With Intersec gathering a wealth of cybersecurity experts in line with the 2022 editions theme of Uniting the world’s leading industry specialists for the safety & security of future generations, the Safeguarding Critical Infrastructure summit welcomed a number of panels on future-proofing organisations cybersecurity strategy.
During a panel on the 'Evolution of Security Strategy in Transformative Times', the co-CEO of Monarch, a private intelligence firm, and Director of Digital Society Industry, Dr Sandro Gaycken, analysed the risks and solutions to the trying cybersecurity landscape.
With Dr Gaycken drawing from a wealth of experience as a security advisor for the UN and other past positions, the talk explained the rising challenges of the transforming digital landscape.
"We are having a large problem in establishing consistent cyber strategies. Organisations are pouring money into pursuing it, and while some strategies work well for a short time, the problems of ransomware, cyber attacks and cybersecurity compromises persist.
"An examination of new potential strategies and solutions is well deserved," Dr Gaycken explained.
"Digital transformation is too much, too difficult, and too fast for many organisations to understand, keep up with and adapt to. Bringing appropriate responses to organisations is difficult. The next problem are the mid- to long-term implications of the digital transformation. It's limiting innovation insofar as path dependencies and lock-ins form. The problems get very complex for many organisations."
Dr Gaycken suggested that evaluating cyber risks from a holistic standpoint may be the beginning to forming effective solutions.
"Examining the many dimensions of cybersecurity is key. Cybersecurity risks span entire technologies - whilst some are more vulnerable than others, all are important to examine, assess for risks, and respond to.
"Part of the core cybersecurity problem is not understanding the risks. The technology itself is complex enough, save the security risks they prose. Non-technological issues, such as corporate requirements and human elements make this all the more complex and render systems more vulnerable.
"On top of all this, technology is so dynamic and constantly in motion that it's even harder to approach the problems proposed by cybersecurity compromises. All this, along with bad data and the myths and perspectives skewing over time, leave gaping holes in organisations' knowledge bases."
On key approaches to establishing strategies and rising to the challenges, Dr Gaycken continued, "The first thing I suggest is to establish a core competence base. Capable people with knowledge of offense strategy and how to enable independent solutions are key. These can be expensive, as they're in high demand, but adding them to IT workforces can be transformative and they are the key to appropriate responses. Having your cybersecurity outsourced may be an attractive option, but bringing this internally can guarantee attention and response to the holes in cybersecurity compromise.
"Organisations must take care of cyber hygiene with basic responses, define critical areas of cybersecurity risk and build internal incident prevention and response areas. From this, build a bank of competence and response resources. This can establish past responses to cybersecurity issues, measure successful approaches and gather key takeaways from evaluations or past issues.
"Sharing this base across departments and partner companies can expand the knowledge base of the workforce, educate on potential risks and make evaluation and counter-measure implementation much easier for organisations."
On a subsequent panel at the summit, Shahab Siddiqui, Global Head of Cyber Security for Petrofac, and Taha Hussain, a Senior Security Engineer at DEWA, analysed approaches for 'Defending Utilities and Other Critical Assets'.
Siddiqui opened the panel, explaining that, "With digitalisation, the comfortability of air-tight systems has disappeared. Key challenges arise from visibility - as third party access from each system is restricted, its hard to keep track of how each technology is working or interacting.
"See recent attacks on pipeleines, with real potential to damage human lives. Digitalisation has increased the potential attack surface area."
Hussain added, "To protect critical infrastructure, we must protect cybersecurity frameworks. Security postures are being left with gaps, where technologies can be compromised and used against organisations. Organisations must ensure education amongst their workforces regarding effective password protection, phishing awareness, and ransomware prevention. Employees must know how and when to report suspicious activity.
"Processes and procedures must be in place to guarantee as little impact as possible from future attacks."
On asset protection, Siddiqui elaborated, "If you know exactly what assets are vulnerable, you must tailor a specific approach to patch the risk and prevent exploitation of it. Asset visibility remains the key problem - the systems aren't mature enough to enable chain clarity."
"Many organisations favour reaction protocol over preventative processes. In many cases, we see very basic vulnerabilities being compromised."
Explaining how assets can be protected without restricting access to those who need it, Hussain explained, "Authentication remains a key problem. One of the approaches is to adopt a zero-trust model, demanding multi-factor authentication from all users.
"The multi-factor authentication sector offers a lot of flexibility - from touch and face ID to offline authentication in areas where internet connection is not available."
Siddiqui added, "The entire journey begins with risk assessment. Every asset category must be examined and the risks measures. A key part of this process is to establish visibility. Segment the network to mitigate collateral from attacks. Segment the network and unify the response approach.
"It's important to review who has access to which systems. Establish remote and mobile device removal options to help continue to limit access beyond the necessary period - based on time, employment, requirement."
To conclude, the panel summarised their suggestions on approaching cybersecurity risks.
Hussain surmised, "In my opinion, too many companies are applying old solutions to new technologies. There's a reluctance to adopt innovative and emerging solutions. Organisations must adapt to new solutions - those adopted within the company and those emerging to market."
Siddiqui concluded, "You should have cybersecurity integrated in the idea development chain from the very start. Analyse what exposures new technologies or initiatives introduce to network and systems."
Intersec 2022 took place at the Dubai World Trade Centre from January 16-18.