SUCCESSFUL ARMED FORCES EMPLOYMENT PROGRAMME EXTEN... » An innovative programme that helps jobseekers who have an interest in the Armed Forces get into work... NW Systems helps meet safeguarding needs of Outs... » Hoylake-based NW Systems has provided an advanced IP video system to help Wirral Hospitals’ School, ... UK TROOPS TO TRAIN MODERATE SYRIAN OPPOSITION » THE Defence Secretary has announced today that the UK will provide further support to the internatio... Options secure new multi-million pound banking f... » London / New York: Options has announced that they have secured a new multi-million pound banking fa... £200,000 Tees Valley Catalyst Fund loan helps Co... » A Cramlington-based company has won a $6 million contract with Hyundai Engineering & Construction to... 2019: The danger that lies ahead, but what time is... » A SPECIAL ANALYSIS ON THE NIGERIAN POLITY FROM 1914 - TILL THE PRESENT “Justice is the constant... GOODLUCK EBELE JONATHAN & HIS ROCK STEADY BROTHEL:... » THE DUMBING DOWN OF VALUES IN THE AGE OF JONATHAN: STANDARDS IN PUBLIC LIFE BEGINNING AT THE PRESIDE... Becrypt announces publication of CESG approved gui... » London, UK: Becrypt has announced that CESG, the UK’s National Technical Authority on Information As... Semafone partners with AsiaPay to offer secure pay... » Guildford, Surrey, UK: AsiaPay has announced that Semafone®, the international provider of secure pa... Wick Hill named as one of ‘1000 companies to inspi... » Woking, Surrey: After an incredibly successful 2014, and being named Woking’s ‘Most Successful Compa...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

UK: Ahead of the upcoming SANS Abu Dhabi 2013 event, a leading security expert highlights several trends in the region.

“There is certainly a lot more discussion and interest both public and behind closed doors on the topic of cyber security,” says James Tarala, a highly respected security expert and Senior SANS instructor, “The government of Qatar is now looking at new draft legislation and countries such as the United Arab Emirates and Saudi Arabia are clearly interested in avoiding incidents such as last year’s breach at Saudi Aramco in which hackers penetrated the organisation’s systems and infected some 30,000 devices with malicious software code.”

 

According to Tarala the Middle East reflects the wider global landscape where other commentators such as Richard Clarke suggest that 100% of the Fortune 500 have been breached in some significant way. “Events like Stuxnet indicate that cyber warfare is also a tangible element which is made more complicated by the evolving political landscape across the region. There are also more targeted attacks originating from and impacting organisations within the region – a number we believe has grown over the last two years in certain major Middle Eastern countries.”

The region has a number of Computer Emergency Response Teams (CERTs) and over the last year SANS has been involved in helping to organise formal, cross border gatherings to help InfoSec professionals share knowledge and help strengthen defences. “The Critical Security Controls is a methodology that has been endorsed by a number of governmental departments and enterprises and if you look at the evidence, it is clearly able to stop a large number of common attack methods.”

In 2011, Research from the Australian Government Defence Signals Directorate indicated that simply implementing the Critical Controls effectively stopped over 85% of the attacks against monitored targets. As co-author of the SANS SEC566: Implementing and Auditing the Twenty Critical Security Controls - In-Depth course, Tarala believes defensive measures are essential but organisations also need to deal with breaches.

“No environment can ever be 100% secure all the time as applications, networks and people constantly change,” he explains. “So if a breach does occur, the course helps teach a method of dealing with the breach while re-securing the perimeter quickly and effectively.”

“In my view, the need for Information security professionals across the Middle East region is rising and anybody keen to understand a key fundamental set of skills for both defending against and dealing with the result of a computer breach should seriously consider implementing the guidance from the controls,” he concludes.

SANS SEC566: Implementing and Auditing the Twenty Critical Security Controls - In-Depth will be returning to the SANS Abu Dhabi 2013 event this March.