Computer News Middle East February 2015 by Computernews Middle East

Introducing Managed Firewall that works for your business

T&C apply

Tackling today’s shifting threat landscape requires the ability to constantly manage, respond and react to maintain a secure perimeter. Etisalat’s Managed Firewall service gives you the flexibility to choose an ‘on premise’ or ‘in cloud’ solution, powered by Etisalat’s state of the art Security Operations Centres, ensuring 24/7 monitoring, maintenance and remote management coupled with the best of the breed technologies.

Business 800 5800 I Etisalat Your business grows with us managedsecurity@etisalat.ae

GROUP Chairman and founder Dominic De Sousa

EDITORIAL

GROUP CEO Nadeem Hood

A new value equation Talk to us:

If you haven’t put together an awards programme of such magnitude and scale as our CIO 100 Awards, let me tell you what really goes on behind the scenes. First off, bringing a globally well-known award programme that has been running for the last three decades to the Middle East was a daunting task. Ever since we started soliciting nominations last November through ads in CNME and electronic mailings to our subscribers, we received a phenomenal response. Entrants filled out an extensive application form, and the pool included almost all countries in the Middle East. The shortlisted entries were evaluated by CNME’s editorial team according to a pre-defined set of criteria, mainly innovation and business value. We spent countless hours poring through all nominations, examining how each entry stacked up. We then placed emphasis on submissions that told the best stories about We placed emphasis generating business value through technology. on submissions that Finally, we cherry-picked the most exciting told the best stories and innovative initiatives from the pack and about generating rewarded them with the CIO 100 honour. business value Our first crop of 100 CIOs bear testimony to through technology. the new ways IT is being used to meet business objectives in the region. Be it pioneering a new technology, or applying an existing one to a new purpose, these technology leaders have set the bar very high. These visionaries have helped propel their businesses to new heights and profitable futures despite shoe-string budgets and other economic challenges. You will be reading about the success stories of these tech wizards in the forthcoming issues of CNME. Stay tuned.

E-mail: jeevan.thankappan@ cpimediagroup.com

Jeevan Thankappan Group Editor

If you’d like to receive your own copy of CNME every month, log on and request a subscription: www.cnmeonline.com

GROUP COO Georgina O’Hara

Publishing Director Rajashree Rammohan raj.ram@cpimediagroup.com +971 4 440 9131 Editorial Group Editor Jeevan Thankappan jeevan.thankappan@cpimediagroup.com +971 4 440 9133 Editor Annie Bricker annie.bricker@cpimediagroup.com +971 4 440 9116 Online Editor James Dartnell james.dartnell@cpimediagroup.com +971 4 440 9140 ADVERTISING Senior Sales Manager Michal Zylinski michal.zylinski@cpimediagroup.com +971 4 440 9119 Circulation Circulation Manager Rajeesh M rajeesh.nair@cpimediagroup.com +971 4 440 9142 Production and Design Production Manager James P Tharian james.tharian@cpimediagroup.com +971 4 440 9136 Designer Analou Balbero analou.balbero@cpimediagroup.com +971 4 440 9132 DIGITAL SERVICES Digital Services Manager Tristan Troy P Maagma Web Developer Jefferson de Joya Photographer and Social Media Co-ordinator Jay Colina webmaster@cpimediagroup.com +971 4 440 9100

Published by

Registered at IMPZ PO Box 13700 Dubai, UAE Tel: +971 4 440 9100 Fax: +971 4 447 2409 Printed by Al Ghurair Printing & Publishing Regional partner of

© Copyright 2015 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.

Our events

EDITORIAL

Rewarding excellence Talk to us:

February has been a busy month here at CNME. For the first time in the region, we hosted the IDG-endorsed CIO 100 Awards. Sorting through the nominations of hundreds of applicants was exhausting, but also rewarding. The variety of projects taken on throughout the region is astounding, and while not everyone could be awarded a trophy, every single project contained an element that made it both innovative and unique. In addition to the Awards, our team has been tirelessly working to open a new division â&#x20AC;&#x201C; the CNME Research Hub. The Hub will leverage our access to the sharpest minds in the IT industry to shed light on market and industry trends in the region. Our first report, IT Security Spending Trends in the Middle East, polled 250 C-level IT executives to reveal security concerns and drivers of IT security spending. CNME Research Hub has been an extremely interesting new project, and we are proud to announce that the report is now available. We want to honour With the CIO 100 Awards under our belt, we IT professionals are already looking forward to CNMEâ&#x20AC;&#x2122;s Network who demonstrate World ME Awards. Entering its sixth year, innovative Network World ME Awards is a major event that leadership on recognises and celebrates networking excellence. all sides of the The awards are unique in that they are open to industry. both users and vendors alike. With these awards, we want to honour IT and business professionals who have demonstrated innovative leadership on all sides of the industry. The deadline for submission is February 26th, so don't miss out; make sure your work gets the recognition it deserves.

E-mail: annie.bricker@ cpimediagroup.com

Big Data

Symposium

Our online platforms

Our social media

facebook.com/computernewsme

Annie Bricker Deputy Editor twitter.com/computernewsme

linkedin.com/in/computernewsme

For deeper network security

look beyond the obvious.

Dellâ&#x201E;˘ SonicWALLâ&#x201E;˘ next-gen firewalls provide a deeper level of network security without slowing down performance. Not all next-generation firewalls are the same. To start, Dell SonicWALL next-generation firewalls scan every byte of every packet while maintaining the high performance and low latency that busy networks require. Additionally, Dell SonicWALL network security goes deeper than other firewalls by providing high-performance SSL decryption and inspection, an intrusion prevention system that features sophisticated anti-evasion technology, and network-based malware protection that leverages the power of the cloud. Now your organization can block sophisticated new threats that emerge on a daily basis. Go deeper at: www.sonicwall.com/deepernetsec

Contents

Our Strategic Partners Strategic ICT Partner

Strategic Technology Partner

Strategic Innovation Partner

ISSUE 277 | february 2015

CNME Research hub-it security

CIO 100 winners

port authority

16 CNME Research Hub CNME debuts its first research report. This quarter, we investigate the IT security spending habits of the region's IT decision makers - have a sneak peak.

60 Cyber subversives Debating political issues, promoting free speech and supporting human rights, the illegal cyber activities of hacktivists divide opinion.

18 Being anti-social Guest blogger Dave Reeder, Editor of Pro Chef Middle East magazine tells us what running a hospitality business means in the age of online reviews.

78 Back log Glen Ogden, Regional Sales Director, A10 Networks walks us through what he thinks will be the top security risks in the coming year.

26 Port authority Perhaps he never intended on becoming a CIO, but Yousif Almutawa, CIO, DP World has always taken chances. From boom to crash, this CIO is simply not afraid to take a chance.

33 High achievers The CIO 100 Awards celebrated IT leaders who have made the best use of technology. Check out the Middle East's best of the best.

Cyber subversives

www.cnmeonline.com

52 Dream of seamless clouds Employees demand mobile solutions, CIO is concerned with security. In a the new workplace, is a seamless solution possible?

NEW SECTIONS 13 CIO Soundbites Security threats - CIOs from around the region sound off 71 Vintage tech IBM System/360 mainframe - CNME takes a walk down memory lane 62 CXO Corner Mohammed Faisal, CFO, Al Mostajed - How do your decisons as CIO effect your other departments? Khoury lets us know.

february 2015

CYBERSECURITY

Trends and Tactics for

2015

Familiar Targets Hackers will continue to follow the money Hackers will continue to find success on mobile platforms

34% surge in online banking malware infections between Q1 2014 & Q3 2014

Cybercriminals will continue to pursue high-profile targets Spear phishing, social engineering and watering hole attacks will remain prefered strategies

8 million Exploits will threaten the Android ecosystem in 2015

SOURCE:

www.scalar.ca

Analytical answers Data will drive more information security decisions

2/3

40%

of CIOs are already employing Big Data analytics to improve their security stance

emerging vulnerabilities Consumer interest in mobile payments will attract significant cybercriminal interest

of enterprises will have a dedicated security data warehouse by the end of the decade

More hackers will turn their attention to open source applications

of the top 1 million websites were deemed vulnerable to the Heartbleed open souce exploit in 2014 More than

$400 Billion

worth of mobile payments will be processed globally in 2015

The Internet of Things will intoduce risk in entirely new places

25 billion devices will be connected to the Internet in 2015

Column

James Dartnell Online Editor, CNME

Bad quarter? Axe another.

BM is ready to cut a quarter of its workforce, according to a Forbes report released last month. Journalist Robert Cringely, who claims to have a number of influential sources within the company, says the company is preparing to axe 110,000 employees from its payroll. He also says the company is looking to merge its hardware, software and support arms, with staff reorganised based on their roles. If IBM progresses with the redundancies, they will be the largest corporate layoff in history. The company is no stranger to such a move â&#x20AC;&#x201C; it also holds the record for the second largest layoff, when it cut 60,000 staff in 1993. The firm has dismissed the reports, which come as it undergoes a desperate restructuring programme. It set aside

www.cnmeonline.com

over $600 million for redundancies off the back of its Q4 earnings, which reflected an 11th straight quarter of falling revenue. The move would seem drastic given that IBM has just released its updated z13 mainframe, the latest evolution of one of its oldest trademarks. Support will be needed to move customers across to the system, as it will for the companyâ&#x20AC;&#x2122;s shift in emphasis to providing more mobile and cloud services. Nonetheless, the cuts would run parallel to recent moves by IBM; in the last year Big Blue has sold its x86 server business to Lenovo for $2.1 billion, and transferred its semiconductor operations to Abu Dhabi firm GlobalFoundries in a $1.5 billion deal. Employee evaluations are supposedly

being manipulated in order to drive out those who are deemed surplus. Reports allege that even high-performers are being ostracised. The rumoured layoffs at IBM cut a stark contrast with consumer giant and enterprise mobility partner Apple, who achieved a record $18 billion profit for its first 2015 fiscal quarter ended December 27th, as well as selling 74.5 million smartphones in the period. Does the move represent a death knell for IBM? Most likely not. If the firm can generate solid sales from its new Mainframe offering, as well making a mark on the enterprise mobility market then that will comprise a positive move into pastures new. Still, CEO Ginni Rometty will have her work cut out in finding other fresh ways to arrest the companyâ&#x20AC;&#x2122;s decline.

february 2015

CIO Soundbites

What is the greatest security threat to your business?

Esam Hadi, Senior Manager, IT, Aluminium Bahrain The greatest threat to any business comes from within. It’s easy to put a security fence around the business - physical or virtual - to deny access to outsiders who are trying to hack in in order to cripple your business. However, it’s not as simple preventing internal users from doing something that may result in leaking confidential information. This includes clicking on malicious links, opening unknown attachments, sharing passwords, giving information to a social engineer attacker, disclosing company secrets to competitors, plugging unknown USB drives into their computers and attempting to bypass security controls. We raise security awareness through training, alerts and information updates to boost our overall security stance. Several effective IT controls are in place to protect systems and networks, but it is difficult to protect against users doing malicious things, whether intentional or not.

Ali Radhi, Head of IT, MBC Working in broadcast media, and specifically a news network, has a different scale of security threat from other industries. We need to be ready to respond to governments’ and electronic armies’ attack scale. The size, frequency, diversity and depth of attacks are exceptional and the perpetrators do not fear prosecution, hence security preparation and defence mechanisms must be of an even bigger scale. Security threats generally target a company's brand, service availability and credibility and are of no commercial benefits to attackers. Internal security is another dimension of threat where solutions can offer very little in terms of prevention.

Abdulsalam Al-Bastaki, Senior Executive Director, Information Management, Dubai Properties Group The question of IT security threats will not go away any time soon, but organisations will need to be more organised to secure the services and the usage of ICT infrastructures. It is obvious that the development of cloud computing is expected to increase; adopting new systems that support e-services with real-time data sharing in a quick and secure manner to reduce costs and improve workforce productivity is key. Yet, security issues over SaaS disaster recovery models of almost all cloud computing service providers is my biggest concern, which is also highlighted by almost all auditors in case of bankruptcy or liquidation. Social engineering and BYOD are also causing new security concerns for network and data confidentiality. 12

february 2015

www.cnmeonline.com

if You can dream it. We can Print it.

TASKalfa 5551ci SerieS

Finally an output solution to inspire creativity

The new KYOCERA TASKalfa 5551ci series impresses with innovative toner technology. Its professional colour management function ensures that all printed documents are accurate and consistent and have stunning vibrant colours. More colour management with ICC-colour profiles and higher productivity can be achieved with an optional EFI Fiery® controller. With high-speed operation, impressive media flexibility and versatile finishing options you can create perfect documents in any format. These TASKalfa are equipped with our renowned long life technology components offering unmatched reliability to save you time, money and energy – which you can use for your creative ideas instead.

