15 minute read
CENTRE OF INNOVATIONS
from FORCE MULTIPLIER
by cxoinsightme
ETTIENE VAN DER WATT, REGIONAL DIRECTOR, MIDDLE EAST AND AFRICA AND RUDIE OPPERMAN, REGIONAL MANAGER, ENGINEERING & TRAINING, MIDDLE EAST & AFRICA AT AXIS COMMUNICATIONS, ELABORATE ON THE RECENTLY LAUNCHED AXIS EXPERIENCE CENTER (AEC) IN THE MIDDLE EAST AND AFRICA (MEA) REGION.
Axis Communications has recently introduced its first Axis Experience Center (AEC) in the Middle East and Africa (MEA) region. Based in Dubai, UAE, the AEC allows visitors to have a hands-on immersive experience with the company’s extensive portfolio of network and security solutions. We speak to the surveillance services provider’s Regional Director for MEA Ettiene van der Watt, (EW) and Regional Manager, Engineering & Training for MEA Africa Rudie Opperman (RO), for more details.
Advertisement
Can you elaborate on the new AEC and how is it a differentiator for the company?
RO: This is the first AEC of this nature in the UAE. It was built on the same design philosophy as all the ones we have across the globe, including in cities such as New York, London, Hong Kong, and Munich. We are excited to now expand to MEA and give regional customers an opportunity to acquaint themselves with our portfolio. We will continue with this framework of AECs and focus on further expansion as it gives us a platform to talk about all our intelligent devices and solutions. When customers come to the AEC and see a demonstration of how our solutions can improve their business, they understand the full extent of the value Axis Communications can provide. They can make informed
Rudie Opperman
decisions and feel more confident of their investments. In this regard, the AEC will set us apart in the market.
What are the technologies that we can find at the AEC?
RO: From security, video, and audio technologies to everything based on IP communications, we can integrate any solution to ensure operational efficiency for customers. There are many diverse use cases, and we are casting a wide net. We will customize offerings based on which vertical customer we are talking to. Thanks to our open nature, our products can co-exist with many other devices, so Axis devices can be implemented across verticals.
How has surveillance tech evolved and adapted to the current demands in physical spaces?
EW: Axis Communications has been ahead of the curve in terms of introducing new technologies. Our journey on IP and IoT has been tremendous. Over the years we have evolved to become an industrial IoT provider. So, partners and customers who are part of our world and our community will always be introduced to avant-garde technologies, platforms, and new ways of working.
Sometimes, we are ready and have solutions before the industry even considers it. As a thought-leader in the space, it is important for us to set the bar and look beyond where we are today. It is also our responsibility to help our ecosystem to migrate to the new platforms, devices, and technologies. Today the industry is heading towards metadata, AI, edge capabilities, and so on. All of these are huge areas of opportunities for us as well.
RO: Traditionally, it has been onprem server intelligence, and we have always focused on intelligence on the edge. With our latest application platform custom-designed systemon-chip (SoC) ARTPEC, we have made it easier for developers to port the existing code to our devices. Traditionally they would have done this on a server or in cloud. It becomes much easier and faster. We are seeing a hybrid implementation as the way forward, where intelligence could be spread across different platforms from the cloud to the edge.
Ettiene van der Watt What is Axis Communications’ focus going forward?
EW: Technology is moving faster than education levels. There is a gap between understanding a new technology and skillsets required to implement it successfully. This is why education is an important element for us in the region. If we are able to close the gap and pull those partners and customers a bit closer to our world, they will understand better the great potential of new technologies. We have become a trusted advisor for customers, they see us as a technology partner and as a thought-leader in the space.
RO: This is one of the opportunities for the AEC as well. We can use this environment and space as a platform for education. We will be launching several initiatives on a regular basis to promote education and close the talent gap.
FORCE MULTIPLIER
WHY AI IS THE FUTURE OF CYBERSECURITY
Artificial intelligence is changing the cybersecurity landscape by helping companies cut through the noise, detect attacks, and speed up response times. The combination of human insight and AI allows enterprises to make sense of massive volumes of security data and find potential problems.
With AI, enterprises can solve myriad problems, including skills shortage and false positives, and implement a robust incident response plan that spans people, processes and technology. In other words, AI has emerged as an imperative to meet today’s complex cybersecurity requirements and minimise human error.
Emad Haffar, Head of Technical experts at Kaspersky, says while cybersecurity heavily relies on human effort, we now see AI owning specific tasks and performing them more effectively than us. Most importantly, AI is addressing some processes and aspects of cybersecurity that have become pain points for the industry.
He cites some scenarios that can be mitigated with AI: Cybersecurity professionals experience decision fatigue because of the high influx of alerts. Using AI within cybersecurity can allow IT teams to manage more of these threats effectively through automation.
AI-based cybersecurity tools can also support IT teams that are smaller in
Talal Shaikh Aliasgar Dohadwala Taj El-khayat
strength. While this staff will need to keep up with the cutting-edge areas of AI and machine learning, cost and time savings will come alongside the smaller staffing requirements.
