GISEC CYBERSECURING GCC
The 11th edition of GISEC GLOBAL 2023 was an unprecedented gathering place for the global cybersecurity community, bringing together the leading brands and experts in the cybersecurity industry. The three-day event was packed with conference sessions, keynotes, product launches, partner seminars, interactive sessions, briefings and more. GISEC Global is the super connector event for the cybersecurity community in the Middle East and Africa and organized by DWTC.
At GISEC, along with tech giants Huawei, Microsoft, Cisco, Honeywell and du, the pioneering information security companies such as Spire Solutions, CPX, Crowdstrike, Mandiant, Pentera, Pvotal, Port53, Cloudfare, Edgio, Secureworks, Synack, Threatlocker, Votiro, Spidersilk, and Waterfall participated.
Lieutenant General Dhahi Khalfan Tamim, Deputy Chairman of Police and General Security in Dubai, officially opened the GISEC Global 2023, the Middle East’s largest and most impactful cybersecurity event, at the Dubai World Trade Centre (DWTC).
GISEC Global 2023 featured the first Hack-O-Sphere arena, the ultimate testing ground for the world’s leading white hat hackers and cyber warriors. The new arena hosted over 1,000 international ethical professionals in a series of exciting cybersecurity competitions, including the CyTaka World Cyber Championship, run by CyTaka in partnership with the UAE Cybersecurity Council and CyberGate.
H.E. DR. MOHAMED AL-KUWAITI – Head of Cyber Security, UAE Government has been recognized and admired by hundreds of cyber leaders around the world for his significant contributions to advancing global cybersecurity and digital transformation. Dr. Al-Kuwaiti, who is also Head of the UAE Cybersecurity Council, Chief of Cyber Security for the United Arab Emirates Government, took the main stage of GISEC Global to promote his cyber security in recognition of his bold mission to spread cyber awareness and culture and develop cyber talent. Dr. Al-Kuwaiti received his Award for Excellence Global Leadership and strengthening cross-border cooperation to position the UAE at the forefront of global cyber resilience.
“This award reflects the global recognition of the constant efforts made by the UAE in the field of cybersecurity, and an inevitable result of the directions and visions of the country’s wise leadership, in addition to cooperation by all national teams, which contributed to enhancing the UAE rank on global competitiveness indicators,” said Dr. Al Kuwaiti.
“The UAE Cybersecurity Council follows a clear strategy aimed at creating a safe and resilient cyber environment that helps organisations, institutions and individuals achieve their potential, create a safe digital society, and promote a positive digital identity.”
“The Cybersecurity Excellence Awards’ Global Leadership Award elevates the efforts of the UAE Cybersecurity Council to achieve cyber stability locally and regionally, while encouraging more work and innovation to strengthen the UAE’s global leading position in cybersecurity and improving its national capabilities in this area.”
“We congratulate His Excellency Dr. Al-Kuwaiti for the recognition as the exclusive award winner in the Global Leadership Award category of the 2023 Cybersecurity Excellence Awards,” said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 600,000-member Information Security Community on LinkedIn, which organizes the annual Cybersecurity Excellence Awards. “This award is a testament to Dr. Al-Kuwaiti’s dedicated leadership and outstanding contributions to advancing global cybersecurity and digital transformation.”
GISEC Global hosted a record 500 exhibiting brands from 53 countries, 300 leading InfoSec and cybersecurity speakers, and 1,000 of the world’s top ethical hackers, to dismantle and demystify the world’s greatest digital threats and with GISEC recognizing cybersecurity leadership too.
The Middle East cybersecurity market is rapidly expanding according to analysts Frost & Sullivan, and predicts to grow in value from US$7.5 billion in 2022 to US$31 billion by 2030, clocking 20 per cent annual growth. With a thriving cybersecurity ecosystem and supportive government initiatives and policies, the United Arab Emirates, Saudi Arabia and Israel have emerged as preferred destinations for cybersecurity researchers, business, research and innovation.
A gathering place for the global cybersecurity community, bringing together top cybersecurity companies from 40 countries, CISOs from key companies in the Middle East, Africa and Asia, government officials, cyber leaders, thought leaders, regional and international innovators, and global experts, decisively driving cybersecurity and transformation between the sectors and countries.
