ISSUE 38 \ JANUARY 2022
OUTLOOK
2022
IT leaders share top predictions
checkmarx.com
Know Your Modern App Development Risks? Find out what you don’t know A common way cybercriminals breach enterprises is by finding security vulnerabilities in the applications they develop. Yet, most enterprises have not found a way to integrate security into there dev (or development) pipelines and eliminate flaws that might lead to data breaches. BREACH PROOF YOUR SOFTWARE TODAY
CONTENTS
44 PRODUCTS
OUTLOOK
2022
IT leaders share top predictions
24 14
THINK GREEN
34 TO LOOK OUT 36 ITFORTRENDS IN 2022
EVOLUTION 24 THE OF RANSOMWARE
37
THE BRAINS BEHIND 28 THE DIGITAL TWIN
TECH TRENDS SHAPING THE 40 SECURITY SECTOR IN 2022
32
42
PUBLISHED BY INSIGHT MEDIA & PUBLISHING LLC
NEWS
AUTOMATION IS A GAME 34 WHY CHANGER FOR SECURITY
22 BANKING ON THE GO
DIGITAL LABRADOR FOR NEXT-LEVEL CYBERSECURITY
6
THE RISE OF PREDICTIVE DEFENSE
TOP PREDICTIONS FOR SUPPLY CHAIN MANAGEMENT
ORACLE’S SECOND CLOUD REGION IN THE UAE GOES LIVE MCAFEE AND FIREEYE JOIN FORCES TO FORM NEW XDR BUSINESS TRELLIX MICROSOFT UNVEILS NEW RESEARCH AND TECH TO EMPOWER FRONTLINE WORKERS JANUARY 2022
CXO INSIGHT ME
3
Security Analytics at Cloud Scale Securonix breaks the rules of traditional SIEMs with analytics-based threat detection, cloud-native architecture for effective, scalable cloud monitoring, and simplified management with an as-a-service model. Sheik Abideen
Chandni Rathva
sabideen@securonix.com
rchandni@securonix.com
00971529255052
+91 9228777377
For more information: www.securonix.com Follow us @securonix
© 2022 Secuonix. All rights reserved
EDITORIAL
WHAT IS NEXT?
A
t the beginning of every new year, I dust off my crystal ball and make predictions about what is on the horizon. The pandemic has fueled technology adoption and innovation in ways never seen before. Most of the trends we have seen over the last 24 months will continue to become well entrenched in enterprises, and most research firms such as Gartner and IDC forecast tech spending to grow in the range of 4-8 percent this year. My first prediction is cybersecurity will become the number one priority for companies this year. The rapid adoption of new technologies has opened up new threat avenues, and ransomware attacks have reached near epidemic levels now. The massive shift to remote work, adoption of SaaS applications and new regulations have made it imperative for enterprise to rethink their strategies and allocate more budget to cybersecurity. In 2022, we will continue to see increased AI and machine learning investments as companies look at new ways of improving business processes. Though many AI and ML projects have failed to deliver in the past, mainly because of failures in execution, no
one can ignore the core value it brings to the table – making better business decisions. This year, the shift to data-driven enterprise will pick up steam and organisations will look to differentiate through the use of their most underutilised asset – data. The pandemic has reinforced the need for better connectivity to keep businesses running. In this context, many CIOs will look to harness the power of 5G, which promises to unleash some really transformative applications for the enterprise. We can expect to see custom, private 5G networks to mushroom, enabling IoT applications and smart factories. The cloud is already a thing in the Middle East, and now with the availability of regional cloud infrastructure, the sovereign cloud is coming. This will remove all the existing regulatory hurdles, making it easy for public sector entities to embrace a fluid and dynamic infrastructure. In the last two years, the key learning for all of us has been the need to build business resiliency and expect the unexpected. I think that will become the new norm, and I am hopeful that 2022 will be a better year for all of us.
Published by
Managing Editor Jeevan Thankappan jeevant@insightmediame.com +97156 - 4156425
Sales Director Merle Carrasco merlec@insightmediame.com +97155 - 1181730
Operations Director Rajeesh Nair rajeeshm@insightmediame.com +97155 - 9383094
Publication licensed by Sharjah Media City @Copyright 2022 Insight Media and Publishing
Production Head James Tharian jamest@insightmediame.com +97156 - 4945966
Administration Manager Fahida Afaf Bangod fahidaa@insightmediame.com +97156 - 5741456
Designer Anup Sathyan
While the publisher has made all efforts to ensure the accuracy of information in this magazine, they will not be held responsible for any errors
JANUARY 2022
CXO INSIGHT ME
5
NEWS
ORACLE’S SECOND CLOUD REGION IN THE UAE GOES LIVE
H.E Dr. Thani Al Zeyoudi, UAE Minister of State for Foreign Trade
O
racle’s second cloud region in the United Arab Emirates is now live. Located in Abu Dhabi, the new cloud region, and the previously launched region in Dubai will offer all Oracle Cloud services, including Oracle Autonomous Database and Oracle Cloud Applications. Oracle’s two cloud regions in the UAE will provide a secure, advanced, and agile platform for organisations to leverage the full potential of latest digital technologies
like Artificial Intelligence (AI), Internet of Things (IoT), Machine Learning, Blockchain etc. to achieve strategic business objectives. The availability of this secondgeneration digital infrastructure will act as a major catalyst for further accelerating the implementation of cloud technologies in the UAE. His Excellency Dr. Thani Al Zeyoudi, UAE Minister of State for Foreign Trade said, “Oracle’s decision to open a second cloud region in the UAE is a clear reflection of our nation’s embrace of digital transformation, advanced technologies and the applications of the Fourth Industrial Revolution, which have become central to our economic and investment strategy for the next 50 years. “We are committed to developing an innovative- and knowledgebased economy that encourages the development and deployment of the technologies of the future, and attracting human, financial and technological capital to the nation is central to these ambitions. Oracle’s continued investment into the UAE will only accelerate this process, providing critical infrastructure, expertise and insights
SIEMON JOINS THE ETHERNET ALLIANCE Siemon has joined the Ethernet Alliance, a global, non-profit, industry consortium dedicated to the continued success and advancement of Ethernet technologies. Global demand for bandwidth and connectivity to support the everincreasing number of connected devices and emerging technologies are pushing Ethernet technology innovation faster than ever before. As the premier industry voice for Ethernet, the Ethernet Alliance provides a forum for the open exchange of ideas and a platform for consensusbuilding to increase the advancement and adoption of Ethernet technology around the world. As a leading global 6
CXO INSIGHT ME
JANUARY 2022
John Siemon, The Siemon Company
manufacturer of high-performance IT infrastructure solutions and services,
to further elevate the UAE’s standing as a place where the boldest ideas and biggest projects can come to life.” Oracle Cloud Infrastructure’s (OCI) next-generation architecture provides a high-performing, resilient foundation for cloud services, while its physical and virtual network design maximises performance and security. For example, each Oracle Cloud region contains at least three fault domains, which are groupings of hardware that form logical data centers for high availability and resilience to hardware and network failures. Oracle is fully aligned with Abu Dhabi Digital Authority’s (ADDA) mandate of delivering digital services, platforms, channels, and implementation of applied intelligence and cybersecurity solutions for government entities. Oracle’s new cloud region in Abu Dhabi will help accelerate the authority’s efforts. As part of Oracle’s planned expansion of its cloud region footprint to support strong customer demand for Oracle Cloud services worldwide, over the next year, Oracle will open seven additional cloud regions in Spain, Mexico, Colombia, Chile, France, Israel, and Saudi Arabia.
Siemon is committed to providing innovative cabling and connectivity solutions that enable that advancement and adoption. “The Ethernet Alliance has long been committed to supporting Ethernet development through industry standards and multivendor interoperability. This falls perfectly in line with Siemon’s longstanding participation in industry standards and commitment to delivering standards-based, quality solutions,” said John Siemon, Chief Technology Officer. “Ethernet is everywhere, and we are extremely pleased to join this consortium of like-minded industry leaders all working together to expand the Ethernet ecosystem and educate markets worldwide about this technology’s expansive capabilities.”
MCAFEE AND FIREEYE JOIN FORCES TO FORM NEW XDR BUSINESS TRELLIX “Symphony Technology Group (STG) has announced the launch of Trellix, a new business delivering extended detection and response (XDR) to organisations with a focus on accelerating technology innovation through machine learning and automation. Trellix emerges from the previously announced merger of McAfee Enterprise and FireEye in October 2021. “We are incredibly excited to have Trellix in the STG portfolio,” said William Chisholm, Managing Partner, STG. “Customers can expect Trellix’s living security platform to deliver bold innovation across the XDR market.” The new name evokes the structure of a trellis, a strong and safe framework used
Bryan Palma, Trellix
to support structured growth of climbing plants and trees. Trellix will deliver its brand promise to build resilient and confident organisations through living security—security technology that learns and adapts to protect operations from the most advanced threat actors. “As today’s organisations push to achieve digital transformation, a strong security foundation is required to ensure continued innovation, growth and resiliency,” said Bryan Palma, Chief Executive Officer, Trellix. “Trellix’s XDR platform protects our customers as we bring security to life with automation,
machine learning, extensible architecture, and threat intelligence.” Trellix’s XDR ecosystem is designed to accelerate the effectiveness of security operations by providing customers with the capability to ingest over six hundred native and open security technologies. By providing security analysts with better insight, granting more control, and delivering comprehensive threat context, analysts can save time and act decisively to remediate threats. “The promise of XDR dramatically improves security efficacy, and the vendors that can deliver on that promise will capture market share,” said Frank Dickson, Program Vice President, Cybersecurity Products, IDC. “However, integrating context and delivering outcomes takes resources and work. It is a monumental effort made possible with the right security partner. With a combined product portfolio that spans endpoint, network, messaging, data protection, and cloud services, Trellix has an impressive multi-technology portfolio to address the promise of XDR.”
SCOTT BADER SELECTS INFOR FOR GLOBAL CLOUD UPGRADE
globally. Drawing on a century of tradition, it is a leader in the manufacturing of products for the composites, structural adhesives and functional polymer markets, offering a range of technologies and manufacturing capabilities for multiple market sectors. Following a thorough review of the market including customer references, Scott Bader chose Infor due to its commitment to cloud, the chemical industry vertical and the planning and production scheduling functionality of Infor CloudSuite Chemicals. As there are plans for third-party software integrations in the future, the superior integration capabilities of the Infor OS cloud operating platform were also a key factor in Scott Bader’s decision. Scott Bader chose a multi-tenant cloud deployment running on Amazon Web Services (AWS) to ensure the business can benefit from continual updates whilst maintaining a standardised software with minimal customisations. The initial phase of the deployment, set to be completed during 2022, will
help establish and roll out a set of standardised process templates across Scott Bader globally. “Seven strategic goals drive Scott Bader,” said Mike Findlay-Wilson, Group CIO at Scott Bader. “These include striving for excellence, developing excellent partnerships with customers and suppliers, protecting our environment and going beyond the demands of compliance. To achieve these goals, our business demands the best processes and an ability to stay continually up to date with the supporting technologies. Therefore, we have chosen to move to the cloud with Infor.”
Infor has announced that Scott Bader, the global chemical company, has selected Infor CloudSuite Chemicals. Delivered by Infor Consulting Services via a multi-tenant cloud deployment, Infor CloudSuite Chemicals, including the Infor OS platform, will replace an existing Infor M3 ERP solution. This initial, six-year agreement will help enable Scott Bader to standardise and harmonise a variety of core business functions for 380 users throughout North America, Canada, Europe, Japan, the Middle East, Australia and South Africa. Established in 1921, Scott Bader became the first employee-owned UK company during 1951. Now it employs almost 750 people across 7 manufacturing sites and 17 offices
JANUARY 2022
CXO INSIGHT ME
7
NEWS
MICROSOFT UNVEILS NEW RESEARCH AND TECH TO EMPOWER FRONTLINE WORKERS
M
icrosoft has released its Work Trend Index Special Report, “Technology Can Help Unlock a New Future for Frontline Workers,” and announced new features in Microsoft Teams and Microsoft Viva designed to serve millions of frontline workers. The Work Trend Index report reveals key insights that impact nearly every segment of the workforce: • A culture of caring is the new currency on the frontline: 76% of workers feel bonded to each other, yet over 60% say their company should better prioritise culture and communication from the top. In addition, 51% of those in nonmanagement positions on the frontline don’t feel valued as employees. • Frontline workers are at an inflection point: Amid the Great Reshuffle, frontline workers cite better pay and benefits, work-life balance, and flexibility
8
CXO INSIGHT ME
JANUARY 2022
as reasons for considering a job change. • Optimism for tech is high: 63% of frontline workers are excited about the job opportunities tech creates and tech ranks third on the list of factors workers say could help reduce workplace stress. • There’s an opportunity to bridge the tech and training gap: 46% of frontline workers feel pressure to adapt to new tech or fear losing their jobs — but 55% say they’ve had to learn new tech on the fly, with no formal training or practice. The company is introducing new joint offerings with industry partners as well as capabilities specifically designed to support frontline workers in Teams and Viva, Microsoft’s employee experience platform introduced in early 2021. Microsoft is deepening its strategic relationship with Zebra Technologies. The two companies are delivering the Teams Walkie Talkie app on a wide range of Zebra mobile computers, including a dedicated push-to-talk (PTT) button to access Teams Walkie Talkie functionality on Zebra devices. In addition, Teams Walkie Talkie digital PTT is now available on all iOS mobile devices in addition to Android. The company is enhancing Teams’ integration with Zebra Reflexis, which
connects the Reflexis Workforce Management solutions with the Shifts application in Teams. This new integration streamlines shift scheduling and time off requests in Teams, making them easy for managers to approve. Scheduled queuing for virtual appointments are now available in Teams, providing one location for realtime updates on wait times, missed appointments and staffing delays to create a transparent and stress-free experience for customers and patients. The Viva Connections app in Microsoft Teams links frontline workers to company culture, resources and tools, news and employee resource groups in the flow of work. Integrations with strategic partners such as Workday and Espressive make accessing important resources easier and put actions like payroll and HR resources in one location. The Viva Learning app enables frontline employees to discover, share and track learning content right from Microsoft Teams — making it easier for a company’s entire workforce to stay up to date on required and recommended training. New updates make it easier to assign learning from partner solutions like SAP SuccessFactors, Cornerstone OnDemand and Saba Cloud.
