This article was written by one of Proelium Law’s occasional bloggers. He is an IT expert with broad experience of intelligence and operations in hostile environments.
Due to geo-political and economic reasons, the Middle East and its businesses are under increased cyber attack.
When operating a business in the Middle East, it is now more important than ever to enhance your company’s cyber-security. For the period of 2015-16, organisations in the Middle East faced significantly greater losses than any other region as a result of cyber incidents. Unless coherent and considered steps are taken by local businesses across the region, these figures will unquestionably rise and damage your organisation’s earning capacity and reputation.
There was once a period when investing in the best and newest technology was enough to alleviate the threat of cyber attacks. However, today’s complex operating environment necessitates that such technology is only a singular part of a growing interconnected jigsaw. An often forgotten component of this puzzle is people or the end-user, in spite of them being the weakest link in the cyber security chain. As social media, remote working and the use of personal devices (Bring Your Own Device – BYOD) flourish, organisations face a new set of vulnerabilities. So what steps can be taken to enhance the human component in this digital chain?
Recruitment
Devote significant resources and capital into recruiting only the best cyber security professionals in the market and do not settle for anything less. When recruiting persons who do not directly administer IT systems, attempt to hire individuals with a demonstrated knowledge of IT security and best practices.
Culture
Foster organisational culture that is based on trust whereby everyone in the organisation values, owns and in turns lives cyber security.
Training / Awareness
Undertake structured and regular training of all personnel in relation to cyber security or at the very least, undertake frequent cyber security awareness workshops.
Governance
Recruit or designate specific individuals within your organisation to be responsible for cyber security and its subsequent enforcement. If your organisation is too small for a CISO or CSO, empower your IT department or COS with such authority.
Through investing a little capital and resources into your organisation’s employees and corporate culture, you will greatly enhance your cyber security and earning capacity beyond that of your competitors.
Need advice?
If you’d like further information, or to discuss working with us, please get in touch