Are You Prepared for More OT Threats?

By Rick Peters, CISO Operational Technology, Fortinet

For years, Operational Technology (OT) systems have been working to control everything from factories to transportation networks to utilities. The reality is most citizens don’t think about these systems until there’s a problem. That’s why the the attack against Colonial Pipeline in May 2021 was so startling. The attack on a segment of the enterprise transcended IT and resulted in a temporary but severe disruption of the OT based fuel supplies and led the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) to issue an advisory urging critical infrastructure (CI) asset owners and operators to take on a heightened state of awareness.

Unfortunately, the attack against Colonial Pipeline isn’t the first or last time an adversarial cyberattack on an OT target will make headlines. Malicious cyberattacks are likely to increase given the opportunities for mission impact, social anxiety, and profit that disrupting systems and stealing intellectual property from OT and IT systems represent. If there’s any silver lining to this high-profile attack it’s that it has put a renewed focus on securing critical OT assets.

OT cyber events also have demonstrated the consequence of failing to invest and commit proportionally to a cybersecurity strategy. For years OT system owners relied on the “air gap” that separated OT systems from IT to protect them. But as more and more OT organizations digitally connect OT infrastructure such as supervisory control and data acquisition (SCADA) systems with IT networks, the resulting evaporation of the air gap has dramatically increased the level of risk. Given this situation, it’s not a surprise that in the “2021 State of Operational Technology and Cybersecurity Report” 9 out of 10 OT organizations experienced at least one intrusion in the past year and 63% had three or more intrusions.

To protect cyber physical assets, OT organizations need to commit toa proactive cybersecurity strategy, paying particular attention to visibility, control, and behavior analysis. It’s critical to protect every point of connection to the outside world to proactively safeguard OT.

OT Is No Longer a Niche Exploit

In the past, exploits against SCADA or industrial control systems (ICS) were viewed as an infrequent subset of highly structured and often nation-state sponsored targeted attacks. But the OT market is expected to continue to grow through 2027 at a CAGR of 6.40%. Relying on obscurity as a defense strategy doesn’t work anymore; it’s practically an invitation to cybercriminals to penetrate and ultimately compromise OT systems. Although IT-related exploits are still more prevalent, according to the Global Threat Landscape Report from FortiGuard Labs, a growing number of  exploits are targeting OT. The long-held perception that ICS exploits are an obscure niche of the cyber threat landscape is simply no longer the case.

Why Now?

In the past, OT attacks were the domain of specialized threat actors who knew how to exploit ICS and SCADA systems. But now, many of those tools are now being packaged as attack kits on the dark web, so they are available to a much broader set of less technical attackers. The motivations behind the attacks range from gaining a profit through extortion, stealing intellectual property, to simply testing infrastructure resilience. The attacks offer a side benefit in that they create a climate of uncertainty and can force actions by executives in the government and commercial sector. The headlines generated from a successful attack on OT infrastructure only serve to amplify these effects. Attacks on large enterprise businesses in energy and manufacturing and even smaller more discrete intrusions at the municipal utilities level are all newsworthy. The alarming cybersecurity news in 2021 reinforces the fact that OT infrastructures require attention to reduce the attack vectors, tactics, and techniques that focus on industrial environments.

The Need for Better Visibility

The rapid expansion in the threat landscape and the increase in attacks demonstrate the increased need for integration between enterprise solutions and operational infrastructure. In most cases, security considerations need to extend to on-premise systems and extend to the Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices. It’s also important to have an infrastructure control strategy that restricts and contains suspicious activity and behavior. At a minimum, organizations should implement zero-trust network access (ZTNA), which limits user or device access to only those resources required to perform a specific role or function. ZTNA also strictly limits the range and level of engagement, which serves to restrict activity if a system is compromised. 

OT organizations that put comprehensive security policies in place give themselves an advantage over threat actors and can limit the impact of a breach. OT infrastructure is no longer benefiting from obscurity and the adoption of near-universal convergence of IT and OT networks implies traditionally isolated environments are no longer safe. Organizations must take proactive steps to harden OT environments, including integrating tools and practices designed to protect, detect, and respond to threats in real-time. Although attacks are inevitable, they don’t have to be successful.

Help AG Named Platinum Partner by Trend Micro

The partnership will enable Help AG customers to avail of Trend Micro’s security capabilities without sending their data to the cloud, alleviating concerns regarding data privacy.

Help AG, the cybersecurity arm of Etisalat Digital, today announced its Platinum Level partnership with Trend Micro, a global leader in enterprise data security and cybersecurity solutions. The partnership will enable Help AG customers in the United Arab Emirates and Saudi Arabia to avail of Trend Micro’s security capabilities without sending their data to the cloud, alleviating concerns regarding data privacy.

