Professional Documents
Culture Documents
Capabilities
© 2022 Cyble Inc. All Rights Reserved. contact@cyble.com l +1 678 379 3241 l www.cyble.com
TheCyberExpress 2
Know your
organization’s
Darkweb
Exposure
Make sure that your business
continuity, compliance and
operational availability is not
at stake
© 2022 Cyble Inc. All Rights Reserved. contact@cyble.com l +1 678 379 3241 l www.cyble.com
TheCyberExpress 3
Contents
7
FROM THE EDITOR
Dubai Cybersecurity
Strategy
10
THE COVER
22
CYBERVILLE
TheCyberExpress 4
32
DIGEST
42
REGISTER
60 70
INSIDER HOT SEAT
TheCyberExpress 5
Editorial Management
*Responsible for selection of news under PRB Act. Printed & Published by Augustin Kurian, The Cyber Express LLC.,
TheCyberExpress 6
The publishers regret that they cannot accept liability for errors & omissions contained in this publication, howsoever caused. The opinion & views contained in this publication are not necessarily those of the publisher.
Readers are advised to seek specialist advice before acting on the information contained in the publication which is provided for general use & may not be appropriate for the readers’ particular circumstances. The
ownership of trade marks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system, or transmitted in any form without the permission of the publishers
in writing.
From The
Editor’s DESK
Augustin Kurian
Editor In Chief
TheCyberExpress 7
TheCyberExpress 8
TheCyberExpress 9
THE COVER
The
Cybersecurity
Hub of the
Middle East
TheCyberExpress 10
- By The Cyber Express Editorial
G
ulf Business Machines (GBM) in With cybercrime becoming more sophisticated
September announced the acquisition and common, organizations that have, or are
of the majority of shares of Coordinates invested in, an online presence is beefing up
Middle East, a regional managed detection and security. Businesses are quick to spot the
response firm headquartered in Dubai. opportunity, the latest being Redington Value,
which launched its managed security services
Mergers and acquisitions are great indicators brand ‘DigiGlass by Redington’ in September.
of sector growth and maturity, says business
wisdom. GBM is the latest in the long list of firms
drawn to the opportunities in cybersecurity that
Dubai has to offer.
TheCyberExpress 11
THE COVER
TheCyberExpress 12
Rising region
Cybersecurity often takes a reactive
approach, taking action only after a security
breach or vulnerability is discovered. With
cybercrime and hacking leaving a significant
impact on society, countering such efforts
comprehensively through a coordinated and
expedited legal framework and the importance
of staying ahead of threat actors were both a
need and an opportunity.
TheCyberExpress 13
THE COVER
Dubai’s position
as a world leader
in innovation,
safety and security
and manage
cybersecurity
risks among
establishments and
residents in Dubai
The UAE cybersecurity market is projected to Rise in enterprise malware and phishing
grow at a formidable rate in the coming five threats and surge in demand for cloud-based
years, said a report published by Research cybersecurity solutions have also boosted the
And Markets. The report attributed growth demand for the UAE cybersecurity market.
to rising cyber threats across organizations
and the increasing need to protect important Growing interest of market players in
documents and data from various types of developing new e-commerce platforms and
threats such as malware, ransomware, among internet security solutions based on artificial
others. intelligence platforms also contributed a
fair share. Companies in the manufacturing,
Also, technological advancements such banking, financial services, insurance, and
as integrated security solutions and healthcare sectors are increasingly adopting
nextgeneration security solutions and security solutions.
increasing adoption of advanced technologies
such as artificial intelligence and Internet of Being the business hub naturally propelled
Things has contributed to the growth of the Dubai as the center of cyber innovation,
UAE cybersecurity market. business, and investment.
TheCyberExpress 14
Turning point
The turning point in Dubai’s journey from
just a business destination to cybersecurity
leadership happened in May 2017, when His
Highness Sheikh Mohammad Bin Rashid Al
Maktoum, Vice-President and Prime Minister of
the UAE and Ruler of Dubai launched the Dubai
Cybersecurity Strategy, with the declared aim of
strengthening cybersecurity in the region.
