Connect with us

Cyber Security

A Reliable Data Backup Strategy is Very Important

Published

3 months ago

on

Sertan Selcuk, the Vice President of METAP and CIS Regions at OPSWAT says hackers are now targeting third-party vendors—companies that have access to critical infrastructure but often have less robust security measures

Can you provide an overview of the current cybersecurity landscape for critical infrastructure in the MEA region?
The cybersecurity landscape for critical infrastructure in the Middle East and Africa (MEA) region is one of both immense opportunity and significant risk. As digital transformation accelerates across industries like energy, healthcare, and transportation, the need to protect vital infrastructure is becoming even more urgent.

The region has always been strategically important, and now, with the growing complexity of the global geopolitical environment and the continued digitisation of everything from industrial control systems to cloud platforms, the attack surface is rapidly expanding. We’re seeing a combination of increasingly sophisticated, state-sponsored threats alongside an uptick in financially motivated attacks from cybercriminals. The regional challenges are unique, given the variety of government approaches to cybersecurity and varying levels of infrastructure maturity.

But at its core, the MEA region is dealing with the same overarching issue: the gap between the speed of technological innovation and the speed at which security measures can evolve to match these new threats.

What are the most notable trends in cyber attacks targeting these systems?
If there’s one thing we’ve seen in recent years, it’s that the diversity of attack methods has dramatically increased. Ransomware is still a significant threat—attackers are targeting critical sectors like healthcare and energy, knowing that they can disrupt essential services and demand large ransoms. But what’s more concerning is the rise in advanced persistent threats (APTs). Nation-state actors are not only after financial gain—they’re after strategic advantage, stealing intellectual property or trying to destabilise key regions. In some cases, these attacks are also focused on geopolitical leverage.

Another major trend we’re seeing is the exploitation of supply chains. Hackers are now targeting third-party vendors—companies that have access to critical infrastructure but often have less robust security measures. It’s a classic example of how an attack doesn’t always come directly through your organisation but via a trusted partner. Lastly, IoT vulnerabilities are becoming more apparent as we digitise our energy grids, healthcare systems, and transportation networks. These IoT devices are often not properly secured, making them a prime target for cybercriminals.

Which sectors in the MEA region are most vulnerable to cyber attacks, and why?
I believe the energy sector stands out as one of the most vulnerable in the MEA region. Countries that rely on oil and gas for economic stability, like Saudi Arabia and the UAE, face constant threats from state-sponsored cyber actors trying to disrupt operations or steal valuable data. It’s not just about cybercriminals; these attacks are highly sophisticated, driven by geopolitical motivations.

The healthcare sector is another area of concern. With digital health records, connected devices, and the overall shift toward telemedicine, the healthcare system in many parts of MEA has become increasingly digitised—and underprotected. Ransomware attacks targeting hospitals can be devastating, especially when attackers hold critical systems hostage, which is exactly what we saw in the past few years.

Then, we can’t ignore transportation. Whether it’s maritime shipping or air traffic, these sectors are essential for global trade, and a cyber-attack could have significant ripple effects across the world’s supply chain. Port infrastructure in the region, which is key for both regional and global trade, has become a frequent target for both financial and strategic motives.

What are the primary motivations behind cyber attacks on critical infrastructure in the MEA region?
When it comes to motivation, the drivers are multi-layered. Geopolitical tension is a major factor. A lot of the attacks we’re seeing aren’t just about stealing data or holding a company ransom—they are about sending a message or destabilising a government or economy. The energy sector, for example, is frequently targeted by actors seeking to disrupt the regional balance of power.

But financial gain is still a huge motivator, especially in sectors like healthcare and financial services. Ransomware operators know that shutting down vital services is a quick way to demand a ransom, and unfortunately, these industries often have no choice but to pay to get systems back online.

Then there’s the classic case of cyber sabotage, where an attack is purely designed to cause disruption. This could be in an effort to undermine trust in a government or to cause chaos during a period of political instability. These are often less about stealing data and more about sending a political message or leveraging cyberattacks to further a larger agenda.

How important is employee training and awareness in preventing cyber attacks on critical infrastructure?
One of the most important lessons I’ve learned over my career is that people are the weakest link in cybersecurity. No matter how advanced your technical systems are, if your employees aren’t properly trained to recognise threats—like phishing emails or suspicious links—you’ll always have vulnerabilities. Employee training and awareness are critical.