Level-up your marketing game with Toggll Marketing Services for businesses of all sizes
DEMAND GENERATION WEBSITE DESIGN & DEVELOPMENT
Scan to get your FREE Digital Brand Audit now! www.toggll.com/levelup
MOBILE APP DEVELOPMENT WHATSAPP CHATBOTS VIRTUAL EVENTS DIGITAL ADVERTISING SOCIAL MEDIA MARKETING CORPORATE VIDEOS CASE STUDY DEVELOPMENT CUSTOMER SURVEYS CUSTOMER EXPERIENCE STRATEGY
NEWS
ACI WORLDWIDE HELPS BANKS TO ALIGN WITH UAE’S NEW PAYMENTS SCHEME
G
lobal provider of real-time digital payment software ACI Worldwide has announced that it is working closely with national banks to help connect to the United Arab Emirates’ real-time payments scheme set to launch in October 2022. The UAE Instant Payments Platform (IPP) will enable instant transfers between bank accounts 24/7/365, with participation mandatory for all financial institutions in the country. The scheme will provide core payments and overlay services such as Request to Pay, built on top of the new instant payment rails. The UAE Central Bank expects to announce the technical details that will underpin the new scheme in the coming days. The UAE Central Bank has been actively promoting the modernisation of the country’s payments infrastructure for
several years; it now hopes to accelerate this process by implementing a domestic real-time payments scheme. IPP is part of the country’s National Payments Systems Strategy and aims to provide best-in-class payments services, promote financial inclusion, and increase financial stability in the UAE. “The announcement to build a domestic real-time payments scheme mandatory for all financial institutions is testament to the vision and ambition of the UAE Central Bank. It signifies the nation’s commitment to continue to elevate the country’s global recognition as a leading economic and financial hub,”said Craig Ramsey, Global Head of Real-Time Payments, ACI Worldwide. “ACI already has a large footprint in the UAE and is supporting some of the largest banks in modernising their payments infrastructure. As the
global leader in real-time payments, we know first-hand that real-time payments drive economic growth and promote financial inclusion. We are excited to be shaping the future of real-time with our stakeholders in the UAE this year.” ACI delivers mission-critical real-time payments software solutions that enable corporations to process and manage digital payments, power omni-commerce payments, process bill payments, and manage fraud and risk. ACI currently supports 17 real-time domestic schemes around the world, including Zelle and TCH in the US, and FedNow as it moves toward production.
permanent secretariat, and Huawei UAE, an OIC-CERT commercial member. Eng. Badar Ali Al-Salehi, the Chairman of the OIC-CERT said, “It has been eluded on many platforms and occasions that the only way to solve the ever increasing cybersecurity challenge is through collaboration. The OIC-CERT 5G Security working group affirms this viewpoint and we are seeing remarkable progress in addressing some of the security concerns around 5G in general.” A meeting between the co-chairs and the OIC-CERT secretariat team is planned for February 2022 in Kuala Lumpur, Malaysia, where the WG work plan for the year 2022 will be announced immediately after it is finalised in the meeting. The work plan shall address promotion and adoption of the 5G Security Framework within OIC community
and outline additional technical work needed to enhance the Framework. The document remains a work in progress due to 5G evolving technological improvements and new application scenarios and there are plans to give a technical presentation of the OIC 5G Security Framework during the GISEC in Dubai in March 2022, bringing the initiative to a full circle as the formation of the WG was also announced at the same event in 2021. The 5G heralds a new era of digital transformation. But with this progress comes new threats and vulnerabilities because of the vastly expanded attack surface. Adopting IoT, for example, will add a new set of challenges such as the security, safety, and robustness of cyber and physical systems. Therefore, there’s an urgent need to enhance cybersecurity measures proportionate to the threats emerging from digital technology advances. More than ever, cross-border collaboration is key to mitigating cyber threats and that is so true for OIC whose 57 member states are spread over 4 continents, a challenge that is exacerbated by the contrasting maturity of ICT adoption within the countries.
THE OIC-CERT 5G SECURITY WG ANNOUNCES NEW 5G SECURITY FRAMEWORK The OIC-CERT 5G Security Working Group (WG) has announced the completion of the core OIC-CERT 5G Security Framework in less than eight months after the initiative was launched. The Framework, now in the hands of the OIC-CERT, consists of a 5G security risk repository, a 5G security baseline technical specification, and a crossrecognition assurance methodology. The Organization of the Islamic Cooperation- Computer Emergency Response Team (OIC-CERT) is a platform for information sharing and developing cybersecurity capabilities for the members mainly among the Organization of the Islamic Cooperation (OIC) community. It is an Affiliate Institution of the OIC. The OIC-CERT 5G Security WG is jointly led by Cybersecurity Malaysia, the OIC-CERT 10
CXO INSIGHT ME
JANUARY 2022
NEWS
PROVEN DEBUTS ROBOTICS TECHNICAL SERVICES AND TRAINING CENTRE IN SAUDI ARABIA
P
roven Robotics has announced the launch of its first robotics and technical service centre in Riyadh, Saudi Arabia. The new service centre will help customers to enhance strategic sales and achieve their technical goals, while benefiting from end-to-end local support and expertise in robotics and advanced technologies. The new facility builds on Proven Robotics’ reputation of delivering efficient and innovative robotics solutions. It will offer a wide range of services including providing customers with original spare parts, onsite troubleshooting, inhouse maintenance from qualified and technically certified teams, as well as the installation and configuration of robots. “The GCC has made considerable strides in adapting and deploying
robotics solutions in line with government blueprints such as Saudi Vision 2030. However, aftersales maintenance has remained a challenge in the region and most robotics hardware is currently being shipped back to its country of origin for servicing,” said Zaid Al Mashari, Principal Proven Robotics. The concept of robots and humans working alongside each other is fast becoming the new normal,” added Al Mashari. “Opening a service centre responds to long-standing customer demands for improved after sales services response times, addresses market needs for advanced technological solutions and training and boosts human resources expertise within the Kingdom of Saudi Arabia.” As a first-of-its-kind service centre for Proven Robotics, the new facility strengthens the company’s operations within the region at a time when demand for advanced technologies is on the rise worldwide. The global service robotics market is expected to grow by $35 billion during 2021 and 2025 at a compound annual growth rate of 22 percent. Businesses are increasingly turning to
Zaid Al Mashari, Proven Robotics
automated solutions for support with day-to-day operations, contactless interaction, carrying out repetitive tasks, and leveraging productivity efficiencies. Despite the pandemic, demand for robotics solutions has been particularly high in transport, professional cleaning, medicine, hospitality, and industry. With its new service centre, Proven Robotics will continue to grow and expand its technical and support team. The facility will support the company’s customers as well as partners and suppliers within the region. Proven Robotics will continue to establish global partnerships with worldwide leaders in the robot manufacturing industry to ensure improved efficiency and support to keep automated systems functioning at optimal performance levels.
CHECK POINT RESEARCH: CYBER ATTACKS INCREASED BY 71% IN THE UAE IN 2021 Check Point Research (CPR) is sharing statistics of increases in cyber attacks on organisations in 2021. Last year, CPR saw a 71% increase in cyber-attacks per week on corporate networks compared to 2020 in the UAE, and a 50 % increase worldwide. The trend of increasing cyber attacks reached an all-time high at the end of 2021 after revelations of the Log4J exploit, peaking to 925 cyber-attacks a week per organisation globally, and 408 weekly attacks on organisations in the UAE. Less than a month after the world witnessed one of the most serious vulnerabilities on the internet, with millions of attacks per hour attempting to exploit the Log4J vulnerability, 2021 been a record breaking year in terms of 12
CXO INSIGHT ME
JANUARY 2022
cybersecurity. Back in October, Check Point Research (CPR) reported a 40% increase in cyber attacks globally, with 1 out of every 61 organisations worldwide impacted by ransomware each week. In 2021, education/research was the sector that experienced the highest volume of attacks, with an average of 1,605 attacks per organisation every week. Maintaining security hygiene Patching: All too often, attacks penetrate networks by leveraging known vulnerabilities that have a patch that has not been applied. Organisations should strive to make sure up-to-date security patches are maintained across all systems and software. Segmentation: Networks should be
segmented, applying strong firewall and IPS safeguards between the network segments in order to contain infections from propagating across the entire network. Educate Employees to Recognise Potential Threats: Quite often, user awareness can prevent an attack before it occurs. Take the time to educate your users and ensure that if they see something unusual, they report it to your security teams immediately. User education has always been a key element in avoiding malware infections.
GLOBAL VISA STUDY REVEALS UAE’S CASHLESS FUTURE IS IMMINENT
A
new Visa research study, the ‘Visa Back to Business Global Study – 2022 SMB Outlook’, found that 94% of consumers in the UAE said they will continue to use digital payment as much as, or more than, in 2021. Moreover, 96% of SMBs surveyed in the UAE (vs. 74% globally) said accepting new forms of payments is fundamental to their growth, signaling that digital payments are no longer about pivoting and surviving, but rather finding growth in new digital realities. “Payments are no longer about simply completing a sale. It’s about creating a simple and secure experience that reflects one’s brand across channels and provides utility to both the business and its customer,” said Shahebaz Khan, Visa’s General Manager for the UAE, Bahrain and Oman. “The digital capabilities that small businesses built up during the pandemic – from
contactless to eCommerce – helped them pivot and survive and by continuing to build on that foundation, they can now find new growth and thrive.” According to this year’s study, which surveys small business owners and consumers in nine markets – Brazil, Canada, Germany, Hong Kong, Ireland, Russia, Singapore, UAE and United States – the consensus outlook for 2022 is one of optimism and intent to digitise even more: The Path Forward in 2022 for SMBs in the UAE • Ninety-three percent of SMBs said they are optimistic about the future of their businesses, up by 5% since the 2021 Visa Back to Business global study. • A majority of small businesses in the UAE (71% vs. 59% globally) said they already are, or plan to be, cashless
in the next two years. More than half of UAE consumers (52% vs. 41% globally) plan to be cashless by 2024 and nearly all (99%) consumers see benefits of a cashless society. • All small business owners surveyed in the UAE (100% vs. 82% globally) said they plan to accept some form of digital payments in 2022, including crypto, with 35% (vs. 24% globally) indicating a willingness to accept currencies such as Bitcoin. • Of small businesses with an online presence, nearly all in the UAE (99%) attributed their survival through the pandemic to eCommerce, which accounted for an average of 58% of revenue. UAE Consumers Set the Tone in 2022 • Over two-thirds of UAE consumers (68% vs. 41% globally) saying they have abandoned a purchase because digital payments were not accepted, SMBs are wise to continue to grow digital payment acceptance. • Due to ongoing supply chain issues, 69% of UAE consumers (compared to 59% globally) are willing to buy internationally. The most important factor cited to help them feel more comfortable with international commerce is positive customer reviews (55%). This aligns to 86% of SMBs (compared to 50% globally) that plan to increase cross-border sales in 2022. However, a majority (96%) of UAE SMBs find it challenging to accept and process cross-border payments, demonstrating demand for faster, seamless, and secure cross-border payment solutions like Visa Direct. Digital Commerce Differences Globally • Only 1% of small businesses in the UAE expect their business will continue to accept cash compared to 39% of Canadian and 31% of U.S. SMB owners saying they will continue to accept cash. • Consumers in the UAE (60%), Brazil (52%) and U.S. (39%) intend to support small businesses even more in the year ahead.
JANUARY 2022
CXO INSIGHT ME
13
VIEWPOINT
ALAA BAWAB, GENERAL MANAGER, LENOVO INFRASTRUCTURE SOLUTIONS GROUP (ISG), MIDDLE EAST AND AFRICA, IDENTIFIES FIVE KEY AREAS WHERE ENTERPRISE DECISION MAKERS SHOULD FOCUS ON TO REDUCE THE CARBON IMPACT OF THEIR DATA CENTRE OPERATIONS.
W
ith the UAE being announced as host of the COP28 talks in 2023, and Saudi Arabia committing to reach net zero by 2060, environmental issues have never been higher on the agenda in the region. For many businesses, sustainability has joined efficiency, flexibility and resilience as their chief priorities. In the post-lockdown economy enterprises are embracing the opportunity to integrate sustainability into the fabric of their data centre operations, both as a business win and for the benefit of society, and to define their pathway to zero-emission computing. 5 priority areas for sustainable data center operations Sustainability isn’t only about taking
14
CXO INSIGHT ME
JANUARY 2022
incremental steps to reduce carbon emissions and resource consumption. It’s a mindset that permeates organisational culture, and as IT organisations, we have a collective responsibility to set the benchmarks and operate in a way that creates a positive impact on workforces, society, and the environment. Enterprise decision makers need to balance the growing demand for IT with rising expectations around environmentally responsible operations. Here are five areas of focus that can help align data centre operations with sustainability goals.
1
Reduce the resource impact of data Data is growing at an exponential rate. While the potential utility of data makes it a powerful asset, a lack
of strategy around its accumulation can quickly turn it into a liability. Currently, around 1% of global electricity is used to power data centres and as we progress towards a world where data is projected to grow to 463 exabytes of data created every day by 2025, electricity consumption could multiply rapidly. The energy impact goes beyond just the electrical. According to a US Government report, a data centre will need on average around 1.8litres of water for every kWh consumed, predominantly for air conditioning purposes. As part of reducing resource consumption, enterprises should consider moving the infrastructure that underpins their data operations, towards infrastructure built with energy efficiency in mind.
climate-change mitigation targets and generally measuring what matters most for the business and for society as a whole.
For example, we recommend Liquid Cooling Technology for larger data centers to reduce energy consumption by up to 40%, whilst maintaining uncompromised performance. More energy efficient servers benchmarked by SPECPower, and software platforms like Energy Aware Runtime (EAR) that manage power consumption, can also make a difference.
5
2
Create a circular product lifecycle The circular economy is the name given to reducing the use of materials and energy in manufacturing products and recovering as much of the end products as possible through reuse and recycling. In the data centre industry, many thousands of servers and other hardware are deemed to be ‘end of life’ each year. To reduce the risk of environmentally damaging waste, the industry needs to set a high bar in terms of recycling, reusing or repairing 100% of equipment stopping it from ending up as landfill. At Lenovo, we practice a ‘DesignUse-Return’ model to cover everything from products and packaging, manufacturing and operations and product take-back and value recovery. This includes services such as Lenovo ARS, which ensures responsible asset recovery and data disposal. We also use recycled materials and eliminate plastic, and are using sustainable materials such as sugar cane and bamboo, for packaging, to create a circular product lifestyle. This approach has led us to eliminate over 3,100 tons of plastic packaging waste since 2008.
3
Set aggressive targets Becoming a sustainable business requires accountability. This can be done by committing to stakeholders to meet high standards and industryrecognised sustainability standards. Once you set your targets, there’s no backing away. We discovered the
Alaa Bawab
success of this approach more than a decade ago, setting the 2020 target of reducing greenhouse gas emissions by 40% - a target we surpassed through a 92% reduction. We’ve now set our sights on a further 50% reduction by 2030. We have also signed up for the Science Based Targets initiative (SBTi), the first ever science-based Net-Zero Standard for emissions reduction which will combat the current inconsistencies that surround net-zero targets and enable consistent measurement and evaluation of a company’s emissions reduction.
