COLUMN



        CYBERSECURITY



        ECOSYSTEM IN


        MENA REGION MAKES



        MAJOR PROGRESS



        By
        Adham Etoom,

        Head of Policy & Compliance at National
        Cyber Security Center of Jordan



        Almost more than two thirds of earth’s popu-  risks. Only a few countries have created  the national cybersecurity framework. The
        lation are connected to the Internet. Hence,  and implemented national cybersecurity  risk-based framework focuses on risks
        businesses and individuals are similarly  defense strategies and capabilities. These  aspects in all its capabilities and involves
        more reliant than ever on the Internet in  governments are handling cybersecurity as  risk  quantification  as  decision  support
        virtually every aspect of their existence.  strategically and with as much importance,  capability at enterprise, sector, and national
        Therefore, the sum of all possible security  as the defense programs in the land, sea,  level.
        risk exposures of such global connectivity  air, and space domains.
        and dependency is truly huge.                                                 A robust governance system is a necessity
                                               No government alone has the ability to  as tension exists between the regulating
        When it comes to cybersecurity no enter-  improve overall cybersecurity maturity at  entity and the enforcement entity.  The
        prise is an island, even if it exists in  the national level and to mitigate cyber risks  sector regulators are responsible not only
        metaverse. Every entity of any complexity  properly without help from the private-sec-  for creating awareness about cybersecurity
        exchanges sensitive data and intercon-  tor, academia, citizens, professionals, cyber  standards and mandatory requirements in
        nects networks with customers, suppliers,  experts and leaders who can envision  and  their respective sectors but also for  enforc-
        and other business partners. As a result,  implement a forward-thinking strategy.   ing them. To ensure effective compliance,
        cybersecurity-related questions of trust and                                  sector committees typically audit sectoral
        the burden of mitigating strategies have   Buzzing With Activity              entities on a periodic basis and may choose
        become paramount to value chains in many                                      to apply incentives or penalties.
        interdependent sectors.                Various governments in MENA region have
                                               adopted a series of measures  in recent   2. National Critical Infrastructure Protection
        In  the  21st  century,  one  of  the  biggest   years to develop and advance cybersecurity   program – The primary focus of a cyberse-
        threats that nations face is from state-spon-  defenses capabilities at the national level.   curity center or agency should be protecting
        sored cyber warfare. State-sponsored   Some of the measures are:              critical infrastructure. Critical infrastructure
        cyberattacks carry out disruptive attacks                                     is typically the most attractive target for
        and infiltrate the critical infrastructure of  1. Establishing a dedicated national cyber-  bad actors.  Disruption to critical infra-
        countries around the world for political, sci-  security center or agency to guarantee   structure can have severe impact on the
        entific, economical, or financial reasons or   overall responsibility and accountability   economy, business confidence, public trust,
        all reasons may be combined.           and to provide  national oversight. The   society, and even on overall national secu-
                                               agency is tasked with defining and driving   rity. Critical infrastructure typically consists
        A cyber-attack on any critical infrastructure   the cybersecurity agenda of the country.   of both information technology systems
        in one sector can lead to disruption in other   This involves developing a consistent   and operational technology facilities. This
        sectors as well. For instance, an attack on   national cybersecurity  strategy  with  a   makes it harder and more complicated
        a national power grid may disrupt telecoms   portfolio of initiatives, such as protecting   to protect without understanding these
        networks and have a massive impact,    critical infrastructure, mobilizing the right   intricacies, especially in technology con-
        undermining  availability,  confidentiality,   response to cyber incidents, defining cyber-  vergence of both aspects.
        and integrity of data, and causing financial   security frameworks, standards, improving
        loss from several interdependent sectors   the cyber awareness of citizens, as well as   In Jordan, the NCSC JO works with the
        at the national and/or international level.   developing and advancing cybersecurity   regulator of each critical sector to prepare
        Although cybersecurity risks are recognized   workforce capabilities.         criteria for what should constitute critical
        internationally,  governments still strug-  In Jordan, the National Cyber Security   assets in that sector. Employing a glob-
        gle to define the right way to tackle such   Center (NCSC JO) has started to develop   ally accepted standard makes it easier for
        18  | NOVEMBER-01-2022                                                                 WWW.GBP.COM.SG/DAILY NEWS