< PreviousCyber-attacks in 2019 have been as varied as they have been devastating. From state- sponsored APTs to ransomware, organisa- tions have found themselves on the receiv- ing end of devastating targeted attacks. Between 75% and 90% of targeted cyber- attacks are email-borne, which makes email protection a critical level of protection for any organisation. However, traditional email security gateways can no longer pro- tect users and data. Many threats, such as spear-phishing attacks or emails directed at users via personal emails, bypass gateways. Barracuda takes a layered approach to email protection, extending traditional email security to the various aspects of or- ganisations’ email infrastructure. “Through our email security suites, we are helping organisations manage all the traffic coming through email, both in the datacentre and cloud workloads,” explains Husni Hammoud, General Man- ager, Barracuda Networks. This email protection suite is now inte- grated with an artificial intelligence layer called Sentinel, explains Hammoud. The AI engine behind Barracuda Sentinel detects and blocks spear phishing attacks in real-time. The platform automatically learns the unique communication patterns of the organisation to determine whether an email is part of a spear-phishing attack. Identified attacks are quarantined and the recipient and administrator are notified of the attempted attack. As many organisations have found out, too late for some, technology without em- ployee involvement is useless. Therefore, a complete email protection strategy must include user security awareness training. Barracuda PhishLine automatically runs simulated phishing and administers per- sonalised security awareness training. It identifies risks by user, department, and types of devices, as well as other factors. “PhishLine allows you to teach and prepare your team to identify suspicious emails. Your organisation may deploy the Attacks are rarely discovered in time, Hammoud says. The UAE’s Ministry of Commu- nity Development (MOCD) has selected Microsoft Defender Advanced Threat Protection (ATP) to protect its IT perimeter. Ooredoo Kuwait has chosen Fortinet to deliver a secure SD-WAN managed service to existing and new enterprise customers. The number of DDoS attacks rose by a third in Q3 2019 compared to the previous period, according to statistics gathered by Kaspersky. Bitdefender has updated its GravityZone managed service provider platform to enable MSPs detect attacks earlier in the kill chain. For further info on the above stories, plus all the latest security news, visit www.itp.net/news-and-features/security NEWS JUST IN… //Security_Report Barracuda extends email security from datacentre to the cloud, with help from AI Email security for the new era of threats best technology, but hackers know how to fool employees through legitimate-looking emails,” warns Hammoud. Most cyber incidents are not discov- ered until much later, Hammoud observes. “Even after the discovery, IT security teams spend a lot of time trying to identify the intensity of the impact, the data that was taken and who has been infected,” Hammoud adds. Barracuda Forensics and Incident Re- sponse solves this problem. The platform automates critical processes to accelerate response to security incidents. It makes it easy for IT security to identify the impacted users and remove malicious mail directly from users’ inboxes. At the same time, it lets organisations prevent future attacks by blocking emails from malicious senders, domains, and geo-regions. Since WannaCry, ransomware has emerged as one of the most popular attack vectors for cybercriminals. Organisations, therefore, need first of all to protect their data and equally important, to recover from such incidents, says Hammoud. Barracuda Backup enables organisations to recover their data from ransomware at- tacks by eliminating the malware, deleting the criminally encrypted files, and restor- ing a good copy of data. HITB event // UPDATE / SECURITY // WWW.NETWORKMIDDLEEAST.COM /// 10 / NETWORK MIDDLE EAST / DECEMBER 2019 /ENTERPRISE SYSTEMS STRATEGIZES WITH HUAWEI ON INTELLIGENT SURVEILLANCE SOLUTIONS Video Analytics, cloud and 5G connectivity are shaping the market of the future. Huawei being among the top SE Asian equipment vendors that is driving this growth. Huawei is focusing more in recent times to provide much more video analytics features and functionalities and is leading the way into deep learning centered analytics. Huawei’s solution of Intelligent Video and Data Analytics delivers the best in class security and tacti- cal intelligent solutions and prod- ucts. Software defi ned cameras (SDCs) that Huawei are developing are the catalyst for maintaining a safe society. In security level, Huawei is the only vendor to pass CC EAL3, the international secu- rity certifi cation, with a premium quality and build. Enterprise Systems has strate- gized with focused resource to sup- port Huawei’s strategy to become a leader in the intelligent security industry within the middle east. The support comes with commer- cial and technical resource that is dedicated to managing our channel