TheCyberExpress 15
THE COVER
Innovation
The second domain, innovation, is focused
on encouraging innovation in the emirate of
Dubai through scientific research in the area
of electronic security and the creation of a free,
open, and safe cyberspace.
Cybersecurity
The third domain, cybersecurity, strives to
create a secure cyberspace by putting in place
rules to safeguard data privacy, confidentiality,
and availability.
TheCyberExpress 16
TheCyberExpress 17
THE COVER
National
and International
Collaboration
TheCyberExpress 18
TheCyberExpress 19
THE COVER
...
Forging ahead
Dubai currently boasts the presence of
cybersecurity divisions of technology
majors including IBM Middle East, Oracle
Systems, Microsoft Gulf), AWS Dubai,
Juniper Networks, Cisco Middle East,
Broadcom, and Palo Alto Networks.
Deloitte and the Cybersecurity Council (CSC) Global pure play cybersecurity companies
signed a Memorandum of Understanding such as CyberArk, Fortinet, etc. are some
(MoU) in March this year to work together of the top names in the sector that calls
in supporting the Cybersecurity agenda in Dubai their hub. The booming business
the UAE. has also paved the way for several
homegrown cybersecurity businesses.
As part of the MoU, Deloitte will support
CSC with CERT guidelines, cyber training, The latest list of “Top Cybersecurity
cybersecurity strategy as well as establish Companies in UAE’’ compiled by trade
a child online protection framework, website GoodFirms has 73 firms, of which
among others. 52 are based in Dubai. What makes it
attractive for cybersecurity firms to set
shops in Dubai?
TheCyberExpress 20
High demand
As mentioned above, both public and private organizations are currently planning
to increase their investment in cybersecurity protection and training. This means
there is always demand for cybersecurity business or service.
Nominal tax
Dubai is well-known for being a favorable business jurisdiction, offering great
perks to innovative companies. Also, free zones like the Meydan Free Zone have a
corporate tax rate of 0%. This means the business can sustain more profits.
Interesting jobs
With so many demanding large companies in Dubai, there is an opportunity to
support complex organizations with long-term, intellectually stimulating contracts.
Government support
The UAE government and the Dubai emirate administration has been introducing
and updating cybersecurity standards for public sector organizations. The
administration has continuously demonstrated its full participation in promoting
cybersecurity.
The ecosystem
Dubai is an internationally recognized tech hub. This means working closely
with many other top companies that can provide the support services, staff and
hardware needed for cybersecurity businesses in Dubai.
TheCyberExpress 21
CYBERVILLE
A
t the age of 16, filmmaker Christopher The film’s ingenuity won praise worldwide
Nolan fantasized about the art of mind and brought into perspective the unexplored
control. It took him almost ten years possibility of hijacking the human mind.
to pen down his vision and bring it to life
with the release of the science fiction action In the form of illusions, hypnosis or machines,
film ‘Inception’ in 2010. The movie starring experts from varied fields have imagined
Leonardo DiCaprio kept its viewers hooked till developing ways to stimulate and control the
the last minute with the make-believe concept human mind. However, hacking the mind has
of “dream invaders” who stole the information equally intrigued the world of cybercrime,
by infiltrating the subconscious of their targets. giving birth to “Brainjacking”.
TheCyberExpress 22
TheCyberExpress 23
CYBERVILLE
What is brainjacking?
Brainjacking -- combined with the words brain
and hijacking – isn’t as whimsical as one would
want to believe. It can be understood as the
exercise of unauthorized control of another
individual’s electronic brain implant. Termed
illegal, brain jacking involves hacking into the
surgical implants connected to the human
brain to create a brain-computer interface – “This is the first time scientists have been able
direct communication between an external to identify a patient’s brain cell code or pattern
device and the brain’s electrical activity. for memory and, in essence, ‘write in’ that
code to make existing memory work better,
With increased cyber-attacks on the healthcare an important first step in potentially restoring
sector and the ease at which medical implants memory loss,” lead author Robert Hampson at
such as pacemakers and insulin pumps have Wake Forest Baptist stated in the report.
been compromised, brainjacking has emerged
as a new threat to target and exploit the To understand the severity of brainjacking, it is
implants technology. essential to know how hackers can exploit it.
