Skip to content
Tiatra, LLCTiatra, LLC
Tiatra, LLC
Information Technology Solutions for Washington, DC Government Agencies
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact
 
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact

“If organisations are hacked, they should stay calm and act quickly by instantly activating their incident response plan”

CIO Middle East discuss with Muath AlHomoud, Director of Cybersecurity about how organisations should learn from the hacking activities performed on them so they can implement more effective cyber defences and plan against similar or more sophisticated attacks.

Q. From a cybersecurity perspective, how has 2023 been?

A. The year has been marked by a general increase in state-sponsored attacks due to geopolitical conflicts. The rise of AI has also been increasing and has greatly affected the way cybersecurity could be enhanced while allowing cyber criminals well-versed with AI to launch more sophisticated attacks against their victims and make themselves harder to detect and/or defend against. The Internet of Things (IoT) vulnerabilities have also been increasing. According to Statista, the number of IoT devices exceeded 15 billion in 2023. Ransomware attacks have also increased in 2023 probably due to their perceived profitability. The cloud is also increasing exponentially with many developments happening in the cloud. This continued emergence of cloud environments has greatly affected application development and their associated security architectures. Cloud environments by their nature often consist of rapid DevOps cycles eliminating the need for application developers to adequately maintain secure applications. The cloud has also enabled containerization allowing for the movement of applications between on-premises and cloud environments thus increasing security exposures. 

Q. Can you highlight the top challenges you’ve encountered? 

A. Legislative changes on a global scale have been a daily challenge faced and often exacerbated by the need to instantly change course and work towards compliance to avoid the often-hefty fines and penalties, legal liabilities and reputational damage associated with non-compliance. For example, here in Saudi Arabia, we have witnessed regulations such as the Saudi Arabia Monetary Authority (SAMA) Cybersecurity Framework undergoing several changes which organisations are supposed to comply with such as the integration of cyber threat intelligence principles as one of its integral components.

Q. What are the top three challenges security leaders will face in 2024?

A. The skills challenge is likely going to be key as a result of the rise of disruptive technologies such as Generative AI. They will be a reshaping of the entire global workforce and skills to adequately deal with cybersecurity issues will be in short supply. The other critical challenge that will be faced has to do with regulatory changes as nation-states seek to protect their citizens from cyberattacks. This typically adds to the overall costs of cyber compliance. Lastly, cybercrime will rise especially on digital platforms as people transact virtually.

Q. How are we making security a part of everyone’s job next year? 

A. Awareness programs integrated into daily work practices are key as well as including security in employees’ job descriptions. Adding security duties to job responsibilities makes it everyone’s duty to ensure the security of company assets as well as colleagues’ personal safety. Security awareness is also critical as it enables employees to stay alert and report suspicious activities. 

Q. What cybersecurity questions should every CEO ask? 

A. There are several questions of interest to every CEO. The first one is: Do we have the necessary skills to defend ourselves against cyber-attacks? This is key; if there are no skills efforts should be made to ensure that people are trained, or additional skilled resources are recruited. Cyber skills resident in the organisation should always be higher than the skills of the attackers.  The other question is: Are we complying with a plethora of cybersecurity laws, regulations, and standards to reduce incidences of fines and other penalties? This is very crucial for example in the payments industry where failure to comply with requirements such as PCI-DSS could force an organisation out of business. The last question has to do with resources; Are security budgets adequate to cater for the various security solutions required? Cybersecurity is an expensive process, and resources must be available and appropriately budgeted.  

Q. From the perspective of a cybersecurity leader, what do you believe is the most valuable asset? 

A. The human resource base is very key both for cybersecurity professionals and the general employee. In cybersecurity, precedence is always provided for the protection of human life before anything else. It is therefore important to ensure that people are equipped with adequate and relevant knowledge about how to identify indicators of attacks and remain alert for such attacks, 

Q. What will be the challenges of implementing Generative AI in organizations? 

A. There is generally limited uptake initially caused by hesitancy as people generally wish to test the technology first and proceed to move with due care. An example is Google has delayed the launch of Gemini, its conservational AI platform to early 2024 for further enhancements and testing and getting the necessary user-acceptance and trust. We are also seeing an acute AI skills shortage in the form of developers skilled in AI algorithms which will lead to massive lagging of projects in most organisations and generally poor performing Generative AI models which generally affects organisational decision-making. Generative AI also leads to the displacement of employees in their physical form as their skills become redundant.

CIO
Read More from This Article: “If organisations are hacked, they should stay calm and act quickly by instantly activating their incident response plan”
Source: News

Category: NewsJanuary 12, 2024
Tags: art

Post navigation

PreviousPrevious post:NASA accelerates science with gen AI-powered searchNextNext post:When CX and EX collide: technology strategies for a new era of working

Related posts

휴먼컨설팅그룹, HR 솔루션 ‘휴넬’ 업그레이드 발표
May 9, 2025
Epicor expands AI offerings, launches new green initiative
May 9, 2025
MS도 합류··· 구글의 A2A 프로토콜, AI 에이전트 분야의 공용어 될까?
May 9, 2025
오픈AI, 아시아 4국에 데이터 레지던시 도입··· 한국 기업 데이터는 한국 서버에 저장
May 9, 2025
SAS supercharges Viya platform with AI agents, copilots, and synthetic data tools
May 8, 2025
IBM aims to set industry standard for enterprise AI with ITBench SaaS launch
May 8, 2025
Recent Posts
  • 휴먼컨설팅그룹, HR 솔루션 ‘휴넬’ 업그레이드 발표
  • Epicor expands AI offerings, launches new green initiative
  • MS도 합류··· 구글의 A2A 프로토콜, AI 에이전트 분야의 공용어 될까?
  • 오픈AI, 아시아 4국에 데이터 레지던시 도입··· 한국 기업 데이터는 한국 서버에 저장
  • SAS supercharges Viya platform with AI agents, copilots, and synthetic data tools
Recent Comments
    Archives
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    Categories
    • News
    Meta
    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Tiatra LLC.

    Tiatra, LLC, based in the Washington, DC metropolitan area, proudly serves federal government agencies, organizations that work with the government and other commercial businesses and organizations. Tiatra specializes in a broad range of information technology (IT) development and management services incorporating solid engineering, attention to client needs, and meeting or exceeding any security parameters required. Our small yet innovative company is structured with a full complement of the necessary technical experts, working with hands-on management, to provide a high level of service and competitive pricing for your systems and engineering requirements.

    Find us on:

    FacebookTwitterLinkedin

    Submitclear

    Tiatra, LLC
    Copyright 2016. All rights reserved.