Cybersecurity leader Palo Alto Networks showcased some of its latest offerings at GITEX Technology Week in Dubai, where Smart Cities World Forums sat down with Ercan Aydin, the firm’s Regional Vice President, Middle East and Africa. In the interview, Aydin talked about the cybersecurity landscape of the region and what the future of the industry holds with regards to artificial intelligence, machine learning and data analytics.
Could you tell us about your presence at GITEX this year?
At GITEX this year, we announced two new go-to market motions: ‘Secure the Cloud’ and ‘Securing the Future’. We made acquisitions throughout the past year and a half in the range of $1.5 billion and have created a portfolio of solutions that will protect our customers in their journey towards the cloud.
‘Securing the Future’ involves the technologies that are mainly automating the security infrastructure, so instead of taking manual actions to prevent cyberattacks, we automate them by utilizing AI and machine learning (ML).
What have you been working on in the Middle East?
In the Middle East, we have primarily been working on enterprise security. However, over the past two years, we have seen certain trends emerge such as cloud adoption, especially in verticals like aviation, transportation and higher-education institutions, as they are open to cloud and are reaping its benefits, some of which include agility and speed execution.
I think the most important trend is the automation of systems. IoT is seeping its way into IT because IoT is connected to the internet and this has generated a security challenge, so we need to be able to create security policies for these new devices. Take a hospital for instance, in the medical industry there are many technologies that are connected to the internet and the security of these technologies is highly critical. In fact, we recently made an acquisition in that space, not only to protect the medical space, but IoT in general.
We have seen that there is a big appetite to be able to adopt new technologies in order to prevent cyberattacks, and that is essentially what we have seen in the region.
Could you comment on the cybersecurity market in the Middle East?
It is very advanced because of the high volume of attacks that are taking place.
Some cyber attackers are not even out for financial gain, they simply want to destroy entire IT systems. We have seen this happen multiple times in different organizations. We are working with our customers in order to elevate their security state so that they will become more cyber resilient. Even though there will be attacks, we keep their security state at an optimal level so they will not be breached and their operations will continue.
In order to support this initiative, our go-to market strategy is a little different to the other vendors. We have dedicated account teams as well as dedicated system engineers for large organizations, which is highly appreciated, because cybersecurity is a partnership. We work very closely with our customers and our key partners to always provide them with cutting-edge security technology to ensure that they are ahead of the game and to prevent those cyberattacks.
In your opinion, what is the most efficient way for companies to deal with the aftermath of a cyberattack?
When a cyberattack takes place, it is sort of like getting sick and taking antibiotics to feel better. You try to recover of course, but the damage is already done. Our focus in this situation is to prevent another attack.
In order to prevent an attack, there are multiple things that need to be done. One of them is mainly regarding automation. You take a technology that automates certain basic actions and then you spend more time in prevention and predictive analysis, so you can predict what kind of attacks will be coming into your organization by using certain intelligence, and then you can take actions in advance.
A good example of this is patching. If you know that certain industries are experiencing attacks towards certain applications, you could give high priority to patch those applications. For instance, you can change your security policies in order to prevent attacks that may be coming from certain countries; you can terminate those IP addresses from reaching your network.
We believe that in the long run, we are going to see more automation in cybersecurity and the adoption of the cloud. Cloud technologies provide much wider and greater intelligence so you can analyze more data and use it to understand what threats could come to your organization and, in turn, prevent them from happening.
On the other hand, it is also important to analyze what is going on, what happened and why it happened in the organization - for this, you would need to analyze big data. Our automation tools can give companies insight into the activities in their network. However, we prefer to spend more time preventing attacks instead of spanning the after-effects because when you are already breached then it is too late. It is better to protect against these breaches before they happen.
What impact do AI and ML have on the security world?
It is very important to consider that, as we speak, the bad guys are using those technologies to breach large organizations and they are using super computers to be able to do this. On the customer side, we have to use similar technologies like AI, ML and behavioral analysis in order to understand what is going on in the network and automate that information in the network so you can take certain actions.
A good example of this is our security operations center. We have three people dedicated to automating certain actions if certain things are happening in your environment. Through this, you will not need to take action manually.
In the long run, we feel that utilizing automation to prevent cyberattacks is the only way. By utilizing AI and ML technologies to support it along with cloud intelligence, you will be able to generate data, and this is important because the more data you have, the more analysis you can make and you can prevent those cyberattacks.