Dmitry Volkov discusses Group-IB’s offerings, emerging cyber threats, and the importance of AI in cybersecurity with Sanjay Mohapatra, Editor, Enterprise IT World MEA.
Is this your first time attending GISEC?
No, we have been attending every year since 2020. This is a very important event for us as it brings together many companies and clients from the region, allowing us to share our knowledge and showcase our technology.
I’ve looked into your company’s profile, and Group-IB is quite high-profile, offering solutions in threat intelligence and working with government agencies. You are also providing XDR. Can you tell us more about your offerings and activities?
We have a solid product platform capable of detecting and preventing threats across various environments, including your network perimeter, cloud, and even beyond, including social media. Our research teams in the Middle East work on threat intelligence by collaborating with law enforcement agencies to understand local threats and transform that knowledge into better protective technologies.
As a leader in threat intelligence, what trends are you seeing regarding threats and cyberattacks?
Fraud is a major issue across all regions, including scam calls, phishing websites, and deep fakes, which are becoming increasingly hard to detect. Nation-state actors focus on telecoms and critical infrastructure, while ransomware groups remain active, with attacks being impactful, even if not frequent.
“Fraud is a major issue across all regions, including scam calls, phishing websites, and deep fakes, which are becoming increasingly hard to detect.” – Dmitry Volkov, CEO & Co-Founder, Group-IB
AI is playing a big role in both defense and attack. How does Group-IB address AI-driven threats?
AI is used for both generating phishing emails and deep fakes. While it is challenging for cybersecurity to detect these, we are developing solutions to identify and prevent such threats. AI can bypass security measures like two-factor authentication or critical operation confirmations, which is a significant challenge. Our solutions address these concerns by leveraging threat intelligence and behavior analysis.
Given the trends, do you believe customers should opt for both XDR and EDR? Which one is more suitable in the current threat landscape?
Each solution has its specific purpose. XDR is focused on network traffic analysis, while EDR focuses on endpoint response. Combining both, along with comprehensive threat intelligence, is essential for a more effective defense strategy.
Cyber resilience is a key concern for many businesses. How do you view the relationship between cyber defense and resilience?
Five years ago, everyone focused on the cloud as a solution for business continuity. Now, we see a shift toward relying on multi-cloud and on-premise solutions for better control over data. Cybersecurity must be built by design, and organizations need to prepare for incidents by involving senior management and training employees for effective crisis management.
Shadow IT is another challenge. How can companies better manage the risk it introduces?
The first step is identifying shadow IT. Organizations must implement policies to manage unauthorized applications and services, ensuring they are aware of all services being consumed internally and externally.
What emerging threats do you foresee in the next 6 to 12 months?
We anticipate an increase in attacks targeting financial institutions and critical infrastructure. We also expect more sophisticated cyberattacks on communication systems, like satellite infrastructures, as we saw in the past year.
What are your plans for Group-IB in the region for 2025?
We have a strong presence in Saudi Arabia, Egypt, and other major countries in the region. In 2025, we plan to expand our research capabilities and enhance our offerings in fraud prevention, network protection, and incident response. We are also focused on training local talent to build a robust cybersecurity ecosystem.
