Building and Operating a threat-driven SOC
As businesses learn to better protect themselves, criminals are simultaneously devising increasingly sophisticated techniques to penetrate their security barriers. Attracted by the unprecedented financial rewards that cyberattacks can deliver, growing numbers of threat actors are actively seeking and targeting undiscovered security flaws. In this environment, many organizations are establishing Security Operations Centers (SOCs) to combat security issues as they arise, providing a swift response and a decisive resolution. However, the ever-growing volume, complexity, and severity of today’s cyber threats means that documenting processes, implementing basic technologies and building a team of monitoring and response specialists is just the beginning. Without the ability to continuously adapt and advance, in response to ongoing changes in the threat landscape, the effectiveness of the SOC may be compromised.
Ahmad joined Kaspersky in 2014 as a Senior Security Consultant, in 2022 he stepped up to be Head of Presales for Egypt & Africa. Ahmad is responsible for Africa and Egypt Presales team management, technical consultations on the evolving cyber threat landscape, Kaspersky enterprise solutions, and threat intelligence services. Prior to joining Kaspersky, Ahmad was a Security Consultant at SecureMisr. He led infrastructure security assessments and penetration testing projects for government entities, banks, and service providers in the Middle East and Africa. Ahmad holds a bachelor’s degree in computer engineering and a professional diploma in cyber security from the Information Technology Institute (ITI). He holds various professional certifications from SANS institute and Cisco such as: GIAC Certified Incident Handler (GCIH), GIAC Web Application Penetration Tester (GWAPT), GIAC Security Essentials (GSEC) and Cisco Certified Network Associate (CCNA).