Comprehensive Digital Risk

Protection with Cyble Vision

Capabilities 

Darkweb and Open Internet Monitoring Cybercrime Intelligence

Compromised credentials Advisories on 400+ threat actors and

Sensitive data leakage 700+ malware operators
Executive brand protection monitoring Monitor 80% of Cybercrime markets
Open-Source Intelligence Cybercrime conversations/mentions
in forums and markets

Attack Surface Detection & Brand Reputation Monitoring (DRPS)

Hunting (DRPS)
Fake/Typo Squatted Domains and
Public facing assets Fake Content
Vulnerable assets Fake Domains and Fake Content
Code Leakage (e.g Fake app detection
GitHub/bitbucket) Phishing URLs
Cloud buckets S3, Azure Take downs
Malware campaigns Social media monitoring

Third Party Cyber Scoring Threat Intelligence

Vendor risk score IoCs
Derived from Darkweb, deep web, Security Advisories
attack surface, public breaches, Compromised Cards
disclosures, etc BINs
ATM PINs

© 2022 Cyble Inc. All Rights Reserved. contact@cyble.com l +1 678 379 3241 l www.cyble.com
TheCyberExpress 2
Know your
organization’s
Darkweb
Exposure
Make sure that your business
continuity, compliance and
operational availability is not
at stake

Scan QR code and get Secure your business

External Threat Profile using Cyble’s unified
Report customized for threat intelligence
your organization that platform that offers
includes: 6 unique capabilities and
32 research parameters
Overview of vulnerabilities in your
01 digital risk footprint to deliver 360-degree
intelligence
Risk assessment of your attack
02 surface and threat landscape

Unique Risk Score as per your

03 darkweb exposure

Critical information about your

04 leaked data and security posture
TO GET THE REPORT!

© 2022 Cyble Inc. All Rights Reserved. contact@cyble.com l +1 678 379 3241 l www.cyble.com
TheCyberExpress 3
 Contents

7
FROM THE EDITOR

Dubai Cybersecurity
Strategy

10
THE COVER

The Cybersecurity Hub

of the Middle East

22
CYBERVILLE

Taking Control of the Human

Mind: How Close are Hackers
to Brainjacking?

TheCyberExpress 4
 32
DIGEST

How Cybersecurity in the

Middle East is Changing
the World

42
REGISTER

Over $1 Billion already

Cybersecurity Fines in 2022

60 70
INSIDER HOT SEAT

Anatomy of a Red Team You Cant Have Privacy Without

Operation Safeguarding Data

TheCyberExpress 5
 Editorial Management

Augustin Kurian Rajashakher Intha

Editor In Chief Head - Marketing & Sales
editor@thecyberexpress.com raj@thecyberexpress.com

Avantika Chopra Mir Ali

Senior Sub Editor Head - Partnerships
avantika@thecyberexpress.com mir@thecyberexpress.com
STAFF

Vishwa Pandagle Taruna Bose

Journalist Head - Digital Sales
vishwa@thecyberexpress.com taruna@thecyberexpress.com

Ashish Khaitan Ashish Jaiswal

Journalist Conference Manager
ashish@thecyberexpress.com ashish.j@thecyberexpress.com

Vittal Chowdry Priti Ojha

Senior Graphic Designer Content Strategist
vittal@thecyberexpress.com priti@thecyberexpress.com

Image credits: Shutterstock & Freepik

*Responsible for selection of news under PRB Act. Printed & Published by Augustin Kurian, The Cyber Express LLC.,
TheCyberExpress 6
The publishers regret that they cannot accept liability for errors & omissions contained in this publication, howsoever caused. The opinion & views contained in this publication are not necessarily those of the publisher.
Readers are advised to seek specialist advice before acting on the information contained in the publication which is provided for general use & may not be appropriate for the readers’ particular circumstances. The
ownership of trade marks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system, or transmitted in any form without the permission of the publishers
in writing.
 From The
Editor’s DESK
Augustin Kurian
Editor In Chief
Dubai is the center of the world and, in
terms of innovation, has been serving
as a guiding light. Additionally, there
has been a renewed understanding of
cyber threats, and the emirate has taken
cybersecurity more seriously than ever.
More recently, the United Arab Emirates
unveiled a comprehensive plan to
reform its cybercrime and cybersecurity
ecosystem. It aims to recognize the
increasing technological advancements
affecting the country’s development and
the limitations that need to be set to
prevent attacks.
In addition, various organizations in the
country have also started to understand
the risks that their cyber infrastructure
poses. The Dubai Cybersecurity
Strategy launch in May 2017 marked a
turning point in the city’s evolution from
being a business destination to becoming
a leader in cybersecurity.
The strategy was launched by His
Highness Sheikh Mohammad Bin
TheCyberExpress
Rashid Al Maktoum, Vice-President
and Prime Minister of the UAE and
Ruler of Dubai. During the launch, His
Highness praised the country’s high
ranking in providing security for its
citizens and organizations. This is due
to the continuous efforts of the federal
and local governments to establish a
secure environment. The importance of
cybersecurity has become an essential
part of the digital age as the world has
become more interconnected with the
rise of smart technologies, he noted.
Developing effective strategies and
methods to maximize the benefits of
technology is also essential to ensure that
the country is ready to face any challenges
that may arise due to its use.
As The Cyber Express begins our
journey with Gitex Global 2022 with the
preview launch of our magazine, we are
here to be the biggest spectators of what
is in store for Dubai and the Middle East.
Every step in the right direction here will
be resonated across the world.
7
TheCyberExpress 8
TheCyberExpress 9
 THE COVER

The
Cybersecurity
Hub of the
Middle East
TheCyberExpress 10
- By The Cyber Express Editorial

G
ulf Business Machines (GBM) in With cybercrime becoming more sophisticated
September announced the acquisition and common, organizations that have, or are
of the majority of shares of Coordinates invested in, an online presence is beefing up
Middle East, a regional managed detection and security. Businesses are quick to spot the
response firm headquartered in Dubai. opportunity, the latest being Redington Value,
which launched its managed security services
Mergers and acquisitions are great indicators brand ‘DigiGlass by Redington’ in September.
of sector growth and maturity, says business
wisdom. GBM is the latest in the long list of firms
drawn to the opportunities in cybersecurity that
Dubai has to offer.

TheCyberExpress 11
 THE COVER

According to the launch statement, the company

planned to address “the evolving cybersecurity
demands of the rapidly burgeoning digital
economy”. And data protection leads the list of
these demands, pointed out Dr. Lt. Col. Hamad
Khalifa Al Nuaimi, Head, Telecommunications
Division IT Center, Abu Dhabi Police.

Data is the most

important asset
today and the
current initiatives for
security awareness
are not reaching
to the grassroot
levels of protecting
data. Nobody can
succeed by themselves
in the fight against
cybercrime. We need
trusted partners from
the private sector
to support citizens
and educate them
on staying alert and
engaged,

TheCyberExpress 12
 Rising region
Cybersecurity often takes a reactive
approach, taking action only after a security
breach or vulnerability is discovered. With
cybercrime and hacking leaving a significant
impact on society, countering such efforts
comprehensively through a coordinated and
expedited legal framework and the importance
of staying ahead of threat actors were both a
need and an opportunity.

