50 CHANGE MAKERS

Page 50

CELEBRATING TECH INNOVATION

ISSUE 51 \ MARCH 2023
Cyberthreats are evolving in complexity every day, and we know what it takes to get between them and the safe operation of your business. From remote workstations to the facility floor, we have you covered with an integrated platform of IT/OT solutions: • OT & Industrial Cybersecurity • Email Security • Secure Access and Storage • Network Access Control • Application Security • Malware Analysis Visit opswat.com today to learn how our purpose-built suite of OT/IT cybersecurity solutions will help keep your business running safely. Scan the QR code with your smartphone to visit opswat.com
Stop Cyberattacks Before They Stop You

48 PRODUCTS

6 NEWS

TENABLE TO SHOWCASE EXPOSURE MANAGEMENT PLATFORM AT

NOZOMI TO SHOWCASE OT AND IOT SECURITY SOLUTIONS

MANAGEENGINE TO SHOWCASE RECENTLY-ENHANCED SIEM SOLUTION AT GISEC 2023

CONTENTS 12 OWNING THE EXPERIENCE 14 A GROWING MENACE 18 SECURING THE ENTERPRISE 20 THE NEW ORDER 22 KEEPING YOUR DATA SECURE PUBLISHED BY INSIGHT MEDIA & PUBLISHING LLC 46 14 38 THE TRUE COST OF AI 39 EMPOWERING YOUR SOC 40 CHANGING THE FUTURE 42 GETTING A GRIP ON USER EXPERIENCE 44 CREATING NEW VALUE
CELEBRATING TECH INNOVATION CHANGE MAKERS
GISEC 2023
3 CXO INSIGHT ME MARCH 2023

CAN WE WIN?

The cost of cybercrime is predicted to cost the world $8 trillion this year, according to Cyber Security Ventures. Although we have seen a dip in the volume of ransomware attacks, it continues to be the top attack vector. Last year, we saw some high-profile ransomware attacks make headlines, making the world sit up and take notice because of their sophistication. Personally, I know of some large business conglomerates in the region that have fallen prey to cybercriminals, bringing their systems down for weeks. Unfortunately, in our region, stigma puts off companies from reporting cyber-attacks, unlike developed markets where companies are mandated by regulations to divulge such information.

Why are ransomware attacks so difficult to stop? Because of one simple fact – human gullibility. Phishing is the number one delivery method for ransomware, and you can’t protect your systems unless you train your users to follow cyber hygiene. Industry experts tell me around 80 percent of breaches could have been avoided if companies followed the security basics. The

ransomware ecosystem is evolving fast, and the threat landscape is now dominated by smaller ransomware-as-a-service gangs, with bigger ones such as Condi and REvil disappearing. We are seeing increased sophistication in tactics and techniques, and ransomware attacks are not crimes of opportunity anymore.

This year, don’t be surprised if these nefarious gangs go after critical infrastructure and it’s the industry’s collective responsibility to step up their game. In this issue, we have spoken to leading security pros for their take on the ransomware trends to watch out for this year and the security best practices you should follow. Besides bolstering your security posture with regular backups and improving your applications’ resiliency, it is critical to follow good security hygiene and train your users.

No person or organisation is infallible, and cybercriminals are always looking around for compromised systems and networks. Sharing threat intelligence and keeping a constant vigil on cyber threats is the only way to protect your enterprise and its people.

While the publisher has made all efforts to ensure the accuracy of information in this magazine, they will not be held responsible for any errors

EDITORIAL
Published by Publication licensed by Sharjah Media City @Copyright 2023 Insight Media and Publishing Managing Editor Jeevan Thankappan jeevant@insightmediame.com +97156 - 4156425 Sales Director Merle Carrasco merlec@insightmediame.com +97155 - 1181730 Operations Director Rajeesh Nair rajeeshm@insightmediame.com +97155 - 9383094
Production Head James Tharian jamest@insightmediame.com +97156 - 4945966 Administration Manager Fahida Afaf Bangod fahidaa@insightmediame.com +97156 - 5741456 Designer Anup Sathyan 5 CXO INSIGHT ME MARCH 2023

TENABLE TO SHOWCASE EXPOSURE MANAGEMENT PLATFORM AT GISEC 2023

At the event, Tenable will showcase its Tenable One Exposure Management Platform and Tenable OT Security (formerly known as Tenable.ot). The attack surface is growing, always changing and more interconnected than ever. CISOs are increasingly being tasked with security for both their OT and IT environments. With specialised security tools offering an incomplete picture, security teams can find it impossible to answer the rudimentary question, “How secure are we?” Preventing cyber-attacks requires full visibility into all assets and exposures, extensive context into potential security threats, and clear metrics to objectively measure cyber risk.

NOZOMI TO SHOWCASE OT AND IOT SECURITY SOLUTIONS

Nozomi Networks will be participating at the upcoming Gulf Information Security Expo & Conference (GISEC) from 14-16 March 2023 at the Dubai World Trade Centre. At the exhibition, the company will highlight how its extensive suite of leading OT and IoT security solutions can be leveraged to protect critical infrastructure, industrial networks, and government organisations from cyber threats, all while maximising operational resilience.

“We’ve observed an increase in demand for OT and IoT solutions in the Middle East, and both the public and private sectors are stepping up to strengthen defenses. Robust cybersecurity is of top priority as OT and ICS systems embrace new technologies to stay ahead of the competition,” comments Bachir Moussa, Regional Director – MEA, at Nozomi Networks. “This is where Nozomi Networks step in. Our solutions deliver exceptional network and asset

“For too long the security industry has created point solutions that focus on very specific aspects of cybersecurity,” said Maher Jadallah, Senior Director Middle East & North Africa, Tenable. “Tenable has challenged this approach, enabling customers to proactively address, manage and reduce cyber risk across their entire infrastructure — be it cloud, IoT, OT or other platforms. Our team will be on hand at GISEC to help visitors understand how they can focus their efforts to prevent likely attacks, and accurately communicate cyber risk to their business partners to improve performance cross-functionally.”

The Tenable team will be offering demonstrations of its new Tenable One Exposure Management Platform, as well

as Tenable Vulnerability Management formerly known as Tenable.io), Tenable Security Centre (formerly known as Tenable.sc), Tenable OT Security, and Tenable Identity Exposure (formerly known as Tenable.ad) from booth A85.

Networks’ product portfolio, will make its debut at GISEC 2023. Nozomi Arc is the industry’s first endpoint security sensor that now complements previous Guardian and Vantage deployments with more visibility into a host’s attack surfaces and anomalies, offering a more detailed view of an organisation’s complete OT/ICS environment. Built to automatically deploy across large numbers of sites and devices anywhere an organisation needs visibility, Nozomi Arc adds crucial data and insights about key assets and network endpoints. This data is used to better analyse and deter threats, as well as correlate user activity, all without putting a strain on current resources or disrupting mission-critical networks.

visibility, threat detection, and insights for OT and IoT environments, allowing organisations to reduce risks and build cyber resilience. We are at GISEC 2023 to engage with companies facing similar challenges, existing and prospective customers, partners, and visitors from all around the world.”

Launched this January, Nozomi Arc, the latest addition to Nozomi

Nozomi Networks’ team of senior executives and cybersecurity experts will be available onsite at Stand B75, Hall 6 to share insights on solving emerging OT and IoT security challenges, tell visitors more about Nozomi Arc, and demonstrate how its range of technologies can benefit and be leveraged within visibility and security markets.

NEWS
6 CXO INSIGHT ME MARCH 2023

SUPERCHARGE YOUR CYBERSECURITY WITH SANS INSTITUTE AT GISEC 2023

SANS Institute will be participating in GISEC 2023, at the Dubai World Trade Centre, from March 14 to 16. The company will demonstrate its entire product portfolio at the exhibition and educate organisations and professionals on how the right knowledge and training can overcome data breaches, malicious actors, insider threats, and emerging cyber risks.

“GISEC Global 2023 is a pivotal platform for SANS Institute to exhibit our offerings and capabilities to the cybersecurity industry in person, to visitors from around the globe,” said Ned Baltagi, Managing Director, Middle East and Africa at SANS Institute. “Our participation aims to provide visitors with the latest industry trends and best practices, with cloud

security being of paramount importance in digital environments. We offer specialised training courses to enable individuals and organisations to stay ahead of the constantly evolving cloud security landscape and equip them to safeguard their data and systems against cyberattacks on the cloud.”

SANS will be showcasing its suite of cybersecurity offerings at the conference, which includes a range of products and services, from GIAC certifications and primary cybersecurity training to Security Awareness Training solutions, Cyber Ranges, providing hands-on, immersive training experiences; and the advanced ECE curriculum, which focuses on advanced topics in cybersecurity, such as reverse engineering, penetration testing,

SENTINELONE TO SPOTLIGHT INNOVATIVE XDR, IDENTITY AND EDR SOLUTIONS AT GISEC 2023

potential clients and channel partners in the region.

and digital forensics. These offerings provide individuals and organisations with comprehensive training and certification options, practical experience in simulated cyber environments, and advanced cybersecurity training to enhance their skills and capabilities.

“We will also highlight our CyberTalent offering, which includes various academy programs that we provide to both government partners and individual organisations, to identify hidden cybersecurity talent within their existing workforce,” Baltagi added.

With a range of autonomous cybersecurity solutions, SentinelOne helps organisations stay ahead of emerging threats and protects their digital environments with confidenceThe company will showcase its Extended Detection and Response (XDR) platform, Singularity XDR, as well as Singularity for Identity, an Identity Threat Detection and Response (ITDR) solution and Singularity for Endpoint, an endpoint detection and response (EDR) solution. As part of its plans for regional growth, SentinelOne has a number of objectives for the threeday event, including networking with

“As a leader in next-generation endpoint protection, we look forward to showcasing our solutions and sharing our expertise with visitors and industry players alike at GISEC 2023,” said Tamer Odeh, Regional Sales Director, SentinelOne. “It is one of the largest security exhibitions in the Middle East, and our team is keen to demonstrate how our autonomous cybersecurity platform can help organisations stay ahead of emerging threats and secure their digital environments with confidence.”

At GISEC 2023, SentinelOne will highlight its flagship platform, Singularity XDR, a unified platform designed to provide comprehensive endpoint protection to users. The platform can autonomously supercharge, fortify, automate and extend protection from the endpoint to beyond, with unfettered visibility, proven protection, and industry-leading responsiveness.

Additionally, identity-based infrastructure has become a core function

of scaling businesses as of late. ‘Identity’ cybersecurity is now vital as this surface has become a primary attack vector for threat actors. Singularity for Identity prevents business disruption with proactive, real-time protection against threats, integrating with Active Directory and Azure AD to thwart attack progression.

Lastly, Singularity for Endpoint provides prevention, detection, and response across all devices, offering dynamic device recovery and improved detection effectiveness.

“GISEC is a fantastic platform for us to connect with other industry professionals and exchange ideas on how to better protect businesses from evolving cyber threats. This event provides an excellent opportunity for us to demonstrate our commitment to the region and our dedication to helping organisations keep their data secure from breaches.” Odeh concluded.

Senior executives and cybersecurity experts from the SentinelOne team will be available at stand C-79 to engage with visitors, demonstrate their cutting-edge solutions, and share crucial insights about the current threat landscape and how businesses can stay ahead of the game.

7 CXO INSIGHT ME MARCH 2023

MANAGEENGINE TO SHOWCASE RECENTLYENHANCED SIEM SOLUTION AT GISEC 2023

our powerful cybersecurity capabilities and help address the security concerns of organisations,” said Nirmal Kumar Manoharan, regional director of ManageEngine.

investigation and automatic response workflows to optimise the key metrics of SOCs.

• SAMA compliance support: Log360 offers audit-ready compliance report templates for the Saudi Arabian Monetary Authority (SAMA) framework.

Having first participated in 2013, this year’s edition will mark 10 years of ManageEngine’s presence at the premier security event.