partners efforts by engaging, train- ing and giving backup to their after sales engagement. There is a wide range of Hua- wei SDC cameras and Huawei is dedicated to building an ecosystem and platform for its customers to transform digitally, and well as develop the broad range of applications. The Person Data Structuring camera can be used in densely populated areas such as Business Central Towers | Tower B | Offi ce 3904 | Dubai Media City P.O.Box 503043 | Dubai | United Arab Emirates | www.esystems.com transportation terminals, with AI chipset and algorithm which can be promptly updated on demand with- out service interruptions. Huawei’s Omni-data structuring cameras, proposed sharing the highest com- puting power of SDCs to common cameras, delivering seamless and cost-effective modernization. Huawei’s Vehicle micro check- point cameras can provide accurate license plate recognition and the motion blur removal algorithm helps achieve higher accuracy. On the contrary the ITS cameras from Huawei use T-shot technologies to provide clearer images in low light scenarios and complex light conditions, to capture all details without being affected by high light supplements from vehicle lights or fl ashlights. Similarly, Huawei’s Security Situation Awareness cam- eras provide 4k clear surveillance images in real time regardless of the light and weather conditions. Huawei’s Cloud IVS, puts the computing resources into a re- source pool based on The True Cloud Architecture providing the cohesive scheduling and manage- ment for business analytics, and obtains higher resource utilization. To get the effi cient concurrent ac- cess to data from multiple sources, Huawei provides completely sym- metric distributed cloud storage featuring centralized high-speed access to multi source data in the billions of records. The cloud IVS from Huawei allows resource sharing from various ven- dors and multi-algorithms deploy- ment on the same platform, without purchasing different hardware for different services. Ultra-fast analysis and search. N:N clustering, provides 60-fold accelerating com- puting performance using Huawei’s distributed cloud architectures. Huawei Cloud IVS 3000 solution has and agile edge by fl exible de- ployment, enabling close proximity processing and storage. The Huawei Cloud IVS 9000 on the other hand is used for high density computing and network wide collaboration, such as Safe city projects. Systems Enterprise How SANS cybersecurity training helped Kuwaiti learner land his dream job A bachelors degree from Gulf University for Science & Technology (GUST Uni- versity) in Kuwait, two Masters degrees from Kuwait University and numerous courses with SANS, has steered AlEnzi to the Senior Network/Security Infra- structure Supervisor position at Kuwait Aviation Services. AlEnzi has so far completed five SANS courses already, with two certificates al- ready obtained (GPEN and GWEB) and another three exams pending. He plans to have all five certifications by the end of 2020. “I’ve learned the steps of attacking, terminology and how to build reports for penetration testing. With SANS training and certification, I can now go through pen test reports, as well as spearhead in- cident handling in case of an attack,” says AlEnzi. Kuwait Aviation Services’ approach towards cybersecurity has shifted dra- matically in the time AlEnzi has worked there, with training and awareness a ma- jor focus area for the agency. “Kuwait Aviation Services has come to understand the value of the skills staff can gain from SANS training, and is moving towards running company-wide training with SANS. Promotions will be conferred based on the pursuit of this training,” he says. The cybersecurity field is constantly shifting; changing and keeping up with the evolving cyber threats drives AlEnzi desire for continuous learning. “I try to stay ahead of the game by utilising all the resources on the SANS website, and within the SANS community. I’m contin- uously listening to podcasts, keeping an eye on RSS feeds, and staying in the loop on the SANS Twitter page. I also have a flash drive with a load of audiobooks on Dedication to life-long cybersecurity training, powered by SANS, has led Kuwaiti Ali AlEnzi to a fulfilling career at one of the country’s most prominent agencies THE FUTURE The next target in AlEnzi’s SANS train- ing journey is reverse engineering. “I’ve enjoyed reading through the code and found the free 60-min- ute demo for SANS reverse malware, FOR610 course fun and engaging”. AlEnzi has taken the following SANS courses: SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling SEC560: Network Pen- etration Testing and Ethical Hacking SEC542: Web App Penetration Testing and Ethical Hacking DEV522: Defend- ing Web Applications Security Essen- tials SEC566: Implementing and Au- diting the Critical Security Controls - InDepth He has passed GPEN, GWEB and has registered for GCCC and is plan- ning to sit for GWAPT, GCIH. For more information on SANS training head to their website : http:// www.sans.org/ME-SANS-Training AlEnzi: SANS isn’t training, it’s an investment. the industries’ trending topics, which is great for when I’m