Cyber security is not a field where trends happen easily, but the few that do appear tend to spread at wildfire speed. The newest innovation sweeping the regional cyber security sphere is “threat hunting”. Cyber security has graduated from threat detection and response, to actively pursuing sophisticated threats.
According to Nicholas Watson, Managing Director at Naseba Cyber, “After working with hundreds of CISOs and CIOs, we can be confident that maturity in regional cyber security has hit a critical mass. Historically this sector was extremely reactive, however with the board of organisations becoming more educated and aware on the risks and impact of not protecting their critical assets, pressure is now being applied top-down to force those responsible for digital security to be predictive rather than reactive.”
This trend is clear within the realm of managed cyber security services, which has a higher rate of adoption among Middle Eastern companies than in any other region in the world: according to a recent poll, 57 percent of the region’s organisations use MSS providers. And in developed, rapidly modernizing Middle Eastern countries like the UAE, proactive threat hunting is part and parcel of the drive to use innovative, updated cyber security measures.
IT and cyber security specialists in the Middle East are in the unique position of being exposed to a highly sophisticated cyber threat landscape, without necessarily having access to the appropriate solutions. Very few Middle Eastern companies are able to provide dedicated threat hunting solutions, like the ones provided by US based Tenable Network Inc.
IT specialists are increasingly warning against the notion of defensive cyber threat detection, with offensive approaches taking centre stage. Although maintaining one or several automatic cyber defence systems is an effective strategy for most businesses to embrace, it is no longer enough to simply wait for a security system alarm to sound before focusing on cyber threat mitigation.
Organisations are increasingly turning away from the old model of waiting for an attack to happen, to the more proactive approach of seeking out threats and dealing with them using a combination of threat intelligence, analytics, and security tools. The cyber threat level in the Middle East is particularly high following a series of recent attacks against major institutions in the region, including Qatar National Bank.
In a recent survey by SANS Institute, 86 percent of respondents said that their organisations were engaged in threat hunting. 75 percent claimed that embracing more aggressive threat hunting had reduced their attack surface, while 59 percent stated that it enhanced the speed and accuracy of their incident response.
52 percent of respondents to the survey reported that threat hunting helped them find previously undetected threats in their networks. According to 86 percent of respondents, threat hunts are most commonly launched due to an anomaly or a deviation from normal network behaviour – in other words, they are catalysed by an event outside the norm.
Perhaps most tellingly, the survey reveals that only 23 percent of businesses are employing hunting processes that are invisible to attackers. This leaves organisations vulnerable to the possibility of alerting hackers or “bad actors” to their threat hunting attempts.
According to Ben Johnson, co-founder and Chief Security Strategist at Carbon Black, while threat hunting is not a new concept, it is only now becoming mainstream “because it’s a sexy buzzword and organisations are tired of the long dwell times of the bad guys”. And the evolution of threat hunting into a mainstream concept has brought with it a whole new dimension to threat mitigation and cyber security. Coming to grips with this new dimension of cyber security will require the development of a dedicated skill set and range of tools.
Naseba is a business facilitation company that has spent over a decade building and leveraging a network of contacts with solution providers and buyers around the world, in a variety of industries – including IT. The company hosts private, business-focused platforms around the world where these providers and buyers meet and do business. Past IT clients and partners who have benefited from Naseba’s platforms and services include Cyberia, Qualys and Spire Solutions.
Ralph Witt
Project Lead
+971 44 55 79 27
ralphwnaseba.com