“The digital ecosystem is fast evolving due to technological advancements. But so are the threat actors. Unsurprisingly, cybersecurity remains the top priority for CIOs and CISOs in the region. Organisations should focus on identifying high-risk vulnerabilities and address them immediately. GISEC offers us a great platform to showcase

ManageEngine will showcase all its security offerings, including its SIEM solution, Log360, to which a security and risk posture management dashboard was recently added. This new feature offers granular visibility into weak and risky security configurations of systems and users. It also continuously assesses the Active Directory security risk posture based on Microsoft’s security guidelines. These security and risk posture management features will help enterprises implement a proactive security strategy and prevent cyberattacks before they occur. Some of the other recently-launched capabilities of Log360 are:

• Incident manager for security operations centres (SOCs):Log360’s incident manager facilitates prompt threat detection, granular

OPSWAT TO SPOTLIGHT CYBERSECURITY MATURITY AT GISEC 2023

OPSWAT announced that it will be at GISEC 2023 to show the region’s private and public sector enterprises how to develop their cybersecurity maturity through the company’s endto-end IT/OT security solutions.

“OPSWAT has been a GISEC attendee for many years, and this time around, we exhibit amid a threat landscape that is bubbling with risk for OT (Operational Technology) and ICS (Industrial Control System) environments,” said Sertan Selcuk, Vice President of Sales, Middle East, Turkey, and Africa, OPSWAT. “Our mission to protect critical infrastructure through purpose-built CIP technologies has never been more urgent. Regional nations have

been hard at work diversifying their economies, and heavy industries such as utilities, energy, manufacturing and oil and gas can only innovate as long as they remain protected from cyber criminals.”

In addition, ManageEngine will showcase PAM360, its privileged access management solution, which now features advanced privilege elevation capabilities for Linux environments—in addition to its already extensive PEDM capabilities for Windows environments—and the SSH Command Control feature. Other ManageEngine solutions covering endpoint security, data security and network security will also be highlighted at the event. Cybersecurity experts will be available to interact with attendees, address their IT security concerns and share insights on the latest security trends at booth number D 60. Demonstrations will also be held at the booth to offer a first-hand experience of the company’s security solutions.

Selcuk warned that regional OT environments mostly rely on a single endpoint scanning and EDR to fight malware and file-borne attacks, which leaves the perimeter unaddressed. Organisations must improve their cybersecurity postures to secure email, cloud storage, containerisation, and other modern constructs by implementing a zero-trust architecture.

“No single vendor provides antimalware and sanitisation solutions that cover file entry points across USB, Web traffic, storage, email and everything in between… except OPSWAT,” Selcuk added. “We offer purpose-built CIP technologies rather than repurposed IT products — solutions that can be deployed in the cloud, on prem and in air-gapped networks, offering more flexibility than any other provider in the market.”

NEWS
8 CXO INSIGHT ME MARCH 2023

DU UAE AND HUAWEI SIGN MOU ON 5.5G STRATEGIC COOPERATION

Huawei will strengthen cooperation in 5.5G innovation, including technological innovation, and E2E network evolution, to help du continuously enhance user experience and lead the UAE market in 5.5G development.

local and global industry partners to build a sound 5.5G ecosystem and promote multilateral business success.

At Mobile World Congress (MWC) Barcelona 2023, du, from Emirates Integrated Telecommunications Company (EITC) and Huawei signed a Memorandum of Understanding (MoU) on 5.5G strategic cooperation, marking a new phase of their long-standing partnership.

As one of the fastest-growing telecommunication operators in the UAE, du works closely with Huawei and has outstanding performance in 5G network experience and service development, capturing a large share of the Middle East market. Through this partnership, du and

Saleem AlBlooshi, CTO of du UAE, Cao Ming, President of Huawei Wireless Network Product Line, CEO of Huawei UAE, Liu Jiawei, and other executives from both parties attended the signing ceremony.

According to the MoU, du and Huawei will collaborate on 5.5G in three aspects. For innovation, they will focus on key technologies, including ELAA-MM

(Extremely Large Antenna Array Massive MIMO), Passive IoT, Virtual Large Carrier among others, and discuss E2E network evolution roadmap. In terms of application exploration, they will conduct research on new scenarios and identify potential applications based on local requirements, such as Metaverse, holographic meeting, XR. In ecosystem construction, they will work together with

Saleem AlBlooshi, CTO of du, said, “du is committed to working with industry leaders around the world to create new solutions that help us stay at the forefront of digital innovation. In line with the UAE’s Metaverse strategy, our partnership with Huawei will enable du to achieve our goal of making 5.5G technology available for commercial use, and together we can create immersive XR experiences for users that are highquality and reliable. Our goal is to create an ecosystem in which every aspect of life can benefit from the unique features that 5.5G technology has to offer, ranging from improved connectivity and faster speeds to full-scenario IoT and extensive coverage.”

Cao Ming, President of Huawei Wireless Network Product Line, said, “We’re committed to provide innovative solutions based on user requirements. We will work with du on 5.5G innovation, explore and promote 5.5G technologies, and commercialise high-value use cases based on the local scenarios in UAE, to improve network experience and build a digital, intelligent world.”

CLOUDFLARE TO DISCUSS ZERO TRUST ACCELERATION AT GISEC

Cloudflare announced its participation at Gulf Information Security Expo & Conference (GISEC) Global 2023 taking place between 14-16 March at Dubai World Trade Centre. The company will use the event as a platform to educate regional enterprises and organisations about protecting, consolidating and optimising their corporate networks, their IT and internet presence, without the cost and complexity of managing legacy network hardware.

Speaking about the company’s participation at GISEC, Bashar Bashaireh, Managing Director of Middle East & Turkey at Cloudflare says, “Over the past few years, ransomware, data breaches, and other cyberattacks have been hugely disruptive and cost businesses and public agencies huge amounts of money, in addition to loss of reputation and market trust. In response, as organisations

embrace digital transformation and move their operations to the cloud, they should be looking to an integrated service – offering security, performance, reliability and privacy as the key pillars of a successful digital transformation strategy. The first and most critical part of this transformation is to build trust within an enterprise’s ecosystem – customers, partners, stakeholders. And for this an organisation needs to have a robust and integrated security solution in place.”

“As a company that is leading innovation, we are excited to be present at GISEC, to partner with enterprises in the region on their network transformation journey. Corporate networking has become overly complicated. Network and IT teams that used to maintain “castle-and-moat” architectures are now responsible for much more: managing legacy WAN connectivity (such as MPLS), establishing secure remote access, and stringing together disparate networking hardware on-premise to satisfy security, performance, and reliability needs. With Cloudflare, enterprises can replace a patchwork of appliances and expensive legacy circuits with a single global platform that provides built-in, software defined Zero Trust functionality, DDoS mitigation, firewall services, and traffic acceleration.”

9 CXO INSIGHT ME MARCH 2023

LG OPENS INTERACTIVE BUSINESS INNOVATION CENTRE IN DUBAI

LG Electronics (LG) announced the opening of its Information Display Business Innovation Centre (BIC) in Dubai, UAE. The showroom represents more than just a platform to showcase LG’s cutting-edge digital signage, but an experience centre where customers can interact with the latest technology and explore the possibilities that LG’s B2B solutions offer.

From sliding doors and conference room glass partitions made of Transparent OLED Signage, to drive-thru and QSR (Quick Service Restaurants) digital signage, conference rooms with all-in-one videoconferencing screens, LED displays for various commercial usage and a home cinema with a massive Micro LED display, the facility aims to showcase the versatility of LG’s B2B solutions and provide visitors with a firsthand look at how these products and solutions can transform and elevate their home and business environments.

“Customers need more than just a demonstration of products; they desire an interactive experience that showcases the full capabilities of technology. Our

AVEVA NAMES NEW CEO

AVEVA has announced Caspar Herzberg as CEO. With more than 25 years’ software and industry experience, Caspar brings a deep understanding of how technology can transform and reshape industries, enabling innovation and driving responsible use of resources.

Caspar joined AVEVA in 2021 as Chief Revenue Officer and assumed the role of Chief Operating Officer in 2022. AVEVA has recently been acquired by Schneider Electric, and as AVEVA CEO, he will also be a member of the Schneider Electric Executive Committee.

Prior to joining AVEVA, Caspar led all aspects of Schneider Electric’s business in over 80 countries as President, Middle East & Africa. He started his business career at Accenture based out of its London office and worked in extensive digital transformations for the global

Business Innovation Centre in Dubai has been designed with this in mind, providing customers with an engaging, hands-on experience that showcases the potential of LG’s display solutions. We are excited to demonstrate to our customers how LG’s latest products can add value in practically any commercial sector or area in their life,” said LG Electronics Middle East & Africa Regional CEO, Ilhwan Lee.

Visitors at the Innovation Centre will be greeted by LG’s Transparent OLED Automatic Door at the entrance of the showroom, demonstrating new ways to communicate with customers and employees, as well as an advertising tactic to the consumers. At the centre is the eye-catching dual screen display using 1.5mm LED Pillar and Transparent LED film allowing continuous viewing of two different contents for an amazing visual

effect. Another key installation is the 10m x 2.7m Fine Pitch LED screen showcasing kinetic realisation using real curve and a 90° corner design.

The Innovation Centre is divided into special themed areas. The Retail Zone showcases LG’s Transparent OLED Signage which responds to viewers’ touch as well as illuminate the space behind the display, visually enhancing the objects behind it. The QSR Zone highlights LG’s IP rated outdoor displays and back-office screens perfect for Drive-Thru experience as well as menu board screens and a self-ordering Kiosk. The Meeting Rooms boasts of LG’s All-in-One conferencing solution for next level work meetings while in the Home Cinema Area, visitors can experience the amazing 163-inch Micro LED Display, the LG MAGNIT. With its huge size and super picture quality, it can provide viewers with a sense of immersion and make every viewing experience memorable.

Explore LG’s innovative B2B solutions in LG’s Business Innovation Centre, located at LG Electronics MEA HQ, X3WR+24J Mina Jebel Ali, JAFZA, Dubai UAE.

energy sector. At Cisco, Caspar led sales and services for over ten years, developing smart cities strategies, technology

innovation and business master plans for the private and public sector in China, Asia, Japan, Australia, the USA, and Europe.

Caspar replaces Peter Herweck, who will become CEO of Schneider Electric from May 4th, 2023.

Caspar Herzberg, CEO of AVEVA, said: “It is a privilege to take over from Peter Herweck, who has led the company through a time of transformation and renewal. We have a great opportunity ahead of us, having brought together three market-leading software portfolios–Schneider Electric Software, AVEVA and OSIsoft. We are now one of the world’s top industrial software providers, trusted by

over 90% of industrial companies from energy, water and food to manufacturing, pharmaceuticals and smart cities. We plan to drive value for our customers with integrated data, AI-infused applications, accelerating their journey to the cloud and providing Software-as-a-Service (SaaS) to reduce total cost of ownership.

“My vision for the future is a completely connected world, where industrial teams use integrated data to collaborate beyond their own four walls. Together with suppliers, partners and customers, they uncover new synergies, reduce waste and create new opportunities. At AVEVA, we are uniquely positioned to enable our customers to thrive in this new connected industrial economy. I’m looking forward, alongside our hugely talented teams, to empowering our customers to design better, operate more efficiently and solve the most critical challenges for industry, infrastructure and our planet.”

NEWS
10 CXO INSIGHT ME MARCH 2023

OWNING THE EXPERIENCE

OMAN-BASED INSURANCE HOUSE BIMA TRANSFORMS CUSTOMER EXPERIENCE WITH WHATSAPP BUSINESS

significantly reduce customer support costs and improve its quality. “Where we have excelled is the integration of WhatsApp with our portal, which allows our agents to handle many customers simultaneously. In addition, we have developed our own interface that helps us reduce the human resources and time needed to support our customers,” adds Rashdi.

Bima is also using Unifonic’s Chatbot for its customer service and support operations. “We found that people who prefer to buy insurance without the WhatsApp experience will do it without human interaction through our website. However, customers who buy policies through WhatsApp are looking for a more human experience, and they wouldn’t be excited to have a completely bot-based transaction,” says Rashdi.

BIMA is Oman’s largest insurance aggregator portal that offers a range of products, including life, home, and motor insurance. The insurance broker accounts for 10 percent of the country’s motor insurance market and processes around 500 policies every day. Insurance buyers can log into BIMA’s unbiased portal, which lines up quotes from 13 insurance providers and choose the best option for them, saving lots of money and time.