Talal Shaikh, Associate Professor, Director of Undergraduate Studies for the School of Mathematical and Computer Sciences, Heriot-Watt University Dubai, echoes a similar opinion: “AI and machine learning can help enterprises improve their security defence and response through sophisticated methods. AI makes this possible not only by speed and accuracy but also by building models of behaviour that allow for real-time detection and analysis of potential security threats. AI can identify anomalies that may indicate cyber threats through the behavioural analysis methodologies. AI can analyse baseline behaviour of user accounts, endpoints, and servers and identify unusual patterns. This can help protect organisations even before vulnerabilities are reported. Once potential cyber threats are detected, AI can respond autonomously to data breaches in real-time without human intervention if required.”
According to Aliasgar Dohadwala, CEO of Visiontech Systems, the cybersecurity industry has successfully adopted AIbased techniques to handle the massive threat landscape. “Organisations look for threat detection, mitigation and prevention efforts while leveraging AI/ ML in SIEM and SOAR solutions. The only way organisations can reap the benefits of AI/ML in their security posture is to adopt a cyber defense system capable of handling the diversity of tools, products, and solutions. However, the adoption of AI in cybersecurity still depends on technology vendors working together to develop a more autonomous system to enhance decision making and evolve into a robust AI security system,” he says.
Taj El-khayat, Managing Director for Growth Markets at Vectra AI, says AI drives the classification of algorithms used for detecting malware, spam, and malicious traffic between systems or user behaviours, even connecting signals from disparate systems. This delivers faster and improved security insights, more efficient and automated operations, and reductions in human error or oversight.
“Commonly, the use of AI/ML rests in voluminous pattern analysis for investigation and complex hunting where algorithms do not change much. It analyzes and correlates distinct characteristics of multi-sourced data to identify anomalies, zero-days, or potential breaches. Advanced AI tools further calculate risk with each detection and effectively prioritise and triage threats discovered. In some cases, it can be used to drive automated actions to remediate security issues quickly, and effect system baselines above what legacy signature-based methods can achieve,” he adds.
AI-powered automation
Many organisations are also turning to AI/ML-powered tools to automate many security functions.
Giuseppe Brizio, CISO EMEA, Qualys, says AI cybersecurity can complement cybersecurity experts by automating and taking the significant workload off them. AI is already very much present around us and like during the industrial revolution where “muscles were replaced by machines”, during the AI revolution, “brains are replaced by AI” at least for the processing of large volumes of data requiring fast analysis capabilities.
“AI models can detect but also predict potential security threats, vulnerabilities, and malicious activities in order to intervene before damage is done. It’s predicted that AI-human working environments will be 50-50 by 2025. For instance, the scale of connected objects, mobile devices and network traffic is growing exponentially in this fast-evolving digital economy and consequently the “detect, analyze, respond and recover” activities have to be much quicker, more effective and efficient than ever before. This is only possible by combining the power of security automation and AI,” he says.
Brian Chappell, chief security strategist, EMEA & APAC, BeyondTrust,
Giuseppe Brizio
Brian Chappell
points out that User and Entity Behaviour Analysis (UEBA) is the first area where we are starting to rely on ML models to take automated actions when anomalous activity is detected. For example, a large data transfer out of the organisation, by a user who would not normally do such a thing, can be temporarily blocked until a human can review the situation and adjust the response.
“This isn’t likely to result in significant company impact if it’s a false positive and the risk of allowing the transfer with later analysis is too high, thus fits an appropriate security model. That said, triggering alerts for human analysis or approval is still the more common response when unusual activity is detected as most responses will result in activity being blocked. Stopping people being productive is going to result in the clarion call to have the control removed, or severely reduced, which isn’t going to improve the security of the organisation,” he says.
Can AI based systems create too many false positives?
In Heriot-Watt’s Shaikh’s opinion, when dealing with technologies such as AI, mistakes such as false positives are unavoidable. It is always important to remember that AI systems are built by experts, therefore they are subject to algorithmic bias which might affect AI decision-making. RiskSense, a risk-based vulnerability management platform, examined several AI algorithms against the national vulnerability database in 2019 and reported between 25 and 30% false positive and false negative rates. With a better understanding of software risk, data modeling and mathematical modeling, experts can ensure that AI systems are free from bias. This is the only way to remove false positives and false negatives from AI systems. However, this will be an inevitable development with more frequent use and understanding of AI and technologies in general.
Yossi Naar, Co-founder and Chief Visionary Officer, Cybereason, says it really depends on the system, the use case, and the tuning of the system.
Some problem domains are less suited for AI-based solutions with existing technology and data. Others work incredibly well. False positives continue to be a big problem in security and more so in AI-based security because these systems tend to observe more of the data, so even a low falsepositive rate can be a problem when processing petabytes of data.
“Overall, it’s a hard problem and the levels of false positives ultimately come down to the specific implementation,”he says.
Can AI replace human security analysts?
