Commercial Bank has strengthened its cybersecurity defences with "best-in-class" technologies in information security to keep pace with evolving security breaches and threats.
Financial institutions need to keep a step ahead due to the increased sophistication in cybercrime and data breaches, according to Commercial Bank's head of Information Security, Edward Ayman Ganom.
“What's changing worldwide is the nature of the threat; it is more sophisticated, and there are many more people who have access to a lot of resources. They are motivated by different things: financial gain, political activism and geopolitical issues, including state-sponsored attacks. The new attacks are more targeted, more persistent and more prevalent today,” Ganom told Gulf Times in an interview.
As threats become more complex and data more ubiquitous, financial institutions are faced with several challenges in protecting information assets considering the need to provide employees, customers and partners access to data, Ganom explained.
“What we discovered was that if someone is really determined, if they are inspired and they have enough resources, it is very difficult to prevent an attack. So, the world of information security is changing because a few years ago, we relied mainly on prevention such as installing anti-viruses or firewalls, and they were reasonably sufficient at that time. But today, we know that attackers are very resourceful and if they focus on attacking you it is becoming harder and harder to protect yourself,” he stressed.
Ganom said Commercial Bank is now using managed detection and response (MDR) technology provided by California-based cybersecurity firm CrowdStrike, which bested other companies in the market, according to the ‘Critical Capabilities for Endpoint Protection Platforms (EPP)’ report released in April 2018 by Gartner, a leading global research and advisory company.
“MDR offerings focus on remotely delivering a managed security service that responds to threats that have made it past the prevention capabilities deployed within an environment,” the report said.
Ganom said, “We are using these next generation tools, which are augmented by threat intelligence and incident response services that the company also offers. These tools can detect the new types of sophisticated attacks that we’re seeing more of these days. This is how we’ve aligned our security strategy with our business strategy of having Commercial Bank maintain the competitive advantage of being leaders when it comes to innovation in the Qatari market. For example, we were the first to introduce contactless payment cards and other innovative technologies.”
“We need information security to be ready because new kinds of technologies introduce new risks, so we need to match that - our defences and information security strategy have been designed in such a way to allow us to build resilience into our systems and to safely offer online services and technologies to our customers.”
He added, “What is interesting is that Gartner’s research looked at companies that use CrowdStrike’s tools, and they found out that most of them are companies that are more progressive, which are described as Type A organisations or ‘lean forward organisations’ that are not afraid to use new technologies and services. And I believe Commercial Bank is such an organisation.”
According to Gartner, Type A organisations “tend to focus on best-of-breed solutions that best address their business, technology and security needs and have the capacity to integrate, develop or build custom-made components as required. They see the use of technology as a competitive differentiator.”
Ganom also said Commercial Bank has lauded the Ministry of Interior, Qatar Central Bank, Ministry of Transport and Communications and other government agencies concerned for being at the forefront of cybersecurity and for supporting the financial sector efforts in information security.