In the highly competitive insurance brokerage market, ensuring a good customer experience while protecting data and maintaining compliance is a key focus in BIMA’s business strategy. BIMA leverages WhatsApp Business Platform, via Unifonics Customer Engagement platform, as a business communication tool to unlock better customer experience and find new ways to communicate with its customers.

“We try to digitise and automate the customer journey as much as possible so that our customers find it easier to insure through us than going to providers directly. It means they don’t have to fork

over info to multiple providers and receive multiple messages. Customer experience is the only reason they come back to us,” says Said Al Rashdi, CEO of BIMA.

To bolster its customer experience strategy, BIMA has moved away from legacy communications systems and deployed WhatsApp Business solution from Unifonic to meet its marketing and customer support requirements. “Our customers prefer WhatsApp over any other communication method, which has been the backbone of our communications strategy since our inception. We even deliver policy documents through WhatsApp,” says Rashdi.

The CEO says it is hard to imagine how the business would operate without WhatsApp. “Though we have an option on our website for customers to upload their documents and receive policies, it is obviously not as easy as WhatsApp because it is limited by size and type of documents. WhatsApp allows our customers to choose any document and share it with us hassle-free.”

Besides the ease of onboarding customers, WhatsApp has helped BIMA

BIMA has taken the middle ground by configuring its bots, using Unifonics Chatbot Builder, to handle the first half of transactions, which is usually to assist users to find information if that is all they are looking for. “For example, if you are stuck somewhere and need roadside assistance, it would be much faster if a bot responds and tell you the phone number you should be calling. However, we are open to automating processes with chatbots as the technology becomes more mature with AI and NLP algorithms. We think almost all of our business can be handled by chatbots but not until these virtual assistants are intelligent enough to handle complex inquiries or understand any discussion and respond to it,” says Rashdi.

BIMA is now gearing up to launch its B2B platform and plans to scale up the Unifonic solution to support its expansion plans. “We can expand into any vertical without worrying too much about how to communicate with customers thanks to Unifonics customer engagement platform. We chose Unifonic after evaluating many international brands in the market because of the quality of their service and support. Moreover, being a regional player, Unifonic understands our business needs and speaks the same language. They even have a dedicated account manager for us, which is essential when your whole business depends on WhatsApp,” he concludes.

CASE STUDY
12 CXO INSIGHT ME MARCH 2023

A GROWING MENACE

INDUSTRY PROS ANALYSE RANSOMWARE TRENDS AND ITS IMPACT ON BUSINESSES

There has been a dramatic surge in ransomware attacks in 2022, and it is estimated that it accounted for 20 percent of all cybercrimes last year. According to IBM’s recent data breach report, the average cost of a ransomware breach was $4.54 million in 2022, and industry experts believe it will continue to be the top threat vector this year as well.

What are the top ransomware trends to watch in 2023?

“Many of the ransowmare trends seen in 2022 will continue through 2023 –including the dominance of ransomwareas-a-service offerings, supply chain attacks and double extortion,” says Charles Smith, Consultant Solution Engineer, Data Protection, Barracuda. “There is a government-level debate taking place in some countries about whether making the payment of ransoms illegal will help to disrupt the criminal business model or just drive payments

underground. National and international law enforcement efforts to bring down alleged gangs look set to continue.”

However, one thing that deserves greater emphasis – it’s been covered in a few research reports over the years and is worryingly clear from our own latest

research – is the risk of repeat attacks. We found that 38% of the organisations surveyed had fallen victim to two or more ransomware attacks in 2022, he says.

Sophos noted in our annual threat report that ransomware was still one of the most pervasive cybercrime threats to organisations, and ransomware operators are continuously evolving their tactics, techniques, and procedures in order to avoid detection.

“Over the past year, for example, we saw groups targeting Linux in addition to Windows, adopting new languages like Rust and Go to avoid detection, and developing news ways to extort their victims, such as offering a “subscription model” for leaked data,” says Christopher Budd, Senior Manager, Threat research at Sophos.

Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East, says ransomware attacks have become a central cyber threat

FEATURE
14 CXO INSIGHT ME MARCH 2023

and oppose a disruptive factor globally to organisations, corporates and even governments. “Ransomware was the leading threat to organisations in the first half of 2022 and as we look ahead to 2023, that trend shows no signs of slowing down. The ransomware ecosystem will continue to evolve and grow with smaller, more agile criminal groups forming to evade law enforcement.”

Narayanan says as ransomware groups continue to see success, it’s likely that we’ll begin to see more groups and more organised cyber crime, hacktivism and cyber warfare. We’re already seeing firms being attacked multiple times, so just because a company has suffered once doesn’t mean that it’s immune to another attack, unless it pivots to a prevent-first cyber security strategy. Globally, ransomware attacks are due to spike in 2023. While some industries have invested heavily in ransomware prevention, detection and mitigation tools, other industries have barely begun to make a stand.

Ram Vaidyanathan, IT security evangelist, ManageEngine, says one of top ransomware trends you need to watch out for this year include AI-powered ransomware attacks. AI is increasingly being used for cyberattacks, and ransomware is no exception. Attackers can use AI at every stage of a ransomware attack, from initial entry to extortion.

He says ransomware attacks have entered the cloud environment. The

increase in adoption of cloud computing has led to a rise in the number of vulnerabilities in cloud service providers (CSP) for ransomware attackers to exploit.

What are some of the top active ransomware gangs to watch in 2023?

Because of the ransomware-as-aservice model, this is something that’s constantly evolving. Groups are created, they disband or have their operations disrupted, and then remnants of these disbanded groups create new ones.

“In our threat report, we provided data on the most frequently encountered ransomware groups by our Rapid Response team in the first ten months of 2022. Lockbit was the one encountered most frequently, followed by BlackCat and Phobos (an older group that typically takes advantage of compromised remote desktop connections). Lockbit is a group that has received a lot of media attention recently after some high-profile attacks, and we can say that they definitely have somewhat “led the pack” in terms of creating new ways to extort victims,” says Budd from Sophos.

Narayan from Check Point picks Conti and BlackBasta as top active ransomware gangs in 2022 that may continue to pose a threat in 2023. Conti is a relatively new ransomware group that emerged in 2020 and quickly gained notoriety for their successful attacks on several high-profile targets, including Ireland’s health service. They are known for using double-extortion tactics, where they not only encrypt

victim’s data but also threaten to release it publicly if the ransom is not paid.

BlackBasta is believed to have been developed by a group of Arabic-speaking hackers and is known for its targeted attacks on large organisations, particularly in the energy sector. The group behind Blackbasta is known for its use of a sophisticated malware loader to evade detection and for its use of a custom encryption algorithm. The group has been active since at least 2019.

Smith from Barracuda says this is a difficult one to answer. First, the landscape is changing all the time, with attack groups coming together, splitting apart, rebranding, apparantly leaving the landscape, being taken down, and more. Some of this is because ransomware gangs don’t really want to attract too much attention as this will put them on the radar of law enforcement.

Second, many ransomware operations are now available as-a-service (RaaS), and this means that different groups of attackers could potentially use different ransomware offerings to launch attacks. Attack kits can be purchased on the dark web so the actual attacker could be just about anyone, while the more established gangs are paid for the use of the kit or a proportion of the proceeds.

“What’s important is building effective defenses against any and all ransomware and keeping track of how overall attack behaviors, tools and techniques are evolving,” he sums up.

Ram Vaidyanathan Christopher Budd
15 CXO INSIGHT ME MARCH 2023
Ram Narayanan

THE EXPERTS SPEAK

RANSOMWARE AS A SERVICE WILL CONTINUE TO BE A MAJOR AVENUE FOR RANSOMWARE OPERATORS. THIS ENABLES ATTACKERS TO USE A PLATFORM WHICH PROVIDES THE NECESSARY CODE AND INFRASTRUCTURE TO LAUNCH THEIR CAMPAIGNS. THE RAAS PROVIDER TYPICALLY TAKES A CUT OF THE RANSOM PAYMENTS MADE BY THE VICTIM, CREATING A MUTUALLY BENEFICIAL RELATIONSHIP BETWEEN THE PROVIDER AND THE ATTACKER. THIS MODEL HAS MADE IT EASIER FOR LESS TECHNICALLY PROFICIENT INDIVIDUALS TO CARRY OUT RANSOMWARE ATTACKS, AS THEY NO LONGER NEED TO HAVE THE EXPERTISE TO CREATE THEIR OWN MALWARE.

RANSOMWARE CONTINUES TO PLAGUE ORGANISATIONS IN 2023, AND THERE IS NO PLACE FOR A ‘IT WON’T HAPPEN TO ME’ MINDSET. LEADERS NEED TO BE THINKING OF THE WORST CASE SCENARIO AND BE PROACTIVE, NOT REACTIVE IN THEIR PLANS. UNFORTUNATELY, WHILE BACKUP SYSTEMS HAVE PROVIDED AN INSURANCE POLICY AGAINST AN ATTACK IN THE PAST, HACKERS ARE NOW TRYING TO BREACH THESE TOO. ONCE AN ATTACKER IS INSIDE AN ORGANISATION’S SYSTEMS, THEY WILL ATTEMPT TO FIND CREDENTIALS TO IMMOBILISE BACKUPS. THIS WILL MAKE IT MORE DIFFICULT, TIME CONSUMING AND POTENTIALLY EXPENSIVE TO RESTORE.

RANSOMWARE AS A TERM GENERATED A LOT OF HYPE FOR TWO REASONS: (1) THE RANSOM DEMANDS GENERALLY DEMANDED PAYMENT IN VIRTUAL “CURRENCIES” LIKE BITCOIN, WHICH HAD THEIR OWN OVER-HYPE GOING; AND (2) THERE WAS A LOT OF CONTROVERSY IF PAYING THE RANSOM WAS MORE COSTEFFECTIVE THAN RESOLVING THE PROBLEMS THAT ENABLED THE INCIDENT - ESPECIALLY WITH THAT HOPE THAT CYBER INSURANCE POLICIES WOULD COVER RANSOM PAYMENTS.

“THE GOOD NEWS ABOUT THE HYPE OVER RANSOMWARE IS THAT IT CAUSED MANY ORGANISATIONS TO AT LEAST ADDRESS THE NEED FOR BACKUP SYSTEMS, BUT ALSO FOR REACHING ESSENTIAL LEVELS OF SECURITY HYGIENE. THE OTHER GOOD NEWS IS IT TURNED OUT THAT CYBER INSURANCE POLICIES DID NOT TRANSFER LIABILITY FOR INCIDENT COSTS, OR EVEN CAP COSTS. AT BEST, SOME SMALL PERCENTAGE OF THE INCIDENT COST WAS REIMBURSED, AFTER MUCH HAGGLING. I THINK THE BIGGEST TREND WILL BE THE DEMISE OF THE TERM “RANSOMWARE.

2022 SAW THE FIRST DECLINE IN RANSOMWARE ATTACKS AND EARLY 2023 DATA SHOWS THAT A CONTINUING SLOW DOWNWARD TREND. IF YOU LOOK AT THE PROBLEM FROM A RANSOMWARE OPERATOR’S PERSPECTIVE, THE ENTIRE PROCESS FROM RECONNAISSANCE TO INITIAL INFILTRATION TO ENTERPRISEWIDE SOFTWARE DEPLOYMENT AND DATA ENCRYPTION IS A TIME CONSUMING AND FRUSTRATING PROCESS. ANYONE WHO HAS EVER WORKED IN DESKTOP AND SERVER MANAGEMENT WILL TELL YOU HOW HARD IT IS TO RUN A SOFTWARE DEPLOYMENT PROJECT, EVEN WHEN YOU ARE THE LEGITIMATE ADMINISTRATOR OF THOSE SYSTEMS! WHAT IS IMPORTANT TO REALISE IS THAT THESE CRIMINALS ANALYZE THEIR TIME INVESTMENT LIKE ANY OTHER RATIONAL BUSINESS OWNER. IF THERE ARE MORE EFFICIENT WAYS TO MAKE MONEY, THEN THEY WILL FIND THOSE.

