “Capture the Flag” challenge in attracting the youth to the fields of science, technology and innovation while keeping up with the rapid develop- ments in the field of information technology. Organisations are struggling with a worldwide shortage of in- formation security experts. Thus, cybersecurity experts require both theoretical and practical learning opportunities. Prizes of AED 20,000, 10,000 and AED 5,000 were given out. Major General Al Marri: TCF helps attract youth to technology. OVERALL MALWARE ACTIVITY INCREASED IN JANUARY, UP 7.3% FROM THE PREVIOUS MONTH. SYMANTEC MONTHLY THREAT REPORT-JANUARY 2019 Dubai Police sponsor second annual CTF competition to boost cyber defence capabilities in UAE Source: Symantec Ibrahim: Data centre represents a milestone for Forcepoint’s investment in the region. 25 20 15 10 5 0 MIL L IONS NJMSMJ 2019OJFA A D // UPDATE / SECURITY // WWW.NETWORKMIDDLEEAST.COM /// 10 / NETWORK MIDDLE EAST / MARCH 2019 /Forcepoint is opening a new data centre in Dubai, availing Forcepoint Cloud Web Security to organisations looking to uti- lise in-country secure cloud services. The Dubai data centre also offers cus- tomers within and nearby the UAE the ability to receive web results more quick- ly thanks to low latency. In addition, the new location addresses need from organ- isations (public sector and enterprise) who handle sensitive information and prefer content to be in close proximity. Ozgur Danisman senior manager sales and engineering MENA at Force- point comments, “We’re delighted to be able to bring secure cloud services to cus- tomers and channel partners in the UAE and surrounding regions, through our best-in-class product, Forcepoint Cloud Web Security. This local investment will certainly have a positive impact and shows our trust and commitment to the UAE economy and GCC. Having a resil- ient and advanced local offering will give our customers peace of mind that their data is located within their region.” Mahmoud-Samy Ibrahim, area vice president for the emerging region at For- cepoint adds, “The opening of this data centre represents a milestone for Force- point’s continued investment in the re- gion, as its global footprint grows. “It is imperative that Forcepoint is able to provide advanced security solu- tions that meet and exceed these demands and enable customers from different in- dustries to defend against sophisticated attacks,” he adds. Forcepoint opens new data centre in Dubai What is causing IT security gaps? Expanding and blurring the line of the corporate perimeter Firstly, it’s no secret that the volume of IoT devices connecting to corporate networks has exploded – eclipsing that of the global population. This level of proliferation is impacting the requirements each organisation has when it comes to network security. A clear lack in security strategy around IoT is only compounding this problem Tackling the security issue without the skills and expertise Half of the respondents to a Ponemon study said staff lack the crucial expertise to match the risks these attackers and corresponding threats present, citing it as the main reason behind security gaps. A disconnect on IT process and training In addition to this, employees lack security understanding. For example, in a previous study, over 70% of global employees revealed they were compromising network security by sharing passwords and devices. Closing the gap: pairing human and technical People and process must be prioritised if we’re to close the IT security gap, but there are technical steps that can support organisations in this while also augmenting the existing work security staff are doing. Using a combination of AI and machine learning, IT staff can recognise, profile and connect every device accessing their network. Rabih Itani, Aruba, Middle East and Turkey “For applications in a Kubernetes environment, east-west traffic security is a prime concern.” Kamal Anand, A10 Networks “No MDM solution is designed to detect and prevent smartphones from advanced cyber-attacks.” Sheik Abideen, VP, Evanssion New data centre to provide in-country secure web cloud services, with local results for UAE 57% Of UAE companies attributed weaknesses in their IT security to careless employees. Kaspersky Lab Survey // UPDATE / SECURITY // MARCH 2019 / NETWORK MIDDLE EAST / 11// WWW.NETWORKMIDDLEEAST.COM /EVENT: Network Middle East Innovation Awards 2019 WHEN: 26th June 2019 WHERE: Dubai Fortinet’s recently-released Fori- Gate Next-Generation Firewalls (NGFWs) enable organisations implement intent-based segmen- tation into their security architecture. The NGFWs comprise of FortiGate 3600E, FortiGate 3400E, FortiGate 600E and FortiGate 400E Series. The combination of business growth, workloads migrating to