For more information please contact: KYOCERA Document Solutions Middle East | P.O. Box 500817, Dubai, U.A.E | Tel: +9714 4330 412 | Fax: +9714 4231 944 KYOCerA Document Solutions europe B.V. – www.kyoceradocumentsolutions.eu KYOCerA Document Solutions inc. – www.kyoceradocumentsolutions.com

short takes

Month in view

Google moves to become mobile carrier Google has laid the groundwork for its own cellular service by buying capacity on the networks of Sprint and T-Mobile USA. The sprawling search company would sell the service directly to consumers, according to The Wall Street Journal, which cited unnamed sources. Google is heavily involved in mobile through its Android operating system, the world’s most widely used mobile OS, as well as through selling mobile advertising, and is pushing to make more radio spectrum available for wireless services. But the partnerships with Sprint and T-Mobile would bring the company into the cellular business itself, offering Google phone plans directly to consumers. The deals would make Google an MVNO (mobile virtual network operator), a carrier that doesn’t build or operate its own network but sells services that run on the partners’ infrastructure. Sprint is the third-largest U.S. mobile carrier and T-Mobile is the fourth largest. It’s not clear whether the company will launch a full-scale national effort or a more limited rollout. There are terms in Google’s contract with Sprint that would allow for renegotiation if Google draws a huge number of subscribers, the Journal said.

WHAT’S HOT?

Apple catches Samsung as smartphone leader

The iPhone 6 has sold so well that Apple tied with Samsung for the top position in the smartphone market in the fourth quarter, closing the gap with its South Korean competitor. Both Apple and Samsung shipped 74.5 million smartphones during the period, each claiming close to 20 percent share of the market. It’s a big change from a year ago, when Apple’s iPhone 5s only helped the company

IBM unleashes new Mainframe The z13 is IBM’s first new mainframe in almost three years, and it shows the company continuing to invest in a product that’s still relied upon heavily by banks, airlines and other major industries, while logging steadily lower sales each year. The z13 gets a new processor design, faster I/O and the ability to address up to

UAE climbs in ICT Development Index

The UAE has made significant progress in its global ranking in the ICT Development Index (IDI), jumping from a ranking of 46th to 32nd. The report states that the UAE is the highest ranking country in the world in terms of the proportion of the rural population covered by at least a 3G mobile network.

february 2015

gain a 17.6 percent share of the market, as opposed to Samsung’s near 30 percent share. The data emerged a few days after Apple reported huge profits of $18 billion made in last year’s fourth quarter, from record sales of its new smartphone. Trailing far behind the two players is third placed Lenovo, whose market share in the fourth quarter reached 6.5 percent. Huawei was in fourth place during the quarter, with a 6.3 percent share.

10TB of memory – three times as much as its predecessor. The z13 will allow companies to analyse every transaction they process in near realtime to detect instances of fraud in banking, health insurance and other industries, and can process 2.5 billion transactions per day, IBM claims.

Gartner predicts $3.8 trillion 2015 IT spend Worldwide IT spending is on pace to total $3.8 trillion in 2015, a 2.4 percent increase from 2014, according to the latest forecast by Gartner. The growth rate forecast has been revised from Gartner’s initial prediction of 3.9 percent.

www.cnmeonline.com

‘Contagious enthusiasm’ inspired Google RAK Hub Google and the UAE Teacher’s Association have launched a new Innovation Hub in Ras Al Khaimah. The lab will be overseen by Al Bayt Mitwahid, an association set up by employees of the Abu Dhabi Crown Prince Court, and managed day-to-day by EduTech, a provider of learning services and solutions. The community centre will combine

Hackers ‘stole Syrian opposition battle plans’ Syrian opposition leaders lost gigabytes of secret communications and battlefield plans to hackers who baited them into downloading malware during flirtatious Skype chats, according to a FireEye report. The firm found a server containing documents and files while researching PDF-based malware. The cache of documents included annotated satellite images, weapons records, Skype chats and personal information on those who have sought to topple President Bashar al-Assad in the four-year civil war. It was unclear if Assad’s regime was behind the campaign. The opposition members were contacted by the hackers through Skype. They used a social engineering technique, creating fake profiles of attractive women sympathetic to their cause who supposedly wanted to chat. They also asked what kind of device the victim was using in order to serve the appropriate malicious file.

Sam Blatteis, Head of Government Relations and Public Policy, Gulf Countries, Google, sought to explain the decision to open the Hub in Ras Al Khaimah, as opposed to the more urbanised Abu Dhabi and Dubai. “We decided to build the innovation Hub in RAK because we see a huge potential for people to learn; there’s a contagious enthusiasm for science and technology education here,” he said.

Samsung, BlackBerry deny buyout rumour Samsung Electronics and BlackBerry have both denied a report that they met to discuss a proposed $7.5 billion buyout by the South Korean powerhouse. The Reuters news service cited documents and an unnamed source. “Media reports of the acquisition are groundless,” wrote a Samsung spokeswoman. “BlackBerry has not engaged in discussions with Samsung with respect to any possible offer to purchase BlackBerry,” BlackBerry said in a statement. Though BlackBerry is far from the mobile player it once was, it still has respected security technology, patents, automotive and industrial software from its QNX division, and a loyal following among users in enterprises and some developing markets.

Network World ME nominations now open Nominations for CNME’s sixth annual Network World ME Awards are now open. The ceremony has established itself as the major event for celebrating networking excellence in the Middle East. Open to users and vendors alike, Network World ME Awards honours IT and business professionals who have demonstrated unique and forward-thinking leadership throughout the IT industry.

IBM Q4 earnings disappoint IBM’s revenue declined for the 11th straight quarter across all major segments – hardware, software and services. Profits were down as well, though they beat the forecast of financial analysts polled by Thomson Reuters.

www.cnmeonline.com

education and technology services, offering classes in robotics, 3D printing, aerospace, electronics, computer coding, programming and green energy. The Innovation Hub is equipped with physical and digital STEM resources such as simulations, programming software and design software. It will also be staffed by an instructor who will coach and train students and teachers.

Following the tremendous success of the previous five ceremonies, CNME is now looking for networking projects that have produced real-world results over the past year and the technology providers behind them. The 2015 Awards are open to companies anywhere in the Middle East. The ceremony will take place on Monday 23rd March at Jumeirah Beach Hotel’s Safinah Ballroom in Dubai.

Turkish government threatens renewed Twitter ban

WHAT’S NOT?

Turkey’s government threatened to block Twitter after the company failed to suspend the account of a newspaper who published details of a secret government investigation. The threat of a block came after a court ruled that media outlets couldn’t publish documents on a military police raid on the Turkish Intelligence Agency.

february 2015

CNME Research Hub

IT security spending CNME Research Hub debuts the first of many research projects with a report on IT security spending in the Middle East. Here is a sneak peek of the sixteen-page report.

he need for statistical data and analysis for the IT industry in the Middle East has been felt for years. The rapid pace at which the industry is growing and changing, coupled with the nature of business culture in the region, has made it difficult for researchers that are not in the field to garner true and meaningful insight into IT trends in the Middle East. CNME Research Hub methodologies combine both quantitative and qualitative data collected from IT industry leaders and decision-makers throughout the region. CNME Research Hub leverages 16

february 2015

its long-standing relationships and credibility in the region to cull genuine data and investigate trends in the Middle East. This data is then distilled into practical and actionable insights that provide a complete picture of the Middle East’s expanding and unique IT industry. This quarter, CNME Research Hub debuts its projects with a report on IT security spending trends and driving forces. While IT security spending trends in the Middle East are predicted to increase in the next year, it pays to bear in mind that spending predictions are often tied

to infrastructure acquirement. As hardware and infrastructure are procured, it follows that investment in relevant security solutions will follow. If IT department budgets are set to remain constant, it can be difficult to determine which demographic is likely to invest in security solutions, and what concerns will drive their potential spending. CNME Research Hub aims to provide insight on the following questions: • Which demographic is most likely to increase spending on IT security in the next year? • What are the main concerns of

www.cnmeonline.com

IT leaders that may lead to an increased investment in security solutions? • What are the main drivers of security spending?

CNME Research Hub polled 250 C-level IT decision makers across the Middle East. In an attempt to create a diverse but targeted dataset, researchers polled IT leaders in Bahrain, Egypt, Kuwait, Qatar, Saudi Arabia, Jordan, Lebanon and the UAE. With the knowledge that larger companies with corresponding robust budgets would create significant anomalies in the data collected, the team at CNME Research Hub was careful to include representation from small and medium sized businesses in addition to larger enterprises. As small to medium sized businesses tend to be the norm in the region, 83 percent of respondents represented businesses with 501-1000 employees. To achieve a complete picture, CNME Research Hub reached across industry sectors and included voices from education, hospitality, banking and finance and more. To maintain non-biased responses, participation was voluntary and no compensation was afforded. The purpose of the study is to drill down into the driving forces behind IT security spending in the Middle East and to highlight correlations between demographic markers and security spending habits. CNME Research Hub will also discuss in the report how IT spending decisions are currently made, and what services and knowledge IT decision makers find valuable when choosing security solutions and vendor partners. With a clearer understanding of current spending trends, this research will also uncover potential IT security spending in the region, and highlight points of perceived concerns among IT professionals in regard to current and future security threats. www.cnmeonline.com

The project revealed a number of findings, reflected in the full report:

• Organisations that spend more on security also spend more time investigating security breaches • The majority of IT leaders feel that a lack of awareness or poor governance within their organisations are top security risks. • The vast majority of IT departments are planning new security initiatives to deal with digital transformation including IT and OT technology • The desire to meet security compliance regulations is often the driving force in IT security investment. Current spending on IT security solutions still make up a small fraction of most companies’ overall IT budgets. More than 40 percent of IT leaders report that their department spends less than 1 percent of their total IT budget on security. This is particularly true for small to medium sized businesses who employ 5011000 employees. The majority, 52 percent, of small to medium sized businesses dedicate less than 1 percent of their IT budget to security. When addressing possible investment in new or updated technologies, IT decision makers value a number of criteria. Financial methodology is important while deciding whether or not a particular security solution is the appropriate fit for the company. A notable 71 percent of all IT leaders reported that “business value” was their top financial priority when determining which security solution to procure. This is in contrast to other possible responses, “return on investment” and “total cost of ownership” which took, collectively, only 13 percent of responses. An additional 16 percent of respondents put forth that “all of

the above” financial methodologies were important, an addition which goes to strengthen the perceived importance of “business value” to IT decision makers. The majority of respondents - 88 percent - indicated that their department did intend to plan new security initiatives in the next year, both in terms of IT security and operational technology. However, only 26 percent of participants indicated that they anticipated increasing their security spending budget over the next 12 months. This indicates a desire to increase security with a corresponding need to remain within current budget parameters. Though causation is difficult to pinpoint, correlations between spending habits and other demographic markers can be made clear. Which criteria come into play when making an IT investment, potential barriers and what concerns IT decision-makers have in regard to IT security will all effect potential spending. More in-depth conclusions and insights into IT security spending as well as detailed charts and graphs on our findings are available in the full, published report by CNME Research Hub. For more info, please contact Rajashree Rammohan at raj.ram@cpimediagroup.com. Visit: http://bit.ly/1zCW6P0

february 2015

BLOG

social Slander In a world always on social media, it’s easy to be convinced that online views are legitimate examples of citizen journalism, and that devious business practices, marketing snake oil and downright deception belong only to the physical world. Nothing could be further from the truth, argues food writer Dave Reeder, who warns against bogus, biased reviews. spend my life talking to chefs and hotel professionals and, almost to a man, they bemoan in private what they have to enthuse about in public - the rise of social media and its effect on their businesses. Whether it’s the constant flash recording plates for Instagram accounts or the less than intelligent ‘reviews’ on TripAdvisor, the so-called ‘wisdom of the masses’ is having an increasingly serious effect on the industry. The trade in Europe and the US is regularly filled with stories of underhand restaurant owners either writing fake, damaging reiews of rivals’ restaurants or falsely boosting reviews of their own. TripAdvisor, to its credit, does purge its pages of fake reviews but the sheer volume of less than reliable content is a major concern. Although my interest lies in the F&B sector, whatever your business, you should look at online reviews carefully. The most important lesson is the simplest: an overall rating is generally a better guide than individual reviews. Next, filter out reviews that may be fake because they’re so extreme - ‘Best hotel ever! 5 stars!’ - and also discount ones where a criticism is of something that has almost certainly been fixed. Fake reviewers also tend to overdo self-referencing, overusing the personal words such as ‘I’, ‘me’

february 2015

and ‘mine’. They’re put in to increase credibility but, in fact, have the opposite effect. Beware too of jargon that is very industry specific, because that suggests the piece has been written by someone in the business. So, for example, ‘spacious twin suites with amazing views’ is unlikely to be a comment you’d write, right? The more places a reviewer is active and the wider the spread of places reviewed, the more the reviewer can be trusted. Look at the balance of evidence and create your own circle of trust. One interesting experiment is to copy and paste parts of reviews you have doubts about and do a search. You would be surprised at the number of times the same review appears for different properties. But, you might say, this is all pretty harmless stuff, isn’t it? Actually it’s just the tip of how social media is being used and abused from legitimate businesses to criminal gangs. Let me introduce you to the future of social media bots. With a few keystrokes and $50 licence fee for six months, you can download Twitter Supremacy and use it to create an unlimited number of friends, whilst violating Twitter’s terms of service agreement. Great for the sad and lonely, right? But in a world where your value is measured in the volume of your social media followers,

you can see how this can quickly get unethical, with giant pyramid schemes created almost effortlessly. Similar software exists for Instagram, Tumblr, YouTube, Facebook and more. Now, no suggestion here of deception on her part but Kim Kardashian is clearly able to monetise her 25m+ Twitter followers through payments for endorsements and so on - say $50,000 for one Tweet. What if many of those followers are fake? Numerous press reports have found that celebrities and companies alike often buy fake followers. After all, the temptation is almost irresistible. Of course, social media players know this all too well: annually, Facebook finds 67 million to 137 million fake accounts, Twitter has admitted that 24 million of its accounts are bots and so on. What this means, ultimately, is that it’s hard to take social media advertising seriously. People are looking at the numbers without doing any analysis and refusing to consider that this may well be one giant bubble. About the Author Dave Reeder is the editor of The Pro Chef Middle East, a monthly magazine for fine dining chefs and F&B professionals in the UAE. He also edited CNME for many years. www.cnmeonline.com

