ISJ Exclusive Interview: Omar Al Barghouthi, Dragos, Inc.

omar

Share this content

Facebook
Twitter
LinkedIn

International Security Journal catches up with Omar Al Barghouthi, Regional Director – Middle East, Dragos, Inc. to find out more about the company’s mission to secure critical infrastructure and safeguard civilisation.

2022 has been a busy year for Dragos. Not only did the company launch its new OT-CERT in June 2022 (Operational Technology – Cyber Emergency Readiness Team), Dragos was also one of 18 others that, in May, pledged to help mobilise global commitment towards strengthening cyber resilience across industry ecosystems at the World Economic Forum Annual Meeting 2022.

It is no surprise therefore that Omar Al Barghouthi – an industry veteran with a strong background in leadership, strategy, technology, sales and business development – was instantly drawn to the company’s mission to “safeguard civilization”—in other words, protecting people and the critical infrastructure and industries that support them from “digital adversaries.”

“I’ve been in cybersecurity for the last ten years,” Al Barghouthi told International Security Journal. “Prior to joining Dragos, I was with IBM in region. When I look at why I joined Dragos, what attracted me was the mission; what we’re trying to do is build a community, one that is aware, skilled and prepared to secure critical infrastructure across the region.”

Al Barghouthi explained that a key component in the creation of a security community like this is utilising processes of raising awareness, communication and education around operational technology (OT). He continued: “The OT cybersecurity problem is newer, unlike the IT security domain which is more or less 30-40 years old. When looking at OT cybersecurity, we’re only really looking as far back as 2010/2011, because that’s when the first APT attacks happened, coinciding with industrial systems becoming more connected to the internet.”

Al Barghouthi considers this period as defining; it was a moment when the industry truly started focussing on the cybersecurity of OT systems, with vulnerabilities clearly becoming exposed. Though an increase in attacks on OT systems has occurred year on year, more is being invested into further developing the industry’s OT cybersecurity lens so experts are able to look, investigate and monitor the infrastructure and spot threat patterns.

“This is why we’re building a community – this is a problem that can’t be addressed by a single vendor or customer,” he continued. “Instead, we need to look at it from the perspective of community defence. This means partnerships within the ecosystem, such as with clients and partners in the private and government sector. It also means partnering with academia and the education system because there’s a massive skills shortage in the cybersecurity domain overall, let alone in OT cybersecurity specifically.

“We’re looking at partnering with academia to help the next generation of OT cybersecurity specialists across various domains. In addition, we’re building the next generation of OT cybersecurity specialists. We are offering a lot of training and awareness to also build a technical community across whoever already has OT cybersecurity skills. This is critical because the threat landscape is constantly changing.”

The power of collaboration

Industrial infrastructure and critical infrastructure organisations across the world provide services that shape our daily lives. For instance, power and water generation plants, manufacturing facilities, food, beverage and pharmaceutical providers and oil and gas ecosystems rely on technology that helps them operate at maximum efficiency. However, the operational technology that underpins these organisations is more prone to cyber-attacks now, more than ever before.

“When we focus on the Gulf Cooperation Council (GCC), and more specifically, its industrial sector, we can see that over the last ten to twelve years it has been exploring ways to leverage digital transformation to play an increasingly pivotal role in GDP growth,” explained Al Barghouthi. “There is a drive to diversify non-oil and gas economies.

“With these initiatives taking place across governments in the Middle East, ICS and OT cybersecurity becomes more critical than ever, when looking to protect citizens and also help contribute to the economic advancements in our society. At Dragos, we work to partner with the Middle East industrial community, to protect people and make the industrial community safer from cyber-threats while the country’s innovators pursue digital transformation.

“In the UAE, we’ve made an investment here and we have built an entity; we built a training facility that is part of our commitment to the government and the business community to focus on protecting the industrial sector to support initiatives such as operation 300 Billion, which calls for the sector’s GPD contribution to leap from $36 billion to $82 billion by 2031.”

When thinking about private and public sector partnerships and making community defence a reality, Al Barghouthi clarified that this mission can only be a success if collaboration is placed as a key objective. “There needs to be effective partnerships in place to make sure that communities are safe and that the global services and citizens rely upon are always available,” he continued.

“Success in our mission to safeguard civilisation is only possible with our customers and partners; their tireless efforts to secure our infrastructure too often goes under underappreciated.”

A new era

From Al Barghouthi’s perspective, in our modern world, we’re entering a new era of OT cyber threats. Local communities and global economies are facing the effects of high profile ICS attacks as adversary threat groups launch increasingly advanced and sophisticated attack frameworks.

“We could see this evolution start to take place in 2021. In that year, and earlier this year, we saw some of these adversary groups reach what we call stage two of the ICS Cyber Kill Chain; this means that they have gained access directly to the ICS and OT networks.

“If you look at traditional OT infrastructures, they can be seen as more heterogeneous systems. So, for an attacker or a group to be able to breach a certain location, refinery or substation, they have to design the attack and the malicious code to target that specific infrastructure in that specific location.

“Now, with digital transformation, while the industry has put a challenge on OEM vendors, we want to decrease operational expense; we want to be able to grow the business. So, we started building what we call more homogeneous systems or infrastructures. This means that if attackers are able to build an attack framework and gain access in one kind of OT systems stack, another OT systems stack is going to have similar architecture and, with a little bit of fine tuning, the attack could be scalable across networks.”

In many ways, the next evolution happened earlier in 2022 when PIPEDREAM, a sophisticated attack framework was identified as the first truly scalable and repeatable ICS toolset capable of causing disruption to a broad range of industrial control systems across industries at scale.

Al Barghouthi concluded: “While we work on fact and not predictions, we can forecast that we will see more scalable attacks in the coming year meaning that the risk to industrial organisations across the board is reaching a new level. OT cybersecurity is becoming more urgent and critical.”

This article was originally published in the November edition of International Security Journal. To read your FREE digital edition, click here.

Newsletter
Receive the latest breaking news straight to your inbox