CIO ONE Feb 2020 by CIOONE

EDITORIAL

PUBLISHED BY Business Media International REGISTERED OFFICE: Office 10, Sharjah Media City www.bmimea.com EDITOR IN CHIEF Raman Narayan narayan@bmimea.com Mob: 971-55-7802403 SALES DIRECTOR Ankit Shukla ankit@bmimea.com Tel: 971-4-2618885, Mob: 971-552572807 ASSISTANT EDITOR C V Arya Devi arya@bmimea.com Tel: 971-4-2618885 Mob: 971 55 854 2917 CIRCULATION MANAGER Jinal Chheda jinal@bmimea.com Tel: 971-4-2618885

NAVIGATING THROUGH TRANSFORMATION Better customer engagement and satisfaction, better employee productivity are among the pivotal factors that drive the focus around new technology investments. And which is why, we have progressively moved away from legacy infrastructure and solutions whihc have limitations, towards cloud based services and solutions, that are easily implemented and are scalable with a company’s growing needs. In addition to the factors mentioned above, faster connectivity, again a prerequisite to better productivity or better services, as well as higher security measures, to name but just two, are key drivers of tech investments. At some point ahead on their transformation journey, companies would realize the objectives outlined above and be battle ready. Even then, it would be necessary to be on the lookout for new tools that can be an additional boost to the workflows and enhance the competitive advantage. The CIO obviously will be responsible for advocating the introduction of such newer tools. He will need to validate whether those new tools will necessarily be advantageous or would be superfluous. Technology for technology sake, would never be a good idea. And so the goal would be to have good technology deployed, which optimizes the company’s overall performance but never in excess. Armed with a sound strategy for digital transformation, he must be on top of the possible benefits of all IT tools likely to be introduced, as the organization looks up to him on the technology front. On another front, the health threat from a rising number of coronavirus infections in China and elsewhere is definitely ominous. While we hope for containment and normalcy sooner, the fact is there would be impact in varying degrees on Businesses globally. Technology has already empowered us with alternatives to some of the Business challenges in such a scenario such as perhaps more of Business meetings being done via live conferencing, thus reducing travels. There could be more likewise alternatives from Technology that keeps Business impact minimal.

SALES R. Subramanyan subu@bmimea.com Tel: 971-4-2618885

R. Narayan

DESIGN Ali Raza ali@smartsmb.net Tel: 971-4-2618885

Chairman S.N. Tiwari

CEO Saumyadeep Halder

Publisher Raman Narayan

Managing Director Ankit Shukla

Editor in Chief, CIO One

Management

sn.tiwari@bmimea.com

narayan@bmimea.com

saumyadeep@bmimea.com

ankit@bmimea.com

Disclaimer: While every effort has been made to validate the accuracy of all information included in the magazine, the publishers wouldn’t be liable for any errors therein Copyright@2019 Business Media International LLC. All rights reserved.

February 2020 CIO ONE - 03

CONTENTS

CONTENTS COVER STORY

INTERVIEWS

AI LEADS TRANSFORMATION

Delivering digital workflows

Building storage resilience

An accelerated integration of AI tools is steadily transforming workplaces, and driving efficiencies

Securing the cloud

16 Future proofing security with Intersec 2020

Insight partners to acquire Veeam

COLUMN Why organizations can no longer ignore Zero Trust and a least privilege approach to secure access to critical systems

How the edge is set to reshape the world of education

From Big Data management to cyber hunting security, what to expect in 2020

Data Protection Day 2020: de-risking in the era of transparency

FEATURE

News

CABLE TO THE FUTURE

New Tech

Marketscape

CASE STUDY

The railroad to transformation

Blooming well with Technology

22 04 - CIO ONE February 2020

NEWS

MCAFEE RELEASES ‘THE DATA DISPERSION CLOUD ADOPTION AND RISK REPORT’ McAfee’s latest report demonstrates that data is widely dispersed in the cloud beyond most enterprise control McAfee, the device-to-cloud cybersecurity company, released a new research study titled Enterprise Supernova: The Data Dispersion Cloud Adoption and Risk Report. The results describe the broad distribution of data across devices and the cloud, highlighting critical gaps for enterprise security. Seventy-nine percent of companies surveyed store sensitive data in the public cloud. While these companies approve an average of 41 cloud services each, up 33 percent from last year, thousands of other services are used ad-hoc without vetting. In addition, 52 percent of companies use cloud services that have had user data stolen in a breach. By leaving significant gaps into the visibility of their data, organizations leave themselves open to loss of sensitive data and to regulatory non-compliance. Cloud services have replaced many busi-

ness-critical applications formerly run as on-premises software, leading to a migration of sensitive data to the cloud. Use of personal devices when accessing cloud services, the movement of data between cloud services, and the sprawl of high-risk cloud services drive new areas of risk for companies using the cloud. For organizations to secure their data they need a thorough understanding of where their data is and how it is shared—especially with the rapid adoption of cloud services. As part of this report, McAfee surveyed 1,000 enterprise organizations in 11 countries and investigated anonymized events from 30 million enterprise cloud users to gain a holistic view of modern data dispersion. “The force of the cloud is unstoppable, and the dispersion of data creates new opportunities for both growth and risk,” said Rajiv

Rajiv Gupta

SVP Cloud Security BU, McAfee Gupta, senior vice president, Cloud Security, McAfee. “Security that is data-centric, creating a spectrum of controls from the device, through the web, into the cloud, and within the cloud provides the opportunity to break the paradigm of yesterday’s network-centric protection that is not sufficient for today’s cloud-first needs.”

SERVICENOW INTRODUCES NEW INDUSTRY SOLUTIONS STRATEGY The new industry solutions will deliver workflows that help companies in specific industries address their unique digital transformation challenges

Bill McDermott

President and CEO, ServiceNow ServiceNow initially will focus on developing industry solutions for banking and telecommunications and will work with strategic partners to support its industry solutions journey and integrate those solutions in the customer environment. “Every company around the world aspires to deliver great experiences that drive fierce customer loyalty and create powerful employee engagement,” said Bill McDermott, president and CEO, ServiceNow. “And companies across many industries are turning to ServiceNow to help them transform their business to unleash productivity and fuel innovation. By creating industry-specific solutions, delivered through a partner-led model, we can better address the unique challenges that companies in key vertical markets face as they look to digitally transform their businesses.”

06 - CIO ONE February 2020

ServiceNow’s new banking solution will simplify middle-to-back office operations to help banks move at the speed of digital business, delivering seamless customer experiences throughout the enterprise that drive customer loyalty. The company’s new telecommunications solution will align customer care and service assurance to transform how communication service providers deliver great customer experiences by proactively anticipating issues and addressing them quickly while maximizing availability and quality of service. ServiceNow also announced it is extending the scope of its partnerships with Deloitte and Accenture to address the unique challenges in the initial target industries. Deloitte will become the “Lead Launch” Partner for ServiceNow’s banking solution, working with ServiceNow to implement new workflows that will transform how banks operate. This builds on Deloitte’s existing role as Lead Launch Partner for ServiceNow’s Finance Close Automation product. “Our Financial Services clients are looking to leverage technology to rethink customer experiences, and banks in particular need to transform underlying operations to make that happen faster,” said Brian Johnston, Financial Services Industry Leader, and Principal,

Deloitte Consulting LLP. “As part of our strategic collaboration with ServiceNow, we are combining Deloitte’s industry know how with ServiceNow’s intelligent and intuitive cloud platform to deliver solutions that help our Financial Services clients move at the speed of digital business.” Accenture will become the “Lead Launch” ecosystem partner for ServiceNow on its new telecommunications solution, helping companies drive digital transformation through purpose-built workflows. Accenture will also help guide ServiceNow’s product roadmap and create telecommunications-specific digital workflow solutions that deliver great experiences to help support software defined networking, especially vital for new connected services enabled by 5G. “With 5G being one of the highest priorities and most significant investments for service providers, they are seeking a competitive advantage by establishing greater agility and scale in today’s cloud-first world,” said Peters Suh, North America Communications Industry Lead at Accenture. “Through our expanded ecosystem partnership with ServiceNow, we’re better positioned than ever to help companies elevate solutions and support the transitions of the telecommunications industry.”

NEWS

INFOR BROADENS RELATIONSHIP WITH ACCOR As part of the agreement, Infor will offer three new packages for different properties throughout the Accor portfolio Infor, a leader in business cloud software specialized by industry, announced that Accor, a leader in augmented hospitality, has extended its 13-year relationship with Infor by signing a global agreement to continue their collaboration with Infor EzRMS revenue management software. The application is currently used at more than 1,100 properties worldwide. Accor will be able to capitalise on the new functionality within the Infor EzRMS application such as mobile access, function space revenue management, extended stay optimization and a variety of pricing methodologies.

Wolfgang Emperger

VP, Infor Hospitality EMEAI & LATAM

As part of the agreement, Infor will offer three new packages for different properties throughout the Accor portfolio. This will enable Infor to continue to help support the global network dedicated revenue managers in Accor. This new agreement allows new brands in the

Accor portfolio to benefit from Infor EzRMS, including newly integrated brands. “Infor EzRMS plays an important role at Accor and is widely deployed because of its ease of use, the portfolio consolidation, and reporting capabilities. We need systems that can support our growth and quickly deliver the information we use to maximize profitability. We are happy to continue our long-term relationship” said Béla Nagy, senior vice-president, revenue strategy & performance, Accor. “This agreement incorporates the new needs of Accor properties across the world,” said Wolfgang Emperger, Vice President, Infor Hospitality EMEAI & LATAM. “This creates a real partnership expanding it to more international, luxury and leisure brands in the Accor group, strengthening our relationship, and ultimately driving growth by using worldclass revenue management strategies.”

MINDWARE UNVEILS EXPANSION PLANS FOR NEW CLOUD MARKETPLACE Mindware is in the process of adding several new products on the platform that can be bundled with the existing Microsoft solutions Mindware is adding a number of new products on the marketplace, giving partners an opportunity to co-sell these solutions with the existing Microsoft products, thereby enhancing their revenues. Mindware is currently seeing a lot of interest from the channel community in countries like UAE, Saudi Arabia, Kuwait and the Northern Gulf. It will also be launching the Marketplace in LEVANT where the company believes there is high potential with the growing interest in cloud services in these regions. Currently the product catalogue available on the Marketplace is heavily skewed in favour of Microsoft cloud related products and services. Realizing the need to diversify this portfolio in order to give partners the opportunity for increased revenue, Mindware is in the process of adding several new products on the platform that can be bundled with the existing Microsoft solutions. These new ‘cosell’ products are in the areas of virtualization, backup and disaster recovery, security and performance management. In the background,

Mindware is working closely with various vendors to get these ‘Cloud Solutions’ certified for interoperability. Vijay Kumar, CTO and cloud Director at Mindware said, “A lot of products that we intend to bring onto the cloud platform have already been available on-prem as a bundle with Microsoft solutions. Partners using our cloud platform will find tremendous value in co-sell products since they will be able to offer an end-to-end solution to their customers, rather than a stand-alone product. This in turn optimizes the revenue and profitability opportunities for partners. We also offer partners the option of using Mindware’s professional services in case they don’t have their own capabilities. This is a big value add for those partners that are just beginning their cloud journey.” Mindware is also looking to sign up Independent Software Vendors (ISVs) to list their products on the Marketplace. “A lot of regional ISVs are already selling

Vijay Kumar

CTO & Cloud Director, Mindware

products in Microsoft Azure Marketplace that they have developed on Microsoft solutions. The biggest advantage of listing on Mindware’s Cloud Marketplace is the fact that our platform is targeted to the local region. We have a large number of managed service providers in our base and thus provide a fantastic reach and access to market for ISVs.” In order to build awareness about the Marketplace, Mindware is hosting a series of roadshows across the region which will run up until the first quarter of this year.

