Outlook 2023

Page 1

2023 OUTLOOK

Industry experts weigh in on trends set to shape the tech landscape this year.

ISSUE 49 \ JANUARY 2023

14 INDUSTRY EXPERTS WEIGH IN ON TRENDS SET TO SHAPE THE TECH LANDSCAPE THIS YEAR.

44 PRODUCTS

6 NEWS

GARTNER PREDICTS 10% OF LARGE ENTERPRISES WILL HAVE A MATURE AND MEASURABLE ZERO-TRUST PROGRAMME IN PLACE BY 2026

IFS MARKS DOUBLE DIGIT-GROWTH FOR 5TH CONSECUTIVE YEAR

EGYPT’S EFINANCE PARTNERS WITH F5

CONTENTS 12 FIXING THE WEAKEST LINK 24 THE WAY FORWARD FOR MODERN BUSINESS 25 EMERGENCE OF ROBOTICS AS A SERVICE 28 PROTECTING YOUR BUSINESS 31 WHAT IS IN STORE FOR 2023? PUBLISHED BY INSIGHT MEDIA & PUBLISHING LLC 40 34 32
TO NET ZERO 34 TOP CLOUD SECURITY RISKS 36 BUSINESS PRIORITIES IN 2023 38 A FRAMEWORK FOR SUSTAINABILITY 40 TECHNOLOGY PREDICTIONS FROM CLOUDFLARE
ROADMAP
OUTLOOK 2023
3 CXO INSIGHT ME JANUARY 2023

First-class loyalty for a new class of banking customers

Today’s banking customers want their loyalty recognised and rewarded in ways that suit their lifestyles and meet their expectations. Simple points-based rewards and discounts are no longer enough.

Our first-class loyalty hub teaches you how:

to transform your customer loyalty experiences by working with our global team of experts

increase customer loyalty and value by creating innovative, multi-channel, personalised reward programmes

drive deeper customer engagement through our e-commerce, earning and redemption solutions that provide relevant o ers and rewards

create hyper-personalised engagement through CRM, loyalty technologies, AI analytics, and machine learning to help analyse customers’ behaviour

Visit our first-class loyalty hub, take a deep dive, and start your journey to first-class loyalty.

• • • •

SURVIVING TOUGH TIMES

It’s that time of the year again when I gaze into the crystal ball and make predictions about tech trends shaping 2023. As they say, prediction is always difficult, especially about the future. Last year, many businesses reimagined and transformed their strategies to build resilience. With the threat of global economic recession looming, the new mantra for businesses this year will continue to be digital resilience. Earlier this month, we organised a CXO roundtable with Splunk to discuss why digital resilience is now more critical than ever and ways to build it. There is no doubt that technology is key to fighting business disruptions, and many companies, regardless of size, are investing heavily in modernising and securing their IT systems to drive positive business outcomes. The pandemic has taught us that operational resilience is the only way to thrive in dynamic market conditions and fend off business disruptions. The technology leaders who joined us for the discussion unanimously agreed that the only way to build resilience into business is to simplify and increase the visibility of their IT environments,

which has become a challenge in this age of multicloud and cloud-native applications.

As businesses strive to modernise, one of the important technologies to watch out for in 2023 is AI and ML. We are already seeing how ChatGPT, the research project from OpenAI, can transform the future of business communications. In this issue, we have reached out to industry experts for their take on the trends that will shape the technology landscape this year, and you’d notice that there is a rising emphasis on data security. The future currency will be data, and we expect to see increased adoption of zero-trust security models this year. We have also turned the spotlight on one of the hottest topics in the industry today – cyber insurance. The exponential surge in ransomware attacks, which will get worse this year, is making it imperative for businesses to invest in cyber insurance to offset the cost of security incidents.

On that note, I wish all our readers a happy new year – may this one be your best yet.

EDITORIAL
Published by Publication licensed by Sharjah Media City @Copyright 2023 Insight Media and Publishing Managing Editor Jeevan Thankappan jeevant@insightmediame.com +97156 - 4156425 Sales Director Merle Carrasco merlec@insightmediame.com +97155 - 1181730
Director Rajeesh Nair rajeeshm@insightmediame.com +97155 - 9383094
the publisher has
magazine,
Production Head James Tharian jamest@insightmediame.com +97156 - 4945966 Administration Manager Fahida Afaf Bangod fahidaa@insightmediame.com +97156 - 5741456 Designer Anup Sathyan 5 CXO INSIGHT ME JANUARY 2023
Operations
While
made all efforts to ensure the accuracy of information in this
they will not be held responsible for any errors

GARTNER PREDICTS 10% OF LARGE ENTERPRISES WILL HAVE A MATURE AND MEASURABLE ZERO-TRUST PROGRAMME IN PLACE BY 2026

effective zero-trust strategy which balances the need for security with the need to run the business.

“It means starting with an organisation’s strategy and defining a scope for zero-trust programmes,” said Watts. “Once the strategy is defined, CISOs and risk management leaders must start with identity – it is foundational to zero trust. They also need to improve not only technology, but the people and processes to build and manage those identities.

“However, CISOs and risk management leaders should not assume that zero trust will eliminate cyberthreats. Rather, zero trust reduces risk and limits impacts of an attack.”

Gartner analysts predict that through 2026, more than half of cyberattacks will be aimed at areas that zero- trust controls don’t cover and cannot mitigate.

Zero trust is top of mind for most organisations as a critical strategy to reduce risk, but few organisations have actually completed zero-trust implementations. Gartner, Inc. predicts that by 2026, 10% of large enterprises will have a mature and measurable zero-trust programme in place, up from less than 1% today.

Gartner defines zero trust as a security paradigm that explicitly identifies users and devices and grants them just the right amount of access so the business can operate with minimal friction while risks are reduced.

“Many organisations established their infrastructure with implicit

rather than explicit trust models to ease access and operations for workers and workloads. Attackers abuse this implicit trust in infrastructure to establish malware and then move laterally to achieve their objectives,” said John Watts, VP Analyst at Gartner. “Zero trust is a shift in thinking to address these threats by requiring continuously assessed, explicitly calculated and adaptive trust between users, devices, and resources.”

To help organisations complete the scope of their zero-trust implementations, it is critical that chief information security officers (CISOs) and risk management leaders start by developing an

“The enterprise attack surface is expanding faster and attackers will quickly consider pivoting and targeting assets and vulnerabilities outside of the scope of zero-trust architectures (ZTAs),” said Jeremy D’Hoinne, VP Analyst at Gartner.” This can take the form of scanning and exploiting of public-facing APIs or targeting employees through social engineering, bullying or exploiting flaws due to employees creating their own “bypass” to avoid stringent zero-trust policies.”

Gartner recommends that organisations implement zero trust to improve risk mitigation for the most critical assets first, as this is where the greatest return on risk mitigation will occur. However, zero trust does not solve all security needs. CISOs and risk management leaders must also run a continuous threat exposure management (CTEM) programme to better inventory and optimise their exposure to threats beyond the scope of ZTA.

Gartner clients can learn more in “Predicts 2023: Zero Trust Moves Past Marketing Hype Into Reality.”

NEWS
6 CXO INSIGHT ME JANUARY 2023

IFS MARKS DOUBLE DIGIT-GROWTH FOR 5TH CONSECUTIVE YEAR

customers and partners, took place in October with over 2,500 in-person attendees and thousands more online.

IFS CEO Darren Roos commented: “For IFS, 2022 was a year characterised by acceleration. We increased our headcount to over 5,900 employees, reached a significant landmark in revenue at $1bn and outpaced our competitors by delivering double-digit growth for the 5th consecutive year.” Roos added: “Quarter after quarter, our leadership in capabilities and in time to value enabled us to build on our performance.” Roos concluded: “2023 will be an exciting year as we continue to bring together our employees, our partners and our products and industry expertise across FSM, EAM, and ERP so that our customers can create value faster and deliver their best to their customers when it matters most, at the Moment of Service.”

IFS announced its financial results for the full year ending December 31, 2022. The company posted exceptional results with software revenue growth at 28 percent year-onyear and cloud revenue growth up 80 percent as existing customers and new customers switch to IFS Cloud.

The 2022 results mark the fifth consecutive year IFS has secured strong double-digit revenue growth, demonstrating unparalleled robustness in its strategy and ability to execute globally. Throughout 2022, cloud and digital technology remained high on companies’ agendas and IFS customers sought to build operational agility and leverage innovation to build competitive advantage.

Since its initial release, IFS Cloud continues to deliver value with an Evergreen model. The twice-yearly release cycle has become an integral part of business as usual with customers adopting regular updates and negating the need for costly upgrades. New customers are experiencing considerably faster time to value with IFS, at an average of 9.5 months from contract to value.

Some of the key milestones for IFS in 2022 included:

• IFS launched its Partner Success programme in Q1 to further underpin and accelerate its partner strategy.

• In March 2022, HG Capital became a significant minority investor in a transaction valuing IFS & WorkWave at $10bn.

• In April 2022, IFS launched Arcwide, a joint venture with BearingPoint designed to accelerate the pace of IFS Cloud deployments.

• IFS retained its leadership positions across core product categories with continued recognition by analyst’s firms.

• In July 2022, IFS acquired EAM Software solutions provider Ultimo Software Solutions.

• IFS secured awards for individual leadership, as well as its products, its innovations and customer experience.

• In September, IFS signed an agreement to sponsor the London Cable Cars, as part of a brand activation campaign.

• IFS Unleashed, the rebranded global IFS community event for prospects,

IFS Chief Financial Officer, Constance Minc, added, “In 2022, IFS has shown resilience and consistency; despite the macroeconomic headwinds we have accelerated our growth across our key metrics for the group. Growing our cloud revenue at 80 percent year-on-year and our annual recurring revenue at 57 percent year-on-year in challenging market conditions demonstrates a level of robustness and reliability that’s a testament to our relevance and customer focus”.

Throughout the year, IFS has continued to nurture its customer-first culture by strengthening its service organisation and its partner ecosystem, as well as maintaining an active involvement in the work delivered by the IFS Foundation in Sri Lanka, a nation that is home to over 2,200 IFS employees.

Financial and Operational

Highlights for FY 2022, growth YoY:

• FY2022 software revenue was SEK 6.6bn, an increase of 28 percent versus 2021.

• FY2022 recurring revenue was SEK6.1bn, an increase of 44 percent versus 2021.

• FY2022 net revenue was SEK8.4bn, an increase of 19 percent versus 2021.

7 CXO INSIGHT ME JANUARY 2023

DARWINBOX ANNOUNCES COLLABORATION WITH MICROSOFT

Retailo, Mobily Infotech, Seepco, Eyewa, Shalina Healthcare, and Foodics along with select operations of Al Rajhi Bank, and the Lulu Group. The company also serves leading international brands such as Nivea, Starbucks, Dominos, Sephora, Swarovski, Adidas, Zara, Lacoste, Calvin Klein, AXA, Tokio, Cigna, and T-Systems.

Paco Salcedo, General Manager Enterprise, Microsoft Middle East and Africa, said, “Startups across the country are innovating and finding new ways of doing business. We are pleased to work closely with leaders like Darwinbox, who are completely reimagining the frontiers of employee experience with the power of technology. Our collaboration with Darwinbox builds on our focus of co-innovating with our customers to empower organisations across the UAE to do more with less.”

Darwinbox announced a collaboration with Microsoft to empower organisations globally and across the MENA with the right tools to succeed in the evolving world of work. The collaboration will include deep integrations between Darwinbox and the Microsoft product ecosystem, and co-innovation on solutions to enhance employee experience. In addition to the co-innovation roadmap, Microsoft has also made an equity investment in Darwinbox to accelerate its mission of empowering organisations to unify their entire employee lifecycle.

The relationship will accelerate joint go-to-market motions in all markets that the leading Human Capital Management (HCM) player operates in. It will also fuel the global HR tech leader’s growth further while enabling organisations to unlock their workforce’s highest potential.

Darwinbox’s cloud-based HCM platform caters to HR needs across

the entire employee lifecycle with new-age employee experiences and disruptive AI-powered technology. Powering 750+ enterprises and 2 million employees across the globe, the company has clocked a 2.6x revenue growth and increased its headcount by 240% in MENA since its Series D Unicorn funding round in January 2022. The company recently opened its new office at Dubai International Financial Centre (DIFC).

Commenting on the collaboration, Jayant Paleti, Co-founder, Darwinbox, said, “We’ve always had the highest regard for the Microsoft brand and ethos. As we align on the joint vision of helping our customers unlock new levels of employee experience and productivity, we’re excited to co-innovate on multiple lines of IP development and take these solutions to our customers globally.”

In the MENA region, Darwinbox works with leading enterprises like Noon.com, Masafi, Alef Education,

Deep integrations and multiple lines of co-innovation between Darwinbox and Microsoft will allow Darwinbox to deliver a radically unique and differentiated value proposition to its customers worldwide. As part of this collaboration, Darwinbox will adopt Microsoft Azure to enhance its Human Capital Management (HCM) SaaS platform.

Darwinbox’s mobile-first platform continues to enhance and personalise employee experience (EX) by bringing HR transactions and experiences into the flow of work with Dynamics 365 and Office365 platforms like Microsoft Teams, Viva, and Active Directory. Darwinbox has leveraged Microsoft’s PowerBI to further augment its AI-based predictive analytics engine, to build rich visual analytics dashboards, helping employees across customer organisations use data more effectively and power faster business decisions. Strategic product and engineering collaborations between the two companies will amplify innovation around workforce management, payroll management, benefits, talent management, and acquisition.

NEWS
8 CXO INSIGHT ME JANUARY 2023

ROUND TWO OF CYBER RESKILLING PROGRAMME LAUNCHED IN BAHRAIN

SANS Institute and The Labour Fund (Tamkeen) launched this week the second phase of the Cyber Reskilling Programme in Bahrain. Following the success of the first phase in 2022, this year, SANS and Tamkeen continue their strategic partnership to deliver two programmes that will allow 60 students to gain GIAC Security Essentials (GSEC) and GIAC Certified Incident Handler (GCIH) certifications within the training period. SANS will also continue to offer participants a supported pathway to enter the cybersecurity workforce. This initiative is aligned with Tamkeen’s strategic direction and is a response to Bahraini market demands in the technology sector that require high-quality and specialised tech training opportunities.

During the first round of the programme with Tamkeen the latest SANS graduates showed high levels of knowledge and confidence, which contributed towards gradually bridging the cybersecurity skills gap in Bahrain, according to feedback from engaged employers and organisations.

“The success of the programme speaks for itself. With 40% of students scoring over 90% in their GSEC and GCIH exams, and 82% and 86% passing their respective exams on the first attempt, it’s clear that this training is providing students with the necessary tools to achieve their cybersecurity goals,” said Ned Baltagi, Managing Director, Middle East and Africa at SANS Institute.

Commenting on this initiative, Ali Hasan, Executive Director of Programmes and Partnership Development at the Labour Fund (Tamkeen), stated: “We are proud of the first group of Bahraini students that participated in the Cyber Reskilling Programme run by SANS Institute. Their knowledge, dedication and exemplary commitment contributed to the success of this initiative and showcased the potential of Bahraini talent in this niche field. Tamkeen will continue to identify and support initiatives that empower Bahrainis and enhance their competitiveness both locally and internationally.”

With 3.5 million unfilled positions worldwide, there is a critical shortage

of qualified cybersecurity workers right now. In Bahrain, cybersecurity is a high-demand employment option in financial services, information technology, and manufacturing. With cyberattacks increasing in volume after the mass transition to remote work due to COVID-19, there is an increased demand for qualified cybersecurity specialists and experts in the country, from both enterprises and the government.