EVENT

dell roundtable

Server shift With Microsoft due to end support for its Windows Server 2003 operating system in July 2015, time is running out to make the jump to other alternatives. In association with Dell, the vendor hosted a roundtable which drew a mix of esteemed CIOs to discuss the key issues of a migration. s is the case in life, with good technology, it can be hard to let go. Microsoft’s successful Windows Server 2003 will no longer be supported in six months’ time, and unless customers are willing to fork out for ‘Custom Support’ – an extension of the support deadline from Microsoft – then their systems will be left unsupported, and potentially vulnerable. With a vast number of applications still running on Windows Server 2003 today, the software ecosystem that runs on the

february 2015

server is likely to be dated and in need of an overhaul. Servers remain critical to a business because of the applications that run on them, which may have to be rewritten or replaced. This could be because the company that built them may be out of business or the in-house development team may have been disbanded. With a number of organisations in the Middle East facing a lack of resources and migration knowledge, as well as having a significant amount of legacy apps and software, there are

numerous concerns among CIOs about the process and end result of a switch. Shams Hasan, Enterprise Product Manager, Dell Middle East, framed the issue of migration as one that had to be resolved. “Doing nothing is not an option,” he said. “You need to consider your workloads and make the decision accordingly.” He then homed in on the main errors that can result from a poorly managed migration, “Mistakes made during a migration include insufficient planning and assessment, underestimating the user and organisational impact, inadequate data protection and failure to optimise the new environment,” he said. Ahmad Al Mulla, Senior Vice President, IT, Emirates Global Aluminium, said that although his team has made strong progress in a full migration, he still harbours many concerns around applications. “There is a big challenge in terms of upgrades,” he said. “Applications are not always supporting new versions. We have few on Windows Server 2003 but we are mostly on Windows Server 2008. Migration is not an easy www.cnmeonline.com

option sometimes, you might be able to migrate but then you might have problems on the application sides. If you don’t move, there are lot of challenges as well, such as security; response time is very important.” The roundtable drew a mix of IT leaders – some who had already completed the migration, and others who were looking to do so in the coming months. Abdulrahman Alonaizan, Arab National Bank, underlined the importance of optimising internal resources in smoothing his team’s path to a successful migration. “A key resource is in-house expertise,” he said. “We still needed vendors’ input, but we wanted to minimise our reliance on them. We wanted to enable our local, in-house talent to be able to do most of the work. That way we were not waiting for help. It’s important to be organised as well as IT-savvy.” Abdulsalam Rahma Al Bastaki, Senior Executive Director, Information Management, Dubai Properties Group, echoed the Al Mulla’s sentiments on the underlying difficulty of www.cnmeonline.com

modernising I am now “A key resource is in- which applications, “We leading. I can do house expertise. We many things on the started with Windows Server 2003 and new system and still need vendors' moved to the 2012 which would not input, but we want edition,” he said. “We have been possible to minimise our faced a number of on the legacy reliance on them. We technology; failure challenges from an applications point of to migrate doesn’t want to enable our view; in many cases local, in-house talent just bring security old applications do issues but also to do most of the not exist, we had to those of stability. work” find new versions.” If your business Aside from environment is the fear of failure, the migration not stable then it will be looked from Windows Server 2003 can at negatively in case you have also provide organisations with a downtime. For scalability, migration vital opportunity to evaluate and is also important.” revamp existing IT infrastructure. Hasan rounded off things Mubarik Hussain, Head of IT, by underlining the need for a Petroserv Limited, did exactly collaborative approach in managing that. “Our environment was not a a migration, “The Middle East has great design,” he said. “I used this evolved; requirements here are so opportunity to virtualise everything. much more bespoke,” he said. “There We put in best practices such as needs to be a co-creation. Internal security policies, consolidation of input is great but external input is also data, also the future of the company. needed. Collaboration is often what The new MD had decided on some solves challenges from a bespoke business transformation changes point of view.” february 2015

HP roundtable

untapped info In association with CNME, research firm Gartner and HP hosted a roundtable packed with IT decision-makers to discuss the prospects of Big Data solutions in the Middle East. xploiting the vast pools of data at their disposal remains a sizeable obstacle for many organisations across the Middle East. Spokesmen from the two firms joined forces to gain a unique insight into the thoughts of the region’s CIOs on the conundrum. Joao Tapadinhas, Research Director, Gartner, kicked off proceedings by attempting to dissect how organisations can make use of Big Data, “It’s important to combine volume, velocity and variety,” he said. “A lot of you have probably been using Big Data for a long time, but just don’t recognise it, and you probably have terabytes that could be monetised." Wissam Mattout, Head of IT, MEA, NEXtCARE, set the ball rolling for discussion amongst the room's technology decision makers. “Big Data isn't a brand new concept," he said. "I

www.cnmeonline.com

think that looking forward, it's very important that organisations really exploit the potential of it. In my view, the real value of Big Data is predictive analytics.” Esam Hadi, Senior Manager, IT, Aluminium Bahrain, agreed with Mattout's outlook. “There are many aspects of Big Data which need to be differentiated,” he said. “Business Intelligence is easily done. That is not the issue. Predictive analytics, however, is the hard part, and the thing that does stand to add value. The Middle East needs the proper platform here for predictive analytics.” John Horman, Director of Technology, EMEA, HP Autonomy, moved the discussion forward. “Processing human information is difficult because it is designed for humans - not computers - to process,” he said. “Take the word ‘mercury’. This could mean either a planet,

Event

poison or a type of car. Over 80 percent of the information we gain is based on context.” Ali Radhi, Head of IT, MBC, expressed his concerned regarding the linguistic aspects of certain Big Data tools, “These tools need to accommodate different languages,” he said. “Live feeds, phone, TV, social and YouTube all require different specs for Arabic.” Ahmed Ebrahim Al Ahmad, CIO, Nakheel, said, “In our world, we view data scientists as business analysts,” he said. “At Nakheel we have identified retail personnel who have IT backgrounds, but are fundamentally experts in retail. The development and enhancement of retail in particular has moved fast; it's important to consider that a business scientist or analyst may not be IT-oriented.” Deepu Thomas Philip, Head of IT, Kuwait International Bank, expressed concern that Big Data solutions were focused to each vertical, “Different verticals have different requirements,” he said. “We have vast amounts of information in the Middle East, but I do believe that we need specific solutions for each vertical - for example the finance industry has compliance issues. There is a shortage of people in the Big Data industry to help each segment.” february 2015

cognizant roundtable

Code Halos CNME and Cognizant hosted a roundtable discussion on cloud, mobility and other disruptive technologies in the industry. Transforming business models with digital technology was the topic of the day, as CIOs sat down to talk about the future of digitally-enabled business. ver 20 CIOs from around the region, as well as representatives from Cognizant’s global operations, came together to discuss business models in a digital age. Stephen Fernandes, Regional Assistant Vice President, Cognizant, opened the event with a presentation that shed light on the unique, digitally fuelled transition in business. “We are in the midst of a once-in-a-generation transformation,” said Fernandes, “The way that businesses interact and transact with customers, employees, partners and markets is changing. For those that embrace the fact that technology now drives business, it will create a huge opportunity.” Fernandes went on to highlight other significant transformations in the history of corporate IT and proposed that this, the fifth wave of corporate IT, has been brought on by the advent of disruptive technologies such as social, mobility, analytics and cloud. Manish Bahl, Senior Director - Center for the Future of Work,

february 2015

Cognizant Technology Solutions, then took the floor to discuss 'Code Halos', and the next age of business and technology. Bahl highlighted some innovative companies and projects that have leveraged disruptive technology to their benefit. He echoed Fernandes’ sentiments on the opportunities that SMAC technologies are already creating. “Businesses like Uber are successful because value flows from the invisible,” he said. In short, SMAC allows businesses to bring the consumer to the enterprise. Next, Cognizant welcomed John McVay, AVP Consulting, CBC, Cognizant Technology Solutions, who had come in from their US headquarters for the event. McVay showed how by taking advantage of ‘Code Halos’ – the data created by an individual’s interaction with SMAC technologies – enterprises can have a richer and more productive relationship with their customers. “Competitive advantage flows when companies capture moments of engagement, draw insight, enable intuitive experiences that delight users,

Event

and ultimately scale to drive value for organisations,” he explained. To provide a regional example, Ghazi Qarout, CIO, Qatar Islamic Bank, joined the discussion. Peter Steward, Director Middle East, CBC, Cognizant Technology Solutions moderated what became a lively and interactive group discussion on digital technologies. Qarout kicked off the discussion using his own experiences at Qatar Islamic Bank with the digital transformation. “We are interacting with our customers in ways that no one else in the region has managed,” said Qarout, “and we are doing that using digital technology." “We want to use data to personalise our products,” said Charles Awad, Director of Marketing Communications, Al Futtaim, “to do what we need to to analyse that data.” Attendees agreed with the need to not only leverage data created in these ‘Code Halos’ but to ensure that that data is relevant to their business goals. “Things are different now,” said Shyam Kesarwani, Manager of IT, RAKBANK, “our customers want to know about their accounts immediately, and we can provide them that service using mobility.” The crux of the discussion pointed to one recurrent theme – businesses are striving to leverage code halos not only for their own benefit, but to provide the best user experience possible for their customers. Cognizant closed with the sentiment that they would be there to help reach that goal in any way possible. www.cnmeonline.com

CIO

Spotlight

Port Authority Yousif Almutawa, CIO, DP World, has seen some ups and downs. From a start-up in California during the Internet boom and subsequent crash, to the surge in construction in Dubai in the mid-2000s, Almutawa has learned a few things about success and failure.

lmutawa did not intend on becoming a CIO, though from an early age he had an interest in technology. He spent his youth between Bahrain and the UAE and remembers fondly playing a bit of Pong on an early gaming machine. When he was 11, in 1983, he received his first major piece of technology, a Commodore 64 – the kind that still used tapes as storage. However, Almutawa's true involvement with technology came later, as a result of his endless drive

february 2015

to do what he does best – reach out to people. He showed an early interest in physics and maths, as well as space and sci-fi. “I remember reading about things like light speeds and Einstein’s theory of relativity, and thinking that they were science fiction,” he says. As he studied more, however, he realised that these things were actually possible and real, and his passion was ignited. “To me it wasn’t science fiction anymore, I knew that these things were true and I imagined myself in a world where I could use

technology like that.” Still, his interest in science trumped his interest in technology when it came time to choose his university degree. His father, a lawyer, supported his decision to go into medicine. He was accepted, on a scholarship, to an extremely competitive programme in a preparation course for the Royal College of Surgeons in Ireland directly after secondary school in 1990. “My English was weak,” he says in his now perfected accent, “and the programme was very competitive.” After a year and a half in Ireland, www.cnmeonline.com

he decided that medicine simply was not for him. He changed not only his course, but his country. “So that I could keep my scholarship, I changed from medicine to engineering, and moved from Ireland to the US,” Almutawa explains. “I loved Ireland, but to be honest, I was tired of the rain and the cold.” His first stop off in the United States was Richmond, Virginia, in February of 1992. After six months of acclimatising to the culture and working on his language skills, he left the east coast for sunny California. Almost as if fated, he met three Arab students living in Virginia who had also studied in Ireland. In the Spring of 1992, he and his friends enrolled in California State University in Chico, California. There, he began a course in Electrical and Electronic Engineering. “The work was very challenging,” says Almutawa. “I remember studying very hard during that time. While all the business and marketing guys were out partying, we from the Engineering college were in the library.” In that library in 1993, Almutawa discovered a resource that would change the course of his career. “It was there that I began using the Internet for research. I was using LexisNexis when I realised that I could use the Internet to reach out to other people.” At the time, the Internet did not have a friendly user interface, but attracted to the idea of connecting with information from around the world, Almutawa set to learning a few commands. “I could read news directly from the source, with no filter,” he says of the early days of the Internet, “I could also talk to my family using IRC chat rooms, as well as meet people from around the world.” Admittedly, www.cnmeonline.com