No, not now or even in the near future, says Haffar from Kaspersky. Human intervention will always be needed and is essential. You can adopt AI-based solutions, but you will always require human effort to monitor and control the process. Simply because AI based cybersecurity solutions can perform certain tasks they are designed for, but the tasks are formulated by humans. Even in the detection stage, a human analyst can understand exactly what malware is up to. Even when assessing a threat, historic records or samples created by humans and AI work in tandem, ensuring successful detection. El Khayat from Vectra says a shift in the human-in-the-loop model has occurred with the application of AI towards spotting concerning patterns in complex activities seen in data center and hybrid environments, augmenting or removing manual and legacy rulebased approaches. This has facilitated automatic responses to an increasing volume of attacks and heightening awareness of attacker methods.
“We must not think of AI as merely a means to remove humans. It should be viewed as the means to improve upon the human experience — enlightening security professionals, driving efficiencies and arriving at outcomes with less human effort; all while being amenable to feedback that increases effectiveness over time,” he sums up.
SEEING WHAT MATTERS
KINGDOM OF BAHRAIN’S INFORMATION & EGOVERNMENT AUTHORITY RAPIDLY EXPANDS GOVERNMENT SERVICES WITH APPDYNAMICS
Governments run on data and, for the Kingdom of Bahrain, most of that data runs through the Information & eGovernment Authority (iGA). The iGA acts as a service provider for all of Bahrain’s government agencies and government services for healthcare, education, traffic and immigration. The iGA ensures the maintenance of all critical systems, delivers statistics, processes payments, and provides user authentications and authorisations.
The Kingdom of Bahrain has led the way in early digital adoption for government services, providing an impressive model for governments around the world to emulate. Despite this, the rapid migration online driven by the COVID-19 crisis presented a major challenge for the country’s Information & eGovernment Authority (iGA) team.
“Our IT environment is changing rapidly. During migration of systems, we need full monitoring support to catch bugs and misconfigurations up front,” says iGA Acting Chief of Government Systems Control Abdulrahman Mattar. “We also have a lot of integrations and dependencies between systems and require end-
to-end visibility to ensure they’re working properly. From development and production through the end user experience, we want to continuously improve our services.”
Manually investigating application incidents across a sprawling environment made it challenging to resolve them quickly and prevent unplanned downtime. Because millions of residences and citizens depend on the services that iGA supports, the Authority sought a solution to help them proactively identify potential issues, reduce mean time to resolution (MTTR), and take preventive measures to protect against future service interruptions.
The Information & eGovernment Authority (iGA) began using AppDynamics application performance monitoring (APM) in 2017 in conjunction with implementation of a new immigration management system. Prior to incorporating AppDynamics into its daily operations, the Authority had to manually investigate and rectify application performance and availability issues, resulting in as many as three service interruptions each day. But by the time they made the shift to fully digital amid the pandemic, that many outages became an unsustainable situation, as virtually every citizen needed to use services online instead of in person.
Mattar says that the complexity of the government’s environment made even a single interruption a potentially major event. One application might tie into as many as a dozen others and negatively impact some or all of them — a huge problem where systems as important as the immigration platform and other essential services are concerned. “AppDynamics helped us address every issue in the newly developed system and everything we have digitised,” Mattar says. “Now that we have visibility across every application and the other applications it integrates with, we can pinpoint exactly where a problem is and rapidly determine how to fix it. We’ve eliminated virtually all downtime issues.”
With AppDynamics, the iGA team could evolve well beyond simply investigating incidents and outages as they happened. The full-stack observability capabilities provided an in- depth view into the dependencies causing performance issues across more than 35 integrated applications, helping to effectively map and visualize performance for faster resolution.
“In the past, we were very reactive, which impacted Bahrainis’ ability to access and use critical services,” Mattar explains. “AppDynamics helped us become more proactive in our approach, allowing us to accelerate root cause analysis and redesign many applications to eliminate unnecessary dependencies and break points.” iGA is responsible for a substantial number of essential services the public depends on, and AppDynamics has been instrumental in helping the team collaborate to deliver them in a seamless and reliable manner.
“With AppDynamics, we’ve reduced incidents by about 80%. MTTR and application downtime have been significantly reduced too,” Mattar shares. “These performance optimizations allow us to focus less on whether an application is working and more on providing an exceptional user experience — especially when services are in high demand.”
Once the iGA team started using AppDynamics, they could respond more quickly to performance hits and rapidly reallocate resources, resulting in fewer service performance degradations and improved end user satisfaction. For example, when the Government of Bahrain announces school and university test results twice a year, tens of thousands of users need to access a national portal simultaneously, thus iGA reallocates resources proactively based on AppDynamics trend baseline.
“Even as we ramped up more applications and provided additional services, AppDynamics helped us continue to reduce incidents,” says Mattar. “Before we experienced a severe outage about once a month. Now we’ve had just two over the past year.”
Mattar says that AppDynamics has completely reshaped how the Authority approaches and manages its IT performance. “AppDynamics has become an essential tool for us to observe, react to and manage any and every change that might affect application performance,” he says. “It has helped establish our whole department as a strategic leader while providing the capabilities we need to consistently deliver the experiences and services our citizens demand — and will continue to do so for years to come.”
Key Benefits
• Optimised performance of government services for residences, citizens and visitors by reducing downtime and accelerating root cause analysis • Reduced top-priority incidents by more than 80% over 12 months • Improved cross-team collaboration and communication