Khalifa Yaseen, a student who successfully graduated from the first Cyber Reskilling Programme designed to prepare successful applicants for security roles by introducing them to key cybersecurity principles and techniques across three SANS courses, earned an invitation to the GIAC Advisory Board with his scores – a forum of GIAC certified professionals to exchange ideas and advice, as well as opportunities to provide input to courseware and exam development.

“The Cyber Reskilling Programme was such a rewarding experience overall,” said Yaseen. “Through the programme, I had the opportunity to interact and introduce myself to various companies, and I have secured an opportunity with Beyon Cyber to develop my skills in this field.”

In just eight weeks, the Cyber Reskilling Programme identifies and re-skills individuals, opening several prospects for professional growth and development in all sorts of junior cybersecurity roles. There is immense untapped potential in Bahrain, and together with Tamkeen, SANS aims to continue to generate opportunities that will upskill Bahrainis, bridge the gap, and support enterprises in the Kingdom, consequently elevating Bahraini talent within the region and globally.

Bahraini individuals and enterprises interested in participating in the second round of the programmes will be able to apply directly via the SANS website. The training programmes are supported by Tamkeen. More information on the opening of applications and the application process will be available here.

9 CXO INSIGHT ME JANUARY 2023

EGYPT’S EFINANCE PARTNERS WITH F5

eFinance has signed a Memorandum of Understanding (MoU) with F5, a multicloud application services and security specialist, to help protect and optimise Egypt’s digital transformation priorities.

eFinance, the partner of choice for Egypt’s growing digital economy and financial transformation, as well as incountry public cloud provider, is now set to offer F5’s extensive solutions portfolio to organisations across the country.

Initially, the partnership will focus on cloud- and cybersecurity-based technologies.

”We are delighted to partner with F5, which is already supporting many of eFinance’s customers in Egypt,” said Atef Mohamed, IT & Cloud Director, eFinance.

“Our mission is to enable organisations accross the country to lead cutting-edge, transformative initiatives that are aligned

AVEVA ANNOUNCES THE COMPLETION OF ITS ACQUISITION BY SCHNEIDER ELECTRIC

AVEVA announced the completion of its acquisition by Schneider Electric, a global industrial company specialising in digital automation and energy management.

Since its foundation, AVEVA has grown from a niche design software developer to a leading global industrial software company with a value of more than £10bn.

Today, AVEVA’s software drives efficiency and reduces costs for over 20,000 customers worldwide, offering a Digital Twin for the whole asset lifecycle from Engineering through to Operations and Maintenance across diverse industries worldwide.

The global industrial sector increasingly relies on data to maximise business value. But like other materials, this key industrial resource only becomes useful when it is extracted, processed, and delivered to the right people at the right time – securely and in context.

with vital social development goals. F5 is an ideal partner for us in this respect, and has a world-class reputation for helping its customers —the world’s largest enterprises, service providers, financial and educational institutions, government entities, and consumer brands—to create, secure, and operate applications that deliver extraordinary digital experiences.”

F5 offers a unique portfolio of automation, security, performance, and insight capabilities. It empowers customers to create, secure, and operate the applications – whether monolithic or modern – that help reduce operational cost and complexity, protect users’ experience, and create business value.

“eFinance is integral to the Egyptian government’s digital transformation strategy, so it is a huge honour to finalise this MoU,” said Bassem Saleh, Sales Lead for Egypt at F5.

“In particular, our ability to secure any app and API – irrespective of where they are deployed – will be central to the rollout of app- and cloud-centric projects across the country. Given the volume of business and data that is now flowing through apps, combined with their increasingly distributed nature, security has taken on new significance. At F5, we’re not only able to protect access to apps, but also how they are used – wherever that may be.”

Customers persistently identify the clear need for digital solutions across both industrial operations and energy management, needs that have never been more relevant in the current economic and energy cost environment. Schneider Electric and AVEVA together, enable a holistic approach to digital transformation across a customer’s operations. They drive step-change improvements through a reduction in energy, carbon and resource intensity, accelerating customer journeys of efficiency and sustainability.

AVEVA’s strategic focus is on becoming the number one SaaS provider of software and industrial information and evolving to a subscription-only business model. The acquisition will accelerate that transition.

Whilst AVEVA will now be wholly owned and part of Schneider Electric, intentions have been set out to preserve AVEVA’s business autonomy, future R&D investment, and enhancing the potential benefits for customers and meeting their needs faster with a stronger portfolio of solutions.

Peter Herweck, CEO of AVEVA, said: “The needs of the industrial world are

becoming ever more complex. But the opportunities to create competitive advantage, value and sustainability through digital transformation have never been more compelling.

AVEVA is now optimally placed, with the collaboration not just of Schneider Electric but all its partners, to drive innovation, change and value for its customers. The last 50 years for AVEVA have been incredibly exciting. Thank you to all of the stakeholders who have been part of the journey so far in creating a global leader in industrial software and data. I’m convinced that through continued investment and transformation, the best is yet to come.”

NEWS
10 CXO INSIGHT ME JANUARY 2023

FIXING THE WEAKEST LINK

CYBER PSYCHOLOGY IS THE THREAT ACTOR’S DEADLIEST WEAPON; IT’S TIME FOR A ‘PEOPLE PATCH,’ WRITES MOREY HABER, CHIEF SECURITY OFFICER AT BEYONDTRUST

In the modern cyberthreat landscape, psychology reigns supreme. Of late, GCC nations have been clamping down on bad actors and have been recognised for it. Saudi Arabia and the UAE are impressively ranked in the ITU’s Global Cybersecurity Index (GCI), placed second and fifth globally, and first and second regionally, respectively. However, even the most prepared among us can still be fodder for creative social engineering attacks perpetrated by cybercriminals, hacktivists, and state-backed miscreants that seek to do us harm.

When it comes to cyber-risk management, end users get a bad reputation. Our “weakest link”, some would say; the more classically educated might be akin to an “Achilles’

heel”. And, while I wish I could stand with the people and dispute this, it is an unfortunate fact, backed by reams of post-incident data. Like any other vulnerability, it needs to be addressed. We need a “people patch”; if you will pardon the pun. But while a few hours of troubleshooting and coding may work for our software flaws, our colleagues require more thought and better training then a personal software upload.

There are many errors that lead to compromise, and most of them are avoidable with a simple list of “dos and don’ts”. But social engineering is different. Phishing and smishing attacks go after an employee’s ambition to be valuable to their employer or even their own self-importance. These attacks often fake communiques from senior

staff members seeking action on something important and time sensitive. The cleverly counterfeited identity is often not a hijacked email account or phone number, but the recipient neglects to verify the source as they have fallen prey to an age-old stimulusresponse reflex of need.

Culture coding

The fact here is that we have missed the point of people as an attack vector. Where we hastily label “links” and “heels”, we don’t notice that the underlying behavior is programmed into the employee by corporate culture. They are doing what they think is expected of them — acting quickly and diligently to an instruction from an authorised source. When software is vulnerable, we blame the vendor. So, shouldn’t

VIEWPOINT
12 CXO INSIGHT ME JANUARY 2023

the corporate culture likewise assume some responsibility for user error? If the company culture programs individuals to react to their microinstructions from “do as you’re told” to “always verify”, might we see stronger nimbler heels and therefore less successful social engineering attacks?

This cultural perception of oneway communication extends to the cybersecurity function, which is seen as a detached dictator (albeit a necessary one) of rules. Workforces, especially the digital-native variety of today, do not respond well to in-your-face authority and only do as you are told. And so, we opt for explaining the rules and the role of security policies without sparing a thought for how difficult the controls are making life for employees to follow.

Some of my colleagues have drolly recounted having overheard Security Teams called the “Work Prevention Team”. Chuckling aside, this spells doom for the cybersecurity team’s ability to engage its colleagues. And we now know that all the tools and platforms in the world cannot convert a chain of weak links into a robust legion that can hold the line against the modern threat landscape against people.

Flexible and permissive

If we want better engagement, we need more human friendly cyber security controls. And yes, I can almost hear you scratching your head. Was I not just arguing against that? I was, but the answer is not to abandon our controls with tighter ones that are more cumbersome. Technology and processes must empower our people. A more flexible and permissive approach to security can be delivered while simultaneously providing a safer environment.

As an example, organisations should start by removing direct privileged access from all users, establishing a restrictive baseline account. We then add permissions as they are needed (and only as they are needed) to perform specific tasks. This is called the Principal

of Least Privilege (PoLP). This way we prevent an out-of-control fog of superuser accounts from roaming the digital landscape and tempting threat actors, who will use them to perform potentially malicious activity.

This new system is easier to manage. Endpoint privilege management tools are designed to implement PoLP, allowing users only the privilege level needed for their roles. We refine these permissions sets over time without impeding user productivity. Automation and policy templates allow users to be shielded from the underlying granular controls that protect them. Once established, such frameworks even allow standard users to install certain software through an allow listing system. The employee experience is enhanced, and the cybersecurity team is now called the “Work Enablement Squad” or some imagined variation. Employees can do what they need to do without the risk of social engineering gaining administrative access.

What about passwords?

There’s more. Shared and default privileged accounts need not be deleted; they can now be secured. They can be managed through privileged-password and session-management solutions that automate the oversight of privileged accounts and their associated passwords and secrets. These solutions can regulate

password refreshes, greatly mitigating the risk of brute force and pass-the-hash incursions even if passwords have already been stolen. Additionally, these tools can mandate that all privileged access takes place via secure links. This protects users and systems if they are attacked from our own human weaknesses. And as a benefit, moves us closer to a zerotrust environment, which is where every cybersecurity leader wants to be to ensure all communications is appropriate.

It should be made clear that while the eventual setup operates without undue complexity for users, they still need to be part of the change process. Policies will change. IT operations and workflow will change. And users will have to be retrained to use systems and processes differently. Clear communication will be critical. Rather than explaining the need for daily complexity, however, we can now tell users that we are working to enhance their experience while protecting them from themselves.

So, what does this mean for security teams? Control and accountability. An overall lower risk of falling victim to a phishing attack while becoming an enabler for users and subsequently converting them to allies in the day-today battle with threat actors. This means a more relaxed, productive, innovative work environment for everyone because the attack vector of people has been mitigated by removing administrative rights in the attack chain.

Psychology, reimagined

As we head into 2023, business leaders are faced with talent shortages in all roles. An ecosystem like the one described creates better work experiences for cybersecurity, IT, and non-technical staff. Tight security controls but with effective communication and unencumbering workflow is exactly what the psychologist ordered. Make it easy for people to work and if they make a mistake, remove the crack in the pavement that could cause them to stumble.

13 CXO INSIGHT ME JANUARY 2023

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?

As technology evolves and complex business problems continue to emerge, IT professionals will face new challenges in 2023 and beyond. Some changes will fuel innovation, while others will spur debate around AI ethics. And others, such as cyber threats, will force companies to mitigate and meet these risks head-on.

The most influential trends that will impact IT decision-making are as follows:

• Cyber resilience will overtake cybersecurity as top security concern

• AI ethics will become imperative

• The cloud will drive innovation

• Companies will embrace distributed cloud

• Cloud networking will grow

• 5G private wireless to move beyond industry 4.0

• Personalized digital employee experiences are must-haves for hybrid work

• Mainframe will solidify its role in hybrid cloud strategies

As business leaders, we must understand that the impact of these trends will vary depending on the industry and application. It is never just the technology but the ways these it is integrated and adopted that can lead to an impact and help achieve business objectives.

How are you helping your customers build operational resilience?

For our part, Kyndryl is aligned around the principle of cyber resilience in managing risk. We have thousands of security experts across the world, many of whom specialize in cyber resilience as a service and are ready to work with government, private sector companies and organizations of every kind to ensure a safe and resilient global economy.

Since our launch, we’ve been expanding Kyndryl’s global strategic partnerships to address customers’ specific security and resiliency needs. For example, we have partnered with Veritas to deliver its industry-leading data management portfolio to enterprise customers as a fully managed service, “Protection and Cyber Resiliency, Powered by Veritas.” And in the Middle East, we formed a strategic collaboration with CPX Holding to help improve cyber resilience for customers in the UAE and the region. Through a powerful combination of Kyndryl’s global leadership in IT infrastructure services and CPX’s end-to-end cybersecurity capabilities, we aim to help customers protect their businesscritical assets and support their overall digital transformation. We have also announced a Recovery Retainer Service which provides our most at-risk, critical infrastructure customers

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?

The current economic climate means that appetite for risk is extremely low. Despite this, businesses know they need to continue to innovate and digitise if they are to survive, and this involves staying at the forefront of technology. In fact, 95% of businesses surveyed for our Industry Insights Report 2022 told us that right-fit technology will accelerate growth for their business. So, while the global economic outlook remains uncertain, the pace of digital innovation will continue unabated and businesses that prioritise strategic tech investments will increase their chances of success in the year ahead.

Against this backdrop, business planning technology solutions have never been more vital. These include solutions that enable forward planning, financial planning and simulations that give businesses the data they need to make the right decisions in a volatile environment.

What are the biggest challenges facing CIOs this year?

Faced with resource and budget constraints, CIOs will be under pressure to maximise the value of their tech investments, which calls for them to effectively draw insights from the treasure trove of data that these systems generate. However, to effectively do this, organisations need one source of truth for all their data points, with a digital core that runs through their businesses. Other apps which monitor disparate parts of the businesses should be able to integrate with this digital core, so interoperability of all software solutions will be a key selling point. Although there is a lot of hype about the potential of predictive analytics, machine learning (ML) and artificial intelligence (AI), these solutions can’t offer full value to customers if that one source of truth isn’t already in place.

How are you helping your customers build operational resilience?

Through 2022, organisations in key sectors served by Epicor –manufacturing, heavy industry, aerospace and defence, automotive and more – have been plagued by supply chain issues.

The foundation for a resilient supply chain is advanced digital technology, which is what Epicor provides to its customers. Our supply chain management solutions connect systems, and take information out of silos and into a centralised location. This makes every link in our customers’ supply chains completely transparent, in real-time, so decision makers can account for every element that affects operations.

OUTLOOK 2023
with qualified experts on the ground and technologies for emergency support and recovery operations. MOHAMED MOUSA Strategic Sales and Solutions Director, Kyndryl Middle East and Africa
14 CXO INSIGHT ME JANUARY 2023
VIBHU KAPOOR Regional Vice President - Middle East, Africa & India, Epicor

Company headcount will increase in 2023… with bot workers. In 2022, companies took high-efficiency measures, like layoffs, to financially safeguard business. But in 2023 companies will need to replace this headcount because customer expectations remain high. Companies will deploy more bot workers in 2023 to reduce human dependence on mundane tasks. Bonus: it’ll also reduce cost and margin for human error. We’ve started to see this trend with understaffed retailers, but it’ll soon be mainstream. Automation rewriting automation: 47% of developers don’t have access to the tools they need to build applications fast enough to meet deadlines. Next year we can expect the next wave of automation to automate its own development to fill this gap. Code will be written by AI engines, intelligently generating its own code. As low code and no-code platforms continue to enable the technology behind these innovations, we’ll see more maturity, more time savings (cutting down development time by 90%), fewer errors and faster development.

What are the biggest challenges facing CIOs this year?

Perhaps the most frustrating challenge for CIOs and innovation leaders is that despite their best efforts, and the significant investments being made into the latest technologies, one of the key outcomes they seek – enhancing employee experiences (EX) and thereby CX – remain elusive. A study we conducted in 2022 showed that despite businesses in the Middle East and Africa (MEA) having doubled down on digital transformation, nearly half (47%) of regional employees report that technology issues at work have since increased their stress levels, causing a negative impact on their mental health. Identifying ways to continue innovating, while ensuring high user acceptance rates will be a top priority for CIOs in 2023, especially given the pressure they will be under to justify the ROI on every dollar spent.

