Connect with us

Expert Speak

Navigating Change with Professional Services

Published

4 years ago

on

Written by Ephrem Tesfai, Sales Engineering Manager at Genetec

CIOs and IT decision-makers (ITDMs) across the UAE are looking to maximize investments in digitization and drive innovation after a difficult year which raised the profile of IT leaders in driving critical workplace innovation, according to Cisco’s new Accelerating Digital Agility Research. The main goal of an IT provider’s professional services is to optimise the performance of the solutions implemented at the customer’s premises, and thus to meet their operational needs as precisely as possible. However, over a short period of time since the start of the pandemic, these needs have changed radically, as companies have had to adapt and completely rethink their operating methods to cope with the crisis.

To continue to support businesses and their workforce effectively, there is growing pressure on professional services providers to show agility in line with evolving industry demands, developments, such as the growing trend of working remotely, and the ever-increasing cloud consumption.

Remote services to meet the cloud boom
As a direct result of social distancing measures and mass move towards working from home, cloud consumption has grown dramatically in 2020 and is expected to continue to do so in the years to come. In turn, 49% of IT decision-makers are investing in multi-cloud infrastructure, 48% in cloud security, 47% in network security, and 43% in cloud applications in 2021-2022.

To set up their organizations for success in 2021 and beyond, IT leaders have adapted priorities and strategy to focus on core issues including delivering secure collaboration tools to keep distributed workforces productive, maximizing technology investments from the past year, delivering the best digital experience to employees and customers, embracing cloud “as a service,” and tackling corporate and societal issues with technology.

In the physical security sector, where the cloud has traditionally played a minor role, this has resulted in the emergence of hybrid solutions that allow existing solutions to remain on-site, move to the cloud for specific applications and gradually migrate systems as needed. This new development does add a layer of complexity to those carrying out complex, multi-system, and multi-site physical security projects, including the job of integrators who support them.

For professional services, this means offering services linked to easing the transition to a hybrid or cloud model, but also changing the way these services are delivered and packaged so that they are more consistent with the cloud: remote and longer-term services, covering the entire life cycle of the customer and their experience.

Strengthening cybersecurity services
At the same time, cyber-attacks have increased. Hackers have seen and seized many of the opportunities generated by the rapid and improvised implementation of working from home in companies during the initial containment. Cyber-attacks in UAE increased over 190% following remote working shift and this means it’s likely these types of attacks against remote desktop protocols will continue to occur at a rather high rate.

Cybersecurity cannot be improvised. It involves choosing the right solutions, with several layers of protection such as encryption, authentication, and authorisation, and acquired from trusted suppliers, recognised for their transparency and the reliability of their products. This is essential, but it is not enough. To strengthen their cyber hygiene, companies must also consider every integration, every configuration, every password in the deployment and life cycle of their software and hardware solutions. A multitude of risks must be minimised to ensure the best protection.

Professional services are best placed to assist in protecting not only their enterprise customers but their integrators as well. Both of whom can be confident that their solutions have been optimised by the people who know them best: the people who developed and market them. To build resilience, companies need to be able to rely on services that assess their current cybersecurity, across all components of their infrastructure, and professional services need to take a more proactive approach to build resilience.

Ultimately, despite the pandemic, the premise of professional services remains the same: to deliver value and minimise risk in the deployment of systems, and to ensure that everything works as intended over time. As deployments are now more open to the cloud and the risks are greater and more present there’s unrelenting pressure to adapt at little notice. It is this new reality that professional services must consider.

Related Topics:
Continue Reading

Artificial Intelligence

How AI is Reinventing Cybersecurity for the Automotive Industry

Published

4 weeks ago

on

April 23, 2025

By

Written by Alain Penel, VP of Middle East, CIS & Turkey at Fortinet (more…)

Continue Reading

Cyber Security

Positive Technologies Study Reveals Successful Cyberattacks Nett 5X Profits

Published

2 months ago

on

March 25, 2025

By

Positive Technologies has released a study on the dark web market, analysing prices for illegal cybersecurity services and products, as well as the costs incurred by cybercriminals to carry out attacks. The most expensive type of malware is ransomware, with a median cost of $7,500. Zero-day exploits are particularly valuable, often being sold for millions of dollars. However, the net profit from a successful cyberattack can be five times the cost of organizing it.

Experts estimate that performing a popular phishing attack involving ransomware costs novice cybercriminals at least $20,000. First, hackers rent dedicated servers, subscribe to VPN services, and acquire other tools to build a secure and anonymous IT infrastructure to manage the attack. Attackers also need to acquire the source code of malicious software or subscribe to ready-to-use malware, as well as tools for infiltrating the victim’s system and evading detection by security measures. Moreover, cybercriminals can consult with seasoned experts, purchase access to targeted infrastructures and company data, and escalate privileges within a compromised system. Products and tools are readily available for purchase on the dark web, catering to beginners. The darknet also offers leaked malware along with detailed instructions, making it easier for novice cybercriminals to carry out attacks.

Malware is one of the primary tools in a hacker’s arsenal, with 53% of malware-related ads focused on sales. In 19% of all posts, infostealers designed to steal data are offered. Crypters and code obfuscation tools, used to help attackers hide malware from security tools, are featured in 17% of cases. Additionally, loaders are mentioned in 16% of ads. The median cost of these types of malware stands at $400, $70, and $500, respectively. The most expensive malware is ransomware: its median cost is $7,500, with some offers reaching up to $320,000. Ransomware is primarily distributed through affiliate programs, known as Ransomware-as-a-Service (RaaS), where participants in an attack typically receive 70–90% of the ransom. To become a partner, a criminal must make a contribution of 0.05 Bitcoin (approximately $5,000) and have a solid reputation on the dark web.

Another popular attack tool is exploits: 69% of exploit-related ads focus on sales, with zero-day vulnerability posts accounting for 32% of them. In 31% of cases, the cost of exploits exceeds $20,000 and can reach several million dollars. Access to corporate networks is relatively inexpensive, with 72% of such ads focused on sales, and 62% of them priced at under a thousand dollars. Among cybercriminal services, hacks are the most popular option, accounting for 49% of reports. For example, the price for compromising a personal email account starts at $100, while the cost for a corporate account begins at $200.

Dmitry Streltsov, Threat Analyst at Positive Technologies, says, “On dark web marketplaces, prices are typically determined in one of two ways: either sellers set a fixed price, or auctions are held. Auctions are often used for exclusive items, such as zero-day exploits. The platforms facilitating these deals also generate revenue, often through their own escrow services, which hold the buyer’s funds temporarily until the product or service is confirmed as delivered. On many platforms, these escrow services are managed by either administrators or trusted users with strong reputations. In return, they earn at least 4% of the transaction amount, with the forums setting the rates.”

Considering the cost of tools and services on the dark web, along with the median ransom amount, cybercriminals can achieve a net profit of $100,000–$130,000 from a successful attack—five times the cost of their preparation. For a company, such an incident can result not only in ransom costs but also in massive financial losses due to disrupted business processes. For example, in 2024, due to a ransomware attack, servers of CDK Global were down for two weeks. The company paid cybercriminals $25 million, while the financial losses of dealers due to system downtime exceeded $600 million.

Continue Reading

Expert Speak

What the Bybit Hack Reveals About the Future of Crypto Security

Published

2 months ago

on

March 8, 2025

By

Written by Oded Vanunu, Chief Technologist & Head of Product Vulnerability Research at Check Point (more…)

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.