The proactive administration of the United

Arab Emirates unveiled ambitious plans to
reform its cybersecurity and cybercrime
ecosystem, recognizing the accelerating
impact of new technologies on development
and the counterbalance limits that need to be
imposed to prevent cyberattacks.

Meanwhile, individual organizations also

set out to understand the risks their cyber
infrastructure poses to their operations and
better ways to defend against cyberattacks.
Human error undoubtedly plays a role in
facilitating cyberattacks, so training and
awareness efforts became powerful tools that
organizations started to use to reduce their
vulnerability to common attacks techniques
such as phishing.

TheCyberExpress 13
 THE COVER

Dubai’s position
as a world leader
in innovation,
safety and security
and manage
cybersecurity
risks among
establishments and
residents in Dubai

The UAE cybersecurity market is projected to Rise in enterprise malware and phishing
grow at a formidable rate in the coming five threats and surge in demand for cloud-based
years, said a report published by Research cybersecurity solutions have also boosted the
And Markets. The report attributed growth demand for the UAE cybersecurity market.
to rising cyber threats across organizations
and the increasing need to protect important Growing interest of market players in
documents and data from various types of developing new e-commerce platforms and
threats such as malware, ransomware, among internet security solutions based on artificial
others. intelligence platforms also contributed a
fair share. Companies in the manufacturing,
Also, technological advancements such banking, financial services, insurance, and
as integrated security solutions and healthcare sectors are increasingly adopting
nextgeneration security solutions and security solutions.
increasing adoption of advanced technologies
such as artificial intelligence and Internet of Being the business hub naturally propelled
Things has contributed to the growth of the Dubai as the center of cyber innovation,
UAE cybersecurity market. business, and investment.

TheCyberExpress 14
Turning point
The turning point in Dubai’s journey from
just a business destination to cybersecurity
leadership happened in May 2017, when His
Highness Sheikh Mohammad Bin Rashid Al
Maktoum, Vice-President and Prime Minister of
the UAE and Ruler of Dubai launched the Dubai
Cybersecurity Strategy, with the declared aim of
strengthening cybersecurity in the region.

TheCyberExpress 15
 THE COVER

The strategy involved the

implementation of main
domains.
Cyber Smart Nation Cyber Resilience
In order to create a society that is fully aware The fourth domain, cyber resilience, will
of the risks of cybercrime and to develop the concentrate on preserving cyberspace’s
skills and capabilities necessary to manage adaptability and guaranteeing the continuity
those risks among government and private and availability of IT systems in the event of any
institutions and individuals in Dubai, the first cyberattacks. It will also put a strong emphasis
domain of Cyber Smart Nation is intended to on offering a forum for information sharing,
increase public awareness of the significance assistance in managing incidents involving
of cybersecurity. cybersecurity, and cutting-edge defenses
against threats.

Innovation
The second domain, innovation, is focused
on encouraging innovation in the emirate of
Dubai through scientific research in the area
of electronic security and the creation of a free,
open, and safe cyberspace.

Cybersecurity
The third domain, cybersecurity, strives to
create a secure cyberspace by putting in place
rules to safeguard data privacy, confidentiality,
and availability.

TheCyberExpress 16
TheCyberExpress 17
 THE COVER

National
and International
Collaboration

The national and international collaboration

domain is to build local and international
partnerships to strengthen global and local
frameworks of collaboration with various
sectors to address risks and dangers in
cyberspace. One of Shaikh Mohammed’s
key goals was to promote local collaboration
because, in order to compete with the world’s
most developed nations, one must only have
the necessary skills and business strategies.

The strategy, aimed at staying abreast of

the global technological progress, the scale
of digital transformation Dubai underwent,
and the accompanying challenges and risks,
planned to achieve it by uniting the efforts of
the government and private sector.

Going by the current numbers, the effort has

been immensely successful.

TheCyberExpress 18
TheCyberExpress 19
 THE COVER

...
Forging ahead
Dubai currently boasts the presence of
cybersecurity divisions of technology
majors including IBM Middle East, Oracle
Systems, Microsoft Gulf), AWS Dubai,
Juniper Networks, Cisco Middle East,
Broadcom, and Palo Alto Networks.

Deloitte and the Cybersecurity Council (CSC)
signed a Memorandum of Understanding
(MoU) in March this year to work together
in supporting the Cybersecurity agenda in
the UAE.
As part of the MoU, Deloitte will support
CSC with CERT guidelines, cyber training,
cybersecurity strategy as well as establish
a child online protection framework,
among others.
Global pure play cybersecurity companies
such as CyberArk, Fortinet, etc. are some
of the top names in the sector that calls
Dubai their hub. The booming business
has also paved the way for several
homegrown cybersecurity businesses.
The latest list of “Top Cybersecurity
Companies in UAE’’ compiled by trade
website GoodFirms has 73 firms, of which
52 are based in Dubai. What makes it
attractive for cybersecurity firms to set
shops in Dubai?

TheCyberExpress 20
 High demand
As mentioned above, both public and private organizations are currently planning
to increase their investment in cybersecurity protection and training. This means
there is always demand for cybersecurity business or service.

Nominal tax
Dubai is well-known for being a favorable business jurisdiction, offering great
perks to innovative companies. Also, free zones like the Meydan Free Zone have a
corporate tax rate of 0%. This means the business can sustain more profits.

Interesting jobs
With so many demanding large companies in Dubai, there is an opportunity to
support complex organizations with long-term, intellectually stimulating contracts.

Government support
The UAE government and the Dubai emirate administration has been introducing
and updating cybersecurity standards for public sector organizations. The
administration has continuously demonstrated its full participation in promoting
cybersecurity.

The ecosystem
Dubai is an internationally recognized tech hub. This means working closely
with many other top companies that can provide the support services, staff and
hardware needed for cybersecurity businesses in Dubai.

TheCyberExpress 21
 CYBERVILLE

Taking Control of the

HUMAN MIND
How Close are HACKERS to

BRAI NJACKI NG?

- By Avantika Chopra, Senior Sub Editor, The Cyber Express

Brainjacking involves hacking into the surgical implants connected

to the human brain to create a brain-computer interface – direct
communication between an external device and the brain’s electrical
activity.

A
t the age of 16, filmmaker Christopher
Nolan fantasized about the art of mind
control. It took him almost ten years
to pen down his vision and bring it to life
with the release of the science fiction action
film ‘Inception’ in 2010. The movie starring
Leonardo DiCaprio kept its viewers hooked till
the last minute with the make-believe concept
of “dream invaders” who stole the information
by infiltrating the subconscious of their targets.
The film’s ingenuity won praise worldwide
and brought into perspective the unexplored
possibility of hijacking the human mind.
In the form of illusions, hypnosis or machines,
experts from varied fields have imagined
developing ways to stimulate and control the
human mind. However, hacking the mind has
equally intrigued the world of cybercrime,
giving birth to “Brainjacking”.