With sustainability being a priority for many organizations, efficient technologies which use less energy and have a better carbon footprint will be on many board’s agenda. Today’s businesses are much more environmentally conscious, but volatile energy costs have forced the issue in many countries around the world and in the next year we will see green and sustainability credentials at the tip of the spear in conversations between vendors, service providers and customers. Many groups within organizations will develop a much greater understanding of sustainability metrics and methodologies and will start applying them when making technology choices.

Containers will be the key to cloud neutral infrastructure designs — beating lock-in

While historically large enterprises have worked with different cloud providers for different use cases, this creates cloud lock-in which customers are sick and tired of. Next year we will see an increase in customers building cloud neutrality into their design to avoid this lock-in even if it’s only to prepare for the future. To do so, companies will rely heavily on containerizing applications, making them portable across private, public and hybrid cloud infrastructure, regardless of the cloud providers at play. There will also be a push to consolidate management of applications through Kubernetes platforms with all the flexibility, speed, cost effectiveness and security needed to ensure success in a cloud neutral environment.

Hiring IT specialists will become harder: organizations will hire more generalists

Every organisation is struggling to find Kubernetes, data analytics and machine learning specialists as these are some of the most in-demand skills in IT at the moment. However, companies don’t actually want to hire people who are good at only one thing — they are looking for people with a breadth of skills. As a result organizations will need to hire more generalists and fewer specialists, even in critical roles, and train them in areas where skills need to be developed. This will be far more efficient for the IT organization in the long run, as specialists tend to serve as a bottleneck if they are the only personnel who can solve specific problems.

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?

Demands for today’s emerging technologies continues to increase exponentially, driven by customers and businesses across all industries:

1. Adoption for technologies such as 5G, Metaverse, AI, ML, IoT, and advanced data analytics will continue to rise due to the effectiveness of both full-time remote working

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?
Can you list some top trends that will have the maximum impact on the tech landscape in 2023?
Here are three trends that I think will impact the tech sector in 2023:
Businesses will make technology choices based on sustainability
PRASAD RAMAKRISHNAN CIO at Freshworks FRED LHERAULT Field CTO, EMEA & Emerging Markets, Pure Storage
15 CXO INSIGHT ME JANUARY 2023

OUTLOOK 2023

and hybrid workplace environments.

2. Consumers have higher expectations for 5G. Performance, ultra-high speed, and dependability are facets of the 5G experience that are expanding consumer expectations. Two years after the debut of 5G, consumers anticipate new services such as real-time translation, enhanced event experiences, and immersive VR-gaming to become a reality. Private 5G network is enabling the pathway for augmented / virtual reality through creation of applications that require high frequency and low latency which will be the gateway for metaverse and digital twin to come to life building upon the digital economy and create greater efficiencies.

3. Blockchain technology is at the heart of the region’s technology transformation. Designed for transparency, it provides advanced transactional data security and provenance of transactions. du is building decentralized applications and offering an integrated set of solutions for the blockchain ecosystem. By building on top of our Blockchain Platform as a Service (BPaaS), du’s new use cases are an important step towards providing smart solutions that create efficiencies for government transactions.

How are you helping your customers build operational resilience?

We are working on identifying and develop new 5G use cases for enterprises in the UAE. These use cases will focus on improving operational and cost efficiency through digital transformation for various industrial sectors including manufacturing, transport, shipping, aviation, energy and health across the UAE. This is how we are accelerating enterprise 5G use case development and enabling UAE enterprises to experience the future on our 5G network. du continues to be a pioneer in 5G and network solutions as well as delivering best-in-class network infrastructure. We are committed to providing “A network that gets you” in terms of customers’ network needs, whether it’s an enterprise or an individual.

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?

hyper automation technologies can help organization to optimize processes, save cost and accelerate time to market.

What are the biggest challenges facing CIOs this year?

The top challenges CIOs face are skills (talent retention/ acquisitions), accelerate efficiency, cybersecurity, transform legacy applications and enhance employees/customers experience.

How are you helping your customers build operational resilience?

Omnix’s strategy is built around providing services and solutions to address the key customers challenges. Our highly skilled resources guide customers to adopt new technologies. Omnix uses the best practices in adopting the new technologies which help reducing risks and accelerating deployments. We have teams to support cybersecurity, applications modernization, engineering and foundational technologies, Metaverse and smart infrastructure.

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?

Here are three trends that will shape the region’s digitization stories in 2023.

Employee expectations regarding flexible working

In May last year, a Cisco survey found that 90% of the nation’s workers preferred remote or hybrid work and that 61% would be less likely to look elsewhere for opportunities if their employer implemented flexible work schedules.

The good news is that businesses have already seen the productivity benefits that go along with home-based work. Far from the feared slow delivery and stale service that stopped prepandemic moves to remote-work models, we have seen staff morale and productivity receive notable boosts. Flexibility and automated workflows are recruiting badges, attracting young, driven professionals with much to offer. Firms will have a choice — deliver flexible work or try to get by with a stale unmotivated workforce.

Acting Chief Executive Officer at Omnix International

The top trends that we see today are sustainability, Metaverse, automation, user experience/happiness and adaptive AI. These trends will impact tech landscape since tech companies and solutions providers must be able to provide solutions to address the needs. We see that these trends will require solutions like cloud to support the sustainability requirements and reduce energy utilization; AI solution to enhance efficiency and decision making process; digital twins, remote support and better collaboration are some of the use cases that support the Metaverse initiatives; conversational AI technologies to help enhance user experience and customers/employees happiness; and

Talent sought, but where?

This issue compounds the first in that the very talent that is expecting enhanced work experiences can afford to make such demands because it is also in short supply. As time goes on, companies that do not respond to such trends will be hit by talent drains that will impact operations and service levels. At the same time, these same elements will be enhanced at enterprises that offer more alluring environments to their staff.

A recent survey by PwC showed that 47% of Middle East companies were addressing talent gaps by upskilling their workforces. Meanwhile, some 32% had opted for automation, including

16 CXO INSIGHT ME JANUARY 2023
MARK ACKERMAN Area VP for Middle East & Africa, ServiceNow

automation that enhanced the employee experience. This digitization taking place side by side with upskilling is the ideal environment for today’s young professionals, as it gels with their outlook and ambition. So, in 2023, tools and training that empower each employee to innovate independently while working flexibly will be critical.

The continued ascendancy of ESG

In 2023, as ESG pressure reaches critical mass, regional businesses will start to form strategies and focus groups. When complying with government, industry, and market expectations, it will help to have the right talent in place. Conveniently, digital natives share an affinity with environmental and social matters. They will also be better placed to effectively use the technology platforms that produce ESG insights and drive progress in these matters.

What are the biggest challenges facing CIOs this year?

In 2023, CIOs will come under pressure to show tangible ROI on technology investments. Inflation rates may be lower in the GCC than they are in the Americas or Europe, but they are still of concern. The right digital investments could have a corrective impact on the bottom line. It is already hard to imagine a modern business that is not, to some extent, digital. And as we wade ever deeper into the Fourth Industrial Revolution, CIOs, and the business at large, should be prepared to address a range of issues, from the employee experience and its association with technology procurement to the ongoing pressures of regulatory compliance and ESG.

How are you helping your customers build operational resilience?

In crisis, everyone looks around for reassurance. Businesses look around for ways of getting through the crisis and becoming immune to the next one. “Resilience” has been the word of the day for countless months. It remains so because of the aftershocks of the pandemic — supply-chain issues and inflation being just two examples. AI-powered analytics does not just allow real-time insights into the efficiency of processes and the profitability of business models; it clears the way for predictive analyses that show a path to long-term success.

When technology stacks include platforms like ServiceNow that provide mechanisms for extracting meaningful, useful data from structured and unstructured sources and categorizing it for presentation and review, decision makers get access to valuable knowledge. In 2023, we expect to see an innovation cycle, as the positive ROI from these technologies encourages yet more investment.

However, many security leaders are still managing multiple point products, which just doesn’t scale. Not with ongoing budget constraints, brazen cyberattacks and shortage of security talent.

The converged capabilities of a single-vendor SASE platform offer a compelling opportunity to provide more control and agility in how organizations secure their business and critical data anywhere it can be accessed via a Zero Trust framework. Forcepoint is the only security company today delivering single vendor Data-first SASE, and I’m bullish on our SASE market opportunity for 2023. We have made significant investments the last two years to accelerate our converged security platform, and our channel strategy for 2023 builds on this commitment to simplify security.

To continue to grow and scale, it’s important for us to continue to invest in product development and go-to-market to meet the growing, global demand for single-vendor Data-first SASE offering.

Browsing the web and accessing content is continuously at threat as the world becomes more global. At Forcepoint, we carry on making it easier for hybrid workforces to securely browse the web and access content safely. Think of it as bringing Zero Trust to web access: we can make the web safe for a wide range of users and devices, including employees, contractors, and partners using managed or unmanaged devices, even BYOD. Safer web activities extend to downloading and sharing content from the web. We enhance controls for web data and access by integrating Secure Web Gateway (SWG) with Remote Browser Isolation (RBI) and Content Disarm and Reconstruction (CDR) technologies to proactively sanitize content and websites.

Over the past few years, we have witnessed an uptake in Zero Trust and the importance of it. As we head into 2023, we will continue to roll out enhancements to Zero Trust Network Access (ZTNA), making it easier to connect to private, internally-hosted apps using Forcepoint Secure ZTNA agent and our SD-WAN appliances. In addition, customers can use Forcepoint SD-WAN appliances to provide employee connectivity to private apps without VPNs via our embedded ZTNA SD-WAN agent.

In addition, we believe 2023 will see an increased effort in Data Security. Forcepoint has expanded our Data Security offerings to make it easier to discover, classify, monitor and protect data through capabilities that work together. We believe data security should go beyond DLP and we are providing a single security policy regardless of data channel to make data access and usage controls more effective, more reliable and less complex.

What are the biggest challenges facing CIOs this year?

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?

To thrive and grow, businesses must integrate security into their operational model. They also need to streamline and simplify operations, including their approach to security.

Two decades of massive purchases and deployments of security point products has reached a crossroads. The sheer cost of managing solutions and the lack of institutional knowledge and personnel are driving teams to deploy new security architectures, consolidate vendors and demand platforms with pre-built integrations.

Chief Information Officers are recognizing this and transitioning to cloud-based network architectures that would streamline how they develop and manage their applications and provide secure access to resources. With workers both returning to the office and working from anywhere, it’s not unusual for people to use multiple devices in different locations and networks, sometimes in high-risk public areas. This includes not only their own workforce but also third-party

OUTLOOK 2023
18 CXO INSIGHT ME JANUARY 2023

suppliers and partners who want to use their own devices. The new edge is everywhere people use and create business data.

Within this context, data continues to represent enormous value and competitive advantages. Yet, the pervasiveness and importance of data increases corporate risk. The expanding attack surface makes it nearly impossible for both CXO and CIO’s to prevent sophisticated bad actors and aggressive nation-states from using automation, scale and customization in their tactics to break into your hybrid IT infrastructure and digital supply chain.

The only way for CIOs to succeed despite these challenges is to simplify security for customers, not create more complexity. We must change how we approach access and controls to achieve better outcomes. That means freeing people to use the device that works best for them, yet to do so in a way that ensures unified management and distributes Zero Trust to the right end point and application at the right time.

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?

Applied AI would become more common in 2023 with generative AI models like ChatGPT taking assisted searches and AI outputs to a totally different level. Security would continue to hold the attention and get more complex with threat actors going full Monty on AI . The landscape would get more cloudier than the previous years as the marketplace acceptance for cloud compute is maturing fast. Data Protection would be a key element that would dominate the IT landscape.

What are the biggest challenges facing CIOs this year?

Paucity of tech talent would be a key challenge. While technology advances at a rapid rate with more complexities the gaps to manage it keeps getting wider. Also, while the challenge to mitigate security risks continues to grow the knowledge level or lack of it within organisations puts needless strains to IT policy makers. Another challenge is the market uncertainty because of the trying times. Ironically sustainability targets are also viewed as challenging because the CIOs and CEOs tend to put a cost of time and resources to this.

How are you helping your customers build operational resilience?

We, at Cloud Box Technologies, rely on our capabilities to own and implement solutions with the primary objectives of improved productivity and robust resilience. Companies entrusts us with responsibilities from designing to managing

security, data protection, active and passive storages etc. These carries a very high level of accountability, and we use the best tools and skill levels to augment and complete the tasks. It also helps that we have subject matter experts managing different components of an activity.

The drive towards ‘Smarter’ buildings is a key area with four main trends driving technological changes:

First is the large increase in the number of devices that need to be connected. Smart Buildings by definition rely on data from the different ‘Operational Technology’ (OT) systems in the building – security, power, HVAC, lighting etc – to be interconnected. In order to collect and share this data, all sorts of IoT devices & sensors are required to monitor, report and ‘act’ on the inputs received. We therefore need to find ways to connect and ‘network’ many more ‘OT’ devices in addition to the traditional ‘IT’ devices already planned.

The second driver is the need to plan for large bandwidth variations. Many of these ‘OT devices’ require relatively low bandwidth, whilst others like HD CCTV etc may be higher. The need to be able to support very low to very high bandwidth needs, without under - or over – specifying, needs careful consideration.

The growth of wireless transmission and 5G is the third issue. As WiFi bandwidth increases, the range of each access point decreases - so more access points are required to cover the same area. This again means more connection points are required with higher bandwidth backbone connection. A similar issue applies to 5G connections.

Finally, IoT devices need to be powered. This can be supported via Power over Ethernet (PoE), Single Pair Power over Ethernet (SPoE), separate mains supply, or batteries – each of which present their own challenges and solutions.

How are you helping your customers build operational resilience?

The key here is to plan any new cabling infrastructure to ensure it is flexible, scalable, and adaptable to support the specific needs of the individual customer. We have a large range of solutions in terms of performance, flexibility, bandwidth, power deliver, ease of management, fire performance, distance support etc. That enables us to help our customers make the smart choices needed. By understanding their needs, we can help them to select the most appropriate technical solutions that work best for them over the customers intended timeframe.

OUTLOOK 2023
Can you list some top trends that will have the maximum impact on the tech landscape in 2023 and what are the biggest challenges facing CIOs this year?
BIJU UNNI Vice President at Cloud Box Technologies ARAFAT YOUSEF MEA Managing Director of Nexans Data Network Solutions
20 CXO INSIGHT ME JANUARY 2023

Based on Red Hat’s 2022 Global Tech Outlook, the following factors give us a glimpse of what the future holds for businesses and how you can adapt to the new wave of innovation:

Digital revolution continues apace: As part of the evolution of Industry 4.0, in 2022 we saw the continued merging of information technology (IT) and operational technology (OT) in scenarios such as smart cities, smart factories, assembly lines, robots and process controllers. Industrial organizations are successfully breaking down internal silos with the help of technology like open APIs and open hybrid cloud, and furthering the reach of compute and data gathering by use of more “Edge” computing technology extending the opportunity to innovate. This technology expansion combined with a shift in innovation being enabled and improved collaboration across teams as a culture change developing rapidly in organisations will accelerate this IT/OT convergence and accelerate digital innovation in 2023. Hybrid cloud strategies continue to dominate: While 18% of firms are still in the process of defining a cloud strategy, hybrid cloud strategies are the most prevalent (30%). Incorporating enterprises who opted for multicloud — a phrase that is sometimes used interchangeably with hybrid cloud — raises the proportion of businesses relying on several clouds to 43%. This will give leverage on development costs (develop once deploy anywhere), flexibility (not tied to one Cloud Service) and commercial leverage (multiple competing suppliers).