It’s not just about sending out a checklist of best practices, either. It’s about creating a culture of cybersecurity across your organisation, where everyone—from the top down—understands the risks and the role they play in preventing them. We need to empower individuals to spot threats early and respond appropriately. I can’t overstate how essential it is for leadership to take this seriously and lead by example.

What role does proactive threat intelligence play in securing critical infrastructure systems?
Proactive threat intelligence is more critical than ever in the current cybersecurity environment. Threat actors today are faster, smarter, and more persistent, so waiting until an attack occurs to react, simply isn’t enough. By tapping into threat intelligence, organisations can stay ahead of emerging risks, whether it’s a new attack vector or a shift in attack tactics from a known adversary. Real-time intelligence, for example, can help identify vulnerabilities before they’re exploited, so that organisations can adjust their defenses ahead of time. Sharing intelligence between governments, private organisations, and even across borders, allows for a more collective approach to mitigating risk.

Are there any technologies being deployed to safeguard critical infrastructure in the region?
There’s no silver bullet when it comes to securing critical infrastructure, but AI and machine learning are becoming game changers. These technologies can identify abnormal patterns and suspicious activities faster than a human ever could. They’re excellent for proactive defense, helping to detect zero-day attacks or even malware that hasn’t been seen before.

Another critical trend is the adoption of zero-trust architecture. In a region where critical infrastructure spans multiple sectors and often connects with external networks, zero-trust principles—where verification is required for every user, device, and network interaction—are helping to minimise the risk of unauthorised access. Encryption is also key, particularly for protecting sensitive data as it moves between systems or is stored in cloud environments. Secure data transmission and storage should be non-negotiable, especially in industries like healthcare and energy, where the stakes are incredibly high.

What are the biggest challenges companies face in securing critical infrastructure in the MEA region?
I think one of the biggest challenges we face in the MEA region is the lack of resources—specifically, skilled professionals and budget for adequate cybersecurity investments. A shortage of cybersecurity talent continues to be an issue, especially as threats evolve. There’s a constant battle to hire and retain the best talent, and many organisations are underprepared.

Legacy systems also remain a huge hurdle. Critical infrastructure often depends on old, outdated systems that weren’t designed with modern cybersecurity in mind. Modernising these systems without disrupting services is a major challenge, but it’s one that organisations must tackle.

Finally, inconsistent regulation across countries can be a major stumbling block. While some governments have made great strides in regulating cybersecurity, others are still lagging behind. Without consistent, region-wide standards, it’s hard for businesses to implement a comprehensive cybersecurity strategy that meets the necessary compliance requirements.

What role do MEA governments play in regulating and enforcing cybersecurity standards for critical infrastructure?
Governments in the region are starting to realise that cybersecurity is no longer a luxury, but a necessity. Countries like the UAE and Saudi Arabia have been proactive in establishing national cybersecurity strategies, and these efforts are a step in the right direction. However, the enforcement of these regulations is still a work in progress. For many organisations in the region, navigating the patchwork of national regulations can be a challenge. What we need is a more harmonised approach across MEA that allows companies to meet consistent standards, reducing the complexity of compliance and making it easier for businesses to implement effective security measures.

How can companies ensure business continuity while recovering from a cyber attack on their critical systems?
When it comes to ensuring business continuity after a cyber attack, the key is preparedness. Organisations need to have detailed incident response plans in place, backed up by strong recovery protocols. A good plan not only helps you respond quickly, but it also ensures that you’re communicating effectively with stakeholders throughout the process. I’m a firm believer that businesses should be practicing their response to cyber incidents as if they’re real—because when an attack happens, it’s no time to learn on the fly.

One of the most important things to have in place is a reliable data backup strategy. Regular backups are essential for minimising downtime. And once the systems are back online, it’s essential to conduct a thorough post-incident review. This review isn’t just about identifying what went wrong but also about adapting and strengthening defenses to ensure that you’re better prepared next time.

Related Topics:
Continue Reading

Cyber Security

Positive Technologies Reports 80% of Middle East Cyberattacks Compromise Confidential Data

Published

4 days ago

on

May 16, 2025

By

A new study by cybersecurity firm Positive Technologies has shed light on the evolving cyber threat landscape in the Middle East, revealing that a staggering 80% of successful cyberattacks in the region lead to the breach of confidential information. The research, examining the impact of digital transformation, organized cybercrime, and the underground market, highlights the increasing exposure of Middle Eastern nations to sophisticated cyber threats.

