Post Published On:
Haider Pasha, CTO, Emerging Markets, Symantec, explains how the firm plays an important role in enabling customers’ digital transformation journeys.
Can you elaborate on cybersecurity trends that regional customers need to watch out for?
A key trend that has surfaced since the past couple of years is blockchain. As secure as it inherently seems, blockchain will find uses outside of cryptocurrencies and organizations will attempt to leverage those use cases. However, many of these blockchain projects will fail as organizations learn to separate the hype from reality with the huge undertaking of leveraging the infrastructure, processes and resources required.
Symantec also believes that cyber criminals will use Artificial Intelligence (AI) and Machine Learning (ML) to conduct attacks. Supply chain attacks will become mainstream as attackers leverage those as a common vector. As they seek protection using third-party resources, organisations will still struggle with Infrastructureas- a-Service (IaaS) security as we see more breaches due to error, compromise and design. Finally, as we have seen in the past, Internet of Things (IoT) devices will continue to be hijacked and used for various means, such as DDOS attacks or crypto-mining.
Are regional organizations well-prepared for GDPR? What are the challenges that exist?
The General Data Protection Regulation (GDPR) will impact all organizations worldwide that target individuals in the EU or their behavior, and therefore, treat their personal data. Many of the Middle East organizations are therefore required to comply. We are witnessing a generalized delay in terms of GDPR readiness, amongst the EU Member States, and countries outside of the Union, against the deadline of the 25th May 2018.
The culture of data protection, the fundamental principles of privacy, are not necessarily in the DNA of every organization, and this is probably why, businesses worldwide have been generally disoriented by the profound changes involved in the GDPR compliance. So, in essence, the unpreparedness is indeed in terms of the status of the actual implementation, but also in pure cultural terms.
It is worth noting that this unpreparedness will not constitute a mitigating factor in the eyes of a Supervisory Authority investigating an incident. Also, the repercussions of an incident can go well beyond the statutory sanctions, and involve reputation (with customers, partners and investors), and potentially heavy compensation claims from data subjects.
Every incident also creates a precedent in the record of the company, which will count as an aggravating factor in future incident investigations. Therefore, a change will only be successful if it is fully embraced by the companies’ leadership, and cascaded to the rest of the organization.
How is Symantec aiding customers’ overall digital transformation journey?
Symantec helps organizations recognize that security should be the first point of discussion on any digital transformation journey, versus an add-on. This is a discussion that begins at the top, understanding the strategy for cyber resilience by focusing on those at the board that will sponsor and champion it, besides the CIO or CISO.
Beyond this, Symantec helps organizations build a program that helps develop a culture towards cyber security; from communication to governance to policies and leveraging best practices through common frameworks or industry guidelines. We then help organizations build the right processes in place to prepare them for whatever technology they look to deploy.