Security is always a primary priority: IT security was selected by far the most frequently (46% of respondents) among firms’ top IT technology funding objectives for 2022. This increased emphasis is also apparent in other financing areas. Despite a four-percentagepoint decline from the previous year, network security continues to be the top funding priority for security at 38%. Cloud security followed closely at 37%. The prioritisation of vulnerability management increased the most since last year, from 21% to 27%. Selection of a clear technology choice to enable Hybrid Cloud capability where that choice also embodies end to end security capability will reduce the security challenge across multiple clouds.

The Internet of Things (IoT) and artificial intelligence and machine learning (AI/ML) continue to dominate the planning of developing technologies: Combining IoT with edge computing, 61% of respondents want to employ either one or both in the next 12 months. With AI/ML at 53% and IoT at 49%, the percentage of firms considering or planning to utilise emerging technologies increased across several workloads this year. More and more artificial intelligence services either native to the cloud provider or third party services and becoming available and whilst AI is in it’s infancy, those who invest early and learn how to harness this technology early to make efficiency or business expansion gains, will be in great position for the future.

Automation advances: Similar to investments in security, investments in automation will be prioritised in numerous sectors until 2022. While IT operations automation remains in the middle of the pack in terms of top IT spending priorities (28%), this is an increase of two percentage points from the previous year, and automation has also played a role in other funding priorities. For instance, automating IT operations was the second most popular financing priority (38%) for optimising legacy IT, representing the greatest rise from the previous year. Automation has a huge benefit in reducing the cost of expensive and rare human resources used/wasted in repetitive tasks, allowing them to be used in more strategic differentiation, and also delivers better operational and security consistency, avoiding human errors.

What are the biggest challenges facing CIOs this year?

As 4G gives way to 5G, businesses will see the rise of hybrid cloud and edge technologies. Manufacturing industry will also see big changes as smart factories with AI emerge and the pace of data collection, preparation and inference accelerates. Challenges will include eliminating skill gaps, increasing application development, integration of reusable technologies and services to call on “a service” elements to enhance innovation capability, and developing a secure and robust hybrid cloud platform. All of these are key components of a successful digital transformation strategy.

In aiming to uncover the greatest technology challenges our customers face, a recent survey commissioned by Riverbed and undertaken by IDC found that 75% of business decision-makers say their organisation struggles to glean actionable insights from data that is generated by their technology infrastructure. This data is essential to improve the digital experience for users and boost organisational productivity both of which are business imperatives for today’s resource-constrained enterprises that find themselves in an increasingly competitive market.

The answer to this is Unified Observability and as this becomes the responsibility of C-level technology executives (CIOs, CTOs, CDOs, etc.), organisations in the UAE are also investing more dollars in observability solutions. In the same survey, the vast majority (86%) of UAE respondents said their observability budgets will rise in the next two years.

What are the biggest challenges facing CIOs this year?

Throughout 2022 but especially in recent months, companies have been under increasing pressure to ‘do more with less.’ Of

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?
MENA MIGALLY Regional Vice President –Emerging EMEA at Riverbed
Can you list some top trends that will have the maximum impact on the tech landscape in 2023?
PHILIP ANDREWS Vice President for META region, Red Hat
21 CXO INSIGHT ME JANUARY 2023

course, while constraints are being imposed on IT headcount, expectations around technology advancement for business enablement continue to grow. Consequently, CIOs are turning to their technology partners for solutions that empower even the most modestly-sized IT departments to drive innovation through the organisation.

In 2023, we expect to see increasing demand for technologies such as Unified Observability that democratise IT team’s knowledge and enable organisations to ‘shift left,’ allowing Level 1-2 staff to solve more problems without escalations. By reducing mean time to resolution, precious resources can redirect their efforts on high-value initiatives that drive business outcomes.

Can you list some top trends that will have the maximum impact on the tech landscape in 2023?

Rise of data backup ransomware attacks: Ransomware attacks are not going away and will remain a major threat next year. However, many attackers will choose an easier and less obtrusive path to gain the same critical data. We will see more attacks target backups that are less frequently monitored, can provide ongoing access to data, and may be less secure or from forgotten older files. Security tools that typically monitor for these attacks, like Intrusion Prevention Systems (IPS), are also often turned off or ignored because they often trigger false alarms for data backup systems. This makes it even more difficult to distinguish between false and legitimate attacks.

MFA bypass attacks will explode: We will see a continued movement away from using multiple use passwords and towards adopting multifactor authentication (MFA), passkeys, FIDO 2 authentication and other additional layers of security. Companies like Apple and Google are also developing their own authentication token systems. This will all lead to a badly needed increase in security but also result in an explosion of attacks that aim to bypass such MFA approaches, including using stalkerware to take advantage of company executives and board of directors’ use of mobile phones to record their keystrokes and interactions.

Attackers will hide stalkerware in consumer apps: While mobile phones are more secure than desktops, we will also see a greater volume of stalkerware included in downloaded apps that target consumers. Pegasus is a key example of this threat, which can install itself on iOS and Android devices with zero clicks. Hackers are also creating malicious stalkerware apps and hiding them in app stores. As people also become more accustomed to downloading family tracking software and giving away app permissions, the risk of having their keystrokes,

locations, voice, and even photos and videos recorded for financial theft and other nefarious purposes will also increase.

Organisations must go on the offensive to close the cyber skills gap: Cyber professionals need to close the skills gap to understand what attackers are exploiting and why. Next year, we will see more offensive training and increased focus on threat hunting to improve hunt-to-detection time and examining endpoints and network traffic for anomalies to detect attacks and prevent them from causing damage. This will be especially important with an expanded attack surface from a continued hybrid workforce. At the same time, organizations won’t be able to hire during the recession and will need to upskill and make their staff better trained to defend against attacks. As such, we will also see a rise in purple teaming so that security professionals can practice with each other on penetration testing, uncovering, and defending against the newest cyberattacks.

Can you list some top trends that will have

maximum impact on the tech landscape in 2023?

The year 2023 will continue to see some remarkable developments within the key technologies such as cloud, AI, IoT, and mobility. Organizations across industries and business segments will continue to invest in the customer experience, user experience and automation solutions which will accelerate the spending on AI, analytics and intelligent process automation solutions. As discussion around sustainability intensifies, organizations will look for the ways to achieve their environmental, social, and corporate governance (ESG) goals through digital investments. Metaverse will create a buzz in the MEA region which was also one of the key themes in the Gitex 2022. Technology developments within Metaverse will be interesting to watch, especially from the UAE perspective after the announcement of Dubai Metaverse Strategy in 2022. The country already has long term national strategy around blockchain and AI, and with Metaverse Strategy, it aims to turn Dubai into one the world’s top 10 metaverse economies and establish the country as a global hub for the metaverse community.

What are the biggest challenges facing CIOs this year?

One of the biggest challenges that CIOs will face this year is the ever-increasing IT cost stemming from inflation and currency fluctuation. Keeping a balanced approach to pursue digital innovation initiatives while managing daily operational tasks and addressing the disruptions of IT supply chain will further pose challenges for the CIOs across the Middle East & Africa region.

OUTLOOK 2023
the
JOHN PESCATORE Director of Emerging Security Trends, SANS Institute MANISH RANJAN Senior Program Manager –Software, Cloud & IT Services at IDC MEA
22 CXO INSIGHT ME JANUARY 2023

THE WAY FORWARD FOR MODERN BUSINESS

before and after adjustments to the security stack.

Businesses have to ensure that both organisational consolidation and expansion do not lead to vulnerabilities, and that potential threats inherent within the stack itself are minimal.

Validate team and processes

In 2021, ransomware attacks cost the world over $20 billion. Cybersecurity should be a top priority for top executives looking to avoid crippling fines and reputational damage. However, 90% of CIOs acknowledge their companies spend millions on inefficient security solutions. CEOs are losing sleep as they struggle to find worthwhile investments that will keep operations secure.

Most organisations do not have a methodology to validate cybersecurity. Those that have cybersecurity best practices at the heart of their culture, are better placed to make investments that protect their network.

When strategising how to operationalise security infrastructure, security decision makers should concentrate on:

Right team

Providing expert training has proven to be the best tool to retain best talent. Staff feels valued and invested in by their employers, driving them to perform operationally effective security.

Security exercises

Every professional team trains first for individual skills, then they train as a team. Cybersecurity teams should follow the same process to validate whether they are ready to protect.

Trust, but verify

Verifying how businesses behave under attack, being able to separate the significant signals from the noise is often the difference between being secure or being compromised.

Everyone’s problem

No matter how state-of-the-art your technology is, 85% of breaches are in fact due to human errors. Being able to emulate traffic, mistakes and behaviours is key to building confidence.

Executive commitment

It takes commitment to be a secure organisation and operation. Leaders have to talk about how security impacts brand, customers, social responsibility.

Simulation exercises

Before and after every update to a stack, CISOs must test their security stacks. Red team exercises allow organisations to do this. In these exercises, red teamers will act as hackers and throw everything they can think of at the company’s network. Old and new attack tactics, techniques and procedures will be deployed to see what cracks and what stands strong.

CISOs and their teams should keep detailed logs of the effects of these simulated attacks on their network

Cyber training experts swear by tabletop exercises, but they are only as good as the table they are on if you do not actually practice a response. CISOs need to evaluate their team’s incident response skills and make sure they have hired people who have the capabilities to identify threats and respond to them quickly and effectively.

One way to do this is through purple teaming – when red teams acting as offense and blue teams acting as defence work together to share knowledge. Purple teaming enables team members to collaborate with one another, and identify personal strengths and weaknesses.

Following the exercise, teams should hold a post-mortem to identify if any training programs need to be developed to boost employees’ abilities. A problem addressed should always be coupled with a solution.

CISOs are responsible for providing team members the tools they need to be better at their jobs.

Confidence building

After testing both the stack and personnel, CISOs should ensure every member of the team is acquainted with each tool in their stack and involve their team in decision-making process. They should let their teams conduct trials with different tools before making a decision about which ones to invest in.

CISOs are not just responsible for making sure their company is not hacked. They are responsible for making sure their tools and people are working as a united front to keep bad guys out.

CISOs may already have the tools they need to succeed in their backyard. They may also have holes in their staff or stack that are zero ROI. Identifying gaps does not mean just finding holes in technology or the team, but figuring out how they can be effective together.

VIEWPOINT
LEE ROSSEY, CTO AND CO-FOUNDER OF SIMSPACE, EXPLAINS THAT SIMULATIONS OF THREAT ATTACKS AND DEFENSIVE ROLE PLAY BY TEAMS AND INDIVIDUAL MEMBERS IS THE BEST WAY TO BUILD ORGANIZATIONAL ROBUSTNESS.
24 CXO INSIGHT ME JANUARY 2023

EMERGENCE OF ROBOTICS AS A SERVICE

Companies worldwide are now required to be agile in their customer service and development processes to compete in their sector due to the ongoing trend of digitisation, especially in the post pandemic era. Nowadays, firms must reconsider their strategy to meet the modern digital era as competitiveness demands efficiency in various activities. It is evident that the world needs a sustainable and automated solution that meets both the customer and the ownerstakeholder requirements.

One promising strategy for businesses to automate operations, manage work seamlessly, and reduce costs is to implement robots as a service (RaaS) model. The RaaS model is continuously gaining momentum within several organisations to combat operational challenges in the new era.

Automated machinery has always been one way to boost productivity and manage operations whenever human skills have been limited or unavailable onsite and in time.

Present day advanced robots are sufficiently intelligent to complete many well defined, repetitive manual tasks inside households, commercial establishments, large enterprises, and sprawling communities. Typical use cases for service robots include hospitality, cleaning, delivery, inspection, quality control, sanitisation, entertainment, security, across retail, , healthcare, logistics hubs, amongst others. Service robots are also designed by manufacturers with the primary function as collaborative, domestic, medical, entertainment, educational, amongst others.

However, service robots are seldom utilised around the clock and are significantly capital extensive. The robots must be programmed to recognise their physical parameters, the tasks they carry out daily, the owners, and the customers. These factors may have been limiting regional and global ramp-up.

Selected service providers like PROVEN Robotics in the GCC region have found a solution to this challenge through robotics as a service. RaaS offers a flexible alternative for small and medium enterprises considering employing robots but lacking the expertise or internal resources to maintain such robotic solutions. By renting robotic equipment and using a cloud-based subscription service, Robots as a Service enables a business to enjoy the advantages of robotic process automation.

A technical explanation provided by Wikipedia explains robotics as a service to be a cloud computing unit that facilitates integration of a robot and embedded devices into a cloud computing environment. In terms of service-oriented architecture, a RaaS unit includes services for performing functionality, a service directory for discovery and publishing, and service clients for user’s direct access.

RaaS is intriguing the interest of businesses because it is more flexible, scalable, and affordable than traditional robotics initiatives. Given how expensive robots are, it may be years before businesses see a return on their investment. This has discouraged many businesses from making robot investments. Small- and medium-sized

firms can use robots and automation without making this initial investment thanks to RaaS. Additionally, it enables businesses to easily and quickly scale up or down in response to shifting customer and market demands. RaaS offers less initial start-up capital and more predictable costs.

The price of hardware has also decreased due to globalisation, and it is simple to sign up for and locate robust cloud computing systems that permit the inclusion of robots as a variable cost service with subscription plans. Additionally, since many businesses currently use the software as a service model, businesses are already at ease with the business model.

RaaS benefits numerous businesses across numerous industries. RaaS lowers the entry hurdle for other industries to test out and experiment with robotic solutions as they become aware of the uses for robots.

RaaS can be considered an extension of Industrial Internet of Things that deals with intelligent devices that have adequate computing capacity. RaaS is also a financial model for the purchase and use of a physical services robot. Through a RaaS purchase contract, the buyer is paying for the use of the physical device through a subscription-based contract. RaaS is different than a lease contract, since the regional service provider continues to own the robotic device and carries the machine as an asset on its books.

THE ABILITY TO MOVE ON-DEMAND SERVICES FOR ROBOTIC ASSISTANCE TO A CLOUD PLATFORM WILL BOOST DEMAND FROM SMALL AND MEDIUM BUSINESSES IN THE REGION, EXPLAINS DOAA SULAIMAN, ROBOTICS DIRECTOR OF PROVEN ROBOTICS.
VIEWPOINT 25 CXO INSIGHT ME JANUARY 2023

EMERGING STORAGE TRENDS

MOHAMMED OWAIS, SALES DIRECTOR, MIDDLE EAST, WESTERN DIGITAL, ON ENTERPRISE STORAGE TRENDS TO WATCH

Can you tell us more about your smart video solutions?

Western Digital’s WD Purple is the company’s product range of smart video HDDs and microSD cards. It has three main device ranges; WD Purple Pro HDD, WD Purple HDD and WD Purple microSD card.

camera storage, and its support for card health monitoring functionality allows for pre-emptive storage management

Why should enterprises pay more attention to storage security?

What are the trends to watch out for in enterprise storage this year?

With overall storage capacity expected to grow exponentially, we can clearly see why the industry not only needs more storage capacity but also more efficient storage technologies, and higher performing solutions to handle more data than ever before.

While capacity grows, IT budgets keep on shrinking. The modern data center is under constant pressure to deliver more capacity, more speed, and better results at continuing lower costs.

