Cybersecurity events are popular right now. Every month a few take place either in the Kingdom or nearby in the UAE or Bahrain. The 2nd Annual Kingdom Cybersecurity Forum is currently ongoing in Riyadh. While the focus on national cybersecurity and the means to mitigate cyber threats is important, there is a concern that not enough is being done to support the engineers, analysts and other information security professionals who are manning the battle stations in the war against cybercrime. William Leigher, Advanced Solutions Director Intelligence, Information and Services, Raytheon Company, the gold sponsor of the forum stated that Raytheon recently commissioned the 2015 Global Megatrends in Cybersecurity study (www.raytheon.com/cybermegatrends). Among other questions the study asked CIOs, CISOs and information security leaders in multiple sectors, “What are the main cyber threats that your organization is facing?” “The results indicate that cybercrime is our clients' number one concern and it's what keeps them up at night,” commented Leigher. “Looking at it regionally, the survey also indicates that the most prevalent types of cyber threats in the Middle East/North Africa (MENA) region in the next three years are expected to be: Attacks using zero-day or previously unknown cyber exploits; Socially engineered phishing attacks; Malware that targets mobile devices; Cloud data leakage; and Distributed Denial of Service (DDoS) attacks.” So with the emergence of these local trends in cybersecurity, how does the MENA region compare to other geographies when it comes to having sufficient numbers of trained and experienced cyber defenders? “It is a big challenge to obtain and maintain high caliber cyber defenders to keep pace with fast developing technology in this field,” Leigher said. “Continuous training and development is required, not only for the defenders but in fact for the entire workforce in any enterprise that relies on information systems and networks.” It might be a bigger challenge than anyone realizes. In November 2014 in Riyadh at the 4th IFSEC & OSH Arabia Conference and Exhibit, staff at GulfNet Solutions Company Limited (GNS) conducted a research project to investigate how well men working in or associated with the Saudi Security Industry were managing their blood pressure. It is a well-established fact that blood pressure management is an important element of good health. Blood pressure management is particularly essential for individuals working in high stress positions in the Saudi Security Industry. On Monday, at the 2nd Annual Kingdom Cyber Security Forum, GNS release their findings. The GulfNet Solutions' research showed that about two-thirds (66.5%) of the men surveyed at IFSEC & OSH Arabia did not have any idea what their blood pressure should be on measurement. Only 5.7 percent guessed their measured blood pressure within five points. Unfortunately, one-fourth (25.7%) of the men who had their blood pressure measured by the GNS staff, had a blood pressure reading higher than 130/90. Worst of all, more than 82 percent of those individuals with a blood pressure reading on the high side hadn't anticipated it. According to the Mayo Clinic, “Most people with high blood pressure have no signs or symptoms, even if blood pressure readings reach dangerously high levels.” The Mayo Clinic also advises that uncontrolled high blood pressure can lead to heart attack, stroke, aneurysm, heart failure, kidney damage and trouble with memory or understanding. Just imagine if security professionals with uncontrolled high blood pressure, must deal with a major and/or sustained cyberattack. What will happen if they collapse? “Professionals working in any area of security are often under high stress,” said Mohammad Fareed Shinwari, Managing Director, GulfNet Solutions Company Limited (GNS), a local information security provider. “Individuals working in the Information Security field may be under even greater stress - dealing with attackers that are not seen and with new exploits arising daily. Security personnel must guard their health so that they will be in the best physical and mental condition to protect corporate and national security.” At IFSEC & OSH Arabia 2014, GNS staffers took blood pressure readings for 591 adult men at the event. Those men participating in the research were asked to guess their blood pressure. Then they were asked to sit quietly for 15 minutes, after which their blood pressure was recorded by an automated device. Any research participant registering a blood pressure reading above 131/91 was asked to have his blood pressure checked again by his family physician. The 13 men who showed blood pressure readings above 180 Systolic and/or above 110 Diastolic were requested to attend a clinic for urgent treatment. One man whose blood pressure reading was 200/127 was immediately taken to a hospital by a friend. It should be pointed out that the GNS sample size was large enough to have implications for the entire Saudi Security Industry. While it's important to put excellent technology and processes in place to fight cybercrime, the professionals that Saudi Arabia is depending upon to fight the war in cyberspace must be educated to care for their health, so they can be strong to protect our nation.
