Attacks in the cyberspace in the Middle Eastern region are very much prominent and present. Bitdefender, the cybersecurity technology provider, has been at the forefront of providing organizations with robust security infrastructure to protect them against cyberattacks.
The cybersecurity company was showcasing some of its unique offerings at GITEX this year. Smart Cities World Forums sat down with Bitdefender’s regional director, Tarek Kuzbari, and Cristina Vatamanu, senior team lead at Bitdefender’s Cyber Threat Intelligence Lab in Romania to discuss and unpack some of the most pressing issues in the cybersecurity market of the region.
Could you give our readers an overview about Bitdefender’s work in the Middle East?
TK: Bitdefender has been in the region’s cybersecurity market for a while now and we are currently expanding our portfolio and presence in the region and focusing much more on the region’s enterprise business.
We have been doing really well on the consumer side and now we see much more value that we can offer for enterprise customers in the region.
The Middle East is a strategic region for the company and we are currently achieving double digit growth so we definitely believe that there is a huge potential for us in the market. We have our local office which is based in Dubai and we cover the GCC and Levant countries.
Could you tell us more about Bitdefender’s presence at GITEX this year?
TK: For us, GITEX is a great platform where we can communicate with potential customers and partners, showcase our latest technologies and how do we address the different risks that organizations face. So it’s been a very useful way to communicate with different stakeholders in the region.
What are some of the threats associated with IoT? And what offerings does Bitdefender have to ensure the protection of IoT infrastructure?
CV: Actually, the Middle East faced one of the first attacks on industrial equipment and since then, the region has experienced a growing number of threat actors which are targeting a number of industries such as those which offer fast money like oil and gas and the financial sector. There are also those who are targeting critical infrastructure like telecommunications, transport, aerospace and of course, government structures which correlate with geopolitical conflict.
In terms of IoT, there are a lot of things we should be wary of such as DDoS attacks which could essentially block your entire service infrastructure and there are also brute force attacks which could potentially penetrate your network, causing great damage in terms of what they can do on tour network once they are inside; they can perform any kinds of operations.
The networks need to be guarded by multiple barriers and I think Tarek could offer you more insight into our solutions in that field.
TK: We have seen that the usage of IoT devices across several industries and organizations is enormous and this has really increased the attack surface that cybercriminals can cover. What we are focusing on now within Bitdefender is trying to address this risk, especially with our security solution NTSA (Network Traffic Security Analytics) which is, in fact, one of our flagship products that focuses on monitoring the traffic on a network level and trying to provide protection and detection for the threats and risks that IoT devices face within the organization.
What makes Bitdefender unique in that aspect is that we are able to provide the endpoint security, the endpoint detection and response on the endpoint side, as well as the network security analytics on the network level, all from a single console.
How is Bitdefender keeping its offerings around cybersecurity relevant in such a rapidly changing market?
TK: We looked at the challenges that cybersecurity decision makers faced (and continue to face) within the industry. Some of them include a lack of resources, skills shortage, an increase in the sophistication of attacks and attack surfaces, the need for automation and the ability to prioritize the most important risk to the organization. We mainly focus on these key areas.
If you look at our endpoint security where we provide the endpoint protection, the EDR, the patch management, the full encryption, the application control, all from a single agent and a single console.
When we use the term ‘single agent’ we mean that the users don’t face any challenges in terms of productivity when they use Bitdefender’s solutions. For the security team of any given company that uses our solution, they will use a single console which essentially makes their lives a lot easier as they can take action with more ease, correlate activities, understand what is going on and be able to see all the top risks that are affecting the organization. All of this happens on the network side.
For instance, when we prioritize the risk, we show them most important risk the security team can focus on and spend their time on, which is a life changer for these members.
In terms of cyberattacks, what are some steps that companies need to take to ensure their response strategies are effective?
CV: There are a lot of aspects one should consider when we talk about security and because environments are so complex today, the risk assessment process becomes very difficult and recently we started some projects that might help with this issue. So what we are focused on is to take the knowledge from the people from the lab and share it with people that are responsible for security in these companies but not necessarily have the right training for this area and this is why we identified along the way some of the most common mistakes, overviews and misconfigurations that often happen inside an organization. We offer a set of 200 indicators of risk and soon another 100 will be added.
Indicators which would help for example system administrators to measure the risk level of the network that he or she is managing and also aside from the set of risks which are checked, we are also trying to give some suggestions on how to mediate those problems. At the end, practically, this project will minimize the number of risks the company is exposed to.
Could you comment on the future of the cybersecurity industry in the Middle East?
TK: 10 years ago, the number of security vendors did not exceed 10 that were actually really focused on cybersecurity. Today there are over 1200.
The IDC has forecasted that over 40% of cybersecurity vendors will disappear as part of a merger or acquisition and that is why innovation is a key element for cybersecurity vendors to create value for their customers in order to further their development in the market.
In terms of market sizing, it is still one of the most attractive markets and according to IDC, it is expected to reach $2.9 billion this year in the META region (Middle East, Turkey and Africa). This figure represents 10 percent growth compared to last year. IDC also expects it to continuously grow for the next 3 years at least due to the demand for cybersecurity in the market.
One of the priorities of decision makers in organizations, such as CISOs, is cybersecurity. This is especially significant right now because many organizations see digital transformation as a key element of success and cybersecurity is in fact key to the success of this journey so there is huge potential for vendors and partners in this market.
CV: Also, in terms of threats, there is still the tendency for malicious programs to increase in number and this increase has actually been exponential over the years and the Middle East is no exception.
The Middle East is an area where targeted attacks are very much present. So aside from the increasing number of threats, the complexity of these attacks and threats is also on the rise and we expect them to keep happening in the future and to increase not just in number, but in complexity too.