TheCyberExpress 22
TheCyberExpress 23
 CYBERVILLE

What is brainjacking?
Brainjacking -- combined with the words brain
and hijacking – isn’t as whimsical as one would
want to believe. It can be understood as the
exercise of unauthorized control of another
individual’s electronic brain implant. Termed
illegal, brain jacking involves hacking into the
surgical implants connected to the human
brain to create a brain-computer interface – “This is the first time scientists have been able
direct communication between an external to identify a patient’s brain cell code or pattern
device and the brain’s electrical activity. for memory and, in essence, ‘write in’ that
code to make existing memory work better,
With increased cyber-attacks on the healthcare an important first step in potentially restoring
sector and the ease at which medical implants memory loss,” lead author Robert Hampson at
such as pacemakers and insulin pumps have Wake Forest Baptist stated in the report.
been compromised, brainjacking has emerged
as a new threat to target and exploit the To understand the severity of brainjacking, it is
implants technology. essential to know how hackers can exploit it.

The concept of facilitating human memory was Deep Brain Stimulation

proven as early as 2018. In a breakthrough
study published in the Journal of Neural
Engineering, a team of researchers was able
to boost the ability of individuals to create
memories. The experts worked with human
volunteers, and extracted-encoding electrical
signals for the study as the subject performed
a memory chore. On re-injecting the signals,
the performance was boosted by almost 37%.
The cyberpunk action film ‘Upgrade’ broadly
defines the concept of deep brain stimulation
(DBS), a neurological process where implanted
electrodes and electrical stimulation are used
to treat movement disorders. The movie follows
the life of Grey Trace, an auto mechanic who
suffers paralysis after being shot in the neck.
Struggling as a wheelchair-using quadriplegic,
Trace decides to insert an artificial intelligence-

TheCyberExpress 24
based chip ‘STEM’ in his body and is finally able
to regain control of his motor functions.

While DBS works on a similar concept, it

is far less dramatic than the film’s plot.
Often doctors use the DBS to tackle various
movement disorders such as Parkinson’s
disease (PD), essential tremor, dystonia,
and other neurological conditions when the
medicinal treatment becomes less effective, or
the response is slower than expected.

In movement-related disorders, patients

experience neurological conditions caused
by disorganized electrical signals in that area
of the brain which controls the movement.
With the help of DBS, neurosurgeons can
target those regions of the patient’s brain with
varied stimulation to increase control. This
allows them to efficiently tackle the distressing
symptoms of patients as DBS disrupts the
irregular signals that trigger movement
disturbance.

TheCyberExpress 25
 CYBERVILLE

Gaining access and control of the human brain with

wireless stimulators may have severe consequences
when exploited with malicious intent.

TheCyberExpress 26
 When it comes to DBS, this is precisely
what experts fear. As advantageous as the
treatment may be for patients suffering
from a movement disorder, the stimulation
generates endless opportunities for those
intending to exploit it. In a ‘neurosecurity’
breach, a threat actor would target an
individual with a neurostimulator to gain
control of the device.
After understanding the patient’s brain signals
and movement better, doctors implant
leads (wires) in the brain connected to a
compact electrical generator, known as the
neurostimulator, inserted and placed under
the collarbone. It is through this system that
pulses of electric current are passed through
the neurostimulator to the patient’s brain. In a
‘neurosecurity’
However, gaining access and control of the
human brain with wireless stimulators may breach, a threat
have severe consequences when exploited actor would
with malicious intent.
target an
The darker side of DBS individual with a
neurostimulator
Most sci-fi and animation fans would agree that
great discoveries, in the hands of a malicious to gain control of
actor, often lead to evil outcomes, whether it
the device.
was Mojo Jojo from The PowerPuff Girls, Doctor
Octopus in Spiderman or Thanos in Avengers:
Infinity Wars, who nearly wiped out half of
the life in the universe by simply snapping his
fingers.

TheCyberExpress 27
 CYBERVILLE

The growing market causes of mortality worldwide, leading to

13.2% of deaths in developed countries and

In the coming future, the global market size 16.8% in low- and middle-income countries,

of brain implants is expected to reach $8.29 creating an urgency to incorporate long-term

billion by 2025 at a compound annual growth solutions that include spinal cord stimulators

rate (CAGR) of 9.1% from 2021 to 2028, with and deep brain stimulators, the report stated.

neurological disorders being the primary Moreover, US Brain implants have proven

drivers. to play a crucial role in assisting people and

providing them with providing therapeutic

According to a market report by Grand View solutions for depression. Thus, adding

Research, an evident increase in neurological relevance to the advancement in neural

conditions such as Parkinson’s disease, implants.

Alzheimer’s, and epilepsy combined with a

rise in awareness among people regarding the However, the high number of people using

benefits of brain implants and their positive the implants also increases their vulnerability

outcomes has led to the overall growth of the and susceptibility to attacks where a hacker

market. could compromise the wireless system of the

implants and harm the patient.

The World Health Organization termed

neurological disorders among the major

TheCyberExpress 28
 BRAINJACKING
How hackers can take advantage

With the growing demand for neural implants worldwide, it is essential

to understand how malicious actors can misuse them. A researcher by the
Oxford University Functional Neurosurgery Group and cybersecurity software
company Kaspersky studied existing neurostimulators and supporting
infrastructure to highlight vulnerabilities that hackers could exploit.

• Unencrypted data transfer: With the data not being encrypted, it becomes
easier for hackers to access any transfer of information between the
programming software, the implants, and any interlinked networks.
According to the report, this vulnerability leaves not just the patient’s
implant open to access but also those connected to the same infrastructure.

• Device Protection: Due to the crucial role the implant plays in the well-
being of the patient, it is essential for devices and their security measures
to be comfortably accessible to the physician, especially in times of
emergency. Moreover, due to this aspect, the devices need to be fitted
with a software ‘backdoor’ that makes them more vulnerable to attacks.

• Exposed and insecure inter-connected infrastructure: As per the study,

exposed interlinked online management platforms, often used by
healthcare teams and departments, pose a serious threat to the security
system as they are vulnerable to attacks and can be exploited by hackers.

• Medical staff: Like in most organizations, it is essential to train the staff to

secure critical patient information. However, the research revealed that in
many medical firms, programmers installed with critical software could be
easily accessed with stored passwords, had various apps downloaded on
them and were used to browse the internet.

TheCyberExpress 29
 CYBERVILLE

How real is the threat?

Several movies, series, and games alike have
explored the more profound and darker
concept of brainjacking and how easily a
hacker could gain access to the devices and
manipulate them to their advance; however,
despite cybersecurity vulnerabilities in
neurostimulators being deemed as a potential
threat, there haven’t been incidents confirming
the misuse.

“Broken Hearts”, the tenth episode in the

second season of the Homeland series,
featured a similar concept where a hacker
could assassinate the United States vice
president by accessing his pacemaker and
controlling his heart.

