Following a hack of its Central Bank, Russia is believed to have lost $31 million, which is an amount less than the hackers initially targeted, according to media reports on December 2, 2016. Harshul Joshi, Senior Vice President of Cyber Governance, Risk and Compliance at DarkMatter, gives an anlysis of the methodologies. In echoes of the SWIFT […]

As reported by Bloomberg and others on Thursday, hackers successfully launched an attack against Saudi Arabian government agencies, including the General Authority of Civil Aviation, the government agency that manages Saudi airports. The attackers, believed to be affiliated with the Iranian government, used the destructive malware Shamoon to wipe data and damage equipment. Shamoon was […]

On November 18, 2016, UK mobile operator Three admitted millions of its customers’ private information was at risk after hackers broke into its security system. The company said hackers used an employee login to access its customer upgrade database, leaving nine million customers at risk. A spokesman for Three detailed that over the last four […]

The State of Qatar has announced that it has issued Law No. 13 of 2016 Concerning Privacy and Protection of Personal Data (the “Law”). Once gazetted, the Law will officially be the first national level legal regime specifically governing data protection in the GCC. As such, it is expected to herald a new era of […]

It’s the news that every security team fears, yet, the fact is that any business can – and will – be the victim of a data breach at some point, many more than once. This is a particular concern for businesses in the Middle East – according to a March 2016 report by PwC[1], 85% […]

Hybrid cloud models offer many well-documented benefits, but they also introduce more complexity for securing data and applications across the enterprise. And this added complexity requires an increasingly diverse skill set for security teams. That’s a challenge, considering the growing cybersecurity skills shortage. In one recent study, 46% of organisations said they have a “problematic shortage” […]

A stealthy threat actor known as StrongPity has spent the summer luring users of encryption software to its watering holes and infected installers, according to a recent report by Kaspersky Lab. Users in Italy and Belgium were hardest hit, but people in Turkey, North Africa and the Middle East were also affected. StrongPity is a […]

According to the Corporate IT Security Risks 2016 study conducted by Kaspersky Lab and B2B International among more than 4,000 representatives from 25 countries including the UAE, a single DDoS attack can cost a company up to over $1.6 million, though that figure depends to a large extent on how quickly the attack is detected. […]

Only a fifth of IT decision-makers in large multinational corporations are confident that their organisation is fully prepared against the threat of cyber criminals. The vast majority of companies feel constrained by regulation, available resources and a dependence on third parties when responding to attacks, according to new research from BT and KPMG. The report, […]

I frequently get asked by clients whether they should invest in security analytics projects. Over a period of time, I have built up a conceptual framework to put security analytics in the context of overall security operations. Although there are many areas for applying analytics, including risk and compliance or vulnerability management, I will concentrate […]