Poised to become a hub for futuristic, innovative and intelligent data the UAE is building upon an era in which Artificial intelligence (AI), Internet of Things (IoT) and data analytics are the steppingstones to a successful digital transformation.

These intensive activities mean technology needs to evolve to meet the demands of ambitious digital transformation developments and create strong security practices to keep information safe. This is where data infrastructure will play a crucial role in the UAE and beyond.

The 22TB WD Purple Pro CMR HDD with OptiNAND technology delivers big capacity to address the latest surveillance trends, in a purpose-built enterprise-class drive supporting video analytics servers, and AI and deeplearning systems. The drive features Western Digital’s exclusive AllFrame AI technology that supports AI streams for deep-learning analytics within the system while helping to reduce dropped frames. WD Purple Pro drives are optimized to handle up to 64 singlestream HD cameras as well as many of the latest smart cameras that transmit multiple streams. It offers high reliability with a MTBF of up to 2.5 million hours for advanced smart video solutions that operate in 24/7 environments.

The WD PurpleHDDs are engineered specifically for surveillance to help withstand the elevated heat fluctuations and equipment vibrations within NVR environments. An average desktop drive is built to run for only short intervals, not the harsh 24/7 always-on environment of a high-definition surveillance system. With WD Purple, you get reliable, surveillance-class storage that’s tested for compatibility in a wide range of security systems. Exclusive AllFrame technology helps reduce frame loss and improve overall video playback

The WD Purple microSD card is borne out of extensive analysis of three generations of industrial products to specifically address the surveillance market. With its high endurance and capacities up to 256GB, the WD Purple microSD card provides long lasting on-

With overall storage capacity expected to grow exponentially, we can clearly see why the industry not only needs more storage capacity but also more efficient storage technologies, and higher performing solutions to handle more data than ever before. The key for Western Digital is delivering products and capabilities that can scale to such a level and help its customers scale and innovate to new levels.

While capacity grows, IT budgets keep on shrinking. The modern data centre is under constant pressure to deliver more capacity, more speed, and better results at continuing lower costs. As the challenges for data centers grow, so do the opportunities and solutions that enable IT to deliver new services, extract data insights, and drive business success. At Western Digital, we provide a variety of products that meet those demands including WD Gold, UltraStar, and Red, with capacities ranging up to 22TB.

Can you tell us how WD is helping its customers drive their sustainability initiatives?

The new drives represent a culmination of innovations that make the capacity levels possible. Western Digital has been developing these technological advances for decades. Namely, they are ePMR, HelioSeal, OptiNAND, and UltraSMR — a new, denser form of SMR technology. It’s a powerful combination of technology and innovation that will allow cloud scale customers to increase capacities and performance, in addition to keeping TCO manageable. An 18% increase in capacity could lead to a substantial reduction in TCO and operating costs.

INTERVIEW 26 CXO INSIGHT ME JANUARY 2023
ORGANIZER OFFICIAL MEDIA 21.02.2023 Shangri-La Dubai NOMINATE NOW A tribute to the visionaries and pioneers of IT in the Middle East For sponsorship enquiries: Merle Carrasco Sales Director merlec@insightmediame.com +971 55 118 1730 For nomination enquiries: Jeevan Thankappan Managing Editor jeevant@insightmediame.com +971 56 415 6425 https://cxoinsightme.com/cxo50/2023/nomination.php

PROTECTING YOUR BUSINESS

WHY YOU SHOULD CONSIDER CYBER INSURANCE

The increase in ransomware attacks and other malware has made organisations of all sizes to invest in cyber insurance to mitigate their risk exposure. Many CISOs see it as essential to their risk management strategy though policy costs are going through the roof and insurers demanding stringent security measure as a pre-condition for cyber coverage.

What should a cyber insurance policy cover?

Generally speaking, cyber insurance covers first and third-party financial costs and reputational damages. First-party coverage protects a company against the direct damages caused by a cyber-attack. In case of third-party coverage, the insurer covers the cost of the claims that customers, vendors, partners, or other parties could make for the damages they have suffered as a consequence of the cyber incident at your company.

When signing up for a new cyber insurance policy, it’s essential to have a

clear understanding of what the policy will cover, as insurers don’t have a standard way to refer to cyber incidents and packages may vary considerably,” says Mohammad Ismail, Regional DirectorMiddle East, Delinea.

For example, in 2021 ransomware accounted for 75% of all cyber insurance claims, forcing the insurers to drastically reduce the coverage to stay profitable and a Recent research conducted by Delinea found that only about 30% of organisations say their policy covers critical risks including ransomware, ransom negotiation, and decision on ransom payment, he says.

“First of all, cyber insurance follows the same principles and criteria of insurance in general. So like any other kind of insurance, it’s about “selling a risk” to a third party (the insurer) who will indemnify the insured in case the risk materialises. That said there is a certain level of risk avoidance and mitigation that the insurer will expect from the insured.

This is to give the insured the possibility to access cyber insurance, at an affordable premium, if adequate security controls are in place,” says Paul Baird, CTSO, Qualys.

Christopher Hills, Chief Security Strategist at BeyondTrust, says over the past year, cyber insurance has evolved and matured far beyond what we have seen in the past. Although cyber insurance continues to be a human involved process for determining coverage, deductibles, and how much risk is too much for both brokers and carriers, one of the biggest changes in cyber insurance is how the carriers and brokers are focusing on writing “Exclusions” or “Fine Print” into their policies, in order to protect both the brokers and carriers in the event of a breach or compromise.

FEATURE
Mohammad Ismail
28 CXO INSIGHT ME JANUARY 2023
Brian Neuhaus

How can users assess their cyber insurance needs?

“With the advent of rapid digital transformation, industry experts anticipate an explosion of digital identities. Threat actors will try to exploit this to inflict attacks that extract high financial returns and cause havoc through data exfiltration. By performing a comprehensive cyber risk assessment, organisations can gauge their security postures and understand their pain points. With knowledge about a company’s potential for risk exposure, insurers can zero in on the risk premiums and avail the required coverage,” says Debanjali Ghosh, Technical Evangelist at ManageEngine.

Brian Neuhaus - CTO, Americas at Vectra AI, says there are a few key factors

to consider when determining how much cyber insurance coverage is necessary. He says larger businesses with more complex systems and a larger volume of sensitive data may require more comprehensive coverage. This should include merger and acquisition strategies to make sure the policy covers the business at it materially changes in size and scope. There should be a tight coordination between executive leaders, particularly the CFO and CISO, as they are both mitigating similar risks but looking through unique and sometimes uncoordinated lenses. And some industries, such as healthcare and finance, may be at a higher risk of cyberattacks and may require more robust coverage.

Is cyber insurance worth it in the long run?

“Yes, but cyber insurance is not a silver bullet and will not instantly solve all cybersecurity issues, and it will not prevent a cyber breach/attack,” says Anton Shipulin, Industrial Cybersecurity Evangelist at Nozomi Networks. “Just as homeowners with household insurance are expected to have adequate security measures in place, organisations must continue to put measures in place to protect what they care about. However, cyber insurance is an effective part of enterprise risk management strategy that might help transfer residual cyber risks and protect the business against losses

resulting from a cyberattack.”

Ghosh from ManageEngine says with advancements in AI and ML-based technology proliferating, cyberattacks have become smarter and more threatening. Organisations, irrespective of their size, must be prepared for security incidents that are potentially debilitating. Cyber insurance is an important resort for companies to not just brace for impact, but also to neutralise the effect of an attack and ensure business continuity.

Aaron Turner – CTO, SaaS at Vectra AI, says it depends on the specific needs and circumstances of the business or individual. For businesses, the costs of responding to a cyber incident can be significant, and in some cases, a cyber insurance policy may provide much-needed financial protection. For individuals, the decision to purchase cyber insurance may depend on the amount and sensitivity of the personal data they have online and their willingness to bear the costs of a potential cyber-attack. Ultimately, it’s important for businesses and individuals to carefully consider their cyber insurance needs and weigh the potential costs and benefits of coverage.

“It’s important to include your insurer during all phases of an incident, from tabletop exercises including communication to them in a mock incident, to early on in an investigation. Having clear and frequent communication with the insurer makes it much easier when filing the ultimate claim,” he concludes.

Christopher Hills Paul Baird Anton Shipulin
29 CXO INSIGHT ME JANUARY 2023
Debanjali Ghosh

THE UNPREDICTABILITY OF INTERNET PRIVACY TRENDS

THE LAST FOUR DECADES WON’T PREPARE US FOR THE FUTURE, WRITES AARON TURNER, SAAS CTO, VECTRA AI

Immediately, all of the participants toned down their posts and deferred to the now-”known” user who had posted from a network at a prestigious organisation, proving that the individual was not just some internet lackey, but a well-respected technologist who knew a lot more about the subject being debated than the rest of the Usenet rabble.

My first experiences with the internet relied on shared terminals in a university computer lab, using the text-based Pine client to access my email. When I first logged into that email account, I had no thought about how private my emails were, as I understood that the email server admin could read every message I sent and received.

One very important email broadened my internet horizons: I was invited to participate in a Usenet newsgroup. I started to interact with people from all over the world. In the first week on Usenet, I observed that it was important to use a proxy to post to Usenet, so that other users would not be able to immediately identify me by my posts.

As we have learned from nearly every version of social media platform, something about the format of the internet breeds conflict. In the early 90s, I observed an exchange that we would now label a “flame war” on Usenet. As the posters exchanged posts, insults flew and the messages escalated, until at one point one of the users uncloaked themselves, revealing their real IP address (as they had been using a proxy up until that point).

Within my first month on Usenet, I learned that internet privacy is contextdependent and can change based on the situation. Most people want to remain anonymous on the internet, but sometimes they don’t. From a policy perspective, over the last four decades I’ve witnessed the oscillation of users between those two preferences. In addition, developers and operators of internet technologies have faced a fundamental tension between two poles of privacy policy: Allowing governments to have the ability to investigate terrorist and criminal activity from truly dangerous users, while also allowing peaceful internet citizens to protect their online identity from abuse by others.

The combination of increasing sophistication of users’ privacy preferences and the two divergent, but rationalised, policy objectives drove significant guidelines that would culminate in the adoption and enforcement of the European Union’s General Data Protection Regulation (GDPR). GDPR policies were focused on protecting peaceful internet citizens from technology companies’ and criminals’ abuse of their online identity information. And then China decided to get involved, fundamentally changing how privacy regulations would be used for their own objectives.

The development and adoption of China’s Personal Information Protection Law (PIPL) marked a new age of

internet privacy policy, specifically the weaponisation of privacy laws by an authoritarian regime. In a truly Orwellian way, China used the term “privacy” in their regulation to serve as a doublespeak branding of their goal to subject any organisation that hosted the identity of Chinese citizens to onerous oversight and the potential for highly intrusive investigation and data sharing requests.

If GDPR was a shield designed to protect internet users, PIPL is a sword designed to threaten internet technology providers, foreign governments, international companies and end users. If I think back to my first experiences involving internet privacy, as crazy as those days were, I would never have predicted even 20 years ago that eventually privacy regulations would be weaponised the way they have by China’s PIPL.

As we see the global geopolitical order of the last 40 years crack, the balkanisation of privacy policies will inflict a heavy burden on technology developers, operators and users. For private companies, it will become increasingly difficult to comply with the divergent privacy policies that govern their enterprise user and customer identities. We have already observed many companies splitting off their China operations entirely to avoid tainting their rest-of-world operations with Chinese user accounts to avoid having to comply with PIPL on a global basis.

The bottom line for enterprise privacy leaders and end users: Things are probably going to get worse before they get better, and we all need to be prepared to be flexible to change our personal expectations around global internet privacy protections and the policies that companies will need to follow to comply with new regulations — as Orwellian as those policies may seem.

VIEWPOINT 30 CXO INSIGHT ME JANUARY 2023

WHAT IS IN STORE FOR 2023?

RAJESH GANESAN, PRESIDENT AT MANAGEENGINE, LISTS OUTS TOP FIVE PREDICTIONS IN ENTERPRISE IT SPACE FOR 2023

Since the start of the pandemic, there have been immense changes in how employees interact with IT tools and teams. Across the board, enterprises are seeing more collaboration between non-IT employees and IT personnel, and this collaboration can be, at least in part, attributed to IT decentralisation and democratisation. In the increasingly digital-first, hybrid work environment, we have five predictions that are likely to come to fruition.

In the current digital-first, hybrid work environment, more employees than ever are deciding for themselves how their technologies will be chosen, deployed, and used, which has led to an increase in the use of low/no-code solutions. Also, AI models will continue to evolve; scalable platforms will be preferable to individual tools, and enterprises will make some tough hiring decisions in 2023.

1. Enterprise-IT will evolve into enterprise-wide IT

We will continue to see the decentralisation of IT personnel. Not only will most enterprises have a centralised IT group to handle requirements like systems deployment, cybersecurity, compliance, and threat detection, but these enterprises will also have IT personnel throughout the organisational chart, addressing specialized business-driven needs as they arise. As technological expertise continues to permeate throughout enterprises, non-IT employees and IT-adjacent service delivery teams will use low/no-code platforms to build and deploy simple applications. According to a recent ManageEngine study - IT at

Work : 2022 & Beyond, 42% of global IT decision makers believe that each department will have its own IT team in the next five years.

2. The tool vs. platform debate will be laid to rest

Enterprises of varying sizes and maturity have made different choices, especially in regard to the management of their technology infrastructure. Some opted to go with a specialised tool for every problem; others invested in a platform that could expand to solve problems as they arose. The platform option is far more efficient. Having a tool for every problem doesn’t help enterprises keep pace with changing demands. More and more enterprises will opt for the holistic, scalable platform approach to managing their technology infrastructure.

3. We will see unified service delivery designed for remote-first employees

Organisations will consolidate enterprise services on a unified service management platform, facilitating remote-first employees with a productive workspace— wherever these employees choose to work. In addition to IT knowledge resources commonly accessed from a single enterprise self-service portal, employees will increasingly be able to access and request services; for example, they’ll be able to onboard remote employees, confirm corporate bookings, and submit travel expenses.

4. AI models will continue to evolve

In 2023, we will see AI models with better precision, being built with a limited amount of training data. Techniques like few shot learning and transfer learning will see increased

adoption, and the gap between natural language processing (NLP) and computer vision (CV) will continue to blur. As an example, we’re already seeing applications that allow us to search through a recording for a particular topic; then, by conversing with a chatbot, we’re brought to the relevant timestamps.

AI regulation is also on the horizon. Like we saw with data privacy legislation (GDPR), this regulation will come from the European Union. Set to become law in 2023, the E.U.’s AI Act could start being enforced as early as 2024.

5. Finding and reskilling technology talent will continue to be a challenge

The rapid evolution of technology and the changing business landscape has put pressure on businesses to find and retain talent; the question of whether enterprises should find fresh talent or reskill existing employees is one that enterprises will have to make.

In the wake of the Great Resignation, some companies assumed it would be easy to find new talent, but that really hasn’t been the case, especially in regard to software-engineering workers. Factors like diversity and inclusion will continue to influence hiring decisions, and at ManageEngine, we personally believe that continuing to train, educate, and foster the careers of existing employees is the best course of action. That said, enterprises will have to choose for themselves how best to proceed.

VIEWPOINT 31 CXO INSIGHT ME JANUARY 2023

ROADMAP TO NET ZERO

FADI HAKIM, SENIOR VENTURE ARCHITECT AT INJAZAT A G42 COMPANY, ON ACHIEVING SUSTAINABILITY GOALS IN THE UAE.

Why is sustainability a top priority today in the UAE and globally?