This collaboration allows Help AG to service clients that may be reluctant to transfer sensitive endpoint data to the cloud environments of cybersecurity providers. When utilizing Endpoint Detection and Response services, the client needs to provide complete and accurate endpoint data in order for the service provider to be able to detect threats and attacks. This can be problematic if an organization’s users engage in confidential activities or access confidential websites.

Help AG’s partnership with Trend Micro addresses these challenges by delivering security services and capabilities without needing clients to send their data to a cloud-based environment. Due to the unique data model it has in place, Trend Micro is one of the few vendors of its calibre to offer this option, answering the needs of a niche segment of customers with specific data privacy concerns.

Commenting on the partnership, Stephan Berner, Chief Executive Officer at Help AG, said: “Trend Micro offers solutions that cater to our customers who are sensitive about utilizing cloud for some or all of their security services. Joining forces with Trend Micro enables us to address their concerns by delivering robust capabilities in an environment that is suitable for their data privacy preferences and needs.”

Berner added: “It is an honor to be named a Platinum Partner of Trend Micro, a highly respected leader in the cybersecurity space with a long history and rich legacy. Trend Micro has been extremely consistent in providing world-class products and solutions that address the security needs of organizations, and our customers will benefit immensely from having access to their portfolio.”

“Our partners are at the heart of our mission to make this world a secured place for exchanging information digitally,” said Dr. Moataz Bin Ali, Vice President and Managing Director, Middle East and North Africa for Trend Micro. “We are excited about our collaboration with Help AG that will empower its customers with robust security capabilities to protect their data, adhering to their privacy and compliance needs. Together, we will help regional organizations reimagine cybersecurity,” he added.

Now available to Help AG customers, the Trend Micro portfolio includes products and solutions related to Detection and Response, Network Security, User Protection, Cloud Security, Internet of Things Security, Enterprise Ransomware Protection, and Regulatory Compliance, among other areas within cybersecurity that are relevant to organizations today.

AnadoluJet is starting its Sharjah – Istanbul flights

AnadoluJet, the brand of Turkish Airlines, is starting Sharjah – Istanbul flights. For the launch, the flag carrier brand will set the prices of tickets starting at 755 AED for round trips from Sharjah.

Starting on 15 December 2021, AnadoluJet will operate reciprocal flights four days (Monday, Tuesday, Wednesday and Sunday) a week between Sharjah and Istanbul Sabiha Gökçen. Flights will depart from Sharjah International Airport, flights will depart at 01:20, from Istanbul Sabiha Gökçen Airport at 20:15 on Mondays, Wednesdays, Sundays and at 20:20 on Tuesdays in local time.

AnadoluJet guests will have the option of making changes to their tickets until (including) 31 May 2022 if purchased before (including) 31 March 2022. For more information, you can visit http://www.anadolujet.com website and learn about the details of your options on cancellation, refunds and changes on the “Flexible Ticket Rights” page.

AnadoluJet ensures that all hygiene precautions are always taken at the highest standards in order to provide a healthy and safe travel experience for its passengers and flight crew. For detailed information, you can visit our website at www.anadolujet.com/en/corporate/news-and-annoucements/guidelines-for-safe-travel.

Invixium Integrates Biometric Solutions with AEOS by Nedap

Invixium Integrates Touchless Face Recognition and Multi-Factor Biometric Solutions with AEOS Access Control

Invixium, a premier manufacturer of innovative touchless biometrics, has integrated its portfolio of modern solutions with AEOS by Nedap, a leading provider of access control solutions. This integration between AEOS and IXM WEB, Invixium’s enterprise-grade software solution, streamlines the process of setting up and using Invixium biometric systems with AEOS. AEOS users can now seamlessly deploy Invixium touchless biometrics, such as face recognition via IXM TITAN, as well as the rest of Invixium’s world-class biometric portfolio.

This integration is powered by IXM Link, a licensed software feature for IXM WEB that allows for one- or two-way database-to-database synchronization between IXM WEB and AEOS. Database synchronization ensures easy setup, installation, and use of Invixium biometric solutions for AEOS users. Administrators can effortlessly enroll biometric data to cardholders (securely stored in IXM WEB) which are continuously synchronized with AEOS. In addition, Device Integration Protocol (DIP) has been implemented to allow AEOS to control the verification process.