4
Put measurement in place to track progress It’s vital for today’s enterprises to get data centre measurements under control. The range of metrics that can be tracked, such as water usage, electricity consumption and use of renewable energy, offer wide avenues for energy savings. Understanding how you’re measuring environmental efforts and what metrics you need to see moving in the right direction will help to show whether you are really making progress. At Lenovo we issue an annual report for ESG (Environmental, Societal and Governance) that ensures we are tracking our goals, meeting our
Optimise your supply chain Data centres, like any complex structure, are reliant on robust supply chains to replace any failed hardware. Unanticipated downtime can result in wasted energy, so companies need to consider their supply chains to cut costs, strengthen business and mitigate environmental risks. This includes incorporating transport methods and reducing the distance that products travel along a supply chain. By distributing production to more local facilities, such as we have done with our new factory near Budapest in Hungary, companies can cut the number of steps and dependencies required to get the product from factory to customer and lower the fuel consumption required as a result. Taking responsibility We try to embrace a sustainabilityfirst approach across Lenovo’s global operations. Our ethos of Smarter technology for All innately incorporates greener technology for all. Our endeavour is to build a better future where smarter technology continues to empower everyone, and that aim cannot be realised without making a positive impact on society and our planet. We recognise our responsibility to the environment and encourage and support all our customers, partners and stakeholders we work with to do the same. In taking a holistic view of sustainability, we recognise that there’s not one area or strategy that’s going to deliver the wide-ranging reduction in carbon emissions we seek. It’s also a constant process for improvement – it covers everything we do and is important for our business and everyone we work with.
JANUARY 2022
CXO INSIGHT ME
15
OUTLOOK 2022
What will be the top trends that will transform the Middle East tech landscape in 2022?
du
For the Middle East, 2022 will see several top trends that transform the technology landscape even further. First and foremost, demands for today’s emerging technologies will continue increasing exponentially, driven by customers and businesses across KARIM BENKIRANE all industries. Given the Chief Commercial Officer, du effectiveness of both full-time remote working and hybrid workplace environments, demands for technologies including 5G, AI, ML, IoT, and advanced data analytics will continue rising. At the same time, the telecommunications sector’s leading role in tech-based transformation will become even more prominent. Demands for telco services and solutions have never been higher than today, and operator’s efforts to broaden their respective scopes of fixed, mobile, broadcasting, and other essential offerings will also accelerate the tech landscape’s ongoing evolutions.
What are some of the challenges Chief Commercial Officers (CCOs) should anticipate in 2022? This is an excellent question and one that is important to consider for all CCO’s in the region. Although the tech landscape will never have been more vibrant or opportunistic than in 2022, all professionals that hold the position of CCO will have to overcome several key challenges to drive results for business and customers, while setting the company up for an ambitious growth agenda. We will need to push the boundaries of how physical and digital connect and build a seamless omnichannel experience for customers. We will be required to help take end-user experiences to the next level, with potential options here being to use data to increase personalization and building their partnership ecosystems to bring new projects to life. Other key challenges for CCOs in 2022 will include keeping pace with the latest technology trends and ensure that growth happens sustainably while building a seamless experience for our customers. We ensure that we make our products — the factory, the IT, and the channels — work in a more agile way so we can have more user stories and deliver more and faster initiatives. This is the foundation for how to keep our business strategy materialized and executed, delivering the outcome that we and our clients deserve.
How are you helping your customers navigate the post-pandemic business landscape? Ensuring customers continuously have the necessary tools, support, and resources at their disposal for not only navigating the postpandemic landscape, but also succeeding in it, is something du has prided itself on since this transition became apparent. These 16
CXO INSIGHT ME
JANUARY 2022
successful efforts continue today, something made possible and sustainable through several essential customer-centric actions. Firstly, we continue enhancing our portfolio of telco services and solutions at every available opportunity, introducing new offerings and use cases backed by the latest emerging technologies. Secondly, our 5G network rollout is helping to ensure our customers are availing communication capabilities with speed, latency, and capacity of the best possible standards. Thirdly, we are ensuring all du customers and clients have the support they need whenever required, 24 hours
Freshworks
What will be the top trends that will transform the Middle East tech landscape in 2022?
We see 2022 as the year of the chatbot. Regional businesses are having to re-evaluate the employee experience because now that talent has become a global market – thanks to the success of remote work – employees can be a lot more MANISH MISHRA discerning when selecting an Head, Middle East & Africa, employer. Bots augment the Freshworks employee, taking humdrum tasks off their plate and freeing them up to enjoy a more innovative and rewarding work life. Also, this year, expect to see the cloud march on, with greater adoption levels in SaaS and PaaS, now that companies have gained confidence in digital services. 2022 will witness companies continuing to deploy AI, cloud-based solutions and IoT infrastructure without owning a single server or proprietary piece of cognitive code. Modern no-code interfaces will become more popular as a lack of programming knowledge will cease to become a barrier to smaller organisations – allowing them to offer world-class customer and employee experiences through cloud technology.
What are some of the challenges CIOs should anticipate in 2022? As organisations accelerate their cloud adoption, CIOs will have to carefully navigate compliance, which has the potential to be a challenge. We find some countries are quite open in their regulations, but others are very strict. At Freshworks, we are working very closely with our customers, especially on data residency. New regulations such as UAE’s Data Protection Law and the recently issued Personal Data Protection Law in Saudi Arabia mandate the protection of customer data. CIOs will have to strike the fine balance between utilising data to personalise customer experiences and driving business insight, while ensuring they comply with new laws and regulations.
Pure Storage
What will be the top trends that will transform the Middle East tech landscape in 2022? There are two key trends worth focusing on:
•Cloud will dominate and cause tension There’s no denying that the cloud is a tremendous catalyst for innovation, providing businesses with a space to test out different techniques or PATRICK SMITH adopt a new technology early. EMEA Field CTO, Pure Storage But it is also a source of friction within organisations as the keen adopters and the cloud realists butt heads. These tensions will increase throughout 2022 as the CIO and CEO struggle with FOMO (fear of missing out) and rush to move everything to the cloud in an attempt not to be left behind. Those with a more balanced view on the cloud will find themselves at odds with the ‘move everything to the cloud’ mentality of the CIO and CEO. Cloud realists, who tend to be those lower down the food chain, risk being labelled nonbelievers and may be marginalised if they do not conform to the cloud enthusiasts’ way of thinking. • Kubernetes will not fall to the wayside in the face of nocode solutions Organisations expect the impossible from their data - they want faster insights on bigger datasets for a lower cost. The temptation is to think that no-code cloud based solutions can offer this, with some predicting the demise of Kubernetes in the face of a rising number of these solutions. This underestimates Kubernetes and container technology. Containers and Kubernetes are the driving force behind how the industry is reinventing the way we build and run applications, fuelling enterprise IT efficiency and agility; their popularity will only continue to expand in 2022. Supporting this we will continue to see the number of start-ups in the K8s ecosystem grow focussing on capabilities around security and observability. The biggest challenge for organisations, however, in this age of increased Kubernetes adoption will be the supply of developers with the knowledge and experience to work in this domain.
What are some of the challenges CIOs should anticipate in 2022? If you’re a CIO and you can’t answer the question: “when are we going to the cloud?”, the likelihood is that you’ll be fired. The scale of adoption of cloud technology has been astronomical over the last few years but will increasingly focus on exploiting benefits of adopting containers in 2022. With IT budgets being reallocated from maintaining systems to pursuing innovation, every CIO has to be armed with a comprehensive success plan for how they will use containers and the cloud together in 2022. But they need to
remember that fast adoption isn’t everything, the foundations need to be solid. Plans need to be forward looking and build in flexibility because change in this space is guaranteed; be it cloud provider or K8s distribution or both. Modern applications run on modern data services where K8s is the foundation; enterprises want to win with data and the CIO holds the key to this victory.
Cloud Box Technologies
What will be the top trends that will transform the Middle East tech landscape in 2022?
The trends adopted ever since Covid struck continue to evolve around transformation. Fintech, e- Commerce and education are on the forefront for investments and innovation. The top trends will be led by AI where the coming years will experience the major RANJITH KAIPPADA changes it will garner. While Managing Director, IoT and the 5G revolution is Cloud Box Technologies growing at a slow pace, it will definitely be on the trending list with the revolution it is expected to bring along. However, we see Cloud adoption as the major trend for 2022, this includes multi-Cloud adoption. And lastly, with the current post Covid needs, organisations are making higher investments in digital transformation as well as cybersecurity and are key areas that are seeing a major growth.
What are some of the challenges CIOs should anticipate in 2022? The trending technologies for 2022 are also some of the areas which are posing challenges for CIO’s, with security threats at the top of the list. Yet another area is the skill gap which is currently making it difficult to tackle the many IT changes and initiatives. It is now also getting even more difficult to manage data protection where both compliance and safeguarding company policies and information is crucial.
How are you helping your customers navigate the post-pandemic business landscape? Not all organizations are equipped to face the IT challenges and onboarding a trusted consultant is very important for them to remain consistent with updating and investing in the right technologies to remain relevant in a competitive scenario. We have begun to provide Consultancy as a service where we help our customers unburden their tasks and guide them into their digital transformation journey. To an extent fill in their resource gaps. We help our customers to walk through a systematic approach to explore, understand, compare, engage, experience and review their requirements and in each process, we extend our technical and consultancy expertise to help them make the right decisions.
JANUARY 2022
CXO INSIGHT ME
17
OUTLOOK 2022
What will be the top trends that will transform the Middle East tech landscape in 2022?
Riverbed
Insight into the top technology trends for 2022 can be gleaned from the results of our recent Riverbed | Aternity Hybrid Work Global Survey 2021. In this, UAE’s business decision makers revealed that their top areas of technology investments over the next MENA MIGALLY 12-18 months will be: Regional Vice President, • Better visibility of META at Riverbed network and application performance (61%) • Investing in end-user experience and digital experience monitoring solutions (53%) • Investing in cybersecurity technology and software (47%) • Investing in application or network acceleration solutions (46%) • Updating company-wide hybrid workplace strategies and policies (44%) • Increasing the use of cloud services and software-as-a-service apps (31%)
What are some of the challenges CIOs should anticipate in 2022? It comes as no surprise that visibility and performance is at the top of the abovementioned technology investment priorities list. Through 2021, we witnessed an explosive growth in Cloud and SaaS Adoption and the massive shift to remote work. In fact, the same Riverbed | Aternity survey revealed that 84% of UAE business and IT decision makers believe that at least a quarter of their workforce will remain hybrid post-pandemic; with 38% saying more than half of their workforce will be hybrid. A consequence of the rapid digitalisation has been that networks are now more distributed and complex. Quick fix IT solutions have also made app performance less reliable, rendered user experience less predictable, and significantly expanded the security threat plane as the network expanded across geographies and further into the cloud. The adage, ‘You cannot manage what you can’t measure,’ holds true and end-to-end visibility will therefore be a top priority for CIOs through 2022.
How are you helping your customers navigate the post-pandemic business landscape? Owing to increased network complexity and the need to ensure consistent, high-quality digital experiences for customers and employees, visibility has become increasingly important to organisations. Visibility provides insight into where performance and security problems exist, what they are, when they occurred and why. This insight, in turn, informs action. Recognising this, Riverbed | Aternity has steadily pivoted its business towards visibility, and we are seeing significant momentum 18
CXO INSIGHT ME
JANUARY 2022
in this space. While performance optimisation remains a core strength of the Riverbed | Aternity solution portfolio, today, visibility forms the largest part of our business with us realising a double-digit growth in our visibility business in the most recent quarter.
Uniphore
What will be the top trends that will transform the Middle East tech landscape in 2022?
With a number of rapidly growing economies that are eager to establish themselves on the global stage, the Middle East has a significant stake in the ongoing AI revolution. In the next stage, we will begin to see regional governments RAVI SARAOGI and businesses integrate Co-Founder and President industry knowledge and best APAC at Uniphore practices with cutting-edge technologies to build the foundation for AI architecture. Of these emerging technologies, low code/no code is especially important as it allows business users to utilize AI to facilitate effective problem solving, automate tasks, enhance communication across the enterprise amongst others. This will translate into better workflows and synergy across sales and marketing, customer service, operations, finance, HR, and more, ultimately helping businesses drive more cohesive results. At Uniphore, we have also demonstrated how recent advancements in conversational AI are helping augment customer service agent capabilities, thereby enabling improved empathy and outcomes. The ability to assess how a consumer feels in real-time, through the unfailing observations of an AI engine, is very alluring to business stakeholders and thus emotion AI will be a key focus area for Uniphore in the coming year.
How are you helping your customers navigate the post-pandemic business landscape? As we advance through 2022 and the post-pandemic business landscape, the customer experience industry will take on greater priority as it continues to become a key differentiator for brand preference. Investments towards fortifying CX infrastructure and implementation of AI, automation, analytics, low code/ no code, and cloud capabilities will be critical in the drive towards digital transformation. Enabling omnichannel communication systems alongside data analytics will be central in CX to analyze responses and drive insightful business decisions. By equipping our customers with intelligent technologies, Uniphore is enabling businesses to reap multiple benefits from these innovations. Our focus through 2022 is to empower our customers to build enterprise AI architectures that will facilitate better workflows and synergy across the entire digital enterprise.
Safe Security
What will be the top trends that will transform the Middle East tech landscape in 2022?
One of the biggest technology developments last year was that of the UAE government to allow the use of facial recognition AI in public spaces. Continuing this trend, AI will see a huge uptick in adoption, in fact, IBM has estimated that by 2031 AI may add beyond $300bn SAKET MODI to GDP in the Middle East. Co-founder & CEO, Safe Security In addition, with 5G being pushed in a big way, digitallynative businesses are taking up pivotal roles in critical infrastructure sectors - making them more vulnerable to cyber-attacks. Both the tech trends will be underlined by the need for a robust cybersecurity strategy. A trend that I am excited about is the adoption of a common cybersecurity framework across the UAE to have a stronger critical infrastructure cybersecurity plan in place for the region.
What are some of the challenges CIOs should anticipate in 2022? In an effort to maximise impact with minimum investment, hackers are focusing on supply-chain and third-party-based attacks. Since businesses are increasingly depending on third parties for business functions, and remote work making regular third-party cybersecurity assessments more difficult, ad-hoc, point-in-time, and siloed - organizations will be breached through vulnerabilities in their vendors’ cybersecurity. This will be one of the biggest challenges in 2022. Often, the largest vendors may not be the riskiest and vice versa. To know the true financial impact of a data breach via a third-party, CIOs should proactively measure, manage, and mitigate the cyber risks of vendors. Rather than depending only on a pre-onboarding statement of trust questionnaire, businesses should measure the cyber risk posture of their vendors in real-time. CIOs should look at automating and revamping their third-party risk management strategy to implement automated outside-in and inside-out assessments of their vendor cyber risk posture to identify and preemptively suggest prioritized insights to their riskiest vendors.
How are you helping your customers navigate the post-pandemic business landscape? As remote work becomes a norm, and more businesses continue to embrace a cloud presence in a manner that is too fast for them to secure, cybersecurity will have to take a more proactive stance. To date, it has been reactive, point-in-time, and largely product-driven. SAFE Security uses its SaaS-based API-first platform - SAFE (Secure Assessment Framework for Enterprises) - to ensure automated cybersecurity such that it
takes away guesswork in cybersecurity. With SAFE’s unified and integrated approach, businesses can know the cyber risk posture at the micro (asset) level and at the macro (enterprisewide) level to understand what’s going right and where things can improve across people, processes, technology, and cybersecurity products for both first and third-party.
