VirtuPort inaugurated the 7th edition of the Middle East and North Africa Information Security conference 2019, under the theme: Cyberspace, The New Frontier Deception, Orchestration and Blackholes”, yesterday in Riyadh. The conference was attended by world experts and international companies specialized in cybersecurity.
The CEO of the VirtuPort, Eng. Samer Omar, stressed, during his inaugural speech, on the importance of the new edition that comes at a time of growing cyber threats. The conference will play an integral role in sustaining the communications between senior information security professionals in the MENA region, and contributing to strengthening the necessary cyber security culture; such as compliance, legislation, governance, cloud security and others.
Deception Technology
According to Bahi Hour, SE Director at META - Attivo Networks, 87% of breaches took minutes or less. Additionally, only 3% of breaches were discovered as quickly, while, 68% of them took months or years to be discovered.
During his speech titled ‘Deception-based Threat Detection Myths & Realities – Changing the Game on Modern-day Attackers’, Bahi Hour stated that according to the Mandiant 2018 M-Trends Report, the time taken to discover the breaches and attacks is up to 106 days. This number increases in the Middle East & Asia Pacific where companies take even more time to discover the breaches.
“Despite the misconception that deception is hard to deploy, the reality is machine learning, centralized management, and artificial intelligence make this easy”, Said Hour. He further added, “Another widely held misconception is that deception won’t work against Real Attackers, the reality is accurate, realistic, and authentic Deception technology can fool even the most experienced attackers”.
Connected Threat Defense
During his speech titled “Connected Threat Defense’, Hussam Abu-Rida, Technical lead at Saudi Arabia – Trend Micro, pointed out, “Borderless enterprise and rising sophistication of threats has made it harder than ever for IT to protect their organizations”. He further added, “Typically, these organizations are deploying a variety of security products from different vendors, which makes it harder manage the many points of security”.
”Our vision is to make the world safe for exchanging digital information. From a product perspective, this means that organizations need to be in a position to manage risk before, during and after an attack”, Abu-Rida explained, “This requires a layered approach to security – leveraging a range of techniques that all work together – sharing threat intelligence across the enterprise and speeding the time to response”.
Yasser Elmashad, a cyber security specialist at F5, said during his speech during the conference that his company published a specialized report titled " Lessons Learned from a decade of DATA breaches ". The researchers analyzed 433 confirmed breaches in 37 different areas across 27 countries. The report concluded, 35% of breaches occurred as a result of attacks targeting application services, such as Apache, Node.js, etc., while 33% of attacks targeted user IDs, meaning that 86% of successful breaches occurred at the app developer’s or owner’s end rather than at cloud service providers end.
Internet of Things
During the “Protecting your applications and data in an evolving risk environment” session, Moataz Al-Tarif, F5 Head of Presales Saudi, Egypt and North Africa, reviewed a report by Garner that the number of IoT devices and solutions will reach to nearly 20.4 billion devices. Currently, 50% of the world's population is online, but the use of the IoT platform is still limited. Furthermore, 50% of the companies surveyed confirm security concerns remain the biggest argument against the prevalence of the Internet of Things.
George Daglas, Co-founder and Chief Operations Officer at Obrela Security Industries, explained speech titled “Building Cyber Perceptibility” that at Obrela, they use electronic security analysis, complex risk management strategies and to protect their clients dynamically by identifying, analyzing and preventing cyberthreats in the shortest possible time.
He added: "Some external factors that contribute to the increase of cyber-attacks risks include the rapid development of technology and the high profitability of cybercrime, while the internal obstacles faced by companies against cyber threats are the lack of specialized human resources and the existence of internal communication problems within companies, in addition to the geographical separation factor. "
Over the past three years, more than 11.7 billion records and more than 11 terabytes of data have been leaked or stolen in publicly disclosed incidents, said Patrick Grillo, Senior Director, Security Strategy at FORTINET, at the #MENAISC2019. He further explained explained that the Shamoon 2 virus - for example - penetrated a number of oil and gas companies across the Gulf and scanned the discs behind political messages, and in December last year the virus Shamoon 3 paralyzed and infected a number of Gulf IT companies.
He gave the conference some lessons learned from the Shamoon Viruses 1 to 3 highlighting “ organizations need to install and strengthen identity management systems and access privilege, install multi-factor authentication technology, develop emergency response solutions, and implement strategies for periodic security assessments and testing.”
On his part, David Williamson, Director, Cisco Customer Exeprience explained that despite that most companies automate by using such tools as Microsoft SCCM, SolarWinds, people generally hesitate to automate in their own organizations. This is because they fear that it’ll go wrong and cause unintended, serious consequences on their network and systems – due to bad input data, failure of automated process or failure of automated controls.
As 5G enters the markets around the globe, Lee Chen, Founder and CEO of A10, explained that the most common challenge facing 5G technology is security. He went on to explain “94% are concerned about security in 5G while 62% think DDoS protection is most important. It seems then that better security measures will surely improve the integration of 5G into our digital lives.”
Moreover, during the #MENAISC2019, he shed light on cyber attacks on IOT are slowly becoming the norm. Recent Data from 2018 have concluded that peak attack size has reached a whopping 1.7 Terabits per second.
During his speech, Roland Daccache – Team Leader – Systems Engineering – META at CrowdStrike, warned that adversaries are Getting more sophisticated and smarter. Nation states attack are the most sophisticated and are considered to be a non-malware attack which helps the virus avoid detection by antivirus, IDS, next-gen firewalls, etc. Adding to that, they may look like a typical IT admin and will not exploit vulnerabilities.
Worth mentioning, that the new Cyber Saber Hackathon exclusive sponsor this year Integrated Telecom Company (ITC). While the MENAISC2019 team welcomes the largest number of sponsors for this year’s event; with many returning from previous editions which is a testament to the success of the conference and its importance. The platinum sponsors for this year’s conference are A10, Cisco, Crowdstrike and Trend Micro. Gold Sponsors are Aiuken, Attivo Networks, Blackberry Cylance, Credence Security, F5, Fireeye, Forcepoint, Fortinet, IBM, I(TS)2, McAfee, Microfocus, Obrela Security Industries, Netscout, Symantec and Tenable.
Additionally, silver sponsors include, (ISC)2, Adaptive Mobile, Anomali, Barracuda, Citrix, CYBRScore, CYBERX, Digital Guardian, Digital Intelligence, Entrust Datacard, Fidelis, Cybersecurity, Intel471, LookingGlass, Lookout, Mimecast, Ncipher, Netskope, Odysssey, Rapid7, Redseal, RSA, SAASPASS, TEEL technologies, ThreatQuotient, Tripwire and ZeroFOX in addition to other sponsors including the marketing communications partner W7Worldwide, event management partner Marcom Arabia, media partners, Makkah Newspaper, Saheel and Eye of Riyadh.
-Ends-
About MENAISC2019
As in previous years, the event will attract the best and brightest in the information security field, creating opportunities for conference attendees to learn about Cyber Security’s most important issues through first-hand interactions with peers, luminaries and emerging/established companies.
The conference will showcase industry experts along with leading vendors sharing their views and solutions to meet these and other challenges for the future of Cyber Security. As with previous events, this event is an invite only event where the organizers, speakers and sponsors have nominated the target audience they believe can benefit and contribute to the success of the event.
The MENAISC2019 will also be hosting the Cyber Saber Hackathon in its third edition which will attract students from all around Saudi Arabia to try their skills at hacking and defending a model smart city.
For More Information:
Abdullah Inayat
W7Worldwide Marketing Communications Consultancy Agency
Media Relations Director
00966555990258
a.inayat@w7worldwide.com
Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.
The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.
