Deloitte: Middle East businesses facing cyber-attacks
3 August, 2014 - Today’s C-suite must deploy a cyber-defense that is secure, vigilant, and resilient, according to a report just released by Deloitte. The report, Global Cyber Executive Briefing, finds that virtually all organizations will be attacked, so C-level executives need to better understand their biggest threats and which of their assets— typically those at the heart of their business’s mission— are at the greatest risk.
The Deloitte Global Cyber Executive Briefing report examines threats and vulnerabilities across seven key sectors: high technology, online media, telecommunications, e-commerce, insurance, manufacturing, and retail. It outlines potential for attacks, reasons, possible scenarios and potential impact to business.
“People think cyber-attacks are confined to specific sectors. The reality however, is that any organization that has valuable data is at risk,” said Fadi Mutlak, partner and Cyber security leader at Deloitte Middle East. “Not a single sector is immune to this. The recent systematic cyber-attacks on Middle East governments and Oil & Gas companies have highlighted the need for determining the value of your data now, and over time, the motivation and resources of potential attackers, which are some of the first steps in making business decisions about adequate protection.”
According to the report, “being secure” starts with tackling weaknesses in applications and reinforcing the digital infrastructure. Organizations that are vigilant should subsequently be alert and identify any attacks as early as possible. Being resilient involves early-stage identification of the direction of a threat, the reason for such threat and how it will manifest itself. Rapidly detecting an attack can spur an organization into action so it isolates and removes the threat.
The Deloitte report identified threats by sector, which include:
- High Tech:Consistently a target for attacks with the biggest threats being loss of intellectual property (IP) and hacktivism.
- Online Media: Has the greatest exposure to cyber-threats with ones that cause reputational damage topping the list. Threats in both high tech and on line media sectors are also used as stepping stones to attack and infect others.
- Telecommunications: Facing increased, sophisticated attacks, including attacks by Government agencies using Advanced Persistent Threats (APT) to establish covert surveillance for long periods of time. Another critical threat unique to the telecommunications sector is the attack of leased infrastructure equipment, such as home routers from Internet Service Providers (ISPs).
- eCommerce: Database breach (i.e. loss of customer data, including names, physical addresses, phone) and online payment systems are vulnerable areas often attacked. Denial-of-service attacks also top the list, particularly by hacktivists that want to disrupt an organization in a highly visible way.
- Insurance: The sector typically has a lot of sensitive data to protect. Cyber-attacks are growing exponentially as insurance companies migrate toward digital channels with sophisticated attacks combing advanced malware with other techniques such as social engineering. While current attacks appear short-term, the report predicts the number of long-term attacks may be silently growing.
- Manufacturing: Increase in the amount of attacks by hackers and cyber-criminals as well as through corporate espionage. Types of cyber-attacks in manufacturing vary widely from Phishing to Advanced Malware, targeting not only IT but also connected Industrial Control Systems.
- Retail: Credit card data is the new currency for hackers and criminals. Insider threats in retail are increasing, giving rise to a new breed of criminals that focus on stealing information - especially the valuable cardholder data that flows between consumers and retailers.
To view the whole report, go to: http://bit.ly/1q40tP2
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see www.deloitte.com/about for a more detailed description of DTTL and its member firms.
Deloitte provides audit, tax, consulting, and financial advisory services to public and private clients spanning multiple industries. With a globally connected network of member firms in more than 150 countries and territories, Deloitte brings world-class capabilities and high-quality service to clients, delivering the insights they need to address their most complex business challenges. Deloitte’s more than 200,000 professionals are committed to becoming the standard of excellence.
About Deloitte & Touche (M.E.)
Deloitte & Touche (M.E.) is a member firm of Deloitte Touche Tohmatsu Limited (DTTL) and is the first Arab professional services firm established in the Middle East region with uninterrupted presence since 1926.
Deloitte is among the region’s leading professional services firms, providing audit, tax, consulting, and financial advisory services through 26 offices in 15 countries with more than 3,000 partners, directors and staff. It is a Tier 1 Tax advisor in the GCC region since 2010 (according to the International Tax Review World Tax Rankings). It has received numerous awards in the last few years which include Best Employer in the Middle East, best consulting firm, and the Middle East Training & Development Excellence Award by the Institute of Chartered Accountants in England and Wales (ICAEW).