“Integrating leading security solutions, such as touchless face recognition, with AEOS has enabled Nedap to remain at the forefront of COVID-19 response,” said Susanne Adriaanse, Managing Director at Nedap Security Management. “Invixium’s innovative technologies like face recognition, mask detection, and touchless thermal screening make them a partner that closely aligns with our strategy to provide a wide range high-level solutions to modern security problems.”

“Expanding our reach through technology integrations is vital to our strategy,” said Shiraz Kapadia, CEO & President at Invixium. “This integration simplifies installation and management while reducing costs for businesses that are looking for unified end-to-end security systems. We look forward to addressing the needs of AEOS users with our unique solutions.”

A Cybersecurity Diagnosis for the Healthcare Sector with Breach-Likelihood

By: Saket Modi, Co-Founder and CEO at Safe Security

For more than the past decade, healthcare has been the biggest target of data breaches. The total average cost has increased to $9.23 million in 2021 from $7.13 million the previous year, demonstrating a 29.5% rise. Cyberattacks in healthcare are unfortunately not limited to their financial, regulatory, and reputational impact since they have a direct consequence on lives. An Alabama-based resident claimed negligent homicide for the death of her infant because the hospital’s fetal monitors were inaccessible as a result of a ransomware attack, leaving its systems locked for eight days. For instance, if a hacker tampers with CT or MRI scans, it could also lead to incorrect medical procedures/surgeries, incomplete diagnoses, and reduced emergency or urgent care.

In such a scenario, the healthcare sector needs to quickly improve its cyber risk management. This is possible only if they move away from the traditional reactive and point-in-time approach in cybersecurity to adopt a predictive and measurable method instead. Adopting a proactive strategy includes knowing the organization’s breach-likelihood in real-time and its financial impact on the organization.

The current state of cybersecurity in healthcare:

The NotPetya attack happened five years ago. Since then, has much changed in the healthcare sector? The cost of ransomware alone has grown by 1094% since 2015. However, there are three key areas where this sector falls short:

  1. Accidental and/or malicious insider threats: The HIMSS Cybersecurity survey 2020 states that 89% of initial compromise in hospitals is still through emails and more than half (57%) of the cyberattacks in healthcare begin via trusted insiders.
  2. Third-party are unsecured often with unrestricted access: Over 1600 insurers at an average share PHI with hospitals. Hospitals also deal with a large number of medical devices suppliers, vendors for equipment, medication, repairs, and more, each third party is likely to be an entry point.
  3. Medical device security: There will be ~50 billion medical devices by 2028, with 15 – 20 IoMT in each hospital room, creating a vast digital attack surface. Interestingly, while one aspect is digitizing faster than it can be secured, 83% of medical imaging devices are still legacy systems too old to receive software updates.
  4. The lack of a designated security team: 87% of healthcare IT security leaders work without the right personnel, and three in four hospitals are operating without a designated security leader.

Can predictive analytics in cybersecurity help the healthcare sector?

Financial services organizations predict the likelihood of loans being repaid using the financial history of the applicant, their previous loans, salary/income, and credit score. Similarly, OTT platforms use predictive analytics and algorithms to improve their suggestions. The medical fraternity too relies on prediction models to improve diagnostics, identify risk groups, and improve patient care. Why not use the same analytical approach to predict the possibility of a breach rather than detecting cyberattacks after they happen and reacting to them? The use of predictive technology and models such as the Bayesian Network to predict cyber breaches makes this possible.

Enterprise cyber risk is a product of the probability of a breach happening and its business consequence. This probability is termed the “breach-likelihood” of the organization and can be calculated at the most granular level. Starting from the breach-likelihood of each medical device in every room, department-wise employee threats, to vendors or suppliers of equipment and pharmaceuticals, Electronic Medical Records directory on the cloud and the security posture of each cloud asset – the possibilities are endless. Each prediction makes the organization that much more prepared to predict and therefore mitigate breaches. Once an organization knows what to expect, it can focus energies on fixing what really matters rather than carrying out ad-hoc activities which only add to a sense of security rather than real cybersecurity.

How does breach-likelihood help the healthcare sector?

Breach likelihood in the healthcare sector can be a gamechanger in giving the visibility that is missing today. Similar to doctors arriving at a diagnosis after carrying out due diligence, sieving noise from actual symptoms, and aggregating all relevant information to a central database, cyber risk quantification can segregate information from noise.

As healthcare organizations ramp up cybersecurity infrastructure, they need to remember that all cybersecurity services, products and processes implemented in their cyber risk ecosystem need to communicate with each other. In a scenario where tens of cybersecurity services and tools are performing well in silos, but together fail to generate a comprehensive and prioritized solution, breach-likelihood is can create one score to drive cybersecurity strategy.

