Emile Abou Saleh, Regional Director, Middle East & Africa at Proofpoint, speaks about the security challenges faced by companies and how they can overcome those challenges
How has the security threat landscape evolved over the past few months?
The security threat landscape has been rapidly evolving, fueled also by the current pandemic. There is a paradigm shift from protecting infrastructure to protecting people, as they are the last line of defense for organizations and thus the primary targets. Proofpoint’s latest CISO Report showed that over 80% of organizations in the UAE reported at least one cyberattack in 2019, with over half reporting multiple incidents with credential theft and phishing topping the list of common threats.
Furthermore, as remote working remains prevalent in most businesses, it provides an opportunity for cybercriminals to capitalize on this unprecedented period by launching campaigns that aim to take advantage of ill-prepared organizations. This is why it’s key for organizations to put people at the heart of cyber defense – ensuring employees are not just able to spot and deter attacks but are acutely aware of their role in keeping organizations safe.
What sort of security challenges are people facing when working from home and how is your company equipped to handle those challenges?
Remote working often means that employees aren’t protected by the same safeguards their office has in place. For instance, during remote working, threat actors will increasingly pursue corporate VPN log-ins and a compromised VPN can result in direct access to all email, data, and cloud apps. In addition, attackers have been capitalizing on the popularity of video conferencing platforms using them not only as a lure for malware but also for credential phishing, in particular, to steal Zoom and WebEx credentials.
How has ransomware evolved during the pandemic period and what are you doing to tackle the problem?
Proofpoint’s latest State of the Phish Report found that ransomware has impacted 66% of third-party global survey respondents and from those more than half decided to pay the ransom aiming to regain access to data. However, only 60% regained access to data/systems after the first payment and nearly 40% were hit with additional ransom demands following an initial payment. We expect to see ransomware target cloud infrastructure, either using it as an access gateway to corporate identities or directly attacking the data stored within.
As a cybersecurity company, we always support our customers and partners to put in place a robust and holistic cybersecurity strategy that not only involves cybersecurity defense tools and expertise but also ongoing education and training of all employees no matter their hierarchy. The aim is to build a culture where cybersecurity is always front of mind and where employees understand the motives behind a ransomware attack, what to do if they suspect one, how their behavior can impact success rates, and how to recover should the attack become an infection.
How can companies overcome digital security and privacy challenges?
Digital security and privacy are crucial for today’s era where technology keeps advancing and people and businesses are more connected than ever. Organizations must always safeguard sensitive data by putting in place proper governance and achieve compliance while staying successful. It’s a delicate balance as both the security and privacy sides of the business overlap. For many forward-thinking organizations, an effective data privacy strategy means combining their IT investments around both cybersecurity and information protection, as good governance and compliance result in your best security posture.
Lastly, training is another important step that needs to be taken seriously by organizations. An ongoing security awareness training is always the best way to empower employees to avoid falling victims to attacks that put their data privacy and digital security at risk.
Do you believe companies today have accelerated their digital transformation initiatives?
Despite not being new, digital transformation has become a buzzword in the last year. The disruption caused by COVID-19 to many businesses has led the organizations to look into ways to enhance their digital transformation strategies. In order to be successful, they need to embrace new levels of efficiency, agility, and responsiveness across the different internal business units and, as importantly, when liaising with their customers.
Interestingly, Proofpoint’s research has shown some of the challenges faced by organizations in the UAE when implementing cybersecurity technology include lack of board-level buy-in (31%), lack of awareness of cyber threats across their business (29%), and insufficient cybersecurity budgets (23%). These elements must also be considered when implementing a digital transformation strategy.
What are the cybersecurity trends for 2021?
As cloud adoption continues to rise, we predict that ransomware will increasingly hit cloud repositories to maximize impact and boost profits. The number of ransomware incidents contributed to losses of over $29M in 2020, with email phishing campaigns as one of the most common means of ransomware infection. In addition, as cyberattacks increasingly focus on people, Business Email Compromise (BEC) attacks continue to be the largest source of cybercrime losses. In fact, according to FBI Internet Crime Report, BEC and Email Account Compromise (EAC) cost the victimized business over $1.8 billion, representing 44% of all reported business and consumer losses in 2020.
Another trend is that malware will continue to rely on user interaction as threat actors will leverage LOLBins and LOLScripts (“Living off the land Binaries/Scripts”) to bypass malware detection, compromise systems, and steal data. In 2021, we also expect automation to become more of a standard ‘in the box’ feature for most enterprise security tools, and for many CISOs, this can’t come soon enough.
Lastly, we are also starting to see cybercriminals collaborating more, capitalizing on their strengths in order to create a more damaging impact on organizations while targeting their people.
What are the key factors to consider to make sure the digital economies of today are secured?
Some of the GCC countries like the UAE and Saudi Arabia have been increasingly enhancing their digital economies. This plays a critical role across many sectors to diversify and transform national economies and hence the journey to digitization is well underway in the region. However, similarly to any other technological advancement, organizations need to take into consideration the risks associated with digital economies. One of the key factors is data privacy and making sure organizations safeguard sensitive data with proper governance and compliance.