Dubai, UAE – Since the pandemic, the number of cyber-attacks in the UAE and the region has seen a substantial increase, as the organisations have been forced to an immediate remote working scenario.
As part of the efforts targeting the cyber security of the financial sector specifically, the Central Bank of the UAE (CBUAE) conducted a real-time cyberattack simulation exercise designed to test the resilience of the UAE’s banking sector against any potential cyber threats.
In addition to this, the UAE Banks Federation recently organised RaCE, a two-day cybersecurity webinar, focusing on best practices in data privacy and protection as businesses shift to a hybrid working environment.
Speaking at the event, Bahi Hour, Director, System Engineering - META at Attivo Networks said, “The accelerated digitalisation efforts of the banking industry in the region has given a much larger attack surface area for cybercriminals to exploit. In addition to phishing and malware, the attackers have evolved and equipped themselves with advanced persistent threat (APT) tactics to navigate around defences and infiltrate networks without being detected. The CISOs need to adopt a multi-layered cybersecurity strategy to help ensure the safety of their prized digital assets.”
Remote working has increased the dependence on VPNs to connect employees with the corporate networks, which provides an additional potential path for criminals to attack. They can either exploit a vulnerability, or socially engineer an employee to reveal access credentials and gain entry to the network. Experts anticipate COVID-19 related phishing attacks to continue well through 2021, as employees continue to work from home. Prior to the pandemic, perimeter security was sufficient to block such activity, but since all employees are now logging in at all times, from different places, utilising multiple devices; detecting unauthorised access has proven difficult.
Infiltrators are now changing tactics to avoid detection and maximise the payout. They have adopted a new strategy that involves spending months hidden in the system, carefully navigating through the network, and patiently waiting to locate their victim’s most valuable assets. A 2020 report by the Ponemon Institute revealed that the average time for companies in KSA and UAE to detect data breach is 269 days.
The increased incidence of attacks on financial institutions in the region encouraged these institutions to invest in measures against cyber threats. A sentiment shared by the respondents of the UAE 2020 KPMG cybercrime survey, where nearly three-quarters of those surveyed expected businesses to invest significantly in cybersecurity.
According to Ray Kafity, Vice President META at Attivo Networks, “CISOs can proactively defend against APT threats by utilising a portfolio of solutions that can detect, isolate and remedy the attack. In addition to endpoint security, tools using deception and concealment techniques, provide early detection capabilities for discovery, credential theft, lateral movement, privilege escalation, and data gathering activities.”
There has been a shift in organisations’ focus from prevention to early threat detection when it comes to cybersecurity. Utilising platforms like Attivo Networks’ ThreatDefend®, in addition to endpoint security products, gives organisations an average of 42 percent boost in detection, due to their advantage of reducing dwell times and providing evidence-based, actionable alerts.
Attivo Networks®, the leader in lateral movement attack detection and privilege escalation prevention, delivers a superior defense for countering threat activity. Through cyber deception and other tactics, the Attivo ThreatDefend® Platform offers a customer-proven, scalable solution for denying, detecting, and derailing attackers and reducing attack surfaces without relying on signatures. The portfolio provides patented innovative defenses at critical points of attack, including at endpoints, in Active Directory, in the cloud, and across the entire network by preventing and misdirecting attack activity. Forensics, automated attack analysis, and third-party integrations streamline incident response. Deception as a defense strategy continues to grow and is an integral part of NIST Special Publications and MITRE Shield, and its capabilities tightly align to the MITRE ATT&CK® Framework. Attivo has won over 130 awards for its technology innovation and leadership. www.attivonetworks.com
© Press Release 2021
Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.
The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.