Global CISO’s Build Strategies For ‘guarding The Digital Vault’ At GISEC 2021

DUBAI, (Pakistan Point News - 02nd Jun, 2021) International chief information security officers (CISOs) met to discuss and map out strategies to protect financial institutions from cyberattacks on the final day of GISEC 2021, the middle East’s most influential and connected cybersecurity event at Dubai World Trade Centre (DWTC).

The main stage discussion, chaired by Nathan Swain, former Security Advisor for the United Kingdom Government, explored different tactics in dealing with cyber threats.

Mohammed Darwish Aza, Chief Information Security Officer, Emirates NBD, said, "Threat intelligence is a key indicator of every feed that you have in the organisation. It helps us make decisions from a strategic perspective, and I believe one of the spaces that needs to improve is intelligence around third-party suppliers - seeing what their posture is on a day-to-day basis. Conducting a threat audit every year will not help you to understand what the overall defence is for your suppliers, and what the latest attack patterns are."

Viktor Polic, CISO, Head of Information Security and Assurance Services, International Labour Organisation, said that education would be critical.

He said, "If you look up at the sky at night, you see new satellites, which will one day be connecting the remaining 4 billion people on the earth, who are without internet – hyper-connectivity and Starlink. With people constantly trying to bridge the digital divide, even with AI and 6G, I think we are going to see quick adoption. We need to match innovation in technology with innovation in people."

A GISEC Inspire panel discussion highlighted the overarching challenges women face in the world of cybersecurity and explored what still needs to change in the industry.

Hessa Salem Al Nadhi, CISO, Department of Culture and Tourism - Abu Dhabi, highlighted the need for governments and the private sector to encourage women of all ages to explore careers in cybersecurity.

"The majority of women don’t consider cybersecurity as a career because they are not aware of the many opportunities in the field," said Al Nadhi. "Leaders and businesses need to empower both genders to enter the cyber world, whilst helping develop the skills of the younger generations and helping to close both the gender and the skills gap in the sector."

Inass Farouk, Marketing Director, microsoft UAE, said that only 24 percent of the global cybersecurity workforce is made up of women, according to the latest cybersecurity workforce study by (ISC)2, which shows that there is still a lot to do to attract more women into the industry.

Visitors to the GISEC main stage heard from Sudhakar Ramakrishna, President and CEO of SolarWinds, who discussed how the firm learned that threat actors were in its systems eight months before December 2020, when it was reported globally that the Orion security breach allowed thousands of its clients to be hacked.

According to Ramakrishna, attackers managed to get inside SolarWinds' build environment and place a backdoor in 2019, which was then wrapped into its legitimate software without detection. The updated software was distributed to as many as 18,000 organisations leading to follow-on attacks on about 100 companies and nine government agencies.

"As I am sure you will attest from certain recent attacks, no single company is immune to these attacks, especially if they are to be carried out by nation-states that are incredibly patient, incredibly persistent and who have many more resources available than any one company must protect itself."

Captain Khalid Tahlak, Head of Social Crime, Dubai Police, briefed GISEC visitors on how the public can safeguard themselves against a range of online scams. He highlighted how bogus charity campaigns, online blackmail and phishing attacks were all commonly used to catch out unwitting citizens. Tahlak asked the public to report cybercrime incidents at www.ecrime.ae.