February 2020 CIO ONE - 07

NEWS

PETROFAC SELECTS MICROSOFT IOT TOOLKIT FOR CONNECTED CONSTRUCTION PLATFORM Petrofac has chosen Azure’s Internet of Things for its Connected Construction platform designed to accelerate digital transformation at its project worksites power employees and optimize operations for assured and ultra-efficient service delivery has been accelerated by the power of the intelligent cloud and the intelligent edge.”

Microsoft announced that leading international energy service provider Petrofac has chosen Azure’s Internet of Things for its Connected Construction platform. “Microsoft’s mission is to empower every individual and organisation on the planet to achieve more,” said Sayed Hashish, General Manager, Microsoft UAE. “Petrofac serves some of the largest oil, gas and renewable energy companies in the world and is known as a leader in its segment. The company is well underway with its digital transformation journey. Its potential to engage customers, em-

In conjunction with Accenture Industry X.0, Petrofac developed Connected Construction on Azure and combined it with Azure IoT Edge analytics and PaaS cloud components to create a scalable ecosystem capable of accommodating many different types and sizes of project. “Petrofac designs, builds, operates and maintains energy facilities, supporting our customers to unlock more value across the life cycle of an asset,” said Fady Sleiman, Chief Digital Officer, Petrofac. “We’re future-proofing our business, combining technology with our engineering, construction and operations knowhow to find new solutions to today’s challenges. With Microsoft and Accenture, we’ve created Connected Construction which tracks people, equipment and materials on site, enabling real-time insights and decision making

which, in turn, improves performance.” Azure’s IoT platform allows innovators to build rich, visual Internet of Things applications that connect, manage, and monitor devices securely and at scale. With the options to run SaaS or PaaS deployment models, solutions builders can deliver real edge intelligence to field operatives that allows better, data-driven decisions through machine learning and advanced analytics. Azure IoT Edge moves cloud analytics and custom business logic to devices for organisations that prioritise business insights over data management, allowing them to scale out solutions by packaging heuristics into standard containers, deploying them to edge devices and monitoring everything from the cloud. Following a significant surge in the demand for its cloud services in the region, Microsoft earlier this year launched its secure, flexible and intelligent cloud to regional customers through two dedicated cloud data centres, one in Dubai and one in Abu Dhabi. These facilities will cater specifically to enterprises in the Middle East. Organizations in the region’s energy sector can make the most out of the Microsoft Cloud by availing themselves of enterprise-grade reliability and performance, combined with data residency and the broadest compliance.

R&M OPENS NEW REGIONAL HQ AND PRODUCTION FACILITY IN DUBAI The company also announced its expansion into a new supply chain facility, a move which strategically consolidates its production and warehousing hubs and the site of Expo 2020.

Nabil Khalil

EVP, R&M Middle East, Turkey and Africa Following strong regional performance in 2019 and in anticipation of continued business momentum in the Middle East – fueled by growing connectivity requirements, mega projects and events – R&M announced the inauguration of a new regional head-quarters in Dubai. The company also announced its expansion into a new supply chain facility, a move which strategically consolidates its production and warehousing hubs and positions them closer to key facilities including Al Maktoum International Airport, Jebel Ali Port

08 - CIO ONE February 2020

R&M has increased its employee strength by over 200% since it first entered the region in 1998. The company has also doubled the production hours at its existing solution assembly facility in the Dubai Airport Free Zone (DAFZA) which was established in 2012. “Our expansion comes in direct response to the overwhelming demand for world-class cabling solutions in the region. Structured cabling is essential to the ambitious fiber-to-thehome rollouts, 5G deployments or smart city and giga-projects currently underway across the Middle East and R&M proudly supports the entities driving these transformation initiatives,” explained Nabil Khalil, Executive Vice-President of R&M Middle East, Turkey and Africa. With closer proximity to Dubai’s key air and sea ports, the overall efficiency of R&M’s supply chain is set to be greatly improved by shortened customs clearance times, and a reduction in materials handling processes. The new production facility will make it possible for R&M to rapid deliver highly customized cabling solutions for regional markets. This

includes the customization of connector configurations, lengths and colors for the choices of various copper and fiber optic patch cord and pigtail assemblies, addressing the data center and FTTH markets. The production center also includes a Fiber Optic Management systems (FMS) assembly facility where R&M can assemble customized boxes such as its range of Venus and Polaris boxes, closures, ODF and 19” platforms. The new facility greatly enhances R&M's cable production capabilities. At full utilization, the facility's copper and fiber production lines will be capable of delivering up to 6,240 and 3,120 hours per month. “Our new sales office and production facility better position us to serve the entire GCC, Levant, Africa and Turkish markets,” Khalil continued. “The expansion into these new operations hubs is in line with our commitment to investing in the region, for the region. The increased capacity and speed of delivery afforded by these investments will directly and measurably benefit both our customers and partners.”

NEWS

SANS RELEASES THREAT HUNTING REPORT Report says threat hunting is still in its infancy with few dedicated teams in existence SANS Institute, the global leader in cyber security training and certifications, has released the SANS 2019 Threat Hunting Report, which shows that threat hunting is still in its infancy with few dedicated teams in existence and differing views on what constitutes threat hunting and how to hunt. “Many organisations use an alert-driven approach to threat hunting or use indicators of compromise [IoCs] to guide their hunts,” says Mathias Fuchs, a SANS instructor and co-author of the survey. “It seems that fewer organisations are using hypothesis-driven hunting—and that could leave them vulnerable to dangerous visibility gaps.” Most respondents report using a variety of reactive approaches to threat hunting, including alerts (40%) or IoCs via a SIEM or other alerting system to find adversary tools or artefacts (57%). Such approaches are excellent supplements, but should not take the place of using proactive hunting techniques. Surprisingly, only 35% of respondents create hypotheses to guide their hunting activities.

Organisations continue to require threat hunters to work in multiple roles. Hunters report having major responsibilities for managing SOC alerts (34%) or incident response and forensics of breaches (26%). Very few organisations have moved to a dedicated hunt team over the past three surveys, indicating that threat hunting—and threat hunting teams— are still in their infancy. “One reason we aren’t seeing more growth in dedicated threat hunting teams may be that organisations have difficulty measuring the benefits or organisational impact of threat hunting,” posits Josh Lemon, survey co-author and SANS instructor. “Being able to measure and show the performance abilities of a threat hunting team is critical to the life of a team and its engagement by the rest of the business; it's a metric that can make or break a team, its funding or its objectives.” While 24% of respondents were unable to determine whether they had measurable improvements as a result of threat hunting, 61% reported having at least an 11% improvement

Mathias Fuchs

a SANS instructor and co-author of the survey in their overall security posture. Organisations have seen a marked improvement in more robust detections and better coverage across the environment, with 36% claiming significant improvement and another 53% realising some improvement. Other key improvements are attack surface exposure/hardened networks and endpoints, with 35% seeing significant improvement and 58% seeing some improvement, and more accurate detections and fewer false positives, at 32% significant improvement and 51% some improvement.

HUOBI AND FÄM PROPERTIES PARTNER TO OFFER SECURE CRYPTOCURRENCY PAYMENT OPTIONS FOR REAL ESTATE BUYERS

Huobi OTC is licensed by DMCC, ensuring fäm’s customers a seamless transaction experience that is legal, fully compliant, safe and secure

Huobi, a leading digital assets exchange provider announced that it has partnered with fäm Properties to offer secure crypto payment options for its real estate investors, offering more payment flexibility with this new service. fäm Properties was recently honoured by the Dubai Land Department (DLD) following over AED 10 billion sales during last decade, this award winning agency is uniquely positioned to provide a distinctive proposition for its individuals and institutional clients to buy and sell property using cryptocurrencies such as Bitcoin (BTC), Ethereum (ETH), Ripple (XRP) and other top cryptocurrencies including stable coins. Huobi’s OTC desk has the ability to support top fiat currencies such as Dirhams (AED), US Dollars (USD), Euros (EUR) and Pounds (GBP) with more being added constantly. Huobi OTC is licensed by DMCC, ensuring fäm’s customers a seamless transaction experience that is legal, fully compliant, safe and secure along with the benefits of competitive pricing and instant transfers. Such crypto payment methods will help bring stability and improve liquidity in the market.

Feras Al Msaddi, CEO, fäm Properties said, “We have selectively partnered with Huobi - one of the largest and preferred digital assets exchange provider in the world. This partnership will provide our clients immense opportunity and the ease of investing in prime locations in the UAE. Cryptocurrencies are becoming an increasing popular payment method, across all world class cities, and this added choice will increase our property transactions and bring more value to the real estate market here. This cooperation between fäm Properties and Huobi will allow real estate investors to leverage on a well-established and a well-tested smooth framework that provide them with an absolute faultless experience.” “Cryptocurrencies are reshaping the payment options for the real estate industry. Huobi has the liquidity and the resources to be able to meet the customer’s demands and provide a seamless experience” said Mohit Davar, Co-Founder, Huobi OTC DMCC. “In this era of digital financial engagement, we are glad to have partnered with UAE’s leading real estate agency fäm Properties to meet their client’s aspirations.”

Mohit Davar

Co-Founder, Huobi OTC DMCC Huobi’s specialized team have vast financial and trading experience providing fäm clients with a personalised, private and totally secure experience. Clients are assured an outstanding personal-touch service at every step, from the initial expert consultation all the way to the final trade execution for the property, ensuring that all questions are answered throughout the process.

February 2020 CIO ONE - 09

NEWS

HELP AG LAUNCHES INCIDENT RESPONSE & FORENSICS SERVICE The service will empower security teams by shortening the time for identification, response and remediation In a move to further help Middle East enterprises enhance their resilience against advanced cyber threats, Help AG, the region’s leading cybersecurity solutions, services and consultancy provider, has launched a new Incident Response & Forensics Service. The service will empower security teams to drastically shorten the time taken for identification, response and remediation in case of incidents involving cyber-attacks, data leakage and service disruption. Additionally, the Help AG team will work to identify and provide measures to address the root cause of the incident, thereby helping prevent reoccurrence of the threat. In 2019, the UAE and Saudi Arabia together reported the world's second-highest cost impact from data breaches, with losses averaging a staggering US$6 million per incident according to research by the Ponemon Institute. The study also found that companies that effectively contain a cyber-attack within 30 days save on average over $1 million on the total cost of a data breach.

