By : Wael Elhosany

The British Egyptian Business Association (BEBA) has organised on Monday a Breakfast Briefing on Cyber Security: How to Mitigate the Growing Digital Risks and Hazards. Four high-profile experts have participated in the briefing, namely Mr. Mohamed Moustafa Abdelrasool, CEO and Managing Director of Orient Insurance; Dr. Ahmed Ali Abdel-Hafez, Vice President of Cyber Security Affairs at the National Telecom Regulatory Authority (NTRA), Mr. Walif Auf, Vice Chairman at Medmark Insurance Brokerage; Mr. Thomas Cook, Regional Associate Director of Cyber Middle East and African at Howden Insurance Brokers; Eng. Samah Khamis, Head of Cyber Security and Tech Strategy at Vodafone Egypt; Mr. Omar Shawki, Partner at Mazars in Egypt -Mostafa Shawki and was moderated by Karim Refaat, CEO and Chairman of N Gag Consulting.

Dr. Ahmed Ali Abdel-Hafez started the talk saying that the Egyptian government has established in 2014 the Egyptian Supreme Cybersecurity Council (ESCC) with a committee tasked with monitoring cyberspace and developing a national strategy to face and respond to the cyber threats and attacks and oversee its implementation and update. The council’s establishment marked the beginning of a new era for all security agencies in the country and all crucial infrastructure.

He further elaborated that the ESCC’s objective is to bolster strategies and frameworks to safeguard all governmental digital assets, emphasising the importance of asset protection during this transformation.

This has led to a comprehensive overhaul of the communication system in the country and eventually drawing up a comprehensive five-year cybersecurity strategy from 2023 to 2027, he added.

"The nation has been implementing a comprehensive five-year cybersecurity strategy from 2023 to 2027, with the primary goal of safeguarding organisations from potential threats.”  Dr. Abdel-Hafez said.

He explained that the ESCC is considering a new framework for technologies like 5G and IoT, aiming to utilise these technologies securely.

Moreover, Dr. Abdel-Hafez highlighted that the NTRA is fostering numerous innovations, enhancing intelligence, and improving analysis. The NTRA is proactively working with various meta-sectors to ensure their protection. If any superior hybrid solutions are identified for any critical government infrastructure, it is tasked with managing them, he noted.

The NTRA official further said that cybersecurity is often considered a standalone field. However, the NTRA is planning to foster collaborations both nationally and globally.

He further stated that countries worldwide are striving to enhance their cybersecurity capabilities. He pointed out that there are over four million job openings in cybersecurity. Therefore, capacity building is crucial to equip individuals with the skills needed to work in this sector. Dr. Abdel-Hafez described cybersecurity as a triad of technology, processes, and people’s ability to adapt to the technology.

He also mentioned that a significant percentage - 80 to 90 per cent of incidents result from a lack of awareness. The first step to address this issue is through academia and how it can be leveraged effectively.

Meanwhile, Mr. Omar Shawki expressed that vision transformation is a significant topic that he aims to address to the broader society.

He acknowledged that his company works extensively with businesses, often assessing their controls and risks. One of the major threats the company identified is the insider threat. He emphasised the importance of discussing this issue, noting that the broader context of the country is not the only concern.

He also mentioned that the COVID-19 pandemic has accelerated this transformation. He observed that government aspirations are also a part of this changing landscape.

Mr. Shawki further discussed the challenges of managing and mitigating risks associated with new software and hardware.

He highlighted the example of electronic invoicing, which now involves nearly half a million companies on their platform. This digital transformation, especially for those who may not have previously digitised their processes, presents significant risks in managing their software and hardware, he added.

He also mentioned the potential of smart devices and how Mazars-Mostafa Shawki assist their clients. The company has established processes to help organisations implement appropriate measures to mitigate cyber risks.

He brought up the concept of cyber insurance, which is increasingly being offered these days, noting that his company is seeing a surge in tenders and client engagements in this area.

"Mitigating cyber-attacks requires increased organisational education, and leveraging innovation is crucial for an effective response to any potential threat.” Mr. Shawki said.

He mentioned that clients are often asked if they have cyber insurance. This is a method for clients to safeguard themselves from potential damage. He explained that clients may implement processes and procedures that are favoured by cyber insurance companies, as these measures can provide protection in the long run.

For his part, Mr. Thomas Cook explained that the topic of cyber insurance is multifaceted. The first question he usually encounters is about the post-incident costs. When evaluating cyber insurance, three key elements are typically considered:

Revenue: This is taken into account because it relates to the business and interaction costs associated with a cyber insurance policy. It’s also used to calculate the aggregate costs of a ransomware claim.

