01 August 2016
Cyber-attacks have become a real and persistent threat and construction companies need to have a proactive and coordinated approach to protect their assets, infrastructures as well as their intellectual property, says Cisco, a worldwide leader in information technology.
There are several mega projects in place in the Middle East which include the Expo 2020 in Dubai, UAE, and the 2022 Fifa World Cup in Qatar. There are also the ‘smart city’ visions in the GCC where countries are deploying intelligent solutions to make the lives of their citizens comfortable in environment-friendly, safe and energy-efficient cities.
“Given the volume of construction work in the GCC, technology is definitely becoming a business enabler in this industry too,” says Scott Manson, Cisco’s cyber security leader for Middle East and Turkey.
Cisco has an extensive security portfolio, which includes solutions for access control and policy, advanced malware protection, email security, firewalls, network security, next-generation intrusion prevention system (NGIPS), security management, virtual private network (VPN) and endpoint security clients and web security. Its security innovations provide highly secure firewall, web, and email services while helping to enable mobility and teleworking.
Cisco’s first fully integrated, threat-focused Cisco Firepower next-generation firewall (NGFW) is one of the latest additions to its portfolio, and is also considered to be the industry’s first to link contextual information about how users are connecting to applications, with threat intelligence and policy enforcement. Gaining this level of visibility across a business environment accelerates threat detection and response, and enhances protection.
“NGFW can also automate and fine-tune security measures to rapidly harden defences, based on its ability to see vulnerabilities, assets and threats. The consistent and pervasive advanced security capabilities provide protection that point solutions cannot deliver,” he says.
Cisco ASA with FirePower services empowers customers to boost their protection from the data centre, network to the endpoint with the agility to identify, understand, and stop advanced threats in real-time and retrospectively. It provides integrated threat defence that helps businesses address their biggest security risk — advanced and zero day threats.
Another tool is the Cisco Identity Services Engine (ISE), which delivers superior user and device visibility to support enterprise mobility experiences. It is a security policy management and control platform, which automates and simplifies access control and security compliance for wired, wireless, and VPN connectivity. It helps IT professionals conquer enterprise mobility challenges and secure the evolving network across the attack continuum.
“But more important than the sum of all of these tools is the integrated and architected approach offered by Cisco which brings value, because it allows customers to bring together ‘indicators of compromise’ derived from multiple sources with contextual information. In other words, we don’t just detect incidents, we interpret them and determine their origin, evaluate their impact and search for other occurrences of identical or similar incidents,” says Manson.
He further says: “Cisco knows all about the challenges of the construction industry: temporary work sites, blueprints that change by the day, and mechanical dust everywhere. The biggest challenge on a new job site is that there’s no infrastructure at all – no walls, no power in the building. So essentially what construction companies have to do is to build a wi-fi network outside. And this is where Cisco’s Meraki (Cisco Meraki) comes into play. Cisco Meraki wireless access points (APs), switches, and security appliances offer a single pane of glass management for the entire network, and enables secure guest access, site-to-site VPN, and wide area network (WAN) optimisation across various offices.
“With Cisco Meraki, all that companies have to do is get an internet connection onsite, plug in a stack of Meraki APs and the APs come up on the dashboard. The built-in centralised management provided by the Cisco Meraki cloud-managed solution is key, which means that there’s no need for individuals to go to the job site to troubleshoot as the entire network can be accessed from anywhere via the web-based dashboard. Cisco Meraki helps maintain a seamless experience for end-users, while ensuring the network is secure and easy to manage. Cisco’s unique value is our visibility in the network on a global scale and our ability to tie it all together – people, process and technology.”
Cisco protects its customers across the extended network. This includes networks, data centres, virtual environments, the cloud, mobile devices and endpoints and throughout the entire attack continuum: before, during and after an attack.
• Before an attack: Organisations need to know what they are defending. They need to know what is on their network (devices, operating systems, applications, users, and so on) to be able to defend it.
• During an attack: When attackers get through, customers need to be able to detect them. Once they detect an attack, they will be able to block it and defend the environment.
• After the attack: Invariably, some attacks will be successful, and customers need to be able to determine the scope of the damage, remediate, and bring operations back to normal.
Projects
“We have customers across all verticals in the region including government organisations, oil and gas companies, hospitality, healthcare and educational organisations,” says Manson.
On the security front, Cisco has worked with Bahri and Mazroei Trading Company (BMTC), one of the UAE’s leading providers of solutions for building and infrastructure development, and deployed a comprehensive suite of Cisco security solutions as part of its ‘smart’ initiatives.
BMTC became one of the first companies in the UAE to deploy Cisco ASA with FirePower services which offers the industry’s first adaptive, threat-focused NGFW, and helps BMTC with comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks and reduces complexity and cost. The solution also helps with effective utilisation of internet bandwidth and end-user browsing capabilities with next-generation features and security.
Kuwait Oil Company (KOC) opted for Cisco security solutions for its network hardware refresh and installed the Cisco Network Admission Control (NAC), which is a powerful, easy-to-deploy admission control and compliance enforcement component of the Cisco TrustSec solution. With comprehensive security features, in-band or out-of-band deployment options, user authentication tools, bandwidth and traffic filtering controls, NAC comprehensively offers control and security of the network. It helps KOC to implement security, access and compliance policies through a central management point rather than configure policies throughout the network on individual devices.
Also integrated into KOC’s network is the Cisco Identity Services Engine, which helps conquer enterprise mobility challenges and safeguards the evolving network. A security policy management and control platform, it automates and simplifies access control and security compliance for wired, wireless and VPN connectivity. The Identity Services Engine offers an easy on-boarding experience so that personal devices can be secured and granted access through a simple self-service portal. This engine is primarily used to provide highly secure access and guest access, support bring-your-own-device (BYOD) initiatives, and enforce usage policies in conjunction with Cisco TrustSec technology.
The American University of Kuwait (AUK) selected Cisco solutions for a network infrastructure and firewall upgrade. To manage an increasing student population accessing the campus network from anywhere and across multiple devices, AUK needed to be equipped with the latest state-of-the-art technology solutions that deliver a secure environment. Cisco’s end-to-end technology solutions offers the university a stable and secure campus network, maintains confidentiality, as well as prevents potentially disruptive security threats.
Market trends
According to the Cisco Annual Security Research 2016, cyber-attacks are becoming even more sophisticated and this global trend is mirrored in the GCC. As adversaries continue to innovate, they are accessing networks undetected and evading security measures while the security industry, as a whole, struggles to innovate at a similar pace, it says.
Countries in the Middle East are witnessing significant economic and technological transformation due to growing business opportunities in large industries such as banking, financial services and insurance (BFSI) and the region’s dominance in heavy industries such as oil and gas, the report says.
With the rapid economic growth and increasing threat of cyber-crime, many organisations in the region are beginning to recognise the need for an efficient security solution. With oil and gas industries having remote and geographically vast operations that are highly dependent on internet networks, their vulnerability to cyber-attacks only magnify. As security becomes a growing concern in the region, a lot of the technology introduced is still fairly new with education and training playing a pivotal role in the success.
In 2016, the innovation race between adversaries and security vendors will only accelerate, and organisations are at risk of becoming more vulnerable to attack if they sit back and watch, the report adds.