“Cyber-attacks are an inevitability and time is the most critical element in the subsequent incident response chain. However, Middle East businesses are facing an acute shortage of cybersecurity resources which greatly encumbers their ability to detect, contain and mitigate threats,” said Stephan Berner, CEO at Help AG. “Our new service offers enterprises a truly unique cybersecurity edge. With their ability to 'think like hackers' our team of qualified experts can rapidly identify and isolate threats, thereby enabling our clients to effectively contain the impact of an incident and maintain business continuity.” An addition to the company's Managed Security Services (MSS) portfolio, the new Incident Response & Forensics Service will be delivered by experts with over 10 years of experience in cybersecurity. When the need arises, Help AG will assign and dispatch an incident response expert, in the shortest possible time, to work with the customer to conduct analysis and evaluation of the security incident or suspected compromise, up to the

Stephan Berner CEO, Help AG

identification of root cause. The new service was unveiled at Help AG's flagship Security Spotlight Forum event in the UAE and several large enterprises from the regional banking, telecoms and government sectors have expressed interest in the new offering. “As the region’s trusted cybersecurity advisor, we have already successfully supported several incident response requests. With this now formalized into a comprehensive offering, our customers will have the ability to not only respond more rapidly to security incidents, but also strengthen their policies, procedures, and awareness in a bid to prevent the occurrence of these threats,”

SOPHOS LAUNCHES MANAGED THREAT RESPONSE SERVICE Sophos Managed Threat Response (MTR) by Sophos is a fully managed threat hunting, detection and response service Lemon Duck PowerShell malware. Attacks like these are difficult to detect since they involve an active adversary using legitimate tools for nefarious purposes, and Sophos MTR helps eliminate this threat.

Joe Levy

CTO, Sophos Sophos announced the availability of Sophos Managed Threat Response (MTR), a fully managed threat hunting, detection and response service. The re-sellable service provides organizations with a dedicated 24/7 security team to neutralize the most sophisticated and complex threats. These types of threats include active attackers leveraging fileless attacks and administrator tools such as PowerShell to escalate privileges, exfiltrate data and spread laterally, as explained in the SophosLabs Uncut article on

10 - CIO ONE February 2020

“Cybercriminals are adapting their methods and increasingly launching hybrid attacks that combine automation with interactive human ingenuity to more effectively evade detection. Once they gain a foothold, they’ll employ ‘living off the land’ techniques and other deceptive methods requiring human interaction to discover and disrupt their attacks,” said Joe Levy, chief technology officer at Sophos. “For the most part, other MDR services simply notify customers of potential threats and then leave it up to them to manage things from there. Sophos MTR not only augments internal teams with additional threat intelligence, unparalleled product expertise, and aroundthe-clock coverage, but also gives customers the option of having a highly trained team of response experts take targeted actions on their behalf to neutralize even the most sophisticated threats.”

Built on Intercept X Advanced with endpoint detection and response (EDR), Sophos MTR fuses machine learning with expert analysis for improved threat hunting and detection, deeper investigation of alerts, and targeted actions to eliminate threats. These innovative capabilities are based on Sophos’ acquisitions of Rook Security and DarkBytes technology. It includes expert-led threat hunting. Sophos MTR anticipates attacker behavior and identifies new indicators of attack and compromise. Sophos threat hunters proactively hunt for and validate potential threats and incidents, and investigate casual and adjacent events to discover new threats that previously couldn’t be detected. Sophos MTR uses investigation techniques to differentiate legitimate behavior from the tactics, techniques and procedures (TTPs) used by attackers. Coupled with enhanced telemetry from Sophos Central, which provides a detailed, full picture of adversary activities as part of the service, the scope and severity of threats can be determined for rapid response.

NEWS INSIGHT

FUTURE PROOFING SECURITY WITH INTERSEC 2020 Global security industry converged at Intersec 2020 with future proofing under the spotlight

Intersec 2020, the region's leading security, safety and fire protection trade show, held under the patronage of HH Sheikh Mansoor bin Mohammed bin Rashid Al Maktoum, wrapped up on 21st of January 2020. Bringing the latest products and services of the industry under one rooftop on the 22nd edition of the trade show, Intersec bough business, technology and innovation to come together. With a number of industry leaders giving live demonstrations of the latest solutions to enhance safety and security, technology was the spotlight of the show. The show welcomed over 1000 exhibitors and more than 33 thousand industry visitors. The event being supported by Dubai Police, Dubai Police, Academy, Dubai Civil Defence, the Security Industry Regulatory Agency (SIRA) and the Dubai Municipality, was the talk of the town. With exhibitors from 56 countries, Intersec was officially inaugurated by Major General Expert Rashid Thani Al Matrooshi, Director General of Dubai Civil Defence, Major General Abdullah Ali Al Ghaithi, Director of the General Department of Organisations Protective Security & Emergency at Dubai Police, and Major General Khalifa Ibrahim Al Sulais, CEO 12 - CIO ONE February 2020

of the Security Industry Regulatory Agency (SIRA). “As the region’s premier show for commercial security, fire protection and safety, Intersec plays a crucial role in shaping the future of these industries,” said HH Sheikh Mansoor. “Protecting our people and assets is a principal responsibility for the UAE and with the Expo 2020 fast-approaching, the implementation of new best practices and technology will solidify the UAE’s position as a leader in security.” Representatives from 35 governments, trade associations and non-profit institutions spanning the hydrocarbon, banking and finance, municipality, police, customs and healthcare sectors in the Middle East, Europe and the USA, were present at the conference. The conference mapped out the future security agenda. The key topics of discussion were digital security challenges, AI implementation, biometric innovations security loopholes in business ecosystems and the integration of digital and physical security to address critical threats. Various new technologies and innovations

were the key focus on Intersec. Suprema brought the latest version of its FaceStation solution, an access control terminal that leverages facial recognition for identifying verification and authentication, to the Intersec platform. The new FaceStation is expected to launch sometime in the second half of 2020. At the event, Lenovo DCG demonstrated the computing capabilities of the recently launched first purpose-built edge server, the ThinkSystem SE350. Lenovo DCG, in partnership with Pivot3, showcased software-defined hyperconverged infrastructure solution to handle modern video surveillance systems. Dr. Chris Cooper, General Manager for Lenovo DCG, Middle East, Turkey and Africa, said, “We are delighted to showcase our partnership with Pivot3 at one the world’s leading technology trade shows. The Middle East is exhibiting tremendous growth in terms of adopting smart solutions. The UAE in particular is investing heavily in implementing the latest innovations in their technological infrastructure; therefore, we see great potential from our partnership with Pivot3 as we work together to supply the appetite for next generation computing products and services.”

NEWS INSIGHT

INSIGHT PARTNERS TO ACQUIRE VEEAM In a transaction valued at approximately $5 billion, the acquisition accelerate expansion while continuing to cement Veeam’s position number of new innovations over the last year, including Veeam Backup for Amazon Web Services (AWS), Veeam Backup for Microsoft Office 365 v4, Veeam Universal License (VUL) and announcing Veeam Backup for Microsoft Azure – growing its share of the U.S. market, as well as cementing its position in the global market.

William H. Largent CEO, Veeam

Leading software investor Insight Partners has entered into a definitive agreement to acquire Veeam Software, Backup solutions company that deliver Cloud Data Management. Under the ownership of Insight Partners, Veeam will become a U.S. company, with a U.S.-based leadership team, while continuing its global expansion from offices in 30 countries and with customers in over 160 countries. The acquisition, which is expected to close during the first quarter of 2020, will enable Veeam to accelerate its Act II (Veeam’s evolution into Hybrid Cloud), expand into new markets and continue its growth trajectory. As part of the acquisition, William H. Largent has been promoted to Chief Executive Officer (CEO) - he previously held the role of Executive Vice President (EVP), Operations – and Danny Allan has been promoted to Chief Technology Officer (CTO). Following an investment from Insight Partners at the beginning of 2019, Veeam, with over $1 billion in annual sales and more than 365,000 customers worldwide, worked alongside Insight Partners’ business strategy and ScaleUp division, Insight Onsite, to expand its software-defined Veeam Cloud Data Management Platform. The company launched a

“Veeam has enjoyed rapid global growth over the last decade and we see tremendous opportunity for future growth, particularly in the U.S. market. With the acquisition, we are excited that our current U.S. workforce of more than 1,200 will be expanded and strengthened to acquire and support more customers,” said William H. Largent, CEO at Veeam. “Veeam has one of the highest caliber global workforces of any technology company, and we believe this acquisition will allow us to scale our team and technology at an unrivaled pace.” At the core of Veeam’s strategy is delivering simplicity, flexibility and reliability to its global customer base (which includes 81% of the Fortune 500). During the last decade, Veeam’s approach has seen it collect more than 170 industry awards, named as a leader in three consecutive backup and data recovery Magic Quadrants by Gartner, boast a consistent leadership position in the Forrester Wave and also named as one of Forbes’ Cloud 100 companies for four straight years. According to the latest IDC Software Tracker, Veeam is the #1 market-share leader in EMEA and the #4 worldwide, after DellEMC, Veritas and IBM. Today, Veeam is the clear market leader, delivering Backup solutions that enable Cloud Data Management, and has recently launched exciting new cloud-native solutions that will enable customers to manage, migrate, or-

chestrate and protect data across AWS and Microsoft Azure environments – core elements of its Act II. In the coming weeks, NEW Veeam Availability Suite v10 will be generally available, providing users with the most powerful software-defined data management solution in the industry. “In a world where a business’s most valuable asset, its data, is constantly on the move and being created at unprecedented rates, data management has never been more critical, and more complex. Legacy solutions cannot keep up. Veeam’s software provides holistic coverage for the modern business,” Veeam’s Danny Allan said. “While Veeam’s preeminence in the data management space, currently supporting 81% of the Fortune 500, is undeniable, this commitment from Insight Partners and deeper access to its unmatched business strategy and ScaleUp division, Insight Onsite, will bring Veeam’s solutions to more businesses across the globe.” “Veeam’s strong growth, coupled with high customer retention, unparalleled data management solutions and the opportunities to expand services into new markets, make Veeam one of the most exciting software companies in the world today,” Insight Partners Managing Director and Veeam Board member Mike Triplett said. “Veeam’s platform is the most advanced and complete data management solution available to businesses requiring a seamless blend of data backup and recovery, data protection, data security and data availability. We are committed to supporting Veeam’s next phase of leadership and growth in the United States, continued market-share leadership position in EMEA and continued global expansion.” The Board of Directors will be immediately supplemented with seasoned software, government and business leadership as co-investor Nick Ayers, of Ayers Neugebauer & Company, a member of the World Economic Forum’s Young Global Leaders and former Chief of Staff to the Vice President of the United States, joins Insight Partners Managing Director Mike Triplett and Veeam CEO, William H. Largent on the Board. Following the acquisition, Co-Founders Andrei Baronov and Ratmir Timashev will step down from the Board. Additionally, Insight Partners Managing Directors Ryan Hinkle and Ross Devor will each serve on the Board once the acquisition has been completed. February 2020 CIO ONE - 13

INTERVIEW

DELIVERING DIGITAL WORKFLOWS Mark Ackerman, regional director â&#x20AC;&#x201C; Middle East & Africa at ServiceNow discusses the focus of ServiceNow on enabling digital workflows for better user experiences and unlocking productivity

Please elaborate on the solutions you offer? ServiceNow offers a platform for the enterprise and our purpose is to make the world of work better. There are so many tools, platforms, systems at the workplace that it becomes a challenge to get the work done efficiently. There is so much friction in terms of different departments and different systems of records vs systems of engagement. ServiceNow is placed above all of these disparate layers as an augmentation layer to allow departmental workflows seamlessly across the organization. From an IT perspective, it is about how do we get better value out of the deployed IT. If you look at cross functional processes, for instance, on-boarding a new employee an HR process but if you look, there are all other processes that are likely to be impacted by that, such as security, facilities management, Finance etc and today there is no augmentation layer for that and which is what ServiceNow addresses. It is about consumerisation and about making the experience better.