“Attack is the best form of defense” was the theme of Cyber Art of War 2023. Always take a proactive approach to defending your assets instead of reacting, building stables, and waiting for cyber attackers to appear without knowing when and where they will occur. How do they spawn and how do they carry out their attacks? As ransomware attacks continue to be so prevalent this year, assuming we’re immune is no longer a luxury we can afford. Cybercrime offers great financial rewards for successful attacks. This is the main reason why cybercrime is escalating.
H.E. Dr. Mohamed Hamad Al-Kuwaiti, Head of the UAE Cybersecurity Council, stressed the importance of collaboration to upskill talent and elevate cyber culture in a post-pandemic world.
“There’s a renewed sense of urgency for collaboration because cybersecurity rules have changed since the pandemic and the rapid rise of threats in new digital ecosystems like the metaverse and quantum computing,” said Dr. Al-Kuwaiti.
“To define the new cybersecurity paradigms, we are gathering an extraordinary league of cybersecurity leaders at GISEC Global. The UAE Cybersecurity Council fully supports GISEC’s initiative of creating an inner circle for InfoSec leaders to discuss critical challenges and help build the cyber resilience of businesses and enterprises in the UAE and the world.”
Held for the 14th consecutive year in 2023, GISEC has grown steadily to become the platform of choice for the UAE as a change agent for leading cybersecurity companies in 40 countries and for CISOs, government officials, cyber leaders, regional and international innovators, and experts from leading companies in the Middle East, Africa, and Asia who come together to explore the world’s most pressing cybersecurity challenges and unlock potential through resilience. At GISEC, leaders discussed ways to deal with potential threats as enterprises need to innovate their strategies.
According to the WEF, digital transformation will add $100 trillion to the global economy by 2025. The GISEC First Strategy encourages CISOs to take a proactive approach. This is because the traditional reactive model is simply ineffective. Today, only 19% of the world’s cyber leaders believe their organizations are resilient to cyber attacks. Moreover, as digitization increases, the need for more effective cyber defense tactics becomes more urgent.
Trixie LohMirmand, executive vice president of Events Management at Dubai World Trade Centre, said: “The cybersecurity challenge facing organizations is formidable. By bringing together the world’s leading cybersecurity experts and digital trailblazers, Gisec Global paves the way for regional organizations to demystify the complex cyber threat landscape and unearth real-world solutions from global experts to build cyber-resilient digital businesses.”
“Our expanded presence and mandate demonstrate that we don’t believe cyberspace is lost to cybercriminals. We believe that working together within broad ecosystems, with the help of the advanced solutions displayed at GISEC Global, organizations and nations can turn the tide on cybercriminals and emerge stronger and more resilient.”
This year, the region’s largest cybersecurity event is dismantling the greatest digital threats, from attacking botnet Mantis to hacking through ChatGPT.
The New Era of Cyberattacks is from Metaverse Cybercrime, Cryptojacking, 51% Blockchain Attacks, Drone Exploit Delivery Attacks, to Quantum Threats, Cloud Security, Internal & Healthcare, Banking & Finance, Utilities, Oil & Gas Edge It extends to the application of AI in Transportation, Nuclear, Defense, Communications. At GISEC 2023, the top cyber leaders unveiled their CISO Strategy 2023 that deciphers cyberattacks and rising costs while navigating the evolving threat landscape.
GISEC is also a platform for CISOs to train their technical teams to beat cyber attackers at their game! This is the second year GISEC has hosted the Bug Bounty Challenge. Last year, the Bug Bounty Challenge set a Guinness World Record for being the world’s largest bug bounty contest. He set another Guinness World Record for most users in the Capture-The-Flag (CTF) contest and the World Cyber Championship (a type of CTF) in the GISEC 2022 contest where he sets a $1 million bounty.
GISEC CISO Circle, part of the Gulf Information Security Expo and Conference (GISEC) Global 2023, brought regional and global information security professionals together to discuss creating a ‘Community of Action’ and outline strategies to help regional digital businesses build cyber resilience.
With the theme of Day 2 of GISEC 2023, “Building a United Cyber Frontier,” the CISO Circle believes that collaboration and information sharing within the cybersecurity industry will help combat the constant threat of the digital age: cybercrime and agreed that it is essential.