FEATURE
Fred Lherault, Field CTO, EMEA & Emerging Markets at Pure Storage Aaron Turner, SaaS CTO, Vectra AI
16 CXO INSIGHT ME MARCH 2023

The

Di gi t al Insights offers SOC as a Serv i ce, which allows yo ur organization to set up a comp l ete 24 x7 security o p e rations center (SOC365) function at a significantly lower cost than constructing an in- hou s e SO C. O u r t e am help s you detect, analyz e, in vestig ate , validate, a nd respond to threats using right mix o f people, s kills, pr ocesses, and technology.

SOC365 security exp erts look for cybersecurity

t hreats by monitoring your logs, cloud e nvironments, d evices, s ystem s and network. In addition to con stant m o nitoring, we detect and investigate cyberattacks ac ros s your entire organisation.

In an event of intrusion /a ttack, o ur SOC team will p rovide incident response immediately and will support yo ur internal IT o r security team to be gi n remediation.

C o mplete IT C ompliance & Security Ma na gem ent in a Sin gle Pane of Glass for PCI DSS, I S O 27001, HIPAA, a nd SOC 2.

Rapid on-boarding and deploymen t provides immediate c y b e r threat protection.

www.digitalinsights-uae.com | info@digitalinsights-uae.com www.soc-365.com | info@soc-365.com
24/7/365 Security Monitoring Vulnerability Assessment Asset Discovery Incident Response Intrusion Detection Behavioural Monitoring Integrated Threat Intelligence Compliance Reporting Network Traffic Analysis Penetration Testing Endpoint Detection & Response
“We protect organisations
from
Cyber attacks”
Key Benefits of our SOC365 Security Operation Center are: 24/7 SOC365 Security Operation Center UAE +971 4 2415 888 | UK +44 203 130 1723

SECURING THE ENTERPRISE

EDDY ABBOUD, VP OF MDS COMPUTERS, EXAMINES BIGGEST CYBERSECURITY TRENDS AND THEIR IMPLICATIONS FOR REGIONAL ENTERPRISES

customers through social engineering, phishing, and other techniques. Finally, organisations must adopt modern solutions which are required to address the diverse cyber risk landscape.

As cyber security leaders, we must stay on top of these trends and take proactive steps to mitigate potential cyber threats.

Why should cybersecurity be a top business priority?

which includes a variety of technical and organisational measures. Conducting a comprehensive risk assessment, developing a cybersecurity strategy and policy, educating employees on how to identify and avoid potential risks, implementing robust access controls, regularly updating and patching software, conducting regular security testing and assessments, and implementing a robust incident response plan are all part of this process.

Businesses can also improve their cybersecurity defense and become more resilient to cyber threats by partnering with MDS Computers to consult on and implement a full security framework that addresses their specific business and IT needs.

Do you see a demand for managed security services in the region?

What are the cybersecurity trends to watch out for in 2023?

It is critical to be aware of the most recent cyber risk developments and ways to strengthen the infrastructure. Organisations should keep an eye on several key trends in 2023.

For starters, cloud security remains a concern, giving threat actors the opportunity to launch attacks. With easy opportunities in e-commerce, banking, and online booking applications, mobile devices are becoming a major target for attackers. We can also anticipate more targeted attacks on IoT devices and OT infrastructure, as a broader range of malicious actors target these technologies. Moreover, as increased patient data is stored online and in the cloud, the healthcare sector is becoming more susceptible to cyber threats.

Reports from various security principles suggest that AI techniques and machine learning can aid in the detection and response to cyber threats. Let’s not forget that the organisation’s user base remains a primary target, with threat actors compromising employees and

For several reasons, cybersecurity should remain a top business priority. First and foremost, protecting sensitive data is critical for any business. Organisations collect and store massive amounts of sensitive data, including customer information, financial, and other important data types. Cybersecurity measures are critical to protecting this data from unauthorised access, theft, or misuse.

Second, cybersecurity breaches can be extremely costly for businesses, both financially and in terms of reputational damage. A single data breach can result in substantial financial losses as a result of litigation, customer compensation, and possibly regulatory fines.

With the increasing frequency of cyber-attacks such as phishing scams, ransomware attacks, and other malicious activities, the risk is greater than ever. Cybersecurity is an important business priority that should not be overlooked. Protecting sensitive data, reducing financial losses, and protecting the company’s reputation are just a few of the reasons why investing in cybersecurity measures is a good idea.

Which steps do you advise to improve cyber resilience?

Businesses should take a holistic approach to improving cyber resilience,

Yes, of course. There is a high demand for managed security services in the UAE and throughout the region. The rapid adoption of digital technologies and applications, combined with the increasing frequency of cyber threats, has resulted in a greater emphasis on cybersecurity in general.

Large enterprises and government organisations in the region require robust cybersecurity measures to protect sensitive data and business operations, in-country, from advanced cyber threats. There is also requirement to deliver this service promptly, which makes developing and maintaining an effective in-house cybersecurity capability difficult for businesses. Hence, the increased demand for managed security services.

MDS Computers has made significant investments and acquisitions in this area to have a complete managed services portfolio. Today, we enjoy an everincreasing demand for the mature services we provide to the UAE market.

Do you expect regional enterprises to leverage AI and ML to enhance threat detection and response capabilities?

I strongly recommend regional enterprises to use AI and ML for threat detection and response. These technologies have the potential to significantly improve the speed and accuracy of threat detection, reduce response times, and proactively identify potential security risks.

INTERVIEW 18 CXO INSIGHT ME MARCH 2023

THE NEW ORDER

ALAIN SANCHEZ, FORTINET EMEA FIELD CISO, TALKS ABOUT THE NEW CONVERGENCES SHAPING THE DIGITAL WORLD IN 2023 AND BEYOND.

You are talking about new convergences and holistic security. Can you elaborate please?

There are many dimensions of convergence. The primary one started from a vision about 22 years ago, and this is the building block of Fortinet. When you look at security and networking, there are two dimensions - networking is where all the creativity, collaboration, and interactive applications which turn the reality of our world into an advanced value proposition take place. But the very moment you do networking and move one byte from A to B, that byte, by essence, can be attacked. So the first level of convergence is networking and security operating as one. And we made it possible by creating an ASIC that offloaded the processor from the security stack, which ensures there is no performance at the detriment of security or security at the detriment of performance.

Another dimension is fixed mobile convergence. You have a mobile network that can provide quality service, speed, or collaboration, but you must secure it simultaneously. At the same time, a merger between IT and OT is happening, which were two separate domains before. So these are all the different dimensions of convergences. The industry is moving towards integrated platforms with a broader scope and an understanding of what’s happening in the wireless interface, security, and networking.

We used to buy cybersecurity like we used to buy IT, the old-school best-of-breed approach. As a result, the industry has ended up with a

mosaic of products. But the value needs to come from the integration of these products. And you can make very accurate decisions by correlating the network dimension, the security dimension, the fixed mobile, etc., This is the convergence of all that dimensions.

Why is holistic cybersecurity more important than ever?

An application is the most fancied one in the IT world because it has a user. It takes data, processes it, and stores it. But at the same time, it opens up what we call an attack surface, which comes from the application’s code, data, interface, storage, or processing. So many domains can be attacked. This is why a holistic cybersecurity approach is important, and C-level executives have started to approach it from the economic angle because there is so much at stake. When an application is related to your value proposition and adds value to the community of your users, you have to secure it – not only

technically but legally as well because of the new set of absolutely necessary compliance requirements.

How can we secure OT systems given the fact they were never designed with security mind?

The OT devices and sensors - all these beautiful little things enhancing our processes need to be economically viable to their manufacturers. If you buy a temperature sensor from Amazon for $19, there is not enough memory in this very rudimentary device. From an IT perspective, there is not enough CPU to execute the security code. So we observe them, and we machine learn what the normal behavior is. There is a learning period where we know this sensor sends five kilobytes every ten milliseconds. It sends this to an IP address, generally a middleware that will aggregate all the data and present it to the user. The moment this device sends more kilobytes in an erratic scheme, you’ll know something is wrong. The moment the way it behaves differently, you can see that, and you can correlate that with other parameters from your network.

So, we do need ML capabilities for this.

We do, which is why we invest a lot in machine learning and artificial intelligence. Fortinet has more patents in artificial intelligence than any other player in cybersecurity, enabling us to address the OT challenges. So I don’t need to be inside the sensor – all I need to do is scrutinize and observe the sensor to come up with baseline behavior from which I can make decisions. However, it is important to remember machine learning requires time, the same way a human needs time to learn. Twenty weeks of learning is not so unusual for a very complex industrial process to avoid false positives because you have maintenance, production, and data processing phases. So you need to smartly address all of that and develop a picture of the normal behavior of the complex process.

INTERVIEW
20 CXO INSIGHT ME MARCH 2023

UCC Collaboration Summit 2023

Connecting the World and Empowering Teams with Zoom and Microsoft.

In collaboration with

KSA MOROCCO EGYPT QATAR KENYA OMAN NIGERIA ETHIOPIA UAE

KEEPING YOUR DATA SECURE

What are the cybersecurity trends to watch out for this year? Cloud security, for sure. Cloud computing is being used pretty much by every organisation worldwide in some shape or form. And as we see more and more organisations move to the cloud, either fully or hybrid, we will see a significant focus on cloud security. Cloud providers will need to focus on ensuring their platforms are secure, and organisations will need to focus on how their data residing in the cloud is also secure.

The second trend, although not a trend but something that I think needs mentioning, is work from anywhere. Although some employees prefer to return to the office, many still prefer work from anywhere. So securing a true work-from-anywhere environment without compromise is still something to keep an eye on.

The third trend is AI and ML being used to help detect threats and prevent cyber-attacks, with AI-enabled threat detection systems predicting new attacks and notifying security admins any breach instantly.

Why is cloud data protection a security concern?

We are seeing a massive growth of data with more and more cloud-based applications, and organisations employees are accessing more and more sensitive data on their sanctioned and unsanctioned devices. Going back in time, customers had their own data centers and their own internal networks and everything they did existed within their four walls. And everything was trusted. The applications, the data, the users, their devices. Anything outside was not trusted.

And to access a shared drive, you had to be physically in the office on the network and on a company device. And if you were outside, then it was only from your company-managed device, and you were on a VPN.

Fast forward to today, and things are changing because we are all moving onto the cloud. You’ve got cloud applications that are replacing the applications typically on-premise. At the same time, you are moving your data up to the cloud applications.

And then you’ve got your users outside the office, working from anywhere, accessing these cloud applications. Remember, before they had to VPN in, now they could directly access these applications.

Why is this a security concern? Security was built inside your DC like a firewall or an on-premise web gateway to handle your web traffic. You were inside your network. Your data could be trusted and protected. But when users are at home, you lose that capability with your onpremise security controls. If your users are sitting at home, then your on promise secure web gateway won’t be able to stop someone from downloading malware from the internet or uploading sensitive data to websites. So not only can you not protect your users and even your managed devices, but when you move your data to the cloud, it is out there for anybody to try and access it, putting it at risk. And also, third-party apps and services that your company hasn’t sanctioned. For example, your employees using Dropbox or ConverttoPDF, which they sometimes need for their day-to-day job. And none of this happens inside your company’s purview; it’s all happening cloud to cloud. This is pretty much what

we call Shadow IT. Again if this happened inside your network and you had an onprem web gateway you could probably stop it from happening.

When you move to the cloud, controlling users’ apps is very important. The more you use sanctioned cloud applications, you also have to be able to control unsanctioned cloud applications and allow users to use them to the extent that they need to. At the same time, make sure they do it in a way that you control and can protect.

What are the cybersecurity challenges of remote work?

Working remotely still poses many security challenges if correct policies are not implemented. And users, regardless of where they are, must backhaul their traffic back to the corporate network only to go back to the outside world again, causing many challenges like service availability, user performance, productivity, etc.

Also, with the VPN approach, we all know it’s not the most efficient system; first, you have a very contradictable technology in VPN with vulnerabilities pretty regularly. Second, you are bringing back internet traffic from outside back into your data centre, adding more load on the proxies to exit back out again, which doesn’t make sense because the applications sit in the cloud, so you might as well access them directly. Oher challenges include malware protection, remaining compliant with data protection, end-user latency, and vulnerable personal and company devices at home.

