CXO Insight ME - Issue 04 - December 2018 by cxoinsightme

WWW.CXOINSIGHTME.COM

ISSUE 04 \ DECEMBER 2018

SHARED SUCCESS HOW MUBADALAâ&#x20AC;&#x2122;S SHARED SERVICES ARM IS REDEFINING CENTRALISED IT DELIVERY MODEL

PLUS

THE HUMAN FIREWALL

SECURITY WITH FOCUS ON PEOPLE FACTOR AT A MAJOR SAUDI UNIVERSITY PUBLICATION LICENSED BY SHARJAH MEDIA CITY

CONTENTS

PRODUCTS

SONY TRAVEL HIGH ZOOM CAMERAS

SHARED SUCCESS

HOW MUBADALAâ&#x20AC;&#x2122;S SHARED SERVICES ARM IS REDEFINING CENTRALISED IT DELIVERY MODEL

NVIDIA JETSON AGX XAVIER

NOKIA 8.1

32 VIEWPOINT

10 FEATURE

YOUR BUSINESS 10 SECURITY IN MULTI-CLOUD 6 NEWS 08 BOOSTING WITH CLOUD ERP DIGITAL IBM TO LEVERAGE AI IN 20 FIVE INFRASTRUCTURE TRENDS INTERVIEW HR OPERATIONS TO LOOK OUT FOR IN 2019

22 TTHE HUMAN FIREWALL

28 TO GET A HANDLE 32 HOW 26 ON THE CUSP OF CHANGE ON DATA ARE YOUR 36 HOW EMPLOYEES USING WORKBLOCKCHAIN IS HERE 38 WHY TO STAY ISSUED DEVICES? THE AMAZON EFFECT

PUBLISHED BY INSIGHT MEDIA & PUBLISHING LLC

MUBADALA INVESTS IN US LOGISTICS PLATFORM IDC: REGIONAL DX SPEND TO REACH $40B BY 2022 SPIRE SOLUTIONS NAMES NEW KSA COUNTRY MANAGER

DECEMBER 2018

CXO INSIGHT ME

INFRASTRUCTURE SOLUTIONS ELECTRONIC SECURITY & SURVEILLANCE SYSTEMS

UNIFIED COMMUNICATION

ELV SOLUTIONS

EDITORIAL

CHANGE IN THE OFFING

ast month, I’d the opportunity to attend two major tech conferences in Europe, where two topics dominated the agenda – cloud computing and cybersecurity. Cloud has been a bit of a non-starter in the Middle East due to a number of reasons, including data residency. I think 2019 will be the year of cloud in the region with major service providers setting up presence in this part of the world, which will go a long way in instilling confidence among users that their data will not leave the geographical boundaries as mandated by regulators. CIOs who have already tested the waters with non-differentiating workloads will now have a compelling business case to revisit this area and move some of their mission-critical systems out of their on-premise data centres to multi-cloud environments to achieve cost and operational efficiencies. As for cybersecurity, I am not convinced that enterprises in the region have got their investment priorities right. Most of them are still focused on investing in traditional security controls, which have been proved woefully inadequate to deal with the new breed of threats. In developed markets, the focus of

Published by

Managing Editor Jeevan Thankappan jeevant@insightmediame.com +97156 - 4156425

Contributing Editor Sarah Rizvi editor@insightmediame.com +97156 - 8949318

security has already shifted from protection to incident detection and response by leveraging technologies such as AI and machine learning. It has become almost certain that we can’t keep bad actors out and the only logical thing we can do is to mitigate risk and limit the damage to business. However, the real problem with cybersecurity is the classic case of missing the forest for the trees. Today, security must be treated as a business problem than a technological one and security leaders will have no choice but to articulate the risk to business and brand reputation while talking to their business leaders. I am not insinuating that security is a losing battle – it requires a radical new way of thinking. Investing in more and more security tools will not protect your enterprise, and it is important to remember that your adversaries have access to the same tools you are leveraging to safeguard your assets. This is why I am firm in my conviction that human judgement is going to be far more important when it comes to finding that needle in a stack of needles. AI and machine learning might help you do the job better, but it really takes battle-hardened CISOs with prudence to take the battle to enemy camps.

Sales Director Merle Carrasco merlec@insightmediame.com +97155 - 1181730

Production Head James Tharian jamest@insightmediame.com +97156 - 4945966

Operations Director Rajeesh Nair rajeeshm@insightmediame.com +97155 - 9383094

Administration Manager Fahida Afaf Bangod fahidaa@insightmediame.com +97156 - 5741456

While the publisher has made all efforts to ensure the accuracy of information in this magazine, they will not be held responsible for any errors

DECEMBER 2018

CXO INSIGHT ME

NEWS

IBM TO LEVERAGE AI IN HR OPERATIONS

BM has announced IBM Talent & Transformation, a new business to help companies and their employees leverage AI and automation. This new business unit will provide not only AI skills training, but also help companies use AI to empower employees, transform workflows, eliminate bias and build a modern workforce. Recent IBM studies reveal that as many as 120 million workers in the world’s 10 largest economies may need to be retrained or reskilled as a result of AI and intelligent automation. The study goes on to say that twothirds of CEOs say AI will drive significant value in HR, yet only 11 percent of Chief Human Resource Officers report their organisations have the AI, data science and machine learning skills needed to fulfill that potential. Further, more than half of employed adults in the US and UK are not confident their companies can use AI for competitive advantage.