Almutawa says, he became addicted to social interactions on the web before social media even had a presence. “To be fair, though, it stopped there,” he says. “I don’t even have a Facebook account these days.” Then in 1994, Almutawa transferred just down the road to the University of California campus in Sacramento, California to continue his studies in engineering. “I wanted to focus on power generation, so when I completed, I also earned a certificate in that field,” he says of his transfer. Upon graduation in 1996, he had every intention of returning to the UAE. However, during his last year of study, he had met a group of seven students that had an idea. The idea was to start an Internet Service Provider. “These guys were providing Internet over 14.4k dial-ups to consumers in Sacramento as well as connectivity projects for companies,” he says. Almutawa, however, was to face a big learning curve. He hadn’t studied these things, and so at the company, InterX, he had to learn on the go. He began in a technical support position, but with only seven people on staff, he was actually doing a number of things. “I was picking up phones for technical support, performing system administration duties, and even mopping floors,” he says. It was the days of the Internet revolution, and the group truly felt that they were changing the world. As with many start-ups of the time, employees were paid in shares. The start-up did well, taking on system integration projects, building e-commerce shops and even creating Internet banking software. By 1999, they had grown into a team of 17. Unfortunately, just as the company was going to go public in 2000,

1983 received his first Commodore 64 computer

1990 attended medical school in Ireland

1992 enrolled in CSU for Engineering

1996 joined start-up InterX

2001 returned to UAE

2003 joined Dubai Internet City

2008 joined DP World

february 2015

CIO

Spotlight

the Internet bubble burst. Though the company disbanded and its employees scattered, Almutawa left with a wealth of lessons. “I learned what it meant to be in a start-up environment,” he says, “and I learned what it takes to make a business run.” With these lessons learned, he moved on to another California-based company, Synergex. He was hired as an e-business consultant. His role was to perform system integration for companies with legacy systems that needed to get on board with the Internet and with mobile applications. Through his interactions with Synergex clients, he learned about other industries and how they do business. Finally, in August 2001, he made his return to the UAE and was quickly hired at a branch of the Dubai government that had only just opened – Dubai eGovernment. Though Dubai eGovernment was a government agency, to Almutawa, the environment was akin to the start-ups that he was used to. As the Manager of Technology and Information, he established the IT infrastructure and systems integration architecture models for a number of government departments. In 2003, Almutawa moved on to Dubai Internet City telecoms department as a Program Manager. “Dubai Internet City had promised to provide certain services,” he says of his projects. “We had to meet with developers to ensure that things like connectivity could be rolled out.” Dubai was booming with construction at the time, and Almutawa had to manage the teams that were in charge of making sure that the brief could be met. “It was almost like I was in a start-up again,” he says, “I felt like I was part of the team that was building Dubai.” These days, when he walks 28

february 2015

past landmarks like the Burj Khalifa, he themselves. You have a lot of business knows that he was part of making the people becoming IT savvy.” dream of Dubai come true. “I feel lucky In 2012 he returned to DP that I was a part of the Internet boom, World and brought with him his and then also part of the Dubai boom spirit of innovation. In addition as well,” he says. to running the technology At the end of 2005, a new infrastructure of DP World, he company was formed. du was to has brought his start-up savvy become one of the main telecom to secondary projects. As the providers in the UAE. The telecom Accelerator Program Director for department was acquired by du at DP World-funded seed accelerator that time. Almutawa continued with TURN8, Almutawa has put himself du implementing fixed line projects. back in the start-up game. “TURN8 By 2008, du and his department were is designed to encourage innovative stable, and it was time for Almutawa entrepreneurship worldwide,” he to take on a new challenge. explains. “We look for people with That new new ideas that challenge came can be refined We look for people in the form and brought with new ideas of DP World. to market. The When he began program then that can be refined at the ports selects startand brought to the management up teams with company, there market. The program marketable was no CIO. ideas and then selects startThere had not supports them up teams with been a CIO for with funding, two years, and marketable ideas and mentoring and Almutawa took training.” supports them with on the role. The idea is “They hired me to give young funding, mentoring because I could innovators a and training. think outside the chance to make box,” he says, “I their business wasn’t from the port industry, and work. “We provide a great space,” they wanted fresh eyes.” says Almutawa, “where our teams can From 2009 to 2012, Almutawa was simply work, and dedicate their time to secounded by Dubai World Holding their ideas.” In short, he says, TURN8 is Company. “After the crisis, there was like a boot camp for start-ups. a lot of restructuring going on,” he Almutawa seems to be a master of recalls, “and I needed to change the turning crashes into booms and failures shared services department from into successes. He continually reaches a cost centre to a profit centre.” As out to people to encourage them to such, he changed the culture of the fulfil their potential. Perhaps it was company, shifting the way that they the Internet crash, or perhaps it began were thinking about IT. “The role earlier on in his history, but Almutawa of IT has completely changed,” he is a CIO that can turn any situation on says, “people can do basic tasks for its head and make it positive. www.cnmeonline.com

HP Software CIO Speaker series Esam Hadi, Manager of Information Technology at Aluminium Bahrain BSC (Alba)

One of the things in manufacturing is that automated systems tend to be isolated and run and managed only by engineers. But today everything is connected. Therefore IT was brought into the picture to set best practices for automation usage. Today both IT and OT is managed under a single umbrella. Today, the Alba way with vendors is not by buying. Itâ&#x20AC;&#x2122;s about partnership with a technology vendor who believes in your dream. HP has been able to be that partner by offering us open contact with the entire chain.

Read more at www.hpsoftwaredelightme.com

CASE STUDY

NEXtCARE

Taking cover Third-party administrator NEXtCARE takes the confusion out of healthcare insurance.

t is no secret that the healthcare industry is becoming more complex. Understanding company health benefits, or even choosing a primary care provider can seem like a daunting task for any individual. If the unthinkable does happen, and an injury or illness occurs, sorting through paperwork to determine what is covered and what is not can add additional stress to any situation. NEXtCARE, a third-party administrator for the insurance industry in the GCC and MENA region, works closely with insurance companies to take the guesswork out of healthcare coverage. What sets NEXtCARE apart, says Wissam Mattout, Head of IT, MEA region, NEXtCARE, is the company’s dedication to leveraging technology to streamline every individual’s healthcare experience. Third-party administrators process insurance claims for individuals by partnering with health insurance companies. In addition, they may manage the claims processing, provider networks, utilisation review, or membership functions of a number of insurance companies. In short, individuals that use third-party administrators like NEXtCARE can forgo much of the complications that those that who do not use them may experience. Established in 1999, NEXtCARE specialises in providing complete 30

february 2015

health insurance management and administration services to healthcare payers, including self-insured employers. The company is present throughout the region and operates in 11 countries with four main hubs. With over 700 employees, 85 percent of which are medical professionals, NEXtCARE responds to the needs of over two million insured members and supports a network of over 7, 000 providers across the region. Having regional presence with a global reach, NEXtCARE provides its clients with a balance between customer service and maximum cost optimisation. NEXtCARE develops innovative solutions to ensure efficiency and transparency. A fully dedicated team works on developing solutions that enable electronic data exchange between stakeholders of the industry, including insurance and reinsurance companies, self-insured employers, regulators, health service providers and end-users. “Technology is key to serving our clients in the best way. We therefore streamline and focus our efforts on building state-of-the-art and unrivalled IT Infrastructure, ensuring high-level IT security,” says Mattout. The aim is to ensure that all NEXtCARE’s specialised employees work together in order to address business challenges and connect the dots between implemented solutions, all while keeping IT infrastructure and security at the forefront of users’ minds.

Wissam Mattout, Head of IT, MEA region, NEXtCARE

Accountability is one of NEXtCARE’s core values, says Mattout, and as such, they company is committed to meeting the everrising expectations of its clients. To meet these goals, they recruit and train specialised employees, and push through pioneering technologies. The IT team prepared an ambitious roadmap to achieve their goals, which supported the transformation of NEXtCARE’s infrastructure to accommodate and serve challenging business needs. “Building our private cloud is an expensive but secure solution,” says Mattout. For NEXtCARE to ensure its support services are in line with its global reach, a robust, and secure IT infrastructure is a must. Enter TATSH. TATSH turnkey software is at the core of NEXtCARE’s operations. This software, developed in-house by NEXtCARE, delivers a cost effective electronic solution to private healthcare schemes by streamlining processes while ensuring competitiveness and profitability. All partners are trained and connected to TATSH in order to communicate, exchange live information and perform transactions. “Putting first things first,” Mattout says, “NEXtCARE has an internal online helpdesk system that keeps www.cnmeonline.com

most convenient manner possible. track of all IT inquiries.” The current “We deal with people’s lives and system is available to all IT agents in health," says Mattout. "IT security order to ensure the support cases are and data confidentiality is our addressed quickly and thoroughly. highest priority. With that in mind, NEXtCARE also provides direct all sensitive information is protected, access across various markets for a and all data is multitude of backed up into products offered We deal with people's a secure private by providers lives and health. IT cloud." through a web security and data In enabled solution collaboration called PULSE. confidentiality is with its clients, This platform our highest priority. company allows users With that in mind, all the is focused to benefit sensitive information on proactive from PULSE’s is protected, and all solution front-end data is backed up into development. and supports eligibility a secure, private cloud. The NEXtCARE Mobile checking, Application is preapprovals currently in pilot testing and will claims submissions and reconciliation. enable people, whether NEXtCARE PULSE improves efficiency, decreases members or not, to check public turnaround time for pre-certification information related to NEXtCARE, and manages processing and the company’s news, health tips reconciliation between NEXtCARE and and videos. The mobile application the provider community. will allow users to access the With the goal to provide daily and MyNEXtCARE portal from any mobile easy access to data such as medical device. information, lab testing and medical Mattout says NEXtCARE delivers a claims, and to keep medical history complete package – from business, to accessible, NEXtCARE has implemented IT, to risk management to consultancy a comprehensive disaster recovery and more. “IT support is an integral plan. “Our DRS plan is part of the part of our business. Innovation, holistic business continuity plan that information, and integration are ensures smooth running of business at pillars to success,” he says. all times,” says Mattout. With a solid infrastructure in “Maintaining growth in a place and constant and consistent technology enabled world is a innovation and development, continuous challenge,” he says. NEXtCARE is able to administer Furthering NEXtCARE’s efforts to custom-designed healthcare plans provide new services and solutions in response to clients’ unique to provide managed care services, the requirements, providing them IT team at the company has designed with a competitive advantage. The MyNEXtCARE, a beneficiary portal. company is able to mix and match This platform enables beneficiaries to various services with the aim of submit their reimbursement claims, providing a 'plug and play' concept view their claims history, find a which efficiently complements healthcare provider and access their existing products. policy information in the easiest and www.cnmeonline.com

Global healthcare

(world health organization)

US$ 6.5 trillion

Total global expenditure for health

US$ 948

Total global expenditure for health per person per year Highest total spending per person per year on health

United States US$ 8,362 Lowest total spending per person per year on health

Eritrea US$ 12

Highest government spending per person per year on health

Luxembourg US$ 6,906

Lowest government spending per person per year on health

Myanmar US$ 2

Highest annual out-of-pocket household spending on health

Switzerland US$ 2,412

Lowest annual out-of-pocket household spending on health

Kiribati US$ 0.2 february 2015

The high achievers CNMEâ&#x20AC;&#x2122;s inaugural CIO 100 Awards celebrated IT leaders who have made the best use of technology to derive strategic value and maximum returns for their businesses. The winners who made it onto this yearâ&#x20AC;&#x2122;s CIO 100 index serve as inspiration and proof that charting new paths in ICT can yield business rewards, whether it was ushering existing infrastructure into the new era of requisite agility, or working new technologies successfully into traditional business setups.