Cybersecurity Leader Spearheads Service-Centric Evolution by Launching Help AG as a Service

Help AG, the cybersecurity arm of Etisalat Digital and the region’s trusted security advisor, has launched “Help AG as a Service,” a service-centric model that provides comprehensive cybersecurity offerings that customers can avail “as a service” based on state-of-the-art platforms and tools. This highlights Help AG’s position as a pioneer in the Middle East’s cybersecurity sector, spearheading the industry’s move towards a service-centric future.

Help AG as a Service is the culmination of the company’s transition from technology delivery to a service-centric model, which has placed it in the best position to offer the entire lifecycle, from ‘Assess’ to ‘Defend’ to ‘Respond,’ as a service to customers.

With Help AG as a Service, customers can rest assured that they are provided best-of-breed services, irrespective of the underlying technology or deployment model. Driven by its vision to offer the highest level of protection and user experience, Help AG delivers future-ready services in terms of people, processes and technology, on an MRC/PAYG model.

All services delivered by Help AG are fully compliant with regional and country specific data regulations, and the company ensures that it has expertise and infrastructure available on the ground. Help AG follows the concept of ‘think global, act local,’ aiming to give customers all the benefits of the most advanced global technologies, while fully provisioning them with local expertise.

Commenting on the launch, Stephan Berner, Chief Executive Officer at Help AG, said: “Help AG has been one of the region’s most experienced and trusted cybersecurity partners for more than 16 years, and with the launch of Help AG as a Service, we are truly cementing our place as a pioneer in the regional cybersecurity industry. The future of cybersecurity will be service-led, and Help AG is at the helm of this evolution.”

Berner added: “Years ago, we built our service offering from the ground up with a commitment to delivering truly global and advanced security services while moulding them to address regional market threats and requirements. Our offering has been received very well in the market, enabling us to become the biggest Managed Security Service Provider in the Middle East, and driving us to take our service-centric transition to the next phase with Help AG as a Service.” 

Under Help AG as a Service, customers also enjoy SLA-based offerings; cybersecurity expertise on demand, wherein Help AG’s experts work as an extension of the customer’s team; and elastic capacity based on the customer’s needs.

Help AG has already standardized many of its services, including 24/7 Threat Monitoring, Detection and Response, and it has applied automation to several existing services, including its Managed Advanced Web Application Firewall (AWAF) service and Secure Access Service Edge (SASE) offerings, namely Cyber Edge X and the Help AG Secure Private Access Service (HPA). Other best-of-breed services offered by Help AG include Penetration Testing, Red Teaming, Security Awareness, Compromise Assessment, Managed Security Controls, Digital Risk Protection, SMB Security Offerings, Always-On DDoS Mitigation, Security Bundles with Service Providers, and Secure Cloud Offerings.

Help AG continues to invest in developing its capabilities to provide a 360-degree portfolio of cybersecurity services to customers with round-the-clock availability. The company has differentiated itself by providing in-country, compliant security infrastructure; capability and agility in the cloud; optimization-driven service delivery; in-house digital forensics and incident response; automated threat hunting and cyber threat intelligence under its Security Operations Center (SOC) services; and a dedicated team of security researchers with 110+ zero-day findings to its credit, among other factors that add unmatched value for end customers.

Help AG as a Service is built on the foundation of the capabilities the company has cultivated over more than 16 years, delivering the highest quality of services at the best possible prices. With its integration into Etisalat, Help AG now offers secure connectivity coupled with unmatched availability and reliability through state-of-the-art, in-country infrastructure, thereby complying with customers’ data residency needs. The ongoing transition to a service-based model across the cybersecurity industry is increasing the importance of the role of Managed Security Service Providers (MSSPs), and with Help AG, enterprises get access to the best and largest MSS team in the region, as well as a flexible financing model, hence investing in a capability that will evolve over time.

NetApp 2022 EMEA Predictions

By Fadi Kanafani, Managing Director – Middle East at NetApp

  1. “Digital first” as new business paradigm
    While IT teams and IT leaders are historically called on to drive digitization and increase value, the roles will be reversed in the post-pandemic world. Strategic decision making starts with digital experience and digital transformation since they are now deeply connected to the successful operation of any company.
    We see this for example in business analytics, where the analysis of user experience journeys or customer experience journeys become a crucial information source for strategic decisions.

Another example is increasing convergence between the online and offline world, which results in digital twin concepts being adopted beyond production, and any process being tested virtually before being considered for rollout.

  • Cyber security and resiliency
    The pandemic months have triggered a rapid increase in ransomware attacks as more and more people worked remotely. Coincidentally, this opened up a multitude of new infection vectors.