The study found that one in three successful cyberattacks were attributed to Advanced Persistent Threat (APT) groups, which predominantly target government institutions and critical infrastructure. While the rapid adoption of new IT solutions is driving efficiency, it simultaneously expands the attack surface for malicious actors.

Cybercriminals in the region heavily utilize social engineering tactics (61% of cases) and malware (51%), often employing a combination of both. Remote Access Trojans (RATs) emerged as a primary weapon in 27% of malware-based attacks, indicating a common objective of gaining long-term access to compromised systems.

The analysis revealed that credentials and trade secrets (29% each) were the most sought-after data, followed by personal information (20%). This stolen data is frequently leveraged for blackmail or sold on the dark web. Beyond data theft, 38% of attacks resulted in the disruption of core business operations, posing significant risks to critical sectors like healthcare, transportation, and government services.

APT groups are identified as the most formidable threat actors due to their substantial resources and advanced technical capabilities. In 2024, they accounted for 32% of recorded attacks, with a clear focus on government and critical infrastructure. Their activities often extend beyond traditional cybercrime, encompassing cyberespionage and even cyberwarfare aimed at undermining trust and demonstrating digital dominance.

Dark web analysis further revealed that government organizations were the most frequently mentioned targets (34%), followed by the industrial sector (20%). Hacktivist activity was also prominent, with ideologically motivated actors often sharing stolen databases freely, exacerbating the cybercrime landscape.

The United Arab Emirates, Saudi Arabia, Israel, and Qatar, all leaders in digital transformation, were the most frequently cited countries on the dark web in connection with stolen data. Experts suggest that the prevalence of advertisements for selling data from these nations underscores the challenges of securing rapidly expanding digital environments, which cybercriminals are quick to exploit.

Positive Technologies analyst Alexey Lukash said, “In the near future, we expect cyberthreats in the Middle East to grow both in scale and sophistication. As digital transformation efforts expand, so does the attack surface, creating more opportunities for hackers of all skill levels. Governments in the region need to focus on protecting critical infrastructure, financial institutions, and government systems. The consequences of successful attacks in these areas could have far-reaching implications for national security and sovereignty.”

To help organizations build stronger defenses against cyberthreats, Positive Technologies recommends implementing modern security measures. These include vulnerability management systems to automate asset management, as well as identify, prioritize, and remediate vulnerabilities. Positive Technologies also suggests using network traffic analysis tools to monitor network activity and detect cyberattacks. Another critical layer of protection involves securing applications. Such solutions are designed to identify vulnerabilities in applications, detect suspicious activity, and take immediate action to prevent attacks.

Positive Technologies emphasizes the need for a comprehensive, result-driven approach to cybersecurity. This strategy is designed to prevent attackers from disrupting critical business processes. Scalable and flexible, it can be tailored to individual organizations, entire industries, or even large-scale digital ecosystems like nations or international alliances. The goal is to deliver clear, measurable results in cybersecurity—not just to meet compliance standards or rely on isolated technical fixes.

Continue Reading

Cyber Security

Axis Communications Sheds Light on Video Surveillance Industry Perspectives on AI

Published

1 week ago

on

May 12, 2025

By

Axis Communications has published a new report that explores the state of AI in the global video surveillance industry. Titled The State of AI in Video Surveillance, the report examines the key opportunities, challenges and future trends, as well as the responsible practices that are becoming critical for organisations in their use of AI. The report draws insights from qualitative research as well as quantitative data sources, including in-depth interviews with carefully selected experts from the Axis global partner network.

A leading insight featured in the report is the unanimous view among interviewees that interest in the technology has surged over the past few years, with more and more business customers becoming curious and increasingly knowledgeable about its potential applications.

Mats Thulin, Director AI & Analytics Solutions at Axis Communications

“AI is a technology that has the potential to touch every corner and every function of the modern enterprise. That said, any implementations or integrations that aim to drive value come with serious financial and ethical considerations. These considerations should prompt organisations to scrutinise any initiative or investment. Axis’s new report not only shows how AI is transforming the video surveillance landscape, but also how that transformation should ideally be approached,” said Mats Thulin, Director AI & Analytics Solutions at Axis Communications.