Interestingly, former Vice President Dick

Cheney had gotten the wireless feature of
his pacemaker implants disabled in 2007.
Cheney spoke about the potential threats in
an interview with CBS news in 2013. “I found
it credible,” Cheney said, talking about the
episode. “Because I know from the experience
we had and the necessity for adjusting my own
device that it was an accurate portrayal of what
was possible.”

TheCyberExpress 30
 However, according to a 2022 report
by American news agency United Press
International, the FDA to date has not received
any incidents of “deliberate or intentional
compromises of medical devices due to cyber
exploits.”

The concept, in theory, and practice, is yet to

advance to a stage where an individual’s mind
can be fiddled with to the extent of distorting
or wiping brain memory. So, though brain
jacking isn’t Michel Gondry’s movie ‘Eternal
Sunshine of the Spotless Mind’, where the
couple decides to erase one another’s memory
after their relationship turns sour, it sure poses
a severe threat to individual autonomy in the
near future.

TheCyberExpress 31
 DIGEST

How
Cybersecurity
in the Middle East
is Changing the
World

- By Ashish Khaitan, Journalist, The Cyber Express

TheCyberExpress 32
 The Middle
East welcomes
diversity in
employment, as
94% of women in
the region would
be interested in
pursuing a degree
in cybersecurity.

TheCyberExpress 33
 DIGEST

witnessing a shift in focus on one particular

Middle East is looking at area: cybersecurity. The cybersecurity trend
growth in cybersecurity is undoubtedly unfolding across the region,
from USD 20.3 billion in 2022 with extraordinary and more influential things
expected to come out of the Middle Eastern
to USD 44.7 billion by 2027.
nations.
With a Compound Annual
Growth Rate (CAGR) of
17.1% during the forecast
period, these numbers are
significantly higher than the The rise of
global average, making the
Middle East the ideal region cybersecurity in
for investing in cybersecurity
ventures. the Middle East

The Middle East is a hotspot for investment in

cybersecurity. With the region’s digitally driven
transformation, technological innovation,
and the rise of a thriving global sector, it’s no
surprise that many companies are investing
in cybersecurity initiatives to keep their
operations safe from cyberattacks. The Middle
East is developing into a future cybersecurity
hub and is estimated to generate $1.3 billion
in revenues, which will deploy employment
opportunities in the region.

Today, the Middle East is among the world’s

most exciting and expeditiously changing
regions. Plagued with many challenges due to
its history, many nations in the Middle East are

TheCyberExpress 34
A
s the world is becoming increasingly
digitized, the issue of cybersecurity
has taken on new importance.
Nowhere is this truer than in the Middle East,
where several recent high-profile hacking
incidents have placed the region’s security
squarely in the spotlight.
Middle Eastern nations are investing
significantly in cybersecurity in response to
these attacks. In addition to benefiting the
local economy, this might change the world
and make it a better place for businesses
to grow, further enhancing the region’s
employment and development.
As the Middle East prepares for burgeoning
cybersecurity, especially when Israel is
expected to become the best market for
cybersecurity investment in the next five
years, several significant changes in the way
that the internet will be used and governed in
the region can be anticipated. For one thing,
increased cooperation between countries in
the region on security issues could lead to a
more secure internet for everyone.
Increasing the usage of encryption and other
security technology in the area is another
aspect the Middle East plans to focus
on. This will assist in preventing hackers
from accessing both private and public
data. Moreover, with greater emphasis on
spreading cybersecurity awareness, people
will be capable of defending themselves from
attacks once they are more aware of the
dangers associated with using the internet.
TheCyberExpress
According to a recent study, the Middle East
is one of the most active regions in the world
concerning cybersecurity. The Middle East
Cybersecurity Market by Component
(Solutions and Services) found that the
region is projected to grow from USD 20.3
billion in 2022 to USD 44.7 billion by 2027.
With a Compound Annual Growth Rate
(CAGR) of 17.1% during the forecast period,
these numbers are significantly higher than
the global average, making the Middle East
the ideal region for investing in cybersecurity
ventures.
The study also found that the Middle East is
home to some of the most advanced cyber
attacks in the world. There has been a spike
in attacks targeting the region’s critical
infrastructure and industrial facilities. These
attacks are designed to disrupt operations
and can have devastating consequences.
The 2021 national fuel network attack on
Iran and the data leak of the Israeli LGBTQ
dating app Atraf are just some of the attacks
faced by the Middle East.
The good news is that awareness of
cybersecurity threats is growing in the
Middle East. Governments and businesses
are beginning to invest more in cybersecurity
solutions and training. This is essential
to protecting critical infrastructure and
ensuring that companies can operate safely
and efficiently in the digital age.
35
 DIGEST
How data
and PRIVACY
laws work in
the MIDDLE EAST
In the Middle East, data and privacy laws
vary from country to country. However, there
are some commonalities among them. For
instance, most countries in the region have
laws requiring companies to disclose data
breaches to customers or face stiff penalties.
This is a positive development, as it encourages
companies to be more transparent about
their data security practices. It also helps to
raise awareness of cybersecurity risks among
consumers.
TheCyberExpress
Another commonality among Middle Eastern
data and privacy laws is the requirement
for companies to take steps to protect user
data from unauthorized access. This includes
implementing strong security measures such
as encryption.
The trend toward more robust data and
privacy laws in the Middle East is positive. It
will help improve cybersecurity for businesses
and consumers in the region.
36
TheCyberExpress 37
 DIGEST

TheCyberExpress 38
 Jobs and opportunities in
cybersecurity in the Middle east
With the ever-growing importance of
cybersecurity, jobs in this field are in high
demand – especially in the Middle East. Due
to the region’s political and social landscape,
there is a heightened need for cybersecurity
experts who can help protect against various
threats.
The governments of Middle Eastern nations
are also discussing several initiatives, such as
Dubai Internet City (DIC) and the KSA Vision
2030, that will increase the demand for
cybersecurity experts by connecting various
services in future smart cities, putting the
Middle East region on the cusp of significant
digital upheaval.
TheCyberExpress
The use of technologies such as IoT and
blockchain will also increase, and the massive
employment outbreak for women and men
worldwide will bridge the gap between talent
and opportunities.
There are many opportunities available for
cybersecurity specialists in the Middle East,
and the work can be truly impactful in a
region that is often at the forefront of global
events. With an international approach from
workers worldwide, companies in the Middle
East are expected to make a difference on a
global scale very soon.
39
 DIGEST

Participation of women in
cybersecurity in the Middle East

In recent years, the Middle East has seen
a significant shift in the way the women
workforce is approaching the cybersecurity
landscape, with more and more women taking
up essential roles in the industry.
The growing participation of women in the
field is a result of increased awareness of the
importance of cybersecurity in the region.
Since the Middle East has been beset with
multiple cyberattacks almost every year, it is no
wonder that women are taking up important
roles in organizations and helping them to
protect their data and online assets.
women represent only 11%of the workforce
in cybersecurity, ZAWYA reported that 94% of
women in the Middle East would be interested
in pursuing a degree in cybersecurity. The
upcoming technological phase will surely
change the women’s employment ratio in the
security sector.
The founder and CEO of Secure Diversity
(Previously Brainbabe) in an interview said, “The
unfilled cybersecurity jobs aren’t just a staffing
issue; they’re a matter of national security, and
women can help us solve the problem quickly.”