TheCyberExpress 24
based chip ‘STEM’ in his body and is finally able
to regain control of his motor functions.
TheCyberExpress 25
CYBERVILLE
TheCyberExpress 26
When it comes to DBS, this is precisely
what experts fear. As advantageous as the
treatment may be for patients suffering
from a movement disorder, the stimulation
generates endless opportunities for those
intending to exploit it. In a ‘neurosecurity’
breach, a threat actor would target an
individual with a neurostimulator to gain
control of the device.
After understanding the patient’s brain signals
and movement better, doctors implant
leads (wires) in the brain connected to a
compact electrical generator, known as the
neurostimulator, inserted and placed under
the collarbone. It is through this system that
pulses of electric current are passed through
the neurostimulator to the patient’s brain. In a
‘neurosecurity’
However, gaining access and control of the
human brain with wireless stimulators may breach, a threat
have severe consequences when exploited actor would
with malicious intent.
target an
The darker side of DBS individual with a
neurostimulator
Most sci-fi and animation fans would agree that
great discoveries, in the hands of a malicious to gain control of
actor, often lead to evil outcomes, whether it
the device.
was Mojo Jojo from The PowerPuff Girls, Doctor
Octopus in Spiderman or Thanos in Avengers:
Infinity Wars, who nearly wiped out half of
the life in the universe by simply snapping his
fingers.
TheCyberExpress 27
CYBERVILLE
In the coming future, the global market size 16.8% in low- and middle-income countries,
billion by 2025 at a compound annual growth solutions that include spinal cord stimulators
rate (CAGR) of 9.1% from 2021 to 2028, with and deep brain stimulators, the report stated.
neurological disorders being the primary Moreover, US Brain implants have proven
According to a market report by Grand View solutions for depression. Thus, adding
benefits of brain implants and their positive the implants also increases their vulnerability
outcomes has led to the overall growth of the and susceptibility to attacks where a hacker
TheCyberExpress 28
BRAINJACKING
How hackers can take advantage
• Unencrypted data transfer: With the data not being encrypted, it becomes
easier for hackers to access any transfer of information between the
programming software, the implants, and any interlinked networks.
According to the report, this vulnerability leaves not just the patient’s
implant open to access but also those connected to the same infrastructure.
• Device Protection: Due to the crucial role the implant plays in the well-
being of the patient, it is essential for devices and their security measures
to be comfortably accessible to the physician, especially in times of
emergency. Moreover, due to this aspect, the devices need to be fitted
with a software ‘backdoor’ that makes them more vulnerable to attacks.
TheCyberExpress 29
CYBERVILLE
TheCyberExpress 30
However, according to a 2022 report
by American news agency United Press
International, the FDA to date has not received
any incidents of “deliberate or intentional
compromises of medical devices due to cyber
exploits.”
TheCyberExpress 31
DIGEST
How
Cybersecurity
in the Middle East
is Changing the
World
TheCyberExpress 32
The Middle
East welcomes
diversity in
employment, as
94% of women in
the region would
be interested in
pursuing a degree
in cybersecurity.
TheCyberExpress 33
DIGEST
TheCyberExpress 34
A
s the world is becoming increasingly According to a recent study, the Middle East
digitized, the issue of cybersecurity is one of the most active regions in the world
has taken on new importance. concerning cybersecurity. The Middle East
Nowhere is this truer than in the Middle East, Cybersecurity Market by Component
where several recent high-profile hacking (Solutions and Services) found that the
incidents have placed the region’s security region is projected to grow from USD 20.3
squarely in the spotlight. billion in 2022 to USD 44.7 billion by 2027.
