ISSUE 03 | AUGUST 2013
industry focus A CNME supplement
.GOV How government entities can use IT to improve services
Inside Cyber security Smart cities Oman ITA
government special
Evolve Enable Outlast
Design Implement Support
Meet the leading ICT & physical security solutions provider in the Region
Evolve Enable Outlast
SecureTech, since inception has helped its customers build, sustain and secure their businesses with cutting edge ICT and Physical security solutions. To know more about our offerings, please visit our website or speak to one of our customer service representatives, who would be glad to assist you.
www.securetech.ae | info@securetech.ae | +971-2-4121000 | fax: +971-2-6417171
Contents
04
08
06 04
06
Gifting graduates To further enrich the employment opportunities of Omani graduates, as well as improve the state’s economy, Oman Information Technology Authority (ITA) and GBM have signed a MoU, allowing selective graduates to enter immediately into a year’s work experience in the IT sector. One step forward, two steps back
Niraj Mathur, Security Practice Manager at GBM, believes that government entities in the Middle East are lagging behind in security awareness surrounding new technologies.
10 08
10
Leading the way Miguel Khouri, General Manager, Abu Dhabi & Yemen, GBM, says the future is bright for the Middle East as government leaders continue to encourage innovation in areas such as dynamic infrastructure, converged IT and smart cities. Securing the future
As cyber threats continue to become more dangerous and prevalent, SecureTech has positioned itself as a leading partner in the region’s fight against sophisticated attacks. Issue 03
Industry Focus
3
Oman ITA
Christopher Lloyd, Country General Manager, Oman Operations, GBM
Gifting graduates To further enrich the employment opportunities of Omani graduates, as well as improve the state’s economy, Oman Information Technology Authority (ITA) and GBM have signed a MoU, allowing selective graduates to enter immediately into a year’s work experience in the IT sector. 4
Industry Focus
Issue 03
P
roactively, the Omani ITA has set itself the task of increasing the employment capabilities of local graduates in the information sciences sector, as well as improving the general economy of the state by allowing more locals to compete for higher paid jobs. ITA has collaborated with GBM on this project, which will offer a unique training platform for the chosen graduates. GBM’s sponsorship of the internship will last for a single year, providing the student with hands-on learning activities, opportunities for specialist certification and work place experience. Moreover, GBM is set to conduct a training course at Sohar University, focusing on IT fundamentals; cloud computing, virtualistation, project management and work ethic. “The thought process started with a problem that the government of Oman was facing; increasing the competitiveness of Omanis,” says Christopher Lloyd, Country General Manager, Oman Operations, GBM. “Around five years ago, you’d issue a tender in Oman and receive four responses. Now, you get about 20 responses – three from Oman and the rest from around the Gulf. So this meant it was getting much harder for Omani businesses to be effective – the competition was striking.” Lloyd says Oman, as a state, needed to be productive in the work place while granting the necessary skills to graduates in order for them to be competitive on a global scale. “We went away and looked at a number of IT skills that could provide graduates with the tools needed to increase their competitive edge. We thought we could make this possible by process of certification, on-the-job experience, and personal monitoring.” The idea was to take the graduates, assist them for 12 months and hope that they’d be confident and capable of building their own business, therefore, pushing the services of Oman. Alternatively, they could move into vendor companies, locally or abroad, and by sending money back into the country, they’d be helping the economy. GBM says that the ITA was very keen on these initial plans, and they worked together for a period of around three to four months to piece together a selection process for the students. The final elements
of the project were only confirmed in the last month, and the deal itself was officially signed between the two not long after. “It’s a deal for 12 students per year to have paid employment with training and on-the-job experience. At the end of the year they will have the capabilities to set up a business with the ITA or they can stay with us, here at GBM. Alternatively, they will be far better placed to go solo into the market place,” explains Lloyd. “The initial problem businesses have at the moment, with hiring locals, is that you train them up and then after a year they leave. But that’s not a bad thing, necessarily, if you do a good job and they go out and increase the skills level of the market. Once we got our heads around this concept, we wondered how we could come to an agreement on how to cross integrate.” ITA will provide the funding which GBM needs in order to complete the training, and incorporate the student bodies. “We have two streams of training set up; Big Data is one, and system management and security is another. The idea is not to focus on any particular vendor during the programme, but to focus on open source as much as possible,” Lloyd says.