Mark Ackerman

Regional Director, MEA - ServiceNow

How is the growth in the region? We have added customers rapidly in this region. Everyone of our customers spend 50% more in the second year and continue to grow their engagement with us. Customers when the come on board, they are liking what we offer and are expanding on how they use our tools.

Discuss the interoperability of the platform across different environments? Within organizations internally, there is a big focus around DevOps. The challenge organizations face when they go into the development mode is that there are typi14 - CIO ONE February 2020

cally over 20 or 30 tools that people are using within their organizations. The minute, it goes from development to operations, nobody is certain about the code that is being used, what was delivered and what wasnâ&#x20AC;&#x2122;t. ServiceNow sits within that from a governing point of view and to facilitates the interoperability. When a developer is making changes, the interoperability is facilitated in the background seamlessly. So the friction between development and operations is removed.

Elaborate on the cloud strategy? From a cloud perspective, we would be looking at offering a marketplace for many large organizations to present their solutions in a service portal and allow their B2B customers to request and allow the whole platform of ServiceNow to orchestrate the provisioning of the services whether on premise or on cloud. So we are seen as an orchestrator between all the

INTERVIEW proliferation of different cloud solutions and portals. We have a couple of large telco customers in Saudi using ServiceNow.

Discuss what customers can expect from ServiceNow? Customers understand that with the forms based workflow platform of ServiceNow and ability to have orchestration and integration capability in the background, they are able to automate so many digital processes. The big challenge for customers is how they can get control of all the technology they have and which is what we make possible. All what we offer today is from

a single platform, a single database and a single line of code. There is no other competitor out there who does we do from a single platform.

skill-up int terms of digitally transforming. The organizations that see technology as an enabler or differentiator are adopting the ServiceNow platform.

Are you focused more on larger sized enterprise customers?

How do you see the role of the CIO change?

Globally, we started out with the biggest customers because the larger the size, more the employees and complexities which need the solution. Today, 75% of the Global 2000 companies are using ServiceNow to digitally transform. That said, mid-market organizations also get value out of ServiceNow. It comes down to how the organization adopts and how they

We see two types of CIOs in the region. There those with a digital strategy and those who wish they had. Those CIOs who don’t have the rapport with the top management and don’t have an influence at the Board level would find their jobs under threat. There could be a CDO or a chief experience officer who could fill in. The CIOs without a digital strategy could be fast replaced.

DIGITAL TRENDS THAT WILL SHAPE THE FUTURE OF WORK IN 2020 (PREDICTIONS FROM SERVICENOW) Your next personal assistant may be a bot AI-powered chatbots will make it possible to give executives a virtual personal assistant, automating time-consuming chores such as booking business travel, scheduling meetings, and managing to-do lists. Companies that deploy chatbots to relieve people from these repetitive tasks will realize significant productivity gains.

Employees help themselves In 2020, AI will turbocharge employee self-service. Intelligent systems will make it easier for workers to find information, manage workflows, and take a more proactive approach to initiating and completing projects. For example, these systems use machine learning to streamline requests in approval processes: grouping requests, automating standard approvals, and flagging anomalies. Finally, an increasing number of self-service interactions will shift over to conversational/chat interfaces and mobile, as employees become even less dependent on traditional work settings. They will also occur on desktop, voice and other emerging interfaces.

Agile HR replaces old HR The concept of Agile HR will shift from an experimental practice to broad adop-

tion in 2020, driven by tech companies applying agile methodology throughout their organizations. It’s a major undertaking to transform a traditional HR model to an agile one, but significant payoffs hang in the balance: HR teams play a much more active role in designing and digitizing employee workflows, and in much tighter collaboration with workers themselves.

Traditional business silos start to disappear Over the next three to five years, enhancing the employee experience will become a major priority for enterprises seeking to recruit and retain top talent. Traditional silo-based HR, IT, and facilities departments will merge into what will become known as the Employee Experience Office. In the near future, managers will be hooked up to digital systems that record their engagement levels, management patterns, how often they have one-on-one meetings with employees, or travel to visit remote workers. As managers gain metrics that enable continuous improvement, organizations will reap the benefits of enhanced success in recruiting and higher retention levels.

Organizations balance humans and AI AI will have a profound impact on work. As AI applications and tools take on more rote tasks, organizations will need to invest in retooling processes, re-skilling employees and re-thinking job descriptions. Companies will debate how automated employee services should be as they manage the new generational divide—between employees who expect the human touch and employees who consider themselves digital natives. February 2020 CIO ONE - 15

COVER STORY

AI LEADS TRANSFORMATION An accelerated integration of AI tools is steadily transforming workplaces, and driving efficiencies An increase in implementations of AI and ML in the region is playing a steady hand in the way workplace is transforming. IDC expects AI spending in the region to increase at a compound annual growth rate of 19% by 2023 and a good part of that would be related to workplace digitization. The recent announcement of the establishment of ‘Mohammed Bin Zayed University of Artificial Intelligence’, the world’s first graduate level, research based university and likewise initiatives to accelerate adoption and skillsets around AI are indicative that the UAE will continue to be in the forefront of AI enabled transformation.

The workplace transformation AI and ML helps in guiding, organizing and automating work flow in the workplace. This in turn will increase productivity and efficiency. The MENA region has seen has witnessed an acceleration of AI and ML implementation in the region. “There definitely is an acceleration of AI Adoption in the region across various spaces. The initiatives from the government is only going to spearhead it further!” says Gigi Thomas, Group Head IT and Digital Transformation, Ittihad International Investments, Abu Dhabi. He further adds “We will see AI incorporated in very many of the services being provided around us, from government services, smarter roads and traffic systems, national security, education, health care, manufacturing etc. 16 - CIO ONE February 2020

Spending on AI in the UAE is expected to grow almost 43 percent year on year in 2019, as more and more businesses invest in AI enabled projects in the country.” The UAE with its emphasis on AI and other emerging technologies will not surprisingly be a significant beneficiary as well. The UAE is expected to benefit the most in the region from AI adoption. AI is expected to contribute up to 14% to the country’s gross domestic product UAE is expected to be followed by Saudi Arabia where AI is forecast to add 12.4% to its GDP. “Middle East is a diverse region with a dizzying array of cultures, traditions,

economies and technology needs. Recently, Microsoft conducted a joint study with EY to get an in depth understanding on the potential of AI in the region. We found that the region has seen over $9.07 billion of investment in AI from 2008-2018. 89% of companies are seeing optimizing of operations as one of the top benefits of AI. 60% are using partners or alliances to obtain the required capabilities to harness the power of AI, while 70% are using this intelligent technology to predict functions. We also found that 1 in 3 organizations are expecting AI to have a high impact on business areas that are entirely unknown today,” says Necip Ozyucel, Cloud and Enterprise group lead at Microsoft UAE.

COVER STORY

Challenges at the crossroads In future, diverse AI applications are expected to come in to the workplace. Advanced collaboration tools have already gone a long way in changing the workplace over recent times and now with more of AI enabled tools, the change will be dramatic in near future. From straightforward chatbot interfaces in customer service to other more advanced deployment in analytics, the scope is wide. According to Dr. Jassim Haji, President of AI society Bahrain, “I believe ML there is an increase in local development on ML innovations from basics such as ChatBots to more advanced activities in Deep Learning with NLP. On the other hand, public sector entities are currently focusing on handling of Big Data and how to use AI/ML to analyze and predict the Data.”

Gigi Thomas

Head IT and Digital Transformation, Ittihad International Investments, Abu Dhabi

For employers, they have the opportunity to transform the workplace for increased productivity with optimized manpower resources, eliminating possibilities of distraction. AI implementations will help optimize workloads for employees as AI and ML based algorithms will likely be implemented into the filtering system of the future workplace. Any employee can relate to the relief of having to receive less number of push notifications and emails which are irrelevant to their work. The smart and predictive filtering system will provide the employees with only the relevant details and mails necessary and not be overloaded with notifications. AI tools could come in wherever there have been deficiencies in enabling workplace efficiencies. For instance, trying to have the same discussion across several channels and teams is something that most of the employees have faced with. This in turn consumes most of an employee’s productivity time who ends up copy pasting the same email draft. Such challenges could be resolved with collaboration tools focused on contextual collaboration which are expected to come into being in the workplace, where context is placed at the core of the team communication.

Necip Ozyucel

Cloud and Enterprise group lead, Microsoft UAE

February 2020 CIO ONE - 17

COVER STORY identification of the right technology for these use cases,” adds Thomas. A major issue faced by the industries in the increased volume of data. Managing data and providing intelligent solutions using data sample can be achieved with AI development. According to Dr. Jassim, “Since Data is a core requirement of AI, it is important for this region and specifically for public sector entities to be able to produce more solutions using Arabic Big Data and to more efficiently utilize AI/ML in their implementations. Moreover, we need to focus in the region on local talents to develop AI innovative solutions and integrate it with our unique business requirements.” AI implementations should follow only after detailed analysis of the workplace requirements that can ensure investments are right and offer possible opportunities to maximize favorable outcomes as per expectations. They can also lean on industry examples before doing so. For example, a recent survey reveals that direct customer facing companies can increase their profitability by up to 69% by implementing AI chatbots into their customer care service.

Dr. Jassim Haji

President, Artificial Intelligence Society, Bahrain

Among other anticipated changes, prediction algorithm will be among the key benefits aiding the life of employees in the future workplace. Automation software and collaboration tools are expected to leverage this further with smart predictions. Roles involving repetitive tasks are expected to be taken over by ChatBots. These are AI assistants created for specialized roles. AI as a Service (AIaaS) is also likely to become more popular as a tool in the workplace fo the future. According to report, AIaaS will see application in various verticals including BFSI, retail, IT & telecom, healthcare, government and others. Of all, BFSI segment is likely to witness extensive adoption of AIaaS through 2024 as this vertical uses artificial intelligence for chatbots, fraud detection and customer recommendation. Moreover, need for integrating technology and improve operational efficiency is pushing the adoption of 18 - CIO ONE February 2020

AIaaS in BFSI. Implementation of AI in the workplace comes with a lot of challenges including possible resistance from the workforce and also challenges with integrating new tools with legacy IT infrastructure and processes. “For the very many benefits that AI offers there are some significant challenges and hurdles the businesses and organizations need to overcome to reap those benefits with some of them being business / Organization Culture and readiness to adopt AI strategies, difficulty to plug in AI projects with existing processes and systems, the lack or data or the quality of the data at hand, identification of the right resources with the right expertise. AI Implementation can be an expensive proposition. Resistance from people due to lack of understanding or fear of machine replacing man and right assessment of use cases and

Another concern is how the benefits are distributed within the workforce of an organizations. The benefits should accrue to all. “The challenges that emerge from AI adoption are numerous and often industry- or even organisation-specific. But one challenge Microsoft has long urged regional decision-makers to consider deeply is that of ethics. This is a multi-faceted challenge, but at its basic level it demands that private, public and non-profit enterprises work together to ensure that AI’s benefits are distributed equally, instead of accruing to a privileged elite,” adds Ozyucel. As companies adopt AI tools, every organization will also have a unique journey in ensuring the implementations are tuned to their specific requirements. Customization will play a key role in ensuring organizations realize full benefits of the implementation.

