The 8th edition of Middle East and North Africa Information Security Conference (MENAISC 2020) was inaugurated virtually Monday, under the theme "Evolving from Cyber Resistance to Resilience, in the Age of Smart Cities, Digital Economy and IoT." The two-day conference, from Oct. 5-6, includes the participation of seven countries, namely: Saudi Arabia, the UAE, Kuwait, Bahrain, Oman, Egypt and Jordan. The theme of the conference is in line with the digital transformation goals of governments in the region; the objective of achieving a more digitized government makes their exposure to cyberthreats more likely than ever before. Eng. Samir Omar, CEO of VirtuPort, highlighted the participation of a large number of regional and international experts to discuss combating cyberthreats, in addition to the diversity of sectors participating in the first virtual conference of its kind in the region. These sectors include: Defense, finance and banking, insurance, information technology, energy, health, retail, education, and building and construction. " Omar said: "All topics presented by the experts are aimed at enhancing the cyber resilience of various governmental and private sectors as well as the non-governmental sector to effectively respond and recover from business disruption due to cyberattacks. Being resilient is critical for rapid recovery from attacks. Furthermore, a proactive analysis of environmental vulnerabilities contributes to the reduction of physical and moral damage." Digital Privacy During a session titled "Building the Cyber Resilient Smart City," Trend Micro (Diamond Sponsor), which specializes in combating cyberattacks, presented its vision for the use of 5G networks in smart cities that will change the concept of communications. The company's presentation focused on developing a proactive approach through exposure to security risks related to penetration of the digital privacy of the public and private information infrastructure, and stressed the importance of developing mechanisms to be used during emergency response, by focusing on structural enablers based on flexible software such as (SDN) and defined networks (SDA). Trend Micro emphasized on the necessity of establishing direct lines of communication between the Smart City Emergency Response Center and critical infrastructure providers, competent authorities, in addition to the main suppliers (technology and mobile service providers). In its session titled "The New Security Playbook: Taming the Unmanaged and IoT Device Tsunami," CyberKnight (Official Distribution Partner) predicted that by 2021, up to 90% of devices used by businesses in all industries will be unmanaged and unprotected. These new smart devices, which go beyond traditional laptops, desktops and mobile devices, run operations, manage building automation systems, drive manufacturing lines, and track and deliver healthcare to patients, and are being deployed at an accelerated rate. Citrix (Platinum Sponsor), in a session titled "Zero-Trust, the Cornerstone of Future Cyber Resilience," stated that data breaches are a hot topic at the corporate level, which puts cybersecurity teams at the forefront of countering these cyberattacks, through planned cyber resilience. Blackberry (Platinum Sponsor) said that the great acceleration of companies toward digital transformation, and the resulting increase in cyberthreats, require them to meet this challenge through a balance between managing and protecting the user base and meeting their needs regardless of their location and type of access. The concept of "zero trust" needs to be applied. Cisco (Platinum Sponsor) outlined that the workforce is increasingly distributed over the past ten years, and IT teams have adapted to connect and protect users in new and innovative ways. This trend has accelerated recently, with more users accessing cloud applications from home and remote sites than ever before. As the world continues to move in this direction, organizations face an increasing challenge. Positive transformations - such as moving to the cloud and other elements of digital transformation - are a double-edged sword. Although it propels your business forward, it also adds additional pressure on your security teams. Active Defense Crowdstrike (Platinum Sponsor) showed how a modernized attack is expanding into the different stages of the destruction process. The session included an illustration on phishing campaigns that end with the attacker gaining and reaching the endpoint. VMware Carbon Black (Platinum Sponsor) described data theft and Trojan horse malware as constant and looming cyberthreats, stating that the methods of destructive attacks have evolved and their impact on companies has intensified. The company said that cyberattacks of today did more harm than before as they are accompanied by direct extortion and the sale of entry data. "Everything is up for sale on the virtual black market, from personal computers to the back doors or addresses and credentials of the most prominent companies," the company said. Digital Transformation In another session, by VMware Carbon Black, titled "Security is a Team Sport — Engaging Your Organization in the World of Work from Home," described security as a concern and the responsibility of every employee in the organization. It is no longer a matter of security alone or a concern of just the IT teams; all employees should be trained in cybersecurity and made aware of how it directly affects them. The session emphasized that online seminars on public security and simple training sessions are sufficient to address cyberattacks, threats and the increasing risks faced by public institutions and private companies. According to Cyber Ranges (Platinum Sponsor), traditional training is still restricted due to COVID-19 containment measures, so many organizations today are looking at cyber domain solutions. To meet the requirements of its current and future security capabilities, Internet domains have been around for years, most of which were initially within the military sector. However, technological development has led to the creation of next-generation electronic domains, which can be accessed from all types of institutions — large, medium or small, — and they are distinguished by their ability to deliver way beyond conventional military electronic bands. Cybereason pointed out that majority of the people are still working from home, which is why many are increasingly integrating work with our existing lifestyle through their own devices and personal networks. Therefore, securing remote work is not just about the laptops or mobile devices, but also, home networks in addition to several other factors that may impact security. MENAISC 2020 is being held under the national sponsorship of the Saudi Federation for Cybersecurity, Programming and Drones. Professor Muhammad Ali Al-Ghamdi, Cybersecurity Track Manager, SAFCSP, spoke on the topic of penetration testing for the next generation, while Basma Ahmedoush participated in a panel discussion, titled "Women In Cyber – Nationalizing Our Most Precious Resources," focusing on the pioneering and influential role of Saudi women in the field of cybersecurity especially after the launch of two initiatives by the National Cybersecurity Authority in the Kingdom aimed at protecting children and empowering women in cybersecurity, under the leadership of Crown Prince Muhammad Bin Salman. — SG