Choosing the right skills As previously mentioned, IBM and GBM wanted a keen focus on Big Data for this programme, as the ITA believes that Oman has the potential to be a regional leader in this space. “We could try to compete with all other regions in the Big Data area – that would be hard enough. So training people specifically on Big Data is a great idea, because there really is a need for it here. “Oman has a great amount of data readily available as well as the opportunity to jump start on the rest of the world. The availability of data and the availability of the skills will prompt the western world to take notice of Oman, and perhaps invest here, because it is a fantastic opportunity,” Lloyd boasts. Lloyd claims that most believe that Big Data is all about social media, but they’re wrong. He says that it’s more about dealing with data today that you may have previously thrown away. This lack of education is set to be addressed during the project. “Take medical for example – there is a ton of data here in the hospitals and it’s not locked up. So by linking up with the
It’s a deal for 12 students per year to have paid employment with training and on-the-job experience. At the end of the year they will have the capabilities to set up a business with the ITA or they can stay with us, here at GBM. Alternatively, they will be far better placed to go solo into the market place.” He adds that GBM nor IBM hasn’t selected any specific students as of yet, except for two students which have “jumped the gun” of the selection basis. “We have to announce the programme and let applicants apply, so that it’s fair. We choose a number of institutions, make a formal announcement, lay down the factors of the programme, and if a student is interested they can simply send their application to the ITA, which then shortlists the top 20, categorised by GPA, etcetera. Following this, we narrow it down to around five people and choose from within those five. After all, it’s a government process, so we can’t be seen to be cherry picking.”
government you’ve got a huge opportunity. This can make Oman completely different. If you could reduce diabetes through tests, you’d make a huge saving to the government in terms of medical care, as well as improving the health of an entire country.” Prospects for students This opportunity is only for a select few, however the initiative is something will be very intense and focused for only a short amount of time. If IBM, GBM, and the ITA believe that they can collectively increase skills to the professional industry level in one year, then the Omani business landscape could look fairly different in the coming 24 months. Issue 03
Industry Focus
5
Security insight
One step forward, two steps back Niraj Mathur, Security Practice Manager at GBM, believes that government entities in the Middle East are lagging behind in security awareness surrounding new technologies. The increased pressure from management to deploy up-to-date solutions with gusto has made it difficult for IT departments to maintain a strong level of security.
6
Industry Focus
Issue 03
T
hough he does see these trends becoming big players in the government sector and surrounding verticals – businesses need to be more educated on compliance and regulations. Do you think government entities are ready to fully embrace current trends such as mobility and social? I think there is a definitive prowess in social media, with specific benefits when faced in the right direction. The challenges are that it’s difficult to find a balance of freedom of use and control. Certain organisations see social as a
moving train; they need to block some things which appear down the line and then allow some things – it’s about striking the correct balance. Around 36 percent of businesses don’t risk social at all, a third have semirestrictions, and I think that will begin to grow. People are starting to realise how they can utilise social media and apply it in business, so the adoption will improve. In regards to hackers though, they can easily use this as a tool to gain information from you, and government entities know this. Technology, therefore, needs to be more granular so that they can ease security issues while addressing the needs of the business.
Are there more holes in social applications and network than traditional technologies? Yes, this is a casing point of the pot holes in social. Today, we ask security questions when you making online banking transactions, for example, and these questions are very common; date of birth, mother’s name, birth place, etcetera. All of the answers to these can be found on social media profiles. This is a great opportunity for hackers, and this is the great fear for entities. This comes back down to the balance – we cannot completely close social media in government spaces, but we cannot open it completely either. Like Facebook; this needs some kind of restrictive blocking for government entities. As a business you need control of what’s happening with each employee, as well as allowing them to be free.
The other element is education. In a business sector like government, it’s common that the user won’t understand that something is unsecure. You need to educate these people – IT security and business users need to reach a more common ground.