In addition, there are more opportunities for

women to enter the field as the region has
become a hotbed for cyber-attacks. There is
a demand for more qualified cybersecurity
professionals regardless of gender because of
the rise of cybercriminals targeting businesses
and critical infrastructure.

This has led to calls for more significant

investment in cybersecurity and for more
women to be involved in the sector. Though

TheCyberExpress 40
 There are several reasons why women make great cybersecurity professionals. Firstly, they
tend to be excellent at multitasking and have a keen eye for detail in some instances, reports
BBC. Secondly, they are often better at communication than their male counterparts, which
is essential in coordinating complex response efforts in real-time incidents, stated a report by
Glasgow University professor Gijsbert Stoet.

Finally, perhaps most importantly, women are often empathetic towards people, businesses,
and problems. This is a valuable quality in cybersecurity, as it allows them to understand better
the mindset of attackers and how to protect their clients or employers with the best strategies.

TheCyberExpress 41
 REGISTER

OVER $1 BILLI
CYBERSECURITY FINES IN 2022

- By Vishwa Pandagle, Journalist, The Cyber Express

To curb the increasing cyber threats, federal agencies worldwide

have imposed severe fines on cybersecurity offenders, with the
highest penalty going up to $500 million. Here, read about the
heavy fines imposed on businesses that did not comply with the
regulations in 2022.

TheCyberExpress 42
ION ALREADY
The United Nations Conference on Trade
Spain’s data protection and Development (UNCTAD), which
agency, the Agencia looks after world trade investment and
Española de Protección de development, outlines that out of 194
countries, 137 have legislation to handle
Datos (AEPD) imposed a fine data and privacy protection. These
of 2 million euros on Amazon bodies inspect the cause of cybercrime

Road Transport Spain S.L. in companies and decide whether it

deserves a penalty.
for violation of articles of
the GDPR. Amazon Road This article lists down the biggest fines

Transport was penalized for on businesses and companies in the year

2022 and other notable cases to highlight
asking the criminal records issues related to the user data breach.
of its employees.

TheCyberExpress 43
 REGISTER

TheCyberExpress 44
CYBERSECURITY FINES IMPOSED ON
BUSINESSES IN THE YEAR 2022
Cybercriminals threaten the security of
businesses by hacking into networks and
stealing user data, login credentials, sensitive
information, financial data and more. When
such data breaches come to the fore, it impacts
the company’s reputation, the users whose
information has been exploited and data
protection agencies.
1. 2 million euros on Amazon Road
Transport improper data handling. The Hellenic Data
Spain’s data protection agency, the Agencia
Española de Protección de Datos (AEPD)
imposed a fine of 2 million euros on Amazon
Road Transport Spain S.L. for violation of
articles of the GDPR. Breaching the GDPR
Articles 6 (1) and Article 10, Amazon Road
Transport was penalized for asking its
employees for their criminal records..
This violated the protocol for processing
personal data. Amazon’s truck drivers
were asked to submit their record files
TheCyberExpress
during the hiring process, which was taken
up to legal agencies by a representative
of the general union of workers.
2. 3.25 million euros on OTE Group
Two individual fines were imposed on two
companies namely OTE Group and Cosmote
Mobile Telecommunications S.A. that were
connected owing to data breaches and
Protection Authority (HDPA) in Athens,
Greece, imposed a fine of 3.25 million
euros on OTE Group, the parent company
of Cosmote Mobile Telecommunications
S.A. The HDPA found that OTE helped hack
user data from Cosmote’s systems, a mobile
network operator in Greece. OTE was also
found to have violated GDPR by not putting
proper security measures in place, which
led to the data breach.
45
 REGISTER

3. 3.7 million euros on Dutch Tax & from nine users, the AEPD ruled that the
Customs Administration company’s negligence led to fraudulent
use of sim cards and carrying bank
The Dutch Data Protection Authority, an transfers using duplicate sim cards of the
independent body for processing data of complainants. The company failed to verify
people of the Netherlands, imposed a fine the identity of the fraudulent users who
on the Tax and Customs Administration replicated sim cards to carry out the crime.
for storing user data for longer than
required, not implementing proper 5. 6 million euros on Cosmote Mobile
security measures to protect it, and storing Telecommunications
inaccurate data that was also outdated.
Following the breach of GDPR, Cosmote
Upon breaching several GDPR Mobile Telecommunications was fined
articles, (DPA) fined the Dutch Tax
and Customs Administration a sum
of 3.7 million euros for unlawful
processing of user data of taxpayers.

This was the highest amount fined by

the DPA because of the nature of the
offense, which cited Fraud Signaling
Facility (FSV) as the reason, among
others. FSV is a list made by the tax
authorities with the names of blacklisted
individuals to track fraud signals.

4. 3.94 million euros on Vodafone España

Spain’s data protection agency, AEPD

imposed a fine of 3.94 million euros on
Vodafone España in Spain for the violation
of Articles 5(1)(f) and 5(2) of GDPR. The
company was fined for not implementing
appropriate security measures as it had
assured its users. The negligence made
it easier for cybercriminals to replicate
user’s sim cards. Following a complaint

TheCyberExpress 46
 6 million euros separately from its parent
company OTE Group. The HDPA imposed
a fine for not protecting its subscribers’
personal data. Greece’s largest mobile
operator experienced a cyber-attack that
led to the breach of customer data of over
4 million users, including their age, gender,
revenue etc. The HDPA found negligence
and conspiracy on the part of the company
and its parent company, OTE Group.
7. 8 million euros on REWE International
TheCyberExpress
6. 3.94 million euros on Vodafone España
The American facial recognition
company Clearview AI Inc was fined nearly
7.5 million euros by the United Kingdom’s
Information Commissioner’s Office (ICO)
under GDPR violations. The company was
fined in May for mishandling the data of
UK residents. ICO, that regulates data
protection in the UK, found that Clearview
AI Inc. had been collecting personal user
data without a legitimate reason. It also
observed that the company did not have
a process to stop the permanent holding
of biometric data, nor had adequate
data protection measures put in place.
For non-compliance with the general data
protection of the GDPR, the Austrian food
retailer REWE International was fined
8 million euros by the Austrian Data
Protection Authority (DPA). Apparently,
the company collected user data without
consent while hosting the company’s loyalty
and rewards program called the ‘jö Bonus
Club’. Two million users’ data was used
without adequately informing them about
its usage. The company challenged the fine
on the grounds of jö Bonus Club operating
independently as another subsidiary.
47
 REGISTER