Enterprises had to come to terms with the fact that many IT security processes and protocols are not well suited to the fight against ransomware, because it is virtually impossible to cut off all these infection routes, especially when criminals use social engineering.


Instead, enterprises will rely on AI-based prevention across their whole domain and stringent zero trust policies. Rather than preventing IT attacks from happening, this approach minimizes their impact. Once an infection happens, it is discovered almost instantaneously: Infected areas are cordoned off and infected files replaced in almost real-time.

  • Sustained impact of the pandemic: cloud acceleration and the supply chain
    The global supply chain has been brought close to its braking point by the COVID-19 pandemic and its impact on air, sea, and land travel. We predict that cloud adoption will accelerate faster as the supply chain constraints drive buyers to find alternatives to purchasing traditional on-premise infrastructure to meet demands. At the same time, optimization of production lines and business processes can help the system to become more robust in the future. Marrying IT and Operational Technology (OT), for example through digital twin concepts and technology such as IIoT and analytics, has virtually limitless potential. Companies that have done their homework in the past, e.g. by building out flexible Industry 4.0 production facilities, will be able to stay healthy much more easily.


The workforce is going through a major change cycle, also triggered and sustained by the pandemic. Hybrid working environments are the expectation of employees moving forward. The ability to work anywhere will increase the digital capabilities businesses must provide to their staff. Controversially, the pandemic also shone the light on labor shortages surfacing quickly and unexpectedly. This will be both a challenge and opportunity for high-skill sectors like the IT industry. On the one hand, there is bound to be fierce competition for skilled personnel; on the other hand, IT itself can deliver technologies that remedy the labor gap, such as low code, no code and AI software development.


The constant simplification of public services access and the services in general will drive broad buy in for digitization. People are also going to be more comfortable with providing their data because they have experienced the positive impact of virtualized service delivery.

  • Productized AI
    In 2022, artificial intelligence (AI) starts to permeate all industries. We will see it used in agriculture, food production, fast-food chains and the entertainment and hospitality sector. Agriculture and the food industry, for example, will use it for packing and processing, while other sectors gain most from general automation and the simplification of their processes.


Let’s also talk about the “how.” Managed services become a primary delivery mode for AI as CSPs double down on “GPU as a service”’-type offerings. This is an important facilitator: As more industries use AI to stay competitive and innovate, there needs to be a solid technology foundation that can scale accordingly, and AI users need to move their AI projects from standalone (siloed) infrastructure onto shared, virtualized, production environments.


Another driver is “Tiny Machine Learning.” Experts are forecasting a massive increase in AI at the edge, down to very low cost, extremely resource constrained edge devices. Think sensors rather than compute devices. This is another generation of devices that feed the ever-growing edge-core-cloud data pipeline, which industries need to access and leverage to differentiate themselves.


And, finally, the macro perspective on AI and machine learning becomes clearer. Countries and governments are guaranteed to invest in AI and ML capabilities to accelerate economic transformation and compete on a global basis.

  • Data trends
    There are a number of technology sub-trends that drive change and innovation. One is Analytics & Optimization of digital services. E.g., Finops results are much easier to come by as more automation and smarter applications take hold. This results in increases ROI from cloud investments throughout the public and private sector.
    Another trend concerns production environments. There is a clear move away from applications as companies deliver their services through containerized solutions and microservices.


Thirdly, data sharing regimes are important prerequisite for building a workable data economy on the international stage. GAIA-X sparked an important discussion about digital sovereignty and the contributions needed to establish a secure data exchange infrastructure. In the near-term, I don’t think this results in a sovereign “EU Cloud.” However, we will see more unity about European norms, and more adherence to them from outside Europe.


Lastly, specifically in data storage, NAS and SAN continue to be the technologies of choice to underpin digital innovation. Writeable storge media can still be made more efficient.

  • Quantum computing
    Quantum computing is expected to re-accelerate the performance cycle postulated by Moore’s law, and all major IT players are invested. Early use cases are expected to be delivered as a service but will not come into fruition for some time. However, manufacturers in different branches of IT will be more vocal about their quantum computing strategy in 2022 – for example security providers, hyperscalers, storage companies, and GSIs/global advisors. These manufacturers will also theorize how they can deliver quantum computing innovation as a service for their customers and overcome branch-specific limitations, e.g. building a data pipeline into the quantum computing cloud.
  • Sustainability – ESG becomes a competitive advantage
    Green topics are on the rise, as demonstrated by the 2021 Climate Change Conference, the US infrastructure deal, or the traffic light coalition coming to power in Germany. We predict that businesses will head in the same direction. This is partly due to regulatory pressure, for example to lower carbon dioxide emissions. But enterprises will also become intrinsically motivated to deliver green innovation.
    One are to look at is employee experience hybrid models, which basically allow companies to recruit talent everywhere, reduce office footprint, and significantly cut work travel.


