Cyber resilience: Securing global infrastructures

It seems like every part of the human experience is touched by technology in some way. In many respects, it makes our lives safer, our communication easier, and creates opportunities that we couldn’t have even imagined two decades ago. At the same time, this increasing dependence on technology is also driving a rapid threat evolution, featuring a wide range of risks.

cyber resilience

Faisal Al Bannai, CEO at DarkMatter

How resilient is your organization to IT threats?

Do you know how resilient your organization is to cyber threats? Are you certain about your answer? Do you know where your org’s weak points are? And how are you addressing them?

To find out more about about this increasingly critical topic, I talked with Faisal Al Bannai, CEO at DarkMatter, a security consulting and strategy company from the United Arab Emirates (UAE).

“At a time when hackers have highly advanced technical skills, the most important thing for organizations is to develop a situational awareness regarding their cyber security posture. They must look to understand the data assets they possess, where they are and their value; consider the parties both outside and within the organization that may try to access the data unlawfully or without proper authorization; and be able to monitor the operation of their data in real-time, to identify any anomalies in the shortest time possible and respond accordingly,” says Al Bannai.

The UAE threat landscape

Global interconnectivity and infrastructure makes it difficult for a single region to be uniquely affected by specific threats, but it is becoming exceedingly clear that legacy critical infrastructure in the Middle East is susceptible to attack and needs to be secured, Al Bannai explained.

“When it comes to cyber attacks, it is estimated that the UAE is the eighth most targeted country in the world. The country’s commitment to becoming a global commercial and intellectual hub has been the key for its prosperity, but at the same time it has placed the country firmly in the sights of malicious hackers worldwide,” says Al Bannai.

The Internet of Things

IoT technologies play a key role in mainstream business activities in an increasing number of companies. In fact, 76% of all companies interviewed for recent research by Vodafone believe that taking advantage of IoT technologies will be critical for the future success of any organization. IoT investment now accounts for 24% of the average IT budget, on a par with cloud computing or data analytics.

“The hyper connected era we are entering into places an emphasis on functionality and convenience, without necessarily fully considering security. Due to the increase and versatility of cyber attacks, the need for advanced cyber security tools and resources has also grown and, as a result, the demand for skilled cyber security professionals has and will continue to increase,” says Al Bannai.

Earlier this month, the Netherlands and South Korea got their own, nationwide IoT network, so the global impact of the Internet of Things is undeniably going to grow exponentially in the near future.

“In relation to smart cities and national infrastructure, cyber security is not about securing a single device or network, but the consideration of the risks present in interconnectivity, and the cascading effects that a security breach may have,” says Al Bannai.

Forging better cyber resilience

According to the the World Economic Forum’s Partnering for Cyber Resilience initiative, there is no silver bullet for achieving foolproof cyber resilience. An effective cyber risk model should include a quantification of assets, knowledge about possible and likely attackers, and knowledge about the company’s (potential) vulnerabilities.

“Vulnerabilities may exist in different areas, including technology, processes and people. The latter should never be overlooked as a threat. For companies that employ thousands of people, vetting and control systems are vital for preventing either malicious action or incompetence. Once the cyber security function of the company has a firm handle on its risk profile, it can then take appropriate mitigation measures,” explains Al Bannai.

Mitigation is a three-part process encompassing visibility, intelligence and integration:

Visibility means truly understanding the configuration of your company’s network and, most importantly, who has access to it. Large companies (in particular) often maintain networks patched together over decades, running different generations of software. It’s a simple truth that you can’t protect what you don’t understand; a thorough audit is vital at the start of any mitigation process. Sophisticated mapping software can certainly accelerate this process, but ultimately a comprehensive audit requires people on the ground to ask the right questions and find the location of servers and access rights.

Intelligence relates your system’s characteristics to known threats and your vulnerabilities in relation to them. It takes the threat intelligence gathered in the risk assessment process and relates it to the specifics of the company’s system.

Integration aggregates the information found in the other two phases, and displays them in a format that can be readily understood by decision makers to enable them to act quickly. In particular, attacks should be logged and diagnosed in a systematic fashion. Firms armed with this complete picture should then be able to create a continuous monitoring and mitigation capability supported by intelligence and securely integrated technology.