INTERVIEW
VIJAY BABBER, CHANNEL ACCOUNT MANAGER AT SKYHIGH SECURITY, LISTS OUT REASONS WHY CLOUD SECURITY IS IMPORTANT FOR BUSINESSES.
22 CXO INSIGHT ME MARCH 2023
Access business applications from home, the road and at the office, seamlessly and securely without interruption. For more information visit us at skyhighsecurity.com Skyhigh Security is a registered trademark of Musarubra US LLC. Copyright © 2023 Protecting Your Data No Matter Where it Resides.

CELEBRATING CHANGE MAKERS

CXO INSIGHT MIDDLE EAST HOSTED THE FIFTH EDITION OF CXO 50 AWARDS AND CONCLAVE AT SHANGRI-LA HOTEL, DUBAI, TO HONOUR IT LEADERS WHO HAVE DEMONSTRATED EXCELLENCE IN LEADING DIGITAL TRANSFORMATION INITIATIVE AND TECH INNOVATION.

Sponsored by Gold Partners: Cloudflare, Fortinet, Infor, Proven Solution, and silver partners: Nutanix, D-Link, Checkmarx, SolarWinds, Finesse, Teksalah, Redington, EMT, Cloudbox Technologies, Visiontech, Syscom Distribution, Real Secure, and MDS – the CXO 50 Awards rallied together some of the top CXOs in the region.

Sebastian Samuel, CIO of AW Rostamani, kicked off the conclave with a keynote address on the top strategic technology trends for the future. “Since the future is unclear, organisations must create secure foundations, maximize value from data, protect and grow your brand, attract and retain talent, grow revenue, and accelerate digital,” he said.

Following this, Arti Gupta, Bharat Raigangar, and Arun Tewary, shared insights into how to secure digital transformation. Supported by various real-life scenarios, the speakers enlightened the audience on working

cohesively and holistically to deliver customer experiences on their secure digital transformation journey.

Next up was the insightful panel discussion, where panel members delved into the key technologies that are set to shape digital transformation in 2023. Moderated by Jeevan Thankappan,

Managing Editor at Insight Media and Publishing and CXO Insight Middle East, the panel featured Bashar Bashaireh, managing director of Cloudflare; Fadi Yehia, regional director of Fortinet; Khaled Alshami, VP of solution consulting at Infor; and Pavel Makarevich, emerging technologies expert at Proven Solution.

CXO 50 AWARDS
24 CXO INSIGHT ME MARCH 2023
Sebastian Samuel AW Rostamani Khalid Jalal GARMCO Aiman Othman Union Coop Mustansir Aziz Automech Group Alan Brouard Etihad Rail
25 CXO INSIGHT ME MARCH 2023
Abdalla Al Ali DMCC
CXO 50 AWARDS
Ahmad Al Madani Horizon Terminal Ahmed Al Ketbi DEWA Anindo Banerjee Eltizam Asset Management Santosh Shetty Liwa Trading Enterprises Abdulla Bader Al Sayari Department of Health
26 CXO INSIGHT ME MARCH 2023
Mubarik Hussain Bloom Holding
CXO 50 AWARDS 28 CXO INSIGHT ME MARCH 2023
Manal Allam Merck Mohamed Al Damassy Al Masraf Manish Bhindra Galadari Group Aus Alzubaidi MBC Santosh Thomas African + Eastern Baha Sayiner Medcare
29 CXO INSIGHT ME MARCH 2023
Ronald D’sa OSN Rustom Pereira Eminsco Shrikant Kaboor ARADA Jaleel Rahman Prime Health Group Kiran D’Souza Boehringer Ingelheim Abdulrahman Khaiwi Emirates National Schools
CXO 50 AWARDS 30 CXO INSIGHT ME MARCH 2023
Taher Jhanjharya EFS Facilities Services Riasat Ali RAK Ports Fayaz Badubhai Al Yousef Group Aditya Kaushik Zakher Marine Mostafa Zahran Imdad James John Emirates National Investment
CXO 50 AWARDS 32 CXO INSIGHT ME MARCH 2023
Aiman Aljabr Havelock One Interiors Ali Ghunaim Canadian Specialist Hospital Bader Zyoud Sharjah Central Finance Dept Swapnil Kadam Laticrete Middle East Qusai Farouq Almeqdadi EY Arul Jose Vigin DIFC courts
CXO 50 AWARDS 34 CXO INSIGHT ME MARCH 2023
Bandar Naghi Zahid Group Arnab Debroy Metito Overseas Aliasgar Bohari Zulekha Hospitals Gaurav Manaktala RAK Hospital Irshad Mohammed Burjeel Holdings Shailesh Mani DBMC Steel
Let us Grow the Market Together! sales@techfirstgulf.com +971 4 5570450 www.techfirstgulf.com UCC RASTRUCTURE CYBER SECURITY ELV SERVICES AUDIO VISUAL VOLUME We are Value Added Distributors offering end-to-end services to help you meet your organization’s various IT-related needs in the following areas: Because one solution does not work for all…
CXO 50 AWARDS 36 CXO INSIGHT ME MARCH 2023
Muhammad Tariq Siddiqui AWNIC Shijin Prasad Cure Medical Centers Kashif Fateh Dad Al Faisal Holding Tony Isac Petrochem Middle East Abdul Azeem Baqar Mohammed Emirates Float Glass Lenish Kannan Western International Group Muhamed Noufel Royal Continental Hotels and Suites Anoop Kumar Al Nisr Publishing
C O NNECTING MIN d S, B O OSTING CYBER RESILIENCE DUBAI WORLD TRADE CENTRE 14-16 MAR 2023 #GISEC.AE H.E. DR. MOHAMED AL-KUWAITI HEAD OF CYBER SECURITY UNITED ARAB EMIRATES GOVERNMENT GISEC IS THE IDEAL CYBERSECURITY PLATFORM TO PARTICIPATE & PARTNER WITH ENTERPRISE & GOVERNMENT ENTITIES IN THE REGION. ENQUIRE ABOUT EXHIBITING, SPEAKING & SPONSORSHIP +971 (04) 308 6469 I GISEC@DWTC.COM I GISEC.AE Official Distribution Partner Bronze Sponsor Officially Supported by Gold Sponsors Platinum Sponsor Officially Endorsed by CYBER SECURITY COUNCIL ﻲﻧاﺮﺒﻴﺴﻟا ﻦﻣﻷا ﺲﻠﺠﻣ Official Government Cybersecurity Partner Lead Strategic Partner

THE TRUE COST OF AI

GREGORY HERBERT, SVP & GM – EMEA AT DATAIKU, ON THREE STEPS TO REDUCING THE COST OF AI PROJECTS

These days, every regional business leader spends at least some of their time each day thinking about AI — its uses, its implications, its potential. The United Arab Emirates (UAE) can be thought of as a pioneer in artificial intelligence. It was the first country to appoint a minister of state to oversee the field. It is home to organisations like Dubai Electricity and Water Authority (DEWA) and Etisalat (by e&) that use bots for customer service. And it has a national Strategy for Artificial Intelligence. Enterprises here have even shown a willingness to commit to the deep and broad culture changes required to deliver Everyday AI, where AI becomes second nature to the entire workforce.

But despite the will of the innovators, AI projects can be stubborn when it comes to delivering their expected value. According to a March 2022 global report from Gartner, the ROI on AI projects varies from 20% to more than 800%. The problem arises from early cases classically being quick wins. The law of diminishing returns then applies to subsequent initiatives, but this is aggravated by increasing maintenance and execution costs.

So the challenge for organisations that want to create an Everyday AI culture becomes controlling costs while deploying at scale. There are three main steps to reducing the costs associated with AI projects.

1. Reuse and recycle

Every project is broken into manageable chunks for ease of implementation. In IT solutions development, everything from the smallest code snippet to data cleaning and even entire solutions can be repurposed and reused. Within an

Everyday AI enterprise, there will be professional coders who will know the basic resource economies that accompany reuse. But there will also be citizen developers who may need training in how to build code libraries and consolidate work into a repository for future reuse.

When it comes to data-cleaning and preparation, the repository model does not apply directly but the basic concept is the same. Prep work is labor-intensive, and organisations should devote some time to ensuring such tasks are not repeated. A centralised catalog of prepped data, similar to code libraries, will save a lot of time.

It makes sense to procure tools and establish rules and processes that ensure data can be prepared, and code written, just once and used many times. This can be of particular use to nontechnical business users who would otherwise have to wait for a developer or data scientist before creating value.

2. Many use cases for the price of one Once reuse procedures are nailed down, earlier projects can share their

costs across all those that follow. The Everyday AI model calls for transparency and a breakdown of information and departmental silos. If we follow this concept and combine it with the newly introduced practice of reuse, we could envisage a marketing employee taking a use case developed in the customer service function and building something else of value on top it with only a fraction of the effort that the original required.

This is the value of transparency. Of knowing what others have done and how it applies to the next use case and the one after that. And the tools are out there to facilitate such openness and allow all roles — from the most experienced data scientist to business analysts with basic spreadsheet skills — to feel the power of AI. This is often referred to as “data democratisation” and is a critical pillar of Everyday AI.

3. Efficiency across the AI lifecycle

AI projects do not tend to be linear, and they involve a rich community of job titles. If this pipeline is improperly managed, repetition is bound to occur, and keep occurring. There are three main areas where simple efficiency can help control costs, and the first is operationalisation, where AI solutions are released into the wild. Packaging and deploying take time and in an Everyday AI culture these releases can run into the hundreds. If possible, enterprises must make one-click deployment available to all professional and citizen developers.

Secondly, once deployed, a model must be maintained to ensure it remains effective and does not, in the worstcase scenario, do harm to the business. MLOps is one way of controlling the cost of maintenance, by turning it into a systematised, centralised task.

The third area to consider for an efficiency overhaul is architecture changes, including changes to AI tools themselves. A scalable approach to architecture that allows for the adding of new users, including citizen developers is required to ensure that the Everyday AI culture will last. Cloudnative AI platforms are the answer here, especially those that can integrate easily into a hybrid workspace.

VIEWPOINT 38 CXO INSIGHT ME MARCH 2023

EMPOWERING YOUR SOC

NOT EVERYONE CAN AFFORD A SOC. SABU MATHEW, DIRECTOR OF OPERATIONS AND BIJU JACOB, DIRECTOR OF BUSINESS DEVELOPMENT AT DIGITAL INSIGHTS, EXPLAIN WHY IT MAKES BUSINESS SENSE TO INVEST IN A MANAGED SOC INSTEAD OF BUILDING YOUR OWN.

Which factors drive the demand for SOC (Security Operations Centre) as-a-service?

Businesses are looking for more robust and sophisticated security solutions as the number of cyber threats and their complexity continue to rise. SOC as-a-service gives companies access to cutting-edge security tools and expertise to keep them ahead of new threats.

A significant investment in resources, including skilled personnel and specialised security technologies, is required to create and operate an in-house SOC. Businesses can access these resources without making a significant initial investment through SOC as-a-service. Companies that cannot afford to construct and maintain an in-house SOC can use SOC as-a-service as a cost-effective alternative. They can use a managed security service provider (MSSP) that provides SOC services for a monthly subscription fee rather than incurring the expense of building and staffing a SOC.

Another driver is compliance requirements. Regulations requiring a certain level of security monitoring and incident response capabilities are in place for many industries. By giving businesses access to the necessary security expertise and tools, SOC as-a-service helps them meet these requirements. Finally, scalability - companies can scale up or down their security requirements with SOC as-aservice as their needs change. When it comes to adapting to shifting threats and shifting business requirements, this provides agility and adaptability.

What are the advantages of outsourced SOC as compared to in-house SOC?

First and foremost, cost-effectiveness; it can be expensive to set up and keep up an in-house SOC because it takes a lot of money to pay for staff, technology, and infrastructure. Outsourcing SOC is

a compelling value proposition because businesses pay a monthly subscription fee for access to SOC services rather than incurring the upfront costs of building and staffing an in-house SOC.