commuting. “The way I see it, SANS isn’t training, it’s an invest- ment. It’s investing in yourself,” he adds. SUPPORT Support from SANS is reassuring. “Whenever I post anything on social me- dia, SANS experts always respond, which makes me feel valued. Without their con- stant mentoring, morale-boosting, excep- tional training, and the website resources of course, I wouldn’t have found myself in current position,” he adds. As part of the SANS community, AlEnzi has formed a group within the Alumni, made up of professionals from various fields. “We all communicate on Slack and WhatsApp, sharing feedback, the knowledge we’ve learned in training, recommended courses, current issues in the field, and information on attacks. We help each other to improve and identify what skills are required,” he says. // UPDATE / SECURITY // WWW.NETWORKMIDDLEEAST.COM /// 12 / NETWORK MIDDLE EAST / DECEMBER 2019 /QUOTED Impersonation attacks escalate in 2019: Mimecast Impersonation attacks are on this rise, accounting for 26% of total detections in Q3 of 2019, the latest Mimecast quarterly Threat Intel- ligence Report: Risk and Resil- ience Insights report shows. Impersonation attacks now include voice phishing or “vish- ing,” an advanced attack observed in this quarter, where threat ac- tors use social engineering to gain access to personal and financial information via the victim’s tel- ephone system. The data highlights complex, targeted campaigns leveraging a variety of vectors and lasting several days. These sophisticated attacks are likely carried out by organised and determined threat actors, employing obfuscation, layering, exploits, and encryption to evade detection. Josh Douglas, vice president of threat intelligence at Mime- cast says, “This quarter’s research found that the majority of threats were simple, sheer volume at- tacks. Easy to execute, but not as easy to protect against as it shines a very bright light on the role hu- man error could play in an organi- sation’s vulnerability.” Douglas: Simple attacks that play on human error plague organisations. OVERALL MALWARE ACTIVITY INCREASED SLIGHTLY IN OCTOBER, UP 1% FROM THE PREVIOUS MONTH ( SYMANTEC MONTHLY THREAT REPORT-OCTOBER) Transportation, legal and banking sectors hit the hardest by cyber attacks, new report shows Source: Symantec Customers can now enjoy the business benefits of the cloud while closing the cyber exposure gap, said Komar. “Email continues to be the vector of choice for cybercriminals and retail remains a key target.” Emile Abou Saleh, Proofpoint MIL L IONS 8 7 6 5 4 3 2 1 0 NSMMJ 2019OJJFAAD // UPDATE / SECURITY // WWW.NETWORKMIDDLEEAST.COM /// 14 / NETWORK MIDDLE EAST / DECEMBER 2019 /Tenable is integrating Tenable.io, its platform for vulnerability management in the cloud, and the new Microsoft Az- ure Security Centre API. The bi-directional integration will equip joint customers with a single view of cyber exposure across their cloud- based assets. The joint offering can help empowering organisations harness the benefits of the cloud while minimising risk to the business. Ray Komar, vice president of Techni- cal Alliances, Tenable says, “We partner with industry leaders like Microsoft to ensure customers get all of the busi- ness benefits of the cloud while enabling them to close the cyber exposure gap across their dynamic environments.” Tenable.io automatically imports cloud asset data from Azure, assesses them for vulnerabilities, and sends the results back to Azure Security Centre for remediation. This improves the speed and efficiency of managing, measuring and reducing cyber risk of cloud assets. Scott Woodgate, senior director, Azure Security, Microsoft says, “We’re pleased that Tenable is one of the first partners to integrate with Azure Securi- ty Centre, providing our joint customers with improved cloud security manage- ment for their dynamic environments.” Tenable.io is a core component of the Tenable Cyber Exposure platform, which provides visibility into cyber risk across IT, cloud, IoT and OT envi- ronments and analytics to measure and communicate cyber risk. Tenable is now integrated with Microsoft Azure Mimecast CEO Peter Bauer contends email security in the future will comprise of three zones Zone 1 – Perimeter: The email security perimeter is focused on keeping users and data safe by protecting email against spam and viruses, malware and impersonation attempts, and data leaks. Organisations need global visibility that offers rapid detection of sophisticated threats to protect their entire customer, partner and vendor ecosystem. Zone 2 – Inside the perimeter: Compromised users whose accounts are being taken advantage of, lateral movement using credential harvesting links, social engineering and employee errors are threats and risks that manifest inside the perimeter. Organisations should combine security inspections of internal and outbound email traffic with capabilities to build a stronger human firewall through dynamic user awareness training and testing programs. Zone 3 – Beyond the email perimeter – pervasiveness Organisations need the ability to protect their brands and domains from being explicitly spoofed