The evolving cybersecurity landscape in the UAE with insights from Sumanta Roy, TCS VP & Head of Middle East, Africa, Mediterranean. Discover strategies for organisations to fortify their defences, the impact of Gen AI on cybersecurity, and real-world instances of TCS enhancing security for major UAE-based entities.
According to IBM‘s “Cost of a Data Breach Study”, from 2018 to 2022, the UAE consistently ranked as the country with the second-highest cyber-breach, and it has suffered losses exceeding $32 million due to cyberattacks and data breaches during this period.
In an exclusive interview with Sumanta Roy, Vice President and Head of Middle East, Africa, and Mediterranean at TCS, we delve into the evolving cybersecurity landscape in the UAE and strategies to fortify digital defences. Roy shares insights on the intersection of artificial intelligence (AI) and cybersecurity, practical measures for organisations to safeguard against breaches, and TCS’s impactful contributions in enhancing cybersecurity for major UAE-based entities.
Excerpt from the interview;
Can you summarise the current cybersecurity situation in the UAE and highlight the evolution of cybersecurity threats in recent years?
The cybersecurity landscape has significantly evolved post-pandemic, as the rate of digitisation among businesses has also increased at an unprecedented pace. Because of the speed of execution, there were some loopholes from a security perspective, which needed to be thought through in many organisations, leaving them vulnerable. The threat has only increased with the advent of Gen AI and its early adoption in this market.
Some sectors – such as finance – were early adopters of digital transformation, much before the pandemic, and hence have very well-planned security layers.
Furthermore, there are other unconventional challenges in the Middle East, including the UAE, due to the unique geopolitical nature of the region. There are instances where mysterious parties attacked the webpages of two major corporations without claiming any responsibility.
Can you explain the link between AI and cybersecurity and their impact on UAE businesses?
Gen AI has both increased benefits and risks of cybersecurity attacks in the region. With Gen AI, one no longer needs to write complex code to create an attack, and access to manipulative data or dark data has become easier and quicker. This leads to an increased possibility and probability of cybersecurity attacks. The attack complexity and frequency work in tandem, and companies and governments worldwide are impacted.
On the other side, Gen AI has the potential to address some critical challenges faced by organisations as well. The sizable expat population in UAE is very mobile, resulting in gaps in occasional information transfer. This leads to social engineering to extract the information, which then steers towards potential data breaches. While this is the first issue, the second critical issue is that organisations either do not get alerts about possible breaches or get too many alerts. This leads to unoptimised time usage to separate the critical information from the actual data. Gen AI can address both these issues effectively.
What strategies do you suggest for UAE organisations to safeguard against breaches?
- Employee Awareness: Social engineering is still one of the highest areas for cybersecurity breaches. It is critical to build awareness among employees and provide information on how to manage the issues and responsibly use data and the Internet on the office premises.
- Technology Upgradation: Breaches usually happen through the weakest link in the security layer, so it is critical to keep the technology updated, especially in organisations using OT or extensive third-party IoT systems.
- Event Correlation Tools: Event correlation tools monitor alerts, alarms, and other event signals, detect meaningful patterns amid the deluge of information, and identify incidents and outages. This can help when organisations receive a high volume of alerts and detect critical information from rest. Analytics tools and Gen AI can be effective in this in future.
- Cloud Solutions: The ‘sovereign clouds’ are becoming very popular in the Middle East and are much safer today than many on-premise cloud systems. Through cloud adoption, XDR platforms (extended detection and response) can collect threat data from previously siloed security tools and correlate data from multiple security components.
What measures can businesses take to ensure the security of their most valuable information in a rapidly digitising world?
Organisations cannot make a bulletproof environment isolated from the external world. This can create tremendous friction in the business process. Instead, organisations should focus on building security and minimising the threat it can have through ecosystem collaboration.
There are two aspects in this security development: First, systems and data should be graded according to the value of these in the organisation. This will vary according to their type of business. For a bank, the system that hosts customers’ data might be the most critical. For a mining or energy company, it can be the dispatch system that passes information on operational management. Second, assess the time and cost of the systems and data recovery.
Now, the data is also valuable only to the organisation or to someone outside. For any data with only internal value, the simplest way to mitigate the threat is to have multiple copies, which sync simultaneously with pre-arranged regularity. These independent data copies will be retrievable under any critical circumstance and up to date.
If the data is of external value as well (like PI information of a customer), a few other measures need to be taken:
- Adding multiple layers of security/authentication
- Possibility of using the sovereign cloud for data storage
- Robust threat detection and response system
- Anonymise the data as much as possible
- Periodic background checks and assessment of employees handling the data
- Managing customer consent effectively
- Investing in Gen AI PoCs to counter wrong cyber events.
Can you share instances of TCS effectively enhancing cybersecurity for organisations in the UAE or other locations?
TCS provides end-to-end security for a large UAE-based retailer, including their data centres, cloud instances, and edge computing devices. This service spans across multiple countries and time zones.
For another large UAE-based bank, TCS runs the security operations for their business operations, including the life cycle management of security products. This is also a 24/7 service and covers monitoring and triaging. With this bank, we also run perimeter security operations and identity and access management operations post-implementation.
These are two large use cases for strengthening the end-to-end cybersecurity defences of some major organisations. Other than that, TCS also undertakes the below services from a cybersecurity perspective:
- Cybersecurity advisory and consulting
- Cyber-physical security: For industrial and edge device-heavy organisations
- Digital identity management: Risk-based authentication approach and governance.
- Digital workplace security: For the cloud first, mobile first organisation.
- Enterprise security-as-a-service: End-to-end security for enterprises
- Governance, Risk & Compliance: Simplify the process for reporting and adherence.
- Incident response and rapid recovery: Post-attack services for business continuity.
- Privacy and data protection: Compliance with GPDR and similar local laws
- Secure cloud transformation: Enable borderless transformation managing the risks.
- Threat Detection and Response: Security operations
- Vulnerability management: Identify and patch risk surfaces.
- Zero trust and edge security: Address needs of a hybrid workforce
How does TCS address cybersecurity concerns in the UAE and ensure readiness for businesses and institutions?
The commitments by TCS in the specific risks faced by UAE are on people and technology. We have heavily invested in seeding key resources in UAE with cybersecurity expertise that can provide on-ground assessment and challenge mitigations. There are plans to collaborate with academic institutions to build local talents and experts in this area. Cybersecurity will be an ongoing threat in the future, and it is quite important to have the upcoming generation of STEM experts prepared.
Additionally, we are working with niche technology providers and helping them scale for large enterprises, including government-focused advisory organisations. There are tools around the offerings TCS provides, including specific products for data masking, digital working & edge security.