Ned Baltagi, the Managing Director for MEA at SANS Institute, says his company’s participation at GISEC 2023 aims to provide visitors with the latest industry trends and best practices

Tell us about the cybersecurity trends for 2023.
In 2023, we can expect to see several emerging cybersecurity trends. Firstly, while mobile phones are generally considered more secure than desktops, we will also see a rise in stalker ware included in downloaded apps that target consumers, as hackers are creating malicious stalker ware apps and placing them in app stores.

Secondly, data backup ransomware attacks will increase, as attackers target backups that are less frequently monitored, provide ongoing access to data, and may be less secure or from forgotten older files. Thirdly, we can expect a surge in MFA bypass attacks, as more organizations adopt multifactor authentication and other additional layers of security.

Organizations must be proactive in closing the cybersecurity skills gap by investing in offensive training and threat hunting to address an expanded attack surface from a continued hybrid workforce. This will be especially important as organizations need to upskill and train their existing staff to defend against attacks.

Lastly, attackers are expected to increase their focus on exploiting vulnerabilities in cloud-based infrastructures and applications. Organizations should invest in cloud security solutions to ensure that their systems are secure and that their data is protected from malicious actors. Additionally, they should consider using security automation tools to help detect and respond to threats quickly. In summary, organizations must stay vigilant and proactive in their approach to cybersecurity in 2023 to stay ahead of these emerging threats.

What is the theme of your participation at GISEC 2023?
This year, our participation aims to provide visitors with the latest industry trends and best practices, with cloud security being of paramount importance in digital environments.

Which products and solutions will you be showcasing at GISEC 2023?
We’re excited to showcase our advanced suite of cybersecurity offerings. The range of products and services is designed to cater to the evolving challenges of the cybersecurity landscape through specialised training courses fully aligned with GIAC certifications, Security Awareness Training products, Cyber Ranges for immersive training experiences, and an advanced ECE curriculum that covers digital forensics, penetration testing, and reverse engineering.

Our comprehensive range of cybersecurity solutions is aimed at enhancing your technical proficiency and equipping you with the knowledge and skills required to succeed in today’s dynamic cybersecurity landscape. We will also highlight our CyberTalent offering, which includes various academy programs that we provide to both government partners and individual organizations, to identify hidden cybersecurity talent within their existing workforce.

Additionally, on Tuesday, 14th March, SANS Senior Instructor, Kevin Ripa, will have two speaker sessions, at the Dark Stage, and at X LABS. Alongside these two talks, Kevin and his fellow SANS instructors, Maxim Deweerdt and Michael Hoffman, will be providing workshops each day at Hackstage360.

We are also excited to host our highly engaging mini Capture-the-Flag event onsite at our stand (D50 Hall 7), where visitors will have the chance to test their skills in a simulated cybersecurity environment.

How are you equipped to help companies overcome digital security and privacy challenges?
The SANS Institute is well-positioned to help companies overcome digital security and privacy challenges through a range of services and resources. Our training programs cover a wide range of cybersecurity topics, taught by experienced practitioners who bring real-world experience to the classroom, and training materials that are continually updated to reflect the latest threats and vulnerabilities.

Research by our faculty members into emerging threats and trends is shared with the cybersecurity community through publications and events, including webcasts, conferences, and summits. Additionally, the institute has a strong focus on community building, which fosters collaboration and knowledge-sharing among cybersecurity professionals. Overall, the SANS Institute’s goal is to help organizations build more secure and resilient systems that can withstand the evolving threat landscape.

Is there a skills gap in the cybersecurity industry? What needs to be done in order to bridge that gap?
There is a significant skills gap in the cybersecurity industry. This gap is mainly due to the rapid evolution of technology and the increasing complexity of cyber threats, which make it difficult for organizations to find and retain skilled cybersecurity professionals.

To address this, we need to focus on increasing cybersecurity education and training through academic and industry certification programs, while also creating a supportive work environment that emphasizes ongoing training and development opportunities. Companies can maximize their existing resources by offering cybersecurity training courses/programs to retrain and upskill their existing workforce.

Additionally, we need to promote diversity and inclusion in the field by recruiting and supporting individuals from underrepresented groups and focusing on creating awareness about the opportunities and benefits of a career in cybersecurity.