multiple clouds and increasing cyber-attacks makes it difficult for organisations to maintain a robust security architecture that effec- tively implements consistent security policy across all network environments. Having flat networks with a single enforcement point further compounds this problem by making it easier for cy- bercriminals to get inside the network. Once inside, they become part of the trusted zone, allowing them to quickly spread threats laterally. It’s extremely hard to detect and contain these cyber- criminals as they move deeper into the network, resulting in cascading risks and exfiltration of valuable data. As existing security strategies are fail- ing to keep pace with a complex security landscape, organisations are seeking adaptive and predictive protection that prevents the spread of threats through- out the network. With Intent-based segmentation, organisations achieve adaptive security by intelligently seg- menting IT assets in accordance with the business intent, like addressing com- pliance, by having multiple enforcement points. Adaptive protection is achieved by implementing granular access control based on varying trust levels and high- performance advanced security. One of the reasons intent-based seg- mentation is effective is because it is multi-dimensional, explains Kalle Bjorn, director, Systems Engineering at Fortinet. The first dimension of an ef- fective segmentation strategy covers where the segmentation is applied and encompasses all prevailing micro, mac- ro, application, and nano-segmentation techniques. Additionally, it also needs to extend to physical endpoints and devic- es that are unable to run any agents—for example, Chromebooks and multi-func- tional printers. “Because intent-based segmentation covers all of the network and infrastruc- ture assets of a modern organisation, it is Intent-based segmentation can also incorpo- rate more agile and innovative mechanisms like business logic.” 2018 SPONSORS Bjorn: Intent-based segmentation covers all of the network and infrastructure assets. // PREVIEW / NME AWARDS 2019 // WWW.NETWORKMIDDLEEAST.COM /// 12 / NETWORK MIDDLE EAST / MARCH 2019 / Fortinet brings “intent” to next-generation firewalls New FortiGate NGFWs enable intent-based segmentation into security architecture far more comprehensive than tradition- al segmentation solutions,” Bjorn says. The second dimension covers how trust is established and monitored, says Bjorn. Intent-based segmentation not only employs existing network and iden- tity-based mechanisms, but it can also incorporate more agile and innovative mechanisms like business logic. Further, trust can be continuously monitored by a third party trust engine and is commu- nicated to FortiGate devices using Fab- ric Connectors for dynamically adjust- ing and enforcing security policies. “FortiGates can also allow or disallow access to network resources after receiv- ing changing risk and trust assessments derived from suspicious user behaviour and actions,” he adds. The third dimension covers what se- curity inspections need to be applied to the traffic, Bjorn says. “This could be as simple as providing full visibility, or as in-depth as providing comprehensive security. Having the option to dynami- cally apply full security analysis and protection is necessitated by the fact that trusted users can unknowingly be- come infected with malware, and worse, provide a platform for hackers to pen- etrate, thereby defying the established boundaries of trust. This includes the ability to inspect encrypted traffic at network speeds,” he adds. As part of Fortinet’s Security Fabric, the new FortiGate NGFWs give organi- sations an integrated and consistent security policy across on-premise and cloud assets. Powered by customised Se- curity Processor Units (SPUs), the new FortiGate NGFWs provide full visibility and advanced threat protection without the fear of performance degradation. Security is top concern in adopting intelligent workspaces in KSA: Study An IDC survey commissioned by Ci- trix found security and data leaks to be a key concern in adopting intelli- gent workplace strategies. The survey also found that over 60% of CIOs said their company had already adopted a virtual desktop en- vironment, highlighting the critical need for Saudi organisations to rapid- ly implement secure solutions work- ers in KSA and security guidelines. While 79% of the respondents in- dicated that they monitor and analyse access and authentication behaviour, only 48% had deployed solutions to detect and analyse threats based on user behaviour, and 29% had adopted machine learning and AI-based tools to understand user behaviour. “Our results reveal that or- ganisations in Saudi Arabia need to support a borderless