Cybersecurity investments to meet shifting threat landscape

Jeevan Badigari, Director‑IT Governance and Security at DAMAC Group talks to CXO DX on his perspective of the current cybersecurity landscape and his priorities. 

What are some of the major cybersecurity trends that you witnessed at GISEC which intrigued you?
After the Pandemic, this year GISEC 2022 has been quite intriguing with loads of events, sessions, exhibiters from all over the world especially from Israel, Germany, Turkey, and other European countries. Live Bug bounty challenge program is quite unique with large pool of ethical hackers interacting with cyber defense professionals.

Some of the key trends noticed in GISEC this year was big involvement of UAE government Cyber council and UAE adopting cybersecurity standards for government agencies and rising budgets for next 5 years. More than 300+ companies participating in the event, given the Russia-Ukraine conflict intensifying cyber-attacks, securing hybrid workforce and greater collaboration strategies in combating cybercrime are some of the trends observed as well as huge focus on ICS/OT Security

What are some of the recent cybersecurity deployments done by you in your firm?
Given that virtually every organization is undergoing digital transformation, significant adoption of cloud, enabling data driven decisions – we have embraced latest technology trends in terms of adopting cloud delivered security, deploying Modern SOC, enabling contextualized and actionable threat intelligence and brand risk protection as well as progressing toward curbing advanced threats on perimeter level as well as identity level.

Will cybersecurity investments continue to be on the higher side given the frequent happenings of ransomware attacks and other such cybercrime?
In general Cybersecurity investments are increasing given the constant shift in threat landscape. Businesses are now embracing privacy initiatives keeping data protection laws in mind. More cloud driven solutions are being deployed with public and private cloud deployment options. Ransomware and other type of cyberattacks. However, it is all dependent on the risk appetite of the organization and controls maturity gap.

What are your security priorities this year?
As per the risk assessment and gap assessment performed initially, it was evident that several security controls are to be implemented this year. While MDR has been a major program, brand risk protection is yet another security control that added greater value to business. DAMAC is a prominent brand in the region and due to the nature of the business – there are constantly impersonating websites and domain aimed at luring customers to register a lead as there are incentives involved for agents and property brokers. This added a great risk to brand, and we have evaluated and acquired a suitable brand risk protection and VIP monitoring platform that has significantly contributed to taking down of fake domains, fake websites and mobile apps as well social media pages.

Apart from this, we are implementing Privilege access management, refreshing our legacy endpoint security platform to latest and advanced EDR and also moving to cloud based email security gateway and bunch of other security initiatives.