Personal Identity Information: The cost of restoring an individual’s personal identity information is another crucial factor.

Controls: Lastly, they consider the other controls that are in place.

These elements collectively help in assessing the scope and coverage of a cyber insurance policy, Mr. Cook added.

He added that while cyber insurance was primarily sought by financial institutions about five years ago, it has now become essential across a broad spectrum of sectors.

The adoption of cyber security insurance is witnessing its adoption by retailers, manufacturing companies, and Asian firms. When considering the media sector, there is a noticeable increase in the amount of content being posted at the start of the tank, Mr. Cook noted.

“This trend is not just global; it is also evident across all specific categories. One of the major challenges they encounter, particularly in the mid-nitics and high-end sectors, is the scarcity of information about tanks.”

Mr. Cook further explained that when it comes to European companies involved in the sale of duty fuel, a significant amount of information is being posted online across various new categories. However, they have noticed that even when this occurs, it is not always promptly notified in the app.

When examining companies in terms of actual cybersecurity, he reiterated that it is not just about the incidents but also about the optimisations. They typically advise their clients to identify the potential risks they might face and the measures they would take to mitigate such exposure.

He recalled a claim from a few years ago and noted that “as we increasingly transition to a digital world, sometimes what happens in our broader environment can have significant implications. For cyber insurance, when they sell policies to clients, they always advise them to retain a physical copy.”

Thomas Cook further explained that about two years ago, one of Howden’s clients experienced a cybersecurity attack. As part of the company’s cyber insurance, clients receive a policy document that includes a post-incident manager who can provide assistance during such events.

However, if all their documents were stored online and a cybersecurity attack occurred, resulting in network encryption, they would not be able to access or print their documents, which could potentially aid them.

Therefore, if their security controls are compromised due to a cybersecurity attack, it is crucial to have plans in place to navigate through the attacks and minimise the cost of such incidents. This approach is of utmost importance, he said.

"Enhancing collaboration between clients and insurance brokers is essential for addressing emerging challenges in the insurance landscape.” Mr. Cook said.

Meanwhile, Mr. Walid Auf stated that crime insurance is a significant area within the insurance industry.

To understand this better, Mr. Auf said it is crucial to delve into the psychology and dynamics of crimes. Crimes are primarily driven by three factors. The first is motivation, which is critical because every criminal is aware that they are violating the law and could face severe consequences.

Therefore, the incentive to break the law must be substantial, he explained. Motivation is thus a key factor. The second factor is that most criminals view themselves as intelligent individuals who can commit crimes and evade punishment.

He further explained that the second factor is that most criminals see themselves as clever strategists who can execute their crimes and escape punishment.

This also involves the perception of the other’s capacity, or the criminal to whom all actions are attributed. The third factor is the perceived vulnerability of the victim. The more vulnerable the victim appears, the greater the desire to commit a crime against them. Looking at the first factor, motivation, it is clear that the primary driving force for most criminals is money, Mr. Auf noted.

He continued to explain that over the years, money has been transitioning from physical establishments to online and digital platforms. The allure of the digital realm is growing daily. Mr. Auf mentioned an intriguing piece of information he came across just before the weekend: the S&P 500 IT index reached an all-time high. This is indicative of the increasing amount of money in the digital world, a trend that is expected to continue.

Regarding the capabilities of hackers, Mr. Auf said they possess the same skill set as developers. In fact, they are developers. When launching a website or any application, the developers who create it also test it against hacking. Thus, those who create technology have the same skills as those who hack it.

He also mentioned terrorist training camps, which can sometimes resemble state security force training camps in terms of the skills and capacities they possess. This suggests a growing capacity in that area. 

Mr. Auf emphasised that the third factor, particularly relevant in developing markets, is the vulnerability of the victim.

The lack of awareness, whether among individuals or within organisations, increases their exposure to successful attacks. Given that attacks are becoming increasingly frequent, it would be beneficial if cybersecurity colleagues could provide insights into the evolving success rates of these attacks, he said.

He continued, acknowledging the fluctuating state of improvement or deterioration, though Mr. Auf admitted he was not entirely sure about it. However, he emphasised its importance. “Given the interplay of these factors, we’re witnessing an increase in attacks.”

"Enhancing our cybersecurity posture requires acquiring additional knowledge and tapping into advanced international expertise, as our current challenge lies in the insufficient awareness of cyber threats within organisations.”

For Egypt, Mr. Auf believes Egypt is still at the beginning stages in terms of awareness. “There is a significant amount of work to be done by us as cybersecurity experts, the state, market players, and cyber insurance specialists. We all have a role to play in enhancing this awareness, and there’s still a long journey ahead.”