“As organisations grapple with the dual demands of undertaking digital transformation and reinventing their businesses and processes through the application of new technologies such as AI, automation and blockchain, the biggest barrier to progress will lie in accessing

MUBADALA INVESTS IN US LOGISTICS PLATFORM

CXO INSIGHT ME

DECEMBER 2018

the right talent and skills,” said Mark Foster, senior vice president, IBM Global Business Services. “IBM believes that building a workforce to compete in the era of AI is as much about culture and specialised expertise as it is about technology.”

Real-time collaborative logistics platform, Turvo has announced that it has closed $60 million in Series B funding led by Mubadala Ventures, the San Franciscobased venture capital arm of Abu Dhabi’s Mubadala Investment Company. Turvo said it also added new investors G2VP and Next47, the Siemens-backed global venture firm. These funds bring the total investment in the company to nearly $100 million. The company further intends to revolutionise logistics with a software platform that creates the ‘Internet of Shipping’, connecting people, businesses, applications, and devices in one AI-driven solution. “This round of funding speaks to the power of our software platform and the exponential growth we are seeing in the business,” said Eric Gilmore, CEO and co-founder of Turvo. “We are excited to partner with world-class investors like Mubadala to bring a truly revolutionary platform to a multitrillion-dollar global industry desperate for change.” Turvo’s Series B funding was led by Mubadala Ventures, a $400 million venture fund that also oversees and manages Mubadala’s $15 billion commitment to the SoftBank Vision Fund.

IDC: REGIONAL DX SPEND TO REACH $40B BY 2022 According to the latest insights from IDC, he annual spending on digital transformation (DX) initiatives in META region will cross the $20 billion mark by the end of this year. The global technology research and advisory services firm expects this figure to more than double over the coming years, passing $40 billion by 2022. “As digital transformation continues to reshape the global economy, innovation will multiply, platform wars will intensify, and data will increasingly be used for competitive advantage,” says Jyoti Lalchandani, IDC’s group vice president and regional managing director for the Middle East, Africa, and Turkey. “And with market leadership ranks being

disrupted, a new ICT world order is taking shape, built around innovative technology offerings, evolving business models, and emerging DX use cases. Given this unprecedented disruption, it’s imperative that organizations make the right decisions today to ensure they remain competitive tomorrow.” By 2020, IDC expects at least 55% of the world’s organizations to be digitally

determined, transforming markets and re-imagining the future through the implementation of new business models and the provision of digitally enabled products and services. And with global DX investments forecast to total $5.9 trillion for the three years between 2018 and 2021, this topic continues to be a central area of business leadership thinking.

SPIRE SOLUTIONS NAMES NEW KSA COUNTRY MANAGER Spire Solutions is expanding its business footprint into KSA with local presence in Riyadh by adding a new country manager to direct its operations there, Ehab Derbas. This move comes as part of the company’s plans to strengthen its regional presence in its second decade of operations. Derbas has extensive experience in sales and management, with an emphasis on IT and cyber security. With over 18 years of experience, he helps organisations understand risk and adopt effective defense strategies and solutions. ‘Saudi Arabia is one of the world’s highest spenders on cyber security, and with good reason. It has a robust economy with some of the region’s biggest organisations, a large population, a strategic

geographic location and a strong consumer spending power. All of this makes it an extremely attractive target for cyber criminals, which explains its growing need for security,’ commented Ehab Derbas, Country Manager KSA at Spire Solutions. ‘With its trusted portfolio of services and solutions to defend against cyber-

attacks, Spire Solutions is well positioned to meet KSA’s security needs. This strategic expansion with local presence in Riyadh and experienced leadership to drive regional operations and sales will help cement our presence in the market,’ said Avinash Advani, CEO at Spire Solutions.

DECEMBER 2018

CXO INSIGHT ME

VIEWPOINT

BOOSTING YOUR BUSINESS WITH CLOUD ERP WHY TODAY’S ERP SHOULD STAND FOR EARN, REST AND PLAY, WRITES ARUN KHEHAR, SENIOR VICE PRESIDENT, BUSINESS APPLICATIONS - ECEMEA, ORACLE. 8

CXO INSIGHT ME

DECEMBER 2018

hor has his hammer, Captain America his shield and Wonder Woman her bracelets of submission. When we’re young, its tools like these we think will make us ‘super’ people. But as we become adults and come to grips with reality, our definition of what it takes to be ‘super’ changes completely. Especially in business, we’ve taken the term ‘super’ to describe leaders who have managed to find the right balance between work and life. The modern superhero we see lauded in the media is someone who is successful in their field while also