INTERVIEW

BUILDING STORAGE RESILIENCE Florian Malecki, Senior Director of International Product Marketing at StorageCraft Technology. discusses how scale out secondary storage options addresses the need of securely and reliably backing up and restoring vast amounts of data

Discuss the value propositions of secondary scale out storage? With scale out storage, a customer can get on the day of deployment, the storage he needs on that day. Traditionally, it has been about total storage capacity and making a guess if that is too much or less. Very often, especially in the mid-enterprise segment, users are having to rely on guess work. That makes it difficult as storage isn’t cheap and if some months down the line, the full storage capacity has been utilized, a forklift of storage needs to be done. In other words, new storage hardware needs to be added, which will need more investment. The benefits of scale out object based NAS solution is therefore that on the day of deployment, the customer can decide the capacity he needs and he can add more as his requirement increases. They can add SSD or HDD drives to increase. The end user can purchase their own disks. We give the chassis and the drives can be from different suppliers, offering different speeds, different firmware and even different capacities. However, we don’t offer hybrid storage and so within the same appliance, it has to be either SSD or HDD. The advantage of secondary storage is whatever storage needs you can’t predict, you can accommodate very quickly and cost effectively without the expensive forklift approach. Many of the customers in the mid-enterprise segment have such situations and could incur pretty hefty product costs with overall TCO going high with increased power consumption, more storage footprint etc. Adding additional storage drives later gives the advan-

tage of getting lower prices at that point in future, rather than paying upfront for all the capacity. The TCO is very cost effective with our secondary scale out OneXafe storage solutions.

Elaborate on the importance of data recovery in the contingency of any unfortunate cyber attacks and how your solutions help? The more data you have, the more vulnerable you are to cyber attacks. Obviously, all customers have cybersecurity layers deployed but there is always the possibility of a cyber attack. One of the benefits we offer through our NAS appliance is that we offer a snapshot every 90 seconds. The snapshots are immutable to ransomware- you cannot modify, delete or encrypt. We have had instances where customers were able to retrieve all of their datasets stripe on the OneXafe appliance after a ransomware attack. That resonates well with mid-enterprises that know that cyber attacks are possible in spite of all cybersecurity measures in place and what is important is that they have the way out to retrieve all data.

Florian Malecki

Senior Director of International Product Marketing, StorageCraft Technology

management, limited capacity, and forklift upgrades. OneXafe Solo 300 is a plugand-play appliance that streams data directly to StorageCraft Cloud Services for business continuity. OneXafe Solo 300 uses StorageCraft OneSystem for cloudbased management from anywhere, anytime through any web browser.

Elaborate on your appliances?

What are the cloud services you offer?

OneXafe appliance is offered in three versions - two are HDD based and one is all Flash.

We offer storage recovery as a service (DRaaS) that helps organizations to retrieve data, in case of a disaster and quickly recreate the network. Our appliances have been designed as a gateway to those services. We have our own data centers as well. We also offer cloud backup for your SaaS data.

The appliances leverage the advantages of scale-out distributed object storage to solve the pain points of exponential growth of unstructured data, complex

February 2020 CIO ONE - 19

CASE STUDY

THE RAILROAD TO TRANSFORMATION

Kuwait International Bank (KIB), an international Islamic bank founded in 1973 has steered away from the traditional Islamic banking methods to a fully digitalized banking method ensuring customers and employees with ease in banking operations. Kuwait International Bank (KIB) was one of the banks that operated according to the Islamic Shari’ah since the 1st of July 2007. A public quoted company, it was initially founded in 1973 and was originally known as the Kuwait Real Estate Bank. As an Islamic bank, KIB’s business covers all banking services including Acceptance of Deposits, Financing Transactions, Direct Investment, Murabaha (auto, real estate and commodities), Ijara Muntahia Bittamleek (Lease-to-own), Istisna’a, Tawarruq, Credit Cards, Wakala and other products. Corporate projects and finance, Treasury Services, Issuing Letters of Credit (L/Cs), Letter of Guarantee (L/Gs) and Real Estate Dealings and Management of Properties.

Transformation But with recent changes in technological development in the banking industry, KIB has transformed from the conventional Islamic banking method to fully digitalized Islamic banking. “KIB back in 2015 begun a new journey to define and implement its new strategic transformation: a comprehensive and long-term program which is aimed at transforming the way KIB engages with customers across every touch point, whether through e-communication or face-to-face. This new strategy focuses on offering a next-level customer experience that delivers much more than just ‘banking’ in the traditional sense – but rather establishes KIB as a partner in every aspect of its customers’ lives; a true ‘Bank for Life’.” as the slogan depicts,” says Basil Al-Suwaidan, Assistant General Manager - Head of Information Security, KIB. The bank expects this new strategy to entirely revolutize the customers’ experience 20 - CIO ONE February 2020

Basil Al-Suwaidan

Assistant General Manager - Head of Information Security, KIB

and the improve the services provided in the bank. They also expect it to reflect positively on the Bank’s overall financial performance and to attract a series of notable achievements and awards.

Limelight technology As part of improving the IT infrastructure in KIB, they recently introduced many banking solutions to ease the customers and the employees into the banking facilities. They consider their limelight technology to be the introduction of the business management system that utilizes state-ofthe-art robotics process automation (RPA)

mechanism. “This was seen as a broader digital process automation strategy that is aimed at optimizing and automating business processes efficiently and allow focusing human resources on the other crucial areas. Automation has helped KIB to reduce efforts and improve outcomes and aid in achieving customer-centric strategy where improving customer responsiveness and collaboration is key,” says Mr. Al-Suwaidan.

Major concerns With entire digital transformation, any well known Business or entiy would have

CASE STUDY to face two common questions: is there a change in the IT framework and has their been a major downsizing of human labour. Fortunately, KIB says that there has not been a change in their IT framework with the latest infrastructure changes as KIB operates on an agile framework and a robust top management vision. This they say enables the Bank to continually embark upon new technologies that will deliver cutting edge solutions. Al-Suwaidan adds, “KIB is proud that it has a strong people, process and technology framework that is able to stay well upto-date with emerging technologies.” Regarding downsizing of human labour in KIB, he said, “KIB’s digital strategy has enabled KIB to automate majority of its operational processes. This has enabled KIB to shift its human resources focus to prioritize on matters that enables to boost the business. Therefore, KIB has not downsized the human labour and instead re-allocated the human labour to attract more customers and achieve its business strategy.”

Security: On point Information security is paramount, ese-

pcailly in a critical sector like Banking. KIB has kept pace in ensuring the security of its customers data. “KIB has stringent security controls in place to ensure that backup copies of information, software and system images are taken and tested regularly in accordance with the best practices. Therefore, KIB has established a backup policy that has defined the organization’s requirements for backup of information, software and systems. The backup policy has defined a strict backup retention and protection requirements,” says Mr. Al-Suwaidan. As ISO 22301: Security and resilience standard compliant, KIB has invested heavily in creating state-of-the-art business continuity facility. This ensures all essential information and software to be recovered at the time of a disaster or a media failure. KIB also ensures the backup of data being done properly according to backup policy. “KIB’s cyber security was founded on a defense-in-depth model that is aimed to protect the organisation’s status and reputation. KIB is the only bank in Kuwait that had an elevating IT Security, a function within Risk Management, to Information Security, a unit that reports directly

to the Vice Chairman and Chief Executive Officer. This has empowered Information Security, thus working at maximum effectiveness. ISO 27001: Information Security Management System certification was then fully driven, which has enabled the bank to operate in accordance with international standards such as ISO 27001 and PCI DSS,” Al-Suwaidan. Al-Suwaidan further mentions that the best cyber security technology introduced in KIB was the endpoint detection and response capability. The bank had lacked a proper mechanism for detecting and handling malware on endpoints. An enterprise project was initiated to implement next-generation endpoint security to protect computers from anomalies. KIB has also established an award-winning Data Loss Prevention (DLP) System: the Bank was also awarded the Best Data Loss Prevention Award at the Gulf Information Security Expo and Conference (GISEC) in recognition of adopting an international standards solution. Executing the intent to go for complete digitalization with commitment, KIM has ensured ease for its customers and employees in operation.

February 2020 CIO ONE - 21

FEATURE

CA BLE T O T H E

FUTURE

With the market for structured cabling expected to go as high as $13.3 billion by 2020, the need for structured cabling in the cloud era is being driven by key factors

Undoubtably, Cloud services is witnessing an exponential growth, a trend expected to continue for foreseeable future, driving companies to adopt a cloud first strategy. A common misconception is that cabling infrastructure is not important anymore in an era where cloud services begin to dominate. Data is definitely stored in cloud, but with cloud implementation, cabling infrastructure is more important than ever. The structured cable market is expected to hit $13.3 billion by this year as demand for structured cabling systems continues in designing of wiring systems for voice, 22 - CIO ONE February 2020

data, & video communication. According to a report, it is the demand for high-speed connectivity devices & systems, trend of data center convergence, and huge expansion in communication infrastructure which is driving the growth in the structured cabling industry. The demand for higher-speed connectivity is making FTTx ( a collective term for different broadband architectures using optical fibres) a popular choice over Copper although the demand for Copper cabling continues to see stable growth. Fib Ac-

cording to a report from TechNavio, the emergence of high-speed FTTH network service will drive the demand for fiber optics and fiber optic cables, thereby driving growth in the structured cabling market. Further, an increased number of new data centers driven by edge computing needs will be a key driver of demand for structured cabling.

Why cable? The demand for robust cabling continue

FEATURE even into the era of cloud for high speed connectivity, security and simplified cable management. “Increasing focus on the optimization of IT infrastructure and growing demand for higher bandwidth applications are the primary factors driving the market growth. Besides, the emergence of internet of things (IoT) for automation, integrated building management system and the need for simplified cable management are propelling the demand for structured cabling across the world,” says Sakkeer Hussain, Director of Sales and Marketing, D-Link Middle East and Africa. Seamless computing for its users is the common goal across enterprises or mid-market. The ease of use for end users is the premier criteria looked upon by the businesses for cloud computing. This in turn requires state of the art data cabling infrastructure to support cloud networking. With better cabling infrastructure, comes ease in performance, growth, better handling of big data and the highlight point, security.