8. 10 million euros on Google LLC protection by illegally processing user

For GDPR breaches of Article 6 and Article
17, the Spanish data protection authority
(AEPD) imposed a fine of 10 million euros
on the tech giant Google LLC. The company
was fined for exposing user data to a third
party to have their content removed. After
two users raised a complaint, investigations
revealed that the requests for removing
user content from the various products of
Google were directed to a third party called
the Lumen Project. This led to a data breach
owing to data sharing with a third party.
9. 17 million euros on Meta
Platforms Ireland Ltd condition of consent, transparency, and
The Data Protection Commission of
Ireland fined Meta Platforms a sum of 17
million euros for GDPR violations. The
incident came to light with the inquiry on
12 data breach instances received in 6
months. Upon investigating the extent to
which Meta Platforms complied with the
appropriate technical and organizational
measures that were necessary, the
results were unsatisfactory. It led to a
compromise in securing EU users’ data.
10. 20 million euros on Clearview Al
Inc. French data protection authority, the
The facial recognition firm Clearview
AI faced another fine by Italy’s data
protection agency for GDPR violations
amounting to 20 million euros. The
company breached EU law on data
data, including biometric and geolocation
information. The company failed to
notify the users about the information
that was being stored and used by them.
11. 26.5 million euros on Enel Energia
Enel Energia, an Italian manufacturer
and distributor of electricity and gas,
was fined 26.5 million euros for GDPR
violations. It was imposed by the Italian
data protection authority, Garante per
la Protezione dei dati personali due
to negligence in processing personal
data, the lawfulness of processing,
communication among other violations.
Enel Energia was asked to comply with
the data processing rules breached by
its sales network. Italy’s data protection
agency received hundreds of complaints
from people. The users were called by
the company multiple times without
their consent despite being listed in the
opt-out register. User feedback made
to the company was also misplaced
and delayed in some other instances.
12. 102 million dollars on Google Ireland
Commission Nationale de l’informatique
et des libertés (CNIL), imposed a fine of
102 million dollars on Google Ireland for
failing to comply with data protection.

TheCyberExpress 48
 12. After receiving several complaints related
to the process of rejecting cookies being
complex, the company was fined on
January 6, 2022. The CNIL investigated
and found that cookie consent on
YouTube and Google did not implement
as presented on the websites and
required several clicks to refuse cookies.

13. 403 million dollars on Instagram

In September, Ireland’s Data Protection

Commissioner (DPC) imposed a massive
fine of 403 million dollars on Meta-
owned, Instagram. GDPR imposed
the fine for violating the privacy of its
underage users. Phone numbers and
email addresses of minors were available
publicly once the users upgraded to
business accounts on the platform.

14. 500 million dollars on T-Mobile

Following a data breach in 2021, the mobile

telecommunication company, T-Mobile,
was imposed a fine of 500 million dollars.
A data breach incurred in August last year
impacted the user data of over 100 million
people, as claimed by the hackers on a
hacking forum. Due to unauthorized access
to user data after the cyber-attack, users’
social security numbers, names, addresses,
etc., were exposed. The company agreed to
pay 350 million dollars for the settlement
fund and nearly 150 million dollars to work
on data security measures.

TheCyberExpress 49
 REGISTER

Fines based on
A study by Secu
Healthcare sector 1 1.2 million euros
in 2021 showed
Insurance 2 1.8 million euros
Government 3 2.8 million euros
Media 4 3.3 million euros
Retail 5 4.5 million euros
Utilities 6 5.9 million euros
Financial services 7 10 million euros
Logistics 8 11.1 million euros
Telecommunications 9 12.7 million euros
Technology 10 85.9 million euros
Social networking 11 237 million euros
E-commerce 12

Source: sec

TheCyberExpress 50
n sectors in euros
uriti AI on GDPR and CCPA fines levied
d the following figures:

761.5 million euros

curiti

TheCyberExpress 51
 REGISTER

Fines imposed
Cyprus 1 0.9 million euros A study by Secu
in 2021 showed
France 2 1.8 million euros
Netherlands 3 2.8 million euros
Sweden 4 2.8 million euros
Norway 5 6.3 million euros
Germany 6 10.4 million euros
Austria 7 11.5 million euros
Italy 8 15.8 million euros
Spain 9 23.7 million euros
USA 10 90.7 million euros
Ireland 11 225 million euros
Luxembourg 12

Source:

TheCyberExpress 52
d based on countries
uriti AI on GDPR and CCPA fines levied
d the following figures:

Fines by violation

Securiti AI further highlighted penalties that

were imposed based on types on businesses
including violation of consent, privacy, data
breach and data subject rights. 70% of fines
were levied for consent violations, 21.4%
for privacy, 8.3% for data subject rights, and

746 million euros 0.2% for data breach violations.

securiti

TheCyberExpress 53
 REGISTER
Hefty fines on
businesses July 2021 witnessed the highest fine on
Earlier this January, the investment bank
and financial services company Morgan
Stanley agreed to settle a class-action
lawsuit with a fine of 120 million dollars
for the legal claim against data security.
It was levied on the company in July 2020
owing to security breaches impacting the
personal data of over 15 million current
and former customers. It was due to
negligence in clearing off data center
equipment decommissioned in 2016 and
2019, which led to a software flaw that
exposed users’ unencrypted data to the
equipment’s buyers.
The Office of the Comptroller of the
Currency (OCC) , the independent bureau
of the U.S. Department of the Treasury,
TheCyberExpress
imposed a fine of 60 million dollars on
the company in 2020.
Amazon Europe Core of 746 million euros,
followed by 225 million euros levied on
WhatsApp the same year. While Google
faced a penalty of 60 million euros in the
hands of CNIL, Facebook too was fined
60 million euros in 2021 by CNIL.
Cybersecurity fine imposing bodi
The General Data Protection Regulation
(GDPR) is part of the European Union (EU)
law to safeguard the data of individuals
in the European Economic Area (EEA).
Since its inception in 2018, over 865
administrative fines have been issued,
amounting to over 1.4 billion euros.
54
 The fines collected by the GDPR go to the HM
Treasury’s Consolidated Fund for the welfare
of health, education, justice, social care, etc. It is
not collected by a hard and fast rule but instead
calculated on a case-by-case basis. The penalties
are levied with a discretionary perspective and are
based on certain factors like:

The type and impact

of infringement

Security measures

Cause of neglect –
deliberate or accidental

Damage control done by

a company

History of fines imposed

Attitude of cooperation while

ies >> taking care of the breach
or incident

The data that was breached

Proactiveness in alerting
authorities about the accident

TheCyberExpress 55
 REGISTER

1 Lawfully, fairly, and transparently

Certain GDPR violations have elicited more

penalties than others. They are Violation of It should be asked for
2
legitimate uses
Articles 5, 6, and 32. Article 5 is related to data
processing, Article 6 is about the lawfulness It should not be taken beyond
3
of data processing, and Article 32 takes care the requirement
of actions violating the security of the data
Collected data must be placed up to date
processing. 4
on the systems

It should not be stored for periods beyond

5 its requirement
GDPR Article 5 dictates that personal
It should be processed under
data must be processed thus, failing 6
proper security measures
which it may elicit a penalty:

TheCyberExpress 56
GDPR Article 6 establishes
1 Only after getting consent from the subject
that the data must be
processed thus:
2 Confirms with the contract agreement

3 Complies with legal obligations

4 Protects the person’s vital interests

It is processed for tasks that are

5 in the public interest

And it follows the legitimate

6
interests of the company

GDPR Article 32 looks for adequate and

required technical measures put in place to
maintain security in the processing of data
as well as for data controllers and processors
to make sure it is done in the right way. If
not, the authorities take the necessary action
against the concerned entity.