making enough time for family and hobbies outside of work. That might mean getting home in time to put the kids to bed, finding time to train for a marathon, or just putting in the hours to learn how to play an instrument. We are in awe of these individuals not because of a tremendous feat of strength or heroic act, but because achieving a perfect work/life balance while running a successful business is one of the hardest things to do as an adult. The job is doubly difficult for CFOs, who are being challenged to navigate a complex economic landscape and be the CEO’s right-hand. It takes more than just superhero thinking and experience to achieve this, it takes super-powered technologies capable of supporting decision-making at the highest level quickly and accurately. Today, it is their ERP cloud application that delivers the real power CFOs need. ERP may stand for “Enterprise Resource Planning”, but it delivers so much more when done right. Here’s why ERP today should stand for “Earn, Rest and Play”, taking the headache of administration out of running a finance organisation for CFOs so they can find the right work/ life balance and prove their true worth as modern superheroes. Equipped with cloud-based ERP applications that add automation to the equation, CFOs can speed up manual tasks as well as eliminating time-consuming and costly upgrades from their routines. Time, instead, can be dedicated to focusing on the more strategic part of their jobs. Given recent Accenture research showed finance staff spend an average of 60% and 70% of their time on tasks such as processing transactions, accounting, controlling, compliance and reporting, that’s a lot more time back in their day. This is important as, for CFOs, being ‘super’ at work has, for a while now, meant more than being good with numbers. In fact, it means ‘getting ahead’ of any uncertainty and equipping themselves with the power

EQUIPPED WITH CLOUD-BASED ERP APPLICATIONS THAT ADD AUTOMATION TO THE EQUATION, CFOS CAN SPEED UP MANUAL TASKS AS WELL AS ELIMINATING TIMECONSUMING AND COSTLY UPGRADES FROM THEIR ROUTINES. of future-gazing, being able to look ahead and have reliable insight over any future scenarios. Nearly half of businesses have changed their models to become more agile and the CFO is expected to be the driving force behind that. Umair Junaid, CFO at Access Power, one of the fastest-growing independent power producers in emerging African and Asian markets, was spending a lot of time manually pulling together the financial reports coming in from the company’s operations across many

different countries. It was a time-heavy process given each region has its own regulations and accounting practices. Junaid also wanted to improve the accuracy of the reports he presents to the management team, so he could value-add and give better guidance on cost-tracking. Automating the process with an ERP Cloud means he has a better handle on reports from across the regions and can use them to facilitate the organisation’s growth plans, but without needing to put more hours in at work. Christophe Eouzan, Chief Accounting Officer at Telcom operator Orange, needed a way to free up both his and the wider corporate finance team’s time so they could focus on higher-level work that would be more valuable in supporting a companywide transformation initiative. Turning to an ERP Cloud to take care of timeconsuming, non-strategic tasks like requisitions, purchase orders, and vendor invoices, Orange has been able to free up finance back-office personnel. Now Eouzan and his team have more time in their day to focus on more important, value-added tasks, such as forecasting, supplier transaction transparency and building a digital working environment which will help the company attract new employees as older employees retire. As businesses become more and more reliant on data, CFOs need to keep being more than numbercrunchers in the workplace if they’re to maximise their earning potential and add value in the right places. ERP can help them to achieve this, making them more productive and successful at work, but while freeing up the time to ‘do it all’. After all, it’s having enough time to dedicate to family, friends, hobbies and their general wellbeing that will make them the ‘super’ business people we read about. ERP with automation capabilities is the tool that’s helping the CFOs who are our modern-day business superheroes.

DECEMBER 2018

CXO INSIGHT ME

FEATURE

CXO INSIGHT ME

DECEMBER 2018

SECURITY IN MULTI-CLOUD

A MULTI-CLOUD ENVIRONMENT POSES SIGNIFICANT SECURITY CHALLENGES, WHICH REQUIRE CISOS TO DEVELOP NEW SECURITY STRATEGIES TO ADDRESS THEM.

or enterprises embarking on digital transformation journey, developing a multi-cloud strategy is key to achieving substantial business benefits as it allows IT leaders to adopt the best available infrastructure, platforms, and software services. While there is no doubt that organisations moving to the cloud will work with multiple service providers to avoid vendor lock-in and optimise costs, it comes with additional challenges in terms of security. Cloud in itself changes how we think about security, and multi-cloud is yet another challenge. The primary issue is that when we move to cloud, we may not be able to provision the same security controls as we had on-premises- and for multi-cloud, the controls may also differ,” says Nicolai Solling, CTO of Help AG. Therefore, today we see many security vendors focusing on being available in all cloud environments, being on all the major public cloud offerings, as well as private and on-premises deployments. The whole purpose is to be able to provision identical security across all environments, he adds. Ross Jackson, VP, Trust Office at Mimecast, says failing to manage complexity at scale is the biggest risk for a multi-cloud approach. Disparate systems require tight identity and access management, authentication and encryption controls. “This was

Nicolai Solling, CTO of Help AG

highlighted in the recent multi-factor authentication (MFA) problem that affected Microsoft Azure services for organisations around the world. Organisations using a variety of SaaS services realised they were susceptible to a single point of failure that they could not control,” he says. Lack of visibility is another key challenge as employees often buy software services or other cloud-based services on their own, circumventing IT organisations. “Poor visibility of what is happening with your application across a multicloud environment is a major security risk. Applications are more and more distributed, delivered through a

