“If organisations are hacked, they should stay calm and act quickly by instantly activating their incident response plan”

CIO Middle East discuss with Muath AlHomoud, Director of Cybersecurity about how organisations should learn from the hacking activities performed on them so they can implement more effective cyber defences and plan against similar or more sophisticated attacks.

Q. From a cybersecurity perspective, how has 2023 been?

A. The year has been marked by a general increase in state-sponsored attacks due to geopolitical conflicts. The rise of AI has also been increasing and has greatly affected the way cybersecurity could be enhanced while allowing cyber criminals well-versed with AI to launch more sophisticated attacks against their victims and make themselves harder to detect and/or defend against. The Internet of Things (IoT) vulnerabilities have also been increasing. According to Statista, the number of IoT devices exceeded 15 billion in 2023. Ransomware attacks have also increased in 2023 probably due to their perceived profitability. The cloud is also increasing exponentially with many developments happening in the cloud. This continued emergence of cloud environments has greatly affected application development and their associated security architectures. Cloud environments by their nature often consist of rapid DevOps cycles eliminating the need for application developers to adequately maintain secure applications. The cloud has also enabled containerization allowing for the movement of applications between on-premises and cloud environments thus increasing security exposures. 

Q. Can you highlight the top challenges you’ve encountered? 

A. Legislative changes on a global scale have been a daily challenge faced and often exacerbated by the need to instantly change course and work towards compliance to avoid the often-hefty fines and penalties, legal liabilities and reputational damage associated with non-compliance. For example, here in Saudi Arabia, we have witnessed regulations such as the Saudi Arabia Monetary Authority (SAMA) Cybersecurity Framework undergoing several changes which organisations are supposed to comply with such as the integration of cyber threat intelligence principles as one of its integral components.

Q. What are the top three challenges security leaders will face in 2024?

A. The skills challenge is likely going to be key as a result of the rise of disruptive technologies such as Generative AI. They will be a reshaping of the entire global workforce and skills to adequately deal with cybersecurity issues will be in short supply. The other critical challenge that will be faced has to do with regulatory changes as nation-states seek to protect their citizens from cyberattacks. This typically adds to the overall costs of cyber compliance. Lastly, cybercrime will rise especially on digital platforms as people transact virtually.

Q. How are we making security a part of everyone’s job next year? 

A. Awareness programs integrated into daily work practices are key as well as including security in employees’ job descriptions. Adding security duties to job responsibilities makes it everyone’s duty to ensure the security of company assets as well as colleagues’ personal safety. Security awareness is also critical as it enables employees to stay alert and report suspicious activities. 

Q. What cybersecurity questions should every CEO ask? 

A. There are several questions of interest to every CEO. The first one is: Do we have the necessary skills to defend ourselves against cyber-attacks? This is key; if there are no skills efforts should be made to ensure that people are trained, or additional skilled resources are recruited. Cyber skills resident in the organisation should always be higher than the skills of the attackers.  The other question is: Are we complying with a plethora of cybersecurity laws, regulations, and standards to reduce incidences of fines and other penalties? This is very crucial for example in the payments industry where failure to comply with requirements such as PCI-DSS could force an organisation out of business. The last question has to do with resources; Are security budgets adequate to cater for the various security solutions required? Cybersecurity is an expensive process, and resources must be available and appropriately budgeted.  

Q. From the perspective of a cybersecurity leader, what do you believe is the most valuable asset? 

A. The human resource base is very key both for cybersecurity professionals and the general employee. In cybersecurity, precedence is always provided for the protection of human life before anything else. It is therefore important to ensure that people are equipped with adequate and relevant knowledge about how to identify indicators of attacks and remain alert for such attacks, 

Q. What will be the challenges of implementing Generative AI in organizations? 

A. There is generally limited uptake initially caused by hesitancy as people generally wish to test the technology first and proceed to move with due care. An example is Google has delayed the launch of Gemini, its conservational AI platform to early 2024 for further enhancements and testing and getting the necessary user-acceptance and trust. We are also seeing an acute AI skills shortage in the form of developers skilled in AI algorithms which will lead to massive lagging of projects in most organisations and generally poor performing Generative AI models which generally affects organisational decision-making. Generative AI also leads to the displacement of employees in their physical form as their skills become redundant.