Cybercriminals banking on financial vulnerability: How to combat them
Cyberattacks on banks and financial institutions have seen an unprecedented 238% increase from February to April 2020. How can you keep up with the attackers and stay ahead?
Join the GISEC virtual conference, a powerful event curated exclusively for the Banking and Finance industry.
When: Jul 22, 2020
Time : 01:00 PM (UT +4)
registration : webinar/register/WN_7iOrT1OfQF-mJVxn1Mb4VQ
SPOTLIGHT: A day of a CISO
Moderator: John Salomon Director – MEA FS-ISAC Spain
Panelists:
Illyas Kooliyankal, CISO, Abu Dhabi Islamic Bank (ADIB), UAE
Jelena Mattone, CISO European Investment Bank (EIB), Luxembourg
Majed Alshodari, CISO, Allied Cooperative Insurance Group (ACIG), Saudi Arabia
Dr Erdal Ozkaya is a Regional CISO at Standard Chartered Bank, UAE

Combatting cybercriminalsUAE BANKING SECTOR INVESTS HEAVILY IN THEIR FIGHT AGAINST CYBER ATTACKS
Posted at 13.11h in Features, News, by Claire Mahoney. Since the pandemic, cyber-attacks have increased significantly in the UAE and region. This is because the organizations were forced to work remotely.
The Central Bank of the UAE (CBUAE), as part of its efforts to improve cyber security in the financial sector, conducted a cyberattack simulation exercise in real-time. This was done to assess the resilience of the UAE’s banking system against any cyber threats.
The UAE Banks Federation also hosted RaCE, a cybersecurity webinar that lasted two days. It focused on best practices in data privacy as businesses transition to hybrid working environments.
Bahi Hour (Director, System Engineering – META at Attivo) spoke at the event. He stated that the increased digitalization efforts of the banking sector in the region have created a larger attack surface for cybercriminals to exploit. The attackers have developed advanced persistent threat (APT), phishing, and malware techniques to bypass defenses and infiltrate networks. To ensure the safety and security of their digital assets, CISOs must adopt a multi-layered cybersecurity strategy.
Remote working has increased dependence on VPNs to connect employees to corporate networks, which opens up more avenues for criminals to attack. They can exploit a vulnerability or socially engineer employees to reveal access credentials to gain access to the network. Experts predict that COVID-19-related phishing attacks will continue well into 2021, as employees continue working from home. While perimeter security was adequate to prevent such activity prior to the pandemics, it has proved difficult to detect unauthorised access since employees log in from multiple locations and use multiple devices.
Infiltrators are changing their tactics to avoid detection and maximize the payout. They now have a new strategy. They spend months hiding in the system, navigate through the network carefully, and wait patiently to find their victims’ most valuable assets. Ponemon Institute’s 2020 report revealed that companies in KSA or UAE take 269 days to detect data breaches.
These institutions were encouraged to invest in cyber security measures due to the increased number of attacks on institutions in the region. Nearly three quarters of respondents to the UAE 2020 KPMG cybercrime survey expected businesses to invest in cybersecurity.
Ray Kafity, vice-president META at Attivo networks, stated that “CISOs can proactively protect against APT threats by using a portfolio of solutions to detect, isolate, and remedy the attack.” Tools that conceal and deceive are also available to protect endpoints.