DECEMBER 2018

CXO INSIGHT ME

FEATURE

Ross Jackson, VP, Trust Office at Mimecast

combination of micro-services that are designed to deliver very specific tasks and in this architecture, it can become quite difficult to visualise what is a “normal” application behaviour. Being able to identify deviations from normal is imperative to identify exploitations on the system,” says Paulo Pereira, director of systems engineering – emerging markets at Nutanix. Mohammed Muneer, regional director at A10 Networks, says users need to take three specific steps to address visibility when moving workload across multi clouds. “Security, in terms of functionality and enforcement need to operate seamlessly regardless of the environments in which they have been deployed. To undertake this approach, the ability to define and classify information and workloads must comply with each of the various cloud infrastructures being used, while security functionality must be similarly delivered over each cloud infrastructure.” He adds security solutions under consideration must not only be able to apply consistent enforcement and controls across clouds but do so with the same proven features and functions used to protect the traditional network. What are some of the critical steps enterprises should take as they develop their multi-cloud strategies? 12

CXO INSIGHT ME

DECEMBER 2018

Paulo Pereira, Director of Systems Engineering – Emerging Markets at Nutanix As a basic principle, companies need to think beyond cost, says Pereira from Nutanix. “The costs of a security breach, at best can easily take back any potentials saving you made with a cloud supplier selection, and at worst can put you out of business. Beyond cost, companies need to make sure they have the right expertise to work with these cloud environments, they need to have the expertise to be able to build but also operate and react in case of a security breach.” Solling from Help AG says it is a good idea to start by mapping out detailed data flows and then testing ‘what if’ scenarios for continuity and resilience. Data is exploding across your universe and you need to build a threat intelligence system that can respond to this new multi-cloud landscape. “You probably have data leaks that you are not aware of, they contain data that you may not know about. It’s going to be critical for you all to figure out where that is because you can’t derive where your risks are to drive the data that you need to collect to drive to drive to intelligence if you don’t know even what you’re collecting, to begin with,” he adds. Security experts say security policies and practices in the region are not keeping pace with cloud adoption and solutions such as cloud access security brokers aren’t very common yet. “Perceptions around security and risks related to cloud in the Middle East

Mohammed Muneer, Regional Director at A10 Networks

are different to the US and Europe. The economic factors of cloud will continue to drive adoption, and there’s an opportunity for organisations in the region to learn from the mistakes that have already been made elsewhere. Skills and training are a constant need for all organisations looking to tackle these agile new IT approaches,” says Jackson from Mimecast. Solling echoes a similar opinion: “The region is in the early days of cloud, and more so when it comes to cloud security. I am often surprised when talking to clients as they either think that cloud is secure by default, or that the native controls delivered by the cloud provider are good enough. “The fact is that security in the cloud is as complex and as much of a requirement as in any classic data centre infrastructure and the forms of attacks are often very different. As example, the cloud will ultimately cause attackers to focus more intently on client-side attacks and phishing. This means endpointsecurity, identity control and user awareness are becoming very important elements of any robust security strategy.” For enterprises in the region looking to spread their workloads around different cloud service providers, it would be imperative to deploy emerging technologies to secure these environments as traditional security controls are not enough to do the job.

EVENT REPORT

BRIDGING BOUNDARIES VMWORLD, HELD IN BARCELONA TO COINCIDE WITH THE COMPANY’S 10TH YEAR ANNIVERSARY IN EUROPE, SIGNALED VMWARE’S AMBITIONS TO GO BEYOND VIRTUALIZATION TO EMERGE AS A TOP PLAYER IN THE HYBRID CLOUD WORLD, POWERED BY KUBERNETES.

icking off the event, Pat Gelsinger, CEO of VMware, said his company is in a unique position as it has been able to bridge silos of innovation. “We are in the era of tech superpowers – cloud, mobile, AI and edge computing. They bring unimaginable intelligence, and we are just scratching the surface. Each of it is touching every aspect of society and enabling dramatic change. Today, application is the network and a complex one at that.” The CEO added that VMware’s vision is ‘any application, any device, any cloud with intrinsic security. “Today, security is broken. We are spending largest portion of IT budgets on security, yet the number of breaches is increasing rapidly. We need less security products and more security; we need to think of security in a

CXO INSIGHT ME

DECEMBER 2018

fundamentally different way,” he said. Gelsinger went on to add that VMware is not chasing threats but reducing attack vectors. “We invented the idea of micro-segmentation. Now, we are going to leverage AI and machine learning to establish what good behavior is and detect deviations. We are building our advanced application security feature called AppDefense directly into all our core products, and it is already integrated with vSphere Platinum now.” According to Gelsinger, every business is on a multi-cloud journey, and at the show, VMware has announced a slew of new announcements and services for customers running their workloads across major cloud providers, including IBM and AWS. The cornerstone of VMware’s hybrid cloud strategy is the company’s Cloud Foundation architecture, which brings together vSphere, vSAN and NSX. “The new version of Cloud Foundation with support for containers and Kubernetes will be available in February next year on pre-validated hyperconvergence appliances,” said Gelsinger.