Sakkeer Hussain

Director of Sales and Marketing, D-Link MEA

“The sheer volume and bandwidth of data moving in and out of the network to cloud applications, as well as the increased vulnerability that is introduced when users are directly accessing cloud applications requires a forward-facing network approach. For faster uplink and downlink speeds to support cloud applications, complete overhaul is required for legacy cabling infrastructure. Digital transformation is driven by disruptive technologies in social, mobility, analytics, cloud and the accelerators including artificial intelligence, blockchain and IoT,” says Stanley M Chege, Group ICT Manager, Madison Group, Kenya. With more and more data being stored in systems, security is number one issue faced by many industries. With the right cable infrastructure, security is enhanced. In the last year alone, we have seen some major data breaches including that of powerful agencies. At least 7.9 billion records including credit card numbers, home addresses, phone number and other highly sensitive information were exposed through data breaches in 2019. Even NA-

Stanley M Chege

Group ICT Manager, Madison Group, Kenya

February 2020 CIO ONE - 23

FEATURE SA’s Mars Mission data was breached on June 24, 2019. To restrict access, a copper infrastructure is a cost effective suggestion made by many technology leaders. A copper based cabling infrastructure that will optimize the security plan can be created by selecting the right products and using them in a design in which security features are implemented. On the other hand, Fiber solutions, that are now preferred for higher connectivity speeds, offer several advantages over copper solution inspire of being more expensive. Fibre optic cables offer significantly greater bandwidth potential, speed and security versus their copper counterpart. The use of light within fibre optic cables offers several security benefits compared to a traditional copper cable, which is part of the reason why they are increasingly favored. For any networks looking for higher security, a fiber to desk infrastructure and fiber backbone is the best possible way to optimize the security plan.

Nabil Khalil

EVP of R&M Middle East, Turkey and Africa

In addition to security, opting for the right cable infrastructure enhances flexibility and provides higher transmission speeds. In addition, scalable alternatives are needed to allow tangible layers to be added in a phased approach for fast deployment if a business expects to grow and expand.

Market trends Interestingly, the cabling industry was not always seeing a rise, when cloud computing was emerging. There was a major decline in the demands for cable over the last decade. But the industry did turn around with the increase in telecoms and energy industry investments and the change in the outlook towards cabling infrastructure and its importance. “The Internet of Things, 5G and mobility have begun to cause an exponential growth of IP traffic while requiring ultra-low latency even in remote places. The hyperscale data centers that service providers and enterprises have been investing in today will not be able to fully cover the new network, computing and storage re24 - CIO ONE February 2020

quirements of the coming years. Organizations therefore need to extend computing power to the edge of their network to support their large, central data centers,” says Nabil Khalil, Executive Vice-President of R&M Middle East, Turkey and Africa. Deployment of edge data centers is manly attributed to the increasing use of cloud computing in the industry. Edge computing becomes essential even while the cloud can compile, analyze and store data that is not critically time-bound. This is in cases where there is zero tolerance for latency and a need for unconditional availability. “This latency, hyper-interactivity and decentralized intelligence will play a role in numerous other applications in the

digitalized world. These include industrial manufacture, industrial Ethernet and robotics, 5G and video communication, smart grids, the Internet of Things (IoT) as well as blockchain, AI and AR applications. Edge computing can support all these tasks by shortening the path between the acquisition, collection, analysis and feedback of intelligence to the networks,” Mr Khalil further added. The growth of data centers, essentially means that the cabling infrastructure needs to meet the demands of stiff deadlines for deployment. It needs to be easy to install and be easy to upgrade to meet growing requirements. Reduced complexity, enabling faster and easier rollout, maintenance and expansion would continue to be among key factors to consider with these deployments.

INTERVIEW

SECURIING THE CLOUD With a number of high-profile hacking cases in the market, the topical issue faced by business owners is the safety of data in cloud. Security is a high priority listing for all cloud services and Harish Chib, Vice President, Middle East and Africa, Sophos gives us an insight on Cloud security in the present market.

How secure are cloud services compared to on premise deployments? Does it still impact deployments of the kind of workloads on cloud? The fact is the data on cloud is equally at risk as the data on premise deployments. Just as you need to secure the data stored in your on-premises networks, so you need to secure your cloud environment. The secret to effective cybersecurity in the cloud, as it is for on-premise, is improving your overall security posture: ensuring your architecture is secure and configured correctly, that you have the necessary visibility into your architecture, and importantly, into who is accessing it. Security is handled a little differently in the cloud. Public cloud providers such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform run a shared responsibility model – meaning they ensure the security of the cloud, while you are responsible for anything you place in the cloud. Aspects such as physical protection at the datacenter, virtual separation of customer data and environments – that’s all taken care of by the public cloud providers. You might get some basic firewall type rules to govern access to your environment. But if you don’t configure them properly – for instance, if you leave ports open to the entire world – then that’s on you. So you’ve got to learn your security responsibilities

Are users doing enough to secure their cloud based deployments? The rapid growth of cloud usage has resulted in a fractured distribution of data, with workloads spread across disparate instances and, for some organizations, platforms. The average organization already runs applications in two public clouds.

Harish Chib

VP, MEA, Sophos This multi-cloud approach compounds the visibility challenge for IT teams who need to jump from platform to platform to get a complete picture of their cloud-based estates. Lack of visibility into cloud-based workloads leads to both security and compliance risks. Organizations need to apply on-premises security learnings to their cloud environment. On-premises security is the result of decades of experience and research. When it comes to securing your cloud based servers against infection and data loss, start by thinking about what you already do for your traditional infrastructure, and adapt it for the cloud.

In the unlikely event of data breaches, what are the remedial steps you recommend or help customers implement? Many recent incidents highlight the frequency with which cybercriminals are targeting cloud-based instances, using sophisticated, automated techniques. The challenge for security teams lies in identifying and securing potential vulnerabilities before the attackers, and identifying unusual (attacker) behavior in real time to stop an attack in its tracks.

If you can’t see it, you can’t secure it. That’s why one of the biggest barriers to getting your security posture right is getting accurate visibility of your infrastructure. Take advantage of tools that provide a real-time visualization of network topology and traffic flow, with a full inventory breakdown including hosts, networks, user accounts, storage services, containers, and serverless functions. For enhanced visibility, look for tools able to identify potential vulnerabilities within your architecture so you can prevent a potential breach point. One needs to automate security controls. The need for automated security is clear as cybercriminals increasingly take advantage of automation themselves in their attacks – for example, using stolen user credentials to automate provisioning of instances for activities such as cryptojacking, changing account settings, or revoking legitimate users to avoid detection. Indeed, the canvassing of cloud environments for vulnerabilities in passwords, security group settings, and code are now commonplace. The two main reasons why attacks on public cloud environments succeed are that the architecture configuration is not secure, and that threat response hasn’t kept pace with attackers. Automation of security controls is the key to addressing these issues. February 2020 CIO ONE - 25

CASE STUDY

BLOOMING WELL WITH TECHNOLOGY Flemingo International, one of the leading duty free retail chain based in Dubai has virtualized their datacenters. But that is not all, this achievement has a story in its back end. Flemingo International is a Dubai based global duty free and travel retail operator with a focus on emerging markets. Flemingo started its business almost two decades ago with its first outlet in Africa along with its distribution business in Dubai. After its initial venture, Flemingo expanded to Asia and Europe markets. Flemingo operates duty free retail outlets in different formats like duty free shops in airports, cruise ships, borders, downtown, seaports, UN commissary shops, diplomatic duty free in addition to inflight supply as well as convenience stores, food & beverage and luxury retail outlets globally. Flemingo international has its own datacentre at Dubai head office. It has a present capacity of more than 15 + servers with security enabled networking infrastructure. Flemingo had gone ahead in virutualising its datacentre infrastructure at Dubai which is mainly catering to their business-critical application and retails solution. Shailesh mani, GM – IT Flemingo International played a key role in the journey of virtualization of the datacenter.

Shailesh Mani

GM – IT, Flemingo

Not a late comer Virtualisation and digitalisation have been key trends for past few years. In fact, Flemingo initiated the idea to go in for virualization and started upgrading the datacentre over three years ago. Shailesh Mani says, “Flemingo also started its infrastructure upgrade during that period, but got stuck in the dilemma of whether to opt for cloud or go ahead with upgrading the internal datacenter. This thought 26 - CIO ONE February 2020

process brought various other aspects of the project into sharper focus and we had many discussions at various levels, finally deciding to evaluate thoroughly merits and de-merits of both technologies. We finally decided to go ahead to upgrade the existing datacenter with virtualisation.” Mani also says that they faced major technical issues while upgrading the datacen-

ter which dragged the project to a much higher duration than we expected. The company also took its time to evaluate between cloud and inhouse upgrading of datacenter and concluded it with virtualization of the datacenter. Mr Mani says that, while doing a comparision with cloud, he understood that both have their

CASE STUDY

own merits and demerits. “What struck me is the monthly recurring cost for the entire life of the cloud deployments an organisation signs up for. Secondly, your business critical data is with someone else who can discontinue the service with the click of a button. For us being a duty free company and working with various government authorities the data availability at any time is very much critical which may get disturbed due to various business scenarios especially in our case,” he added. The company came into terms that for a dynamic business like Flemingo's, there is need for a better inhouse data centre after a thorough evaluation process. According to Flemingo, this is one of the main reason for delay in initiating the project and subsequently they also had to face a major issue with a virtualisation solution from a tier 1 vendor in performance.

Trusted vendor issues The company first installed the datacenter virtualization with this well- known virtualization solution, which they do not wish to disclose. “The main issue which we faced with this virtualization solution is, if you allocate some virtual resources into that software, the system will not consider that resource. For example, if we allocate the higher 128 GB RAM in to a virtual system, the system always would consider only 64

bit. We tried to mitigate this issue with the vendor. Unfortunately no one was responding promptly and there were no solutions either,” Mani adds. He further syas that they also found that there was an issue with the latency time. The queries were not being managed and read properly by the database servers. This brought their business critical server into large issues. At that time, saving a ten line sales order took around 5 to 6 minutes. The company was un aware that the issues that they were facing was because of the platform which was being used. “We were blaming our hardware vendors and they tried to support in from Germany, checked it and gave us the report that the hardware is working. Then we thought the issue was with SAP and when we checked we found it was also working perfectly.”

Flemingo even tried increasing the hardware. The issue subsided when all the data were migrated to another platform.

Ransomware attack Mani also says that the decision for vitualisation of datacenter was taken because they narrowly escaped a ransomware attack out of pure luck. One fine morning, Mani found that the folders were being renamed and getting encrypted. He immediately advised his team to disconnect the network of the data centre and luckily all the data was recovered. With some good luck and hardwork, the datacenter virtualization process was completed in Flemingo International and has been smoothly operational for the past several months.

