Move from cybersecurity towards cyber resilience, says expert

With the UAE and Gulf countries in the midst of a strategic transformation into a knowledge economy, embracing new technologies presents both an opportunity and a threat



Nicolai Solling, chief technology officer at Help AG - Supplied
Nicolai Solling, chief technology officer at Help AG - Supplied
by

Rohma Sadaqat

Published: Fri 24 Jun 2022, 6:17 PM

A hyperconnected world with key verticals of the economy integrated with and dependent on each other puts all IT systems in a shared risk of exposure and demands a comprehensive approach to move from cybersecurity to cyber resilience, explains Nicolai Solling, chief technology officer at Help AG.

“With a trusted security partner, sophisticated solutions, and best-in-class services, along with a transformed culture around cybersecurity, this journey can happen seamlessly for organisations in the long run – and the time to start on it is now,” he said. “As businesses in the region and around the world move to seize the opportunities offered by new technology, one of the pitfalls has been a false sense of security that has left them vulnerable to cyber attacks,” he added.

Citing Help AG’s State of the Market Report 2022, he revealed that cyber attackers in the UAE are becoming more professional and strategic in how they target organizations. Government entities are among the most targeted with the sector experiencing 37 per cent of recorded Distributed Denial-of-Service (DDoS) attacks last year. This was followed by the private sector, healthcare operators, financial companies, the education sector, energy and utilities companies, and the hospitality segment.

With the UAE and Gulf countries in the midst of a strategic transformation into a knowledge economy, embracing new technologies presents both an opportunity and a threat, Solling said. The vulnerabilities that governments are exposed to in the region, as per the State of the Market Report 2022, mirror global findings – be it in terms of DDoS attacks, cloud threats, ransomware or critical vulnerabilities in common applications.

“The resilience of governments and economies will depend on the collective action of businesses and individuals – which can only be achieved by creating a strong business continuity plan with cybersecurity controls at every step, along with having a well-structured incident response and recovery plan in place, coupled with acknowledging that cybersecurity is everyone’s responsibility,” he emphasized.

Recent years have seen a decisive shift towards telehealth and telemedicine, thereby increasing the risks for breaches of sensitive data and medical records, as well as putting the spotlight on how patient information is shared across employees, he added. Other unique cybersecurity dangers faced by the sector include remote attacks on healthcare facilities resulting in the takeover of medical devices and the denial of vital, life-saving services.

“Protecting the confidentiality and availability of information and securing the different entry points while replacing legacy systems must therefore be a top priority for companies in the healthcare sector,” Solling said.

Whether seeking a financial windfall or political leverage, banks and financial institutions are also leading targets of cybercriminals globally, and the UAE is no exception, Solling noted. The stakes are especially high in the sector since it is not just banks and financial systems that could be compromised, but entire economies that could be crippled or disrupted.

“It is therefore imperative for such institutions to ramp up their cyber vigilance, especially as the UAE and other Gulf countries move towards a digital economy and increasingly cashless transactions. Not embedding cybersecurity by design in the banking sector can not only compromise customer data and loyalty but recovering from such breaches can incur huge costs and be very difficult,” Solling cautioned.

Yet another core sector that needs to make cybersecurity a priority is education, he added. Cybercrimes seem to be gaining ground every year as schools and higher education increasingly embrace a hybrid model, with online systems being targeted, malware attacks holding up classes and even student safety coming under increasing attack. That is why it is imperative for educational institutions to adopt a comprehensive cybersecurity strategy that allows them to assess, defend, and respond effectively and in a timely manner without compromising user experience.

Lastly, as energy and utilities companies adopt digitalisation of technologies and operations with increased convergence of information technology and operational technology, they are faced with an expanding attack surface that continues to present entry points to their previously isolated systems, thus impacting their visibility and placing them among the most vulnerable sectors to cyberthreats.

“Oil and gas companies form a vital part of any national energy infrastructure, and they simply cannot afford to compromise on their digital security requirements,” Solling said. “In many cases, there could be a need to revamp the entire security estate with state-of-the-art technologies and ultimately change the approach to managing and mitigating cyberattacks by leading with AI-based threat detection and response.”

rohma@khaleejtimes.com


More news from Tech