A senior cyber security expert says that the UAE is making good progress in the field, but must continue to cooperate internationally to combat the growing threat.

Powered by automated translation

ABU DHABI // A senior official at a cyber-security firm visited the UAE, Qatar and Kuwait this week to advise governments on the latest cyber security trends and policies.

“I’ve seen dramatic evolution in a positive way here. It’s important to bear in mind that, in places like the UAE, the Government has been pioneering initiatives and we’ve seen a big take-up of technology,” said Ilias Chantzos, Symantec’s senior director of government relations and public affairs programme in Europe, the Middle East and Africa.

But this technology drive is linked to an increase in cyber risk.

“Security is changing, so is technology,” Mr Chantzos said. “The focus must stop being on the device and [more] on information protection from the moment it’s captured to the moment it’s deleted.”

He said the regulatory landscape in the UAE would have to be addressed. “We’re not there yet,” he said. “In Europe, they say we will probably finish it by the end of 2015. It all boils down to how quickly the industry will adapt here.”

Mr Chantzos met government officials in the UAE to discuss data protection, critical infrastructure and smart grid initiatives.

“We’re working with many governments of the region,” said Amer Chebaro, Symantec’s regional manager in the Gulf and Levant.

“Especially big players in oil and gas, aviation, transportation [and] telecoms, and they’ve been named in some of the attacks, so we want to share with them what are the latest trends. What we’re doing in Europe and around the world to protect ourselves from cyber attacks.”

Mr Chantzos’ visit came as governments in the GCC have taken steps towards securing their country’s critical infrastructure.

Although the UAE’s internet security profile improved from a world rank of 41 in 2012 to 47 last year, targeted attacks increased globally by 91 per cent. The shift from 41 to 47 indicates a lower number of security threats across all categories, with the exception of spam.

“GCC nations contain infrastructure challenges ranging from oil and gas, electrical grids, power industries and communications networks, along with some of the most significant military networks in the world,” said Doug Raaberg, the chief executive of Northrop Grumman in the UAE. “The landscape of the cyber threat in the region has grown from the days of lone hackers defacing websites to advanced, persistent threat tools utilised by ‘cyber brigades’ as part of a broader campaign of disruption or even military operations.

He said sharing threat information was key. “Cyber security must be built in to the enterprise at its inception, not bolted on after the fact,” Mr Raaberg said.

Tim Allen, the general manager of QinetiQ in the UAE, said a legal framework was needed to manage such issues. “I think most governments are wrestling with the fact that, historically, some of these issues have been dealt with in isolation by government departments.

“But suddenly here, they’re trying to get government initiatives going and it’s a very important step in providing policy, regulation and technical advice.”

He said collaboration was crucial. “There’s no one-stop shop for the problem,” he said. “But collaboration is the only way that you can mitigate some of these problems.”