Dubai: With cyber security, these days it’s not any longer about how good the prevention is, but how soon can threats be detected. And responded to.
“Today, most cyberattacks cannot be prevented - they are far too stealthy, targeted and advanced,” said Hani Nofal, Vice-President of Digital Infrastructure Solutions at GBM, the longstanding IBM partner for the region and one of the biggest IT services entities. “So, there has been a shift from focusing on prevention to recognizing the importance of detection and response mechanisms.
“The complexities of the digital ecosystem, technology stack, IT and OT convergence, and evolving threat landscape have made it difficult for CIOs and CISOs to tackle these challenges. Even with scaled up cyber defenses.
“Tackling the aforementioned risks has become increasingly more complicated, time-consuming, and demands specialized skilled and certified cyber security professionals. The cyber security skill gap is still one of the biggest problems organizations today are facing when trying to respond to ever evolving, sophisticated cyber-attacks.”
GBM hopes to provide some relief through its new ‘GBM Shield’ mechanism, which has the ‘ability to anticipate, detect and respond to cyber threats’, the official adds. “The program offering is risk-driven rather than technology-driven, augmenting existing technologies to increase return on investment and enhance security posture,” said Nofal.
The launch comes just a month after GBM acquired a majority stake in Coordinates Middle East, a managed detection and response firm headquartered in Dubai. GBM Shield will be powered by Cor., the Coordinates’ platform.
“Although most of our customers are enterprise customers, these solutions can be applied across the board,” said Nofal. "GBM Shield enables all types of organizations to monitor, detect, respond and prevent cyber threats and achieve business resiliency."
The underlying issue is that these attacks are highly sophisticated, adaptable, and the attackers are always one step ahead. Therefore, traditional security practices which used to work before are no longer sufficient.
“Our goal is to provide customers with the required cyber security expertise, improve the organization’s security posture, comply with regional regulatory compliance requirements and offload the heavy-lifting, tedious task of monitoring and responding to cyber security incidents. So that organizations are ready to meet the evolving cyber threats that the future holds.”
If 2020 was the year of increased and targeted threats as work shifted from offices to WFH, the years since have not seen much of a let up in cyber breaches. Ransomware has become ‘very prevalent’, and according to IBM’s 2022 Threat Force Intelligence Index, ransomware and server access attacks were the top attack types observed in the Middle East, ‘each representing 18 per cent of attacks’.
Ransomware was also the dominant attack type observed across cyber incidents in the UAE. “There have also been alarming cases of supply chain hacks, such as through vendors, thus vetting third-parties is becoming more common,” said Nofal. “More recently, cybersecurity maturity is appearing in business RFPs (Request for Proposals). With a highly connected digital supply chain, the expectation is that organizations will not become threat vectors to business partners.”