With a Compound Annual Growth Rate
Middle Eastern nations are investing (CAGR) of 17.1% during the forecast period,
significantly in cybersecurity in response to these numbers are significantly higher than
these attacks. In addition to benefiting the the global average, making the Middle East
local economy, this might change the world the ideal region for investing in cybersecurity
and make it a better place for businesses ventures.
to grow, further enhancing the region’s
employment and development. The study also found that the Middle East is
home to some of the most advanced cyber
As the Middle East prepares for burgeoning attacks in the world. There has been a spike
cybersecurity, especially when Israel is in attacks targeting the region’s critical
expected to become the best market for infrastructure and industrial facilities. These
cybersecurity investment in the next five attacks are designed to disrupt operations
years, several significant changes in the way and can have devastating consequences.
that the internet will be used and governed in The 2021 national fuel network attack on
the region can be anticipated. For one thing, Iran and the data leak of the Israeli LGBTQ
increased cooperation between countries in dating app Atraf are just some of the attacks
the region on security issues could lead to a faced by the Middle East.
more secure internet for everyone.
The good news is that awareness of
Increasing the usage of encryption and other cybersecurity threats is growing in the
security technology in the area is another Middle East. Governments and businesses
aspect the Middle East plans to focus are beginning to invest more in cybersecurity
on. This will assist in preventing hackers solutions and training. This is essential
from accessing both private and public to protecting critical infrastructure and
data. Moreover, with greater emphasis on ensuring that companies can operate safely
spreading cybersecurity awareness, people and efficiently in the digital age.
will be capable of defending themselves from
attacks once they are more aware of the
dangers associated with using the internet.
TheCyberExpress 35
DIGEST
How data
and PRIVACY
laws work in
the MIDDLE EAST
In the Middle East, data and privacy laws Another commonality among Middle Eastern
vary from country to country. However, there data and privacy laws is the requirement
are some commonalities among them. For for companies to take steps to protect user
instance, most countries in the region have data from unauthorized access. This includes
laws requiring companies to disclose data implementing strong security measures such
breaches to customers or face stiff penalties. as encryption.
This is a positive development, as it encourages The trend toward more robust data and
companies to be more transparent about privacy laws in the Middle East is positive. It
their data security practices. It also helps to will help improve cybersecurity for businesses
raise awareness of cybersecurity risks among and consumers in the region.
consumers.
TheCyberExpress 36
TheCyberExpress 37
DIGEST
TheCyberExpress 38
Jobs and opportunities in
cybersecurity in the Middle east
With the ever-growing importance of The use of technologies such as IoT and
cybersecurity, jobs in this field are in high blockchain will also increase, and the massive
demand – especially in the Middle East. Due employment outbreak for women and men
to the region’s political and social landscape, worldwide will bridge the gap between talent
there is a heightened need for cybersecurity and opportunities.
experts who can help protect against various
threats. There are many opportunities available for
cybersecurity specialists in the Middle East,
The governments of Middle Eastern nations and the work can be truly impactful in a
are also discussing several initiatives, such as region that is often at the forefront of global
Dubai Internet City (DIC) and the KSA Vision events. With an international approach from
2030, that will increase the demand for workers worldwide, companies in the Middle
cybersecurity experts by connecting various East are expected to make a difference on a
services in future smart cities, putting the global scale very soon.
Middle East region on the cusp of significant
digital upheaval.
TheCyberExpress 39
DIGEST
Participation of women in
cybersecurity in the Middle East
In recent years, the Middle East has seen women represent only 11%of the workforce
a significant shift in the way the women in cybersecurity, ZAWYA reported that 94% of
workforce is approaching the cybersecurity women in the Middle East would be interested
landscape, with more and more women taking in pursuing a degree in cybersecurity. The
up essential roles in the industry. upcoming technological phase will surely
change the women’s employment ratio in the
The growing participation of women in the security sector.
field is a result of increased awareness of the
importance of cybersecurity in the region. The founder and CEO of Secure Diversity
Since the Middle East has been beset with (Previously Brainbabe) in an interview said, “The
multiple cyberattacks almost every year, it is no unfilled cybersecurity jobs aren’t just a staffing
wonder that women are taking up important issue; they’re a matter of national security, and
roles in organizations and helping them to women can help us solve the problem quickly.”
protect their data and online assets.
