Booz Allen Commercial delivers advanced cyber defenses to the Fortune 500 and Global 2000. We are technical practitioners and cyber-focused management consultants with unparalleled experience – we know how cyber-attacks happen and how to defend against them.
Our strategy and technology consultants have empowered our international clients with the knowledge and experience they need to build their own local resources and capabilities.
In facing challenges of modernization, our Middle East and North Africa clients have complex requirements that benefit from our proven experience in guiding major programs and projects for governments and private-sector organizations. The services we offer in UAE, Qatar, Egypt, Turkey, Kuwait, Morocco, Jordan, and other regional countries build on our consulting legacy.
Our clients call upon us to work on their hardest problems—delivering effective health care, protecting warfighters and their families, keeping our national infrastructure secure, bringing into focus the traditional boundaries between consumer products and manufacturing as those boundaries blur.
Booz Allen was founded on the notion that we could help companies succeed by bringing them expert, candid advice and an outside perspective on their business. The analysis and perspective generated by that talent can be found in the case studies and thought leadership produced by our people.
Learn more about Booz Allen's diverse culture and environment of inclusion that fosters respect and opportunity for all employees.
We've come a long way delivering innovative solutions. But our next chapter is still being written.
Our 22,600 engineers, scientists, software developers, technologists, and consultants live to solve problems that matter. We’re proud of the diversity throughout our organization, from our most junior ranks to our board of directors and leadership team.
Booz Allen takes pride in a culture that encourages and rewards the many dimensions of leadership—innovative thinking, active collaboration, and personal service. We’re particularly proud of the diversity of our Leadership Team and Board of Directors, among the most diverse in corporate America today.
In the UAE specifically, the rise in e-commerce is primarily driven by mobile-first habits and one of the world’s highest smartphone penetration rates. Given increases in mobile shopping throughout the UAE and wider Gulf region, cybercriminal networks are increasing operations and targeting consumers by, for example, sending phishing emails or text messages advertising deals that are actually scams tricking consumers into revealing financial data or permitting malware
To steer clear of data theft and other cybercriminal attacks, customers should always remain wary of unexpected emails, keep track of their online orders and purchase histories, and never divulge personal information to unverified parties. Simple other steps, such as checking for the padlock icon in the address bar when shopping online, are equally valuable to maintain good online cyber hygiene as the icon indicates that data sent to the website, including payment card information, is protected in transit, thus minimizing the risk of interception or loss.
When it comes to retailers, physical point-of-sale (POS) terminals, poorly maintained websites, and unsecured e-commerce platforms are all perennial weak spots. All three are lucrative entry points for cybercriminals, who are not only after financial data but also customer information including purchasing habits or personally identifiable information such as payment card numbers, which can be sold on Dark Web forums. Third party suppliers also pose a risk given that retailers often have poor visibility into their security practices. For example, if a security-hardened retailer works with a third-party supplier with poor security hygiene, attackers can gain access to the retailer by targeting and infiltrating the supplier. Since the supplier enjoys trusted access to the retailer, attackers can exploit that trust – leaving even cyber-secure retailers vulnerable.
“To steer clear of data theft and other cybercriminal attacks, customers should always remain wary of unexpected emails, keep track of their online orders and purchase histories, and never divulge personal information to unverified parties. ”
Retailers should also be wary of using outdated software to safeguard against criminal activity as it poses a threat to the security of payment systems and customer data. Technology vendors publish updates that address flaws and vulnerabilities on an ongoing basis, so the most important thing a retailer can do, aside from purchasing the right technology, is to properly care for it through a regularly scheduled patch management and update process.
The lucrative nature of cryptocurrency mining is another key threat as cybercriminals exploit vulnerable computer systems and networks in the Middle East using malware to mine cryptocurrencies. According to Symantec, the skyrocketing and volatile prices for cryptocurrencies in the last quarter of 2017 spurred a significant increase in infection rates. These so-called “cryptojackers” compromise websites for popular brands, uploading malicious script that infects the web browsers of unsuspecting visitors. When customers visit infected websites using insecure means, the malicious script begins siphoning computing power to mine cryptocurrencies.
While not a conventional cyber threat, due to social media, brands must be mindful of malicious entities or even employees attempting to disrupt their online presence as online presence is a primary driver of revenue, brand recognition and traffic for online and physical stores. Retailers need to monitor online discussions about their brands as it is simple for malicious actors to conduct negative campaigns that quickly go viral. Likewise, rogue employees can hijack social media accounts and publish offensive or false information, causing reputational damage. Indeed, an insider or motivated social media manipulator can inflict damage on par with or exceeding a malware-based attack.
In the long run, it is easier to anticipate and prevent a cyber incident than clean one up. In this regard, the services of a managed security services provider (MSSP) are invaluable. MSSPs provide a range of security services to keep businesses online including denial-of-service protection, reputation monitoring, threat forecasting, and incident response. Equally important, entities must also stress test their plans, policies and staff through exercises and simulated crises. This added layer of preparation is critical to equipping and training staff across the retail lifecycle, from cashiers to C-suite executives, to respond effectively when a cyber attack occurs. Ultimately, while cyber attacks are only a matter of time, steps like these can ensure that retailers are prepared.
Artificial Intelligence (AI) is no longer a distant dream; it is fast becoming a reality in many parts of the world across different industries. Over the next 10 years, AI will transform the experience for the customer through even more customized offerings, and governments and institutions in the region will invest in robust frameworks to strengthen and encourage greater investments in AI. Read More