I(TS)2, a Saudi-based specialized IT Security company, announced that several high profile global IT security experts had come together to address various aspects of information security, threats and concerns faced by businesses in Saudi Arabia at the second e-Business Security Conference 2012 held in Riyadh and Jeddah on May 6, 2012 and May 8, 2012 respectively. With its focus being ‘Prevention of Modern Threats’, the conference highlighted the latest cyber security threats and addressed what organizations could do to prevent these threats. Global security experts also shared their knowledge and expertise in preventing hacking on the web application layer as well as securing networks and databases.
Speaking at the conference, Mr. Dimitrios Petropoulos, CEO of I(TS)2 said,“Saudi is one of the fastest growing countries in the region in terms of information and communications technology spending, which reached US$7.2 billion in 2010 and is expected to touch US$12.2 billion in 2015 according to the CITC IT Report 2010. Even though currently Saudi is not ranked amongst the top countries in the adoption of cyber security, it is surely witnessing a rapid increase in the number of businesses investing in the latest technologies to combat internal and external threats. To increase awareness of modern threats and to share insights and global case studies with our customers, we decided to host the second edition of e-Business Security Conference once this year. The event was a success as we had some of the best security experts sharing their global experiences, best practices and case studies with local Saudi businesses.”
Global security solutions companies such as Guidance Software, SafeNet, Tripwire and Websense participated at the event as partners. IT security experts such as Jonathan Hawes of AKJ Associates, Dennis Oommen of Guidance Software, Sébastien Pavie of SafeNet, Jason Clark of Tripwire, Roy Duckles of Tripwire and Amjad Khader of Websense to name a few shared their experiences on various aspects of cyber security at the conference. The event also brought together customers from all industry sectors including Government, Finance, Education, Semi-Government, Services, and Utilities.
“Events such as e-Business Security Conference 2012 are vital in helping companies understand what shifts are happening in the threat landscape, and therefore where they need to realign their project objectives and methods to achieve the results they desire. It is also a great forum to get different perspectives as to how to deal with modern threats. Very often unorthodox approaches are successful in thwarting newer generation threats,” said Mr.Dennis Oommen, Sr. Regional General Manager, Guidance Software, Inc.
“Whilst the need for well laid out strategy and ensuring IT security policies is paramount, the truth is that even though many organisations have the right strategies in place, they lack and will continue to lack in the area of skilled talent to manage the day to day operations surrounding these policies. One possible approach to adopt is to assume the organization will be massively compromised and work from there. Another critical factor is that companies are increasingly becoming custodians of more and more customers’ information,” Mr. Oommen added.
At the conference, security experts pointed out that even though the Middle East region faces the very same cyber threats that the rest of the developed world faces, it has fared much better than most other regions economically and hence it is becoming a ‘natural’ target for commercially motivated cybercrime. The recent social upheavals have only brought to the surface the potential power of the connected populace. Highly sophisticated and successful APT’s such as Stuxnet have gained prominence because of this region. A combination of such factors will inevitably lead to an exponential escalation of the risk associated with such internal and external threats.
"Nearly all data-stealing attacks today involve the web and/or e-mail. And many increasingly use social engineering to take advantage of the human element as the weakest link. Since the current generation of attackers use multiple data points and threat vectors to target their victims, only a solution that understands the entire threat lifecycle and combines data from each phase can protect against them. Traditional defenses just aren't working any more. Organizations need real-time defences with multiple detection points that deeply analyze both the inbound content of each website and email as well as the outbound transmission of sensitive data," said Stephen Grey, Websense Regional Director, Middle East.
According to Mr. Sebastien Pavie, Director of SafeNet Middle East more and more business are moving to online trading and internet banking thus increasing the requirement for proper security compliance and solutions. “In 2011, data breaches grew exponentially across the world as well as in the Middle East, 45% of which involved the theft of authentication credentials, an alarming figure. Unfortunately a large number of companies still rely on username and password to give access to their end-users, and this information is not difficult for hackers to get. In fact 67% of data thefts were perpetrated through guessable credentials.”
“The good news is that cyber security is now appearing more and more on the boardroom agenda. We reckon that private cloud, network upgrade and DR projects in both the government and commercial sectors will keep driving the demand for High Speed Encryption. New eGovernment and eBanking service initiatives spreading fast across the region are also definitely contributing to such demand. Cloud-deployment offers an array of significant benefits to enterprise ranging from improved IT resource management to more effective strategic and operational initiatives. However, without the ability to safeguard virtually-deployed data assets these benefits could easily turn into liabilities.” Mr. Pavie concluded.
Headquartered in Riyadh, Saudi Arabia, Information Technology Security Training & Solutions also known as I(TS)2 (i-ts2.com) is the Middle East’s premier provider of integrated security solutions, security consulting services and security training & certification curriculum and is ISO 27001:2005 certified. I(TS)² is focused on empowering all clients to combat evolving security threats. I(TS)2‘s unique approach ensures delivery of the right mix of people, processes, and technology to meet unique business needs.
I(TS)2 boasts the most prestigious regional Security Academy providing professional and international certifications. I(TS)2 is the only Platinum Consultancy Partner for BSI in Saudi Arabia and has achieved Cisco Advanced Security and Microsoft Gold Partnerships. I(TS)2 has over 130 employees in Riyadh, Eastern & Western Province as well as Jordan.