ServiceNow
What will be the top trends that will transform the Middle East tech landscape in 2022?
There are two key trends I believe regional organisations need to consider: 1. More Low-code In July, the UAE government launched the National Program for Coders — a plan to train 100,000 software professionals, some of whom MARK ACKERMAN will go on to create 1,000 area VP, Middle East & Africa, digital businesses. Facebook, ServiceNow Google, Microsoft, and other giants are involved, and annual investment in tech start-ups is expected to rise from US$ 400 million to more than US$ 1 billion. Initiatives like this have captured the region’s imagination. As ambitious as the idea may sound, it is achievable through the citizen developer. These non-technical domain experts build digital solutions using low-code development platforms (LCDP). A wide range of digital workflows are open to them, and they can plug skills gaps with a lot less training than software developers get. Their business knowledge means they can identify more problems, and LCDPs allow them to — under appropriate governance frameworks — deploy value-adding solutions very quickly. Meanwhile, technical staff can engage in innovation of their own, creating an environment significantly more agile than the one it replaces. 2. Shift from automation to hyper-automation In 2020, a McKinsey survey of organisations across the globe found 31% of them had fully automated at least one business process, and another 35% had pilot schemes in place. But while automation has a proven track-record of streamlining workflows, the 2022 stakeholder should demand next-level visibility into processes. Hyper-automation brings together base RPA with business intelligence and integration to create a digital transformation workflow that is laser-focused on optimisation. The methodology requires stepping back from one’s automation instincts to examine the larger corporate picture and how each workflow incorporates people, processes, and systems. It calls for intelligence to be applied to identify processes for automation.
JANUARY 2022
CXO INSIGHT ME
19
OUTLOOK 2022
What will be the top trends that will transform the Middle East tech landscape in 2022?
Red Hat
When projecting the Middle East tech landscape’s journey in 2022, several key trends will certainly have a transformative impact. One of the most prominent concerns increasing demands for today’s emerging technologies, which ADRIAN PICKERING will collectively contribute Regional General Manager, to accelerated tech-based MENA, Red Hat transformation in businesses, industries, and wider society. This includes open source technology, as well as 5G, AI, ML, IoT, advanced robotics, big data analytics, and much more. As for why these technologies will be so transformative, we know for certain that they will empower enterprises, sectors, and government entities alike, accelerating their digital migration plans while equipping all with the newfound capabilities they seek in terms of speed, agility, efficiency, sustainability, scalability, performance.
What are some of the challenges CIOs should anticipate in 2022? Given the scale of unprecedented transformation unfolding before us, every C-level executive has an important role to play within their respective company, CIOs included. And besides contributing to the aspirations of their employers and their clients, they must also overcome challenges specific to the position of CIO. While there are several challenges to note, perhaps the most important is utilising the data, information, knowledge, and innovative mindsets at their disposal to help improve experiences for clients, customers, and the business itself. Never before has there been a stronger onus to deliver on personalisation and customisation requirements than today, and these are two areas where efforts can be directed to improve experiences for all. Furthermore, there are other key challenges that will multiply without the necessary attention. These include keeping pace with the latest data, security, and related governance standards and contributing to new use case development and introduction projects.
How are you helping your customers navigate the post-pandemic business landscape? At Red Hat, we have been helping our customers meet their digital migration aspirations for years. And considering this same form of transformation is key to navigating and succeeding in the postpandemic business landscape, we are perfectly positioned to the deliver on this enduring commitment. The technologies previously discussed are all contributing factors behind the vast benefits of open source and, with navigating the digital-first, post-pandemic landscape becoming increasingly prevalent, we are supporting communities of customers through the provision of the latest industry-leading open source solutions. 20
CXO INSIGHT ME
JANUARY 2022
Schneider Electric
What will be the top trends that will transform the Middle East tech landscape in 2022?
There is an acceleration to the cloud and we are seeing companies that were reluctant to try remote services now embracing these types of ideas. There is a growing trend of IT and OT convergence as connected devices become more prominent within buildings and non-IT environments. AHMED FATEEN Vice President of Power Systems Facility managers, systems – Gulf Cluster, Schneider Electric integrators, and others on the manufacturing floor need a seamless exchange between these fundamental networks to ensure productivity and resiliency are maintained. In addition, cybersecurity is by far the number one concern for adoption of IIoT/Digital transformation according to a Morgan Stanley survey. Cybersecurity must be addressed before implementing digital transformation initiatives.
What are some of the challenges CIOs should anticipate in 2022? Environmental, health and safety will be a top priority for organizations across the board in 2022. Safety and environmental compliance regulations are being stepped up in many jurisdictions, and sustainability will be a key priority for many businesses in 2022. We have finally begun to understand that our choices have an impact on the overall health of the environment. Similarly, industry owners are stepping up and shouldering the responsibility they have towards ensuring the well-being of society. With the COVID-19 pandemic, firms have focused their attention on employee health and wellness. Remote working and operations have become a norm and a solution. For example, digitalization offers tremendous opportunities for energy companies and utilities to improve safety and sustainability throughout the entire lifecycle of the plant.
How are you helping your customers navigate the post-pandemic business landscape? Schneider Electric knows the importance of maintaining strong relationships with customers and partners. When a crisis strikes, customers rely more heavily on providers just as companies rely more heavily on their partners. Our major focus areas as a business are digital transformation and sustainability, and demand for these areas is growing in the post-pandemic business landscape. We are designing our products and processes to improve efficiency, reduce waste, and innovate and working with our suppliers to develop cleaner, more efficient manufacturing, packaging, and transport. As energy evolves, our clients are seeking help to set goals, develop strategies, and reach their targets across these domains through active energy management.
Dataiku
What will be the top trends that will transform the Middle East tech landscape in 2022?
The region’s relationship with artificial intelligence is a long one. Ever the early adopters, GCC organisations — from telcos to utilities, retailers to hospitals — have used AI to connect, serve, engage, and heal. But as we approach the end of SID BHATIA Regional vice president, Middle another challenging year, East & Turkey, Dataiku we are expected to know the contents of the next chapter. Against that backdrop, I see three key tech trends worth paying attention to: AI as standard Over the years, the region’s technology experts have chatted about it at conferences, and blogged about it everywhere else. “AI is now a proven technology,” they would posit. “It is here to stay”, “It is the future”, “Next year is the year of AI”. As familiar as many of these claims may be, even more familiar is the relatively little market traction smart technologies have made when compared with the predictions. But now we are seeing something a lot more tangible. Even before the pandemic, impartial observers such as third-party analyst firms were predicting surges in AI adoption. PwC, for example, predicted that AI would have a US$320 billion impact on combined Middle East GDP by 2030. Growth like this was never likely to be confined to large enterprise activity. Instead, smaller businesses moving to the cloud would dip their toes in the AI fountain. Once they found that business intelligence, machine learning, IoT, big data, and other AI-fed technologies were viable, useful, and affordable, they would consume more. Surge in low code and no code The empowerment of business specialists with out-of-thebox solutions-building capabilities is a trend that is gathering steam, and quantifiably so. One estimate predicts CAGR of 27.9% between now and 2026 for the worldwide low-code development platform (LCDP) market. Offerings are showing significant evolution to cater to a range of workflows and AI is becoming more and more common among low-code orchestrations. Meanwhile, data scientists and more technical coders can apply their talents to more challenging problems, which means that we will likely see roles within organisations expand and change to accommodate LCDP adoption. Following this will be intense bursts of innovation from both business specialists and technologists as they settle into new roles that are more challenging and inspiring.
More data science Following on from the predicted low-code empowerment that will stretch the talents of both technology and domain specialists, we will begin to see data science unleashed as never before. Data science has suffered the same predictiondisappointment cycle as AI, but there are now strong indicators that experimentation is yielding results, and results are building confidence. As organisations build their AI cultures and become more efficient in their governance, more data science projects are being launched. As this happens, we can expect governance to play an important role in risk-based assessment of new use cases, especially if they fall outside the comfort areas of existing projects. If a stakeholder were advocating for a project where the required data was missing or incomplete, this could indicate a high probability of failure and would therefore need to be tightly managed. Understanding one’s own processes and modelling them accurately will be key to the success of these next-step ventures. But the potential value of successful outcomes will be too great to ignore, so expect to see a lot more experimentation in 2022.
What are some of the challenges CIOs should anticipate in 2022? Today, several large enterprises are handling increasingly more data, which will require more complex algorithms. More complex algorithms are able to learn hidden patterns from the data, by themselves, which is why they are useful — they can deal with problems that a human brain could not understand. And that’s where Enterprise AI brings an edge. Enterprise AI is the ability to embed AI methodology into the very core of the organisation and into the data governance strategy. This means augmenting the work of people across all teams and disciplines with AI for more innovative operations, processes, products, and more. The following are the challenges for teams that don’t have a collaborative data science platform: • Access to systems: Whether accessing the various data sources or the computational capabilities, doing so in a remote setting can be challenging. • Collaboration within teams: Without the physical in-office proximity, individuals can become siloed in the execution of their data projects. • Collaboration across teams: Data projects require buy-in and validation from business teams and also require data engineering and other teams to help with operationalisation. • Reuse over time: Capitalising on past projects is key to maintaining productivity and reducing duplicate work. The lack of in-person discussions can limit this ability. More and more organisations see the need to provide a centralised, controlled, and elastic environment to support the exponential growth in the amount of data, the number of AI projects, and the number of people contributing to such projects.
JANUARY 2022
CXO INSIGHT ME
21
CASE STUDY
BANKING ON THE GO ABDULLAH AL-AMOUDI, HEAD OF APPLICATION SUPPORT AT ARAB NATIONAL BANK, DELVES INTO THE IMPORTANCE OF SMS IN THE DIGITAL ERA AND WHY IT IS CRITICAL FOR THE FINANCIAL ENTITY’S DAY-TO-DAY BUSINESS.
D
igital services are now a part and parcel of our lives – not a single day goes by without us using the infinite apps that dominate our modern lifestyles, such as Spotify, Talabat, Careem, etc. Even our banking needs had transcended the
22
CXO INSIGHT ME
JANUARY 2022
physical realm – when was the last time we visited a branch? Instead, we effortlessly use our phones to make payments, transfer money, open an account, apply for a credit card, and the like. Customers want to easily communicate with businesses in the same way they access their services
on demand. Interestingly, however, SMS still plays a vital role in helping digital organisations stay in touch with their users. It is incredible that the venerable Short Messaging Service (SMS) or text message, first developed way back in 1984, used for the first time in
1992, is still critical in the digital era. In fact, SMS is fundamental to the overall mobile banking experience, says Abdullah Al-Amoudi, head of application support at Saudi Arabiaheadquartered Arab National Bank. “It is a powerful and immediate direct channel available to us to communicate with our customers and assure them of authenticity and security while doing their transactions,” explains Al-Amoudi. Arab National Bank utilises several flexible tools to extract data and insights during a customer’s journey. In addition, the bank has developed internal solutions, from surveys to user experience monitoring, to ensure customer experiences. This includes its mobile banking app – ANB Mobile, which allows customers to do full-fledged banking transactions conveniently from their smartphones. “Our application aptly meets all the requirements a customer may have for their banking demands and helps us in our overarching goal of achieving zero visits to the branches. SMS communication and marketing is essential for the success of our day-today business and services,” he says. “One-time passwords (OTPs) are mandatory for every transaction today. Customers also rely on SMS updates for their bank statements. If customers do not receive an SMS confirming their transaction, they immediately call the bank to check if the transaction was successful or not. SMS has become a trust layer for all customers today,” he adds. Al-Amoudi points out that having SMS integrated into the bank’s internal CRM system has helped the financial entity to greatly improve its operational efficiencies. “This has enabled us to evaluate our response frequency with our clients, quantify the texts sent to each customer, and assess if we are providing them with updates at each stage. The insights extracted allow us to
ESTABLISHED IN 2006 IN RIYADH, SAUDI ARABIA, UNIFONIC OFFERS SMS, VOICE, AND WHATSAPP COMMUNICATION SERVICES TO LARGE ENTERPRISES ACROSS THE MIDDLE EAST AND NORTH AFRICA. make better decisions and help enhance our operations.” According to the bank’s applications head, ensuring optimal customer experiences is at the heart of everything Arab National Bank does. To further elevate customer experiences, it has selected Unifonic – a customer engagement platform that enables the bank to offer seamless omnichannel client journeys. Established in 2006 in Riyadh, Saudi Arabia, Unifonic offers SMS, voice, and WhatsApp communication services to large enterprises across the Middle East and North Africa. The company helps organisations unify communication channels for enriched customer experiences and streamlines conversations at all touchpoints throughout the customer journey. It provides solutions to maximise customer engagement, optimise communication ROI, and improve customer experiences. “I have worked with Unifonic in my previous roles and can completely
vouch for its flexible infrastructure and innovation, which helps us to advance our business significantly,” says AlAmoudi. “Unifonic has clear roadmaps in place that they present to their customers every year. This allows us to plan and make sure our objectives are aligned. Unifonic met all our selection criteria, which included scalability, exceptional quality, and 24/7 support.” Arab National Bank has been working with the company for the past four years and has recently availed Unifonic’s new monitoring service. “We can check the dashboard for each transaction and know when and from where it was made, why there is a delay and so on. It gives us improved visibility and helps us provide better quality services,” says Al-Amoudi. He notes that while SMS will remain a critical part of their customer engagement strategy, the bank is also looking to onboard emerging technologies in the future that will help it implement more automation, analytics, and cloud services. “In the near future, the market will see us introducing many new services and technologies that are low-code in line with our digitalisation goals,” he concludes.
JANUARY 2022
CXO INSIGHT ME
23
FEATURE
THE EVOLUTION OF RANSOMWARE RANSOMWARE TRENDS AND PREDICTIONS FOR 2022.