In addition, MSSPs that offer SOC services have teams of security experts who know how to identify and mitigate security threats. Businesses can access this specialised expertise without spending money building and training their own SOC team. The SOC service providers also typically have 24/7 monitoring and response capabilities, which can be challenging for an in-house SOC to keep up without a lot of staff. Again, businesses can gain 24/7 security monitoring and response capabilities by outsourcing SOC services. Another significant advantage is scalability. Businesses can scale up or down how much security they need by outsourcing SOC services as their needs change. When it comes to adapting to shifting threats and shifting business requirements, this provides agility and adaptability.

MSSPs that offer SOC services can also help ensure that security requirements specific to the industry are met. Without having to make an investment in developing their own compliance capabilities, businesses can take advantage of this expertise by outsourcing SOC services.

How do you augment the existing security infrastructure of your customers?

• Conducting a security assessment: An MSSP can comprehensively assess a customer’s existing security infrastructure to identify gaps, weaknesses, and areas for improvement.

• Implementing additional security controls: Based on the security assessment results, an MSSP can recommend and implement additional security controls to augment the customer’s existing security infrastructure. These include network segmentation, data loss prevention, intrusion detection, and prevention, or cloud security solutions.

• Providing 24/7 monitoring and response: MSSPs can offer roundthe-clock monitoring and response capabilities to help customers quickly detect and respond to security incidents.

• Offering threat intelligence services: MSSPs can provide customers with real-time threat intelligence and alerts to help them avoid emerging threats.

By providing these services, MSSPs can help customers augment their existing security infrastructure to better protect against a wide range of security threats.

INTERVIEW
Biju Jacob
39 CXO INSIGHT ME MARCH 2023
Sabu Mathew

THE FUTURE CHANGING

BERND WUERMSEER, SVP GLOBAL SALES AT COGNIGY, EXPLAINS WHY CONVERSATIONAL AI IS A GAME CHANGER FOR DIGITAL TRANSFORMATION AND AUTOMATION.

What is the future of CAI?

Well, first I’d say the future is very bright. The market is growing rapidly because both the value and return on investment are huge and also continue to be proven over and over again. The two main components of CAI are the AI-powered natural language understanding and process automation and orchestration. Large Language Models will bring significant change to the language understanding side of things bringing in better understanding and generation capabilities, particularly in terms of personalisation. On the automation side, I think enterprises will realise that the same value that CAI delivers to customers can be leveraged internally as well and see growth there too.

What is driving the demand for CAI?

Most self-service experiences suck, and customers are becoming more impatient with the mediocre service they’re receiving. That’s a huge driver to be honest, and the technology is already here to help improve customer experience. Additionally, the orchestration and automation capabilities play a major role because it enables companies to deploy CAI on top of their existing tech stack, bringing dozens of siloed channels and systems together into a single well-oiled machine. Finally, the number of service channels continues to increase making it challenging for businesses to keep

INTERVIEW
40 CXO INSIGHT ME MARCH 2023

up and serve them all accurately and consistently. With CAI, companies can tackle all the above mentioned issues with a single platform.

What is the difference between CAI and chatbots?

Chatbots typically mean narrowly scripted question and answer bots found on websites. They don’t use artificial intelligence and are only able to deliver information such as FAQs or take customer information and relay that information to a marketing or sales process for follow-up. Essentially, chatbots give customers the ability to fill out a web form via chat. You can think of them as first-generation bots where the idea and vision were still in the development stage and the functionality was very limited.

CAI, as is in the name, uses artificial intelligence and natural language understanding to create a conversational interface to software, in the same way your mouse, keyboard and monitor provide an interface for you to interact with say Microsoft Word or Firefox. A key difference here is the idea of an interface, i.e., a road into key backend systems like your CRM, case management or say a reservations system.

Once you enable users to find information and carry out tasks and actions via language, you’ve got much more than a chatbot. Instead of calling a customer service agent who will navigate through multiple systems on their end and do what you need, the customer is suddenly able to do all of this themselves. So, CAI is the combination of AI as it pertains to language and process automation and orchestration which is far more powerful. It’s what enables Lufthansa for example to fully automate millions of conversations a year even on complex topics like flight refunds or rebooking instead of a classic chatbot that would just return a link to their policy or provide a phone number. It empowers customers to solve problems themselves, across dozens of channels.

How can enterprises use tools such as ChatGPT and GPT-3?

Right now, the business-ready use cases are limited. That’s not to say there aren’t plenty more great ideas that still need to be tested or further developed but putting something into the product is a much higher bar than letting people play unfiltered with ChatGPT. The first way to use large language models like GPT-3 is in building virtual agents. We’ve already built that into Cognigy and currently have an open beta program with many customers using it. Since LLMs are designed to generate languages, a conversation designer can use them to build chat flows in seconds, based only on a short description of what it should do or on a customer conversation. Additionally, they can quickly generate training data for intents and lexicons such as lists of city names or food items.

Second, on the customer-facing side of things, which is also something available now within Cognigy.AI, you can use GPT to rephrase standard responses

into unique customer-specific ones by including the conversation history and context. That way you can ensure your business’s process is followed and the correct information is given, but it can be phrased in a personalised way for every single customer. It can also be used to extend natural language understanding capabilities by having it process customer inputs to improve the models understanding of what customers are writing or saying. If a virtual agent asked me how many people are flying and I say “Four people” then it’s straightforward. But if I say “That’s me, my wife and our two kids” it becomes much harder. That’s where GPT comes into play. So, it’s truly a better together story because CAI ensures consistency that your business processes and offers all the orchestration, automation and integration opportunities while GPT enables once unthinkable natural language understanding and generation to personalise every experience at scale.

What are some of the risks lurking behind ChatGPT?

Right now, the biggest risks come from customers directly accessing GPT-3 which opens up the possibilities of things like prompt injection attacks, hallucinations where the model confidently and convincingly gives false answers, as well as the risk of it saying hateful, discriminatory or other controversial things. To be clear, this is the exact same risk if you try ChatGPT directly which is why the current use cases are either on the backend or using GPT to augment processes but not take independent action. Another lesser discussed risk is cost on the customer-facing side. While LLMs offer some amazing advantages, every API call comes at a cost so when you’re thinking about scale, say millions of conversations a year, the additional cost of say rephrasing every single response rises quickly. So, it’s important not to be blinded by the advantages and carefully consider the situations where the added value is worth the added cost.

41 CXO INSIGHT ME MARCH 2023
RIGHT NOW, THE BIGGEST RISKS COME FROM CUSTOMERS DIRECTLY ACCESSING GPT-3 WHICH OPENS UP THE POSSIBILITIES OF THINGS LIKE PROMPT INJECTION ATTACKS, HALLUCINATIONS WHERE THE MODEL CONFIDENTLY AND CONVINCINGLY GIVES FALSE ANSWERS, AS WELL AS THE RISK OF IT SAYING HATEFUL, DISCRIMINATORY OR OTHER CONTROVERSIAL THINGS.

GETTING A GRIP ON USER EXPERIENCE

TO MANAGE THEIR HIGHLY COMPLEX IT ENVIRONMENTS AND ENSURE OPTIMAL USER EXPERIENCE.

SolarWinds has recently launched its observability solution, designed to allow customers to accelerate their digital transformation initiatives by providing single-paneof-glass visibility into modern and distributed digital services. The unified SaaS offering features powerful machine learning and AIOps capabilities designed to ensure the availability and performance of a business’s networks, applications, and infrastructures. In addition, the solution’s expedited anomaly detection, identification, and resolution help ensure service-level and user experience satisfaction objectives are consistently met.

Can full-stack observability accelerate digital transformation?

Digital transformation is a continual process that requires close monitoring for maximum benefit. Observability use cases are broad, and the potential is huge. A very simple use case is moving a workload to public cloud infrastructure. Observability can help measure resource utilisation and optimise the cloud environment before deployment, ensuring a seamless migration and no nasty surprises as well as keeping costs to a minimum.

What are your best practices for DevOps observability?

In development and in DevOps, real-time information about code execution is critical.

Observing different code revisions closely helps optimise the output. But monitoring the code alone is not sufficient. DevOps teams should pay attention to the end-to-end environment the application depends

on to run optimally and deliver great user experience to the intended users. For example, in most applications, the performance depends a lot on the database. So, to get the complete picture, metrics from the database should be collected, analysed, and correlated with other metrics and viewed on the same dashboards.

What is the impact of observability on cybersecurity?

At first when thinking of security tools, things like SIEMs or IAM come to mind. But in fact, even security analysts would benefit from an observability solution to better understand data flow between applications and locations, and discover a baseline of what’s “normal” and hence detect and report any “anomalies”.

Can observability tools tame legacy systems?

While we like to talk about the latest and greatest tech; it’s important to stay in touch with the reality. Lots of legacy infrastructure is still in place and might stay there for longer, as companies have invested significantly in them. So, to deal

SOLARWINDS PROVIDES A COMPREHENSIVE PORTFOLIO OF SOLUTIONS FOR THE NEEDS OF ANY BUSINESS. WE HAVE BEEN WORKING ON CONSOLIDATING AND FURTHER SIMPLIFYING OUR SOLUTIONS, WHILE DELIVERING A UNIFIED PLATFORM THAT IS FUTURE-PROOF WHERE WE WILL CONTINUE DELIVERING INNOVATIVE CAPABILITIES.

with hybrid environments, the tool set must support both, the old and the new.

What is next for observability?

SolarWinds provides a comprehensive portfolio of solutions for the needs of any business. We have been working on consolidating and further simplifying our solutions, while delivering a unified platform that is future-proof where we will continue delivering innovative capabilities. Our platform helps customers consolidate disparate tools, identify and remediate problems faster, simplify and automate their operations, and deliver better services and optimal digital experiences to employees. An example of this effort is tighter integration between our Observability and ITSM solutions, with the goal to deliver a platform that helps organisations fully automate their operations.

ABDUL REHMAN TARIQ BUTT, REGIONAL SALES DIRECTOR OF SOLARWINDS, EXPLAINS HOW FULL-STACK OBSERVABILITY MAKES IT EASY FOR CIOS
INTERVIEW
42 CXO INSIGHT ME MARCH 2023

FIXING THE GAP

How is your experience of being a woman in tech?

I started my career in a multinational company that was naturally quite diverse and inclusive, with many nationalities and a good gender balance, so I really began my career by seeing best practice in action. I was always mindful to work for companies with this kind of ethos, and when I became a leader myself, I have always tried to foster this type of diverse culture.

In general, I think the sector has evolved over the past two decades. The gender balance has improved, although there is still a long way to go to achieve a genuinely good balance, especially in senior and leadership positions, and in core business functions. In many organisations you find women who head departments in support functions but fewer in the core business and decisionmaking roles, so that’s still an area that needs to improve.

What do you think needs to change in the technology sector in the region when it comes to inclusivity?

There still needs to be a drive from organisations to create a more welcoming space for women interested in IT or cybersecurity roles. This could take many forms – from ensuring that recruitment processes are free from unconscious bias, to getting the right processes in place to ensure women feel comfortable in their role and are encouraged to pursue new roles – including promotions - within the organisation when they arise. Longer term, organisations need to make sure they have a good gender balance in their senior leadership and board of

directors. In many companies, especially in IT, women are either overlooked for promotion or wrongly feel they are unsuitable for the role and don’t go for it. It’s important for company leaders, from the very top down, to work with the HR team and employees to foster a culture of diversity, which will go some way to help address these issues. It’s also important for companies to know what they want to achieve in this area –to recognise what success looks like, and develop a plan to work towards it.

I think everybody acknowledges the contribution of women across different sectors and in the community. Wherever you find women in the workplace, they thrive, and we see this in IT as well, despite it being a traditionally been a male-dominated sector. In many cases, women just need a bit more support to succeed.

What challenges do women face in the technology workforce?

The differences between the way women and men work may be quite nuanced, but women do work differently, connect differently, and empathise differently than men, and sometimes this can lead to misunderstandings. This issue will likely diminish as the industry in the region collectively improves the gender balance and we become more accustomed to working with each other. The interesting thing is that these traits – particularly the power of empathy –are very beneficial at work, particularly in terms of relating and interacting with colleagues and customers. This can be a major advantage for women.

I have seen in the past that women working in male dominated sectors and roles often attract a level of criticism

that is not usually directed at men doing the same job. In general, I don’t think there is any malicious intent in this type of criticism, and it may stem from unconscious bias, but it can never-theless be very discouraging for women. It’s important to just let women be themselves and get on with the job, to give them a push and offer the coaching and support they need to thrive.