TheCyberExpress 40
There are several reasons why women make great cybersecurity professionals. Firstly, they
tend to be excellent at multitasking and have a keen eye for detail in some instances, reports
BBC. Secondly, they are often better at communication than their male counterparts, which
is essential in coordinating complex response efforts in real-time incidents, stated a report by
Glasgow University professor Gijsbert Stoet.
Finally, perhaps most importantly, women are often empathetic towards people, businesses,
and problems. This is a valuable quality in cybersecurity, as it allows them to understand better
the mindset of attackers and how to protect their clients or employers with the best strategies.
TheCyberExpress 41
REGISTER
OVER $1 BILLI
CYBERSECURITY FINES IN 2022
TheCyberExpress 42
ION ALREADY
The United Nations Conference on Trade
Spain’s data protection and Development (UNCTAD), which
agency, the Agencia looks after world trade investment and
Española de Protección de development, outlines that out of 194
countries, 137 have legislation to handle
Datos (AEPD) imposed a fine data and privacy protection. These
of 2 million euros on Amazon bodies inspect the cause of cybercrime
TheCyberExpress 43
REGISTER
TheCyberExpress 44
CYBERSECURITY FINES IMPOSED ON
BUSINESSES IN THE YEAR 2022
Cybercriminals threaten the security of during the hiring process, which was taken
businesses by hacking into networks and up to legal agencies by a representative
stealing user data, login credentials, sensitive of the general union of workers.
information, financial data and more. When
such data breaches come to the fore, it impacts 2. 3.25 million euros on OTE Group
the company’s reputation, the users whose
information has been exploited and data Two individual fines were imposed on two
protection agencies. companies namely OTE Group and Cosmote
Mobile Telecommunications S.A. that were
1. 2 million euros on Amazon Road connected owing to data breaches and
Transport improper data handling. The Hellenic Data
Protection Authority (HDPA) in Athens,
Spain’s data protection agency, the Agencia Greece, imposed a fine of 3.25 million
Española de Protección de Datos (AEPD) euros on OTE Group, the parent company
imposed a fine of 2 million euros on Amazon of Cosmote Mobile Telecommunications
Road Transport Spain S.L. for violation of S.A. The HDPA found that OTE helped hack
articles of the GDPR. Breaching the GDPR user data from Cosmote’s systems, a mobile
Articles 6 (1) and Article 10, Amazon Road network operator in Greece. OTE was also
Transport was penalized for asking its found to have violated GDPR by not putting
employees for their criminal records.. proper security measures in place, which
This violated the protocol for processing led to the data breach.
personal data. Amazon’s truck drivers
were asked to submit their record files
TheCyberExpress 45
REGISTER
3. 3.7 million euros on Dutch Tax & from nine users, the AEPD ruled that the
Customs Administration company’s negligence led to fraudulent
use of sim cards and carrying bank
The Dutch Data Protection Authority, an transfers using duplicate sim cards of the
independent body for processing data of complainants. The company failed to verify
people of the Netherlands, imposed a fine the identity of the fraudulent users who
on the Tax and Customs Administration replicated sim cards to carry out the crime.
for storing user data for longer than
required, not implementing proper 5. 6 million euros on Cosmote Mobile
security measures to protect it, and storing Telecommunications
inaccurate data that was also outdated.
Following the breach of GDPR, Cosmote
Upon breaching several GDPR Mobile Telecommunications was fined
articles, (DPA) fined the Dutch Tax
and Customs Administration a sum
of 3.7 million euros for unlawful
processing of user data of taxpayers.
