Keeping a Sharp eye on the Attack Vectors

11 years ago

With the unbridled growth in cyber-attacks on various commercial and government organisations in and around Gulf region, there has been emergence of specialised end to end security solution providers. These solution providers only work in the domain of security solutions and services.

The threat landscape is a cyber-warfare now. Earlier, cyber-attacks used to be for fun and for very small motives but now people are eyeing at a huge benefit. Therefore, attacks and vulnerability trend varies from region to region and industry to industry depending on the strength of that industry in that region.

A few years back, in the MEA region, financial sectors were targeted. Now the trend has moved to government and oil & gas. The attackers are targeting large industrial and Strada plants for example Ramco Oil was attacked. Few years’ back Stuxnet was carried out to take down the entire Iranian nuclear power plant. This type of attack is called as APT (advanced persistent threats). It is a new level of vulnerability and threat so organizations need various policies and solutions to control those threats.

Big Question

What are your competitive advantages ?

There are not many security companies focusing on end to end security in this region though there are a lot of vendors and VADs, who are focusing on pushing different security technologies. Not a lot of companies have focussed professional services offerings as we have. We offer detailed and a very comprehensive professional services i.e. APT analysis, Zero-day analysis, application penetration testing, etc. These are very new to the region and organizations need very specialised and technical resources, who can basically guide them in terms of how to protect themselves. Plus, we are a young company with less overhead. Therefore we are very cost effective. All our resources are focussed on vulnerabilities, threats and controls that are developed these days.

In this very uncertain security movement, the organizations/ enterprises need to follow the expert advice of the partners, who have domain knowledge. One of the emerging information security solutions and service provider of the enterprise is Rewtertz Information Security. Started in Pakistan during 2007 and apparently headquartered in Dubai now, Rewtertz is present in the Gulf region (majorly GCC countries) directly or indirectly (through partners). It has 25 cyber security professional in house, who are engaged 24/7 in keeping a hawk’s eye on vulnerability, virus movements, threats and attacks in the cyber world.

Faiz Ahmad Shuja, CEO and Co-Founder, Rewterz, recalls, “When we started in Pakistan there was no company focussing on the end to end security services, although there were many big players in the software and services domain, who were selling security devices including firewall, IDS, IPS, etc. If you see Information security domain, it starts with assessing an organization, evaluating their risks in terms of the areas where they need more security, etc. This is called end-to-end solution, which we are focussing on.”

“We started off with professional services including security services, penetration testing, security audits, ISO 27001, security assessments, PCI GAP analysis, etc. After 2-3 years we looked into various solution portfolios, because then our customers were coming back to us and asking for various solutions as well. So that is when we decided to increase our portfolio and increased solutions side as well,” maintains Suja.

Rewterz deeply assesses the organizations’ threats and vulnerability and submits a strategic and analytic report. Once the organizations decide on the proposal, Rewterz provides them a number of solutions, which could include Two Factor Authentication, Intrusion Prevention Systems (IPS), Threat Managements, etc.

“We are partner with various companies for these solutions. And our entire team is certified on those solutions. Plus, we have an R&D department, which basically monitors the security threats and vulnerability all over the world,” Suja added.

Rewterz is closely working with government, oil & gas and Telcos in this region. Suja maintains, “We see a lot of opportunity in the government sector – especially since His Highness Sheikh Mohammed has initiated the conversion of e-government to m-governance. A lot of organizations – government and semi-government – are moving their services to mobile. We are sensing a lot of requirement of mobile security as well. “

Finally…

For a larger cause, Rewterz releases threat advisories from time to time and contributes to a lot of non-profit security organizations. In the future Rewterz will broad base its portfolio of offerings and bring more vertical-specific solutions. It will also have its presence in different GCC countries like Qatar, Saudi, Oman, etc.