Flemingo also started its infrastructure upgrade during that period, but got stuck in the dilemma of whether to opt for cloud or go ahead with upgrading internal datacenter. This thought process brought various other aspects of the project into sharper focus and we had many discussions at various levels, finally deciding to evaluate thoroughly merits and de-merits of both technologies February 2020 CIO ONE - 27

COLUMN

WHY ORGANIZATIONS CAN NO LONGER IGNORE ZERO TRUST AND A LEAST PRIVILEGE APPROACH TO SECURE ACCESS TO CRITICAL SYSTEMS Weak passwords are a major source of breaches and by adopting a Zero Trust approach with least privileged access, organizations can increase their compliance levels, explains Kamel Heus, Regional Director, Northern, Southern Europe, Middle East and Africa from Centrify

The recent Gartner Security and Risk Management Summit held in Dubai, UAE revealed that the Middle East and North Africa region has the highest number of reported breaches in the world. In 2018, more than 36,000 incidents were reported from this region, the highest in the world. Along with this statistic, Gartner presentations revealed that the region also has the highest mean time to identify the breach. At 260 days, it is the highest in the world. What are the weaknesses in organizations that allow such a high number of incidents? Post incident analysis usually reveals that prevalence and usage of weak passwords amongst end users, and especially privileged end users like administrators, is the root cause for such breaches. Most incidents that happen are not necessarily of an advanced nature, and mostly stem when threat actors or hackers are able to crack weak passwords, and gain entry into an organization's network using compromised credentials of end users and administrators. Gaining entry into an organization's network through the credentials of an actual end user or privileged end user like an administrator, remains the easiest entry strategy for threat actors. Forrester Research points out that 80% of security breaches result from privileged access abuse. In the past, it used to be assumed that access granted through a login including a user name and password was sufficient to guarantee the authenticity of the user. With the increasing sophistication of threat actors to brute force passwords to gain access, especially weak and repeated passwords, this assumption is no longer valid, and has spawned the creation of the Zero Trust model. The Zero Trust model, first suggested by Forrester Research and National Institute of Standards and Technology in 2010, reinforces the modern belief that login identities can no longer be trusted, inside or 28 - CIO ONE February 2020

to the above, the organization is moving away from a perimeter-based approach to a Zero Trust approach. The Zero Trust approach boosts prevention, detection, response, and compliance towards standards such as HIPAA, FISMA, PCI, and others. Moreover, it can be extended to the cloud, mobility, Big Data lakes, DevOps, containers, microservices, and others. Organizations begin their Zero Trust journey with the following initiatives: #1 Vault all privileged credentials Access to the credentials of privileged users and privileged resources need to be secured and controlled, raising the level of security management control. Rigorous multi-factor authentication also needs to be enabled and added around privileged users and privileged resources.

Kamel Heus

Regional Director, Northern, Southern Europe, MEA, Centrify

outside the organization, especially with the expanding threat surface. The Zero Trust model today covers the following elements with the objective of not implicitly trusting any access for any user without verification. • Networks: Verify access to segment, isolate, and control the network. • Data: Control access to secure and manage data, develop classification schemes, encrypt data at rest and in transit. • Workloads: Verify and control access to the application stack. • Devices: Verify and control access of every device on the network. • Identities: Limit the access of users and secure users. By limiting and securing privileged access

#2 Consolidate identities and introduce least privilege All identities need to be consolidated to eliminate redundant ones at the same time limiting privileges to the minimum required to get the work done. Along with limiting privileges, workflows need to be limited in the similar manner to restrict lateral user movements. #3 Hardening the environment Once the above two initiatives have been implemented, the organization can move to the next level of compliance. This can include introduction of air gapping around hardware and resources, usage of hostbased intrusion detection systems, and development of advanced behavioral analytics. By going through these steps, organizations can ensure they are no longer vulnerable in the area of security breaches and password theft.

6-8 APRIL 2020 Dubai World Trade Centre

UNIFYING SECURITY FOR GLOBAL CITIZENS

FIRST TIME IN THE REGION KEYNOTE SPEAKERS

Bryan Seely The only hacker to wiretap the US Secret Service & FBI, what he's going to share will absolutely blow your mind

Hector Monsegur Anonymous' most notorious hacker and technical expert behind Anonymous/LulzSec collective

Enquire about exhibiting, speaking and visiting OFFICIALLY SUPPORTED BY

+971 4 308 6469

OFFICIAL DISTRIBUTION PARTNER

gisec@dwtc.com

STRATEGIC PARTNERS

www.gisec.ae

PLATINUM SPONSORS

ORGANISED BY

COLUMN

HOW THE EDGE IS SET TO RESHAPE THE WORLD OF EDUCATION Crafting tomorrow’s youth today, the education industry plays a key role in moulding. Gamal Emara, Country Manager at Aruba UAE, a Hewlett Packard Enterprise Company writes about how Edge technology is reshaping the industry of education. The education industry has undergone a technological revolution over the past decade, but there’s still one major shift on the horizon that brings together many of the technologies that have been pegged as revolutionary (augmented reality for example) – in fact it is essential for their success in the education sector. That technology is edge networking, and far from being a technical concept, it’s something that educational institutions and local governments rapidly need to understand and implement. The Edge offers the potential to enhance student performance, confidence, and mental wellbeing. We define the Edge as the new experiences being enabled by edge technologies for teachers, students, employees, and any users of network services. Edge technologies allow the processing of data by devices at the edge of networks, which is where users and devices are. It is where things connect to the network, whether they are wired or wireless. The edge is where actions take place. Over time, these actions at the edge will become smarter. The opportunity at the Edge is driven by many things, including smart applications powered by artificial intelligence (AI) and machine learning (ML), mobile devices, Internet of Things (IoT) technologies, data analysis, next-generation Wi-Fi, 5G communications, and “edge-to-cloud computing.” The new edge network combines AI, ML, and automation to continuously learn, predict, and adapt to changes, needs, and threats in real time. The new edge network utilizes technologies and software to make 30 - CIO ONE February 2020

Gamal Emara

Country Manager, Aruba UAE

COLUMN sense of the resulting insights, enabling businesses to act and respond, optimizing the experience for the customer or user wherever they are. Pushing intelligence out to the edge will drive change in the design of our products, services, processes, and organizations, and transform how decisions get made – giving greater autonomy to the devices at the edge. According to Gartner, edge computing will be a necessary requirement for all digital businesses by 2022. With potentially trillions of dollars being invested in the hope of generating huge economic returns, the argument for paying attention to the Edge opportunity is clear and the window for learning and action is narrowing.

Edge Technology – Transforming Education The Edge offers the potential to enhance student performance, confidence, and mental wellbeing. Andrew Barnes, Director of Technology at Bryanston School in the UK, outlines the following scenario: The technologies provide the foundation for a boundaryless environment, where students are supported by AI that monitors, manages, and facilitates their learn-

ing experience and supports collaboration between students, enabling access to key resources, in the classroom or lecture theatre, across the facility, and in their home. For example, in the classroom, AI would monitor indicators of students’ comprehension and comfort with the subject matter being taught. If a student is thought to be struggling, the system would provide additional explanation and guidance in the classroom, and then offer to replay video of critical parts of lessons and lectures during self-study outside the classroom. The system would also curate content from across the internet to help the student go deeper into a topic or find more understandable explanations and help bring complex concepts to life through simulations and AR/VR. Personalized learning plans could be created and continuously updated from the data accumulated about the individual and their preferred learning styles and mediums. Teachers would monitor this and refine it in conversation with students and their parents. The teacher’s experience can also be enhanced through smart classrooms that promote collaboration and adapt to each educator’s preferences. Exploring the longer-term potential for

radically new approaches to education, futurist Bronwyn Williams highlights the critical role of the Edge technologies in changing the way we can access information wherever we are by “connecting human brains to the cloud.” David Wood suggests the use of “mobile devices and headsets by which people can join into virtual classrooms at any time” could further enable the notion of a boundaryless future of education. A Markets and Markets study emphasises three major growth factors for IoT in education: increased use of connected devices in schools and universities, eLearning, and widespread cloud-based solutions. A range of new revenue opportunities is opening up that could make a major contribution to the finances of education institutions: capturing video of the best lectures and making them available for a micropayment to other institutions and individuals around the world; allowing external businesses and individuals to book classroom and laboratory space on demand to have their own meetings or work on developing their own ventures outside normal school hours; collaborating with other institutions to conduct expensive laboratory experiments – one partner could do the lab work while the others viewed or analyzed it and shared the costs.

February 2020 CIO ONE - 31

COLUMN

FROM BIG DATA MANAGEMENT TO CYBER HUNTING SECURITY, WHAT TO EXPECT IN 2020 Mena Migally, Senior Director, MENA at Riverbed discusses about the expectations to have in 2020 IT industry. While 2020 marks the start of a new decade, many of the technology trends that have dominated conversations through 2019 —big data, cyber hunting, IoT, 5G, and user experience — will continue to shape IT roadmaps as companies begin to take action and look for the impact of their strategic investments. At Riverbed Technology, we believe the dawn of the new year presents the ideal opportunity to take stock of the advancements made in the year gone by and explore how these will continue to evolve in 2020.

Digital Transformation Will Radically Shape Business Strategies and Outcomes While talk of digital transformation has been ongoing for several years now, organizations’ transformation efforts have seen mixed results. Even enterprises that started down the road in 2018 and 2019 have realized that an organization and its infrastructure cannot be completely transformed overnight and that it will instead be an ongoing exercise. The reality is that many organizations were not equipped for a true digital transformation or to embrace SD-WAN. This is set to change as we head into 2020. The digital transformation march will continue to move forward, along with the adoption of SD-WAN.

32 - CIO ONE February 2020

There’s an inherent risk for those businesses that buck the trend. The Amazonification of consumer expectations has reshaped enterprise go-to-market strategies in a huge way by going beyond just situating a solution in the cloud. The winners here will be those who can deliver the desired experiences and outcomes at the speed customers demand. Today, enterprise customers expect the incredible speed and convenience that’s traditionally been demanded by consumers. They have been shaped, as we all have, by getting what we’ve asked for at a blink-andyou’ll-miss-it level of service. Not everyone will be able to keep up so expect to see some players merge with others – or simply fall by the wayside.

IoT and 5G Will Push Applications to the Edge There no doubt that 2019 was the year of cloud in the Middle East. The market’s momentum is only set to increase and we can expect distributed cloud to become the new data center that truly empowers the edge. As more organizations start incorporating IoT technologies, their applications will need to run at the edge to ensure high performance and faster response. With IoT heading to the forefront – and soon to be enabled by the proliferation of 5G networks – organizations in 2020 are starting to think about how to address the new visibility challenges that will stem from the need of edge applications to communicate back to a centralized point.

Also, the security of that network traffic is going to be paramount. There is no getting away from security being at the top of the agenda for organizations' investments in 2020. It’s going to be imperative for organizations to be able to track which devices are communicating with other devices and determine whether they’re part of a distributed cloud or still being sent back to a consolidated location.

Threat Hunting Will Become a Mandatory Security Exercise Sticking with the theme of cybersecurity, we will see an increase in the number of “advanced persistent threats,” sophisticated, systematic cyber-attack programs that continue for an extended period of time,

COLUMN The potential risk of a breach involving sensitive client data is too substantial to a company’s bottom line, especially with the emergence of more consumer data protection laws, such as CCPA, coming down the line in 2020. To combat this, organizations will start reviewing collected data to determine what clearly enhances the business’s performance and delete the rest, as the risk is too high to continue to store customer data without a foreseeable purpose.