or hijacked to defraud customers and partners. This requires the ability to implement DMARC efficiently as well as to hunt for and take action against threats where attackers present themselves fraudulently to an organisation’s customers or partners using deception and impersonation. “Ransomware will no longer be a matter of data denied, it will be a case of data compromised.” Simon Jelley, Veritas “The best definition I’ve encountered for the internet of things is about blindness and lack of knowledge.” Dr Mike Lloyd, RedSeal Tenable.io imports data from Azure, assesses for vulnerabilities and sends results back for remediation 30% Rise in number of DDoS attacks in Q3 of 2019 Source: Kaspersky // UPDATE / SECURITY // DECEMBER 2019 / NETWORK MIDDLE EAST / 15// WWW.NETWORKMIDDLEEAST.COM /King Fahad Medical City transforms its contact centre with Avaya Oceana Case study Point of contact // CASE STUDY / KING FAHAD MEDICAL CITY // WWW.NETWORKMIDDLEEAST.COM /// 16 / NETWORK MIDDLE EAST / DECEMBER 2019SUMMARY Objective King Fahad Medical City wanted to implement a modern contact centre that unifies all communication with the public under a single contact, as well as serve internal users. The platform needed to cater to various digital customer requirements. Solution KFMC turned to Avaya, implement- ing Avaya Oceana, a multichannel customer engagement platform that provides seamless customer engagement across mobile, web, and traditional dial-up channels. Avaya Oceana provides multi- channel operations using voice, chat, web voice, web video, email, SMS, co-browse, and social media interactions across various digital channels and devices. Results Patients now have a single number for all KFMC departments, available round the clock. Its multichan- nel capabilities mean customers can choose the platforms of their choice, with a seamless flow between voice, chat, email as required. Being at the forefront of medical practice in Saudi Arabia, King Fahad Medi- cal City requires a technol- ogy stack to match. King Fahad Medical City (KFMC) is the largest medical facility in Saudi Ara- bia, located in the capital Riyadh. The hospital complex has elevated technol- ogy to the core of its operations, part of which is a modern contact centre. At the end of 2018, KFMC began the roll-out of a contact centre platform for its customers and internal users. The hospital turned to established partner Avaya, with whom the facil- ity has had a relationship that goes back years. The hospital was running Avaya PBX system, then moved to Avaya Aura messaging, then added more features as needs grew, culminating in the Avaya Oceana deployment. Avaya Oceana is a multichannel customer engagement platform that provides seamless customer en- gagement across mobile, web, and traditional dial-up channels. Built on Avaya Breeze, Avaya Oceana provides multichannel operations using voice, chat, web voice, web vid- eo, email, sms, co-browse, and social media interactions. The support extends across various digital channels and devices. The first task was to unify the hospi- tal’s contact centre under a single num- ber. Now, callers have a single unified contact for all of the hospital’s depart- ments and the patient now only needs to remember one number, explains Eng. Fahad Abdulrazak Alselham, director of communication administration at King Fahad Medical City. BUSINESS NEED When a patient first calls into the hos- pital contact centre, an interactive voice response will ask them for their medical record number. After that, the system sends a code to their mobile phone that is registered with the hospital information system (HIS). The interactive voice response con- firms upcoming appointments or even previous ones, explains Alselham. Call- ers can also request to speak with a live agent if they prefer. When patients want to speak to an agent, they are put in a virtual queue. This system notifies them the estimat- ed waiting time before their call is an- swered by an agent. In this case, they have two options: First one is to continue holding, or they can choose to cut the call and have the agent call them back when the waiting period lapses. During a call, the agent can see all the activities related to the caller, includ- ing any previous interaction with the KFMC website or the iKFMC app. This interaction includes any previous chats, emails and SMS. All these activities are duly registered on the Oceana platform, Alselham explains. Among the many benefi- cial features of the Oceana platform is how it deals with disconnected calls, explains Alselham. If a call was disconnected for any reason, the system is smart enough to direct the call to the same agent who handled the original call when they call back. After the call is finished, callers can evaluate the quality of service through a survey. “Avaya caters to the full custom- er journey from the beginning of the call until the end,” says Alselham. BUSINESS BENEFIT A familiar challenge for hospitals are no- shows-that is when patients make an ap- pointment and then fail to show up. Part of the Avaya platform is a Proac- tive Outreach Manager feature. Proac- tive Outreach Manager enables