Abdul Razack Dileep Raj

Abdulla Ahli

Abu Dhabi Urban Planning Council

The Emirates Institution for Advanced Science and Technology

Abdullah Al-Attas

Abdulmajeed Malek

SAMACO

ENOC

february 2015

www.cnmeonline.com

Partners are the face of our business and it's our pleasure to recognize and reward them for their ceaseless support and hard work. As part of the Cloud Club campaign, Mindware together with Microsoft, flew their partners spread across the regions, to the dynamic cosmopolitan and historical city, Singapore from 4th to 7th November 2014. The muchdeserved trip for our partners, included networking sessions, updates on key cloud club plans and promotions, team-building activities and was also packed with a number of entertainment activities. Be a Microsoft partner today, to win exciting rewards. Mindware recommends Microsoft速 Office

Abdulnasser Alkaabi

Abdulrahman Alonaizan

Abu Dhabi Media Company

Arab National Bank

Abdulsalam Al-Bastaki

Afraa Ali Al Shamsi

Dubai Properties Group

UAE University

Ahmad Al Madani

Ahmad Al Mulla

General Pension & Social Security Authority

Emirates Global Aluminium

Ahmed Ebrahim Al Ahmad

Ahmed Yahya

Nakheel

Sheikh Khalifa Medical City

february 2015

www.cnmeonline.com

Ajay Rathi

Alaeddin Al Badawna

Meraas Holding

ADMA-OPCO

Ali Abdul Aziz Ali

Ali Ghunaim

ADNOC Distribution

Canadian Specialist Hospital

Ali Mohamed Al Ali

Ali Radhi

Health Authority - Abu Dhabi

MBC

Aliasgar Bohari

Amin Al-Zarouni

Zulekha Hospitals

Bee'ah

www.cnmeonline.com

february 2015

High Performance NEXT GENERATION FIREWALL for the Enterprise Your network is constantly evolving. Changes in user mobility, devices and applications are placing new demands on it in terms of performance and flexibility. Fortinet’s FortiGate 1500D Next Generation Firewall (NGFW) is specifically designed to deal with these changes. Whether in the data center or at the perimeter of your network, the FortiGate 1500D meets the dual challenge of high performance and security effectiveness. The FortiGate 1500D was recently tested by NSS Labs and received the coveted “Recommended” while demonstrating industry best value of all of the products tested. Give your network the performance and protection that it needs with the FortiGate 1500D. For more information, please visit fortinet.com. DISTRIBUTED BY

Amit Kanchan

Col. Anwar Abduallah Al Mulla

Landmark Hospitality

Abu Dhabi Police

Arun Tewary

Basem Burgan

Emirates Flight Catering

Alshaya

Deepu Thomas Philip

Shashank Aggarwal (on behalf of Entesar Al Hosani)

Kuwait International Bank

Environment Agency, Abu Dhabi

Esam Alfalasi

Esam Hadi

Ministry of Economy

Aluminium Bahrain

www.cnmeonline.com

february 2015

Harnessing the value of information

E N I F E RED

FLASH

Flash is transforming the way we think about storage. Ubiquitous in data centers at all levels, itâ&#x20AC;&#x2122;s enabling innovation across IT.

Authorised Value Added Distributor StorIT Distribution fzco | P.O.Box 17417 Jebel Ali Freezone Dubai, United Arab Emirates Tel: +971.4.881.9690 | Fax: +971.4.887.1637 | Email: info@storit.ae | Web: www.storit.ae

Fady Sleiman

Faisal Eledath

Waha Capital

National Bank of Oman

Farid Farouq

Fuad Al Ansari

DWTC

Takreer

George Yacoub

Ghazi Qarout

SEHA

Qatar Islamic Bank

Hamdan Alkalbani

Hazem Turki El Khatib

Union Properties

Department of Finance, Abu Dhabi

www.cnmeonline.com

february 2015

Hisham Iran

Hussam Al Nowais

Dubai Taxi Corporation

twofour54

Ibrahim Al Emadee

Imad Taha

Qatar General Electricity & Water Authority

Belhasa Group

Dr. Jassim Haji

Jawed Akhtar

Gulf Air

Ebrahim Khalil Kanoo

Joseph Nettikaden

Kashif Rana

Esol Education

Majid Al Futtaim Ventures

february 2015

www.cnmeonline.com

Khaled Al Rashaid

Khalid AlMansouri

Ministry of Education, Kuwait

Etisalat Misr

Khalid bin Hamad AlKhalifa

Col. Khalid Buhindi

King Hamad University Hospital

Sharjah Police

Kirit Shah

Kumar Prasoon

Landmark Group

Al Safeer Group

M N Chaturvedi

Madhav Rao

Al Shirawi

Emke Group

february 2015

www.cnmeonline.com

Madhusudhan Sarangi

Maisam Zaidi

Port of Fujairah

ALEC

Sajin Salim (on behalf of Mazen Chilet)

Mehmet Akdeniz

Abu Dhabi University

Emirates Palace

Michael Reagin

Michaella Kerckhof

Cleveland Clinic Abu Dhabi

Majid Al Futtaim

Mohamed Sabah

Mohammad Javeed

Dubai Holding

Paris Sorbonne University

www.cnmeonline.com

february 2015

http://www.datacenterfuture.com/

Mohammad Raffi

Mohammed Saeed Al Shehhi

Jotun Powder Coatings

Statistic Centre- Abu Dhabi

Mubarik Hussein

Abdulrahman Jefri (on behalf of Muhammad Ali Albakri)

Petroserv

Saudi Arabian Airlines

Nadeem Busheri

Nawwaf Awwad

Dubai Islamic Bank

Saad Specialist Hospital

NSN Murthy

Omar Al Nuaimi

Healthcare MENA

Abu Dhabi Food Control Authority

www.cnmeonline.com

february 2015

Patrick Naef

Prasanna Rupasinghe

Emirates Group

Kempinski Hotel Mall of the Emirates

Ramesh Varma

Roland El Khoury

Arab Bank for Investment & Foreign Trade

Impact BBDO

Rusty Bruns

Sabri Ali Yahya

American University of Kuwait

Etisalat

Sabri Hamed Al Azazi

Saeed Al Ghailani

Al Hilal Bank

Department of Transport, Abu Dhabi

february 2015

www.cnmeonline.com

ANTICIPATING THE C-SUITE

COMGUARD JOINS IDC @ ST CIO

MIT 2 0

DDLE

MIDDLE EAST CIO SUMMIT 2015 Where IT meets Business 25-26 February 2015, Atlantis- The Palm

Co-partnered with:

Saeed Al Dashti

Saif Ketbi

Jumeirah Group

Abu Dhabi Airports

Saif Salem Bamadhaf

Jilesh Jose (on behalf of Saji Oommen)

Higher Colleges of Technology

Al Batha Group

Samer Awajan

Samir Abi Frem

Aramex

Rotana Hotel Management Corporation

Samir Khan

Sebastian Samuel

African Eastern

AW Rostamani

february 2015

www.cnmeonline.com

Shrikant Kabboor

Sreedhar Reddy

Emaar Properties

Aldar Properties

R Rajamohan (on behalf of Sumit Sarkar)

Tariq Al Hawi

National Bank of Fujairah

aeCERT

Tariq AL-Usaimi

Terence Sathyanarayan

Kuwait Credit Bank

Drake & Scull International

V Suresh

Vignesh Unadkat

Jumbo Electronics

Thumbay Group

www.cnmeonline.com

february 2015

Vinay Sharma

Vishal Sood

Gulftainer Company

Perma-Pipe

Wissam Ismail

Wissam Mattout

Al Noor Hospitals Group

Nextcare

Ibrahim Alhosani (on behalf of Juma Al Ghaith)

Afzal Khalfay ( on behalf of Yousif Almutawa)

Dubai Customs

DP World

Zaki Sabbagh

Zuhair Lardhi

Zamil Industrial

Khalifa Fund for Enterprise Development

www.cnmeonline.com

february 2015

solutions World Cloud

The Dream of a Seamless cloud

In a work environment where employees demand mobile solutions, and the C-suite is mandated to keep data secure and business processes grounded, CIOs are hard-pressed to create seamless cloud to on-premise solutions that are both user and business friendly.

february 2015

www.cnmeonline.com

ombining cloud services with existing on-premise technologies can seem like a pipe dream. Currently, the idea that enterprises will be able to use cloud applications and storage as a primary source may seem impossible, or even unnecessary. However, pairing cloud applications and traditional applications is a practice that is currently underway – though not without a few bumps in the road. Reaching out to the cloud is in highdemand these days. Employees want the agility and accessibility of cloud services to support their increasingly mobile business activities. Still, businesses are reliant on legacy systems and other applications that simply cannot, or should not be hosted in the cloud. Employees and other end-users want the best of both worlds. But combining a system of on-premise services with those hosted in the cloud can be a bit tricky. Determining which applications and services belong where to create an optimised user experience while protecting data and processes is key. Meeting the demands and requirements of creating a seamless cloud to on-premise experience can be a challenge for CIOs, most experts would agree. “Enterprise IT is faced with the challenge of providing a seamless experience across on-premise infrastructure and the public cloud,” says Suda Srinivasa, Director, Product Marketing, Nutanix. “Many applications built for traditional environments use a monolithic architecture,” he explains futher, “Successful migration to the cloud requires re-architecting these application to fit the scale-out, fractional consumption model that cloud offers.” Still, enterprises throughout the world and in the region are beginning to create what aim to be seamless cloud to on-premise environments to meet the needs of their users. The key to creating such a user experience, says Sudheer Subramanian, IT Solutions

www.cnmeonline.com

“Proof of concept is essential to test the application’s performance and scalability as it is critical in cloudification.” Sudheer Subramanian, IT Solutions Director, Huawei Enterprise Middle East

Director, Huawei Enterprise Middle East, is planning and vision. “It is important for CIOs to understand the critical application characteristics and dependencies before designing the cloud model. Proof of concept is essential to test the application’s performance and scalability as it is critical in cloudification,” he says. The first step, it would seem, is to determine which applications, services and solutions are appropriate to move from on-premises infrastructure to a cloud environment. Applications that are ‘cloud-worthy’ are those percent that need to be scalable, agile and accessible in a mobile work of companies saved money by environment. moving one or more services to the cloud in 2014. “In our experience, the applications that move to the cloud first are the ones that are variable in nature, where the load varies over time, enabling you to take advantage of the hourly billing and dynamic scaling of cloud, to only pay for what you require at the time. Also Internet facing web-based applications, test and development systems and disaster recovery use cases are ideal for cloud,” says Grant Morgan, General Manager, Cloud, Dimension Data Middle East and Africa. There are other challenges that may come up when attempting to create a seamless cloud environment. “CIOs and IT managers may find themselves trying to standardise

february 2015

solutions World Cloud multiple user interfaces, custom codes and programming languages when implementing such integration tools, explains Rajesh Abraham, Director, Product Development, eHosting DataFort. “It is important for the enterprise to contact its managed services provider to achieve the promised benefits of cloud, its lower costs and accessibility of data,” he says. There are certain applications that should remain on-premise as well. Applications and data that perform processes that are confidential, for example, should remain on-premise to maintain optimum security. “Applications involving private data of a sensitive nature should generally be grounded,” confirms Cherif Sleiman, General Manager, Middle East, Infoblox. With all of this effort toward creating a seamless cloud to on-premise experience, it is undeniable that we are moving toward a more mobile, ‘smarter’ world. “As we are moving forward in advanced technologies where everything is becoming smart, we may be able to expect a future in which all computing will be done in the cloud,” says Jamil Ezzo, Director General, ICDL Arabia. “However, the shift toward cloud computing will be faced with challenges that will take time to be resolved, particularly in the creation of an environment that can easily deal with this new way of computing.” Kumaravel Ramakrishnan, Product Manager, ManageEngine agrees that the future is in the

“Applications involving private data of a sensitive nature should generally be grounded.” Cherif Sleiman, General Manager, Middle East, Infoblox

clouds, however, points out that traffic and data will be an issue. “With a growth of over 300 percent in the past six years and with 91 percent of businesses projected to migrate to the cloud in the next three years, the future of all computing points toward the cloud,” he says, “However, with global data centre traffic projected to grow three-fold in 2012-2017, we will have too much data to handle.” Yet, the move to the cloud is driven by benefits that CIOs simply cannot pass on. The answer is then a seamless hybrid percent cloud environment. “Going hybrid offers opportunities of business projected to migrate to better balance CAPEX to the cloud in the next three years. investments in owned resources and OPEX spending on cloud-based services, and to leverage the combined capabilities of private and public clouds,” says Taj Elkhayat, Regional Vice President, Middle East, Turkey, North, West, and Central Africa, Riverbed Technology. Louay Dahmash, Head of Middle East, Autodesk, agrees, “From a business perspective, the cloud can also offer many opportunities and possibilities like “With a growth of over collaboration, increased mobility, infinite computing power and affordability," he says. 300 percent in the past six With the benefits of providing years and with 91 percent of employees with accessible applications and businesses projected to migrate services so great, it is imperative that CIOs turn their attention to creating a seamless to the cloud in the next three years, cloud environment that is both streamlined the future of all computing points for end-users, and that protects sensitive data and processes. With careful planning, toward the cloud.” this type of integration is possible, and we will likely be seeing a good deal more of it Kumaravel Ramakrishnan, Product Manager, ManageEngine in the future.

february 2015

www.cnmeonline.com

network World WiFi

Harnessing Gigabit

Wi-Fi What to consider as you prepare for the transition to 802.11ac.

february 2015

www.cnmeonline.com

Strategic Innovation Partner

he newest version of the 802.11 standard – 802.11ac – is ready for prime time. The official IEEE standard is finished, the Wi-Fi Alliance has issued a specification for interoperability, essentially all enterprise-class Wi-Fi system vendors are shipping (or have at least announced) 802.11ac products, and price/ performance is significantly improved over 802.11n products. The move to gigabit Wi-Fi is picking up steam for obvious reasons – 802.11ac is faster, more agile and more robust than any of its predecessors. Providing Wi-Fi at the speed of a wired network, the latest version of wireless standard is revolutionising how enterprises support the large number of devices connecting to their networks. Though installing this next-generation WiFi technology will become mandatory soon, there are many questions that you need to address before making the move. The biggest challenge facing IT managers is justifying the investment given the fact that many 802.11n installations are still underway, and the vast majority of these are far from saturated or even fully depreciated. “802.11ac is the most rapidly adopted wireless Ethernet application ever," says Valerie Maguire, Director of Standards & Technology, Siemon. "The growth predictions for this year alone are astounding, with Infonetics estimating that 802.11ac routers will make up 42 per cent (74 million devices if the market stays at the 2014 level of 176 million routers) of all Wi-Fi enabled router shipments. Strategy Analytics also estimates that sales of consumer devices with 802.11ac Wi-Fi capability (including routers and gateways) will exceed the $1 billion mark.” She adds that the increasing presence and capacity of mobile and handheld devices, the evolution of information content from www.cnmeonline.com