In just a short time, the UAE has heavily invested in and deployed solutions both at home and globally to make its mark on the renewable energy sector. The UAE’s ambitious Net Zero 2050 goal is a bold statement backed up with action in the areas of research, investment, and utilisation of resources. Based in Abu Dhabi, our team at Injazat draws on local expertise and presence as we enter into global technology partnership networks and develop market-leading services. To continue as a market leader, it is imperative that we support sustainable growth and development.

At Injazat, we’re aligned with, and have been proud to be contributing to the UAE’s vision around sustainability. We have developed a smart and sustainable transportation management solution that is contributing to the fight against climate change. These solutions are especially important in our efforts to reduce emissions that affect air quality, ensure drivers’ safety and security, reduce fuel and vehicle maintenance costs, and improve operational performance. Additionally, these solutions will lead to optimised business performance and increased efficiency around travel policies and practices at the national level.

What are the key sustainability initiatives and focused sustainability solutions of Injazat?

The UAE has paved the way in laying out a number of sustainability objectives as part of its strategic initiative to achieve Net Zero by 2050, and at Injazat, we are committed to supporting this national

pursuit to make the Emirates the first MENA nation to become net zero.

As part of this commitment, we have launched various eco- and environmentally friendly initiatives and solutions to support the transition to a low-carbon economy:

Hassantuk program: A nationwide smart city monitoring project, currently deployed with over 35,000+ commercial buildings and towers already connected. The program monitors multiple parameters, including fire, smoke, and maintenance alarms 24/7, where our IoT and AI predictive models can predict and prevent any potential fire incidents and raise early smart alerts at early stages. This adds high value to the UAE sustainability target by preventing emissions, conserving resources, and saving energy and CO2 emissions. EasyLease: A smart, safe, and sustainable telematics program currently deployed with more than 25000+ fleets monitored in the country for fuel consumption, driver behavior, and route optimisation that helps to:

• Avoid unnecessary trips and journeys and consolidate routes and trips to eliminate duplication.

• Perform route optimisation during a long trip to significantly reduce road traffic, eliminating and reducing GHG and CO2 emissions.

Smart environment, air quality, and weather monitoring stations: Environment, air quality, and weather stations that offer smart monitoring solutions across multiple points in the country, including main roads and condensed areas, as well as factories, to monitor air quality, noise, industrial pollution, and ambient conditions

Smart marine water quality and marine habitats monitoring stations: Marine Water Quality and Marine Habitats

Monitoring stations to monitor water quality, pollution, and CO2 levels in the water as well as key sea/ocean habitat conditions to enhance and restore degraded habitats.

Smart energy management and energy optimisation: Energy management and energy optimisation at the electricity and water grid level.

What are your sustainability predictions for 2023?

We believe 2023 will be a momentous year for sustainability in the UAE. The government recently declared 2023 the “Year of Sustainability,” and we’re incredibly excited that the COP28 summit will be hosted here later this year.

At G42 and Injazat, our predictions for 2023 are aligned with the UAE’s primary short- and long-term objectives around sustainability and building a greener economy. We will support the government in its pursuit of a 31% reduction in GHG emissions by 2030 as we continue to provide key offerings and solutions to increase the country’s production capacity of clean energy.

To this end, we will continue to reinforce our sustainability offerings and services by working hand in hand with all government entities in the UAE. We will empower them at a global level by providing the latest technology and solutions and support them in achieving their sustainability objectives and strategies.

INTERVIEW
32 CXO INSIGHT ME JANUARY 2023
C O NNECTING MIN d S, B O OSTING CYBER RESILIENCE DUBAI WORLD TRADE CENTRE 14-16 MAR 2023 #GISEC.AE H.E. DR. MOHAMED AL-KUWAITI HEAD OF CYBER SECURITY UNITED ARAB EMIRATES GOVERNMENT GISEC IS THE IDEAL CYBERSECURITY PLATFORM TO PARTICIPATE & PARTNER WITH ENTERPRISE & GOVERNMENT ENTITIES IN THE REGION. ENQUIRE ABOUT EXHIBITING, SPEAKING & SPONSORSHIP +971 (04) 308 6469 I GISEC@DWTC.COM I GISEC.AE Official Distribution Partner Bronze Sponsor Officially Supported by Gold Sponsors Platinum Sponsor Officially Endorsed by CYBER SECURITY COUNCIL ﻲﻧاﺮﺒﻴﺴﻟا ﻦﻣﻷا ﺲﻠﺠﻣ Official Government Cybersecurity Partner Lead Strategic Partner

TOP CLOUD SECURITY RISKS

JARIWALA, DIRECTOR - CLOUD SECURITY SERVICES AND OSCAR-IVÁN LEPE-ALDAMA, MANAGER - CLOUD SECURITY SERVICES AT CPX, ON HOW TO ADDRESS CLOUD SECURITY ISSUES.

Organisations are rapidly migrating to cloud computing for increased efficiency and scalability. With this surge comes new and more sophisticated cloud security concerns. For organisations to continue reaping the benefits of the cloud, they must plan for these risks rather than merely reacting to them.

as seen in the new Personal Data Protection Law.

This article takes into consideration emerging security risks that can hinder the expansion of cloud services, and provides recommendations to mitigate them. 1

Legal and Regulatory NonCompliance

Organisations need to abide by local, regional, and international laws and regulations. In countries like the UAE, these laws are still evolving,

Ultimately, organisations must understand where their data resides and travels, and how they audit information and provide access controls. This requires mapping out the compliance and regulatory landscape for internal and external stakeholders such as internal business stakeholders, vendors, and clients. Identifying the ideal cloud service provider (CSP) and application trust boundaries, while carefully reviewing CSP contracts around export controls is also essential. 2

Loss or Theft of Intellectual Property Companies increasingly store sensitive data in the cloud. An analysis by Skyhigh found that 21% of files uploaded to cloud services contain

sensitive data, including intellectual property. When a cloud service is breached, cybercriminals can gain access to sensitive data. Understanding which data will be processed, stored, and transmitted by applications is necessary as standard CSP contracts will not accept liability for sensitive data. Thus, CSP contracts need to be reviewed so terms and conditions are amended for the handling of such data.

3Loss of Control

A significant challenge that cloud services create is the loss of control over management of complex architectures. Without considerable planning, an organisation’s existing monitoring frameworks cannot effectively track both on-premises and public cloud environments. Relevant teams must proactively assist with

VIEWPOINT
34 CXO INSIGHT ME JANUARY 2023

monitoring requirements and processes during cloud design stages. It’s nearly impossible to implement effective monitoring as an afterthought.

4

Data Breach Notifications

If sensitive data is breached, your organisation may be required to disclose the breach. Following legally mandated breach disclosures, regulators can levy fines, in addition to potential consumer lawsuits. Evaluating CSP contracts and how they handle their breaches gives you insights into their process. It is also important to note that, upon go-live, a channel of communication should be established, and responsibilities assigned for incident communications.

5Data Disclosures

Cloud customers have little to no control over data disclosure whenever a Mutual Legal Assistance Treaty (MLAT), or similar Foreign Access, is requested. It can intrude upon any client data with the CSP. Data encryption and key management controls can help limit data disclosures, but this is an area that has yet to mature. These security services are typically added afterwards due to late recognition of customers’ increasing data security concerns. For example, when CSPs offer the Bring Your Own Key (BYOK) option, it creates the perception of increased security and control. Digging deeper into the BYOK model reveals that it is applied only at varying tiers of the key hierarchy across CSPs, and customers are not necessarily in control of the keys that actually protect data. Organisations must carefully review encryption and key management architecture provided by the CSP.

employees, and understand what data is being uploaded to which cloud services. This allows organisations to better govern and protect corporate data.

7Magnified Impact of Configuration Mistakes

As per IBM’s 2020 X-Force Threat Intelligence Index, threat actors took advantage of misconfigured cloud servers to siphon over 1 billion records from compromised cloud environments in 2019 alone. Misconfiguration occurs when computing assets are set up incorrectly, leaving them vulnerable to malicious activity. The reality is that cloud-based resources can be complex and dynamic, making them challenging to configure.

Organisations should embrace automation to continuously scan for misconfigured resources and remediate problems in real-time. Enabling multi-factor authentication (MFA) and ensuring staff undergo adequate technical training is also vital.

For instance, a cloud-native app must include special means for logging state and performance. They must support technology agnostics APIs and Zero-Trust identity management. To mitigate the risk of deploying non-cloud adapted apps into the cloud, organizations should consider establishing a security-by-design strategy, incorporating cloud-native application security, and adding CWPP to their DevOps CI/CD toolchain.

Reaping the Benefits of the Cloud while Managing the Risks

6

Loss of Governance Statistics show 80% of workers admit to using SaaS applications at work without getting approval from IT. To reduce the risks of unmanaged cloud usage, organisations need to define their cloud policy, obtain visibility into the cloud services in use by their

8Deploying Applications Designed to Run On-Premises

Digital transformation initiatives push for faster software development cycles. Security is often considered last, resulting in additional time and effort spent fixing vulnerabilities. The risk is worse if on-premises applications are deployed on the cloud.

You can outsource cloud services and operations, but the accountability of data remains with your organisation. The critical success factor is ensuring all stakeholders, including business, IT, and CSP are part of the risk assessment, eventual findings, and remediation. Security must be addressed from the beginning of the project and continue to be evaluated throughout, even after project completion. Rather than putting out fires as they arise after deploying new technologies, network and cloud environments should be proactively managed.

The cloud is here to stay, and companies must plan accordingly for the risks of cloud services with the clear benefits they bring.

Oscar-Iván Lepe-Aldama
35 CXO INSIGHT ME JANUARY 2023
Shivani Jariwala

BUSINESS PRIORITIES IN 2023

THE TOP 10 PREDICTIONS WHICH IT LEADERS NEED TO PRIORITISE IN 2023.

There’s no two ways about it –the last few years have been a bumpy ride for us all. 2022 especially will go down as one of the most tumultuous years in recent times, raising numerous issues that look set to fundamentally transform the landscape of business and society for years, if not decades to come.

Technology has been no exception to that disruption, encountering significant challenges of its own – from privacy and accountability concerns, to growing

sustainability and regulatory mandates. But by and large, it continues to present huge promise at a time when certainty and reliability is otherwise in short supply.

Cloud and digital communications are powering its unfaltering growth, first and foremost. But with so much pressure to innovate, finite financial resources with rising costs and an increasing drive for more effective governance, IT leaders’ list of priorities shows no sign of shortening in 2023.

So, with that in mind, I’ve pulled together

a list of the top ten areas I think IT leaders are likely to be drawn to – and that businesses need to prioritise – in 2023:

1. Even by accident, people will be more sustainable: Pressure to improve an organization’s environmental sustainability continues to grow. With the acute rise in energy costs, everyone, consumers and businesses, are looking to reduce costs. For consumers this might be a hot water bottle and for businesses, this includes things such as running data centers on renewables. However, with the impending Corporate Sustainability Reporting Directive (CSRD) in the EU sensible decision makers are starting to prioritize reduced overall energy consumption, making use of tools that instill accuracy and accountability when it comes to achieving sustainability goals. We along with our partners are helping our customers reduce energy costs and carbon emissions and recognise how important it is that progress can be measured. Here can you see how we are applying a ‘green score’ to do this.

2. Businesses will be defined by the way they work: The battle between those who advocate ‘everyone in the office all of the time’ versus flexible working rages on. It’s even more heightened in

VIEWPOINT
36 CXO INSIGHT ME JANUARY 2023

our digital world, where employees still hold much of the power; making it clear they’ll search for a new job if they can’t choose their own approach. Whatever our personal stance, trying to force people to go one way or the other will define an organization’s IT strategy, and therefore its future. Business leaders must agree what’s next as there’s is no going backwards on the progress made in hybrid working. And these are pivotal times as company reputations will be defined by these decisions.

3. It will become unfashionable to be cloud-first: But it will become fashionable to be cloud smart. According to our MultiCloud Maturity Index, cloud for many has become chaotic and complex, which is slowing them down. The most successful leaders won’t build their strategy around the cloud, but instead on building powerful distributed apps (including to the edge) as these are what will drive differentiation in the market. It’s then up to their IT infrastructure and architecture teams to establish which multi cloud approach will give them the capabilities they need to build and sustain those apps, the customer and employee experience.

4. AI will be used for better decision making: The use of AI to support better informed decision making will undoubtedly continue to increase. But with growing regulation and governance, and a deeper understanding of AI-bias, its use will be tempered with caution around when and for what decisions it is being used and, importantly on what data sets. No-one wants to end up like the major credit lender that was hauled over the coals a few years ago for its algorithm that was giving men significantly higher credit scores than women – due to outdated data. However, there’s no doubt that hype will continue to grow as AI gets into the hands of more and more non-techie people with the release of exciting tools like ChatGPT.

5. Taking baby steps to ensure robots and humans can interact, safely: On that same vein of technology meeting with humans, Robots have started to move out of the factory and are now interacting with humans, with mixed results and plenty of criticism. Food delivery robots are being rolled out

across the UK and Tesla is now almost 12 months into their Full Self-Driving beta programs in the US, it’s time to take a few deep breaths and take stock. While there have been a few crashes, let’s be honest… how many times have Deliveroo drivers run into someone on their mopeds? Instead of rushing to turn robots into heroes or villains, 2023 will be the year we evaluate the huge amounts of data we are collating and apply lessons based on their initial machine-to-human interactions, to ensure they enter the human realm safely. We are a long way from full robot – human integration but baby steps will be required for continued progress, without the alarmism that has become synonymous with robots.

6. Focusing on transferable tech skills to move at pace: While there are constantly ‘new’ technologies, tools and programs entering the market, nothing is ‘absolutely new’. It’s almost impossible to adapt skillsets to how fast the world is changing; Universities just aren’t pumping out multi-cloud architects, and security experts don’t automatically understand new threats. Rather than focusing on platform- or technology specific skillets and capabilities, there needs to be more focus on skills that are fundamentally transferable between existing and new technologies and build upon the years of experience we’ve already amassed. If people have the basics down and their intentions are right, there can be more transference of skills to support the digital economy.

7. Still searching for that killer ‘metaverse’ app: The Metaverse or some version of it has been on everyone’s trends list for the past decade with big brands promising to deliver a world changing virtual reality experience. Unfortunately, it’s still not materialized and as such people are losing confidence. From where I sit, the potential to revolutionize is certainly there but we’re still yet to find that killer use case that will really engage and change people and hook them into repeated visits and experiences.

8. Death of the super-app dream: Rather than the move towards a super app, more fragmentation is happening in the market. Look what’s happening in social media

with Twitter, and the rise of Instagram and now TikTok. Until now many have been fixated on the rise of the super-app, which given consumer demand for smooth and seamless experiences is understandable. But EMEA isn’t China, and so a European version of WeChat is unlikely to take hold. It’s pretty clear evidence that super-apps just won’t happen – people want apps that do specific jobs and do them well. So, if anything, we’re likely to see even more fragmentation in 2023.

9. Using commodity hardware to overcome supply chain issues: In a world where things are changing hour to hour, waiting 6+ months for specialist equipment just isn’t an option. Some have already started finding their way around this issue by purchasing commodity hardware that‘s far more readily available, and then investing in specialist software to deliver what they need quickly and efficiently. This focus on software-defined and enabled will continue.