organi- sations to create and execute automated outbound voice, email, or SMS text cam- paigns enabling customers to take im- 8% Decrease in volume of no- shows // CASE STUDY / KING FAHAD MEDICAL CITY // DECEMBER 2019 / NETWORK MIDDLE EAST / 17// WWW.NETWORKMIDDLEEAST.COM /Use of machine learning has helped improve the accuracy of transit time predictions by 74%. The number has since risen to around 3000 calls a day in less than 10 months evidence that patients believe in the technology. Patients can call or chat with agents from the website or from the app any time of the day.” Eng. Fahad Abdulrazak Alselham, director of communication administration at King Fahad Medical City mediate action via self-service or live agent interaction. In KFMC’s case, the system helps remind patients of their upcoming ap- pointments one week out by calling them to confirm their appointments. The sys- tem will register if they confirm, cancel or reschedule their visits. Thanks to Proactive Outreach Man- ager, KFMC has been able to decrease the volume of no-shows from 25% to 17% in the last eight months, Alselham says. “This reduction is of significant value and impact to KFMC,” says Alselham. Avaya Oceana system is also being used internally to support IT manage- ment. Calls for IT support from the 10,000-odd employees of KFMC get routed through the same contact centre. Alselham highlights a feature within Oceana that has considerably simplified IT support. If there is a general problem within the system, say, email is down, numerous calls will typically be made to IT support, all regarding the same issue. To address this issue, KFMC maintains a checklist of all IT systems and if any of the systems is down, a notation is made against the specific item on the list. Then when employees call through the unified number, the caller will hear a message such as “if you are calling for the email issue please press five.” The system will register their extension and will inform them that IT is aware of a general outage and working to resolve it. This provides two benefits, Alselham observes. One, calls are directed away from agents, and second, when the sys- tem is running again, the issue is checked off and all the numbers who called about the problem get a call back with an up- date that the issue has been resolved. Like most major hospitals, KFMC uses a code system to alert staff to an emergency or other events. Code Blue indicates a critical medical situation. From an extension, personnel can call overhead paging, and the pub- lic address system will announce ‘code blue’ throughout the hospital. However, in certain cases, doctors are unable to hear the overhead message, for exam- ple, when moving from building to other building. Integration between overhead paging and Oceana extends the service to medical personnel wherever they are. In such cases, the system will send // CASE STUDY / KING FAHAD MEDICAL CITY // WWW.NETWORKMIDDLEEAST.COM /// 18 / NETWORK MIDDLE EAST / DECEMBER 2019says Alselham. One of one the great benefits of the system is round the clock availability of the call centre, crucial in a medical en- vironment, says Alselham. “Patients can call, chat with agents from the KFMC website or from the mobile application any time of the day.” The Oceana system sits on the KFMC datacentre, says Alselham. The main reason is due to the need to secure sensitive and private pa- tient information. Callers can pick and choose which platform works better for them and can even start from one platform and switch to another mid-way if required. For example, if they are on the app and face any difficulty, they just need to tap King Fahad Medical City, the largest hospital complex in Saudi Arabia, has elevated technology to the core of its operations. THE CUSTOMER King Fahad Medical City (KFMC) is one of the largest and fastest-growing medical complex- es in the Middle East with a total capacity of (1200) beds. Based in Riyadh Saudi Arabia, KFMC serves an estimated 30,000 inpatients and 500,000 outpatients annually. It comprises four hospitals, four medical centres, and various sup- porting administrations. a secondary code message to the spe- cific doctor through a voice call as well as an SMS or pager if they have one. “This avails two channels to reach a doctor, which is crucial in emergen- cies,” says Alselham. Before the contact centre system was put in place, the hospital was receiv- ing between 1000 and 2000 calls per day. The number has since risen to around 3000 calls a day in less than 10 months. This, Alselham says, is evidence that patients believe in the technology and trust that someone on the other end is will be of assistance to them. “We have an SLA between us and all the medical departments, and this sys- tem allows us to streamline operations,” on an icon that allows them to either make a voice call or chat with an agent, Alselham explains. On the website, guests finding it dif- ficult with filling forms can tap agents who can assist through co-browsing on 3000 Current number of calls per day // CASE STUDY / KING FAHAD MEDICAL CITY // DECEMBER 2019 / NETWORK MIDDLE EAST / 19// WWW.NETWORKMIDDLEEAST.COM /Next >