Data protection is a top priority for all organisations in the Middle East as they strive to meet regulatory requirements, protect their brands and the data of their all-important end users. We hear from Salman Imam – Sales Director, Fireware LLC Oman, about the impact of digitalisation on data strategies, the key data security risks to organisations in the region and how Fireware helps to address these challenges.
Data is integral to business success today. It means organisations can provide tailored services that meet the requirements of individuals, providing excellent customer experiences and, in return, enabling business growth.
And with digitalisation now high on the agenda for all enterprises, data growth is only set to increase. It’s crucial, then, that protection of that data is given the same priority, because the cost of getting it wrong is severe.
In fact, research released by IBM Security earlier this year found that data breaches cost surveyed companies US$4.24 million per incident on average – the highest cost in the 17-year history of the report.
Based on in-depth analysis of real-world data breaches experienced by more than 500 organisations, the study suggests that security incidents became more costly and harder to contain due to drastic operational shifts during the pandemic, with costs rising 10% compared to the prior year.
However, while the findings may be troubling, defenders are rising to the challenge to provide solutions and guidance for CISOs and CIOs faced with these mounting pressures.
To find out more about the importance of data protection for Middle East organisations, Intelligent CIO spoke to Salman Imam – Sales Director, Fireware Oman.
How has accelerated digitalisation across the region impacted organisations’ data strategies?
A major part of Digital Transformation involves harnessing data. Therefore, organisations across the region have been making leaps and bounds to keep abreast with the digitalisation trend. It is known that data-driven insights add to an organisation’s value. Thus, enabling digitalisation while keeping the data sanctity and safeguard measures intact is crucial in transforming businesses.
What are some of the key data security risks to organisations in the region?
Data exfiltration, data harvesting and social engineering attacks are just some of the key risks which will have severe business impact in both the public and private sectors as they progress in the future to come.
Data exfiltration is used to describe the unauthorised transfer of data from a computer or other device while data harvesting is the process of extracting and analysing trends and patterns from raw data.
Social engineering is a popular attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorised access to data systems or for personal and financial gain.
How are organisations managing compliance with data protection regulations – and how can they do this more effectively?
With proper tools and resources, data as a valuable asset can be managed using modern data governance and management practices.
The data monitoring tools will be effective when they are capable of having a 360-degree view of its access rights, usage rights. In this way, organisations can better meet their regulatory obligations and able to respond to new requirements.
What tools and technology do organisations now need to proactively protect their data against advanced threats and risks?
Database monitoring, data masking, data leakage prevention and data encryption are important tools for protecting against these advanced threats.
Data encryption is the process of translating data into another form, or code, so that only entities with access to a pre-approved key or password can read it. Nowadays, encryption is a heavy favourite and quite effective data security method used by organisations.
Data Loss Prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorised users. Typical DLP software classifies regulated, confidential and business critical data and identifies policy violations as defined by organisations driven by regulatory compliance such as HIPAA, PCI-DSS, or GDPR.
Data masking, on the other hand, is a data security technique in which a dataset is copied but with sensitive data obfuscated or made blank.
Lastly, data monitoring is a business practice in which critical business data is routinely checked against quality control rules to make sure it is always of high quality and meets previously established standards for formatting and consistency.
How does Fireware help organisations to address these challenges?
At Fireware, security is front and centre. Fireware learns the gaps in the current environment and helps to protect the entire organisation with our best in class integrated security and identity solutions built to work across platforms and hybrid cloud deployments. Our team has the expertise to help you decide on the wide range of security products we offer to fortify your security posture.
How does Fireware set itself apart from others in the market?
We have our own methodology ADAM approach (ANALYSE, DECIDE, ACT,MANAGE), to work on specific gaps and attend to the pain areas of the client in the IT setups.
How does Fireware work with IBM and the wider channel to pass on the benefits of the Guardium solution to end users in this region?
A good data security strategy and compliance solutions can propel businesses to new heights. This is where Guardium’s comprehensive data protection capabilities create real value. Fireware has been advising clients to follow the data security guidelines and IBM Guardium has been one of the best tool to offer it.