I like to say to people that women in leadership roles and in sectors where they are usually in a minority are just the same as the women you know at home – your wives, mothers, and daughters, so there is no need to treat women differently in the workplace.

There can be a challenge with career advancement for women which is sometimes because women may have other responsibilities such as looking after children or parents.

What advice would you give to girls considering a career in technology, especially those who may be slightly reticent?

I would say just go for it! Pursue your dream, put the effort in to learn, and expand your horizons and strengthen your network.

How did you get into technology?

It was by chance. I studied finance and economics at university and I started my work in IT as a fresh graduate. It was a field that was becoming more and more interesting, so I it was partly by chance and partly by interest, but I quickly developed a passion for it.

WOMEN REMAIN UNDERREPRESENTED IN THE TECH INDUSTRY. ON INTERNAITONAL WOMEN’S DAY, WE CAUGHT UP WITH FADIA AYAD, REGIONAL SALES DIRECTOR, UAE AND GULF, F5, TO TALK ABOUT WHY WE NEED TO PROMOTE DIVERSITY AND INCLUSION.
INTERVIEW 43 CXO INSIGHT ME MARCH 2023

CREATING NEW VALUE

THE MACRO-ENVIRONMENT: YOUR PUPPET MASTER, OR THE STAGE FOR YOUR SUCCESS IN 2023?, WRITES JESSICA CONSTANTINIDIS, FIELD INNOVATION OFFICER EMEA, SERVICENOW

You need to change. Your Middle East business is under pressure from a range of issues beyond its control. Inflation rates may be normalising but there is still that lingering sense of looking to the horizon for the next crisis. And change is hard. What do you transform and how? You must figure this out because 2023 is a year for boldness. Macroeconomic factors will redefine your business if you do not redefine it first.

To be the author of your own destiny requires a pivot. You must discover

your strengths and amplify them. The Middle East, and especially the Arab Gulf, has some experience in doing more with less. Past market shocks have inspired some great innovation here, with new business models that challenged the norm and exploited market gaps. This is a time for deep introspection and bold steps.

Value where?

I’m sure all of us in business have, at one time, come across a success story and wondered how they did it. What is the

secret sauce? The truth is, there often isn’t one. Innovation can often come out of a simple push to cut costs and increase margins. And that process is merely a matter of looking at everything you do, keeping what matters, and getting rid of what does not.

Where difficulties arise in this apparently simple exercise, they come from data volume and complexity. Sometimes the data is stored for the sake of it, but even when it is considered useful, there is an expense in collection, formatting, storage,

VIEWPOINT
44 CXO INSIGHT ME MARCH 2023

and availability. All of these costs and burdens are targets for improvement. It is worth sifting data into essential and non-essential piles and then carefully considering how to store it properly so it can be used effectively.

This may sound like a rebuilding project, but it is not. Streamlining your systems and business architecture involves consolidating them into a single data layer that brings greater value to the sources and tools you already have. And there are business solutions in the market for doing that. Once you have done the consolidation, you can begin the amplification process.

Scaling up

Amplifying value starts with the people who know your business best. They can point to the most profitable revenue streams and the most valuable resources. These are the business stakeholders who are best placed to not only know what happens in the business on a daily basis, but to know which data can best be leveraged to increase efficiencies, cut costs, and gain insights. Assuming the data on hand is accurate, clean, and stored in a way that makes it readily available, automation and hyperautomation, including machine learning, can start to deliver smoother, smarter workflows; and technologies such as AI can deliver actionable insights that may even be predictive in nature.

Once this smart-technology layer gains momentum, it can suggest changes to practices and strategies that no human could ever have seen. And the humans who would previously have worked on these fruitless analyses can turn their talents to more imaginative areas that machines could never tackle. With human business acumen and machine insights working in tandem, your business is finally within reach of speed and efficiency savings, and an agility that allows you to alter operations quickly and reduce your time to market.

A smarter, more agile, and more cost-effective business is more

profitable. And notice that we are not replacing humans with machines. We are using machines to give humans greater power over their data so they can get more value out of it and make smarter decisions. Humans train AI, they tweak it, and they supervise the use of its results to ensure responsible actions occur.

Case in point

Here is an example of how this works. The UAE is home to some of the world’s busiest airports. As passenger footfall increases, problems can arise from queues at customs. But your data tells you about the passengers — where they are, what time their flight boards, and so on. By assessing the length of queues, the average wait time, and other data points, you can take action in real time, especially if you automate the analysis. Red flags can be raised when queues are too long. Alerts can be relayed to the appropriate teams to create more capacity. And given the right tools, you can even keep passengers updated, informing them of foreseen problems from schedule boards in the airport, or perhaps via mobile app before they even reach the terminal. This can all potentially happen automatically, without human input. We know this because it is already happening at scale across industries in a range of enterprises, from Amadeus to Dubai Airports. Every business accumulates data. But often, it sits unassessed and unused. Until, that is, an innovative enterprise recognises its value potential and puts it to work. If you are not one of these businesses, you can be. Your data mountain is just two steps away from delivering slicker workflows and smart insights that can shave costs and empower employees.

Endgame

With data now available in a single pane, you then have the insights needed to perform the necessary pivot. The value you create will be a shield against the crises around you and all those that follow. This year, above all others, inaction is folly. Failure to invest now will mean that circumstances will dictate the terms of your future. Act, and the macroenvironment will be the stage for your success, rather than becoming your puppet-master.

45 CXO INSIGHT ME MARCH 2023
WITH HUMAN BUSINESS ACUMEN AND MACHINE INSIGHTS WORKING IN TANDEM, YOUR BUSINESS IS FINALLY WITHIN REACH OF SPEED AND EFFICIENCY SAVINGS, AND AN AGILITY THAT ALLOWS YOU TO ALTER OPERATIONS QUICKLY AND REDUCE YOUR TIME TO MARKET.

THE NEW MANDATE

NICK CURRAN, HEAD OF ENDAVA MIDDLE EAST AND NORTH AFRICA, SAYS ‘ITERATIVE INNOVATION’ IS KEY AS UAE DIGITAL PIONEERS EMBRACE EMERGING TECH

As one of the world’s few nations to have conducted a successful mission to another planet, hardly anything is left to be said of the United Arab Emirates’ technological credentials. But for the record, the nation was the first to appoint a minister of state for artificial intelligence; is a perennial early adopter of everything from big data to mixed reality; and is one of the few countries to have clearly defined national strategies for IoT, blockchain, and everything in between.

Also noteworthy are the country’s moves on Web 3.0, the Metaverse, and crypto assets. We could discuss its

ambitions around AML, cybersecurity, and many other areas, but I believe the case is made. If we are in the age of Industry 4.0, then the UAE is the standout example of Nation 4.0 — primed and prepped for the digital age, and already a global hub for innovation. The public sector is awash with e-services, bots (DEWA’s Rammas being a prime example), and digital workflows. Government leadership has inspired the private sector too. In the BFSI industry, Mashreq stands out as a world leader in digital banking and self-service branches, and grocery chains from Spinneys to Carrefour have enlivened their customer experiences. But digital transformation is a journey,

not a destination. Those who have been successful at digital acceleration will tell you so, just as they will tell you that to keep the expedition on track, you must put the end user at the head of the caravan. We have in the past seen the hype around chatbots die down and customers return to favouring human agents. But with the emergence of GPT technology, conversational AI has become more viable, so implementation of these bots may now yield competitive advantage.

No shortcuts

Just because digitisation is a journey, does not mean you cannot take leaps forward. These are not the

VIEWPOINT
46 CXO INSIGHT ME MARCH 2023

same as shortcuts. Everything is still implemented with due diligence. But being on the lookout for that window of opportunity that lies between jumping the gun and missing the boat is an art that must be honed. Think of how quickly GPT emerged. Today’s windows close quickly. And IT budgets are shrinking. Digital pioneers exist in a symphony of challenges, where they need to be smart about where they focus their efforts.

The best way to move forward without tripping over your own ambition is to focus on emerging technologies, evaluate them for cost and potential, and adopt the ones that are affordable and have the greatest potential to transform the business quickly — in, say, six months. You may find great potential in others but by the time you have convinced purse-holders of their value, the window may have closed.

Recent research by Endava reveals the trending technologies for businesses looking to drive impact in 2023. Big data (75%), AI-driven automation (71%) and predictive analytics (72%) occupy the podium places. A third of respondents had already implemented all three technologies and a further third were in the process of doing so.

A missed boat

“Greatest potential” and “affordable”, remember? Not all of these digitisation stories will end in successful transformation within six months. Different businesses will have different uses for different technologies. E-commerce firms will add value with predictive analytics that paints a personalised portrait of the customer, while workflow-heavy organizations like manufacturers and banks will benefit more from automation.

Big data, AI-driven automation, and predictive analytics are the bread and butter of digital businesses. It is why they are being prioritised. Big data makes sense of previously unanalysable information (like social feeds) that are becoming

RECENT RESEARCH BY ENDAVA REVEALS

more common and more relevant to businesses. Automation addresses the do-more-with-less directive faced by many technologists, especially as the “less” pertains to staff numbers. And predictive analytics just flies off the shelves towards would-be innovators who want a glimpse of what is beyond the horizon — everything from a new market trend to malfunctioning mission-critical equipment.

But back when I said “greatest potential” and “affordable”, I made no mention of “obvious”. If we concentrate on trends alone, we may keep up, but we stand little chance of standing out. Our research uncovered a mistrust of overhyped technologies. The Metaverse, for example, was well-known among respondents but 30% of them had not included it in their strategy, and half of that 30% reasoned that the technology was irrelevant to their business. And Web 3.0 was of interest to only 27% of those polled. The very fact that they are in the minority could spell a missed boat for these brands.

Iterate towards perfection

Back to the journey. If we treat digital transformation as an ongoing, iterative process, then the introduction of technologies such as the Metaverse, or Web 3.0 are less of a culture shock. We start small and affordable, sandboxing projects until we can perfect our use of them. Once the capabilities are understood and the business can devise ways of adding value, then greater investment can be justified. It is worth saying at this stage that just because a competitor has released an experience into the market does not mean the window has closed. Even if the release is a relative success, there will be opportunities to improve upon it. Develop expertise, experience, and confidence; build something eyecatching and value-adding; and drive positive change.

A focus on driving short-term efficiency and shunning overhyped technologies is exactly the mindset that leads to “Why change?” anti-strategies and aging infrastructure. Such lumbering mainstays will, in the main, not stay. A least not for long once nimble disruptors gain momentum. Here is the thing about emerging tech: every must-have element of today’s technology suite was once emerging tech. Even if it is a passing fad, any new tech that can be affordably evaluated is worth the hassle. The risk to the business of being the last to adopt the next big thing is just too great.

47 CXO INSIGHT ME MARCH 2023
THE TRENDING TECHNOLOGIES FOR BUSINESSES LOOKING TO DRIVE IMPACT IN 2023. BIG DATA (75%), AI-DRIVEN AUTOMATION (71%) AND PREDICTIVE ANALYTICS (72%) OCCUPY THE PODIUM PLACES.

Pure Storage FlashBlade//E

Pure Storage announced FlashBlade//E, a scale-out unstructured data repository built to handle exponential data growth with industry-leading energy efficiency. At an acquisition cost competitive with disk and much lower operational costs, the introduction of FlashBlade//E means that customers no longer need to settle for disk.

“With FlashBlade//E, we’re realising our founder’s original vision of the all-flash data centre. For workloads where flash was once price-prohibitive, we are thrilled to provide customers the major benefits Pure delivers at a TCO lower than disk,” said Amy Fowler, VP & General Manager, FlashBlade, Pure Storage.

FlashBlade//E provides a better way to manage unstructured data growth efficiently, reliably, and sustainably with a best-in-class user experience and economics that enable customers to eliminate the last remnants of disk in their data centre.

• Economical at scale: FlashBlade//E is offered at under $0.20 per GB including three years of service. The platform starts at 4PB and scales from there with reliable performance.