At VMworld, the company has also reiterated its commitment to vSAN, which lies at the heart of Cloud Foundation. “We have now over 15,000 vSAN customers, 50 percent of global 2000 and it is the fastest growing HCI solution in the industry today. It is the software-defined cloud solution of choice for customers leaving competition far behind,” said Gelsinger. VMware, which had ambitions to become a major cloud service provider a few years ago, now has set its sight firmly on becoming the number one cloud management company, not just supporting customers who adopt a hybrid cloud strategy but those who continue to use on-prem as well by offering them cloud-delivered management experience. VMware also boasts of a rich set of cloud partners and has announced its partnership with the likes of Alibaba and Rackspace. “Our technology is available across 4500 cloud service providers around the world, accounting for 25 percent of the cloud market. We have also launched cloud automation services to enable developers with a rich set of

services and governed access to any cloud,” said Joe Baguley, VP and CTOEMEA at VMware. Another important announced made the show was the acquisition of the Kubernetes company Heptio to support VMware’s hybrid cloud strategy. Kubernetes is being touted as the de facto standard for managing infrastructure across multiple clouds, and this move is expected to open doors for VMware to engage with the open source community. “You will see us offer Kubernetes interface to all of our core products, and in fact, it is already available with our Pivotal Container Service. Open source has always been important to us, and we are the fourth largest contributor of code to Open Stack,” said Baguley. At VMworld, the company also offered a sneak preview of some key projects under beta. This includes VMware Blockchain, which is a service that provide permissioned blockchain for enterprises consortiums. The service will be integrated into existing VMware tool to help protect the network and compute functions.

DECEMBER 2018

CXO INSIGHT ME

VIEWPOINT

CYBER INTELLIGENCE INSIGHTS

ASHRAF SHEET, REGIONAL DIRECTOR, MIDDLE EAST AND AFRICA AT INFOBLOX, DECODES THREAT INTELLIGENCE

yber threat intelligence (CTI) involves the collection, evaluation, verification, and distribution of information about ongoing and emerging cyber threats and attacks against network assets and infrastructure. It is becoming increasingly difficult and costly for organizations to defend against cyberattacks on their own. More companies are reaching out to their peers and to other sources for threat intelligence data. Below are 7 Cyber Intelligence insights from the Ponemon Institute’s Third Annual Study on ‘Exchanging Cyber Threat Intelligence: There Has to Be a Better Way’. 1200 IT and cybersecurity practitioners were surveyed in the EMEA and US.

Insight 5 59% of enterprises report that their threat intelligence goes stale within minutes. Lack of timeliness makes threat intelligence irrelevant. Only 9% of organisations say they receive threat intelligence in near real time. Insight 6 Only 35% of organisations say their cyber threat intelligence is accurate. Lack of accuracy of CTI is among the top three complaints of enterprises about their threat intelligence data. Working with inaccurate data makes it difficult for any team to make the right decisions.

Insight 1 The #1 barrier to eff¬ective threat intelligence is internal silos among IT departments and lines of business. This finding indicates the importance of a centralised programme and tools to make exchange of threat intelligence easier.

Insight 3 45% of enterprises investigate cyber threats manually. This high percentage of manual cyber threat investigation may contribute to the dissatisfaction with the quality of threat intelligence they’re obtaining. Manual threat investigation leads to slower incident response.

Insight 2 60% of enterprises report that their threat intelligence goes stale within minutes. Lack of timeliness makes threat intelligence irrelevant. Only 9% of organisations say they receive threat intelligence in near real time.

Insight 4 Only 31% of organisations say their threat intelligence is actionable. This means that their CTI does not provide enough context for it to be actionable, making it ine¬ffective for security operations.

CXO INSIGHT ME

DECEMBER 2018

Insight 7 60% of enterprises are only somewhat satisfied or not satisfied with their cyber threat intelligence. Despite the increase in the exchange and use of threat intelligence, most survey respondents are not satisfied with it. The inability to be actionable, timely and accurate are the most common complaints about their CTI. There Is a better way Organisations worldwide must foster integrated cybersecurity solutions that enable teams to automate, consolidate, and coordinate the sharing of up-to-date threat intelligence in order to detect cyber threats earlier and remediate them faster and more comprehensively.

11.02.2019 ATLANTIS, THE PALM

A tribute to the visionaries and pioneers of IT in the Middle East There is no business without IT today and technology has an impact on every aspect of how any business operates. However, harnessing the full potential of IT requires vision and ingenuity, and laser-sharp focus on innovation. CXO Middle East is hosting its inaugural awards to recognise IT leaders who have achieved operational excellence with best practices, new methodologies and right technology resources. The award is designed to honor innovative and forward-thinking IT executives whose actions have had a profound impact on their own organisations and the industry they work in. For nomination related enquiries Jeevan Thankappan Managing Editor Insight Media & Publishing LLC M: +971 56 415 6425 Email: jeevant@insightmediame.com

The awards are open to IT executives anywhere in the Middle East and all entrants for CXO 50 Awards will be evaluated by a judging panel comprising industry stalwarts. If you are an IT pro who has demonstrated innovative leadership with real-world results we would like to hear from you.

For Sponsorship enquiries Merle Carrasco Sales Director Insight Media & Publishing LLC M: +971 55 118 1730 Email: merlec@insightmediame.com

ORGANIZED BY

INTERVIEW

SHARED SUCCESS MANSOOR ALMARZOOQI, CIO OF MDC BUSINESS MANAGEMENT SERVICES, TALKS ABOUT HOW HIS COMPANY HAS CREATED A SUCCESSFUL SHARED IT SERVICES MODEL FOR MUBADALA GROUP COMPANIES AND THE PUBLIC SECTOR IN THE UAE. 18

CXO INSIGHT ME

DECEMBER 2018

hat is your mission as a company? We are the shared services arm of Mubadala, offering a whole spectrum of IT services, integrated facilities management, and business process outsourcing in terms of procurement, HR and financial services. When it comes to IT services, we cater to the technology needs of more than 32 group entities by offering them with turnkey solutions based on a dedicated platform so that they can focus on their core business. Our motto is to deliver customised services and solutions through bestin-class processes and automated systems. We believe in creating value with minimised risks.