TheCyberExpress 57
 REGISTER

The California Consumer other data protection agencies are ensuring

businesses prevent data breach as far as
Privacy Act possible, make every effort to be transparent,
and implement the highest security measures
The California Consumer Privacy Act in protecting user data.
(CCPA) has been protecting the data of
California residents all over the world since
January 1, 2020. The CCPA regulations ensure
that businesses are aware of the law around
data handling of the concerned users. The
organization looks after educating businesses
on the proper practices pertaining to informing
consumers of their rights, handling consumer
requests, verifying the authenticity of the
people seeking information and applying the
law to minors as required.

As per a report by Atlas VPN, GDPR fines nearly

touched 100 million euros in the first quarter
of 2022. Since its inception in 2018, GDPR
imposed fines totalling 436,000 euros in 2018,
72 million euros in 2019, 171 million euros in
2020 and over 1 billion euros in 2021. Between
2020 to 2021, a rise of 521% was observed.

A rise of nearly 92% was noticed this year

compared to the previous year, 2021. Received
cases decreased from 215 in 2021 to 205 in
2022. Even though the number of complaints
fell in 2022, the magnitude of the breach was
still high.

It can be concluded that fines on businesses

have been increasing over the years. GDPR and

TheCyberExpress 58
TheCyberExpress 59
 INSIDER

RED TEAM JUNGLE

WELCOME TO THE
...

ANATOMY OF A
RED TEAM
OPERATION
To protect the identities of those involved, this article is a dramatization of events

TheCyberExpress 60
 Tom Van de Wiele
Principal Threats and Technology Researcher,
WithSecure™

TheCyberExpress 61
 INSIDER
It’s Friday, 5p.m. An HR consultant finishes
work at his client’s office and takes his loaned
laptop to an IT room, off the lobby, accessed
by his temporary key card. After dropping
his card into a mailbox marked “Contractor
Access Cards,” the consultant is ready to leave.
Rainwater pours down; he struggles with his
umbrella while holding the door.
“Let me get that for you,” a voice says. The
consultant sees a man holding the door while
entering the lobby.
Meet the Red Teamer
As a red team member, I ask the questions
organizations don’t — and sometimes can’t —
about their readiness in preventing, detecting,
and responding to cyber attacks.
TheCyberExpress
For this particular job, there was one goal: Break
through the client’s security, acquire a device,
and access the restricted network containing
high-risk intellectual property. The client was a
financial entity with custom-developed trading
algorithms for predicting market trends –an
appealing target for financially motivated
adversaries and competitors.
On that Friday I sat in my car with the toolkit for
a physical break-in. From my reconnaissance,
I knew the HR consultant left promptly. I
approached the building as he came into view;
the moment he stopped to open his umbrella,
I knew I was in.
62
 Intrusion: Every Lock Has a Key Problem

RED TEAMING
My bag across my shoulder, I approached the key card mailbox. It
was nothing special, available from any standard retailer, making
replica keys easy to obtain. Opening it with a lock-pick tool was even
easier. I found that the mailbox was full of cards still active for the
remainder of the day. I pocketed these, took my laptop from my
bag, and crossed to the IT room. The first card unlocked the door.

I noticed the consultant had left his laptop closest to the door. I’d done my
research, watching employees come and go with their laptops, studying
potential weaknesses those models might have. I’d watched some of
the corporate videos and identified two laptop models susceptible to
weaknesses I knew. The consultant’s laptop went into my bag, along with
a second model. I exited the room, returned the cards, and left.

Next, I updated the client’s white team; keeping them informed is a critical
responsibility. Red teams should be authentic, but they can’t succeed if
they’re unsafe. It’s not about causing disruption. It’s about collaboration,
communication, and education.

TheCyberExpress 63
 INSIDER
The Laptop Whisperer
Sitting at my desk, I opened the back panel
on the consultant’s laptop to find the Trusted
Platform Module (TPM) chip. This would be
my first angle of attack.
For this, I used a credit card-size “logic sniffer”
wired to the BIOS chip. For most modern
laptops, the TPM and BIOS chips share a
communication channel. The sniffer records
activity passing across the BIOS chip from
the motherboard and digests it for analysis
on a second device. Once the key was
located, I disconnected the device to begin
the decryption key recovery process.
Next, I installed a backdoor on the main
machine so I could discreetly maintain
persistence and simulate a real-life attacker.
This code would run as the laptop connected
to the client’s VPN, exploiting the fact that
remote workers are automatically connected
after logging on. The connection provided
me with a link to the network. Writing what I
wanted to the disk, I had administrator-level
access to the laptop. It was time to find my
target.
TheCyberExpress
When Convenience Kills
I found an HR application I suspected the
consultant would use, and he had saved his
password to autofill. It wasn’t a guarantee, but
my impression was that he liked efficiency; it
seemed possible that he reused passwords, so
recovering one might unlock multiple doors.
I loaded the application on a second machine
to use my virtualized setup. As the application
read the cached password and decoded it
in memory, I paused the process, freezing
the data flow. The client had a legacy eight-
character password policy, so I concentrated
on lines of data that were eight characters or
greater. A password emerged.
After reviewing the applications available, I
logged into one with the password. Finding
file interaction functionality, I navigated out
and found a command prompt. Now I could
roam the application data of active users and
software.
64
 Software? It’s Complicated
I was now “under the floorboards” of the virtualized environment and identified six users
with access to applications that stored temporary files in a location that I also had access to.
These could be abused using DLL side-loading. I used this to sprinkle backdoored software
libraries in these locations.

After a few minutes, I could see that one of the backdoored utilities was being run by an
employee with access to the target application and data.

In total, I’d been at my desk for about 48 hours. I took screenshots and collected everything
I needed to help make the necessary changes. I found the latest versions of what I was
supposed to steal and exfiltrated source code files, copies of the development environment,
and key assets.

