Haider Pasha’s passion for technology and cybersecurity ignited the vibrant landscape of Dubai, eventually leading to a distinguished career spanning renowned organisations like Cisco, Symantec, and Palo Alto Networks.
The conversation also delves into artificial intelligence’s (AI’s) transformative role in bolstering cybersecurity defences, shedding light on its potential to revolutionize threat detection, response, and prevention. Moreover, we dissect emerging trends in cybersecurity for 2024, including the rise of zero-trust architecture, the evolution of the CISO role, and the increasing prevalence of deepfake technology in cyberattacks.
From leveraging AI to fortify security measures to fostering a culture of awareness and education, this dialogue offers invaluable perspectives on safeguarding digital assets in an ever-evolving threat landscape.
Tell us how you got into the field of technology and cybersecurity and what your journey has been like.
Technology has always played a major role in my life. Being brought up in Dubai, a regional hub for innovation, I have always been exposed to technology, beginning with computers and hardware applications in the 80s and 90s. My interest grew when I decided to pursue a bachelor’s degree in computer science from Purdue University in the U.S., learning about various subjects such as coding, programming languages for computer operating systems, and the wider technology landscape.
During my first job at Cisco in the U.S., I witnessed a security breach at a large global e-commerce organisation in the first couple of days of my job. I was amazed at how hackers were able to bring down the website of this e-commerce giant and how it cost millions of dollars in damage in such a short period. This made me more intrigued and interested in getting into cybersecurity and understanding this sector’s depth, challenges and complexities.
Every day is a new day in the field of cybersecurity, and there have been many achievements over the years in my career. From my previous tenures with Cisco and Symantec to my journey with Palo Alto Networks, which began in 2018, it has been nothing short of an exciting journey filled with challenges, opportunities, innovation, and education.
How has cybersecurity as a space changed and transformed in a post-pandemic world?
The COVID-19 pandemic has significantly impacted the cybersecurity sector, leading to several changes and transformations. With the shift to remote and hybrid work, cybercrime, such as phishing attacks, malware campaigns, and ransomware, has risen. The pandemic also accelerated digital transformation across industries, including the adoption of cloud services and IoT devices, which meant there were new security challenges to address.
Following the pandemic, we have also seen a rise in zero-trust architecture, which plays an important role for organisations as the business environment has shifted dramatically. Employees require flexibility not only in where they work but also in how they work and the applications they now utilize to complete their work.
What has AI’s impact been in the cybersecurity space, and how can it help build better security systems?
Palo Alto Networks commissioned research in 2023 with Censuswide that showed that 81% of UAE organisations surveyed see AI as an important enabler for their overall cybersecurity approach. By incorporating AI into their cybersecurity strategies, organisations in the UAE and wider region can improve their ability to defend against a wide range of cyber threats, reduce response times, and gain better visibility into their security posture – combined with other best cybersecurity practices such as employee training, strong policies, and a layered security approach.
What should organisations keep in mind in 2024 while looking at cybersecurity?
Palo Alto Networks predicts that in 2024, CISOs will need to focus on facilitating and communicating risk for AI-enabled projects to the business and deploying AI-enabled platforms to decrease complexity and increase security. The CISO role will also evolve toward Chief AI Security Officer (CAISO), using AI models to help predict threats proactively via real-time and autonomous systems.
In addition, boards need to embrace cybersecurity and build a governance framework for cyber resilience. The willingness to upskill cybersecurity knowledge will be a key driver for fostering CISO/Board trust.
Palo Alto Networks also anticipates that at least 50 per cent of organisations in critical infrastructures, such as financial services or national security, will launch projects to assess the impact of emerging quantum computing on their cybersecurity posture.
Organisations will also align security closely to the software development pipeline so that security is built at the same speed that applications are engineered.
What are the top five trends in the cybersecurity space?
We are seeing a rise in the adoption of cloud computing, which provides organisations with greater scalability in infrastructure. Generative AI will also rapidly increase in 2024, with attackers leveraging AI tools like ChatGPT to enhance and streamline cyberattacks and organisations using them to improve cybersecurity measures.
We are also seeing the evolution of corporate IT environments due to factors like the rise of cloud services, hybrid work models, and IoT devices. Organisations are shifting towards integrated security platforms that consolidate all security capabilities into a single solution, decreasing cost and complexity but not increasing efficacy. Businesses will learn that consolidation does not equal platformisation, and projects focused on cost efficiency without a focus on optimisation and better security outcomes will fall short.
As gen AI progresses, so do deep fakes. How is AI currently used to create malware?
Deepfake technology has been a growing concern globally, especially because of its potential misuse. One trend that we have seen in the Middle East is increased sophistication, which means that as deepfake technology evolves, the attacks have become more realistic, making it harder to identify and mitigate them.
Deepfake technology is also used in financial fraud, which involves impersonating individuals to access sensitive information or authorising fraudulent transactions.
According to Gartner, by 2026, cyberattacks using AI-generated deepfakes on facial biometrics will mean that 30% of enterprises will no longer consider such identity verification and authentication solutions reliable in isolation.
How can AI/gen AI be effectively used to solve these very challenges?
AI and GenAI can help cybersecurity by enhancing threat detection, response, and prevention. GenAI helps to surface information quickly, and security analysts can also learn from previous patterns found in cyber threats, helping action before a breach occurs.
GenAI can also help with automated and enhanced security measures to generate complex passwords and encryption keys.
What are the key factors organisations need to consider to ensure better security?
It is important for security heads and CISOs to set strong strategies in advance, including device identification and behavioural analytics, which can increase the chances of detecting attacks.
With digital transformation taking over, each individual needs to understand the potential threats of deepfake technologies and their potential threats – education and awareness on how to distinguish the real from the fake and ways to consume more trustworthy information can go a long way.
