Azar Alili, a cybersecurity expert from Azerbaijan, has over a decade of experience in this field. During this time, he has attained a prominent position and expanded his career beyond national borders. According to Alili, he is widely recognised as a leading authority in cybersecurity across Eastern Europe, the Middle East, and Central Asia.
Alili focuses on developing cybersecurity solutions and strategies while prioritising the enhancement of regional and international security. He regularly presents innovative cybersecurity products developed by his team at international events. he writes blogs to raise awareness and is the founder of OWASP Baku, a non-profit organisation dedicated to improving application security.
Collaborating with Forbes Georgia, Azar Alili shares insights regarding the challenges and developments of cybersecurity in the region, as well as his plans for entering the Georgian market.
Can you provide an overview of the current cybersecurity landscape in the Caucasus, Middle East, and East Europe regions? Are there any notable trends or challenges?
The cybersecurity landscape in these regions is always changing and evolving. We face various traditional and sophisticated threats like phishing, ransomware and targeted attacks on critical infrastructure.
Challenges include the absence of unified cybersecurity regulations and differing levels of cybersecurity maturity among organisations. Geopolitical tensions can exacerbate these challenges, leading to cyber conflicts and increasing the frequency of cyber-attacks. State-sponsored actors may exploit these situations for their own gain. This diversity requires a multifaceted approach to cybersecurity, with organisations needing to defend against a broad array of threat actors.
Economic disparities within the region can lead to variations in cybersecurity readiness. Some countries may have advanced cybersecurity infrastructure and skilled professionals, while others may lag, creating potential vulnerabilities. With the acceleration of digital transformation in the region, organisations encounter a dual challenge: securing new technologies and upskilling their workforce to understand and combat emerging threats.
How would you assess the level of cybersecurity awareness among businesses and individuals in these regions? What’s OWASP Baku’s role in this regard?
Assessing cybersecurity awareness involves considering various factors like existing educational programs, incident reporting and the adoption of security measures. Developing and implementing tailored cybersecurity training programs for businesses and individuals is crucial. These programs should address region-specific threats and challenges.
Additionally, partnering with local educational institutions to integrate cybersecurity education into the curriculum fosters awareness from an early age. establishing local chapters for regular meet-ups also encourages knowledge exchange within the community.
By integrating these assessment methods with proactive measures, businesses and communities can collaborate to raise cybersecurity awareness, diminish vulnerabilities, and foster a more resilient digital environment. OWASP Baku’s involvement in these initiatives amplifies their impact by leveraging the collective expertise and networks within the cybersecurity community.
Artificial intelligence (AI) is becoming more prevalent across diverse sectors. How do you see AI technologies shaping the future of cybersecurity?
AI technologies are indeed shaping the future of cybersecurity in significant ways. AI-powered tools can analyse large datasets and identify patterns indicating sophisticated threats, providing a proactive approach to threat detection.
AI can detect unusual patterns that may signal insider threats or compromised accounts, enhancing security measures. predictive analytics driven by AI can anticipate potential vulnerabilities or weaknesses, allowing organisations to take proactive measures to address them. AI-powered analytics can efficiently process and analyze vast amounts of security data, improving the overall effectiveness of cybersecurity efforts.
The integration of AI into cybersecurity is transformative, empowering organisations with advanced tools to enhance detection, response, and overall resilience against a wide range of cyber threats. As cyber threats evolve, the role of AI in cybersecurity will become increasingly crucial in staying ahead of adversaries and safeguarding digital assets.
Having experience in startups, what unique challenges do cybersecurity startups face, and what advice would you give to entrepreneurs entering the cybersecurity space?
In today’s competitive landscape, cybersecurity goes beyond defence – it’s a strategic advantage. Enterprises investing in cybersecurity not only fortify defences but also build trust, protect intellectual property and ensure business continuity. Robust measures are crucial, especially in innovation-driven regions, to safeguard assets and maintain competitiveness.
Industries like finance and healthcare demand stringent cybersecurity standards, driving businesses to expand into new markets. For cybersecurity startups, success lies in proactive and adaptive solutions, positioning them as industry leaders in an ever-evolving landscape.
What is the current state of the cybersecurity landscape in Georgia, and what are the main challenges it faces?
The cybersecurity landscape in Georgia presents several notable challenges, with a primary issue being the scarcity of professional expertise. Despite efforts to bolster cybersecurity projects in the country, finding skilled professionals remains difficult. A brief study conducted on this matter revealed that even foreign companies operating in Georgia struggle to locate proficient local talent. mastering cybersecurity demands extensive experience and expertise. Achieving proficiency in such areas typically requires several years, if not a decade, of dedicated practice and learning.
Another major concern revolves around local regulations, particularly those aimed at safeguarding national security interests. These regulations often mandate the involvement of local companies in cybersecurity projects, hindering trans-border transfer of private customer data. For instance, the requirement for local presence compelled Amazon Web Services (AWS) to establish a cloud service provider in Georgia, driven by governmental pressure rather than market demand.
How can organisations in these regions address the talent shortage?
Addressing the global shortage of cybersecurity professionals is indeed a critical challenge. In the Caucasus, Middle East, and East Europe region, organisations can take strategic initiatives to mitigate this shortage and ensure a robust cybersecurity workforce. Emphasising specific skills in the next generation of cybersecurity experts is crucial.
By combining efforts to address the talent shortage with a focus on developing these essential skills, organisations in the regions can strengthen their cybersecurity defences and build a resilient workforce capable of addressing the complex challenges in the digital landscape.
Do you have plans to enter the Georgian market with the goal of raising awareness and disseminating knowledge?
I have friends and colleagues in Georgia, and we are considering establishing a cybersecurity company there within the next three years. The company will primarily consist of a Georgian team, utilising local talent. We plan to transfer our expertise to Georgia, but our expectation is to find and employ local engineers.
Additionally, we are already involved in the field of education. Our plan involves offering long-term training programs spanning several years, rather than just a few short courses. Our educational curriculum consists of six progressive steps, from beginner to advanced levels. It typically takes 1 to 1.5 years for individuals to reach a certain proficiency level.
Who is the biggest threat in the region? Is it Russia?
It depends on the country. In Azerbaijan, the threat doesn’t only come from Russia, but also from Iran. When political tensions arise, we often feel the impact on our systems, whether it’s from the north or the south. Similarly, for Armenia, the primary threat comes from Turkey and for Georgia, it comes from Russia.
But we all have same problem. The level of digitalisation across the region isn’t at the desired level, despite varying advantages in different sectors. For instance, in the private sector, digital banking is advanced in Georgia, while Azerbaijan has an edge in the government sector. However, data analytics and data-driven decision-making are largely underdeveloped in the Caucasus region.
Is there potential for Georgia and Azerbaijan to collaborate as partners in the field of cybersecurity in the future?
It should be. When facing attacks, having dedicated centers, teams, and tools to detect them is crucial. If someone targets Azerbaijan’s financial system, forming partnerships would be beneficial. By sharing threat signals, Azerbaijan can alert Georgia, enabling them to prepare accordingly, and vice versa.
This mutual collaboration creates a win-win situation. Additionally, sharing knowledge and expertise, both at the private and government levels, is advantageous. Establishing an academy together would allow for the creation of more resources. Cooperation among Georgia, Azerbaijan, and Armenia would be ideal, similar to Baltic countries, but politics currently hinder such collaboration. S