Can you tell us about your IT shared services offering? IT shared services is an approach to deliver the core IT services via a common infrastructure platform that is logically segregated and demarcated to provide data privacy. Instead of reinventing the wheel, this approach helps in deploying IT services in a shared service model with emphasis on utilising the common pool of resources resulting in cost savings, efficiency, and consistency for our group companies. We offer a broad spectrum of services spanning across various technologies and domains. It includes core IT services, business application services, financial and treasury solutions and a full stack of ERP solutions. How does this centralised IT delivery model work when you have a diverse range of companies with their unique infrastructure requirements? We are providing them with customised applications, not infrastructure. However, now we have many group companies that approach us to manage their infrastructure or data centres. But, in most cases, what they want is to use our full stack of ERP solutions on a payas-you-go model. How are you different from other service providers? Our experienced and committed team can provide integrated technology solutions that will grow with your business and deliver a secure and sustainable technology infrastructure with a focus on value and riskminimisation. From needs analysis to full-service implementation and support, they will work with you to make sure any new technology solution is a success. We understand the rapidly evolving technology market and can help you navigate the options and find the right solutions for your business. What is your value proposition? We leverage onsite and offsite components with a strong IT governance ensuring an efficient and

OUR EXPERIENCED AND COMMITTED TEAM CAN PROVIDE INTEGRATED TECHNOLOGY SOLUTIONS THAT WILL GROW WITH YOUR BUSINESS AND DELIVER A SECURE AND SUSTAINABLE TECHNOLOGY INFRASTRUCTURE WITH A FOCUS ON VALUE AND RISKMINIMISATION. effective solution delivery. What sets us apart is that we are locally based in the UAE, offering an end to end solution which is truly on demand and scalable. We provide our clients anytime, anywhere access to their applications backed by highly redundant network connectivity with extremely low latency. How do you plan to cater to government entities? Our business line for customers outside of Mubadala group is called Business Pool Cloud, which was set up in just 27 days as opposed to six to twelve months, which is the industry norm. The new cloud platform can offer IT shared services to various government organisations across the emirates with quick turnaround time. This new offering not only allows our strategic customers to enable IT services at a significantly faster rate but also to make significant savings, and more importantly, to focus on their core businesses while we take care of all their IT needs.

The Business Pool Cloud Platform is completely automated and orchestrated; the customers can now provision services themselves without having to wait for the service provider to help, cutting down the provisioning time by 70-80%. This helps improve their time to market that internally helps them become more competitive in the marketplace. We strongly believe that shared services is the way forward for many customers as it considerably cuts down costs and helps them concentrate on their core business; the strategy of ours is in line with the UAE governmentâ&#x20AC;&#x2122;s shared services initiative. Therefore, we will continue to build on our expertise and offer our services across sectors in the UAE in the coming years. Are you looking at blockchain technology as there is a strong push from governments in the region towards it? We see blockchain as a tool and methodology that potentially will creates multiple business channels in future, However, we see there are unresolved challenges due to its distributed nature, and there are no governance or standards reference to leverage between government and private sectors to address all issues related to customers data or systems integration. Security can also be an issue when you connect blockchain to mission-critical systems with sensitive data. Besides, you need to have a strong business case as deploying blockchain can be very costly. What are your plans for the next year? We are going to focus on IoT capabilities. We believe IoT by itself cannot solve the business problem unless it is a complete architecture powered by AI and connected to the secured cloud as the traditional infrastructure setup cannot cope with the amount of data generated by IoT devices.

DECEMBER 2018

CXO INSIGHT ME

VIEWPOINT

FIVE DIGITAL INFRASTRUCTURE TRENDS TO LOOK OUT FOR IN 2019 NEVER BEFORE HAS THE FORTITUDE AND MODERNISATION OF A COMPANY’S DIGITAL INFRASTRUCTURE CARRIED MORE WEIGHT, SAYS ROB LOPEZ, GROUP EXECUTIVE – DIGITAL INFRASTRUCTURE, DIMENSION DATA.

oT, analytics, AI, and data science are changing how companies derive value from data, but the desire for insight must be balanced by responsibility. Dimension Data’s new Technology Trends 2019 report explores seven key areas of focus for companies next year, with digital infrastructure playing a critical role. Here are five trends that will be dominate digital infrastructure in 2019.

Extracting value from data is becoming imperative The rise of the internet of things (IoT), analytics, artificial intelligence (AI), and data science is changing forever how clients derive value from data. Data accessibility is becoming an important driver of infrastructure decisions, with data architecture now the essential prerequisite to infrastructure architecture, largely because the value of the data opens up new business opportunities and differentiates the digital enterprise. Organisations are now architecting their data management capability to capture, store, move, and secure business data. The data architectures they create must afford them speedy access to data from their infrastructure, applications, and IoT implementations – all in order to extract maximum business value. 20

CXO INSIGHT ME

DECEMBER 2018

The desire for insight must be balanced by responsibility Data security continues to grow in importance. We all had to respond to the General Data Protection Regulation (GDPR) in May of 2018, but it’s not an one-off exercise, and we anticipate more industry specific regulation around the world, continuing to raise the bar on best practices. As we collect new types of data, from new types of devices, we have to strike a fine balance between staying compliant with ever-changing regulations and still extracting the value we want from the data. The final factor is the reliability of data. As an organisation’s data is always under attack, it’s important to understand the accuracy of the collected data. Organisations will have to use every technique available to ensure the integrity of their data – validating it using machine learning, correlating it with blockchain, managing processes to protect critical data, and acting only on data from appropriate sources. Increasingly we’ll see the use of policy automation around industry regulation and specific trends within industries around consistent management of data, as well as new tools that will allow clients to define, automate, and enforce their policies.