According to the Axis report, the move by businesses from on-premise security server systems to hybrid cloud architectures continues at pace, driven by the need for faster processing, improved bandwidth usage and greater scalability. At the same time, cloud-based technology is being combined with edge AI solutions, which play a crucial role by enabling faster, local analytics with minimal latency, a prerequisite for real-time responsiveness in security-related situations.

By moving AI processing closer to the source using edge devices such as cameras, businesses can reduce bandwidth consumption and better support real-time applications like security monitoring. As a result, the hybrid approach is expected to continue to shape the role of AI in security and unlock new business intelligence and operational efficiencies.

A trend that is emerging among businesses is the integration of diverse data for a more comprehensive analysis, transforming safety and security. Experts predict that by integrating additional sensory data, such as audio and contextual environmental factors caught on camera, can lead to enhanced situational awareness and greater actionable insights, offering a more comprehensive understanding of events.

Combining multiple data streams can ultimately lead to improved detection and prediction of potential threats or incidents. For example, in emergency scenarios, pairing visual data with audio analysis can enable security teams to respond more quickly and precisely. This context-aware approach can potentially elevate safety, security and operational efficiency, and reflects how system operators can leverage and process multiple data inputs to make better-informed decisions.

According to the Axis report, interviewees emphasised that responsible AI and ethical considerations are critical priorities in the development and deployment of new systems, raising concerns about decisions potentially based on biased or unreliable AI. Other risks highlighted include those related to privacy violations and how facial and behavioural recognition could have ethical and legal repercussions.

As a result, a recurring theme among interviewees was the importance of embedding responsible AI practices early in the development process. Interviewees also pointed to regulatory frameworks, such as the EU AI Act, as pivotal in shaping responsible use of technology, particularly in high-risk areas. While regulation was broadly acknowledged as necessary to build trust and accountability, several interviewees also stressed the need for balance to safeguard innovation and address privacy and data security concerns.

“The findings of this report reflect how enterprises are viewing the trend of AI holistically, working to have a firm grasp of both how to use the technology effectively and understand the macro implications of its usage. Conversations surrounding privacy and responsibility will continue but so will the pace of innovation and the adoption of technologies that advance the video surveillance industry and lead to new and exciting possibilities,” Thulin added.

Continue Reading

Artificial Intelligence

CyberKnight Partners with Ridge Security for AI-Powered Security Validation

Published

2 weeks ago

on

May 8, 2025

By

The automated penetration testing market was valued at roughly $3.1 billion in 2023 and is projected to grow rapidly, with forecasts estimating a compound annual growth rate (CAGR) between 21% and 25%. By 2030, the sector is expected to reach approximately $9 to $10 billion. The broader penetration testing industry is also expanding, with projections indicating it will surpass $5.3 billion by 2027, according to MarketandMarket.

To support enterprises and government entities across the Middle East, Turkey and Africa (META) with identifying and validating vulnerabilities and reducing security gaps in real-time, CyberKnight has partnered with Ridge Security, the World’s First Al-powered Offensive Security Validation Platform. Ridge Security’s products incorporate advanced artificial intelligence to deliver security validation through automated penetration testing and breach and attack simulations.

RidgeBot uses advanced AI to autonomously perform multi-vector iterative attacks, conduct continuous penetration testing, and validate vulnerabilities with zero false positives. RidgeBot has been deployed by customers worldwide as a key element of their journey to evolve from traditional vulnerability management to Continuous Threat Exposure Management (CTEM).

“Ridge Security’s core strength lies in delivering holistic, AI-driven security validation that enables organizations to proactively manage risk and improve operational performance,” said Hom Bahmanyar, Chief Enablement Officer at Ridge Security. “We are delighted to partner with CyberKnight to leverage their network of strategic partners, deep-rooted customer relations, and security expertise to accelerate our expansion plans in the region.”

“Our partnership with Ridge Security is a timely and strategic step, as 69% of organizations are now adopting AI-driven security for threat detection and prevention,” added Wael Jaber, Chief Strategy Officer at CyberKnight. “By joining forces, we enhance our ability to deliver automated, intelligent security validation solutions, reaffirming our commitment to empowering customers with resilient, future-ready cybersecurity across the region.”

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.