operational environment that is secure and easy to ac- cess. By building out effec- tive, intelligent workplace strategies, organisations in the Kingdom will be able to reduce their operational expenses, de- liver superior experiences, enhance pro- ductivity and even in- crease their rev- enues,” says Megha Kumar, research director, Software & Cloud at IDC. With one of the highest mobile penetration rates in the world, Saudi’s widespread local access to mobile de- vices has compelled organisations in the country to pursue omnichannel en- gagements with employees, customers, and partners, and develop systems that can be accessed anywhere at any time. Moreover, emerging technologies — such as automation solutions and AI — will be instrumental in creating the Saudi organisation of the future. “Work is no longer a place – it’s a dynamic activity that people ex- pect to be as adaptable as they are,” says Taj El-Khayat, regional director MENA at Citrix. “With intelligent work- spaces, people and organi- sations can unlock inno- vation, engage customers, and be productive – any- time, anywhere. Citrix is here to help Saudi organi- sations build the work- place of the future so organisations can opera- tionalise the technology they need to drive business forward,” El-Khayat adds. El-Khayat: Work is a dynamic activity that people expect to be as adaptable as they are. // PREVIEW / NME AWARDS 2019 // MARCH 2019 / NETWORK MIDDLE EAST / 13// WWW.NETWORKMIDDLEEAST.COM /Mimecast helps real estate developer Azizi Developments block phishing attacks & suspicious messages Case study Cast off // CASE STUDY / AZIZI DEVELOPMENTS // WWW.NETWORKMIDDLEEAST.COM /// 14 / NETWORK MIDDLE EAST / MARCH 2019 /AZIZI CASE STUDY SUMMARY Objective Azizi Developments required an effective email security solution encompassing advanced threat protection, sandboxing of at- tachments, and comprehensive phishing detection/prevention with the aim of stopping the hundreds of phishing attempts being made each day, that were increasing in number and sophistication. Solution The developer implemented Mimecast Secure Email Gateway with Targeted Threat Protection which uses multiple detection engines and a diverse set of threat intelligence sources to protect email from spam, malware, phish- ing, and targeted attacks delivered as a 100% cloud-based service. The Mimecast services defend against email-borne impersona- tion attempts, malicious URLs and attachments, threats that are internal to the organisation, as well as attacks from the inside destined for external recipients. Results With Mimecast’s help, the Azizi Developments security team con- figured the Mimecast gateway in front of the company’s O365 email service and saw an immediate, massive decline in the volume of unwanted email coming through – a 75% reduction in mail overall. In the world of cybercrime, fame is a four letter word. And Azizi Developments is a true testa- ment of that. Established in 2007, the developer’s rapid growth has seen it become a household name in Dubai’s dynamic property market, with an ex- panding portfolio now valued at over AED 45 billion. This growth and success, and the at- tendant visibility, has seen the company has seen its popularity rise; therefore, it has invested in technologies to im- prove its security from cyber-attacks and phishing scams. Up until 2017, the company had ex- perienced increased number of spam emails, phishing attempts, unsafe links and sophistication on a daily basis that were used to target Azizi Development’s employees particularly. In late 2017, Azizi Developments set about tackling the situation by introduc- ing the Cyber Security and Monitoring department that had a number of team members that were tasked to im- prove, protect and secure the company’s brand, network, datacentres, servers, as- sets and data. A Security Operations Centre (SOC) was also set up, enabling improved detection, pre- vention and incident re- sponse. The security team then doubled down on its cyber defence mission, initiating a “Human Firewall” project, tasked with providing security awareness training for its hun- dreds of employees. The final piece of the equation was putting in place an email security solu- tion to put a stop to the phishing and im- personation menace. After research, one company stood out in its ability to offer the advanced threat protection features Azizi Devel- opments urgently needed-Mimecast. The IT team subsequently ran a Mime- cast pilot and were impressed with the detection accuracy, ability to provide fo- cused protection of employees’ profiles, and reporting. It is against this backdrop that Hashim Saeed joined Azizi Develop- ments as the developer’s Head of Infor- mation Technology. BUSINESS NEED Email is a powerful business