The edge is getting more intelligent As more organisations turn to

IoT, they’re beginning to explore edge computing. But you can put intelligence at the edge of the cloud or the edge of the network. Data centre players are coming out with ‘micro server’-type products to provide compute capabilities at the edge of the cloud. Networking companies are likewise releasing devices that are able to support compute services to make the edge of the network more intelligent. Wherever you put the added intelligence, the rationale is the same: you do it to deliver faster decisionmaking, while reducing the cost associated with carrying unnecessary data across your network. Advances in machine learning and hyperscale clouds are enabling these new technologies and driving the insights that businesses are looking for from IoT. Companies are evolving their data architectures to enable the rapid processing of aggregated data and so extract more business value faster. Edge processing is driving hybrid WAN But no one wants the benefits of edge processing to be eroded by an unsustainable telco bill. We see edge processing driving the need for a hybrid WAN that offers the optimum blend of connectivity options to properly connect clouds, branches, and edge locations.

ENTERPRISES WILL GRAVITATE TOWARDS PROVIDERS WHO CAN SOFTWARE DEFINE THEIR ENTIRE NETWORK, INCLUDING CARRIERS, TO IMPROVE EFFICIENCY AND REDUCE OPERATIONAL RISK. Enterprises will gravitate towards providers who can software define their entire network, including carriers, to improve efficiency and reduce operational risk.

More business intelligence is coming from the network itself The network is becoming a source of business intelligence, especially in cloud networking and the wireless network. Data is being harvested to develop new services in the workplace and a variety of industry use cases. In the coming year, more organisations will want access to analytics capabilities, so they can leverage the intelligence coming from their networks. For maximum benefit, they want an integrated view that combines network data with intelligence from their applications and infrastructure. They’ll use this to provide location-based services and improve user experience for both employees and customers. For example, more organisations will use Wi-Fi data to analyse employee and customer behaviour. Internally, this will help them measure occupancy, reduce real estate costs by reconfiguring the workspace, and better control building energy costs. Externally, in healthcare and manufacturing, companies will use network insight to track assets, while in retail, it will improve their visibility of footfall, hotspots, and dwell time. Infrastructure is becoming programmable end to end The trend towards programmable infrastructure itself isn’t new, but it’s

becoming more important that your entire infrastructure is programmable from end to end – an increasingly difficult feat given the rate of technology change. Increasingly, businesses are subscribing to multiple cloud platforms and intensifying their use of software-as-a-service (SaaS) providers. Hyperscale cloud providers are expanding into emerging markets, equipment manufacturers are bringing out more hyperconverged solutions, and on-premise private cloud is growing strongly. Making sure your infrastructure meets the needs of business applications and data requires integration with compute, storage, security, and networking environments – in the client’s data centre, in the cloud, and increasingly, at the edge. The main driver of end-to-end programmability is the need to ensure the infrastructure can quickly adapt to meet the changing business needs of applications and data. It also helps to enforce governance and facilitate customisation. Companies are also modernising their infrastructure to improve performance. This requires integration with new technologies, such as flash storage, hyperconverged infrastructure, and edge computing. End-to-end programmability is essential to enable the automatic orchestration of infrastructure by applications via open APIs, wherever the applications are placed and whatever they require from their underlying infrastructure.

Applications are defining infrastructure The latest generation of applications dictate where they run and how they operate. So tighter integration between application outcomes and infrastructure management is becoming critical. Infrastructure will increasingly be used more as the delivery vehicle for the application, with conversations revolving around how to drive business outcomes from them. This discourse has shifted to how an application can exploit the infrastructure to deliver a faster outcome: what is the business need? What applications and processes are needed to deliver it? And how do you build an infrastructure to deliver the desired outcome with best performance, cost, and user experience? The whole purpose of the process is to deliver an application outcome and the infrastructure is one key element in accomplishing that. Containers and microservices are making new demands on infrastructure We’ve moved from an application migration conversation to looking at an organisation’s whole end-view of their applications, including their plans for containers, and from there, constructing an environment that will deliver the maximum value from their application portfolio. New application models like containers drive new infrastructure requirements and challenge most existing infrastructure environments. There’s an overwhelming trend towards microservices as the application model to build next-generation, cloud-native applications. These approaches have infrastructure requirements that most of today’s infrastructure (with the exception of some of the software-driven components and the major clouds) aren’t able to meet. They also drive the need to marry the application and infrastructure together in order to define those requirements.

DECEMBER 2018

CXO INSIGHT ME

INTERVIEW

THE HUMAN FIREWALL

ED SLEIMAN, HEAD OF INFORMATION SECURITY AT KING ABDULLAH UNIVERSITY OF SCIENCE AND TECHNOLOGY IN SAUDI ARABIA, HAS DEVISED A NEW APPROACH TO SECURITY WITH A FOCUS ON PEOPLE FACTOR.

