With Bahrain at the cutting-edge of Digital Transformation, Intelligent CIO speaks to Mirza Asrar Baig, CEO and Founder of CTM360 and other technology companies, about the cybersecurity threats facing the country.
Despite its size, Bahrain possesses one of the most progressive IT sectors in the Middle East.
Bahrainis have proven their talent for excelling in the industry and many organisations in the country boast Bahrainis handling high-profile roles.
The country’s government through ‘Tamkeen’ (a semi-autonomous government agency that promotes the development of private sector businesses) has been heavily investing in local talents and start-up businesses for entrepreneurs.
Perhaps the country’s best-known company is the Bahrain Telecommunications Company (Batelco), a leading digital solutions provider with a global reputation.
Though Bahrain is at the forefront of Digital Transformation, the country is just as susceptible to cyberattacks as the rest of the region. That’s why we decided to ask Mirza Asrar Baig, CEO and Founder of CTM360 and other technology companies, about the cybersecurity scene in the country.
CTM360 is an award-winning cybersecurity company which provides 24x7x365 Cyber Threat Management as a subscription service. It specialises in offensive defence to identify and manage cyber blind spots outside your network across the surface, and the Deep and Dark Web.
It currently serves 25 of the Top 50 GCC Banks as well as entities in oil and gas, healthcare, sovereign wealth funds, aviation and other sectors. Following success in the GCC, CTM360 now operates globally across 22 countries, servicing 100 plus organisations, protecting 200 plus brands and 300 plus VVIPs.
CTM360 remains a leader in cyberspace for Managed Threat Detection and Response, Digital Risk Management, Threat Intelligence, corporate and VIP brand protection and anti-phishing.
Are there any unique cyberthreats facing Bahrain or is it similar to the rest of the region?
The overall threat landscape in Bahrain is not that different from anywhere else in the world. We face similar types of attacks as any other country or region. The only difference is that sometimes a particular scam, fraud or malware can originate from or target a specific country.
So far, none of the cyberthreats have shown a particular uniqueness or signs of targeted intent. This may also exist as an industry-specific problem versus being a region-specific one. In situations where it is country or region specific, the intent is often linked to hacktivism or regional conflicts.
What sort of threats is the banking sector experiencing in Bahrain?
The most common types of threats we face within the banking sector in Bahrain are typical Business Email Compromise (BEC) fraud cases, impersonations, phishing websites and evil-twin sites. The banking sector in general worldwide has recently also faced ‘Fast Cash’ scams where a bank’s internal systems and ATMs are breached. Fortunately, this has not happened in Bahrain yet, which makes it essential for us to be alert and focus on early prevention.
How can you help them overcome these threats? Why is it better to prevent attacks in their infancy and what is the best way of doing this?
At CTM360, we believe that a pre-emptive approach is always the best choice. This includes tackling threats in infancy and neutralising threats before they affect your systems. Currently, the cybersecurity industry focuses on Indicators of Compromise (IOC) which is not wrong. However, we do need organisations to prioritise Indicators of Warning (IOW) and Indicators of Attack (IOA).
To properly tackle cyberthreats, it is essential that we give sufficient attention to all stages of the Cyber Kill Chain rather than focusing on one segment alone.
Another way to help is to ensure that all organisations have DMARC appropriately configured on their domains. DMARC stands for Domain-based Message Authentication, Reporting and Conformance and is fast becoming a global standard.
The effectiveness of this standard has also inspired the origination of DMARC360, another one of my technology start-ups, with a mission to ensure all organisations are DMARC compliant. Through DMARC360, organisations are able to implement digital signatures on their domains to avoid common email threats, including impersonations (BEC), spoof emails and scams that damage an organisation’s brand reputation.
What is the best way for companies to protect themselves from phishing?
This has to be addressed in two parts. Firstly, through technology to ensure organisations block all known ‘phish’ URLs. Secondly, since cybercriminals are continually finding new ways to attack, organisations should always expect that many attacks will reach their staff, and the only real defence towards this is to train and educate staff to be more vigilant.
Conducting awareness sessions and regularly updating your employees on the latest attack techniques and threats will help reduce the risk of malware or compromised data.
What are the most worrying security threats in the region?
The most worrying threat is when an organisation’s system gets compromised and can no longer be used (i.e Shamoon attack). This is one of the most disruptive types of attacks because it can hold the system down and the user has no control whatsoever.
Another example that is also worrisome is when a widespread breach happens which causes one or more organisations to block their systems temporarily. Though reversible, it is still destructive.
What advice would you give to CIOs, so they deliver an effective multi-layered approach to security?
The best advice is to identify and fill gaps through a multi-layered approach. More often than not, security teams focus more on one layer and neglect the rest. The problem is sometimes, a particular attack type arises which leaves security teams to focus on one layer and completely lose sight of all other segments.
It is best to ensure that security is practiced in a balanced manner to have full visibility and sufficient attention to all layers of security. To do this, it is crucial that IT security, information security, and cybersecurity teams collaborate and tackle threats together.
Finally, put a stress on training and educating all levels of staff on being more vigilant when it comes to cybersecurity, this should include board members and executives as they are highly targeted individuals.