Is the education level different here than in other parts of the world? Yes, a lot of companies have allowed users to connect to mobile devices and embrace social sites but have not deployed the security measures. They are catching up, but at this moment in time there is a gap in allowing people to be active users and deploying the right security measures. This is driven from the top, mainly. If management wants something done then you have to do it. What impact does mobility have on all of this? We’re talking about something which is already highly populated in the Middle East. 80 percent of business allow employees to connect to business applications from external devices. If someone is comfortable with a tablet, then they will always want to use that – so as a business trend, that’s already here. But yes, this does open up more security challenges. Yesterday you had a laptop which was the responsibility of the IT department, tomorrow your tablet is totally your responsibility. You can browse in a coffee shop and download malicious software without even knowing.
The risks are visible in every part of the world, but there are a few that I see which are more common here. Lack of formalised processes and awareness in order to deliver post-breach processes, for a start. It’s becoming far more important to be proactive in security.”
The right steps need to be taken to mitigate the risks.
Are government entities embracing these trends more or less than other sectors due to security? I would say that government entities, on a general note, are lacking behind the financial sector or the defence sector when it comes to adopting the right technologies.
Can you think of any risks which are specific to this region alone? The risks are visible in every part of the world, but there are a few that I see which are more common here. Lack of formalised processes and awareness in order to deliver post-breach processes, for a start. It’s becoming far more important to be proactive in security. You need to follow simple steps – if a hacker tries to get at you, he will. These steps need to be taken, there can be no excuses. If you’re breached by something new that only the hacker knows about – a targeted attack – then that’s fair enough. But being breached by simple things like default username and password, which is something that happens here in the largest organisations, isn’t good enough. The need for awareness is high – we cannot just do a check list of compliance, we need to be proactive, more aware, and more trained.
And whose responsibility is this? Vendors will always try and preach, but I believe that when an organisation comes together with another organisation of the same cloth, then collaboration happens and they can achieve more. When a bank speaks to another bank, or when governments talk to each other and share their experiences and practices, more people learn about what is relevant. There needs to be more collaboration here in the Middle East. Issue 03
Industry Focus
7
Interview
Leading the way Miguel Khouri, General Manager, Abu Dhabi & Yemen, GBM, says the future is bright for the Middle East as government leaders continue to encourage innovation in areas such as dynamic infrastructure, converged IT and smart cities.
How fast and well are governments in the region transitioning to a dynamic infrastructure? Today we see a lot of government sectors adopting consolidation, virtualisation and cloud. Basically, it’s all about having one infrastructure which is dynamic and can cater to the needs of the market and the customers accordingly in order to have a faster implementation. GBM today is helping customers with offerings of IBM, using a cloud-based infrastructure so that it can meet the customers’ requirement, and also customise solutions that will cater for the workloads and specific services around it. The cloud-in-a-box solutions and customisations of cloud offerings, such as storage, servers and workloads, fit customer needs today. In addition to that, we are leveraging the cloud to speed time-to-market and improve efficiency, and we are also unlocking the power of Big Data to deliver more to the customers’ needs and intelligences, as well as providing the security to protect the critical information for our customers.
How have Middle East governments so far embraced the paradigm of converged infrastructure, and to what extent is it the future of government IT? Converged infrastructure is moving steadily into all enterprises and governments. We are seeing this evolving, and leveraging this converged infrastructure with customers and governments is becoming a necessity and a business requirement. The idea is to plan and roll computing, storage and networking into a self-provisioning tool, and utilise resources that can be preconfigured to drop into the data centre. As a result, it is up and running in just hours or days rather than weeks or months. This is certainly going to continue — more government sectors and entities will have to adopt this converged infrastructure.
Miguel Khouri, General Manager, Abu Dhabi & Yemen, GBM 8
Industry Focus
Issue 03
What are the key technology trends affecting Middle East governments right now and in the coming years? E-services, security, mobility, cloud, and business analytics are the main
trends of today. It depends from one entity to another, but I think cloud and security are at the top of every customer’s agenda.
How do you rate the level of innovation in the government vertical compared to others in the region? Governments, specifically in the UAE, have a lot of initiatives in place to adopt new technologies. The UAE is leading with new initiatives around smart cities. I think we will see this evolving in the market, and especially in the government. However, to be fair and from a market perspective, government today is still behind other industries, for example telcos, banking and finance. However, I believe they will be catching up very fast.
