Dubai: Organisations are more vulnerable to cyber intrusions now than ever before. As the attacks become more sophisticated, simple security controls are not effective for tackling this growing menace, experts have said.
Addressing delegates at the first Kuwait Industrial Automation and Control Systems – Cyber Security Conference held recently, Michael Porier and Senthil Kumar, global consulting firm Protiviti’s Managing Directors, presented effective solutions that organizations can leverage to set up a well-structured cyber security protection mechanism.
Delegates at the conference included ministers, government officials and senior leaders from leading oil & gas companies.
According to SANS 2014 Survey on control system security, the number of entities with identified or suspected security breaches has increased from 28 per cent to nearly 40 per cent. Only nine per cent can say with surety that they haven’t been breached.
“Organizations need to understand that compliance does not equal to security. It is vital to put in place multiple security counter measures to ensure the information asset is truly protected,” said subject-matter-expert Micheal Porier, Protiviti’s Managing Director.
His presentation on ‘Securing SCADA Systems – Thoughts and Considerations’ emphasized on the framework, standards, models and management actions that needs to be undertaken to create a comprehensive system.
As one of the panelist of a session on ‘Controls to manage cyber-attacks’, Senthil Kumar, Protiviti’s Managing Director and Middle East Regional Head for IT Consulting Services, discussed various proactive, corrective and preventive measures that can be implemented by organizations.
Speaking at the event, Senthil said: “Middle East has increasingly become a target for cyber intrusions and attacks resulting in exposure of sensitive information and disruption of mission-critical operations and infrastructure.”
He said that humans are the weakest link in the entire chain of protection as they easily fall prey to many social engineering tricks or, at times, unintentionally disclose sensitive information.