Another area concerns production processes, which can be made more environmentally-friendly with the help of IT. More automation and optimization, flexible production, testing and planning in software, are all things that reduce wastage.


Net Zero targets will become a priority for businesses in 2022, and they are impacting corporate decision-making already now. This will result in companies examining not just their own actions but their supply chain, digital and non-digital, as they strive to deliver net zero (carbon emissions) as quickly as possible.

7 Strategies for CSO Cybersecurity Survival

By: Amr Alashaal, Regional Vice President – Middle East at A10 Networks

CSOs, CIOs and CISOs have never had it so tough. Alongside their traditional responsibilities of safeguarding the corporation’s physical assets on a day-to-day basis and preparing crisis management strategies, they must now face a cybersecurity threat environment that is growing exponentially.

Today, ransomware has become one of the greatest network security threats organisations have to deal with. Increasingly sophisticated and distributed at a high speed via the internet and private networks using military-grade encryption, today’s ransomware attacks demand multimillion-dollar ransoms.

But ransomware is only one of the many threats organisations have to deal with. There are also distributed denial of service (DDoS) attacks, Man in the Middle (MitM) attacks, social engineering, insider threats, malware, and advanced persistent threats (APTs) to contend with – and those are just the most common network security threats.

Below are seven strategies to make cybersecurity professionals’ organisations safer from the countless network security threats they’ll be facing in the near future:

1. Create a “Security-first” Culture

The problem for CSOs is that, while most employees have some basic knowledge of cybersecurity best practices, that is pretty much all they have. Without ongoing training, knowledge testing and awareness, staff behaviour is one of the biggest cybersecurity risks that organisations face.

A study by Accenture revealed that less than half of new employees receive cybersecurity training and regular updates throughout their career. Just four in ten respondents said insider threat programs were a high priority.

Organisations must look to create a robust and distributed digital immune system with a radical re-engineering of staff behaviour. Business leaders need to have accountability for cybersecurity; security teams need to collaborate with business leaders to create and implement  policies that will actually work, and those policies need to be routinely re-evaluated and tested.

2. Create a Continuous Security Education Program

A “security-first” culture requires that all members of the culture appreciate the concept of network security threats. For this to actually have an impact on culture, however, staff must be trained routinely to ensure that their knowledge is current.

3. Implement a Zero-Trust Model Throughout the Business

Well-trained staff and a monitored environment are crucial to the successful protection of any organisation but without a foundational Zero Trust environment, defences will be intrinsically weak.

The Zero Trust model is a strategy for preventing network security threats that all enterprises and governments should be using to defend their networks. It consists of four components:

  • Network traffic control: Engineering networks to have micro-segments and micro-perimeters ensures that network traffic flow is restricted and limits the impact of overly broad user privileges and access. The goal is to allow only as much network access to services as is needed to get the job done. Anything beyond the minimum is a potential threat.
  • Instrumentation: The ability to monitor network traffic in-depth along with comprehensive analytics and response automation provides fast and effective incident detection.
  • Multi-vendor network integration: Real networks aren’t limited to a single vendor. Even if they could be, additional tools are still needed to provide the features that a single vendor won’t provide. The goal is to get all of the multi-vendor network components working together as seamlessly as possible to enable compliance and unified cybersecurity. This is a very difficult and complex project but keeping this strategic goal in mind as the network evolves will create a far more effective cybersecurity posture.
  • Monitoring: Ensure comprehensive and centralised visibility into users, devices, data, the network, and workflows. This also includes visibility into all encrypted channels.

At its core, the Zero Trust model is based on not trusting anyone or anything on the company. This means that network access is never granted without the network knowing exactly who or what is gaining access.

4. Implement SSL Visibility – “Break and Inspect”

TLS/SSL inspection solutions that decrypt and analyse encrypted network traffic are key to ensuring policy compliance and privacy standards in the Zero Trust model.

Also called “break and inspect”, TLS/SSL inspection bolsters Zero Trust in three major ways. It allows for the detection and removal of malware payloads and suspicious network communications, prevents the exfiltration of sensitive data, and enables the Zero Trust model to do what it’s supposed to do – provide in-depth and rigorous protection for networks from internal and external threats.

For any organisation that hasn’t adopted a Zero Trust strategy combined with deep TLS/SSL traffic inspection, now is the time to start rethinking their cybersecurity posture.