TheCyberExpress 46
6 million euros separately from its parent 6. 3.94 million euros on Vodafone España
company OTE Group. The HDPA imposed
a fine for not protecting its subscribers’ The American facial recognition
personal data. Greece’s largest mobile company Clearview AI Inc was fined nearly
operator experienced a cyber-attack that 7.5 million euros by the United Kingdom’s
led to the breach of customer data of over Information Commissioner’s Office (ICO)
4 million users, including their age, gender, under GDPR violations. The company was
revenue etc. The HDPA found negligence fined in May for mishandling the data of
and conspiracy on the part of the company UK residents. ICO, that regulates data
and its parent company, OTE Group. protection in the UK, found that Clearview
AI Inc. had been collecting personal user
data without a legitimate reason. It also
observed that the company did not have
a process to stop the permanent holding
of biometric data, nor had adequate
data protection measures put in place.
TheCyberExpress 47
REGISTER
TheCyberExpress 48
12. After receiving several complaints related
to the process of rejecting cookies being
complex, the company was fined on
January 6, 2022. The CNIL investigated
and found that cookie consent on
YouTube and Google did not implement
as presented on the websites and
required several clicks to refuse cookies.
TheCyberExpress 49
REGISTER
Fines based on
A study by Secu
Healthcare sector 1 1.2 million euros
in 2021 showed
Insurance 2 1.8 million euros
Government 3 2.8 million euros
Media 4 3.3 million euros
Retail 5 4.5 million euros
Utilities 6 5.9 million euros
Financial services 7 10 million euros
Logistics 8 11.1 million euros
Telecommunications 9 12.7 million euros
Technology 10 85.9 million euros
Social networking 11 237 million euros
E-commerce 12
Source: sec
TheCyberExpress 50
n sectors in euros
uriti AI on GDPR and CCPA fines levied
d the following figures:
TheCyberExpress 51
REGISTER
Fines imposed
Cyprus 1 0.9 million euros A study by Secu
in 2021 showed
France 2 1.8 million euros
Netherlands 3 2.8 million euros
Sweden 4 2.8 million euros
Norway 5 6.3 million euros
Germany 6 10.4 million euros
Austria 7 11.5 million euros
Italy 8 15.8 million euros
Spain 9 23.7 million euros
USA 10 90.7 million euros
Ireland 11 225 million euros
Luxembourg 12
Source:
TheCyberExpress 52
d based on countries
uriti AI on GDPR and CCPA fines levied
d the following figures:
Fines by violation
securiti
TheCyberExpress 53
REGISTER
TheCyberExpress 54
The fines collected by the GDPR go to the HM
Treasury’s Consolidated Fund for the welfare
of health, education, justice, social care, etc. It is
not collected by a hard and fast rule but instead
calculated on a case-by-case basis. The penalties
are levied with a discretionary perspective and are
based on certain factors like:
Security measures
Cause of neglect –
deliberate or accidental
Proactiveness in alerting
authorities about the accident
TheCyberExpress 55
REGISTER
TheCyberExpress 56
GDPR Article 6 establishes
1 Only after getting consent from the subject
that the data must be
processed thus:
2 Confirms with the contract agreement
TheCyberExpress 57
REGISTER
TheCyberExpress 58
TheCyberExpress 59
INSIDER
ANATOMY OF A
RED TEAM
OPERATION
To protect the identities of those involved, this article is a dramatization of events
TheCyberExpress 60
Tom Van de Wiele
Principal Threats and Technology Researcher,
WithSecure™
TheCyberExpress 61
INSIDER
It’s Friday, 5p.m. An HR consultant finishes For this particular job, there was one goal: Break
work at his client’s office and takes his loaned through the client’s security, acquire a device,
laptop to an IT room, off the lobby, accessed and access the restricted network containing
by his temporary key card. After dropping high-risk intellectual property. The client was a
his card into a mailbox marked “Contractor financial entity with custom-developed trading
Access Cards,” the consultant is ready to leave. algorithms for predicting market trends –an
Rainwater pours down; he struggles with his appealing target for financially motivated
umbrella while holding the door. adversaries and competitors.
“Let me get that for you,” a voice says. The On that Friday I sat in my car with the toolkit for
consultant sees a man holding the door while a physical break-in. From my reconnaissance,
entering the lobby. I knew the HR consultant left promptly. I
approached the building as he came into view;
Meet the Red Teamer the moment he stopped to open his umbrella,
I knew I was in.