tool. But if it isn’t part of an organisation’s core securi- ty strategy, it can become a major vulner- ability. Making cybersecurity a priority should start at the top. According to the Mimecast State of Email Security 2018 report released in January this year, 31% of C-level employ- ees are likely to have accidentally sent sensitive data to the wrong person in the last year compared to just 22% of general employees. And, 20% of organisations report that sensitive data was sent via email by a member of the C-suite in re- sponse to a phishing email in 2018. A Microsoft O365 user, Azizi Devel- opments previously had anti-spam/anti- virus tools in place, but not a secu- rity tool providing advanced threat protection. The company was spending many hours each week trying to stave off or remedy the impact of phishing attempts. The key requirements for an effective email secu- rity solution included advanced threat protection, sandboxing of attach- ments, and comprehensive phishing de- tection/prevention. GDPR compliance was also a factor, but not a key require- ment at the time, as a separate solution for GDPR could be put in place if and when needed. “We were looking for a solution that could offer us layered security against all forms of email-borne attacks and vis- ibility across the business. The solutions needed to be a SaaS service and easy to deploy with a low overhead cost to man- age,” says Saeed. 75% Reduction in overall emails // CASE STUDY / AZIZI DEVELOPMENTS // MARCH 2019 / NETWORK MIDDLE EAST / 15// WWW.NETWORKMIDDLEEAST.COM /The Mimecast implementation was very simple and straightforward. Once the configuration of the appliance with the company’s O365 email service was done, the company saw an immediate and massive decline in the volume of unwanted emails coming through – a 75% reduction in mail overall. This is be- cause Mimecast was able to block a large amount of potentially problematic emails that O365 had been letting through. “Being a SaaS platform, the imple- mentation and integration with O365 was a seamless process and we were up and running in a few days. We haven’t extended the Mimecast API capability into any of our other systems, but this is potentially part of our future plan and optimisation,” explains Saeed. BUSINESS BENEFIT With Mimecast in place acting as an email security gateway, the overall vol- ume of email entering the Azizi Devel- opments network has been reduced by more than 75%. Specifically, there has been enormous reductions in spam, ran- somware, advanced threats, and mali- cious attachments. “The cost and reputational damage associated to any data breach far out- weigh the service cost. IT resource time has been optimised with less time spent on fire fighting and responding to inci- dents,” says Saeed. The cybersecurity team now spends half as much time dealing with email Established in 2007, Azizi Development’s rapid growth has seen it become a household name in Dubai’s dynamic property market. We were looking for a solution that could offer us layered security against all forms of email-borne attacks and visibility across the business.” THE CLIENT Azizi Developments the real es- tate investment arm of Azizi Group and one of the leading developers in the UAE. It was established in 2007, with a mission of designing homes and communities inspired by modern urban living. The company has up to date developed numerous properties in prime locations across Dubai. // CASE STUDY / AZIZI DEVELOPMENTS // WWW.NETWORKMIDDLEEAST.COM /// 16 / NETWORK MIDDLE EAST / MARCH 2019 /Mimecast sandboxes every email at- tachment and scans it before releasing the email to the user – an effective pro- cess that takes only seconds but has significantly enhanced email security. “The solution has reduced the company’s risk and exposure to email-borne attacks. It also minimises finan- cial loss and reputational damage due to potential cyber-attacks,” Saeed ex- plains. Mimecast also helps email users learn how to identify phishing and other malicious emails through user-managed quarantines and periodic web-based re- minders to evaluate whether an email or attachment is from a trusted source or not. Visibility is one of the most impor- tant keys in the Cyber Security world. Mimecast provides insight and statistics on the number and types of attacks, and the users who clicked on suspicious or malicious emails. This is something that Azizi Developments didn’t have before. “Comprehensive reporting and vis- ibility ensure that we are aware of the risks/vulnerabilities within the busi- ness,” explains Saeed. The Mimecast service provides Saeed’s team with detailed reports on ex- actly which users clicked on bad domains or fell prey to phishing scams, so they can coach those users one-on-one