Middle East

Have you created a “to-do” list for cybersecurity in 2022?

To live, we have to eat. To function, we have to sleep. To be successful, you need to learn. To solve the problem, you need to digitize. Business transformation is relentlessly linked to data, applications, and connectivity. Change is everywhere. Still, our fourth Industrial Revolution, which essentially connects humans with their digital inventions, may just be gaining momentum.

Report by Telecommunications and digital government regulators The history of digital transformation in the United Arab Emirates was recently published in line with the country’s Golden Jubilee. It revealed a highly digitized society. Almost 98% of the population owns smartphones, 99% are active on social media, and by 2020, 530 million smart apps were downloaded. This is just civil society. To support the business ecosystem, UAE’s Fourth Industrial Revolution Strategy includes plans to improve the workforce in areas such as nanotechnology, bioengineering, artificial intelligence, and even robotic healthcare. ..

But each problem we solve with digital technology exposes us to malicious parties.Recently VMware According to the report, 80% of security professionals have experienced increased levels of attack within their organizations due to remote work, a technology deployed (very effectively) to address imminent issues. The pandemic did not cause a surge in cyber incidents. This has led to a surge in digital transformation and increased opportunities for attackers to attack.

When we start to think of “new normal” as just “normal,” there are still some challenges that must be overcome.

“What to do?” List
Threat actors continue to evolve. The “latest” a year ago is rarely even a temporary measure today, let alone a panacea for the entire threat situation. Data collection, management, analysis, and sharing are more important than ever as regulatory frameworks continue to approach more and more business decisions.

Drawing lines, even in an abstract sense, to represent the digital boundaries of an organization is very problematic. Such surroundings do not extend outward so that the balloon is filled with air. All-new balloons, such as third-party networks and employee homes, will be added to the environment, new factories, and field-based devices that make up the rapidly expanding Internet of Things (IoT).

Digital transformation is associated with value, whether it’s solving an imminent problem, improving an old workflow, or improving the customer and employee experience. For example, remote work is a necessary component in today’s world. Hybrid environments will continue to exist, and the CISO will need to develop an action plan to manage them. This allows you to maintain the added flexibility while reducing the risks posed by the CISO.

And finally, security leaders need to justify budget spending. You need to target areas of improvement while balancing cost and value. They need to weigh issues such as talent shortages with pressing concerns about discovering, auditing, and protecting new digital assets, from field and factory machinery, traditional endpoints to cloud environments and containerized apps. I have.

To-do list
Automation is an outstanding quick win for today’s embarrassed CISOs. Assuming that local tech professionals could form a security team of all sizes, that team could be overworked in the post-cloud rush era. Overwhelmed by false positives and obsessed with firefighting activities, these professionals are hired for their ability to add value and instead succumb to warning of fatigue.

Automation can be applied to some areas that were previously labor-intensive. Telemetry can be screened for a fraction of the time it takes a human agent to do so. It also compiles a rich and accurate inventory that can help you discover your assets and provide your security team with a baseline to understand your new environment. Then automation allows you to audit the discovered assets and start triage for action. It does not matter whether it is a further investigation by human resources or an immediate patch of a known vulnerability.

The visibility gained from automated asset discovery alone is valuable. Remote devices, cloud workloads, activities in containers, etc. all need to be transparent to the CISO and its team. That way, you can quickly find suspicious processes. This is an essential feature in providing security in today’s digital estate. Zero Trust Network Architecture (ZTNA) is also becoming popular. You doubt everything and everyone adopts the position appropriate for an era when personal information theft is widespread.

Other challenges, such as how to match the speed and ferocity of the attack environment, can be met through advanced AI. Technologies such as machine learning have proven to significantly reduce response times. They dig through large amounts of data, flag threats in real time, reduce the number of false positives, and justify automation.

List of your choice
The tools have been improved. Security vendors are keenly aware of the growing need for positive digital strategies among their customers and are responding by launching the game again to defeat malicious individuals. The cloud-oriented, container-sensitive security platform enables advanced prevention, detection, and response, including automated asset detection and inventory management, machine-controlled patching, and more streamlined compliance management.

All that remains is action, that is, action by local digital innovators. They want to be so memorable, rather than being a footnote to a warning torn from the GCC’s success story by a preventable ransomware incident or a catastrophic data breach. You have to choose to be the former. List your “what to do”. Plan’to dos’. And prosper.

Hadi Jaafarawi is Managing Director – Qualys, Middle East

https://gulfbusiness.com/have-you-made-your-2022-cybersecurity-to-do-list-yet/ Have you created a “to-do” list for cybersecurity in 2022?

Back to top button