“The growth predictions for this year alone are astounding, with Infonetics estimating that 802.11ac routers will make up 42 per cent 74 million devices if the market stays at the 2014 level of 176 million routers - of all Wi-Fi enabled router shipments.” Valerie Maguire, Director of Standards & Technology, Siemon

text to streaming video and multimedia, and limits on cellular data plans that encourage users to 'off-load' to Wi-Fi are all driving the need for faster Wi-Fi networks. Clients with 802.11n installations underway are strongly encouraged to transition their design to support 802.11ac to avoid bottlenecks and congestion, increase capacity, and reduce latency in their wireless network. Manish Bhardwaj, Marketing Manager, Middle East & Turkey, billion Aruba Networks, offers another reason for deploying is the estimated sales of 802.11ac, “Now the 100 Mbps consumer devices with or 200 Mbps rates enabled by 802.11ac capability this year 802.11n, breakthrough figures that put it on a par with 10/100 Mbps Ethernet just a few years ago seem barely adequate for some emerging video applications. If organisations are forward thinking and are looking to improve performance, then 802.11ac is the answer.” Luckily for users, a broad range of deployment scenarios are available with what might just be the last major WLAN upgrade, which enables a cost-effective fit for virtually every situation. Given the higher throughput of 802.11ac, is it safe to assume that only fewer access points will be required

february 2015

network World WiFi

in any given installation? Not necessarily, says Maguire. “Unlike 802.11n devices, which “All 802.11ac access points (APs) can be configured to transmit in either the will be backwards compatible 2.4 GHz or 5 GHZ spectrum, 802.11ac devices will transmit exclusively in the less crowded with 802.11a/b/g/n. This will allow 5 GHz spectrum. This spectrum supports for a gradual migration away from higher transmission rates because of more these legacy devices to 802.11ac on a available non-overlapping radio channels more time-manageable schedule.” and is considered 'cleaner' because there are fewer devices operating in the spectrum and Manish Bhardwaj, Marketing Manager, Middle East & Turkey, Aruba Networks less potential for interference. However, one disadvantage to operating in this spectrum is that 5 GHz signals have a shorter transmission range and have more difficulty penetrating design need to be considered and number of building materials than 2.4 GHz signals. access points will not be changed,” he says. This transmission range, coupled Another option to consider is whether to with the fact that the typical user rip-and-replace, or simply add a new 802.11ac is anticipated to be connecting network to your existing WLAN. “All 802.11ac more Wi-Fi enabled devices access points (APs) will be backwards (6-8 devices per user is compatible with 802.11a/b/g/n. This will PERCENT anticipated) at any given time allow for a gradual migration away from of smartphones shipped this than ever before, means that the these legacy devices to 802.11ac on a more year will have ‘ac’ chipset density of wireless access points time-manageable schedule. However not all of will likely remain unchanged or the features from 802.11ac will be available may even slightly increase as clients for use with these legacy devices. In some migrate from 802.11n to 802.11ac.” deployments, 802.11ac APs will be rolled out Saleem Al Balooshi, Executive VP , in phases,” says Bhardwaj. Network Development & Operations , du, says An overlay network is the way to go if the 802.11ac technology indeed provides higher bulk of network traffic is still in the 2.4Ghz throughput, but less coverage due to the band, using traditional b/g channels. Since nature of the 5GHz frequency band compared 802.11ac only uses the 5GHz band, there to 2.4GHz band. “So to maintain good coverage will be little or no disruption to your current with high throughput, both frequency bands user base, and new clients with 802.11ac technology will immediately benefit from the new network. And, if you have clients that already support 802.11ac technologies (like the newer Macbooks) you will even see a benefit on your existing 2.4GHz network as “802.11ac technology indeed these users will seamlessly migrate to the new provides higher throughput, but 802.11ac network, freeing up bandwidth on less coverage due to the nature the 2.4GHz channels. of the 5GHz frequency band ABI Research predicts that 70 percent of smartphone shipped by 2015 will have 'ac' compared to 2.4GHz band.” chipsets, and since smartphones are probably the biggest BYOD challenge, moving them off Saleem Al Balooshi, Executive VP , Network Development and Operations, du to a new 802.11ac network in a new frequency band will provide some instant relief.

february 2015

www.cnmeonline.com

Migrate to IP Surveillance Making the move to digital technology at your own pace

The security of your business is at risk if there is no monitoring system in place to protect your business assets. Choosing to implement IP Surveillance offers the advantage of leveraging your existing network infrastructure to maximise your investment. D-Link can supply end-to-end networking solutions to build an affordable and easy-to-deploy system to ensure the security and safety of people, possessions and places.

DCS-3716 PoE HD Day and Night Wide Dynamic Range IP Camera

DCS-5615

DCS-6115

DCS-6315

DCS-6915

Full HD Mini P/T Dome Network Camera

HD Indoor Fixed

HD Outdoor Fixed Dome Camera with Color Night Vision

Full HD High-Speed Dome Network Camera

Dome Camera with Color Night Vision

www.dlinkmea.com

+971 4 880 9022

facebook.com/dlinkmea

info.me@dlinkmea.com

Online Technical Support

www.dlinkmea.com/techsupport

DCS-7513 Full HD WDR Day & Night Outdoor Network Camera

Security AdvisEr Hacktivism

Cyber subversives Debating political issues, promoting free speech, and supporting human rights, the illegal cyber activities of hacktivists divide opinion. Are they criminals like any other, or are their cases of their work justifying their underhand means?

february 2015

www.cnmeonline.com

range of factors can be attributed to the rise of hacktivism. Throughout history, economic and political dissatisfaction have always been cause for public dissent, but the increased prominence and dominance of the Internet has made online subversion one of the first ports of call for 21st century dissidents. Hacktivist groups like Anonymous have made it their mission to exploit social media, taking aim at governments and organisations they perceive to be corrupt and dictatorial. Julian Assange’s WikiLeaks has also gained infamy by publishing a range of information about high-level wrongdoing on a range of culprits. In the Middle East, the Syrian Electronic Army is an organisation that is never far from IT-related headlines. The group frequently defaces the social media accounts of numerous high-profile American organisations, and has targeted Forbes, Microsoft and CNBC amongst others. Although the attacks may not be incredibly sophisticated or damaging, they grab widespread attention. “Before the Internet, there was the power of street protests and demonstrations,” Jason Hart, Vice President, Cloud Solutions, SafeNet, says. “The rise of the Internet changed the rules of the game. The principle remains the same at its core, in terms of motivation, purpose and result. The evolution of technology marked the change in technique for those who want to change the world and the results are at least as dramatic.” Nicolai Solling, Director of Technology

Services, Help AG, also believes the ubiquity of IT services makes hacktivism the obvious choice for mayhem, “A prominent factor in the increasing scale of hacktivism is the growing significance of IT systems in everyday life,” he says. “Today, any large public or private sector organisation has an online presence and will certainly depend very heavily on a number of IT systems. Given that disruption to these services can cause an immediate and noticeable impact on the business, it is no wonder why hacktivism is such an effective tool.” The typical hacktivist is not financially motivated. In that vein, their main goal is to influence opinion, and to negate the reputation of their target. The main way they can do this is to disrupt web services or by defacing sites. This service interruption and resultant bad press can always have a negative impact on a business, and against unscrupulous rulers, serves as a form of nonviolent yet effective protest. Unlike hackers who are often financially motivated and whose ends are self-serving, hacktivists will always have a degree of support, as their actions are mostly politically or socially motivated. Their other principle means of attack is by extorting information, which can be used to blackmail their victims. “One school of thought considers hacktivists to be cybercriminals that must be prosecuted, the other, despite being conscious of the threat they represent, maintains that they are a voice to listen to,” says Firosh Ummer, Managing Director, EMEA, Paladion Networks. “Their intent is never to hit civil people or critical infrastructures, so one february 2015

Security Adviser Hacktivism

of their most common attacks has been distributed denial of service, which has become sophisticated over time by using any visitor on a site as an attacker to send an enormous quantity of requests in a short period to disable a website or web service.” Although hacktivists are not always associated with governments or powerful organisations, their beliefs often align with them. But is there a point at which the lines blur between noble hacktivism and illegal sabotage, or are the two one and the same? Can hacktivists be regarded as a modern-day Robin Hood, attacking the powerful to help the afflicted, or are their actions conducive to a culture of cybercrime? Mohammed Amin Hasbini, Senior Security Researcher, Kaspersky Lab, believes there is a clear pocket of what is acceptable, “There’s only one data records stolen by hacktivists in Q3 2014 type of hacking that can be defended: ethical hacking,” he says. “After an agreement with an organisation, an ethical hacker is hired to test the organisation services for weaknesses that could be abused by

“Their intent is never to hit civil people or critical infrastructures, so one of their most common attacks has been distributed denial of service, which has become sophisticated over time.” Firosh Ummer, Managing Director, EMEA, Paladion Networks

117,105

“Today, any large public or private sector organisation has an online presence and will certainly depend very heavily on a number of IT systems. Given that disruption to these services can cause an immediate and noticeable impact on the business, it is no wonder why hacktivism is such an effective tool.” Nicolai Solling, Director of Technology Services, Help AG

february 2015

cyber criminals; the ethical hacker might be requested to exploit the vulnerabilities only if officially approved by the organisation, to find the range of a certain weakness.” Mohamed Djenane, Security Specialist, ESET Middle East, thinks it is becoming increasingly difficult to distinguish between the two, “We are seeing hacktivism now blend with more serious cyber-terrorism as was the case with the Sony hack in 2014,” he says. “Here, beyond reputation loss, sensitive information was leaked which was then used for blackmail. When an organisation falls victim to a traditional hacker, the news of the data breach is not generally publicised as the hackers are driven by financial motives and would prefer not to draw attention to themselves.” Although most civilian organisations do not run a great risk of being a victim of hacktivism, vigilance still pays, says Greg Day, Vice President and Chief Technology Officer, EMEA, FireEye. “As with all cyber-threats, each organisation needs to consider the probability and potential impact to themselves; their business risk analysis,” he says. “This should include analysis as to what their brand externally represents, who could see them as a target and why, then analysis of their own technology – the business dependancies on this and how well they would be able to detect and respond to such an incident.” www.cnmeonline.com

23rd March 2015

Jumeirah Beach Hotel, Dubai

Recognising the Middle Eastâ&#x20AC;&#x2122;s Networking Champions For sponsorship enquiries, please reach:

For agenda-related enquiries, please reach:

Rajashree Rammohan Publishing Director raj.ram@cpimediagroup.com +971 4 440 9131 +971 50 173 9987

Jeevan Thankappan Group Editor jeevan.thankappan@cpimediagroup.com +971 4 440 9133 +971 56 415 6425

Michal Zylinski Senior Sales Manager michal.zylinski@cpimediagroup.com +971 4 440 9119 +971 55 230 2341

Annie Bricker Deputy Editor annie.bricker@cpimediagroup.com +971 4 440 9116 +971 56 130 5505

For registration enquiries, please reach: CPI Events Team bitevents@cpimediagroup.com +971 4 440 9100

www.cnmeonline.com/nwmeawards/2015 PRESENTED BY

Telecoms World LTE

Cashing in on

LTE With the increasing number of LTE roll outs in the region, a key challenge facing operators is how to boost the revenue with nextgeneration mobile services. Industry pundits say there are many new models operators can tap into, thanks to LTE.