10. Even blurrier lines between telco and cloud providers: Telco companies have already been building clouds for years, but as the drive towards distributed applications, choice and a highly flexible environment increases, we’ll start to see more cloud companies get into networking, infrastructure and customersite management. The already blurry lines between the two are only going to get even blurrier. A battle is brewing…

37 CXO INSIGHT ME JANUARY 2023

A FRAMEWORK FOR SUSTAINABILITY

PHIL MOTTRAM, PRESIDENT, HPE INTELLIGENT EDGE BUSINESS, ON ARUBA’S SUSTAINABILITY FRAMEWORK

we have a shared responsibility to our customers, and in addition to innovations in our product designs, we are actively pursuing additional ways of helping our customers reduce emissions generated by network operations.

As I previously highlighted, Aruba’s focus is on enabling efficient IT operations with the goal of minimising environmental impacts across the product lifecycle and reducing the total cost of ownership for our customers. We approach efficient IT using the following framework:

• Energy efficiency — Deliver an optimum level of power, storage, and connectivity with the lowest possible input of energy.

• Equipment efficiency — Maximise IT processing power and storage capabilities with fewer IT assets.

• Resource efficiency — Engineer products to work efficiently within data centers and at the edge, while requiring the least amount of support equipment and staff for power conversion, cooling, and resiliency.

Maximising efficiency in each of these categories requires a modern network architecture designed for agility and performance at scale. Every element of the ecosystem contributes to the overall efficiency of the network, and when considering the sustainability attributes of individual products, we look at three main functions:

• How they are made – Activities related to creation, production, and lifecycle management

As the leader for Aruba, HPE’s Intelligent Edge business, I spend a good portion of my time talking to customers and partners about the strategic goals of their businesses. Our conversations typically cover a wide range of business concerns such as workforce productivity, operational efficiency, automation, and network security, yet recently rising to the top of this list is sustainability.

Increases in governmental regulations, skyrocketing energy prices, and the impact of extreme environmental

events in their communities are forcing companies to evaluate their carbon footprint and to find ways to reduce their emissions to become net zero by 2050. While some companies are further along than others, a recent Forrester survey found that 58% of Global Fortune 200 companies have named a sustainability lead, and 55% have established greenhouse gas emission targets.

To get to net zero, organisations must extend their view beyond their own operations’ emissions to the emissions created by their products and services used by customers. Aruba recognises

• How they work – Operational properties that optimise power efficiency and performance

• How they are used – Use cases that help customers lower their carbon footprint

How Aruba products are made

How a product is made has a significant effect on its value to our customers, including features supported, quality of service offered, cost of ownership, and environmental impact. When developing a new product, Aruba considers every element of the product lifecycle,

VIEWPOINT
38 CXO INSIGHT ME JANUARY 2023

including design, material composition and acquisition, production, packaging, transportation, and post-use disposition to ensure they meet our customers’ evolving needs and expectations.

How Aruba products lessen their environmental impact:

• Our products are free of heavy metals and ozone depleting components

• New products are designed to use lowhalogen PCBs

• Our products are engineered to be easily recycled

• All products are manufactured in compliance with strict regulatory and HPE-directed requirements

• Our product packaging is comprised of up to 80% recycled materials

• We also offer valuable lifecycle management services that alleviate the burden of managing and responsibly dispositioning network assets. With global reach and the largest technology recovery centers in the world, HPE offers IT asset lifecycle solutions to help customers reclaim asset value, simplify lifecycle management activities, and create circularity as they migrate to HPE GreenLake for Aruba.

How Aruba products work

Equally as important to the performance and sustainability profile of our products is how they work. We use innovations that enable maximum power efficiency such as power management features, platform operation, built-in intelligence, streamlined workflows, and standards compliance.

How Aruba products work more sustainably:

• Patented intelligent power management features in Aruba access points minimise power consumption by consuming an average of only 50% of the total power capacity in real world deployments.

• Energy efficient Ethernet and the use of 80+ certified power supplies on Aruba switches reduce power consumption by 50% and - up to 80% or more during periods of low data activity.

• Cloud-based network management hosted in energy-efficient data centers

is reported to be 3.6 times more efficient than traditional enterprise data center operations.

The AI and automation in Aruba’s management platform, Aruba ESP (Edge Services Platform), diagnoses network issues in real time, accelerating IT response, lowering help desk tickets, and enabling efficient power usage. Inefficient networks are analogous to leaky water pipes. Just as leaky pipes waste water, inefficient networks waste energy. A network draws power to operate. For example, by using AIOps, you can eliminate 75% of your helpdesk tickets, improve the efficiency of your network, and reduce the amount of wasted power and human capital (which can be better spent on strategic initiatives) that would otherwise be spent on resolving network anomalies. Client authentication issues, inefficient load balancing, switch port errors, and a host of other network issues lead to unnecessary power consumption.

How Aruba products are used

It is also important to examine the ways our customers leverage our products to deliver value to their businesses, including secure high-performance connectivity that empowers workforce productivity, streamlined workflows that drive IT resource optimisation, and additional applications that enable control of key resource consumption.

For instance, Aruba’s network management console consolidates multiple functions on a single cloud platform, simplifying IT workflows and reducing the number of point solutions. Our customers can avoid purchasing additional hardware, power, and HVAC resources.

Aruba Central also enables Zero Touch Provisioning of equipment, which allows devices to be centrally configured, shipped to remote locations and easily installed, eliminating the need to send skilled technicians to remote locations. Not only is this process more efficient, but it also lowers greenhouse gas emissions by 650g CO2 for every kilometer not driven .

There are also innovative IoT applications that enable efficient resource management and smart office improvements — including sensors that monitor power, lighting, cooling, and water to name a few. Aruba’s network architecture enables direct connection of these devices through Bluetooth, Zigbee, and PoE ports on APs. Having a direct connection not only enables customers to broaden the mechanisms used to make their corporate environments more efficient, but also eliminates the need for overlay appliances that would increase cost, carbon emissions, and lifecycle management activity.

While I’ve noted a few sustainabilityfocused innovations, there is much more to be done, and we are just getting started. As an industry leader in sustainability, HPE has committed to become net zero by 2040, with an interim goal of lowering Scope 3 emissions — those generated by our customers while using our products — by 42% by 2030. As an integral part of HPE, Aruba actively supports these goals.

To accelerate momentum, we have mobilised cross-organisational teams to further investigate and develop sustainable features, responsible supply chain solutions, and Tech for Good initiatives that will improve the sustainability profile of how our products are made, how they work, and how they’re used. I am excited about the great work being done by these teams, and I look forward to sharing more with you in the months to come.

39 CXO INSIGHT ME JANUARY 2023

TECHNOLOGY PREDICTIONS FROM CLOUDFLARE

JOHN ENGATES, FIELD CTO AT CLOUDFLARE, FORECASTS TECHNOLOGY TRENDS FOR 2023

The Rise of Chief Zero Trust Officer

Over the last several years, ransomware, data breaches, and other cyber campaigns have been hugely disruptive and cost organisations and governments millions. In response, the Biden administration issued an executive order in May of 2021 to implement a Zero Trust security architecture across the federal government. While recent reports from the US Government Accountability Office (GAO) show some agencies are on track, others appear to be falling behind. When governments need to move quickly and

cut across organisational boundaries, they often appoint a czar to take charge of a particular program and see it through to implementation or execution. As private sector organisations embrace digital transformation and move their operations to the cloud, they too are looking to zero trust to help provide a robust and secure network infrastructure. Secure Access Service Edge (SASE) has emerged as a clouddelivered convergence of network access and security services and is a common approach for enterprise zero trust adoption. The challenge however is that in many organisations,

responsibility for networking and security live in different parts of the organisation and these groups often rely on different vendors in their respective areas. Breaking down the silos between security and networking teams and choosing the right tools, products, and vendors to align with desired business outcomes is critical to implement zero trust in larger enterprises.

As pressure to implement zero trust intensifies, I predict that a role analogous to a “Chief Zero Trust Officer” will emerge within some large organisations. This person will be the zero trust czar for the enterprise and will be the individual responsible for driving a company on its zero trust journey. Their job will be to bring together siloed organisations and vendors and ensure that all teams and departments are aligned and working toward the same goal. If resistance is encountered, the zero trust czar should have the backing of senior leadership (CIO, CISO, CEO, Board of Directors) to make decisions quickly and cut across organisational boundaries to keep the process moving ahead. Whether the very bold title of Chief Zero Trust Officer becomes reality or not, an empowered individual with a clear mandate and a singular focus may just be the key to getting zero trust across the finish line in 2023.

2023 Sees the Death of

“The Password”

Phishing attacks continue to be a significant problem for companies around the world. Even with regular security awareness training, users will eventually click a wrong link and fall victim to an attack. And unfortunately, most cyber-attacks begin with a phishing email.

Cloudflare itself was attacked this year by a sophisticated, targeted SMS-based phishing attack. A total of 76 Cloudflare employees received the phishing link in text messages on their phones. Three employees fell for the attack and clicked the link and entered their credentials. But unphishable, multi-factor authentication in the form of FIDO2-

VIEWPOINT
40 CXO INSIGHT ME JANUARY 2023

compliant security keys in conjunction with zero trust access prevented the attacker from breaching our systems. Other companies that used less secure time-based one-time passwords (TOTP) weren’t as lucky, and many were breached by the same attackers.

Username and password authentication even when combined with common forms of multi-factor authentication is just not enough anymore. Enterprises can enable stronger FIDO2-compliant security keys along with zero trust access today if they’re using a system like Cloudflare’s to make it much tougher on attackers.

But the best way to protect most users and their credentials may be to remove the burden on the end user altogether. The FIDO alliance envisions passwordless sign-in everywhere. Logins will use your face or fingerprint instead of the old username-password combo. A FIDO sign-in credential, sometimes called a “passkey”, will make it easier on users and harder on the attackers. If there’s no password to steal, hackers won’t be able to harvest credentials to carry out their attacks. We predict many websites and applications will adopt password-less login using the FIDO Alliance passkey standard beginning in 2023.

The Cloud Takes on Compliance

Governments around the world are rolling out new privacy regulations. In Europe, the General Data Protection Regulation (GDPR) which became enforceable in 2018 gives individuals more control over their personal data and how it’s used. Other countries worldwide are following suit and using GDPR as a model. In the US, there are five states with new consumer privacy laws that take effect in 2023 and more states are considering legislation. And at the federal level, lawmakers are slowly putting forward their own privacy regulations with the American Data and Privacy Protection Act (“ADPPA”) which is an online privacy bill that aims to regulate the gathering and storing of consumer data.

Companies must now understand and comply with this patchwork of

regulations as they do business globally. How can organisations hope to stay current and build compliance into their applications and IT systems?

We believe the majority of cloud services will soon come with compliance features built in. The cloud itself should take the compliance burden off companies. Developers shouldn’t be required to know exactly how and where their data can be legally stored or processed. The burden of compliance should largely be handled by the cloud services and tools developers are building with. Networking services should route traffic efficiently and securely while complying with all data sovereignty laws. Storage services should inherently comply with data residency regulations. And processing should adhere to relevant data localisation standards.

Remote Browsers Resolve Device Complaints

Security policies, privacy laws, and regulations require all companies to protect their sensitive data; from where it’s stored and processed, to where it’s consumed in end-user applications. In the past, it was relatively straightforward to fully control end-user devices because they were often issued by and dedicated to company use only. But with the increasing use of personal smartphones and tablets, the bring-your-own-device (BYOD) trend has been picking up steam for several years and was even more readily embraced during the various stages of the global pandemic.

Looking ahead, it’s our belief that this pendulum of BYOD will swing back toward tighter security and more control by the IT organisation. The need to consistently enforce security policies and privacy controls will begin to outweigh the sense of urgency and demand for convenience we encountered during the last few years. But because so much of our digital lives live in a web browser, this control may take a different form than in the past. This new form will mean more control for IT administrators AND a better user experience for employees.

Browser Isolation is a clever piece of technology that essentially provides security through physical isolation. This technique creates a “gap” between a user’s web browser and the endpoint device thereby protecting the device (and the enterprise network) from exploits and attacks. Remote browser isolation (RBI) takes this a step further by moving the browser to a remote service in the cloud. Cloud-based remote browsing isolates the end-user device from the enterprise’s network while fully enabling IT control and compliance solutions.

Some say in this remote browsing model that “the browser is the device.” Instead of BYOD, it might be appropriate to call this “BYOB” or Bring Your Own Browser. Most companies are looking to better balance the security and privacy needs of the company with the user experience and convenience for employees. At Cloudflare, we use our remote browser isolation in conjunction with zero trust access to protect our users and devices. It’s completely transparent to users and strikes a perfect balance between security and user experience. We believe remote browser isolation will be embraced broadly as IT leaders become more aware of the benefit and just how well it works.

41 CXO INSIGHT ME JANUARY 2023

IFS PREDICTIONS 2023

PREDICTIONS FOR THE ENERGY, UTILITIES AND RESOURCES INDUSTRY IN 2023

PREDICTION #1: SUSTAINABILITY

IN 2023, ADOPTION OF ESG METHODOLOGY WILL INCREASE TWO-FOLD AMONG SMALL- AND MID-SIZED ORGANISATIONS UNTIL IT REACHES PARITY ACROSS ORGANISATIONS OF ALL SIZES

Many energy, utility, and resource organisations have prioritised the adoption of environmental, social, and governance (ESG) standards, with a recent PWC survey showing 91% of utilities in North America reporting an uptick in ESG investments. We see strong adoption in Europe as well, where failure to deliver on ESG standards directly impacts the utility’s credit rating, impeding access to the capital expenditure and more complex funding needed to achieve sustainability goals.

While larger organisations lead the way in ESG adoption, until recently, small and medium-sized companies have lagged behind, lacking the necessary resources and technology to easily adapt.

This will change in 2023 as these organisations set hard sustainability goals to achieve net zero carbon emissions by 2050. According to a recent survey of small and midcap companies by Harvard Law School, the shift is already underway.

Based on published website ESG disclosures, the survey found that within mid-sized organisations, the energy sector leads the way, with detailed ESG disclosures including climate change, use of renewables, and greenhouse gas emission targets and metrics. This trend is expected to continue until there is parity across organisations of all sizes.

Looking ahead:

Before small and mid-sized organisations can build a strategy to achieve sustainability goals, they must first benchmark their current state, using real-time data to generate accurate insights across the entire operation. Legacy infrastructure and siloed data won’t cut it. Instead, technologies must integrate seamlessly for a single version of the truth.

For many, the work is well underway to modernise existing infrastructure to achieve these results. While these wholescale changes require significant investments in time and resources, funding support is available.

With the current US government in place for several more years, the Infrastructure Investment and Jobs Act and other government initiatives continue to subsidise investment in

technologies that support ESG initiatives, such as clean water and electric grid renewal.

In Europe, there are a range of EU funding options. For example, the Cohesion Fund supports energy-related projects that benefit the environment, while the Connecting Europe Facility boosts energy, transport, and digital infrastructure.

Strong leadership is imperative, ensuring the project is prioritised and executed accordingly. Again, we see great inroads within the industry where support for ESG initiatives starts at the top, with 70% of utilities ranking their CEO as the key decision maker. As well, a dedicated team must manage the project over time, empowered with the necessary systems to ensure progress is tracked and targets are achieved.

Finally, 2023 presents an opportunity for larger-scale organisations to support mid-sized companies by sharing sustainability strategies and data-based insights. By working together, the industry will accelerate efforts for every organisation to achieve net zero carbon emissions by 2050.

PREDICTION #2: THE CLOUD

IN

WE WILL SEE A 40% INCREASE IN THE NUMBER OF ORGANIsATIONS OFFLOADING IT FUNCTIONS TO CLOUD PROVIDERS, RISING TO 60% BY 2030

While the shift towards sustainability is driving the modernisation of existing infrastructure and technology, more complex challenges are accelerating cloud adoption. In particular, the increasing use of cloud providers to support core IT functions versus managing these activities in-house.

