CIO Wahid S. Hammami discusses new capabilities to safeguard online services and bolster Vision 2030 rollout
8 October 2019: Saudi Arabia’s Ministry of Energy today outlined how it is adapting and maintaining its world-class defense against evolving global cybersecurity threats.
“Cyberattacks aimed at disrupting critical infrastructures are becoming more nuanced, advanced and difficult to spot. There can be no compromise when it comes to our defensive posture and we cannot afford any disruption or downtime. There is no margin for error as we expand, safeguard and diversify the Kingdom’s future energy security,” said Wahid S. Hammami, CIO, Ministry of Energy, speaking at GITEX Technology Week 2019.
A key component of the Ministry’s bid to reinforce its cybersecurity and digital transformation credentials entails working with application delivery and multi-cloud application services expert F5 Networks to protect online services
Ensuring robust security and available, agile service delivery is more important than ever as the Ministry ramps up its central role in Saudi Arabia’s era-defining Vision 2030 rollout.
The government expects local energy consumption to increase three-fold by 2030, which will require combining hydrocarbon-based energy sources with renewables, as well as driving a host of cutting-edge R&D initiatives.
To stay ahead of the curve, and to lay the foundation for future success, the Ministry deployed F5® BIG-IP® Local Traffic Manager™ (LTM). This enables it to move beyond mere load balancing to achieve intelligent, granular network control based on server performance, security, and availability.
Because BIG-IP LTM is a full proxy, it is possible to inspect, manage, and report on all application traffic entering and exiting the network. It also helps simplify, automate, and customize application services faster and with greater predictably.
LTM is augmented with F5® Advanced Web Application Firewall (Advanced WAF) to stop attacks before they reach applications, while also providing critical security controls to protect data both on-premises and in the cloud.
“The threat landscape is vastly different than it was even a few years ago,” said Hammami.
“A traditional WAF was once enough to mitigate application layer attacks. This is no longer the case and keeping up with increasingly advanced attack tactics requires a step-change. Exploits are outpacing existing defences and, even when a traditional WAF can mitigate the threat, the associated implementation and management can be problematic.”
F5 Advanced WAF addresses such challenges head on, providing malicious bot protection, application-layer encryption, API inspection, and behavioural analytics to defend against application attacks. It also addresses the problem of cybercriminals’ increasing use of automation to scan
applications for vulnerabilities, attack account credentials, or cause denial of service (DoS).
With F5 Advanced WAF, the Ministry uses proactive bot defences to stop automated attacks, leveraging a combination of challenge- and behaviour-based techniques to identify and filter out bot traffic. Advanced WAF also includes F5 DataSafe, which encrypts data and credentials at the application-layer—without having to update the application.
The Ministry’s work with F5 to date also encompasses F5® BIG-IP® Access Policy Manager® (APM), which gives users easy, contextually secure and scalable access to applications and data, irrespective of device or location – from data centre and the cloud to SaaS-based or hybrid environments.
Meanwhile, data centre and disaster recovery are handled by F5 global server load balancing (GSLB) to ensure the high availability of your global applications in all environments.
F5 GSLB distributes user application requests based on business policies, data center and cloud service conditions, user location, and application performance. Underpinned by the BIG-IP platform, the solution delivers high-performance DNS services with visibility, reporting, and analysis. It can also hyperscale and secure DNS responses geographically to combat DDoS attacks and deliver a real-time DNSSEC solution.
“Attacks against organisations in charge of critical assets will only continue to increase across the world, and Saudi Arabia is no different. The challenge is complex and fast-changing, which is exactly why we need to work with experts like F5 Networks that can scale and adapt to our operational and service-delivery ambitions, as well as the evolving challenges we face,” added Hammami.