The threat from cyber-attacks is significant and continuously evolving. One estimate suggests cybercrime could cost businesses more than $2 trillion by 2019, nearly four times the estimated amount in 2015.
The disruptive forces that are driving today’s business growth and efficiency in the region are the same dynamics contributing to this widened attack surface for cyber assaults and attacks. As the UAE and other countries in the region adopt digital transformation project such as FinTech, Smart Cities, Cloud, IoT, SDN/NFV, Blockchain, Smart ID, eGov and mGov technologies the cyber risks related to them increases exponentially. Outsourcing, contracting and remote workforces are shifting operational control. Data is continuing to expand, along with the requirement to protect it.
Attackers, meanwhile, range from hackers to nation states. In all forms, they are constantly innovating and subverting common controls, some beyond the reach of a country’s law enforcement. Furthermore, cyber laws are not adequately issued and often down to interpretation.
In the Middle East, the growing political instability since 2010 has given rise to various hacktivist groups and nation-state threat actors. These groups have wrought havoc on governments and both public and private institutions on almost a daily basis. Shamoon, the aggressive disk-wiping malware used against Saudi Arabia’s energy sector in 2012, made a surprise comeback in late 2016 and early this year. In late 2017 we saw TRISYS cause an industrial plant to shut down due to the malware targeting the safety instrumentation systems controlling the operations of the plan.
As the regional conflicts intensify, so too will the frequency and intensity of cyber-attacks, as cyber threat actors continue to look to cyber space to engage in political activity.
Amid growing concerns about potential financial, operational and reputational damage, cybercrime has quickly become one of the top enterprise-wide risks faced by organizations. Boards of directors, executive management and front-line employees have been forced to sit up and take notice and cyber security is now a board-room discussion.
Addressing cyber risk is an imperative for everyone within the enterprise, but the ultimate responsibility for overseeing risk rests with top leaders. Many board members and C-suite executives, however, are far removed from the day-to-day challenges of monitoring, detecting and responding to evolving cyber risks. Those leaders who develop a deeper view of where their organization stands when it comes to cyber risk will gain a critical understanding of the issue.
DTS Solution has defined multiple sub-domains in the Cyber Strategy domain that will drive integration with business objectives, manage cyber risks in a holistic manner that adds value to the executives, compliance to security standards and regulations whilst providing executives with cyber risk scorecards and dashboards that are easy to understand.