As a red team member, I ask the questions
organizations don’t — and sometimes can’t —
about their readiness in preventing, detecting,
and responding to cyber attacks.
TheCyberExpress 62
Intrusion: Every Lock Has a Key Problem
RED TEAMING
My bag across my shoulder, I approached the key card mailbox. It
was nothing special, available from any standard retailer, making
replica keys easy to obtain. Opening it with a lock-pick tool was even
easier. I found that the mailbox was full of cards still active for the
remainder of the day. I pocketed these, took my laptop from my
bag, and crossed to the IT room. The first card unlocked the door.
I noticed the consultant had left his laptop closest to the door. I’d done my
research, watching employees come and go with their laptops, studying
potential weaknesses those models might have. I’d watched some of
the corporate videos and identified two laptop models susceptible to
weaknesses I knew. The consultant’s laptop went into my bag, along with
a second model. I exited the room, returned the cards, and left.
Next, I updated the client’s white team; keeping them informed is a critical
responsibility. Red teams should be authentic, but they can’t succeed if
they’re unsafe. It’s not about causing disruption. It’s about collaboration,
communication, and education.
TheCyberExpress 63
INSIDER
TheCyberExpress 64
Software? It’s Complicated
I was now “under the floorboards” of the virtualized environment and identified six users
with access to applications that stored temporary files in a location that I also had access to.
These could be abused using DLL side-loading. I used this to sprinkle backdoored software
libraries in these locations.
After a few minutes, I could see that one of the backdoored utilities was being run by an
employee with access to the target application and data.
In total, I’d been at my desk for about 48 hours. I took screenshots and collected everything
I needed to help make the necessary changes. I found the latest versions of what I was
supposed to steal and exfiltrated source code files, copies of the development environment,
and key assets.
TheCyberExpress 65
INSIDER
Wrapping Up
The team reconvened for a post-mortem and taken, obstacles observed, how they were
to reflect on the indicators of compromise the circumvented, and how each attack was
security team could have been monitoring performed and structured. An analysis of the
for. We offered pragmatic advice with short- other attacks I’d prepared followed, plus an
and long-term defensive measures, allowing overview of remaining attack artifacts, the
time to secure the resources for tackling the data accessed and where, how the data was
root cause and potential mitigation paths for kept safe and secure, and how anonymity
detecting and containing similar attacks. was upheld.
TheCyberExpress 66
Final Thoughts
The outcome of red teaming is never “pass”
or “fail.” It’s a stress test, designed to highlight
the control across the organization and how
quickly attacks can be mitigated. It’s a unique
opportunity to test critical assets and efficacy
of security controls, training, and processes for
defending your business. The goal is to ensure
that any incident is just another day, rather
than a headline with long-term impact.
TheCyberExpress 67
Cybersecurity has
become complex.
Simplify it.
Discover how with the all-in-one, cloud-native
security platform — Forcepoint ONE
.
forcepoint.com/product/forcepoint-one
TheCyberExpress 68
Welcome to the
power of ONE
ONE Platform
ONE Console
ONE Agent
www.forcepoint.com
TheCyberExpress 69
HOT SEAT
...
TheCyberExpress 70
Kartik Shahani
Country Manager, Tenable India
TheCyberExpress 71
HOT SEAT
Kartik Shahani is the Country Manager for the choice of cybersecurity tools? Also,
Tenable in India. Based in Mumbai, India, how can CISOs assess their existing
Kartik has over 30 years of experience in security environment to choose the
the IT industry, driving momentum for right tool?
enterprises. He spearheads initiatives
for Tenable in the enterprise security In today’s digital everything world,
market, manages operations, and organizations operate on distributed, hybrid
continues efforts towards channel networks across multiple geolocations, cloud-
activities in India. Kartik has extensive based infrastructures, applications, virtualized
experience in telecommunications, platforms, services, and more. That means
finance, and government sectors. Along that there are a plethora of technologies,
with his innovative sales strategies, he is assets, and services – some of which CISOs
instrumental in driving growth in India. may not be aware of. While attacks continue to
increase in sophistication, the vast majority are
In an exclusive interaction with The Cyber opportunistic, preying on the fact that most
Express, Kartik Shahani talks about the security teams are overwhelmed and unable
need for the right cybersecurity tools, the to address even well-known vulnerabilities.
