SECURING NETWORKS The nework security space continues to grow in the region
Securing company networks has become an increasing complex task for organisations of all sizes. For solution providers playing in this sector, these challenges can be turned into opportunity if they have the right skills, knowledge and solutions portfolio to serve clients of all sizes.
In the high-stakes game of cyber security, the only real constant is change. The number of new threats is escalating, and the attack surface is growing, too. Organisations today depend more extensively than ever on Internet-connected devices, services and data - from machine-to-machine (M2M) communication and the Internet of Things (IoT), to bring your own devices (BYODs) and bring your own cloud (BYOC) applications.
One thing this tidal wave of new targets has in common is their exposure to network-borne threats. From WannaCry to Shamoon 2, cybercriminals continually exploit low-hanging fruit by finding new bugs in widely deployed software and old gaps that resurface in new technologies.
Effectively spotting and stopping these evolving network threats requires not just vigilance, but new approaches. It’s unrealistic to expect enterprise defences to block all attacks or eliminate all vulnerabilities.
Pundits say rising instances of enterprise targeted cyber-attacks and threats are expected to drive the Middle East cyber security market.
Analysts IDC predicts the Middle East cyber security market size is expected to grow from$11.38bn in 2017 to $22.14bn by 2022, growing at an estimated compound annual growth rate (CAGR) of 14.2%).
However, the high cost of innovation and budget constraints of organisations limit the growth of the market.
As a result of the amount of growth experienced by digital organisations, IDC stated that 76% of IT professionals say a lack of visibility is their biggest challenge in addressing network threats.
Ashok Kumar, CEO, New Trend Computer Networks LLC, said the unprecedented connectivity of the Internet age has led to enormous social and economic benefits, but has also introduced numerous new challenges.
Kumar said in a fully connected world, Internet security threats continue to evolve, keeping ahead of the most advanced defences. As a result, network-based security threats have led to widespread identity theft and financial fraud. Spam, viruses, and spyware are causing significant problems for consumers and businesses,” he said. A security breach may have irreparably damage on a company’s brand or reputation.
As Internet security technology continues to advance, changing from passive, point product-based to active, and end-to-end approaches to recognition, containment, and quarantine, Internet Service Providers (ISPs) and traditional solution providers are competing on security with consumers.
Kumar said with the exponential increase in devices and applications, the threat surface area for an organisation has expanded beyond traditional means.
He said to reduce risk and complexity, security will need to be embedded within hardware and software solutions, have flexible deployment options, and work with each other to provide integrated multi-layered protection.
Marc Kassis, cyber security director, Ingram Micro META region, said given the fact that cyber security needs are increasing, it is not surprising to see that there is and will still be shortage in skills and experience at regional and global level. Kassis said the major required skills today are those of people who are experienced in best practices for strategy definition, policies deployment and process implementation. “There is also a lack of certified experts for cyber security such as GSEC, CISSP, SSCP, CISM, CEH and others. Being certified for specific vendor technology is also important,” he said. “The Ingram training centres can guide on the most appropriated ones.”
With the ever evolving IT threat landscape, providing solutions and services that address the network security space is one sure way of earning recurring revenues.
At security vendor Fortinet, Zacky Vaz, regional channel manager, said as the threat
landscape continues to get more complex and zero-day attacks have become the weapon of choice, the attacks and threats in the region aren’t limited to one segment, businesses of different sizes, serving different verticals, have all been targeted.
Vaz said the growing threat landscape and the need for enhanced, cost-effective protection to combat these threats is driving the network security market forward. “Businesses are now more focused on integrating security across the board, rather than simply adding security layers to existing infrastructure to tackle threats,” he said. “No longer is a single solution of interest as organisations now want complete solutions that are scalable and offer end-to-end protection with no impact on employee productivity.
Amir Kanaan, managing director for META region at Kaspersky Lab, said the market for IT security solutions is quite developed, but as the threats are changing, so do the solutions.
Kanaan added that networks remain the main channel for intrusion to security perimeter and there are no signs that this situation will change in the near future. He said that’s why traffic control is a “must have”, but comprehensive data attacks could only be gathered with a combination of networks’ (traffic anomalies) and hosts’ (processes, memory, etc) data.
He said the growing awareness about cyber threats and the fact that more companies are taking strategic approaches to cyber security is what is driving the growth in the network security sector. “Besides organisations are turning more towards the services, not just the solutions,” he said.
Ingram Micro’s Kassis explained that because the attacks are conducted remotely and are not on premises, it makes sense to have the best assessments and testing done from the cloud.
Kassis said Ingram Micro is helping resellers to identify the right segment for network security products, technology and services. “We are helping them to do so by giving them access to the cyber security vendors in our stable that include companies such as Cisco, IBM, McAfee, Kaspersky, Symantec and others,” he said. “We have a dedicated regional business unit focusing on cyber security and the new markets as well as offer value added services.”
He explained that few additional distribution contracts were signed in the last few months with cyber security vendors like GFI and Alien Vault. “More vendor contracts will be signed and announced very soon as the company is also having a dedicated professional services division that provides certified security engineers to its channel partners across the region,” he said.
As cyber threats targeting key industries such as banking, retail and, oil and gas, which forms the backbone of the regional economy, have dramatically increased what network security services are being offered via the cloud and how are enterprises and SMBs responding to these services?
Kaspersky’s Kanaan explained that as a starting point, a business needs to make the security assessment of the IT network, choose a reliable and comprehensive security solution that will make it easier to protect IT infrastructure. “The right security solution offers tools that include device security for different operating systems, traffic filtration, and relevant software updates,” he said. “Secondly, once the solution is in place, work with the specialists. The more complex the infrastructure, the higher the degree of expertise required to manage the security.”
Kanaan pointed out that appropriately-skilled specialists will be able to service your information system proactively or a third-party partner with deep IT expertise who will be able to help in an emergency. “It is also important for a business to ensure that they have a strong security policy in place, one that educates staff on the realities of IT security, and of course provides the right outline to employees on what they can and can’t do, when it comes to IT security and operating mobile devices,” he said.
AMIR KANAAN, MD, META, KASPERSKY LAB
MARC KASSIS, CYBER SECURITY DIRECTOR, INGRAM MICRO META
ASHOK KUMAR, CEO, NEW TREND COMPUTER NETWORKS LLC
ZACKY VAZ, REGIONAL CHANNEL MANAGER, FORTINET