• Industry-leading energy efficiency: FlashBlade//E consumes up to 5x less power than the disk-based systems it will replace. The larger the system the greater

GameSir X3 mobile gaming controller

the efficiency, helping organisations achieve their increasingly critical sustainability goals.

• Simplicity, reliability, and a non-disruptive future: FlashBlade//E is built to flex and grow on demand with 10-20x more reliability than hard disk-based systems and evolving without disruption or forklift upgrades. With cloud-like simplicity, flexibility and predictable performance, FlashBlade//E remains simple to manage at any scale.

FlashBlade//E will be generally available by the end of April 2023. In addition to traditional purchase, customers will have the option to deploy FlashBlade//E through a new service tier of Pure’s Evergreen//One Storage as-a-Service (STaaS) subscription, providing pay-as-you-go economics and a cloud experience with the control of on-premises deployment.

GameSir, which provided high quality gaming peripherals, has launched its X3 Type-C cooled mobile gaming controller in the Middle East. A wired controller and phone cooler in one, GameSir’s newest generation

of controller provides avid gamers with a host of benefits simultaneously, delivering a console-like mobile gaming experience while serving as a perfect solution to the traditional long-standing issue of phone’s overheating during gameplay.

Designed for pro-level gaming, the Alps 3D joystick and analog thumbsticks allow for smooth and precise 360° control and the controller’s bumpers, triggers, ABXY buttons and D-pad are all accompanied by Kailh switches, ensuring users enjoy crisp tactile feedback. There are also more ways for gamers to customize the X3 Type-C and make this brand-new peripheral their own, with various interchangeable parts including D-pad, thumbsticks and thumbstick caps forming the perfect package for sending users to the next-gen mobile gaming ecosystem. Furthermore, the X3 Type-C efficiently cools down gamers’ phones once plugged in thanks to superior airflow made possible by a 4000 mm² cooling area and 7-blade fan.

PRODUCTS
48 CXO INSIGHT ME MARCH 2023

Xiaomi 13 series

Xiaomi has rolled out its latest flagship smartphone lineup – Xiaomi 13 Series – to its international markets at a product launch event in Barcelona, Spain. Through in-depth product collaborations between Xiaomi and Leica, as part of the Strategic Partnership in Imaging Technology, Xiaomi 13 and Xiaomi 13 Pro aim to offer a brand-new smartphone photography experience to its international users. The dual flagship models are co-engineered with Leica and feature professional optical lenses and advanced computational capabilities. They also include Snapdragon 8 Gen 2 and Xiaomi’s Surge battery management system for exceptional performance.

Xiaomi 13 and Xiaomi 13 Pro’s camera systems were developed with Leica, resulting in a pro-level smartphone photography experience. Each phone has a triple camera setup with Leica lenses for optimal hardware, image quality, and UI/UX design.

Xiaomi 13 Pro’s Leica Vario-Summicron 1:19-2.2/14-75 ASPH. camera system features three lenses covering focal lengths from 14mm to 75mm. The main camera has a 23mm wide-angle lens with a 1-inch IMX989 sensor,

BANG & OLUFESEN BEOSOUND A9

Bang & Olufsen has launched the new generation Beosound A9 and Beosound 2. More than being available in new Black Anthracite, Gold Tone, and Natural finishes, the two speakers now join Bang & Olufsen’s range of future-proof products on the celebrated Mozart software platform.

The 5th generation of Beosound A9 embodies the original features that made it a success over 10 years ago, with detailed improvements. There are a new set of standard finishes, Black Anthracite, Gold Tone and Natural Aluminum. The back covers of the new standard finishes compliment the front covers seamlessly, as do the oak legs and aluminum hardware finishes, for the best overall design aesthetic to date.

A staple of Bang & Olufsen’s portfolio, Beosound 2 is a powerful multiroom speaker that matches a unique highdesign aesthetic with stand-out sound. Originally launched in 2016 and now in its third iteration, Beosound 2 has been transported into the new generation of Bang & Olufsen sound whilst remaining iconic.

Crafted from high-grade aluminum, a material now synonymous with Bang & Olufsen, the instantly

while the telephoto lens uses a floating design to focus from 10cm to infinity. The IMX989 sensor, first seen on Xiaomi 12S Ultra, is the largest ever in a smartphone, providing high dynamic range and light-capturing capabilities for detailed and vivid images.

recognizable cone shape of Beosound 2 commands attention no matter where it’s placed in the room.

Like Beosound A9, one of the major updates to Beosound 2 is the introduction of Mozart, ensuring the exterior craftsmanship and software longevity last for years to follow in equal measure, and that the speaker seamlessly integrates into any luxurious multiroom system.

49 CXO INSIGHT ME MARCH 2023

CONNECTING THE DOTS

Gulf Information Security Expo & Conference, better known as GISEC, was launched in 2012 as a focused platform to address cyber security issues in the region. The organisers recognised that as the region continued to experience rapid economic growth and technological development, there was a corresponding increase in cyber threats and attacks. This created a need for a platform where industry experts, government officials, and cybersecurity professionals could come together to share knowledge and insights on the latest threats and solutions in the cybersecurity landscape.

The rebranding as GISEC Global was done to reflect the event’s growing international profile and to emphasise its role as a leading cybersecurity conference on the global stage. The first edition of GISEC Global was held in 2019 and was attended by over 8,000 visitors from 84 countries, making it the largest cybersecurity event in the region at that time.

Next week, the best-known cybersecurity event in the Middle East will celebrate its 11th edition as, once again, cybersecurity experts, industry leaders, technology vendors, and government officials from the Gulf region and around the world gather in Dubai to discuss the latest trends, threats, and solutions in the field of information security.

The inaugural edition of GISEC brought together more than 100 exhibitors and 2,500 visitors from the UAE and the wider Gulf region. Since then, GISEC has grown in size and popularity, attracting more attendees, exhibitors, and sponsors each year. The 2022 edition saw over 300 global cybersecurity brands and brought together over 10,000 information security professionals from over 70 countries, making it the largest cybersecurity event in the Middle East.

GISEC has expanded beyond traditional information security topics to cover

emerging technologies and trends, such as blockchain, artificial intelligence, and the Internet of Things. A significant differentiator last year was the UAE’s biggest Bug Bounty hunt, which saw 100 ethical hackers coming together to find and fix security flaws. Some examples of significant announcements and developments from previous editions of GISEC:

• 2021 saw the launch of the first-ever Global Cybersecurity Congress by the UAE Cyber Security Council as a platform for government cybersecurity leaders. The edition also welcomed the

• GISEC Global 2020 was held as a virtual conference from June 1-3, 2020, due to the COVID-19 pandemic.

• In 2019, GISEC announced the launch of the Cyber Alliance Program, which aimed to bring together leading cybersecurity solution providers and industry experts to collaborate and share knowledge on the latest threats and solutions.

• In 2018, GISEC announced the introduction of the AI and Machine Learning Conference, which focused on the latest advancements in artificial intelligence and machine learning in cybersecurity.

• In 2017, GISEC hosted several keynote speakers and industry experts who discussed the latest cybersecurity trends and developments. One of the critical topics of discussion was the rise of ransomware attacks and the importance of robust backup and recovery strategies.

• In 2016, GISEC hosted the CyberX Summit, which focused on the latest cybersecurity threats and solutions in the Middle East and North Africa region. The event featured keynote speakers from government and industry, workshops, and panel discussions on topics such as cybercrime, threat intelligence, and incident response.

• In 2015, GISEC featured a number of exhibitors showcasing the latest cybersecurity solutions and technologies, including firewalls, intrusion detection and prevention systems, and endpoint protection solutions. The event also hosted workshops and seminars on topics such as cybersecurity risk management, cloud security, and mobile security.

While ‘digitalise or perish’ may seem extreme, I think we all understand that the pandemic and other disruptions, manmade and natural, provided a massive boost to the digitalisation trend and accelerated the process across sectors while also opening up new vulnerabilities, many unimagined. For example, Global Risks Report 2022 by World Economic Forum noted that the costs of cybercrime are not just financial: critical infrastructure, societal cohesion, and mental well-being are also in jeopardy.

Overall, GISEC has been an essential platform for industry experts, government officials, and cybersecurity professionals to come together to share knowledge and insights on the latest threats and solutions in the cybersecurity landscape.

GISEC has helped raise awareness of the importance of cybersecurity and has contributed to developing more robust cybersecurity practices and policies in the MENA region. The event’s growth trajectory since inception is just a short distance from its bigger and older ICT cousin - GITEX, which completed its 42nd edition last September. They share a common pedigree – they are part of Dubai World Trade Centre’s portfolio of technology events.

AS WE GEAR UP FOR THE NEXT EDITION OF GISEC, SUNIL PAUL, MD OF FINESSE, LOOKS BACK AT THE HIGHLIGHTS OF THE EVENT.
BLOG 50 CXO INSIGHT ME MARCH 2023

Empower your organization with Lenovo Hybrid Cloud solutions

Unlocking opportunity through IT agility –Hybrid Cloud solutions that allow you to grow at your own speed.

Scan to know more

GROW YOUR BUSINESS

What We Provide

Managed Services

Cybersecurity

ELV

Infrastructure

Software

info@realsecure.ae

IT Managed Services, AMC Services

IT Support, IT Outsourcing

Cybersecurity Assessments, Security Training Consulting, Email Security, End-Point Security

CCTV, Access Control & Attendance Systems

IP Telephony, Structured Cabling, Audio-Video

Enterprise Networking, IT Office Setup, IT Relocation, Data Protection, Virtualization

Software Licenses, HEAL Healthcare Solution

Zappy Hire HR Solution, HEAL Vet Veterinary Solution, Smart Inventory, Cash Management

SAVE YOUR COST

SECURE YOUR BUSINESS

+ 9 7 1 4 5 5 7 4 7 1 4
1907 Damac Business Towers, Marasi Drive, Business Bay, Dubai
AND S E A M L E S S D I G I TA L UNCOMPROMISING

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

CONNECTING THE DOTS

3min
page 50

BANG & OLUFESEN BEOSOUND A9

1min
page 49

Xiaomi 13 series

0
page 49

GameSir X3 mobile gaming controller

1min
page 48

Pure Storage FlashBlade//E

0
page 48

THE NEW MANDATE

4min
pages 46-47

CREATING NEW VALUE

3min
pages 44-45

FIXING THE GAP

3min
page 43

GETTING A GRIP ON USER EXPERIENCE

2min
page 42

THE FUTURE CHANGING

4min
pages 40-41

EMPOWERING YOUR SOC

2min
page 39

THE TRUE COST OF AI

3min
page 38

CELEBRATING CHANGE MAKERS

1min
pages 24-26, 28-30, 32, 34-37

KEEPING YOUR DATA SECURE

3min
page 22

THE NEW ORDER

3min
page 20

SECURING THE ENTERPRISE

2min
page 18

THE EXPERTS SPEAK

2min
pages 16-17

A GROWING MENACE INDUSTRY PROS ANALYSE RANSOMWARE TRENDS AND ITS IMPACT ON BUSINESSES

4min
pages 14-15

OWNING THE EXPERIENCE

2min
page 12

LG OPENS INTERACTIVE BUSINESS INNOVATION CENTRE IN DUBAI

3min
page 10

CLOUDFLARE TO DISCUSS ZERO TRUST ACCELERATION AT GISEC

1min
page 9

DU UAE AND HUAWEI SIGN MOU ON 5.5G STRATEGIC COOPERATION

1min
page 9

OPSWAT TO SPOTLIGHT CYBERSECURITY MATURITY AT GISEC 2023

1min
page 8

MANAGEENGINE TO SHOWCASE RECENTLYENHANCED SIEM SOLUTION AT GISEC 2023

0
page 8

SENTINELONE TO SPOTLIGHT INNOVATIVE XDR, IDENTITY AND EDR SOLUTIONS AT GISEC 2023

1min
page 7

SUPERCHARGE YOUR CYBERSECURITY WITH SANS INSTITUTE AT GISEC 2023

0
page 7

NOZOMI TO SHOWCASE OT AND IOT SECURITY SOLUTIONS

2min
page 6

TENABLE TO SHOWCASE EXPOSURE MANAGEMENT PLATFORM AT GISEC 2023

0
page 6

CAN WE WIN?

1min
page 5
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.