Your work revolves around products by IBM and Cisco, who are both placing a big emphasise on smart cities. What is GBM’s stance on smart cities? We are continuing to build our capabilities around smart cities. We are doing this by leveraging software intelligence to offer municipalities, authorities and other government entities the needed information to control and enhance the security and level of services offered to the customers, who are basically the citizens of the city. We believe that smart cities will be a top priority for government entities, and initiatives will increase in the coming five to seven years. At GBM we are leveraging what IBM and Cisco offer from an infrastructure and solution perspective, to integrate the public safety, water, energy, transportation, buildings, cameras, you name it, to make sure that, with these solutions, we enhance the experiences of the citizens of the cities.
Are you ready to do that today from a system integration perspective? We are ready to do that today from a SI perspective, and are continuously building as we go. However, IBM has many initiatives that are being deployed in Europe and the US, which have really enhanced the experience of the citizens. We’re hoping with some of the sponsorships of the governments, and also with IBM being part of the local system integration solution planning and design, to get this experience into our cities here in the Middle East.
Smart cities require all of the verticals to come together in a collaboration, which is a little unheard of in the Middle East. How will that happen? It has to be driven by the government. Today, the governance, strategies and collaboration between different entities have to be sponsored by the government, and the evolution to smart cities will not be different. As an SI, we are looking to transform the technology that is available today, making it usable in a smart city landscape. The evolution to smarter cities requires collaboration in any region. Collaboration and cooperation among different entities under the umbrella of governance is key, along with the appropriate technology that serves the purpose and goal of the government. Most importantly, we are seeing most of these initiatives coming from governments, specifically in the UAE, who are leading different entities to collaborate. Do smart cities provide an opportunity for Middle East government to stand side-by-side
At GBM, we believe the public sector is going to lead the trends in the region. When you have government leaders who are really passionate and believe in technology to serve the country, you just have to follow them and make it happen.”
with other governments in the world and really take a lead? Smart cities do provide an opportunity for Middle East governments to stand side-by-side with other governments in the world, and yes also take the lead. If we’re talking about the UAE, I believe we have the wisest and smartest leaders. You can read every day in the newspapers about initiatives that have been really driven by the leaders of the country. This smart cities concept requires a lot of infrastructure and integration readiness. The data has to be ready so that you can easily collect it. It is then possible to transform the data into information where a system, tool or application can analyse it and give the best decision making process. For example, this will make your experience driving on a street easier and faster by understanding from a CCTV camera how long a traffic light will take to change. The tools are available, but there is room for improvement regarding infrastructure, governance, and cooperation and coordination between the entities, which we do see happening.
What is your overall message to governments in this region? We have been working for a long time with the government and public sector at all levels, and over the last two years we have invested heavily in relationships, technology and subject matter experts. We have also invested in solutions that will benefit the government and public sector. At GBM, we believe the public sector is going to lead the trends in the region. When you have government leaders who are really passionate and believe in technology to serve the country, you just have to follow them and make it happen. The important thing is we have to be close to the customers and bring in experiences from elsewhere when it makes sense to the country. This is GBM’s role today — offer best-of-breed solutions from IBM, Cisco and all of our partners. We spend most of our time with customers, we can understand their pains and concerns, and accordingly implement the solutions that will fit their needs.
In Depth
Securing the future As cyber threats continue to become more dangerous and prevalent, SecureTech has positioned itself as a leading partner in the region’s fight against sophisticated attacks.
Abdullah Al Neaimi, CEO, SecureTech
S
ecurity has shot up the priority list of CIOs from large enterprises and governments as the world continues to witness the effects of countless breaches on top entities. Just last year, oil giant Saudi Aramco suffered a very serious and public cyber attack, which f loored 30,000 machines. This was a sophisticated and organised act of cybercrime. 10
Industry Focus
Issue 03
The growth of targeted attacks has been documented in the global press, but the severity is possibly understated. Last year, the former US defence secretary, Leon Panetta, said that a “cyber Pearl Harbour” could one day take place. Others have since stated that cyber warfare is as much a priority as physical acts of terrorism. So serious is the risk that many government bodies are now recruiting the services of dedicated cyber-
security officers to keep a full-time eye on assets. In the UAE, SecureTech has taken a lead and positioned itself as a leading system integrator to help governments protect themselves from these threats. It is one of the largest companies in the UAE, 100 percent locally owned, and considered a leading systems integrator providing diversified solutions in the physical security and ICT domains.
