Global CIO Forum in association with Spectrami hosted a virtual summit titled, When Even Hunters are being Hunted: Predictive Cyber Defense against the Inevitable. The event was supported by Menlo Security, Securonix, Seclytics and CheckPoint. The event was held on 16 February.
2020 has changed the cyber threat landscape for all organisations. Opportunistic threat actors used the chaos of 2020 as a ladder and targeted organisations globally. The sophistication level has reached a point where even the IT and cybersecurity industry are getting breached. IT researchers predict this trend will continue in 2021 and beyond.
The event being held for the second year in a row, was opened by Hardeep Singh, Business Unit Lead, Spectrami. The welcome address for the virtual summit was delivered by Anand Choudha, CEO, Spectrami, who thanked all the online attendees across the Gulf region for their participation.
As we progress through the post pandemic times, and adapt to the new normal, we are seeing signs that all is not normal as yet. In the past 12 months, the number of cyber security incidents has shot up by 250%, partially due to remote workers exposing vulnerabilities in corporate networks, Singh pointed out. The theme of this virtual summit was therefore to invite industry vendor experts to present their solutions on how to use predictive cyber defence solutions.
In the first session, Mohammed Almeshekah, Founder and Managing Partner of Outliers Venture Capital, in conversation with Sarfaraz Kazi, CTO of Spectrami, pointed out, there have been successive of waves of cyber security trends starting from 2005 onwards. Across all these years, cyber security solutions have been hampered by a high signal to noise ratio.
Despite increasing sophistication in artificial intelligence and machine learning, Almeshekah stressed that cyber security remains partly a science and partly a craft. Managing a security operations centre as well as, zero-day remediation, will always require skilled workers, and their craft skills, and can never be fully automated. A key trend to watch out for in the coming months will be machine language adapted to boost the efficiency of cyberattacks or adversarial machine learning.
In the next session, titled Zero Trust Internet, Moving Beyond Almost Safe, Kowsik Guruswamy, CTO of Menlo Security, drilled down into the security challenges associated with digital transformation. Guruswamy pointed out that most organisations are now resigned to the fact that cyberattacks will happen.
The source of 90% of all cyberattacks stem from Internet and websites and email. By continuously increasing the security around Internet and websites, a tradeoff is finally reached between declining user access and user experience, and increasing security walls.
Augusto Barros, Vice President of Solutions at Securonix, presented the next session titled Improving SOC Effectiveness Using Behavior Analytics and Machine Learning Technology. Barros presented the impact of unsupervised and supervised machine learning on the policies of security operation centres.
The next session was, You Are Doing Predictive Threat Intelligence Wrong, presented by Saeed Abu-Nimeh, Founder and CEO at Seclytics. Abu-Nimeh pointed out the globally, security operation centres are suffering from alert fatigue and alert overload. There are just not enough resources to go through all the alerts.
The recommended approach is to move away from low confidence, high false positives to high confidence, low false positives; and become more proactive instead of defensive in tackling threats. Seclytics is also building profiles of threat actors using indicators of compromise.
In the last vendor presentation session, Neatsun Ziv, Vice President Threat Prevention at CheckPoint, stated that across the last few years there have been multiple wake up calls about large-scale vulnerabilities. There have been four generations of attacks and protection. CheckPoint has identified 500+ global threat actors, out of which 90% of them stage low volume, high impact attacks.
Three top CISOs participated in the panel discussion moderated by Sarfaraz Kazi, CTO of Spectrami. These included Saghir Ahmed Khan, Leader Security Operations Center at SABIC Saudi Arabia; Sameer Shaikh, Managing Director, Middle East and Africa, Galaxkey; and Ahmed Hassan Al Lawati, Section Head, Information Security, Ooredoo Oman.
The panel pointed out that the pandemic changed a normal way of life into an abnormal one in literally seconds, and this has finally led to a new normal. Being incharge of cyber security, CISOs were forced to make some relatively scary decisions to adapt to the challenges of the pandemic. Moreover, CISOs see many things, which their colleagues in an organisation do not see.
The pandemic has forced many people into joblessness who have either turned to cyber-crimes to earn a living or are working out of their homes for a living. CISOs need to revisit and reassess their complete risk landscape and security controls. Control needs to be reshuffled from network centric architecture to remote centric and end point centric architectures.
The threat attack landscape is continuously evolving and everything is changing. CISOs cannot follow the new normal, since that means they are not doing anything. In fact, in the new normal, CISOs should prepare the organisation and stakeholders on how to manage a breach, and focus on what to do after the breach.
In order to raise the awareness levels of the impact of cyberattacks, and the need to protect security budgets, shareholders can be exposed to mock attacks like compromising their mobile devices and social media accounts.
The event concluded with a highly interactive quiz, conducted by Hardeep Singh, around the topics of discussion in today’s virtual summit. The total prize money was $500 in Amazon vouchers. A number of interesting questions were also answered by the panelists across the two hour long virtual summit.