Two trends are influencing this shift:

1 Security: As with most industries, cybersecurity incidents continue to increase year over year. However, in 2022

we witnessed an acceleration in events including denial of service, data breaches, and system failures due to security incidents. With many organisations lacking the resources and budget to properly harden systems, monitor infrastructure, and withstand increasingly sophisticated attacks, outsourcing this function to a cloud provider makes good sense. The model provides energy, utility, and resource companies with access to leading edge technologies to properly secure their operations, leveraging

VIEWPOINT
2023,
42 CXO INSIGHT ME JANUARY 2023

the billions of dollars cloud providers pour into their platforms and security infrastructure.

Capital and resources will be freed up to focus on other priorities such as energy mix management, the shift to renewables, and physical infrastructure security—a timely consideration given the recent Nord Stream gas pipeline explosion that occurred in Finland.

2 Global skills shortage: Finding and hiring skilled workers isn’t getting any easier, especially when organisations must compete with large, Fortune 100 employers such as Amazon and Google for the same digital talent. Disruptions from the pandemic continue to reverberate, with many companies challenged to replace valuable middle management talent that departed to pursue new career paths or early retirement.

These workers typically come up through the ranks, starting out in the field and in administrative roles, amassing unique skills and experience along the way. Losing this brain trust places the organisation in a vulnerable position.

By outsourcing IT functions to cloud providers, companies have access to contemporary technology and security infrastructure supported by specialised workers they didn’t have to hire and train.

Looking ahead:

Shifting to cloud providers for some IT functions will result in a tighter collaboration between IT and OT. As cloud adoption increases, the desegregation of responsibilities—a trend that is currently underway—will also grow, with both teams working together to support enterprise policy (definition and enforcement), system integration, security (for users, data, email, account management, password policies, etc.), data integration, user support, and other activities.

Organizations can balance potential risk by engaging with multiple cloud providers for different services. This distribution of work ensures operational continuity while empowering the company to change providers if services or costs no longer satisfy the needs of the business.

Internal processes will need to be adjusted to accommodate the model. For example, IT must focus on new ways to access and extract data that is no longer stored on-premises. Additionally, the team can leverage powerful cloud capabilities to spearhead greater efficiencies, developing new workflows and processes for greater business agility and resilience.

PREDICTION #3: ARTIFICIAL INTELLIGENCE & MACHINE LEARNING

IN 2023, AT LEAST 75% OF ORGANIZATIONS WILL RELY

ON AI AND ML TO KEEP PACE WITH DIGITAL AND BUSINESS TRANSFORMATION

As infrastructure evolves and new technologies arrive, data generation is increasing at an astonishing rate. For example, in 2019, the Internet of Things (IoT) generated 13.6 ZB of data. In 2025, this number is expected to exceed 79.4 ZB

Within the energy, utilities, and resources industry, data is created and consumed by a range of technologies. Along with standard applications such as asset management, scheduling, dispatch, and other solutions, new innovations such as Geographical Information Systems (GIS), IoT, Light Detection and Ranging (LiDAR), and many others are adding to data stores at ever-increasing rates.

As data loads increase, so does our reliance on AI and ML. Especially as accuracy rates improve year over year. Today an ML accuracy rate between 70%-90% is considered realistic and even ideal if it matches or exceeds what a human can deliver. Since algorithms learn and refine quickly over time, once ML is implemented, rates improve rapidly until they meet or exceed pre-implementation standards and the system is able to run with minimal oversight.

Today we rely on AI and ML to extract optimum value from data, enabling accurate insights, predictive analytics, workflow automation, and helping to inform critical business decisions. To support this model, the industry will demand that new solutions include embedded AI and ML capabilities.

Looking ahead:

AI and ML are critical to the success of energy, utilities, and resources organizations, today and into the future. Along with driving meaningful operational efficiencies, these technologies will help the industry achieve its longer-term objectives.

For example, the transformation to renewable energy. Enabling AI in grid management will alleviate the shift from infrastructure-heavy legacy models to a grid that is more resilient and flexible, incorporating a range of assets owned by many different customers. This future bi-directional grid will be comprised of a multitude of owners generating, using, and selling energy back to the business. With so many moving pieces, the efficiencies of AI and ML will be imperative.

As global warming continues to wreak havoc, the industry’s reliance on AI and ML will only grow. Recent use cases include fault prediction; image processing for the maintenance of cables, pylons, and other assets; energy efficiency insights for use by end customers; disaster recovery; energy demand management; and infrastructure management.

With such a range of scenarios in the field, dynamic scheduling is imperative, allowing organizations to optimize workforce efficiencies while ensuring customer service is sustained and improved.

Embedded AI and ML have become table stakes when investing in new technologies. In 2023, we will see an evergrowing demand for these capabilities.

HEAVILY
43 CXO INSIGHT ME JANUARY 2023

Synology DiskStation DS723+

Synology has announced the new 2-bay Synology DiskStation DS723+, the smallest expandable option in its lineup of all-inone solutions for home offices and small businesses.

Powered by the versatile Synology DiskStation Manager (DSM) operating system, the DS723+ offers comprehensive solutions to protect and manage business data, easily collaborate on documents, access files remotely, and monitor physical assets, all within a compact desktop format.

Ideal for teams of professionals, small businesses looking to step into the world of centralized storage, or as an edge node in distributed deployments, the DS723+ can scale up to 7 drive bays with a DX517 expansion unit when more capacity is needed.

Users can also upgrade performance thanks to the option to add 10GbE connectivity and M.2 NVMe SSD drives through the built-in PCIe slot to enable fast caching or create additional all-flash storage pools.

The DS723+ delivers intuitive file management and sharing with Synology Drive, which combines cross-platform file access with the privacy offered by on-premises storage. For teams working remotely and businesses operating across

NVDIA GeForce RTX 40 Series

multiple locations, site-to-site file syncing is also available to mirror content between Synology devices.

Hybrid cloud capabilities provided by Synology Hybrid Share allow users to merge the benefits of on-premises and cloud by storing cold data in the cloud while keeping frequently accessed files cached on the local device for access at LAN speeds.

bring the Ada architecture, NVIDIA DLSS 3 and fifthgeneration Max-Q technologies to laptops for the first time. For gamers, RTX 40 Series laptops deliver up to 4x the performance in AAA games like full ray-traced Cyberpunk 2077 with new RT Overdrive Mode, and, for creators, they offer blazing-fast acceleration in top creative apps such as Blender.

The Ada architecture has also enabled a new class of enthusiast laptops that are the world’s fastest. Gamers can play on three 4K monitors for surround gaming at 60 frames per second — enough to power a professionalgrade driving simulator. Creators can use the NVIDIA Omniverse™ platform for photorealistic, 3D virtual world building at 4K with fully simulated physics, lighting and materials. Streamers can livestream games at 4K 60 fps with AV1 encoding to Discord, and Ada’s new dual encoders cut video export time in half. RTX 40 Series flagship laptops start at $1,999 and will be available beginning Feb. 8.

NVIDIA has announced GeForce RTX 40 Series laptops, powered by its ultra-efficient Ada Lovelace GPU architecture, which delivers the company’s largest-ever generational leap in performance and power efficiency.

The new GeForce RTX 40 Series laptops are up to 3x more power efficient than the previous generation and

The new RTX 4070, 4060 and 4050 laptops are faster than the previous-generation flagship model, using as little as one- third the GPU power. They deliver 80 fps, 1440p ultra-gaming and transform creation processes like rendering scenes in Blender, which used to take two and a half hours, to just 10 minutes. RTX 4050 laptops start at $999 and will be available beginning Feb. 22.

PRODUCTS
44 CXO INSIGHT ME JANUARY 2023

Acer SpatialLabs TrueGame

Acer has announced a major update to its SpatialLabs TrueGame, the glasses-free 3D gaming application, with the addition of a 3D Ultra mode. The new feature offers gamers the ultimate 3D gaming experience with its enhanced stereo rendering capabilities, projecting images with depth and life-like 3D geometry. SpatialLabs TrueGame was designed for gamers who love to explore and lose themselves in immersive gameplay, serving as a medium to explore and experience new realities when they set off on their quests for treasure and glory.

The new update also includes 3D Sense, a collection of 3D stereo effect configurations to match the players’ preferences in terms of visual details, effects, and 3D depth intensity. TrueGame allows the game to be presented in a way that is tailored for different players and continues to support game titles with new profiles added every month, including today’s list of AAA titles and former top classics that users can enjoy in their full 3D glory.

The SpatialLabs TrueGame 3D Ultra mode provides a fresh experience of stereoscopic 3D performance to the world of gaming, letting players dive deep into a new realm of 3D entertainment. It utilizes the combination of the SpatialLabs eye-tracking solution, stereoscopic 3D display and real-time scene rendering technologies to bring eye-popping 3D scenes, objects, and characters

to life. Users can instantly enjoy stereoscopic 3D gaming with a click of a button, as its patented One-click Game Play function allows TrueGame to automatically launch installed games with their pre-configured 3D profiles. With SpatialLabs TrueGame leveraging the information developers include about shaders and 3D geometry in games, the 3D Ultra mode’s addition of a second virtual camera offers a 3D immersion experience unlike any other.

CANON IMAGEPROGRAF TC-20

Canon Europe has launched the new imagePROGRAF TC-20 large format desktop printer. This printer is targeted towards the ultralow volume market, which includes Architecture, Engineering and Construction (AEC) offices, educational settings and the hospitality industry - delivering high quality, detailed drawings from A4 to A1+ paper sizes. Its easy-to-use design, new 70ml four colour (BK/C/M/Y) pigment ink bottles, that simplify maintenance of the printer, and its super slim compact body with standard built-in Auto Sheet Feeder (ASF), make it ideal for small or temporary office spaces as well as for hybrid workers who may be working from home.

Canon’s new imagePROGRAF TC-20 is a compact desktop large format printer that can be

conveniently placed on a desk or shelf in an office or at home. It supports printing 100 A4 sheets or 50 A3 sheets of plain paper continuously, or roll paper of up to A1+ sizes for printing of construction, design, survey drawings and point of sale materials. It comes with a simple, easy-to-use and free software solution, Direct Print Plus, that ensures superior print quality on par with the higher end models in the imagePROGRAF seriesand is also compatible with other imagePROGRAF models.

45 CXO INSIGHT ME JANUARY 2023

A NEW GENERATION OF ENTREPRENEURS

SUNIL PAUL, MD OF FINESSE, ON THE NEW UAE LAW WHICH REVISES LEGAL AGE FOR STARTING BUSINESSES.

As more and more teenagers express interest in starting their businesses, savvy governments are rolling out the red carpet worldwide. In the first half of January 2022, the UAE’s Ministry of Economy announced that the minimum age for starting a business in the country stands revised to 18 years. In a nutshell, the amendment to UAE Commercial Transaction law allows any 18-year-old UAE resident to become a shareholder in a UAE firm or the sole owner and director of a limited liability company without a guardian’s signature on the Memorandum of Association.

The entry of youngsters into economic activity is expected to boost the entrepreneurial and innovation quotients of the UAE economy. Already, the UAE ranks at the top of the list of best countries for entrepreneurs, according to The Global Entrepreneurship Monitor’s 2022 report.

The report, which assesses the conditions for entrepreneurs in 50 countries worldwide, found that the UAE, with the highest National Entrepreneurial Context Index (NECI) score of 6.8, was the best place to start a new business in 2022, followed by the Netherlands, Finland, Saudi Arabia, and Lithuania.

By reducing the minimum age for running a business, the UAE aims to attract innovative young minds who can build inspiring business

models, create jobs and accelerate economic growth. Sometimes these innovations open entirely new markets, transforming industries. Of course, operating a business without meeting legal requirements has legal risks and liabilities, but the amended Commercial Transactions Law addresses those risks. Why do 18-year-olds make promising entrepreneurs? Outof-the-box thinking, passion, and imagination are advantages that 18-year-olds could bring to the startup table. A common success factor for teenage entrepreneurs is that they build their enterprises around the things they love, giving them unique insight into their customers’ needs.

They tend to have a confident and creative approach to solving ordinary problems, a vital ingredient for business success. Limited financial responsibility is also advantageous, as most teens aren’t supporting families on startup revenues. For example, Facebook founder Mark Zuckerberg and Michael Dell, the founder of Dell, started their businesses in their college dorm rooms at 19.

The amended law is poised to positively impact the UAE’s startup scene, which is already among the most vibrant and dynamic in the world. Teens today have the advantage of being more tech-savvy than prior generations. Many know how to do code and how to do 3D printing.

What would help build up the momentum are workshops that take the youngsters through the innovation development process from idea to execution. A good example is MIT’s LaunchX, which brings together top aspiring high school entrepreneurs from around the world each summer and supports them through the process of launching a startup. We also need incubation centres specifically focused on 18-yearold youths and connecting them to mentors. Financial support is most important, especially during disruptions like the COVID pandemic, which hit youth-led enterprises the hardest.

Regarding the sectors where youngsters are likely to make the most impact as entrepreneurs, topics like ecology, sustainability, and learning are popular choices among the GenZ, who are motivated by the desire to solve society’s social and environmental problems. But conventional startup segments retain their appeal. In the UK, a recent survey by financial services provider OneFamily found that the most popular sectors of youth-run businesses were technology-based (22%), design or creative (17%), and food or drink (15%).

BLOG 46 CXO INSIGHT ME JANUARY 2023

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

A NEW GENERATION OF ENTREPRENEURS

2min
page 46

CANON IMAGEPROGRAF TC-20

0
page 45

Acer SpatialLabs TrueGame

1min
page 45

NVDIA GeForce RTX 40 Series

1min
page 44

Synology DiskStation DS723+

0
page 44

IFS PREDICTIONS 2023

6min
pages 42-43

TECHNOLOGY PREDICTIONS FROM CLOUDFLARE

5min
pages 40-41

A FRAMEWORK FOR SUSTAINABILITY

5min
pages 38-39

BUSINESS PRIORITIES IN 2023

5min
pages 36-37

TOP CLOUD SECURITY RISKS

3min
pages 34-35

ROADMAP TO NET ZERO

2min
pages 32-33

WHAT IS IN STORE FOR 2023?

2min
page 31

THE UNPREDICTABILITY OF INTERNET PRIVACY TRENDS

3min
page 30

PROTECTING YOUR BUSINESS

3min
pages 28-29

EMERGING STORAGE TRENDS

2min
page 26

EMERGENCE OF ROBOTICS AS A SERVICE

2min
page 25

THE WAY FORWARD FOR MODERN BUSINESS

2min
page 24

OUTLOOK 2023

17min
pages 16, 18, 20-22

FIXING THE WEAKEST LINK

10min
pages 12-15

AVEVA ANNOUNCES THE COMPLETION OF ITS ACQUISITION BY SCHNEIDER ELECTRIC

2min
page 10

EGYPT’S EFINANCE PARTNERS WITH F5

0
page 10

ROUND TWO OF CYBER RESKILLING PROGRAMME LAUNCHED IN BAHRAIN

2min
page 9

DARWINBOX ANNOUNCES COLLABORATION WITH MICROSOFT

2min
page 8

IFS MARKS DOUBLE DIGIT-GROWTH FOR 5TH CONSECUTIVE YEAR

2min
page 7

GARTNER PREDICTS 10% OF LARGE ENTERPRISES WILL HAVE A MATURE AND MEASURABLE ZERO-TRUST PROGRAMME IN PLACE BY 2026

1min
page 6

SURVIVING TOUGH TIMES

1min
page 5

First-class loyalty for a new class of banking customers

0
page 4
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.