“We have entered into partnership agreements with various international vendors in the areas of cyber security,” says Abdullah Al Neaimi, CEO, SecureTech. “This is necessary being a systems integrator. “Our goal is always to collaborate with these vendors to offer end-to-end cyber-security solutions to both public and private sector customers in the region in order to help them protect critical data and infrastructure.” In the past decade, SecureTech has delivered some of the largest and most complex physical security and ICT implementations in the region. It has an end-to-end delivery team of professionals and a very vast and unique range of international partnerships to deliver cutting edge technology regionally. The company’s portfolio of offerings includes a detailed range of solutions for cyber security, network forensics, digital forensics, mobile forensics and various technologies for correlation and analytics. “These international partners have a lot of experience in the development of solutions used in the protection of critical assets from cyber-threats while SecureTech has a lot of experience working with local enterprises,” Al Neaimi says. “To us, these are win-win arrangements where we work with well-known international brands to develop custom solutions that respond to the ever changing threat landscape of cyber-security.” Various e-government programmes in the UAE have resulted in an increasing level of services being offered to the public through the Internet. The integrity of the data and the information infrastructure on which they depend requires deliberate efforts for protection from various threats. As the threat landscape is everchanging, a process-based approach that quickly responds to real and potential threats is required, Al Neaimi notes.
“My experience is that UAE governments are not only at the forefront of providing protection to its own data and the infrastructures they run on,” he says, “but that they have developed frameworks by which even the private sectors are required to comply. “Best practice is always defencein-depth. This means implementing a layered approach to information security.” SecureTech highlights three best practices that all companies should carry out to keep protected. The first is practical policies in the use of information systems within the company. Policies must have “teeth” in them that act as deterrents to any non-compliance, Al Neaimi says, and procedures must also be put in place to provide the guide on how to respond should an attack occur. The second is training and awareness. According to Al Neaimi, all employees should be made aware of the threats, vulnerabilities and risks associated with cyber security, and these should be conducted and assessed periodically. Finally, software and hardwarebased technical solutions — from anti-virus to firewalls — should be implemented by qualified professionals, SecureTech advises. Being a strong system integrator means SecureTech can leverage the premium relationships it has with vendors to custom-make solutions for its customers, Al Neaimi says. “Our customers trust us to recommend the best solution for them,” he says. “We help our partners understand the requirements of our customers. This trust brings about confidence when we work with our clients to provide them with solutions.” “The partnerships are significant as issues of cyber security are bigger than just one company. It is for this reason that we have several vendors of information security products” As a 100-percent locally owned
CEO PROFILE Eng. Abdulla Al Neaimi is the Founder and Chief Executive Officer of SecureTech LLC, a market leader in ICT and Physical Security Solutions. A seasoned professional with a prime focus on technology and deep knowledge in domains like finance, operations and human capital investment, Al Neaimi has been the visionary behind the success story of this organisation. In 12 years of leadership, he has led the company to successfully gain credit for the top three ICT integrations in the UAE and five of the major physical security projects in the region. His Bachelor degree is in Computer engineering from the Florida Institute of Technology, and he also holds a Masters in Business administration from UAE University. He is currently pursuing his Doctorate in Business Administration at UAE University. and operated company, SecureTech’s is able to offer customers a different approach, which has helped it grow from only 11 staff a decade ago to over 500 today. “We just do not integrate the products, we offer solutions,” Al Neaimi says. “We like to think of ourselves as client or customer driven. Our customers, whether government or enterprise, can depend on us to find the best solution wherever they might be and to tailor a solution that best meets their environment. “We do so by working with customers to identify their requirements and then matching these requirements to solutions that are out there. Our goal always is to offer a full portfolio of solutions to our clients.” Issue 03
Industry Focus
11