Dr. Al-Kuwaiti addressed the CISO in his keynote address, emphasizing the importance of partnerships and collaboration based on the values of trust and transparency to achieve the common goal of building greater cyber resilience.
Dr. Aloysius Cheang, Chief Security Officer at Huawei Middle East & Central Asia, said, “GISEC Global is the platform of choice for us to issue a call for action, bringing all the stakeholders together in a unified and proactive approach to cybersecurity, while also demonstrating the value Huawei brings, helping not only to safeguard the journey of digital transformation, but to be a beacon of light that will spotlight our customers’ cybersecurity and privacy protection capabilities.”
At the GISEC Mainstage, Amer Sharaf, Director of Compliance, Support and Alliances, Dubai Electronic Security Centre, spoke about public and private sector efforts to digitally transform Dubai into the safest city in the world.
“It is no surprise that cyber threats are evolving at the same pace as emerging technologies,” said Sharaf. “That’s why we must work together, private and government sectors alike, to develop practices to protect ourselves from potential threats that may arise from these technologies. This is in line with the Dubai Cyber Security Strategy, which aims to place Dubai among the most secure cities electronically in the world.”
Hardware hacker, tech guru, and author Joe “Kingpin” Grand shared his thoughts on hardware hacking with the audience and provided live demonstrations of some of the more common hacking techniques. bottom.
“Cyber-attacks are continuously evolving,” said Grand. “Complex attacks such as Fault Injections and Side-Channel Analysis, which were earlier limited to mostly those with knowledge in engineering, are now more common.” Grand added that it is, therefore, important for organizations to have proper mitigations in place to tackle these attacks. “With the knowledge of hardware hacking, organizations can get into the mindset of an attacker and make their products more secure.” Ground added that it is important to have appropriate safeguards in place.
Ahead of GISEC 2023, Cisco had released its Security Insights as found in its latest annual Cisco Talos report entitled “Cisco Talos: Year in Review 2022” (the “Report”). This report highlights some key trends in the 2022 threat landscape and new behaviors from commodity loaders that will continue to exist in 2023 and beyond.
Commenting on the report’s findings, Fady Younes, Cybersecurity Director, EMEA Service Providers and MEA, Cisco, said: “Cybercrime remains a clear and present danger that cannot be ignored, for individuals and organizations. Last year, we have seen cyber-attacks being highly coordinated, and far more advanced than ever before. Our presence at GISEC this year provides us with the perfect platform to engage with our customers and industry leaders and explore ways to drive fightback against increasingly dynamic and sophisticated cyber threats.”
The findings showed that the intensity of ransomware, information theft, commodity malware, and exploitation of known vulnerabilities decreased significantly worldwide between February and June, as threat actors focused on the Russia-Ukraine attack space.
Cisco highlighted in 2023, it is critical to ensure a robust and layered security strategy is in place to effectively prevent, detect and respond to ransomware attacks. The report also highlights the need for organizations to prioritize employee training and awareness programs to ensure everyone in the organization understands the risks of ransomware and how to respond in the event of an attack. Sharing threat intelligence and collaborating with industry peers, government agencies, and cybersecurity vendors can also help improve collective defense against APT groups.
Meanwhile, cybersecurity experts at Acronis say AI and machine learning (ML) technologies are unprotected because cybercriminals are likely to use these new tools to increase the effectiveness of sophisticated attacks. It warns that it could pose significant risks to the digital ecosystem. As of February 2023, the UAE ranks his fifth in Europe, Middle East and Africa in blocked malware attacks. His 14% of all Acronis-protected computers in the United Arab Emirates blocked at least one malware attack on her during the same period.
On the sidelines at GISEC, Acronis Middle East general manager Ziad Nasr said that while AI and ML are amazing technologies, they identified potential loopholes that cybercriminals could exploit to attack businesses. said it is even more important to
In conjunction with GISEC 2023, Acronis announced their Acronis Advanced Security + EDR for Acronis Cyber Cloud. This is a solution that offers an innovative approach to effectively detect, contain and remediate threats by reducing the complexity of other his EDR solutions.
