Published: Mon 16 Oct 2023, 5:06 PM

The current threat landscape is constantly evolving, complex and fast moving for most organizations to manage on their own. In a conversation with Khaleej Times, Harish Chib, vice president, Middle East of Sophos shares his thoughts on the cybersecurity challenges organisations are facing and how AI has the power to address these challenges as it matures.

Could you share some insights on the cybersecurity landscape in the Middle East and what are the main challenges organisations are facing?

Complex geopolitical landscape: The complex geopolitical landscape of the Middle East poses a significant challenge to regional collaboration in addressing common cyber threats. While cybersecurity is most effective when countries work together, the intricate political dynamics in the region make collaboration and information sharing difficult.

State-sponsored attacks are prevalent in the Middle East, where multiple nation-states are actively involved in cyber warfare, targeting governmental entities and private organisations. This phenomenon has become common, posing significant cybersecurity challenges for organisations in the region.

Resource constraint: The Middle East region encounters challenges in implementing robust cybersecurity measures due to a combination of resource constraints, including limited budgets and skill shortages. This challenge has been magnified due to rapid digitisation across Middle East. These factors hinder organisations from effectively addressing cyber threats and investing in comprehensive cybersecurity strategies.

Organisations need to develop resilience: As threat landscape evolves rapidly, its getting difficult for organization to keep up with the pace. Organizations need to develop strategy to counter these cyberattacks by focusing significant effort on incident response, crisis management, business continuity and disaster recovery, with the aim of reducing downtime of core systems, managing the regulatory and reputational impact as quickly as possible and quickly turn around back to business as usual.

What are the significant advantages that AI brings to cybersecurity? Can you provide any specific examples or use cases?

AI brings a wide variety of advantages to cybersecurity: automation, speed, scalability, enhanced detection, and generalisability. For example, our command line detection model can process billions of command lines and extract the most critical circumstances for human evaluation. Without AI, this scale demands rule-based systems that need immense manual upkeep. Our portable executable (PE) model enhances detections on executables by training on hundreds of millions of them, statistically learning insights that are infeasible to gain with manual binary analysis. In alert prioritisation, AI models can generalise by learning relationships between any number of potentially hundreds of features, while human analysts cannot write such complex alerting rules.

As AI is evolving rapidly, do you think the current regulations in the region adequately address the potential risks and concerns around AI in cybersecurity?

We are not experts in law, but from a cybersecurity perspective, attackers will use innovations in AI without regard for regulations. Limiting AI providers may create a temporary stopgap, but the ongoing democratisation of AI will make local, unrestrained models unenforceable. In the same way that we employ rule-based systems to stop known malware attacks, we will need AI-based systems to defend against emerging threats. The Sophos AI team is integrating the latest advancements in generative models to create novel defensive capabilities.

What is your theme of participation at GITEX Global 2023? Elaborate on the products/solutions that Sophos will be showcasing at the event.

Sophos is participating at GITEX 2023 to promote its advanced cybersecurity solutions (ACE Platform), including a large portfolio of endpoint and network products. With Sophos Managed Detection and Response (MDR) and Sophos Incident Response services, organisations are better protected against cyberattacks and can be more efficient/prepared to defeat phishing, malware, active lateral attacks, ransomware, and more.

Sophos provides a single integrated cloud-based management console, Sophos Central – the centrepiece of an adaptive cybersecurity ecosystem that features a centralised data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors.

The focus will be to highlight Sophos’ Cybersecurity as a Service capabilities, which is a combination of Sophos’ experts and tools provided as a service, that can help organisations of all sizes to deal with any cyberattack issues 24x7 365 days of the year. It helps organisations to have the right technology, people, and processes to effectively provide the active threat protection their business needs. It also helps organisations to proactively hunt for threats, scope their severity, initiate action, and provide actionable advice to address the root cause of incidents.