role of CISOs in choosing them, and the best Therefore, instead of disparate tools, it’s
methods to protect the active directory. important for CISOs to focus on the best
practices around cyber hygiene and core
Here is an excerpt from the interview. security principles as the strongest lines of
defense. This includes making sure they have
TheCyberExpress 72
visibility across the attack surface, focusing need to monitor their investments in security
efforts on preventing attacks and having clear solutions. But not all cybersecurity products
communication of exposure risk to make have actionable metrics that quantify cyber
better decisions.approached the building as exposure. There are five crucial aspects CISOs
he came into view; the moment he stopped to need to consider —
open his umbrella, I knew I was in.
1. Does the solution provide complete
What according to you are the top visibility — into AD, OT, cloud, business-
cybersecurity tools in 2022? critical vulnerabilities, and internet-facing
assets?
We see the need for Exposure Management 2. Is the attack surface monitored
which draws on deep insights into all aspects continuously?
of the modern attack surface – across assets 3. Threats change over time, so does the
as things change, and with the context of cybersecurity solution have a large data set
interdependencies to accurately gauge and of threat intelligence to keep up with these
prioritize risk exposure. By practicing exposure changes?
management, organizations can be equipped 4. Is the platform customizable and scalable
to have visibility across the modern attack for the organization’s needs?
surface, anticipate threats, prioritize efforts 5. Can cyber exposure be communicated in
to prevent attacks, and communicate cyber business terms??
exposure risk to make better decisions.
Once CISOs have answers to these questions
What are the key metrics CISOs need it becomes easier to communicate metrics in
to consider while choosing the right business terms back to the board.
cybersecurity tools?
TheCyberExpress 73
HOT SEAT
How does cybersecurity affect data able to measure success by risk reduction.
privacy? What are the benefits of using Remediation actions should be prioritized
a centralized cybersecurity solution? to reduce an organization’s cyber exposure.
CISOs should view, validate, and prioritize
When discussing data privacy, we must vulnerabilities critical to the business, while
also consider data security – you can’t also understanding the context of the
have privacy without safeguarding it. The vulnerability. Patching and remediation are
issue is that threat actors know they can critical, but equally important are follow-up
monetize their crimes by targeting valuable testing and quality assurance reviews. In doing
data. Unfortunately, in the vast majority of so, security leaders should be able to analyze
cases, it’s not advanced threats that cause the effectiveness of their program and by
organizations to spill their secrets, it’s known default, their investment.
unpatched vulnerabilities. If companies want
to stay ahead of the curve and avoid becoming What is your take on the recent
a target, they need to appear unattainable slew of attacks on cryptocurrency
to bad actors and that means removing the exchanges? How do you feel about the
low-hanging fruit – the known but unpatched plan of the Indian government to ban
flaws in systems and software. Rather than cryptocurrency?
focusing on the tactics threat actors use,
organizations must focus on identifying and Cryptocurrency is one of the ways
blocking the attack paths they look to exploit. cybercriminals are monetizing their efforts
– it isn’t the root cause. If we got rid of
How does a CISO know if they are getting cryptocurrency tomorrow, cybercriminals
value for money from their investment would just come up with another way to
in cybersecurity tools? monetize their efforts. Instead, organizations
need to focus on stopping attacks first, starting
An effective cybersecurity program should be with basic cyber hygiene.
TheCyberExpress 74
Lastly, what is the best step toward protecting the active directory?
TheCyberExpress 75
Organized by
TheCyberExpress 76
TheCyberExpress 77
ADVERTISE WITH US
MARKETING@THECYBEREXPRESS.COM
TheCyberExpress 78
TheCyberExpress 79
SCAN AND STAY UPDATED WITH
REAL TIME CYBERSECURITY NEWS