R
ansomware might be nothing new as it dates back to the 1980s. However, the techniques and tactics used by criminal groups behind it have reached a new level of sophistication, causing widespread business
Harish Chib
24
CXO INSIGHT ME
JANUARY 2022
disruption. Last year, we saw highprofile ransomware attacks, including Colonial Pipeline, Kia Motors, and JBS, causing billions of dollars in costs. The recently published Sophos 2022 Threat Report highlights the evolution of ransomware as attacks become more
Maher Yamout
service-based and targeted, and the attackers turn to additional extortion methods, such as stealing data and threatening to publish or sell it or making aggressive calls to employees, to put pressure on victims to pay. “According to Sophos researchers,
Rahil Ghaffar
Firas Ghanem
over the coming year a greater proportion of ransomware attacks will be based on ransomware-as-a-service (RaaS) offerings, with specialist ransomware developers focused on creating and then leasing their malicious code and infrastructure to third-party affiliates,” says Harish Chib, vice president, Middle East & Africa, Sophos. What this means for business IT security teams, among other things, is that ransomware attacks are increasingly within range of cybercriminals regardless of their skill levels, as they can just rent or buy what they need, he adds. From January to November 2021, nearly every second security incident handled by Kaspersky was connected to ransomware, says Maher Yamout, Senior Security Researcher at Kaspersky. The most common targets were those in the government and industrial sector. Even the healthcare industry was not spared and were fending off ransomware attacks as cybercriminals attacked systems to gather patients’ personal data, contracts, and financial documents. Moreover, since ransomware gangs are always looking for new ways to refine their techniques for more impact and disruption, an underground ecosystem built to support their efforts was discovered. Nicolai Solling, CTO of Help AG, says
Gregg Petersen
David Brown
ransomware attacks have been on the rise and this trend will continue in 2022, largely thanks to their high rates of success, which can be attributed to their relative simplicity and their significant, immediate impact on an affected business, as well as the fact that many organisations still end up paying the ransom, thus encouraging the threat actors to continue utilising this attack method. Steps to mitigate ransomware In the wake of widespread ransomware attacks, there are some best practices that CISOs should follow to address such threats. “It’s important to stop sophisticated and zero-day attacks during the vulnerability exploitation stage,” says Rahil Ghaffar, Regional Director, MEA, Virsec. “These attacks appear very benign at earlier stages of the cyber kill chain and are hard to detect. Relying solely on signature-based detection can lead to missing a lot of zero day detection. Behaviourbased analysis of sophisticated attacks could lead to a lot of false positives and false negatives. While multiple layers of defence is good and essential, it’s important to have the strongest detection and protestction mechanism closest to the application itself -- and during runtime -- with application awareness for deterministic protection.”
Firas Ghanem, Regional Director - Middle East & Pakistan at ThreatQuotient, says what is needed is a deeper understanding of adversaries and their tactics, techniques and procedures (TTPs), so you can determine what is relevant to your organization and how to mitigate risk. A threat intelligence program is an essential component to any organisation’s quest to overcome threats as they evolve and emerge. “A threat intelligence program is a cornerstone to security operations as it provides better intelligence across the threat spectrum from known to unknown attacks and the ability to leverage this intelligence for all the systems and analysts who need it. This intelligence must comprise internal data, events, and telemetry, supplemented with external data from a diversity of sources including commercial vendors, open sources, ISACs, CERTs, government cyber organizations and other sharing communities,” he adds. David Brown, Security Operations Director at Axon Technologies, says an effective ransomware strategy comes down to situational awareness regarding attack surface management as the critical component. The lack of understanding of an organization’s attack surface leads to poor cyber hygiene, resulting in initial access most ransomware attacks use.
JANUARY 2022
CXO INSIGHT ME
25
FEATURE
“Understanding the attack surface allows for building layered reactive and proactive defenses combined with segmentation and recovery services. Any ransomware resilient security strategy will be incomplete until an organization has a solid attack surface management program in place,” he says. According to Werno Gevers, cybersecurity expert at Mimecast, there is no single solution for ransomware. The problem is complex, and attacks can start in many different ways. The most effective ransomware protection is a multilayered approach to security and a cyber resilience strategy that includes security awareness training for users, educating them about the types of phishing email they may encounter, leading to a ransomware attack. Minimising human error is perhaps the most effective form of ransomware prevention. Is cyber insurance vital in the fight against ransomware? Even if an organisation implements the appropriate security measures, they can never guarantee that a ransomware attack will not happen. This is where cyber insurance comes into the picture, helping organisations prevent financial and legal losses incurred as a result of a cyberattack, as well as minimize business disruption after an attack. “Some have raised concerns that cyber insurance inadvertently creates an incentive for more ransomware attacks, due to insurance companies paying ransoms to attackers. As a result, we will see cyber insurance becoming more expensive and exclusive, as attacks grow more rampant and ransom amounts increase,” says Solling. Gregg Petersen, Regional Director - MEA at Cohesity, says more and more companies are quickly recognising the need for insurance coverage that can be utilised if they are victimised by ransomware attacks. But, it looks like those who purchased that coverage early may be in a very enviable position. Many insurers are now automatically increasing cyber insurance premiums by upwards of 15% depending on their customers’ industry of operation, and others have announced their cyber insurance covering ransomware will no longer be sold. “One solution is for insurers to mandate next-gen data management technologies that give them a greater level of confidence that the insurance policy isn’t an organisation’s only plan or defence strategy in the event of a cyberattack. It’s a similar approach to an insurer charging a lower premium for car insurance if a vehicle is housed in a garage and has a tracker installed. For example, insurance providers could mandate that – businesses utilise data management solutions that include AI/ML technology, which can help businesses detect behavioural anomalies in near real-time that could indicate an attack is in progress,” he sums up. 26
CXO INSIGHT ME
JANUARY 2022
THE EXPERTS SPEAK
RANSOMWARE WILL NO DOUBT INCREASE IN VOLUME AND IN VALUE AND BECOME MORE SOPHISTICATED IN 2022. RANSOMWARE-AS-A-SERVICE (RAAS) — A SUBSCRIPTION THAT ALLOWS BAD ACTORS TO USE RANSOMWARE TOOLS ALREADY DEVELOPED — WILL BRING EVEN MORE CRIMINAL “NON TECH-SAVVY” AFFILIATE GROUPS TO THE RANSOMWARE LUCRATIVE BUSINESS EXPANDING IT TO UNPRECEDENTED LEVELS. GOING FORWARD THE RANSOMWARE ATTACKS WILL CONSISTENTLY AIM FOR DOUBLE EXTORTION OPPORTUNITIES WITH (A) DATA ENCRYPTION AND (B) DATA EXFILTRATION. SO EVEN IF CRIMINAL GROUPS CAN’T EXECUTE THEIR “DATA ENCRYPTION” RANSOMWARE SUCCESSFULLY, THEY WILL BE ABLE TO FIND ALTERNATIVE WAYS TO GAIN ACCESS TO THE DATA IN ORDER TO MONETISE THEIR EFFORTS. Giuseppe Brizio, EMEA CISO, Qualys
THERE IS TOO MUCH FOCUS ON THE RANSOMWARE EXECUTABLE, OR HOW TO RECOVER ONCE AN ORGANISATION’S SERVERS AND DATA ARE ALREADY ENCRYPTED. THAT’S LIKE FIGHTING TERRORISM BY FOCUSING ONLY ON THE EXPLOSIVE DEVICE OR WAITING TO HEAR THE “BOOM” TO KNOW WHERE TO FOCUS RESOURCES. TRADITIONAL CYBERSECURITY TOOLS AND NEXT-GEN ENDPOINT SOLUTIONS ARE INADEQUATE IN PROTECTING AGAINST RANSOMWARE BECAUSE THEY RELY ON RECOGNIZING PREVIOUSLY IDENTIFIED ATTACKS AND INDICATORS OF COMPROMISE. ORGANISATIONS NEED CYBERSECURITY WITH COMPREHENSIVE VISIBILITY ACROSS THE ENVIRONMENT, AND THE ABILITY TO ANALYSE INDICATORS OF BEHAVIOUR IN ADDITION TO INDICATORS OF COMPROMISE. Sam Curry, chief security officer, Cybereason
CISOS SHOULD USE TAPE BACKUP AS PART OF THEIR RANSOMWARE STRATEGY BECAUSE IT IS ALMOST IMMUNE TO RANSOMWARE. IT IS A TRULY AIR-GAPPED TECHNOLOGY, AND THE ONLY WAY ATTACKERS CAN GET TO IT IS BY COMPROMISING ITS PHYSICAL SECURITY. OF COURSE, NOT ALL DATA NEEDS TO BE BACKED UP BY TAPE; THE ORGANISATION SHOULD ONLY USE TAPE BACKUP FOR THE MOST SENSITIVE DATA. ORGANISATIONS SHOULD BACKUP THEIR MOST SENSITIVE AND CRITICAL DATA IN SEVERAL PLACES, INCLUDING IN THE CLOUD, ON DISKS, AND ON TAPE. Manikandan Thangaraj, Vice President at ManageEngine
THE EVOLUTION IN RANSOMWARE STRATEGIES IS THAT TODAY, RANSOMWARE IS NO LONGER JUST ABOUT ENCRYPTING FILES BUT ALSO STEALING THE DATA MAKING IT A MULTIFUNCTIONAL WEAPON. IF A COMPANY HAS A SOLID BACKUP TO RESTORE SYSTEMS, THEN THE CRIMINAL GANG CAN THREATEN TO DISCLOSE DAMAGING DATA THAT COULD DIRECTLY IMPACT THE STOCK PRICE, BRAND, EMPLOYEES AND POTENTIAL CUSTOMERS. Joseph Carson, Chief Security Scientist & Advisory CISO, ThycoticCentrify
HISTORICALLY MANY ORGANIZATIONS WILL HAVE USED ENTERPRISE TAPE BACKUP SYSTEMS TO ENSURE THAT BACKUPS OF CRITICAL SYSTEMS ARE MAINTAINED OFFLINE AND OFFSITE, AND THIS APPROACH STILL OFFERS GOOD PROTECTION AGAINST THE RANSOMWARE ATTACKS OF TODAY. HOWEVER, WITH THE MAJORITY OF ORGANISATIONS NOW MAKING MORE AND MORE USE OF PUBLIC CLOUD IT IS CRITICAL TO DESIGN A CLOUD BACKUP STRATEGY THAT TAKES ADVANTAGE OF THE FLEXIBILITY THAT CLOUD OFFERS, BUT ALSO MITIGATES AGAINST SOME OF THE RISKS THAT COULD BE INTRODUCED.
TO PREVENT DATA EXFILTRATION AND ENCRYPTION, YOU MUST PROTECT THE TOP ATTACK VECTOR FOR DATA BREACHES – YOUR WEB APPLICATIONS. TO IMPLEMENT AN EFFECTIVE RANSOMWARE PROTECTION STRATEGY THEREFORE, YOU NEED TO SECURE YOUR APPLICATIONS, PROTECT ACCESS TO YOUR APPLICATIONS, AND PREVENT LATERAL MOVEMENT ON THE NETWORK. Toni El Inati - RVP Sales, META & CEE, Barracuda Networks
Ammar Enaya, regional director – METNA, Vectra AI
ORGANISATIONS SHOULD EXPECT RANSOMWARE TO BECOME PERSONALISED AND INCREASINGLY INVOLVE DIFFERENT TYPES OF ASSETS, LIKE IOT, AS WELL AS COMPANY INSIDERS. TARGETED DISCLOSURE OF EXFILTRATED INFORMATION MAY BE PERPETRATED TO SPECIFIC BUYERS. WE MAY EVEN START TO SEE MORE FLEXIBLE TERMS OF PAYMENT, AS OPPOSED TO LUMP SUM PAYOUTS. WITH INSTALLMENT PLANS, RANSOMWARE OPERATORS WILL DECRYPT VICTIM ASSETS OVER TIME, BASED ON AGREED UPON PAYOUT TERMS. THIS WILL BE ESPECIALLY TRUE DUE TO THE VOLATILITY IN THE CYBER INSURANCE MARKET AND REDUCED SCOPE FOR FINANCIAL COVERAGE.
IN 2021, WE OBSERVED A RESURGENCE OF ENTERPRISE RANSOMWARE WITH A SHIFT TOWARDS LARGER ORGANISATIONS. BY ATTACKING ENTERPRISES WITH A LARGER REACH, THREAT ACTORS ARE LOOKING TO INCREASE THEIR FINANCIAL GAINS WITHOUT INCREASING EFFORT. THIS APPROACH OF “COMPROMISE-ONE-COMPROMISE-MANY” IS RESULTING IN THE RISE OF RANSOMWARE ATTACKS ON SUPPLY-CHAIN AND THIRD PARTIES. Saket Modi, Co-founder & CEO, Safe Security
Morey Haber, chief security officer, BeyondTrust
JANUARY 2022
CXO INSIGHT ME
27
VIEWPOINT
THE BRAINS BEHIND THE DIGITAL TWIN AI IS THE BRAINS BEHIND THE DIGITAL TWIN, TURNING DATA INTO INSIGHTS THAT CAN TRANSFORM A BUSINESS. THESE ANALYTICS CAN BE BROKEN DOWN INTO DISTINCT CATEGORIES – THE ‘FIVE P’S OF INDUSTRIAL AI – WHICH CAN IMPROVE OPERATIONS IN NEW AND EXCITING WAYS, SAYS JIM CHAPPELL, GLOBAL HEAD OF AI AND ADVANCED ANALYTICS, AVEVA.
O
ver the past 20 years, artificial intelligence (AI) has significantly transformed industry, taking an organisation’s ability to optimise processes and proactively detect and solve problems to a whole new level. As a result of the increasing adoption of digital transformation, AI continues to provide benefits across a range of industrial processes. This has resulted in the extensive use of digital twins – virtual representations of physical objects, systems or factories that are created through data gathered from Internet of 28
CXO INSIGHT ME
JANUARY 2022
Things (IoT) devices, advanced computer systems and digital processes. AI is the brain behind the digital twin. By applying various forms of AI – such as neural networks, computer vision, and machine learning – in different ways, it can create targeted solutions presented in the form of analytics. Once a digital twin has been put into operation, AI analytics provide insights than can help everything from enhancing operations for safe and profitable processes, through to automating monitoring and control processes to ensure safety and performance.
From an industrial perspective, these can be broken down into five categories: predictive, performance, prescriptive, prognostic and perceptive analytics. Predictive Predictive analytics is one of the most common advanced technologies used by industry, utilising big data and machine learning to spot anomalies in processes and assets. This can highlight current inefficiencies, enabling workers to optimise processes, but also warn of future equipment failure days, weeks or even months in advance.
Thanks to this information, business are able to schedule maintenance repairs well in advance of equipment failure, limiting operational risk and saving costs by avoiding unplanned downtime. Duke Energy, for example, was able to avoid costs of over $34m by detecting a sophisticated turbine problem that would have resulted in a catastrophic failure, potential injury to workers and extensive downtime had it occurred. Performance By combining industry and assetspecific algorithms, AI is able to not only identify anomalies that help an organisation discover and rectify faults before they occur, but also optimise processes for improved yield and/or operational efficiency. Prescriptive Prescriptive analytics takes things beyond simply alerting you to an issue – it also identifies and recommends the best course of action to resolve it. It does this through root cause analysis and risk-based decision support, analysing the criticality and urgency of an issue to recommend actions that will optimise efficiency and profitability by minimising downtime and avoiding costly delated. Wanting to use digital transformation to boost efficiency and sustainability throughout its operations, Ontario Power Generation (OPG) established over 100 predictive and prescriptive operating maintenance models by harnessing data from thousands of sensors throughout its plants. This allowed the organisation to reduce risk and increase operational efficiency throughout the fleet, as well as saving $400,000 and $200,000 in two separate early warning catches. Predictive and prescriptive analytics also enabled OPG to reduce annual maintenance hours by 3,000, freeing up stuff to work on higher value corrective tasks. Prognostic With prognostic analytics, neural networks, deep- and reinforcement
learning enable you to forecast events such as operational performance degradation or the remaining useful life of an asset. This can help organisations to manage risk, maximise profitability and improve sustainability. Prognostic AI can be used to optimise operations and maintenance strategies, providing risk-based insights into decisions such as whether or not an operation should attempt to run until the next planned maintenance outage or if work needs to take place more urgently. It can also help to identify specific areas for improvement. Perceptive Finally, perceptive analytics is all about how intelligent machines interact with their surrounding environments. Advanced technologies such as vision and audio AI, and natural language processing (NLP) are used to automatically detect relationships between sensors and devices. For example, Schneider Electric used perceptive analytics to not only detect a fault in the main drive chain at its Lexington factory, but also an issue on the motor that runs this chain, which corresponded with the appearance of the former problem. Through this perceptive analytics, the company was able to avoid factory downtime and related costs and has been able to reconfigure equipment to avoid similar problems occurring in the future.