He suggested that this might seem obvious to him, but if there were more intellectually strategic and smart individuals who wanted to learn, he would welcome it. 

For his part, Mr. Mohamed Moustafa Abdelrasool, added to Mr. Auf’s points about the three causes of cyber-attacks.

"With the country undergoing a significant digital transformation, it is imperative to manage and address the associated risks to ensure a secure and resilient digital landscape.” Mr. Abdelrasool said.

He suggested that perhaps they haven’t made enough effort to educate their existing and potential clients about cyber insurance. Many people are unaware of the existence of cyber insurance.

Secondly, when clients or potential clients consider cyber insurance, they often perceive it as very costly, which is not the case, he added. In fact, for a large corporate client, the cost of cyber insurance is less than what they would pay for property or fire insurance for their factory.

Mr. Abdelrasool further emphasised the importance of ensuring that they are obtaining full-time degrees. This is crucial. However, as Mr. Cook pointed out, it is all based on information. “The more information you provide to us, the better your premium will be.”

“There’s a principle in insurance that you need to take precautions and security measures as if you’re uninsured, similar to fire insurance when insuring a factory that might be prone to fire.”

“We cover the security and privacy aspects, so we compensate for the damage, we are responsible for the damage, and we cover the legal expenses.”

Mr. Abdelrasool mentioned that the legal costs linked to all marketing activities, including Facebook pages, Instagram, websites, and other marketing efforts, are covered. He gave an example where a cyber-attack occurs and the hacker takes control of the website and Facebook page, using them to attack or offend our competitors. If our competitors were to file a legal case against us due to this, the associated legal expenses would be covered.

He further stated: “Perhaps it’s the inherent risk; it’s cautious; it’s not a doubt; but we have a solution for this. Another important aspect we cover is reputation. In the event of an overt attack, the repetition is significantly better.”

There might be a need to hire a public relations firm to restore its reputation, he suggested. “When a company’s reputation is impacted, it can take years to rebuild, so we also cover this. Interestingly, we are very discreet, making it a better deal.”

“A cyber-attack can disrupt business operations, either partially or fully. So, we cover your profit and operating expenses associated with the partial or full shutdown of your business until you regain your normal operations.”

Mr. Abdelrasool elaborated that cyber insurance is similar to other types of insurance and offers various coverage options. His company advises customers on the value chain of insurance and the importance of cyber insurance. A broker guides customers on what to purchase based on the policy’s minimum liability coverage. They pay up to a certain limit, and any amount below this is the customer’s responsibility.

They work closely with customers, advising them on risk management and providing training tips, as education is crucial in this field. They emphasise the importance of being cautious with messages and emails to prevent data leaks, he added.

He highlighted that not only large businesses are targeted by cyber-attacks, but also small and medium-sized enterprises (SMEs), which account for 50 percent of cyber-attacks globally. Therefore, businesses of all sizes need to be prepared for potential attacks.

Moreover, Mr. Abdelrasool also noted that not all hackers are professionals; some do it for fun or to prove themselves. Many hackers have psychological issues, and their motivations aren’t solely about money. They seek to demonstrate their ability to dominate and control.

On the other hand, Eng. Samah Khamis, emphasised that technology companies need to acknowledge security as a priority. By recognising this, they can develop strategies and make the necessary investments. Since 2017, Vodafone Egypt has been working on securing technology and services. The shift to digital has increased tax rates and the use of online services. Vodafone Egypt has tools to protect online transactions and understand that building this strategy is a continuous journey.

"Every organisation must recognise the tangible threat of cyber risks and establish a robust cybersecurity strategy, reinforced by tools, resources, and a skilled workforce.” Eng. Khamis said.

She added that building secure systems is a continuous journey, not a quick fix. There is a global shortage of security experts. However, Eng. Khamis is hopeful as more educational institutions are introducing cybersecurity and AI programmes. She believes that organisations are now prioritising cybersecurity and implementing appropriate policies and strategies. She advises customers to consider the security measures of their service providers, especially in the digital world, to ensure the safety of their transactions and personal information.

She further stated that half of the attacks originate within the organisation itself. “Therefore, it is not just about implementing the right tools, systems, and policies, but also about raising awareness among your own people about the importance of using strong passwords.”

Mr. Karim Refaat concluded the panel by saying: "Empower organisations by boosting awareness of cyber threats and implementing strong cybersecurity strategies. Collaborate with insurance brokers, enhance education, and leverage innovation. In our digital era, acquiring international expertise is crucial to manage associated risks effectively."