Interview: The cyberattacks that pose the biggest threat

“I feel very fortunate to be able to work in a field that I am passionate about and that has such a significant impact on society.”

We asked #BHMEA23 exhibitor Ilyass Rahmani (Co-Founder and CTO at NearSecure) about his journey from exploring ethical hacking to launching an IT security company – and what kind of cyber threats are most difficult for organisations to recover from right now.

Here’s what he told us.

How did you begin your career in cybersecurity – and what is it about cybersecurity that's most interesting or rewarding for you?

“I started my journey in cybersecurity at a young age, around 13 years old, when I first became interested in hacking and computer security. I started learning everything I could about hacking techniques, vulnerabilities, and exploits, and began experimenting on my own systems.

“Over time, I realised that I was more interested in using my skills for good, rather than for malicious purposes. So, I started to focus on becoming an ethical hacker and learning how to secure systems and networks against cyber threats.

“I pursued various cybersecurity certifications, including the CISSP, OSCP, OSWE, and OSEP, to deepen my knowledge and expertise in the field. I also gained hands-on experience working with clients in various industries to help them secure their systems and networks.

“What I find most interesting and rewarding about cybersecurity is the constant challenge and the ever-evolving nature of the threats we face. Every day, there is something new to learn and a new challenge to overcome, which keeps me engaged and motivated. It's also very rewarding to know that the work I do helps protect organisations and individuals from cyber threats that could have serious consequences.”

Could you share any key milestones that NearSecure has reached over the last year or so?

“Expansion of our team: we have grown our team significantly over the past year, hiring top talent in the industry to help us better serve our clients and expand our offerings. We were honoured to participate in Blackhat MEA last November, and it was a great opportunity for us to showcase our expertise and network with other industry leaders. We’ve also launched several new services over the past year, including threat intelligence, incident response to better serve our clients' evolving needs. And we have established new partnerships with leading technology companies and security vendors, allowing us to offer even more comprehensive solutions to our clients.”

And any current projects you’re particularly excited about?

“Here are a few:

• Development of AI-driven cybersecurity solutions: we are working on developing artificial intelligence-powered security solutions to better protect our clients from advanced threats.
• Expansion of our managed security services: we are expanding our managed security services offerings to help our clients proactively detect and respond to threats.
• Cybersecurity awareness training: we are developing comprehensive cybersecurity awareness training programs to help organisations educate their employees on best practices for cybersecurity and reduce the risk of human error.

“We are excited to continue growing and innovating in the cybersecurity space, and are always looking for new ways to help our clients stay ahead of emerging threats.”

How important is it that organisations invest in cybersecurity training for all of their teams?

“Investing in cybersecurity training for all employees is absolutely critical for organisations today. Cybersecurity threats are becoming increasingly sophisticated and frequent, and all it takes is one human error to put an organisation at risk.

“By providing cybersecurity training to all employees, organisations can help ensure that everyone understands the risks and is equipped with the knowledge and skills they need to help prevent cyberattacks. This includes not just IT and security teams, but also non-technical employees who may be targeted in phishing attacks or social engineering scams.

“Here are some specific reasons why cybersecurity training is so important:

• Preventing human error: the vast majority of cyberattacks involve some form of human error, such as clicking on a malicious link or falling for a phishing scam. By providing regular cybersecurity training, organisations can help reduce the risk of these kinds of mistakes.
• Raising awareness: employees who are not aware of the risks of cyberattacks are more likely to fall victim to them. Cybersecurity training helps raise awareness of these risks and encourages employees to take proactive steps to protect themselves and the organisation.
• Compliance: many industries and organisations are subject to regulatory compliance requirements related to cybersecurity. Providing training can help ensure that employees understand and comply with these requirements.
• Mitigating the impact of a breach: even with strong cybersecurity measures in place, breaches can still occur. By providing training, organisations can help ensure that employees know what to do in the event of a breach, which can help minimise the impact and reduce recovery time.

“Overall, training is a critical component of any organisation's cybersecurity strategy. It helps reduce the risk of human error, raise awareness of risks, ensure compliance, and mitigate the impact of a breach.”

What kind of cyberattacks are the most difficult for an organisation to recover from right now?

“There are many types of cyberattacks that can be difficult to recover from, and the specific impact of an attack will depend on factors such as the type of organisation, the size of the attack, and the type of data or systems that were compromised. However, here are a few types of cyberattacks that can be particularly challenging for organisations to recover from:

• Ransomware attacks: ransomware attacks can be devastating for organisations, as they can result in the complete loss of data or significant disruption to business operations. In addition to paying the ransom, organisations may need to invest significant resources into restoring data and systems, which can take time and be very costly.
• Advanced persistent threats (APTs): APTs are targeted attacks that are designed to evade detection and remain active in a system for an extended period of time. APTs can be very difficult to detect and remove, and can result in the theft of sensitive data or the compromise of critical systems.
• Insider threats: insider threats, such as employees or contractors who intentionally or accidentally expose sensitive information or compromise systems, can be very difficult to detect and prevent. Insider threats can be particularly damaging because they often have legitimate access to sensitive systems and data.
• Distributed denial-of-service (DDoS) attacks: DDoS attacks can result in significant disruption to business operations, as they are designed to overwhelm networks or systems with a flood of traffic. Even after the attack is over, organisations may need to invest significant resources into rebuilding or restoring systems and networks.

“The most difficult cyberattacks for an organisation to recover from will depend on a variety of factors, and each attack will require a unique response. It is important for organisations to have strong cybersecurity measures in place to prevent and mitigate the impact of cyberattacks, as well as a comprehensive incident response plan to guide their response in the event of an attack.”

Why is Black Hat MEA important for cybersecurity, and for your company?

“Black Hat MEA is an important event in the cybersecurity industry, bringing together professionals from the Middle East and Africa region and beyond to learn about the latest threats, technologies, and best practices. It provides a valuable platform for knowledge sharing, networking, and collaboration, and offers a unique opportunity to connect with leading experts and organisations in the field. It’s an event that can help organisations and individuals stay ahead of the curve in the fast-paced and constantly evolving world of cybersecurity.”

Thanks to Ilyass Rahmani at NearSecure. Join us at #BHMEA23 to learn more.