Qatar’s Cybersecurity Centre (CSC) has strengthened its incidence response capabilities to protect and assist its client organisations in the public and private sectors, an official said on Sunday at the ‘5th Annual Information Security Conference for the Financial Sector.
In a presentation titled ‘Finance Fraud Targeted Attack’, CSC Information Security officer Lt Abdulaziz Hamed al-Marwani said the CSC is the entity responsible in responding to all cybercrimes within the state of Qatar.
He said the CSC’s role revolves on the cybersecurity pillars: identify, protect, detect, respond, and recover. The services offered by the CSC include threat detection, risk evaluation, response, and advisory sharing.
“One of the main services being offered by the CSC to client organisations is assisting them in detecting cybercrime attacks against their infrastructure. With this capability, it has allowed us to know what cybercrimes are occurring in the state of Qatar,” al-Marwani said.
To respond to different types of attacks, he said, the CSC has developed additional types of capabilities to assist government and semi-government organisations in terms of incidence response.
“After responding to these incidents, we have realised that most of the attackers – the people who are targeting the ministries and the government sector, and the banks – are all established in common infrastructure and they are not changing when they are attacking other institutions.
“Therefore, the Ministry of Interior had started sharing advisories with our clients…we work hand-in-hand with client organisations to proactively stop any type of cybercrime within the State of Qatar,” al-Marwani pointed out.
In threat detection, al-Marwani said, the CSC helps detect threats and to implement detection strategies, and to act on different types of attacks, such as account compromise, website attacks, and data compromise and infiltration.
“The CSC is building the capability to detect all these attacks,” said al-Marwani.
On risk evaluation, al-Marwani said, the information collected by the CSC is used to help other organisations and help them mitigate cyberattacks by being able to identify weaknesses.
Once the risk has been evaluated, the CSC assists client organisations in understanding their access management environment, systems coverage and inventory management, and vulnerability management, among other measures.
In terms of the centere’s response capabilities, al-Marwani also assured the conference that “the CSC team is capable of responding to all cyberattacks,” by collecting evidence, conducting analysis, identifying the exploitation mechanism, and assisting client organisations to mitigate and stop the crime from occurring.
He also said the CSC also offers advisory sharing services and share information about threats and other factors like common misconfiguration, current common attack methodologies, and indicators of compromise, among others.