immedi- ately. Over time, Azizi Developments’ cybersecurity team will layer classroom and online training for all email users, to share best practices about identifying The cost and reputational damage associated to any data breach far outweigh the service cost.” Hashim Saeed, head of IT Azizi Developments 45B Value of property portfolio in USD Dec. 2018 181,903,712 emails inspected by Mimecast 21,183,014 8,528,651 Rejected | 12,654,363 Quarantined 1 183 0 310,309 email user s over 1,591 days dd 16,581 17,403 42,350 160,644,364 emails deemed safe by Mimecast 205,363 MALICIOUS URLS WERE DETECTED WITHIN 13,942,922 EMAILS This is an aggregate report of ESRA tests compiled over 1,591 days showing the number and type of email-borne threats missed by incumbent email security systems.* security issues as it did prior to imple- menting Mimecast, freeing more time to spend on innovation and preven- tive measures rather than putting out fires. Mimecast also helps ensure that Azizi Develop- ments email practices are GDPR compliant. Saeed says Mimecast ensures that all employ- ees are protected against phishing, impersonated and ransomware attacks. “The service gives us peace of mind and confidence in our workforce that we are protected against cyber threats,” Saaed says. The attachment scanning and sand- boxing has emerged as crucial, because there were several incidents of C-suite systems being compromised through malicious email-borne attachments. // CASE STUDY / AZIZI DEVELOPMENTS // MARCH 2019 / NETWORK MIDDLE EAST / 17// WWW.NETWORKMIDDLEEAST.COM /THE VENDOR Mimecast is a cybersecurity company specialising in cloud- based email management for Microsoft Exchange and Microsoft Office 365 including security, archiving, and continuity services to protect business mail. It was founded in 2003 by Peter Bauer and Neil Murray. It has offices in Europe, North America, Middle East and Africa. ClearPass NAC supports network visibility and access management through policy enforcement on devices and users of corporate networks, crucial due to the growth of mobile devices. and handling malicious email. Mimecast data and reporting will help inform that training – the types needed, and who needs it most urgently. “The built-in user awareness ensures the second layer of protection and assists in driving user awareness and education for our employees,” says Saeed. User awareness crucial today in any cyber defence strategy. “If users are not aware of what they’re doing, the actions they take could have severe consequenc- es to the business. We have already begun carrying out user awareness on a regular basis and we’re looking into such a solu- tion proposed by Mimecast which hope- fully will be part of our 2019 initiative,” Saeed says. The IT team sends reports to the Azizi Developments’ executive team weekly with key cybersecurity statistics, including the number of incoming email attacks with attachments, the number of overall phishing attacks, the number of users who are trying to engage with mali- cious content even though it has been de- fanged, and reduction in overall attacks. “We don’t support the business using the old and traditional way. We work closely with the business to un- derstand their requirements and then try to facilitate their operations by bringing new technologies. We have put a lot of technologies in place al- ready and we’re working with the busi- ness to provide even more solutions,” says Saeed. DIGITAL TRANSFORMATION The cybersecurity implementation is part of a broader IT transformation story underway at Azizi Developments. “The company plans to deploy new technologies that will support us with our digital transformation and automa- tion plan. It is absolutely important for us to be very efficient and effective; and with the use of these technologies, we will be able to automate processes and provide our customers with the best ser- vice possible” Saeed says. This year, Azizi Developments in- The cybersecurity implementation is part of a broader IT transformation story underway at Azizi Developments. tends to enhance its security by adding features/modules of Mimecast, such as Internal Email Protect and email archiv- ing tools. “We chose Mimecast because we were aware of Mimecast’s profile and product roadmap in terms of the multiple technol- ogies that they’re bringing onboard which will help my 2019 plan of consolidating the number of systems and technologies we have in place,” Saeed concludes. // CASE STUDY / AZIZI DEVELOPMENTS // WWW.NETWORKMIDDLEEAST.COM /// 18 / NETWORK MIDDLE EAST / MARCH 2019 /EDGE COMPUTING SPECIAL REPORT KNOWLEDGE PARTNER MARKET FOCUS IoT pushes IT to the ‘edge’A test of time in IT effi ciency LIVING ON THE Edge Computing: the next stage of network evolution Next >