Why These Matter 2020 will see many game changing technologies reach maturity and no doubt, emerging technologies such as AI will take root as they begin to deliver tangible value for businesses. As the technologies we know and love continue to evolve, they will open up the possibility of new applications and use cases capable of enhancing the user experience for customers and employees.

Mena Migally Senior Director, MENA, Riverbed

Organizations in 2020 will begin adopting the often orchestrated by a group of skilled hackers. These are the hacks that do the most damage to organizations and if a company doesn’t have proactive threat detection measures in place, it could be unaware of the attack until after the damage is done. As networks for organizations have grown, they have become like the Roman empire – big, sprawling and hard to defend. Throwing up a “wall,” or firewall, to defend against attacks is less likely to be effective when the advanced persistent threats have multiple ways to attack the cracks in those walls. The best way to combat advanced persistent threats is to engage in “cyber hunting," the process of proactively and iteratively searching networks to detect

and isolate advanced threats that evade existing security solutions. As hackers become smarter and find new evasive ways to infiltrate a network, organizations in 2020 will begin adopting the proactive cyber hunting approach to complement traditional reactive threat management approaches of installing firewalls, intrusion detection systems and SIEM systems.

The Days of Data Hoarding are Over The proliferation of the cloud and its immense data storage capabilities are double-edged swords for organizations that have been “data hoarding.” As we move into 2020, many organizations will realize that while big data has tremendous value, some of that data may be a liability.

proactive cyber hunting approach to complement traditional reactive threat management approaches of installing firewalls, intrusion detection systems and SIEM systems February 2020 CIO ONE - 33

COLUMN

DATA PROTECTION DAY 2020: DE-RISKING IN THE ERA OF TRANSPARENCY Daniel Fried, General Manager and Senior VP, EMEA and Worlwide Channels of Veeam writes about Data Protection Day 2020 and the importance of De-Risking in the Era of Transparency. The issue of data protection and privacy was, until recently, a conversation confined to a specific group of people within an organisation. Unless you were an IT consultant or a corporate lawyer, privacy compliance was something somebody else took care of. So, how have we reached the point where many organizations are bound by law to employ a Data Protection Officer (DPO)? Why are CEOs now so interested in their company’s data protection and privacy policies? You could be easily fooled into thinking data privacy as a field has only existed since 2018, but nothing could be further from the truth. From an anthropological perspective, human beings have longed for privacy for over 3,000 years. The use of internal walls within buildings which started to become commonplace in 1500 AD proves this. The concept of the ‘right to privacy’ as we know it is indeed younger – eventually being formalised as an international human right in 1948. Sweden became the first country to enact a national data protection law in 1973. Even this, the first tangible effort to regulate data privacy, happened in response to public concern over the increasing use of computers to process and store personal information. While our understanding of the current data privacy conversation must operate within this context, there is no denying that 2018 was a watershed moment. The General Data Protection Regulation (GDPR) may be less than two years’ old, but its impact has been significant. As well as its very specific nature which makes the regulation enforceable, GDPR regulators have not been frightened to flex their muscles. To date, it has collected almost €429 34 - CIO ONE February 2020

Daniel Fried

GM & SVP, MEA and Worldwide Channels, Veeam

COLUMN million in fines – serving as a constant reminder to any business processing the data of European citizens that there are penalties for not adhering to data privacy requirements.

The privacy skills gap As well as providing a clearer framework for appropriate data handling practices, GDPR has made data protection and privacy more about people. Rather than talking in terms of technical standards and software requirements, it is based on fundamental citizens’ rights and how people within an organization can uphold them. One of the most specific lines of the GDPR is Article 37, which states that certain companies must appoint a Data Protection Officer to be compliant. More specifically, any public authority, a company whose core activities require largescale monitoring of individuals or consist of large-scale processing of criminal data. Wherever appointing a DPO is not required under GDPR, it is advised as best practice for companies who need to ensure they have the right data processes in place. Given that the latest Veeam Cloud Data Management report shows that organizations across multiple industries will spend an average of $41 million deploying technologies to boost business

intelligence, experienced DPOs have become hot property. In 2018, when GDPR was passed, as many as 75,000 vacancies for DPOs needed to be filled – with Europe and the USA accounting for around 28,000 of these roles. Especially during this period of transition, organizations across the board must foster a culture of transparency in terms of how data is used. Not every person in the business can be a data protection expert, but all employees must appreciate and understand the basic principles. Furthermore, while the ownership of GDPR compliance lies with the DPO, the buck ultimately stops with the CEO. Data protection is a business conversation as well as a technology one. With that said, businesses must have an IT strategy in place which enables solid data protection practices.

Minds over matter Veeam research shows that three-quarters of IT decision makers globally are looking to Cloud Data Management as a means of creating a more intelligent business. Cloud Data Management brings together disciplines such as backup, replication and disaster recovery across an organizations’ entire cloud and data management provision. It ensures that data is always available, recoverable and protected at all

times. But like data privacy, IT is a people industry too. In a world where businesses need to protect their data more than ever before, CEOs, CIOs and DPOs alike are looking for trusted partners to help derisk their data management. This support may take the form of configuring data management systems, providing technical training for administrators, or basic data privacy training for end-users. Data Protection Day is an appropriate time for us to reflect on how we use and view data. Moreover, as we begin a new decade, it’s an apt moment to acknowledge that we are still in the midst of transformation. The impact of GDPR will continue to be profound as businesses adapt to its demands and its enforcers become less patient with those who fail to comply. More fines and reputational damage will only add to the demand for DPOs – people with the expertise and appetite to take on the data privacy challenges of an organization. While investing in technologies like Cloud Data Management will be fundamental to the DPO’s strategy, privacy is now a people business. Therefore, the shrewdest investments will be in trusted partners who can guide people at every level of the organization through the rigours of remaining compliant and help create an authentic culture of data transparency.

February 2020 CIO ONE - 35

NEW TECH

LENOVO DEMONSTRATES NEW SURVEILLANCE SECURITY SOLUTIONS Lenovo demonstrated the capabilities of ThinkSystem SE350, powered by Pivot3 HCI software, at Intersec 2020 Lenovo Data Center Group (DCG) demonstrated the computing capabilities of the recently launched first purpose-built edge server, the ThinkSystem SE350 at Intersec 2020, security trade show hosted at the Dubai World Trade Centre. Designed to operate outside data centers and in locations close to where data is generated, the ThinkSystem SE350 which will be powered by Pivot3 HCI software will address issues surrounding security, latency, bandwidth and downtime with regards to smart city applications. In line with Lenovo’s strategy to empower and facilitate ‘Intelligent Transformation’, the participation reflects the company’s evolving partnership with Pivot3, a provider of intelligent infrastructure solutions, to develop, market and sell a new set of converged computing and storage solutions optimized for mission-critical smart city security applications. Video surveillance systems are evolving and are using artificial intelligence (AI) to inspect and analyse video footage, interpret patterns and flag unusual activity. Lenovo DCG and Pivot3 provide a state-ofthe-art upgraded infrastructure solutions that aim to enhance current technology required to support these systems rather than entrusting the preservation of crucial data to outdated NVR technology. Commenting on the partnership, Dr. Chris Cooper, General Manager for Lenovo DCG, Middle East, Turkey and Africa, said, “We are delighted to showcase our partnership with Pivot3 at one the world’s leading technology trade shows. The Middle East is exhibiting tremendous growth in terms of adopting smart solutions. The UAE in particular is investing heavily in implementing the latest innovations in their technological infrastructure; therefore, we see great potential from our part36 - CIO ONE February 2020

nership with Pivot3 as we work together to supply the appetite for next generation computing products and services.” Anand Chakravarthi, Area Vice President of Middle East, Africa and Asia Pacific at Pivot3, added, “We are grateful to extend our partnership with a renowned industry leader such as Lenovo DCG at Intersec 2020. Pivot3 aims to leave a positive mark with its customers who are utilising our intelligent HCI solutions. Our solutions are optimized for mission-critical safe city, IoT and edge computing environments, and Lenovo provides our customers with reliable solutions for their sophisticated video surveillance, security and IoT environments. We are certain that our partnership will enable us to grow and expand our solutions to different segments and markets around the region.” The new Lenovo DCG/Pivot3 solution is currently available and already installed in the Middle East and markets across the globe with leading retail, hospitality and regional governmental customers. Proof-

Dr. Chris Cooper GM, Lenovo DCG

of-concept testing is also available at Lenovo’s Innovation Centres, where customers can gain real-time insight into how the IoT solutions can respond to individual environments, workloads and data.

MARKET SPACE

50% OF ORGANISATIONS WILL SEE INCREASED COLLABORATION BETWEEN BUSINESS AND IT TEAMS BY 2022 Over the next two years, 50% of organisations will experience increased collaboration between their business and IT teams, according to Gartner Gartner predicts that the dispute between business and IT teams over the control of technology will lessen as both sides learn that joint participation is critical to the success of innovation in a digital workplace. “Business units and IT teams can no longer function in silos, as distant teams can cause chaos,” said Keith Mann, senior research director at Gartner. “Traditionally, each business unit has had its own technology personnel, which has made businesses reluctant to follow the directive of central IT teams. Increasingly, however, organisations now understand that a unified objective is essential to ensure the integrity and stability of core business. As a result, individuals stay aligned with a common goal, work more collaboratively and implement new technologies effectively across the business.”

Evolution of the Role of Application Leader The role of application leader has changed significantly with the replacement of manual tasks by cloud-based applications in digital workplaces. The application leader must ensure that this transition is supported by appropriate skills and talent. As more and more organisations opt for cloud-based applications, AI techniques such as machine learning, natural language processing (NLP), chatbots and virtual assistants are emerging as digital integrator technologies. “While the choice of integration technologies continues to expand, the ability to use designed applications and data structures in an integrated manner remains a complex and growing challenge for businesses. In such scenari38 - CIO ONE February 2020

os, application leaders need to deliver the role of integration specialists in order to ensure that projects are completed faster and at lower cost,” said Mr Mann. Application leaders will have to replace the command-and-control model with versatility, diversity and team engagement with key stakeholders. Application leaders must become more people-centric and provide critical support to digital transfor-

mation initiatives. Additionally, in a digital workplace, it is the application leader’s responsibility to serve as the organisational “nerve centre” by quickly sensing, responding to, and provisioning applications and infrastructures. “Application leaders will bring together business units and central IT teams to form the overall digital business team,” said Mr Mann.

10 - 11 MARCH 2020

Unifying Purpose for Global Impact

The worldâ&#x20AC;&#x2122;s most comprehensive AI event AI is becoming the new normal and if you ignore it will sadly be left behind. Discover ways to extract maximum value from AI at optimum scale at Ai Everything, one of the largest dedicated AI events in the world.

10K+ Visitors

130+

200+

Exhibitors

Hours of content

Speakers

200+

Government Leaders

Get your Free Ticket at AI-EVERYTHING.COM

Ai-Everything.com

#AiEverything

#AiEverything2020