For example, according to the latest Acronis Cyberthreats Report, reported security breaches by region in the Kingdom of Saudi Arabia could average $7 million, but the country reports one-fifth of attacks as ransomware. I keep doing it. According to security experts, this is due to factors such as weak credentials, phishing emails, and unpatched vulnerabilities, and remains the number one vector for cyberattacks. In the United Arab Emirates, affected organizations lost over $1.4 million to ransomware, with over 40% of them forced to close.
Acronis cyber protection experts believe that AI and machine learning (ML) technologies are likely to enter unprotected digital ecosystems as cybercriminals will likely use these new tools to increase the effectiveness of their attacks, and warn that it can pose a big risk to detect attacks.
The United Arab Emirates Cybersecurity Council unveiled its National Security Operations Center (NSOC) at GISEC. Al-Kuwaiti emphasized its importance, stating, “You cannot control what you cannot measure, and without that visibility you cannot measure it. NSOC gives us that visibility,” allowing the UAE Cybersecurity Council to increase the visibility of national leadership in all Security Operations Centers (SOCs) in all sectors at the national level.
CPX Chief Cyber Defense Officer Hadi Anwar added: Having a trusted advisor to guide you on best practices is essential to fighting cybercrime, and working together is more important than ever. Platforms like the CISO Circle enable us to come together and discuss how we can combat cyber threats and protect the UAE’s cyber environment.”
CPX Chief Cyber Defense Officer Hadi Anwar said the company offers end-to-end solutions for customers to protect their businesses. Speaking to his CISOs around the world, he said their priorities haven’t really changed in the last six months. Ransomware, skills shortages, and third-party supply challenges in his chain are some of the CISO’s top concerns. The company is unique in its focus on qualified resources and national level projects.
The Global Police Metaverse platform was introduced by Dr. Madan Oberoi, Interpol’s Executive Director for Technology and Innovation in Singapore, and is only reachable through secure servers. It enables law enforcement officials to fully immerse themselves in a virtual metaverse, giving them a sneak peek at future crimes and useful policing techniques.
“Like all other ever-evolving technologies, the metaverse represents unique opportunities and challenges for law enforcement,” said Dr Oberoi.
“We, therefore, need to understand what harm can occur in or through the metaverse. These include offenses that mirror existing criminal threats like crimes against children, harassment, cybercrime, and fraud. At the same time, the metaverse will generate new forms of crime – called meta crimes – such as Darkverse or 3D virtual property crimes or harm to and misuse of avatars.”
Roland Daccache, SE manager, META, at CrowdStrike, a debut at Gisec Global exhibitor, said: “In 2023, adversaries will leverage identity-based attacks for initial access and lateral movement, driving down breakout time, and dedicated data leak marketplaces will see a massive expansion as cybercriminals focus on extortion.
In 2022, 71 percent of attacks we detected were malware-free, and we saw a 112 percent YoY increase in access broker advertisements on the dark web. This means that organizations must authenticate every identity and authorize each request to maintain security and prevent a wide range of cyber threats, including ransomware and supply chain attacks.”
On the Middle East government & enterprises can learn from 2022-23 data privacy laws and regulations introduced in other developed markets such as Europe and the US.
Roland said, Despite a seemingly confusing “alphabet soup” of data protection requirements in the form of GDPR, CCPA, APPI, and an increasing number of U.S. privacy laws, there have been positive developments for those seeking to build a global program. The text of these regulations actually share seemingly common security requirements demanding the implementation of safeguards “appropriate” or “reasonable” to the risk.
In the Middle East, we have recently seen adaptations of these global policies at national level, specifically in the UAE and KSA, with an aim to maintain data security and residency controls for government and financial institutions specifically.
Gopan Sivasankaran, regional director – META, Secureworks, reiterated the importance of driving awareness of the evolving cybersecurity landscape and bringing greater attention to the extended detection and response and managed detection and response market.
“Solutions are shifting from a siloed approach to a platform approach focusing on delivering a superior security analyst experience to help organisations prevent, detect, and respond to threats.
“Here at Gisec, we look forward to continuing conversations about the future of cybersecurity, the importance of cyber resilience and managed detection and response, as well as connecting with our customers and partners.”