TE is more mature than ever, with higher speeds, more device selection and more chip suppliers adding to the ecosystem for the fast mobile technology. In the GCC, almost every major carrier has a LTE network in place now and countries such as Saudi have three commercial 64

february 2015

LTE networks up and running. GSMA Intelligence estimates that Saudi alone will account for more than half of all LTE connection in the Middle East by this year with the total number of LTE connections reaching over 16 million, which is about five percent of the global total. Though growing demand for data is

www.cnmeonline.com

in association with

shore up their bottom lines. Rakesh Lakhani, Head of MBB, Ericsson region Middle East, says data based revenue streams are the obvious answer here as the introduction of LTE services encourages users to consume more data, given the enhanced customer experience that the technology provides. “One revenue stream operators can explore is content delivery and creation – LTE users are increasingly hungry for content, and will consume more when using an LTE connection. Over-the-Top (OTT) services can also be offered, improved enterprise solutions such as mobile video conferencing and access to cloud-based applications. LTE Broadcast is another potential revenue stream for operators with efficient delivery of video to multiple users simultaneously.” Fady Younes, Head of Service Providers, Cisco UAE, agrees that there are a variety of new revenue streams that operators can develop around LTE. In the Middle East, private networks for the energy, oil, and gas sector are seeing strong demand, providing communications, pipeline remote security, and leveraging smartphones as replacements for radios. “As Smart Cities continue to grow throughout the Middle East, government services are being transformed by LTE. For example, LTE services supporting remote water and utility meters; smart traffic lights, security cameras, and smart street lighting; smart parking sensors and meters; and police departments using security cameras, traffic light cameras, and identification cameras,” he adds. driving interest in LTE, the challenge facing these operators is how to monetise their investments in LTE and find a right pricing framework for mobile data profitability. With voice revenues in terminal decline, most of the operators that have invested heavily in 4G networks are looking at the new revenue streams that can developed around LTE to www.cnmeonline.com

Tailored offerings Should operators primarily target SME and Enterprise markets for LTE services, where the ARPU is much higher compared with consumer market? Hassan Sabry, Wireless Business Development Lead – META Region, AlcatelLucent, says business-focused solutions in general offer a good way for operators to february 2015

Organised by

22nd Feb

24th Feb

25th Feb

www.cnmeonline.com/cloudroadshow/2015 For sponsorship enquiries, please reach:

For agenda-related enquiries, please reach:

Rajashree Rammohan Publishing Director raj.ram@cpimediagroup.com +971 4 440 9131 +971 50 173 9987

Jeevan Thankappan Group Editor jeevan.thankappan@cpimediagroup.com +971 4 440 9133 +971 56 415 6425

Michal Zylinski Senior Sales Manager michal.zylinski@cpimediagroup.com +971 4 440 9119 +971 55 230 2341

Annie Bricker Deputy Editor annie.bricker@cpimediagroup.com +971 4 440 9116 +971 56 130 5505

Organised by

For registration enquiries, please reach: CPI Events Team bitevents@cpimediagroup.com +971 4 440 9100

Telecoms World LTE

generate additional revenues from LTE. By developing a genuine business-to-business mindset and thinking of LTE service provision from the perspective of the customer, operator can well position LTE services for SME and enterprise. “Cloud-based services also appear to be a perfect match for the high-speed, lowlatency nature of LTE, as long as operators can package and sell services that are not traditional for telecoms firms. For example, several operators are bundling cloud-based software subscriptions with packages for small and medium-sized enterprises that include fixed, mobile and IP-PBX,” he says. Lakhani from Ericsson says that though SMEs and enterprise customers can undoubtedly benefit from LTE, consumers are increasingly adopting the technology for the benefits it has in personal connectivity and communications. “Therefore, different approaches should be taken to target all consumer segments, highlighting the specific features that will appeal to them.”

“VoLTE will be a significant point of differentiation for the region’s operators, as it will provide customers with higher quality calls that connect much faster than traditional calls – connection will be in no more than two seconds, compared to three or more that are required to connect on GSM or CDMA networks.” Fady Younes, Head of Service Providers, Cisco UAE

Beyond just data LTE is not all about just mobile data with the impending arrival of VoLTE, short for Voice over Long Term Evolution. VoLTE refers to something wireless customers should actually care about and will probably appropriate: better quality voice calls; the ability to use voice and data at the same time; and more network efficiency, which translates into better service.

“Operators in developed markets see VoLTE as both a means to gain competitive advantage over competition and a tool to bolster their brand strength.” Hassan Sabry, Wireless Business Development Lead – META Region, Alcatel-Lucent

www.cnmeonline.com

“VoLTE will have a significant impact in 2015. Already 288 operators in 104 countries have launched LTE, and more than 60 operators are investing in VoLTE technology, through studies, trials, and various stages of network deployments, according to the Global Mobile Suppliers Association (GSA),” says Younes. VoLTE will be a significant point of differentiation for the region’s operators, as it will provide customers with higher quality calls that connect much faster than traditional calls – connection will be in a no more than 2 seconds, compared to the 3 or more seconds required to connect on GSM or CDMA networks. The clarity of HD calls over VoLTE will be a big bonus over OTT, as it means less chance of calls dropping, of static or other interferences. The voice over LTE market is a natural market reaction to diminishing returns on voice services. Following increased competition from OTT VoIP services, more operators will deploy VoLTE services in 2015. Some analysts expect there to be over 100 million active VoLTE subscriptions worldwide by the end of 2015. “Operators in developed markets see VoLTE as both a means to gain competitive advantage over competition and a tool to bolster their brand strength. As the developed markets begin to move towards comprehensive LTE coverage, VoLTE will become an integral part of their value proposition,” says Sabri from Alcatel-Lucent. february 2015

CXO Corner

Forward-thinking financials Mohammed Faisal, CFO, Al Mostajed Technologies Group, has a good relationship with all departments in the company â&#x20AC;&#x201C; but that doesn't mean he sugarcoats his opinion when it comes to funding projects.

february 2015

www.cnmeonline.com

uhammed Faisal, Chief Financial Officer, Al Mostajed Technologies Group, is not a man that is afraid to voice his opinion. During his time at the company, he has taken on a number of projects in partnership with the IT department that have supported Al Mostajed both internally and with its many clients. Faisal has more than 18 years of experience in finance. “I was living and working in Pakistan,” he says, “and in 2003 I made the move to the Middle East.” He did his time as an auditor for a few years, auditing various companies and serving as a financial controller for a company in Qatar before making his permanent home in Dubai. Since joining Al Mostajed in 2012 he's been busy – a testament to his assertion that the role of the CFO has fast been moving beyond the confines of the finance department. “Since coming on,” he says, “I have been involved in projects involving business processes, controls and more.” The role of the CFO, says Faisal, has changed significantly over the past decade. “We aren’t just dealing with accounting anymore,” he explains, “I work as a risk manager, I have to analyse performance, as well as day-to-day requirements and more.” Indeed, Faisal is sure that all over the world, the CFO has become one of the key management positions to any operation. “If I go, say, 15 years back in my career, I can see that the role of a financial officer has very much changed,” says Faisal. This is true particularly in regard to the influence that technology has in the finance department. “At that time, we were just using Excel sheets to analyse our finances,” he recalls, “now a spreadsheet like that can only provide a small picture of the data we need to www.cnmeonline.com

analyse our business. It’s a basic thing, and we have all moved forward.” In this new world of technology, finance officers have to be equipped with the proper tools, says Faisal. From business analytics software, to powerful accounting tools, the finance department simply could not keep up with today’s pace of business if it weren’t for solid IT infrastructure. “Microsoft, Oracle and more, we all rely on their technology these days,” says Faisal. It is important, he says, to stay abreast of the latest technologies to keep business moving forward. It is not only technology, however, that Faisal says is paramount to acting as a top-notch CIO. “I was lucky that early on I was involved in developing things like ERP systems,” he says, “Through development experiences, I was able to gain an understanding of all the working parts of business development.” In addition, Faisal made it a priority when he joined Al Mostajed, to cut down on the paper travelling between departments. “I wanted to take on a paperless project and implement systems that cut down on the need for human intervention,” he says. His initiative was a success, and was completed in the first month of his employment with Al Mostajed. When it comes to implementing new operation technology, then, Faisal can be a tough sell. With his business development, finance and technology experience, he is armed to determine whether or not a project will be financially viable, and also

make good business sense. “I have to keep a close relationship with the CIO and the IT department,” says Faisal, “IT is now the backbone of most industries and ours in no exception.” In short, he says, the departments need to work together to move the business forward. Still, he says, he has to be discerning in regard to the projects that he decides deserve funding. “If finance is not controlling – if we are not mitigating the potential risks of a project – then every department will just do whatever they want,” he explains. He quotes his director when it comes to funding projects, “When I first came here, I had commented to my director that it seemed difficult to keep everyone happy,” Faisal recalls, “He told me that it was important to maintain good relationships with all the departments here, but it did not mean that everyone needed to be happy.” The result is clear – when Faisal denies a project, it is always with the health of the company as his top priority. Faisal pins his success at Al Mostajed, and the continuing success of the company, on an exceptionally solid managerial team. The C-level suite trusts his judgement, and encourages him to look into the details of even their own proposals. “Here, we all have good support, from the top down,” he says, “One person cannot do anything, but when we work as a team, we can be successful.”

“One person cannot do anything, but when we work as a team, we can be successful.”

february 2015

26-28 APRIL 2015 The Middle East and Africa’s Essential I.T. Security Knowledge Platform

3 DAYS To Challenge Your Security Strategy Critical Security for Key Industries

“The perfect opportunity to connect with CIOs, CTOs, CSOs” Sanjeev Walia, Director, Spire Solutions

www.gisec.ae +971 4 308 6468 / 6566 gisec@dwtc.com

CO-LOCATED EVENT

GOLD SPONSORS

ENDORSED BY

SILVER SPONSORS

GISECDUBAI GISECDUBAI GISEC - GULF INFORMATION

SECURITY EXPO AND CONFERENCE

LEAD SPONSOR

OFFICIAL PUBLISHER

DIAMOND SPONSOR

OFFICIAL AIRLINE PARTNER

OFFICIAL COURIER HANDLER

PLATINUM SPONSOR

OFFICIAL TRAVEL PARTNER

Vintage Tech IBM System/360

The IBM System/360 mainframe computer was the first line of computers designed to cover a complete range of applications, both scientific and commercial. The first in the family, the Model 30 was the precursor to modern day computing. It could perform up to 34,500 instructions per second and had a memory from 8 to 64KB. This was the largest investment by IBM into computing, and cost $5 billion to develop – in today’s terms, about $38 billion. The system was built on a ‘solid logic’ semiconductor and allowed different applications to communicate. Though it went against industry practices at the time, IBM created an entire family of computers under the System/360 from low to high performance. This allowed consumers to ‘dip their toe in’ by purchasing a smaller, less powerful model, and upgrade in the future when their needs and comfort levels increased. The System/360 line of computers was extremely successful, largely due to their scalability. The system’s flexibility greatly lowered barriers to entry for individuals and companies alike. It is thought to be one of the most successful computers of all time, and certainly had an effect on computer design for decades to come.

www.cnmeonline.com

february 2015

INTERVIEW Peter Clay, Chief Information Security Officer, CSG Invotas

Dubious cause, dubious outcome As Chief Information Security Officer of automated threat response firm CSG Invotas, Peter Clay always has his hands full. He tells CNME about his biggest pain points, the processes that can ease the burden on IT security teams, and the dire shortcomings that the industry faces.

ow do you see the global threat landscape changing? IT security is undoubtedly a global problem. Whatever happens in this realm is ubiquitous, and no longer locally confined. Certain countries have 72

february 2015

developed huge offensive cyber capabilities, while nation states are going after private corporations. There is a huge disconnect between motives and capabilities - a lot of countries have assembled such an arsenal that they have the power to take down targets at will.

What are a CISO’s top concerns? Resources. It’s the same everywhere, there’s a great disparity between the resources of attackers and defenders. For so long, IT security has been a cost centre, where IT has to get the maximum benefit from minimal resources; ‘If we can pass the test with 70 percent, why bother aiming for 100?’ CISOs are becoming more skilled with tools, processes and technology. They’re becoming better at stretching budgets. Nonetheless, the fact remains that in the U.S there is a shortage of 300,000 IT security professionals, and the number is as much as 800,000 worldwide. This gap further necessitates more innovative tools and processes, which can’t be created overnight. People need to understand that IT security is a necessity for success.

What strategies are now most important for CISOs around the world? They’re looking at automating www.cnmeonline.com

processes that can be done by machines, so that man hours can be spent on analysis. The word ‘automation’ has a bad scent to it; inadvertently blocking the CEO’s email is the fastest way to get fired. Another key issue is that of compliance. An increasing number of governments are now moving to pass laws for compliance. The UAE government is a prime example; IT security has been prominent in a number of their discussions. Countries are taking a strategic approach, finding a functional way to achieve their goals. In the midst of this CISOs are caught up with laws and regulations, but are lagging on the technology front. Take cloud. It’s operationally sound, but the customer is often left worrying if they’re at the mercy of foreign laws. If I’m an Emirati, do I want my data residing in the U.S or Ireland whilst knowing it has to meet local laws and regulations?

