By Islam Al-Sharaa
KUWAIT: Organizations need to focus on training and educating employees on the cyber risk front so that they are well equipped to spot malicious attempts and safeguard themselves. This will lead to better awareness amongst them on the cybersecurity front, said Assad Arabi, managing director, Trend Micro, Gulf Cluster, in an interview. Excerpts from the interview.
Question: How has the threat cyber security landscape changed in Kuwait in the post-pandemic world?
Arabi: In the last few years, there has been a surge in cybercrimes targeting Kuwait. It has been observed that the number and sophistication of cyber-attacks are growing at an alarming rate. Today organizations in Kuwait are being targeted with modern-day threats, and attackers are trying new ways to gain access and exploit systems.
The COVID pandemic has acted as a launchpad for a series of phishing and ransomware attacks. It encouraged threat actors to target organizations that adopted remote work culture, by exploiting their vulnerabilities. As per the figures from this past year's Trend Micro's Round-Up Report 2020 - The Constant State Of Flux, globally about 62.6 billion threats were blocked.
While in Kuwait alone our security solutions detected and blocked over 11 million email threats, prevented over 878,000 malicious URL victim attacks, and blocked over 5,000 URL hosts. These figures are staggering and highlight the fact that the threat landscape has and will keep evolving as the modern actors get stealthier with time in the digital era.
Question: What are the challenges that organizations are facing in securing their digital assets as they undergo digital transformation?
Arabi: Today, organizations in the country are in a state of transition, they are migrating to digital means of operations and have had to re-structure their growth strategies to match the new normal and accommodate accelerated digital transformation to be able to be a part of the game.
Whilst they are undergoing this phase it is required that they re-evaluate their security stance and strengthen it further. The new digital economy requires a robust cybersecurity framework for enterprises looking to create a lasting impact on the country's digital infrastructure. The migration to the cloud needs to be safeguarded through every phase of the process, as organizations continue their digital journeys.
Changes in the work landscape have also created new security led challenges for enterprises as remote and hybrid working models have become the norm. As per the Trend Micro report, the Smart Home Network (SHN) solutions blocked over 190,000 inbound and outbound attacks, preventing over 1.2 million SHN events. Hence, it is imperative to safeguard infrastructures and maintain normalcy whilst undergoing transformation.
Question: What are the types of trending cyber-attacks that organizations should be aware of?
Answer: For the enterprise fraternity, the wave of digital transformation has been more like a double-edged sword. The transition to digital means of operations has been complemented with a barrage of malicious threat attempts that aim to exploit assets within the enterprise.
Our Midyear Cybersecurity Report 2021- Attacks from All Angles, reveals organizations will have to stay vigilant across their environments - cloud, network, email, mobile, and endpoints. The trending types of threats include ransomware, advanced persistent threats, phishing, COVID-19 related scams, vulnerabilities in the cloud and the Internet of Things.
Question: What are new security solutions that organizations should adopt to be able to counter the evolving threat landscape?
Answer: The threat landscape is continuously evolving and hence there is a need for a holistic approach to be able to prevent it. Organizations need to focus on training and educating employees on the cyber risk front so that they are well equipped to spot malicious attempts and safeguard themselves. This will lead to better awareness amongst them on the cybersecurity front.
Also, a constant change in the threat landscape requires an equal countermeasure through a sturdier and multi-layered cybersecurity strategy incorporated by security teams. Technologies like XDR will provide an enhanced scope of visibility, heightened threat intelligence, and extended detection and response capabilities through each layer of an organization's IT environment. Continuous risk assessment using Zero Trust solution need as well to be adopted to make sure hybrid workforces are secure and able to perform their function properly.