Benefits of a smart factory After recently transforming this brownfield site into a smart factory by digitising plantwide operations, Schneider Electric has seen many benefits from its advanced AI and analytics. This has included optimisation of processes, faster, smarter decision making, improvements in labor productivity, a 6% reduction in unplanned downtime, 26% energy reduction, 78% CO2 reduction and a 20% water use reduction. This led to the factory being awarded Advanced Lighthouse status from the World Economic Forum and becoming a showcase factory for the business: one that’s being replicated at other Schneider Electric facilities around the world. “We feel like we’re only scratching the surface on the benefits that can accrue as a result of these new digitisation tools. We’re exploring areas that we’ve never had the opportunity to look at before,” said Mike Labhart, Senior Manager, GSC North America Smart Factory Innovation, Schneider Electric. “This opens the door to new ways of thinking about our facility and will reveal ways to improve productivity and efficiency, not just in Lexington but in other plants around the world.” Don’t get left behind An increasing number of industrial companies are following in the footsteps of Schneider Electric to actively leverage the benefits of AI, digital twins and analytics. In many cases AI is no longer just an option, but rather a requirement to remain competitive, profitable and sustainable. Benefits grow with the addition of new capabilities added by the five Ps of industrial AI, which – amongst other things – help detect and prevent problems faster, better maintain operations, and optimise and enhance processes. As a result, industrial operations continue to improve in new and exciting ways. The opportunities to benefit from the five Ps of industrial AI appear virtually limitless. As AI continues to advance with every passing year, we’re excited to see what the future will hold.
JANUARY 2022
CXO INSIGHT ME
29
VIEWPOINT
BRIDGING THE GAP GENG LIN, EVP AND CTO AT F5, SAYS A DISTRIBUTED CLOUD BRINGS ALONG THE CONCEPTS OF CROSS-CLOUD ELASTICITY WITHOUT MASSIVE COST INCREASES, TIME CONSTRAINTS ON PROVISIONING, OR ENVIRONMENTAL VARIANCES.
D
espite the broad adoption of multi-cloud strategies in the enterprise, there remains a dearth of effective solutions that address the many challenges faced by organisations executing them. One such challenge is the secure interconnection of workloads hosted by multiple providers—a problem which magnifies in intensity when more cloud vendors are added. Of the majority (75%) of organisations deploying apps in multiple clouds, 63% use three or more clouds, according to a Propeller Insights survey. Overall, 30
CXO INSIGHT ME
JANUARY 2022
more than half (56%) find it difficult to manage workloads across different cloud providers, citing challenges with security, reliability, and—generally—connectivity. Some of this difficulty can be attributed to competing operational models. Each individual cloud offers services and respective APIs that are unique to the individual cloud provider—and often require customers to conform to different skillsets, policies, and approaches. Every cloud offers a software-defined network experience, but no two clouds offer the same software-defined network experience. This often leads to
inconsistent configurations that affect security and performance when these cross-environment differences are not properly considered. This interconnectivity difficulty is heightened by the introduction of cloud-native, microservices-based applications significantly increasing the number of cross-communication instances. The Propeller survey found that “over 70% of respondents say that security problems are exacerbated in multi-cloud environments by the differing security services between providers (77%), the growing number
of APIs (75%), and the prevalence of microservices-based apps (72%).” All this is driving a need—and demand—for a new approach to multicloud networking. The challenge of multi-cloud networking Multi-cloud networking unifies two different approaches to simplifying application delivery: • It embraces software-defined internetworking from the bottom-up. It creates an overlay that abstracts the differences between networking environments and significantly simplifies the challenges of using multiple cloud environments together. The fixed physical infrastructure is used as a capable underlay with a standard crosscloud control plane enabling dynamic virtual networking on top of it. • It extends simple container networking into sophisticated distribution from the top down. While the industry has begun to standardise on container workloads as a de facto application unit, the relatively unsophisticated networking underneath them must be extended toward other environments. This marks the eventual emergence of a distributed cloud to assist in managing application traffic between environments. The convergence of these two elements has already led to the creation of two layers of abstraction in customer application architectures—Kubernetes to
facilitate network workload management and SDN to simplify internetworking. But the way these two approaches currently converge still causes significant customer pain. Many organisations experience a challenge with the way these technologies require operations to adopt overly granular configurations to obtain a standardised internetworking approach when multiple clouds are involved. The approach taken by one cloud provider— even for extremely simple networking tasks like VLAN management—is distinctly different from the approach taken by another…and both may be completely foreign to the approach taken by the enterprise for its own private cloud efforts. The way in which networks are provisioned and managed across cloud properties often leads to the need to maintain a staff of experts in the differences between the respective environments just to keep pace with network standardisation. Distributed cloud as a solution Adding more than one cloud provider to the mix magnifies the intensity of the problem. Clearly, there are better ways to tackle this issue by moving Kubernetes and SDN closer together, solving environmental differences, and removing the need to be a networking expert to make this all happen. At F5, we call this approach the “distributed cloud.” Customers generally encounter this problem as their business decisions and application needs are weighed prior to selecting the “best network/cloud” for their service. This decision incorporates a variety of factors, such as cost, ability to launch, speed of deployment, or the need to be in a particular region— whatever factor the customer decides is critical to their application’s success. Rarely are network-side factors or interoperability with other clouds considered in the initial business decision. Unfortunately, this primes new challenges to occur as the application moves along its expected lifespan and other elements of the business make different decisions about cloud use.
At F5, we believe there is nothing inherently incorrect about the decisions made to use cloud technologies that are particularly suitable to business needs—even if it leads to the use of multiple vendors or environments. We do not suggest that our customers should uniquely pursue the benefits of any particular cloud provider, but to instead aim to create commonality across all of them with build-to-scale solutions that are reasonable and within the reach of customers’ network skills, application needs, and business desires. We call our approach the “distributed cloud.” Our approach is backed by three key beliefs: 1. We understand that the network must support a model of anywhere, anytime, without the loss of quality or customer experience. 2. We assert that any internetworking cloud should be simple, complete, and consistent no matter what underlying cloud our customers might choose. 3. We believe that our customers should be able to get more value through simple, declarative, API-driven unification across control and management planes. The distributed cloud model considers that the users of our customers’ applications must be served with the highest aspects of quality, performance, and security in near-real time. Our aim is to provide a distributed cloud that brings along the concepts of cross-cloud elasticity without massive cost increases, time constraints on provisioning, or environmental variances. F5 has created a broad portfolio of solutions to meet these critical moments head on by providing a congruent set of technologies and practices, and we are working hard to extend this to every application in our customers’ architectures. As part of our mission to move towards more Adaptive Applications, we intend to help customers complete these transitions to allow them to move workloads to the most efficient and effective locations, regions, or cost models with ease. Without employing a staff of network wizards for each environment.
JANUARY 2022
CXO INSIGHT ME
31
VIEWPOINT
DIGITAL LABRADOR FOR NEXT-LEVEL CYBERSECURITY AMMAR ENAYA, REGIONAL DIRECTOR – METNA, VECTRA AI, SAYS IT IS TIME TO MODERNISE YOUR SOC
T
he Arab Gulf region has a well-deserved reputation for being a frontrunner in technology adoption — a reputation that its governments have retained throughout the Fourth Industrial Revolution. In the digital transformation era, managed services wormed their way onto the agenda of most, if not every, regional organisation, but until recently — cybersecurity remained an afterthought.
32
CXO INSIGHT ME
JANUARY 2022
However, governments in this region have a way of inspiring others by example. By adopting economic visions with technology pillars that put cybersecurity front and center, GCC leaders pushed digital risk management to top-priority position in the private sector. And those efforts have paid dividends. Saudi Arabia is second and the UAE fifth, on the International Telecommunication Union’s Global Cybersecurity Index for 2020. But there’s still work to be done.
Security professionals are overworked and under resourced. This starts in the security operations center (SOC), which all too often is holding on to a legacy that has had its day. Modern complexities of rogue devices, remote employees and multi-cloud environments have brought previously unseen levels of unpredictability to the SOC. These transformative changes coupled with advanced attack methods used in today’s ransomware and supply chain attacks equal a
horsepower so analysts know which threats to prioritise, can be achieved with the right AI platform. AI can also help SOCs play to the strengths of its players. For example, AI is incredibly proficient at dealing with large sets of data efficiency and at speeds unmatched by humans. On the other hand, humans are exceptional at dealing with ambiguity and contextualising information — things they’ll be able to do with AI on their team. An analyst can’t see an attack evolving in the middle of the night, but the right AI can catch and stop it so they can get some rest once in a while.
disaster waiting to happen for any organisation that isn’t thinking about modernising the traditional approach. The Old Way Opens Doors for New Attacks Traditionally, the legacy SOC is centered around prevention (think SIEM and IDS), which for the most part is obsolete against modern threats and attack methods. The tools typically deployed in this scenario equal a high cost of ownership and fail when it comes to the detection and response of in-progress attacks. This is because the technologies used today have grown past the SOC as we’ve come to know it. The perimeter no longer exists, and cloud deployments are outpacing security. Analysts are having to work harder to trawl manually through limited data sources only to arrive at inaccurate conclusions. Ultimately what you’re left with is a lack of visibility and a security team scrambling through inefficient workflows at a high price. The time for change is now. We’ve seen again and again how prevention techniques fail to detect ransomware attacks. These are human driven attacks — where malware isn’t deployed until the final step — meaning the only chance to stop it, is by detecting and stopping attacker motions inside an environment. Nowadays, attackers are finding all types of clever ways to bypass MFA. And while endpoint detection is important, it’s no match for a crafty attacker with stolen credentials. But the good news is that defending against today’s attacks doesn’t have to be as impossible as the headlines might lead you to believe. Moving Towards a Modernised SOC Before we look at the alternative, it is also worth considering the life of today’s security professionals. Who without, the SOC would be the equivalent of falling trees in an empty forest. While the customer experience was all the rage before the pandemic,
organisations must now prioritise the employee experience. The nowestablished efficacy of remote work means the region’s cyber-talent can work anywhere they want. So, as the region builds SOCs, it needs to design ecosystems that relieve burdens on technologists, or it risks losing the most qualified candidates to foreign employers. This is all the more reason to modernise and take a futureproof approach that prioritises visibility and workflow, acting as a kind of digital Labrador retriever — capable of sniffing out and fetching the most evasive targets and dropping them at the feet of threat hunters. It still uses event logs and SIEM tactics but supplements them with richer endpoint and network data. It mixes the disciplines of endpoint detection and response (EDR), AI-driven network detection and response (NDR) and user and entity behavior analytics (UEBA). The new SOC drapes a net across on-prem, cloud and cloud-native apps, allowing it to detect previously unknown suspect processes and lateral-movement attacks. And if you’re looking for a place to start, meaningful AI can lend an immediate hand in the SOC. Everything from improving alert accuracy, optimising investigations, threat hunting and adding extra
A Breath of Fresh Air in the SOC Modernisation is the future for any organisation intent on delivering an efficient, sustainable SOC. And while this is becoming an increasingly urgent matter for many organisations in order to defend against today’s attacks, it can also be approached in phases by setting achievable goals. For example, if you lack the visibility necessary to accurately detect and respond to an adversary, you may want to prioritise implementing a solution that can help spot early attack signals like recon, privilege escalation and lateral movement. Or if your organisation has traditionally been focused on prevention, it could be time to evaluate where security investments need to be made in order to gain coverage throughout the entire environment. In a region where regulatory compliance keeps a lot of stakeholders up at night, a modernised SOC can greatly enhance governance and instill confidence in regulators, investors and customers. The ability to detect, score and prioritise threats in real time ensures swift and effective resolution of issues and prevents costly and embarrassing breaches. Less manhours, better outcomes, lower costs, faster resolution, tighter compliance and the ability to go up against unknown and stealthy attacks? Now that’s a Labrador that deserves a treat.
JANUARY 2022
CXO INSIGHT ME
33
VIEWPOINT
WHY AUTOMATION IS A GAME CHANGER FOR SECURITY HADI JAAFARAWI, MANAGING DIRECTOR – MIDDLE EAST, QUALYS, MAKES THE CASE FOR AUTOMATION IN CYBERSECURITY.
T
he cybersecurity industry, unfortunately, cannot claim to be in the business of good news. Threat actors ensure that we are continually warning of new vectors and techniques and advising new approaches to combat them. It is hardly controversial to suggest that COVID-19, apart from its horrendous impact on public health and population welfare, has impacted the ability of companies to keep their customers and employees safe from cyberattacks. Fresh complexities in the architecture of corporate technology
34
CXO INSIGHT ME
JANUARY 2022
infrastructures have left IT and security teams in catch-up mode — confused, overworked, and underequipped. In a short break from doom and gloom, a PwC global poll shared some good news. It showed around 69% of organisations are planning to increase their cybersecurity budgets in 2022, and more than a quarter (26%) plan increases of 11% or more. Such action will be vital in the United Arab Emirates (UAE) where, according to a VMware report, 80% of security professionals reported increases in the number of attacks their
organisation faced, and attributed the surge directly to remote work. In November last year, Dr Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government again spoke of a cyber pandemic, having previously used the term publicly in December 2020 after reporting that the country had seen a 250% increase in attacks because of remote working. The persistence of skills gaps The Middle East has now-famous skills gaps in key technology areas at a time when technology is the answer to
almost all public and corporate issues, from governance to operations to monetisation. But cybersecurity stands out as perhaps the most critical gap at a time when organisations have moved to the cloud in vast numbers and turned IT environments on their heads. Server farms are now multi-cloud ecosystems. Vetted, regularly patched corporate PCs are now rogue personal devices of unknown pedigree. Automation can plug some of these gaps. Attackers move quickly and adeptly, so the modern threat hunter cannot afford to rely on traditional patching cycles. Automation is a means to speed up many standard tasks and reduce execution errors. On the IT side of the equation, we see a lot of acceptance of automation. Measurable cost savings and proven efficiencies have driven more and more of it. To embrace automation at scale, the entire cybersecurity discipline may have to unlearn what it has learned and break with tradition. DevOps teams are unafraid to break and fix, break and fix, break and fix — employing an iterative approach to the improvement of an end-product. Security teams, however, are trained to minimise impact and ensure that every tool they use does not interfere with the infrastructure at large. Automation can help regional firms plug their security skills gaps, but only if they adopt the same experimental mentality of break and fix. Measure twice; cut once Cloud environments allow patches to be tested in isolated environments at reasonable costs. Only patches that are found to operate smoothly in existing setups will be rolled out. Similar methods are already in service in DevOps, so they have already proven themselves as a viable means of introducing automated patching. Systems can identify a vulnerability, deploy a patch to a test environment, observe its progress in that environment and report any issues to a human actor. If there are none,
from the cloud is the only practical approach, automation is the natural next step. This is where we can start to discuss some good news. Automation enhances an organisation’s threat posture. Vulnerabilities are being addressed as soon as fixes become available, without the need for cumbersome human-based workflows. And as this good news spreads across the region — that automation can reduce costs, make baseline security practices more efficient and subsequently enhance security postures and make compliance an easier proposition — trust in automation will grow.
