Dubai launches Security Industry Regulatory Agency

Lack of official statistics means UAE’s ranking among most targeted nations for cyber-criminals cannot be deter­mined.

A 2016 file picture shows UAE Prime Minister and Dubai Emir Sheikh Mohammed bin Rashid al-Maktoum attending a ceremony to launch the Mohammed bin Rashid Global Centre for Endowment Consultancy social initiative, in Dubai. (AFP)


2017/01/22 Issue: 90 Page: 14


The Arab Weekly
Jennifer Bell



Dubai - Cyber-crime is a fast-grow­ing threat to businesses and critical infrastructure facilities in the United Arab Emirates, yet many companies fail to realise the impor­tance of those threats and are ill-equipped to deal with security risks posed by highly organised hackers, industry experts said.

The Dubai government said it will launch the Security Industry Regu­latory Agency (SIRA) at Intersec 2017, the world’s largest trade fair for the security, safety and fire pro­tection industries. A forum provides a platform for decision-makers to discuss the law governing the Emir­ate’s security industry framework, guidelines and expectations.

Yet Amir Kolahzadeh, chief ex­ecutive officer at the Dubai-based It Sec, an industry leader in cyber-security, said more needed to be done to increase awareness about online threats. Organisations within the country and wider region lack measures to safeguard businesses in a growing digital era, he said.

“The cyber-security threat is not only targeting UAE residents and businesses, it is worldwide epidem­ic,” Kolahzadeh said. “However, the UAE and GCC [Gulf Coopera­tion Council] organisations’ lack of urgency in order to address these threats against their network and data does place them in a higher risk category than their counterparts worldwide.”

Kolahzadeh said a lack of official statistics means the UAE’s ranking among the most targeted nations for cyber-criminals cannot be deter­mined and cyber-crime is increasing exponentially.

“For example, the number of cli­ents calling us after they have been some way affected by a cyber-crime in the UAE had increased by fivefold from 2015 to 2016.”

Kolahzadeh, who is to make the keynote speech at Intersec 2017 on the tie between physical security and cyber-security, said it was im­portant to understand why hackers would decide to go after critical in­frastructure facilities, adding that often the crimes are not financially motivated but aimed for destabilis­ing a business or even a country.

“Cyber-security has moved be­yond what we have imagined,” he said. “Today hackers are easily ca­pable of infiltrating a [closed-circuit television] or access-control net­work of a prison, bank, hospital and open doors, lock doors, delete or replace footage and basically take over the physical security assets of the organisation, hence disabling critical infrastructure — and all done remotely,” he said.

Among the biggest threats to the UAE’s critical infrastructure are at­tacks on hospitals and health care systems that endanger public safety and put a spotlight on a new weak­ness as public and private institu­tions struggle to adapt to the digital era.

“We believe that the health care system will be the number one at­tacked industry in the next year or two,” Kolahzadeh said. “As all medi­cal devices are now online and con­nected to the internet for monitor­ing and reporting, they also become a target of hackers to take over these devices for ransomware.”

Scott Manson, cyber-security leader for the Middle East and Tur­key at Cisco, also highlighted the health care sector as a growing tar­get for cyber-criminals.

“According to the World Privacy Forum, the street value of stolen health care data is $50 as compared to $1 for a stolen Social Security number,” he said. “New attack mod­els such as ransomware can capital­ise on the sensitivity of the situa­tion, where the question is not just about losing data but patients’ lives. Adding up all these, the health care industry is an attractive target for cyber-criminals.”

One of the biggest hurdles in tackling cyber-crime is the lack of trained professionals to deal with it.

According the Cisco 2016 Annual Security Report, by 2019 there will be a deficit of 1.5 million security practitioners. Globally, 26% of or­ganisations face staffing shortages and 35% have expertise shortages with security jobs growing at 12 times the rate of the overall job mar­ket and three times the rate of gen­eral information technology.

Manson pointed to the lack of women entering the sector, which he said represented a loss of talent for the industry and a loss of oppor­tunity for them. He said increasing the number of security professionals is a priority in the war against cyber-crime as is better equipping employ­ees with cyber-security knowledge.

“UAE workplace security research conducted by Cisco and [Gulf Busi­ness Machines] showed employee behaviour is a genuine weak link in cyber-security and becoming an increasing source of risk, more through complacency and igno­rance than malice, because compa­nies have so insulated employees from the scale of daily threats that people expect the company’s securi­ty settings to take care of everything for them,” Manson said.

“When data breaches are the re­sult of an external attack, it is often the inexperience of employees that is exploited, whether it be by click­ing on an e-mail link they shouldn’t open or downloading an unap­proved app.

“Cyber-attackers have identified the human as the weakest element and no matter how many sophisti­cated security technologies are de­ployed within an organisation, a se­curity solution is still only as secure as its weakest link.”

Intersec 2017 runs January 22nd- 24th.


Jennifer Bell is an Arab Weekly contributor based in the United Arab Emirates.


As Printed
MENA Now
Editors' Picks

The Arab Weekly Newspaper reaches Western & Arabic audience that are influential as well as being affluent.

From Europe to the Middle East,and North America, The Arab Weekly talks to opinion formers and influential figures, providing insight and comment on national, international and regional news through the focus of Arabic countries and community.

Published by Al Arab Publishing House

Publisher and Group Executive Editor: Haitham El-Zobaidi, PhD

Editor-in-Chief: Oussama Romdhani

Deputy Editor-in-Chief: Dalal Saoud

Senior Editor: John Hendel

Chief Copy Editors: Jonathan Hemming and Richard Pretorius

Analysis Section Editor: Ed Blanche

Opinion Section Editor: Claude Salhani

East/West Section Editor: Mark Habeeb

Levant Section Editor: Jamal J. Halaby

Gulf Section Editor: Mohammed Alkhereiji

Society and Travel Sections Editor: Samar Kadi

Senior Correspondents:

Mahmud el-Shafey (London)

Lamine Ghanmi (Tunis)

Correspondents

Saad Guerraoui (Casablanca)

Dunia El-Zobeidi (London)

Roua Khlifi (Tunis)

Rasha Elass - Thomas Seibert (Washington)

Published by Al Arab Publishing House

Contact editor at:editor@thearabweekly.com

Subscription & Advertising: Ads@alarab.co.uk

Tel 020 3667 7249

Mohamed Al Mufti

Marketing & Advertising Manager

Tel (Main) +44 20 6702 3999

Direct: +44 20 8742 9262

www.alarab.co.uk

Al Arab Publishing House

Kensington Centre

66 Hammersmith Road

London W14 8UD, UK

Tel: (+44) 20 7602 3999

Fax: (+44) 20 7602 8778

Follow Us
© The Arab Weekly, All rights reserved