How do CISOs go about combatting threats in in real time whilst detecting other potential vulnerabilities that can be exploited? It’s important to think about processes. Software and machines can do things very well, so if you can use the right tools for faster detection, you have a better chance of containing and then eradicating a problem. When you buy a laptop, within 19 seconds there will be an attempted hack against it. IT security programmes stop the vast majority of attacks, but they’re not very good at telling you how effective your security is. Does being a CISO of an IT security company bring an extra element of pressure? It’s quite often a case of ‘dubious cause, dubious outcome’. Some days you can keep on top of things, but on www.cnmeonline.com

importance. Let’s say others you don’t stand a it takes five or six chance. On those days, “I could processes before a your team will be have security ticket is issued, working around you lose 25 the clock, professionals who minutes just sometimes have the intelligence waiting for 70 hours of a grandmaster chess for that to straight, player or a brilliant happen. A and they are scientist, but if they are machine nightmarish. stuck in front of a screen could It’s always pull that interesting without the right information to watch the tools then they will together in IT security eventually walk one place, then subculture away.” a human can of dealing with create the ticket. This incidents, but I don’t feel increases your capacity to any pressure of being in the find the ‘poison needle’. If an IT CISO seat. team has 1,000 threats to deal with In the face of a breach, there are every day, they are always behind. three main parties that the CISO has If you can bring this number down to juggle: the executive, the regulator to 100, they at least have a chance of and the team working on rectifying beating them. the damage. The exec always asks “why did you fail?” the regulator People, processes and technology says “we’ll take it from here’” and at are all key elements in thorough IT the same time you have your team security. Which of the three do you who is feverishly analysing terabytes regard as most important? of data. Undoubtedly people. Technology can provide data but humans can interpret Is automated threat response it in a way that machines can’t. What’s different from automated incident important is to ensure people have response? actionable data at their fingertips. The Yes. One of the main challenges CISOs sad reality is that most IT security now face is that of language. We can professionals are immensely talented build all sorts of dashboards, but people who are being burned out by the problem we face is that we are the futility of their jobs. I could have drowning in data. security professionals who have the It’s important that we can take intelligence of a grandmaster chess action on data, and react to a threat; player or a brilliant scientist, but if a faster reaction will lead to a better they are stuck in front of a screen outcome in that respect. In the past, without the right tools then they will when security teams conducted eventually walk away. The average forensic analyses, if there was an tenure for a CISO is 18 months, which indication of a problem, resources sends out the message of ‘you’re a weren’t optimised to deal with it, they failure’ to the team, and that lack of got buried in other false indicators. stability is also a deterrent to working Automation and orchestration in the industry. needs to take on a greater february 2015

Analyst view

Peter Sondergaard, Senior Vice President, Global Head of Research, Gartner

A New Approach to Digital Security T

he start of any year always brings about the dreaded 'allday meetings.' This is when CEOs and their teams hunker down with leaders throughout the business in daylong meetings to kick-off plans, programs and initiatives. If you’re anything like me then you know you’ve been in too many of these meetings when you catch yourself using terms like “I think we need a bio-break.” Sigh. I have been working with a lot of client CEOs and their teams over the past few weeks, and one topic keeps coming up over and over again — information security. The sensational headlines from last year about systems breaches, compromised customer data and brand attacks have struck a chord for leaders who see this as a very real and present danger for their organisations.

What’s to be done?

The same headlines that have clearly spooked CEOs into putting information security on their priority list have also polarised them into a perilously narrow way of thinking about what actually constitutes information security risk. Too often they see the solution as merely improving the tools and platforms managed by their CIO and IT organisations. But this is not sufficient. Information security is no longer just a technical problem handled by technical people. It requires systemic behaviour change in business process and by all employees. And as more enterprises become digital 74

february 2015

businesses, they will require a digital risk and security program. In speaking with our Chief of Research for Security and Risk, Paul Proctor, it is clear that CEOs must own the responsibility of redefining what security and risk means for their organisations as they become digital businesses. To address these challenges head on, our research strongly recommends that CEOs consider the role the digital risk officer (DRO), which is a new role or an expanded set of responsibilities for the chief information security officer (CISO). As organisations, marketplaces, customers and every other factor impacting our strategy constantly change, new opportunities and risks inevitably present themselves to CEOs and senior leaders. New roles with defined responsibilities are often created to focus the necessary time, resources and expertise on these issues so that, putting it simply, something gets done about it. These roles are sometimes transient, or a way of defining a specific additional focus for an existing senior leader. Either way, the title of Digital Risk Officer acts as a rallying flag within the organisation for all these initiatives to coalesce in one place. And rather than own a specific new initiative, which inevitably causes friction within the C-suite, the most successful executives instead focus on coordinating the multitude of activities and direct efforts in one coherent direction.

It’s all about focus CEOs need to task the DRO to investigate the risk implications of digital innovation and the level of risk that is acceptable across the organisation in a world of increasing digitalisation of both physical and virtual assets and processes. The assessment of risk needs to span the digital business from one end to the other, not in isolated pockets such as products, business units or traditional channels. It must be across the entire process to be successful. To be successful, the DRO needs a deep level of understanding of the Internet of things (IoT), operational technology (OT), physical security, information security, privacy, business continuity management and risk. The DRO needs to understand the entire digital platform of the organisation. In many organisations the CISO may assume these expanded responsibilities, but may not continue to report to the CIO.

What next?

Digital risk and security is only one of several capabilities that CEOs need to re-evaluate, assume accountability for and then assign specific responsibility for to a leader within their organisation. Digital business requires an added set of capabilities as a CEO. Gartner believes the rapid digital change around us leaves every CEO with only 24 months to develop a digital strategy, reassign and/ or expand corporate responsibilities and start executing change. A recent article in the Wall Street Journal noted that experienced CISOs with these skills are now commanding $1M+ packages. It’s clear that the size of the challenge does not match the number of professionals who are qualified to help, which creates a high price for this scarce competence. So there’s no time to lose. Is this on your all-day meeting agenda? www.cnmeonline.com

GULF ENTERPRISE MOBILITY EXHIBITION & CONFERENCE

MOBILITY & SECURITY STRATEGY FOR MIDDLE EAST GOVERNMENT & ENTERPRISE www.gemec.ae

26 - 28 APRIL 2015 Dubai World Trade Centre

Secure your place

Ayusha Tyagi

Organised By

To further your competitive positioning and showcase your solutions to a qualified audience of industry decision-makers, please contact:

Co-located

Conference Manager Tel: +971 4 308 6747 Ayusha.Tyagi@dwtc.com

Mundhir Al-Hakim

Conference – Sponsorship Tel: +971 4 308 6201 Mundhir.AlHakim@dwtc.com

Diamond Sponsor

Official Publisher

Rintu Mathew

Conference – Sponsorship Tel: +971 4 308 6037 rintu.mathew@dwtc.com

Official Partner Airline

Official Travel Partner

PRODUCTS Launches and releases

PRODUCT OF THE MONTH

PRODUCT WATCH A breakdown of the top products and solutions launched and released in the last month.

Product of the Month: Chromebook 2 Brand: Toshiba What it does: Chromebooks are here! It seems like most PC manufacturers are coming out with some version of a Chrome OS enabled ultrabook. Toshiba is no exception, coming out with its second shot, the aptly named Chromebook 2. The Chromebook 2 is a slightly slimmed down version of its older brother at 32 cm wide by 21 cm deep by 2 cm thick. The screen is bright, at 340 nits and the audio speakers are tuned by Skullcandy. Other features include an HD webcam with a dual-mic array; one USB 3.0 and one USB 2.0 port; a full-size HDMI output; a headphone/mic jack; an SD/SDHC/SDXC card slot supporting cards up to 2TB; and 802.11ac Wi-Fi and Bluetooth 4.0. What you should know: Chromebooks are usually known for their affordability, not necessarily their performance. Hovering at a cost of around $300, often, corners are cut to keep costs low and portability high. Toshiba has made a few compromises, but still manages to deliver a wide, bright screen and a few additional bells and whistles. At $326, the Chromebook 2 canâ&#x20AC;&#x2122;t be overlooked while searching for a relatively powerful machine for travel. 76

february 2015

www.cnmeonline.com

Product: G Flex 2 Brand: LG What it does: The LG Flex 2 boasts a 6-inch display, and 13 megapixel camera. It has a Corning Gorilla Glass face and runs on Android OS. It claims to have about 15 hours of active talk time in its battery. A significant improvement on the 2013 LG Flex pairs Qualcomm’s latest 64-bit Snapdragon 810 processor with a Full HD display. What you should know: The LG Flex 2 doesn’t look like other phones. It doesn’t even look like other LG phones. The strange qualities of the G Flex do not stop at its bend, however. The phone also boasts a self-healing back. The result of these two unique features is – well – portability. In short, you can put it in your back pocket without worrying about your backside damaging the screen. At almost $750, that kind of protection is almost worth it.

Product: XPS 13 Brand: Dell

What it does: The Ultrabook market is booming with manufacturers attempting to pack the power of a traditional laptop into a tiny frame. The XPS 13 from Dell has met the brief, both in terms of processing power and portability. The XPS 13 comes into two models, Full HD and Quad HD which both raise the bar for other Ultrabook manufacturers. Both units come standard with Windows 8.1 and 5th-gen Intel Core processors, but only the Quad HD model offers a touchscreen. The standard model’s battery life runs for 15 hours and the Quad HD lasts for just under 11 hours. What you should know: The XPS 13 is a small fry with a big punch at 2.6lbs for a Full HD and 2.8lbs for touchscreen Quad HD. Both come with carbon fibre composite palm rests, 1560 802.11ac Wi-Fi and Bluetooth 4.0 connectivity, two USB 3.0 ports, one mini DisplayPort, an SD card reader, and a 3-in-1 SD, SDHC, SDXC Card Reader. Dell has come very close to hitting all of the important points of an Ultrabook here. At $1,299 for the Quad HD model, the price is also not bad for its usability and portability. www.cnmeonline.com

Product: UP24 Brand: Jawbone What it does: Here we are in the world of wearables. This year will be the year that more and more people will invest in some kind of wearable technology. Jawbone has been in the game for a while, and its UP24 is its latest fitness tracker. The Jawbone UP24 wristband connects to your smartphone via Bluetooth and tracks activity levels, measures distances you’ve travelled, scans your food via barcodes, monitors your sleeping and can even connect to your home’s thermostat. What you should know: The UP24 is actually quite a stylish band. Jawbone has released a in a variety of designs and the band is made to be worn on the non-dominant wrist. The accompanying smartphone app is the portal for all fitness information gleaned from wearing the device. That being said, in that the band updates the app every 20 minutes via Bluetooth, it can be a wear on your phone’s battery life. The only worrisome thing to be aware of when purchasing an UP24 is that its successor, the UP3 is nearly ready for release.

february 2015

Top Security Risks in 2015 #1

Malvertisers will dole out trouble as they infiltrate ad networks Malware distributors have zeroed in on a fast and effective way to infect millions of users: malvertising. With malvertising, cybercriminals distribute malicious code through online advertising networks. Because the malware-laden advertisements are hosted by legitimate websites and the ads constantly change, traditional security tools that “black list” malicious sites cannot easily block malvertisers’ ads. Malware-laden ads often silently infect machines without users’ knowledge. To prevent malware infections, organisations should install anti-malware software on client machines and enforce security controls on clients’ browsers. Advanced threat protection platforms can also help detect malware in web traffic. Since many web-based advertisements are now delivered over SSL, organisations should decrypt and inspect encrypted traffic.

A new DDoS amplification attack will emerge Over the past two years, cybercriminals have exploited DNS and NTP servers to amplify the size of their DDoS attacks. With DNS and NTP amplification attacks, an attacker impersonates the attack target and sends a small request to a reflector, which is a server that replies with a much larger response to the victim, flooding the victim’s network. DNS amplification attacks can increase the size of DDoS attacks by up to 54 times, while NTP amplification attacks can magnify DDoS onslaughts by a factor 78

february 2015

of 556. But DNS and NTP are not the only culprits of amplification attacks. Attackers can also leverage SNMP, NetBIOS, and other protocols to launch amplification attacks. Amplification has contributed to the escalating size of DDoS attacks. To protect against amplification attacks in 2015, organisations should deploy security equipment that can mitigate largescale DDoS attacks.

Traditionally ‘secure’ infrastructure such as VDI will be compromised Compared to traditional desktop infrastructures, VDI provides a host of advantages; organisations can lower hardware and operating costs, support BYOD initiatives, and bolster security. Since all data is stored in a central location rather than on endpoint devices, VDI reduces physical data theft risks. However, desktop virtualisation also exposes new security challenges. Organisations often host multiple desktops with the same operating systems and the same set of applications on a single physical server. We predict that in 2015, attackers will execute more brute force attacks and conduct new and creative attacks on virtual desktops. To protect VDI environments, organisations should implement operating system or application isolation.

The Internet of Things (IoT) will expose new security risks More knowledge and convenience is not always a good thing. The Internet of Things (IoT) promises to make our lives easier, but without proper safeguards, it also opens us up to an array of new security threats. Even

Glen Ogden, Regional Sales Director, Middle East at A10 Networks

though IoT is still in its early stages, the number of devices connected to the Internet is growing, thereby increasing the potential for attacks at any time. To reduce risks associated with IoT devices, consumers and businesses alike should investigate how the device is accessed and whether it stores sensitive data. They should avoid installing unknown software and, whenever possible, configure strong passwords on devices.

POS systems will continue to be under fire, but Smart Cards will come to the rescue Retail breaches overshadowed virtually every other attack vector in late 2013 and 2014. The culprit behind these breaches: malware infections on pointof-sale (POS) devices. Using a variety of techniques, hackers are able to install malware on POS systems. The most advanced malware strains can actually capture data from inter-process communications, quickly zeroing in on payment card data. While we predict that these attacks will continue, the migration to chip-and-pin smartcards towards the end of 2015 will make it harder for hackers to monetise the data stolen from POS systems. They won’t be able to use fake magnetic cards and will primarily be relegated to online payment fraud. What should organisations do to prevent POSbased breaches? They can protect POS systems from malware using whitelisting, code-signing and behavioural techniques, harden systems against compromise by controlling who and what can access POS terminals, and monitor for infiltrations with advanced threat prevention platforms. www.cnmeonline.com