ORGANISATIONS THAT GET SERIOUS ABOUT SECURITY AUTOMATION SHOULD START BY USING DEVOPS TO BUILD NEW INFRASTRUCTURES. ALSO, ZERO TRUST IS GETTING A LOT OF TRACTION IN THE REGION, AND AUTOMATION CAN BE A GREAT SUPPORTING ELEMENT IN ITS IMPLEMENTATION. live deployment can follow, either with the okay of the human decision-maker, or automatically if adequate trust in the digital patching agent has been established. Automated cybersecurity is perhaps the only way to address the issue of work-from-home (WFH) endpoints. Any device that joins the corporate network is a risk. And home devices may even be used by more than one person, each of whom may work for a different organisation. When patching directly
The right platform The right cybersecurity platform will be able to monitor multiple data points to ensure that no telemetry is overlooked, leading to less false positives and the elimination of socalled “alert fatigue”. Organisations that get serious about security automation should start by using DevOps to build new infrastructures. Also, zero trust is getting a lot of traction in the region, and automation can be a great supporting element in its implementation. Automation of data collection and analysis is also critical, especially as it relates to asset discovery. And of course, automated processes can help with the emerging cloud and container trends we are seeing. Today, the case for strong cybersecurity scarcely needs to be made. Most line-of-business executives read and watch news. They have seen the results of less-than-optimal threat postures, and how they can affect some of the largest corporates on the planet. Regionally, I expect 2022 to reflect the polls and be a transformative year for cybersecurity — the year when automation becomes a standard practice and security teams are finally freed up to go the extra mile and secure our digital estates once and for all.
JANUARY 2022
CXO INSIGHT ME
35
VIEWPOINT
IT TRENDS TO LOOK OUT FOR IN 2022 SHERIFA HADY, VICE PRESIDENT CHANNEL, EUROPE MIDDLE EAST & AFRICA AT ARUBA, A HEWLETT PACKARD ENTERPRISE COMPANY, ZEROS IN ON THREE TRENDS DRIVING THE MARKET DEMAND DURING THIS YEAR.
T
he huge changes brought about by the pandemic were the catalyst for a faster pace of digital transformation across every industry sector. Now it’s time for businesses to go from surviving to thriving. Businesses have been made fully aware of how crucial digital transformation is to their future success and are looking to invest in IT services, support and solutions that match their new needs – distributed workforces, agile IT and all things cloud. Channel partners who can tap into these trends and offer guidance, services, and solutions, will be the ones to succeed within this rapidly changing IT landscape. Here’s our pick of the top three trends driving market demand in 2022: Network simplification Distributed workforces and hybridworking have led to complexity in IT systems and infrastructure.
1 36
CXO INSIGHT ME
JANUARY 2022
Applications and workloads are distributed across data centres and the cloud and at the same time, businesses have pivoted to meet new customer expectations within stores, such as touchless interactions. The combination of fragmented networks and unyielding demands puts businesses at risk of jeopardising the key benefits of new IoT and cloud technologies. In 2022, IT teams will need to focus on network simplification, and channel partners can get a step ahead by offering a unified network operating system. A unified infrastructure, centrally managed via a single point of control, will help IT teams to effectively manage distributed network environments, while also delivering a high-quality user experience within a single architecture. Network simplification is even more crucial since the pandemic has shrunk many business budgets making it crucial for IT teams to have capacity to manage distributed environments without damaging wider operations. By offering a unified infrastructure, channel partners can provide customers with new levels of operational simplicity so that IT teams can redirect precious resources to more business-critical areas.
2
Cloud transition support There is no doubt that the outlook for 2022 is for plenty of cloud. Recent Aruba research found that 83% of IT decision makers were looking to increase their investments in cloudbased networking over the next 12
months and data from Canalys reveals that the channel helped fuel a 33% increase in cloud spend in 2020. Upgrading to the cloud is a complex journey and there is opportunity for channel partners to step in with new product offerings – and it’s important to understand the deep need that customers have for trusted advisors to help them with this transition. The process can be overwhelming – particularly if customers don’t have the skills to understand the benefits of the cloud or whether it’s more costeffective for them to deploy a hybrid cloud model. To take full advantage of the increased interest in cloud, channel partners need to differentiate themselves – guiding customers through the process, and helping them maximise the benefits of the cloud – perhaps via a support offering. This means developing a comprehensive cloud-based strategy to ensure they have the best tools and management software available to support customers.
3
Shift to flexible subscription models The rapid uptake of cloud technologies has prompted a widespread re-think of IT consumption models and we have now moved from hardware-driven revenue to a softwarefirst market – essentially an SaaS-based economy. In 2022, we can expect to see heightened demand for flexible subscription models. Recent research from Aruba found that customers are becoming more open to exploring flexible models of consumption. Only 8% of IT decisionmakers said they would continue with solely Capex investments in light of the pandemic, compared to 55% who said they would look at SaaS models. With many key services such as deployment and decommissioning included in subscription offerings, these models give IT staff more time to carry out the more complex, value-add business tasks. It’s vital that channel partners broaden their own offerings to reflect this new demand.
VIEWPOINT
THE RISE OF PREDICTIVE DEFENSE DAVID BROWN, SECURITY OPERATIONS DIRECTOR AT AXON TECHNOLOGIES SUMS UP THE YEAR THAT 2021 WAS AND OFFERS HIS TAKE ON WHAT TO WATCH OUT FOR IN 2022.
T
he cybersecurity industry saw some key trends emerge from defenders and attackers in 2021. The defense trends were, in almost all cases, a direct result of the threat trend — these defense trends were reactive, and for many, it was too late. Key lessons from 2021 One of the growing threat trends we have seen over the last year is targeting Managed Services Providers (MSP) and Cloud Services Providers (CSP). This targeting allows an attacker to have a significant impact per attack as it can span numerous victims. MSP and CSP have value but also risk. Running on someone’s infrastructure means you lost control of how and if that infrastructure is protected. In response to this trend, defense trending is growing in attack surface awareness, commonly referred to as Digital Footprinting. We see a slow yet growing understanding of this need. As users of MSP and CSP now have a greater need to understand their entire attack surface, not just what is left in-house. It’s no surprise that ransomware is still the leading threat trend. As the value of crypto rises, the greater the incentive for cybercriminals. Every time a victim pays, it guarantees further attacks against others and, in
many cases, repeated attacks upon themselves. In almost all cases of ransomware that we have investigated, unpatched remotely managed or cloudhosted systems were the initial point of access. These systems loop back to the defense trend of attack surface awareness. The UAE threat landscape In the UAE, we saw MSPs being targeted, as also the supply chain within the medical industries on several occasions. There was no vulnerability management in these cases, nor were there real-time monitoring and response services within the targeted sectors. Organisations in the UAE need to start understanding that basic cyber hygiene is core to any protection. The world’s most fantastic AI threat prevention solution cannot save you if you leave the front door wide open with a welcome mat out and no one to check the IDs of the people walking or out of that door. The same is true for MSPs — they need to take the security of their infrastructure as a critical service, offering complete vulnerability management and real-time monitoring and response within their managed infrastructure. Bracing for hybrid work The evident concern is corporate assets operating outside of the controlled environment — this needs
to be handled in a draconic manner. The best way to manage these devices is with combinations of application and access controls. It is deploying connection-aware host-based firewalls, remote gateway proxies, and MFA VPN solutions. On top of this level of access control, other requirements are software inventory management, agentbased policy auditing, vulnerability management, and fully managed anti-malware, host intrusion detection/ prevention system, all with reporting to real-time monitoring and response. In a more straightforward statement, the more visibility, the greater the ability to protect, detect and respond. Coming up in 2022 Attack Surface Management is an important area. We are predicting growth in this area, which supports the concepts of predictive defense. Once you understand your attack surface, you can create a threat landscape and threat profiles linked to cyber threat intelligence services with Priority Intelligence Requirements (PIRs) and Organisation Specific Intelligence Requirements (OSIRs). These allow an organisation to shift from a reaction-based defense (right of boom) to a proactive-based defense (left of boom). The growth of proactive-based defense is an area where we push into 2022 and hope others will too.
JANUARY 2022
CXO INSIGHT ME
37
VIEWPOINT
RETHINKING HOW ENTERPRISES CONSUME IT
MOHAMMAD ABULHOUF, SENIOR SALES DIRECTOR, KSA, BAHRAIN & QATAR AT NUTANIX, SAYS THE FUTURE OF ENTERPRISE IT WILL BE A CENTRALISED ENVIRONMENT THAT IS MANAGED EQUALLY BY DATA ON SERVICES THAN THE SERVICES THEMSELVES.
T
he consumption of products and services has changed for good. We live in a consumercentric world where we switch on the television and watch the service we elect, whether that is Amazon Prime, NetFlix, or Apple TV. The point is that as consumers we have taken back the power of choice, explored what works for us, and are now able to pay as much or as little as we are willing to for the service we want. So why should IT be any different? If we have learnt anything from the last decade it is that consumer patterns shape IT behaviour – IT no longer dictates what can and what can’t be done. Think back to the discussions around Shadow IT. Which then sets the scene for the question “why are we as an industry still billing and selling technology in protracted contracts and licenses?” Living room IT. Let’s talk in comparisons for a bit, as consumers we buy mobile services from a carrier, content from a streaming service, fibre from a provider and we pipe it all down to a device which can be connected in myriad ways. The whole concept can be compared to how the multi-cloud universe works. But we still love out boombox at a house party or a braai, we are loathed to get rid of our DVDs, and we proudly collect vinyl, which is very much the onpremise part of the consumer existence. None of which is going to be replaced easily – nor should it be. But it is a world of overlap and inefficiency with multiple sources, subscriptions and commits to multiyear contracts that are sometimes wholly underutilised.
38
CXO INSIGHT ME
JANUARY 2022
One app to rule them. Much like modern IT, all of these services are a nightmare to manage. If you are in a multi-cloud environment with multiple SaaS-based contracts and subscriptions, you understand the enormity of the task at hand. Knowing what you are spending the most on and what your teams are actually using to its full potential is a feat in accounting. Now add license management to the mix and consider that vendors are trying to eke out more of your wallet than before by selling you additional capabilities and you are in an endless fight with a bloated balance sheet, yet still unsure if you see the value. As an industry, we need to seriously start considering bringing all these services together. If as a consumer you were given a single service which you could buy all your services through, see you spend, manage your usage, and then use this data to see where there is overlap and where there is underutilisation – would you buy it?
Consolidated thinking and consolidated costs. What IT is sorely lacking is consolidated thinking. Many services profess to help you create a view of your multi-cloud resources, SaaS apps and collaboration services, but few give a control plane for full visibility. We might know where things are, how they are working, but we need to start pooling this data to start identifying overlap to minimise inefficiencies in both cost and resources. Now add to this the fact that we are still selling five-year licenses which we try and bloat every year by adding additional services to keep our balance sheet healthy. CIOs and IT professionals are starting to kick back – and it is about time. As much as consumers we want to pay for only what we consume so do CIOs want a model where they can scale services up or down, remove unnecessary investments when they have run their course and invest that capital elsewhere when needed. The subscription service has been made easier to digest because of the cloud, but now we need to start adopting it into all aspects of IT. The real value IT can give a customer is flexibility. The value to the end-user is then multiplied by their ability to adapt to change. Such as the immense change they have endured over the past eight months as a result of the pandemic. Rethink required. How does the future of enterprise IT look? It is a centralised environment that is managed as much by data on your services than the services themselves. It is controlled through a single plane, it is managed centrally, and it is billed monthly. Allowing business, the ability to adapt, change, move and scale as and when they need to. Not when they are dictated to do so.
VIEWPOINT
TECH TRENDS SHAPING THE SECURITY SECTOR IN 2022 ETTIENE VAN DER WATT, REGIONAL DIRECTOR – MIDDLE EAST & AFRICA AT AXIS COMMUNICATIONS, EXPLORES KEY TRENDS AND TECHNOLOGIES THAT WILL CONTINUE TO DRIVE THE SECURITY INDUSTRY IN THIS YEAR
T
he beginning month of any year is characterised by many articles listing the technology trends that will shape industry sectors in the next one. But over the years, one can see a pattern develop, a roadmap that reveals the sentiments, and technologies we should be prioritising. In this case, the keyword is ‘trust’, which is an interesting one. The 2021 Edelman Trust Barometer shows that among online survey respondents in 28 countries, trust in the technology sector is declining globally, along 40
CXO INSIGHT ME
JANUARY 2022
with concerns of climate change, job losses, and cyberattacks. Worries that are all valid to the global security and surveillance sector. In the pursuit of realising a smarter, safer, and more sustainable world built on the back of a trustworthy and reliable ecosystem of innovation, these are the technologies and insights that will continue to transform security in 2022 and beyond. A post-pandemic world The impact of the COVID-19 pandemic continues to be felt in multiple ways.
We see its physical manifestation in the challenges to supply chains, with global manufacturing brought to a near standstill and companies having to re-evaluate where and how they source key components and equipment for their respective products and services. We also see it in deployed technology – how intelligent solutions in video and monitoring are used to enforce social distancing and implement public health strategies. A global shortage of semiconductors has also seen companies explore inhouse manufacturing and the potential
of system on a chip (SoC) for relevant sectors. While this may be a very specific trend, combined with the substantial shifts caused by the pandemic, more businesses will consider SoCs for their security solutions going forward. Embracing a sustainable future Sustainability is no longer just a trend, nor should it be deemed as such. With a global focus and push towards environmentally friendly principles and practices, exemplified by initiatives such as the UN Sustainable Development Goals towards industry, human settlements, and consumption and production, a business must exhibit sustainability in its offerings and examine new possibilities through a sustainable lens. Companies must pay closer attention to their processes from end to end. They need to scrutinise their products and services in terms of sustainability factors, such as power efficiency, building materials, and ethical deployments. These discussions are already taking place at events like Expo 2020, where the conversations have taken on a more forward-thinking position, and real progress is being made for long-term impact. More conversations like this need to be had, and it’s up to companies to facilitate them. Healthy scepticism equals effective cybersecurity We don’t always think of scepticism as a positive trait, but in relation to cybersecurity it can be a prudent one. In a highly connected world with an increasing number of interconnected systems, comprehensive security strategies must ensure that if one area is compromised, the rest of the system won’t collapse. A trend that’s emerged from taking a sceptical eye towards technology is zero trust networks. Built on the fundamental assumption that no device or entity connected to a network can be trusted, the deployment of these architectural setups is likely to accelerate and become the default approach. In turn, this will
dramatically impact video surveillance in the form of encryption, identification, and hardware and software maintenance. COVID-19 has also played a role in forming this approach, as remote working solutions call for more connected devices in a wider context. This high-impact technology conference at Expo 2020 further unpacks cybersecurity as the cornerstone of trust. 5G is connecting the world What is commonly used as a buzzword for the next era of internet connectivity is starting to see real-world applications. With 5G networks projected to cover one-third of the world’s population by 2025, this technology is starting to make its way into the security and network video surveillance sectors, hinting at it being more than just a trend. A specific 5G-related trend that is likely to grow in leaps and bounds is the deployment of private 5G networks – wireless networks that use 5G-enabled technology and dedicated bandwidth to serve as a closed solution for a company. They are faster than public networks, more reliable, and offer an ideal situation for specific industries. These networks also present security benefits which, when applied to the sector, could potentially streamline and improve solutions of varying size. This specific manifestation of technology is one to watch out for.