5. Review and Test DDoS Defences Regularly

Routine testing against a checklist of expected configurations and performance standards, as well as random tests of security integrity, is crucial to detecting a distributed denial of service attack.

Network performance testing should be executed daily because a distributed denial of service attack isn’t always a full-bore assault. It can also be a low-volume attack designed to reduce, but not remove, connectivity.

6. Secure all Inbound and Outbound Network Traffic Using SSL/TLS Encryption

When users’ computers connect to resources over the internet, SSL/TLS creates a secure channel using encryption, authentication, and integrity verification. Encryption hides data communications from third parties trying to eavesdrop, while authentication ensures the parties exchanging information are who they claim to be. The combination ensures the data has not been compromised.

Any un-secured traffic must be constrained to specific secured network segments and monitored closely.

7. Establish and Test Disaster Recovery Plans

A key part of a disaster recovery plan involves backups. However, it is surprising how often restoring from backup systems in real-world situations doesn’t perform as expected. It’s important to know which digital assets are and are not included in backups and how long it will take to restore content.

CSOs should plan the order in which backed-up resources will be recovered, know what the start-up window will be, and test backups as a routine task with specific validation checks to ensure that a recovery is possible.

Staying Secure

The CSO’s job isn’t getting any easier, but solid planning using the seven strategies will help ensure an organisation’s digital safety. In addition, partnering with top-level enterprise cybersecurity vendors will ensure that critical security technology and best practices are central to the organisation’s cybersecurity strategy.

Line Investments and Properties LLC bags four awards at the MECS+R Retail Congress MENA Awards 2021

Line Investments & Property LLC bagged four awards at the recent MECS+R Retail Congress MENA Awards. The team walked away with a Gold Award for the futuristic Architectural Design for its new development, Silicon Central, Dubai. Silicon Central also received a Silver Award for Operational Efficiencies & Cost saving Efforts.

Silicon Central is considered a new landmark in Dubai, strategically positioned 12 km from the city-centre and 15 km from Dubai Airport in Dubai Silicon Oasis, the first eco sustainable district in Dubai focused on low carbon footprint, AI, and technology.

Another Gold Award was received by Khalidiyah Mall, Abu Dhabi for Design & Development of Gymnation under New Developments category while Al Wahda Mall, Abu Dhabi received a Silver Award for enhancing its customer experience with the latest addition of IKEA to the Mall under NOI Enhancement- Leasing category.

The Retail Congress MENA is organized by The Middle East Council of Shopping Centres and Retailers (MECS+R) in partnership with the Dubai Association Centre (DAC) and the Dubai Chamber of Commerce,l bringing together retail professionals globally for a conference, exhibition, dealmaking, networking and awards celebration.

Mr. Salim MA, Director Lulu Group said, “Retail Congress MENA Awards recognises Industry Excellence and uplifts the spirit of retail community positively. Being part of the event this year as a sponsor and winning four awards stamps our commitment to enhance the customer experience through design, sustainability initiatives and impactful campaigns. We applaud MECS+R for putting up a successful congress this year.”

Line Investments & Property LLC was shortlisted for all the entries submitted which also included Functional use of open roof space by opening Gymnation at Khalidiyah Mal, the ‘Be Our Guest’ by the Line Investments & Property Northern Emirates Malls and the COVID Test and Vaccination Drive by Lulu Mall Fujairah.

New Aruba EdgeConnect Microbranch Solution Modernizes the Home/Small Office Experience for Hybrid Workplaces

Solution Gives Remote Workers the Complete In-Office Connectivity Experience by Extending SD-WAN and SASE Security Services – All Through a Single Access Point, No Gateway Or Agent Required

Aruba, a Hewlett Packard Enterprise company (NYSE: HPE), today introduced its new EdgeConnect Microbranch solution, an industry-leading home office and small office networking solution for hybrid work environments that securely provides remote personnel all of the traditional services workers receive in-office via a single Wi-Fi access point (AP) – with no gateway, agent or additional hardware required at the remote site. With EdgeConnect Microbranch, IT departments can ensure the employee experience is consistent no matter where workers are located. EdgeConnect Microbranch enables this by delivering the full range of on-campus connectivity services to remote workers, accelerating troubleshooting, and maintaining corporate protections by seamlessly extending on-campus Zero Trust and Secure Access Services Edge (SASE) security frameworks to the home office/small office.

EdgeConnect Microbranch, part of Aruba ESP (Edge Services Platform), comprises APs and a new suite of SD-WAN services and builds upon Aruba’s legacy of delivering robust connectivity, security, and zero touch onboarding experiences to the home office through its popular Remote Access Points (RAPs).