TheCyberExpress 65
 INSIDER
Wrapping Up
The team reconvened for a post-mortem and
to reflect on the indicators of compromise the
security team could have been monitoring
for. We offered pragmatic advice with short-
and long-term defensive measures, allowing
time to secure the resources for tackling the
root cause and potential mitigation paths for
detecting and containing similar attacks.
I detailed the attack scenarios, my general
approach to the attack narrative, paths
TheCyberExpress
taken, obstacles observed, how they were
circumvented, and how each attack was
performed and structured. An analysis of the
other attacks I’d prepared followed, plus an
overview of remaining attack artifacts, the
data accessed and where, how the data was
kept safe and secure, and how anonymity
was upheld.
66
Final Thoughts
The outcome of red teaming is never “pass”
or “fail.” It’s a stress test, designed to highlight
the control across the organization and how
quickly attacks can be mitigated. It’s a unique
opportunity to test critical assets and efficacy
of security controls, training, and processes for
defending your business. The goal is to ensure
that any incident is just another day, rather
than a headline with long-term impact.

TheCyberExpress 67
Cybersecurity has
become complex.

Simplify it.
Discover how with the all-in-one, cloud-native
security platform — Forcepoint ONE
.
forcepoint.com/product/forcepoint-one

TheCyberExpress 68
 Welcome to the
power of ONE

ONE Platform
ONE Console
ONE Agent

www.forcepoint.com
TheCyberExpress 69
 HOT SEAT

...

YOU CANT HAVE PRIVACY

WITHOUT SAFEGUARDING
DATA
- By Augustin Kurian, Editor In Chief, The Cyber Express

TheCyberExpress 70
 Kartik Shahani
Country Manager, Tenable India

TheCyberExpress 71
 HOT SEAT

Kartik Shahani is the Country Manager for
Tenable in India. Based in Mumbai, India,
Kartik has over 30 years of experience in
the IT industry, driving momentum for
enterprises. He spearheads initiatives
for Tenable in the enterprise security
market, manages operations, and
continues efforts towards channel
activities in India. Kartik has extensive
experience in telecommunications,
finance, and government sectors. Along
with his innovative sales strategies, he is
instrumental in driving growth in India.
In an exclusive interaction with The Cyber
Express, Kartik Shahani talks about the
need for the right cybersecurity tools, the
role of CISOs in choosing them, and the best
methods to protect the active directory.
Here is an excerpt from the interview.
the choice of cybersecurity tools? Also,
how can CISOs assess their existing
security environment to choose the
right tool?
In today’s digital everything world,
organizations operate on distributed, hybrid
networks across multiple geolocations, cloud-
based infrastructures, applications, virtualized
platforms, services, and more. That means
that there are a plethora of technologies,
assets, and services – some of which CISOs
may not be aware of. While attacks continue to
increase in sophistication, the vast majority are
opportunistic, preying on the fact that most
security teams are overwhelmed and unable
to address even well-known vulnerabilities.
Therefore, instead of disparate tools, it’s
important for CISOs to focus on the best
practices around cyber hygiene and core
security principles as the strongest lines of
defense. This includes making sure they have

What are the different factors that affect

TheCyberExpress 72
visibility across the attack surface, focusing need to monitor their investments in security
efforts on preventing attacks and having clear solutions. But not all cybersecurity products
communication of exposure risk to make have actionable metrics that quantify cyber
better decisions.approached the building as exposure. There are five crucial aspects CISOs
he came into view; the moment he stopped to need to consider —
open his umbrella, I knew I was in.
1. Does the solution provide complete
What according to you are the top visibility — into AD, OT, cloud, business-
cybersecurity tools in 2022? critical vulnerabilities, and internet-facing
assets?
We see the need for Exposure Management 2. Is the attack surface monitored
which draws on deep insights into all aspects continuously?
of the modern attack surface – across assets 3. Threats change over time, so does the
as things change, and with the context of cybersecurity solution have a large data set
interdependencies to accurately gauge and of threat intelligence to keep up with these
prioritize risk exposure. By practicing exposure changes?
management, organizations can be equipped 4. Is the platform customizable and scalable
to have visibility across the modern attack for the organization’s needs?
surface, anticipate threats, prioritize efforts 5. Can cyber exposure be communicated in
to prevent attacks, and communicate cyber business terms??
exposure risk to make better decisions.
Once CISOs have answers to these questions
What are the key metrics CISOs need it becomes easier to communicate metrics in
to consider while choosing the right business terms back to the board.
cybersecurity tools?

Just as financial investments are monitored to

determine their performance, organizations

TheCyberExpress 73
 HOT SEAT
How does cybersecurity affect data
privacy? What are the benefits of using
a centralized cybersecurity solution?
When discussing data privacy, we must
also consider data security – you can’t
have privacy without safeguarding it. The
issue is that threat actors know they can
monetize their crimes by targeting valuable
data. Unfortunately, in the vast majority of
cases, it’s not advanced threats that cause
organizations to spill their secrets, it’s known
unpatched vulnerabilities. If companies want
to stay ahead of the curve and avoid becoming
a target, they need to appear unattainable
to bad actors and that means removing the
low-hanging fruit – the known but unpatched
flaws in systems and software. Rather than
focusing on the tactics threat actors use,
organizations must focus on identifying and
blocking the attack paths they look to exploit.
How does a CISO know if they are getting
value for money from their investment
in cybersecurity tools?
An effective cybersecurity program should be
TheCyberExpress
able to measure success by risk reduction.
Remediation actions should be prioritized
to reduce an organization’s cyber exposure.
CISOs should view, validate, and prioritize
vulnerabilities critical to the business, while
also understanding the context of the
vulnerability. Patching and remediation are
critical, but equally important are follow-up
testing and quality assurance reviews. In doing
so, security leaders should be able to analyze
the effectiveness of their program and by
default, their investment.
What is your take on the recent
slew of attacks on cryptocurrency
exchanges? How do you feel about the
plan of the Indian government to ban
cryptocurrency?
Cryptocurrency is one of the ways
cybercriminals are monetizing their efforts
– it isn’t the root cause. If we got rid of
cryptocurrency tomorrow, cybercriminals
would just come up with another way to
monetize their efforts. Instead, organizations
need to focus on stopping attacks first, starting
with basic cyber hygiene.
74
 Lastly, what is the best step toward protecting the active directory?

Cybercriminals look for unpatched software vulnerabilities and misconfigurations to gain

a foothold in any organization. Once inside the system, attackers often go after the Active
Directory (AD) infrastructure to gain lateral movement and compromise other systems. If
threat actors gain privileged access to AD, they essentially have the “blueprints to the castle”
and can create new admin-level users, add new machines to the network, deploy malware
and steal data. The first step to protecting AD is to mitigate misconfigurations and reduce
privileged AD group membership and privileged AD accounts. AD must be continuously
monitored to evaluate user rights and to detect suspicious activity. Once visibility is achieved,
vulnerabilities arising out of trust can be addressed.

TheCyberExpress 75
 Organized by

NOVEMBER 18, 2022

MUMBAI, INDIA

TheCyberExpress 76
TheCyberExpress 77
 ADVERTISE WITH US

MARKETING@THECYBEREXPRESS.COM

TheCyberExpress 78
TheCyberExpress 79
 SCAN AND STAY UPDATED WITH
REAL TIME CYBERSECURITY NEWS

To advertise with us, write to: marketing@thecyberexpress.com