Artificial intelligence, formalised No trends piece for the next decade would be complete without mentioning artificial intelligence (AI). In the case of security and surveillance, this ranges from image quality and analytics to camera configuration and performance. By taking a simple process and applying AI to it, you optimise that process to its full potential. With more widespread use comes the need for regulation, specifically for the applications of AI. The solution is legislation on multiple levels of governance, ensuring AI is being used ethically and without bias. With a common agreement on local, regional, and international levels, we will be able to lay the foundation for the next industrial revolution and the growth of other technological trends, most notably smart cities. Increased authentication measures With the question of trust and increased scrutiny in cybersecurity, authenticity is becoming the next big hurdle in the age of data manipulation. This is valid for both hardware networks and video surveillance itself. How can you trust surveillance when you assign no value to its authenticity? Deepfake technology is a growing threat. With improved methods of manipulating and altering images and videos, the authenticity of captured real-world events and people is compromised. This is not a problem exclusive to the security sector, but it is one that requires comprehensive solutions to overcome, such as applying digital signatures and verifying the source of data to specific hardware. The application of AI also shows promise in being able to detect when manipulation has occurred. Regardless, this is a challenge that multiple sectors have to contend with and work harder to combat. All these trends factor into the need for businesses and other entities to rethink their security solutions for 2022 and beyond. With a focused and driven approach and by embracing the technology of the future, today’s challenges can be met head-on.
JANUARY 2022
CXO INSIGHT ME
41
VIEWPOINT
TOP PREDICTIONS FOR SUPPLY CHAIN MANAGEMENT AMEL GARDNER, VICE PRESIDENT, INFOR MIDDLE EAST & AFRICA, SHARES FIVE TOP SUPPLY CHAIN TRENDS TO WATCH OUT FOR IN THE NEW YEAR
at record levels. However, with inflation rearing its head in various parts of the globe, higher prices on products may lead to a consumer slowdown, allowing manufacturers and their suppliers some breathing room to restock their supplies. That said, the backlog of existing demand will keep ocean transport rates higher until bottlenecks drain out. As we see supply and demand begin to balance out in the second half of 2022, transportation rates should creep lower heading into 2023.
2
021 has been a crazy year for supply chain professionals. The supply chain got a ton of media coverage for reasons as diverse as a ship blocking the Suez Canal to a chip shortage for auto makers. A world of people who had no idea what a supply chain was at the beginning of the year now have a much better understanding of how the goods they purchase get from one place to another. The reality remains that a lot of the transport issues manufacturers are facing in 2021 are not going away. Be ready for plenty of supply chain news in 2022 including these important trends. Supply shortages will continue to keep ocean container rates high As long as several global economies continue to thrive, the demand for goods and services will continue to hold transportation rates, particularly ocean,
42
CXO INSIGHT ME
JANUARY 2022
Sustainability initiatives will not be equal across the board Even with heads of state coming to an agreement on sustainability requirements, it will largely fall on individual companies to enforce these standards upon themselves. While many organisations have already expressed, and even implemented, plans to reduce or eliminate carbon emissions, many have yet to adopt any strategy to make both immediate and long-term impacts. Without a unified, standardised pact that holds both countries and companies accountable, minimal change will be made. Until such a standardisation exists, consumers and investors are the ones most likely to force companies to make the necessary shifts, as the younger and more environmentally conscious generations continue to grow into the largest global consumer base. Organisations will bring their supply chains closer to destination With supply shortages stretching from groceries to semiconductors, many
organisations have been forced to examine ways to bring crucial components closer to final production process to ensure history doesn’t repeat itself. With many global organisations looking to localise larger portions of their supplier base, supply chains will find themselves better equipped to handle large demand spikes as they occur. Safety stock levels will rise to avoid backlogs and shutdowns With the global vaccination effort proceeding at a slower than anticipated pace, new variants of the COVID-19 virus will continue to drive caution and hesitation regarding traveling and fully reopening businesses. As a result, organisations will move away from justin-time (JIT) inventory strategies and will bulk up inventory levels, so they can avoid production disruptions. This also allows organisations to use supply chain finance tools to extend payment terms to suppliers using innovative finance options with lenders. Organisations can build inventory strategies that are less susceptible to disruption while allowing their supply partners to maintain healthy capital levels. Companies will continue to invest in new technologies to streamline processes Organisations are going to have to do more with less as talent shortages impacting global supply chains continue to compound. Companies will need to adopt existing and emerging technologies that allow for cleaner data, stronger collaboration, and the automation of mundane processes so team members can focus on supply chain process improvement. This will mean expediting digital transformation already in process and moving entire systems to the cloud for better, yet secure access to critical data needed to implement decisions quickly and effectively. The pandemic has thrust many companies much further into their digital transformation much sooner than originally scheduled, and the timeline will continue to shorten as companies now realise how critical cloud technology has become for staying afloat.
08 March 2022 CONRAD HOTEL, DUBAI
A tribute to the visionaries and pioneers of IT in the Middle East
NOMINATE NOW https://cxoinsightme.com/cxo50/2022/
For sponsorship enquiries:
For nomination enquiries:
Merle Carrasco
Jeevan Thankappan
Sales Director merlec@insightmediame.com +971 55 118 1730
OFFICIAL MEDIA
Managing Editor jeevant@insightmediame.com +971 56 415 6425
ORGANIZER
PRODUCTS
Logitech Signature mouse Logitech has introduced the new Signature M650 wireless and Signature M650 for Business mouse, a comfortable and personalized mouse with two different sizes and a left-handed option, offering a better experience for more people. The wireless mouse is designed to upgrade any desk setup and improve the overall work experience with features like SmartWheel scrolling, nearly silent clicks and a contoured comfort design that enables faster, more comfortable work than ever before. Whether working on a document or browsing through a website, the Signature M650’s SmartWheel helps to deliver precision when needed and speed in an instant. The Signature M650 and larger size Signature M650 L also feature SilentTouch technology, reducing click noise by 90% compared to the Logitech M185 Mouse, ideal when clicking during a video call. With two sizes and a left-handed option, a contoured shape, a soft thumb area and rubber side grip, the Signature M650 inclusive design allows you to work comfortably for extended hours and gives you the ability to customize the side buttons to favorite shortcuts with Logitech Options+. The Signature M650, available in off-white, graphite and rose, works with Windows, macOS, Linux, Chrome OS, ipadOS and Android operating systems. Connect in an instant via Bluetooth(R Low Energy or Logi Bolt USB receiver.
Sophos Switch Series Sophos has unveiled the Sophos Switch Series, featuring a range of network access layer switches to connect, power and control device access within a Local Area Network (LAN). The new offering adds another component to Sophos’ secure access portfolio, which also includes Sophos Firewall and Sophos Wireless. Switches are remotely managed in the cloud-based Sophos Central platform. This enables partners to 44
CXO INSIGHT ME
JANUARY 2022
oversee all customer installations, respond to alerts, and track licenses and upcoming renewal dates via a single, intuitive interface. Switches with eight, 24 and 48 ports are available for immediate purchase exclusively through Sophos’ global channel of partners and managed service providers (MSPs). These are ideally suited for small and mediumsized businesses, remote and home offices, retailers, branch offices, and more.
AMD Radeon PRO W6000 Series AMD has announced new additions to the AMD Radeon PRO W6000 Series Desktop and Mobile workstation graphics lineup, designed to deliver exceptional performance, stability, and reliability for professional users, including CAD designers, engineers and office knowledge workers. Built on the AMD RDNA 2 graphics architecture and 6nm process technology, the new solutions include the Radeon PRO W6400 desktop graphics card, designed to deliver a blend of performance and efficiency for modern workloads and the Radeon PRO W6500M and Radeon PRO W6300M GPUs that offer dependable performance to power next-gen professional mobile workstations.
• AMD Radeon PRO W6500M & W6300M GPUs – The AMD Radeon PRO W6500 and AMD Radeon PRO W6300 GPUs harness up to 8MB of AMD Infinity Cache memory technology to deliver ultra-high viewport frame rates, dependability and exceptional performance for professional applications on mobile workstations. The AMD Radeon PRO W6400 graphics card is expected to be available beginning in Q1 2022, starting at an SEP of $229. AMD Radeon PRO W6500M and Radeon PRO W6300M GPUs are expected to be available in pre-built OEM systems in select countries later this year.
• AMD Radeon PRO W6400 Graphics Card – Offering an ideal blend of performance and efficiency at an affordable price, the new graphics card is optimized for the requirements of today’s popular CAD and office workloads in a compact design that can be easily added to modern small-form-factor desktops. Compared to the previous generation, the new graphics card delivers up to three times higher performance in Autodesk AutoCAD 2022 in 3D orbit rotational tests in shaded mode.
LINKSYS WIFI 6 ACCESS POINT
Linksys has launched its WiFi 6 Cloud Managed Access Point. As retail stores, medical offices, small businesses, and commercial spaces begin to operate at pre- pandemic levels and foot traffic continues to increase, the WiFi 6 Cloud Managed Access Point’s 4x4 internal antennas deliver safer, more secure and faster WiFi for areas needing to service a high density of concurrent client connections. With the
control plane in the cloud and a cloud-native operating system running on the units, zero-touch provisioning, configuration, management, and monitoring are extremely efficient and simple. With access to Linksys Cloud, users can also scale with no limit to the number of networks and devices managed. Additional features include: • Qualcomm Networking pro Platform 1200: Nextgeneration technology transforms business WiFi with its wire-like stability and blazing-fast performance. • Media-rich Captive Portal: Cloud hosted captive portal splash page and a built-in captive portal editor allows users to upload logos and graphics of any size, customized Terms of Service Agreement or even manage Wi-Fi access with an extra passcode at no additional cost. • Reduce costs: Use Cloud Management without recurring license fees and get access to dedicated professional technical support with no recurring fees. For more information on the Linksys new WiFi 6 Cloud Managed Indoor Access point, please visit https://www. linksys.com/us/cloud-manager/. Details on availability and pricing coming soon.
JANUARY 2022
CXO INSIGHT ME
45
REPORT
DECODING TALENT NEW REPORT FROM BCG AND THE NETWORK REVEALS UP TO 62% OF MENA-BASED DIGITAL WORKERS ARE ACTIVELY JOB HUNTING, WITH 72% SEEKING BETTER CAREER OPPORTUNITIES
A
lthough unexpected circumstances have led to economic difficulties over the past two years, digital talent has emerged relatively unscathed, eager to explore their options and ultimately pursue new opportunities. This widespread appetite has emerged as a key takeaway following a global survey of employees in digital roles conducted by Boston Consulting Group (BCG) and The Network, a global alliance of recruitment website. The subsequent report, titled ‘Decoding the Digital Talent Challenge,’ sheds light on the key factors behind people’s aspirations to move to pastures new, providing a comprehensive analysis of major international markets, the Middle East and North Africa (MENA) included. As per the survey, part of BCG’s Decoding Global Talent series, as many as 62% of MENA employees working in digital fields are actively job hunting, with better career opportunities in other roles (72%), looking for a new challenge (66%), feeling undervalued in current positions (40%), and searching for a company more aligned with personal beliefs (32%) the main motivations behind people looking for a new role. For digital employees, good relationships with colleagues and learning and skills training are among the most valued aspects of their jobs, while diversity, inclusion, and environmental issues have also increased in importance over the latest year. Of the digital employees surveyed across the region, 78% revealed that diversity and inclusion have become more important to them in the last 12 months, and 55% added they would not consider potential employers
46
CXO INSIGHT ME
JANUARY 2022
that did not share the same views in this area. Moreover, 66% revealed that employers’ environmental responsibility has become more important to them since the same period a year ago, with 47% unwilling to consider companies that do not share their environmental views. “Much like other markets around the world, the MENA region boasts a vibrant and opportunistic landscape for digital employees. The pandemic has accelerated digital transformation and increased reliance on related technologies, creating supplementary positions,” said Leila Hoteit, Managing Director and Partner, BCG Middle East. “However, the evolving digital climate has also seen employee preferences and perspectives manifest and multiply. Rather than money being the primary influencer behind personal motivation and professional decisions, other factors including diversity, inclusion, and the environment have become key forces for work-related happiness or dissatisfaction, as have options to work abroad and remote working.” On the subject of relocation, the number of digital field employees willing to move to another country for work is considerable from a regional standpoint – standing at 83%. Canada is the most preferred destination where digital workers would like to relocate (16%), followed by the UAE (12%), and Germany (10%). In terms of the UAE, its appeal among digital talent also ranks among the leading nations worldwide, with Dubai and Abu Dhabi ranked sixth and ninth, respectively, as the most attractive cities for digital workers. Furthermore, remote working
possibilities are similarly attractive. The survey found that 66% of MENA talent are willing to work for remote employers with no physical presence in their country. Canada, France, Germany, and the UAE top the list where digital workers would look for remote jobs, while the convergence of fixed and flexible working would be a popular proposition. Although the COVID-19 crisis did not impact technology employees’ working patterns to the same extent as the general workforce, maneuverability here would be welcomed, nonetheless. Of the respondents, 54% would like to work remotely for 2-3 days per week, with 52% listing their desired flexibility as a combination of fixed and flexible working hours. “Looking ahead, it’s clear that recruiting and retaining digital talent rests with employers introducing a comprehensive strategy for the same, one that presents employees with the benefits they seek and ensures their most cherished values are adopted and upheld,” added Christopher Daniel, Managing Director and Partner, BCG Middle East. “In due course, the digital marketplace will become even more competitive, driven in part by employee curiosity, expectations, and demands. And as such, employers can take note of these findings and apply lessons learned to support the goals and aspirations of themselves and their people.”
Modernize networking to accelerate digital transformation BUILD A PREDICTABLE AND SECURE NETWORK INFRASTRUCTURE WITH ARUBA EDGECONNECT SD-WAN
Maximize your network’s potential for tomorrow’s users If you're talking, texting, emailing or using the internet, it's likely your communication is made possible by CommScope. It is our passion and commitment to identify the next opportunity and realize a better tomorrow. Learn more at commscope.com NASDAQ: COMM
Copyright 2021 CommScope, Inc. All rights reserved. AD-115611-EN