SD-WAN has been added to large branches and campuses to deal with the increasing demands for higher application performance, reliability, and security. Now, as hybrid work becomes the norm, home and small remote offices need the automated, policy-based traffic management and cloud-based SASE security of Aruba SD-WAN to efficiently, robustly, and securely support a workforce that increasingly is remote. In fact, IDC estimates that 70% of G2000 organizations will deploy remote or hybrid-first work models, redefining work processes.[1]

For organizations, the key to successfully enabling flexible and remote work is the ability to provide hybrid workers with the same access to tools, applications, and functionality at home as in the office. The new EdgeConnect Microbranch solution does this by adding new SD-WAN and SASE services to the connectivity, identity-based access control, management, and analytics capabilities users have enjoyed with Aruba RAPs – without the need for additional hardware on premises or agents on devices. Not needing additional hardware is an important factor in space-constrained home offices, small offices, and ad-hoc locations unstaffed by IT, such as retail pop-ups, kiosks, and mobile clinics.

EdgeConnect Microbranch services address common challenges associated with remote work, such as the need to guarantee the performance of latency-sensitive applications like unified communication and collaboration while ensuring proper security and contending with a higher density of bandwidth-hungry devices that may be on the network. New EdgeConnect Microbranch services such as policy-based routing, which enables IT to optimize how application traffic is routed to a destination, complement existing services such as Air Slice, which dynamically allocates AP radio resources to specific applications. For example, video conferencing call quality can be improved by prioritizing that traffic over video entertainment, and then routing the video conferencing traffic directly to the trusted SaaS vendor, bypassing an unnecessary trip to the data center for inspection.

“EdgeConnect Microbranch gives organizations a modern, scalable approach for enabling remote work and making the home office experience equivalent to being in-office,” said Larry Lunetta, VP of Solutions Portfolio Marketing at Aruba, a Hewlett Packard Enterprise company. “While some may believe that the only network service that can be extended to the home office AP/router is security – and even that requires an extra box, – EdgeConnect Microbranch demonstrates that, with a cloud-based approach, all critical network services can be extended to the home office solely through an access point.”

By extending the already robust RAP in-home experience with key SD-WAN features, EdgeConnect Microbranch is now an ideal solution for hybrid operations like contact centers, telehealth, and IT management, where uptime and security are critical.

EdgeConnect Microbranch is an industry-leading solution that improves upon typical approaches that require extensive hardware footprints within the small and home office to deliver SD-WAN and SASE services, as well as consumer-grade hardware and single-purpose appliances that lack robust manageability and functionality.

New SD-WAN Features and Benefits No On-Premises Gateway Required

  • Policy-based routing: Allows IT to deliver application performance and security based on automated rules to meet service-level agreements (SLAs) for specific applications, websites or types of users
  • Tunnel and route orchestration: Optimizes network performance by orchestrating VPN tunnels on demand and automatically rerouting traffic to the network path that will provide the best performance
  • SASE integration: Provides secure connectivity to cloud security services such as Zscaler directly via the AP and with Aruba Central providing orchestration of tunnels and unified configuration management
  • Enhanced WAN visibility: Accelerates troubleshooting and improves the user experience by providing near real-time updates on WAN availability, utilization, and throughput by detecting latency, jitter, and other connectivity issues impacting the ISP that have traditionally been hidden from IT teams

These features build upon existing capabilities of Aruba’s remote access solutions, including:

  • Traffic prioritization: Assigns radio resources to an application and dynamically changes assignments as application sessions begin or end
  • Massive scalability: Supports zero touch deployment and consolidated management for tens of thousands of remote workers via Aruba Central’s cloud-based services and AOS 10
  • Improved uptime and reliability: Provides for LTE backup via a USB interface should the home or small office lose ISP connectivity

“As remote working continues to expand, IT departments are facing an increasing number of challenges, such as ensuring visible, easily managed, and highly secure access for all workers – no matter where they are located – to business-critical applications and data,” said Chris DePuy, technology analyst at 650 Group. “Being able to extend Zero Trust and SASE security frameworks to home and remote offices will play an important role as enterprises move their hybrid work initiatives forward.”

Pricing and Availability

The Aruba EdgeConnect Microbranch solution is available in Early Access and will be generally available in March 2022 for any AP running ArubaOS 10 with a Foundation AP License (including qualified APs customers already own and manage in Central.) Aruba Central Foundation Licenses are available for $145 per AP. AP pricing varies per model and starts at $575.00 US for the Aruba 303H Series.


[1]IDC, IDC FutureScape: Worldwide Future of Work Predictions, November 2021