CXO INSIGHT ME

DECEMBER 2018

hat is your mandate at the University? The university is about ten years old and is in a unique position to impact Saudi Arabia and the region. It is one of the few research-focused universities in the Middle East, and my mandate is to protect all the information assets of the University. As you know, Saudi has been a target of cyber-attacks, and we are a sister institution of Saudi Aramco, which witnessed a security incident in 2012. After this incident, we had to manage our risk properly, and we have implemented many security controls to protect us against hackers. Can you tell us about the human firewall programme you have pioneered? Since I joined the University in 2013, we have taken a very proactive approach to security instead of just fire-fighting. I have created a security strategy with its focal point on the human element because people are always the weakest link. If you look at the statistics, most of the breaches were the result of social engineering. People are targeted because they are more vulnerable than machines and software, which can be hardened easily. With people, it takes time because it is a behavioural issue and requires continuous awareness and training. This is why I implemented the human firewall programme, which is a risk-based approach to awareness and training in a measurable way. Look at how security works today - we have taken a layered defense approach by deploying technology at every level, starting with perimeter, networks, and endpoints. No one has really thought about who is sitting behind that endpoint. As a hacker, if you can bypass all these security controls and access the data by manipulating human behaviour,

IF YOU ARE A USER, YOU ARE PRIVILEGED TO BE ON MY NETWORK TO GET HIGH-SPEED CONNECTIVITY AND ACCESS TO DATA THAT YOU NEED; DON’T ABUSE THAT PRIVILEGE AND BE A RESPONSIBLE HUMAN BEING. IF YOU ABUSE THAT PRIVILEGE AND VIOLATE OUR SECURITY POLICIES, WE GIVE BLACK POINTS ASSOCIATED WITH EACH OF THESE VIOLATIONS. it is much easier than finding vulnerabilities or penetrating layers of security. Security is nothing but a risk managing discipline. If my human is the highest risk, then I need to fortify that human and that is the basic concept behind my programme. Many organisations might say they already know that people are the weakest link in security. But, training users on a regular basis is a challenge especially when you have very limited resources at your disposal. If you are a large organisation, how do you know who to focus on? How do you make sure they don’t make any mistakes that will jeopardise your whole organisation? Or how can you tell they have reached a level where they protect the organisation? It is a continuous process, and you have to keep doing it over and over again because people come and go. And there is something else with the human aspect – they tend to forget, and you have to keep reminding them what the new threats are. What is novel about this approach because it’s training and awareness? Yes, it is training and awareness. What is unique about the human firewall programme is how you prioritise to focus on the right individual and measure their progress. I have taken a concept we all are familiar with –

driver’s license. Driving on the streets on any city is a privilege, not a right. If you violate the rules often, then that privilege is taken away from you, and I have applied the same model to our network security. If you are a user, you are privileged to be on my network to get highspeed connectivity and access to data that you need; don’t abuse that privilege and be a responsible human being. If you abuse that privilege and violate our security policies, we give black points associated with each of these violations. We do both active and passive testing of people. We have controls in place that would tell us if users share passwords. We do allow them to share passwords on a limited number of devices because users have multiple devices. But if you go beyond five devices, that means you are sharing your password, which will be flagged by the system and you’d get one demerit point. As part of active testing, we send out phishing simulation mails, and you get dinged by one point if you fall for it. Your risk score will keep going up if you click on attachments or fall for a data entry simulation phishing mail. We also reward users for their good behaviour – if someone reports a suspicious email we log them in the system and send them a thank you note. The fastest reporters get lovely gifts as well.

DECEMBER 2018

CXO INSIGHT ME

EVENT REPORT

MOVING TO T THE EDGE HELD FOR THE VERY FIRST IN EUROPE, THE AKAMAI EDGE EMEA FORUM BROUGHT TOGETHER AKAMAI CUSTOMERS FROM AROUND THE GLOBE TO LEARN ABOUT THE COMPANY’S VISION FOR DIGITAL TRANSFORMATION, EMPOWERED BY THE EDGE. SARAH RIZVI REPORTS FROM BARCELONA.

CXO INSIGHT ME

DECEMBER 2018

he event was kickstarted with a special keynote by the ‘inventor’ of World Wide Web, Sir Tim Berners-Lee, who shared how the Internet was envisioned in the beginning and the way it has evolved over the years. Akamai’s chief executive officer and co-founder, Dr.Tom Leighton, took the stage to add how Tim BernersLee played a big role in helping create Akamai. “We had a lot of influence from Tim and his team while I worked on algorithms and theoretical computer science at MIT. That is when we were presented by the challenge of designing a content delivery platform that could scale as the web continued to grow.” Talking about the significance of the edge, he said: “At Akamai, we have

been working on the edge since the beginning. The edge of the Internet has vastly more collective bandwidth than the large cloud data centres at the core. You are not going to be able to really scale by having things contributed from the core of the data centres. This is why cloud data centres struggle to keep up with all the users, devices and Internet traffic at the edge.” Leighton went on to talk about how the Internet is continuing to evolve and, in particular, how it is morphing from a cloud centric model into one at the edge of the internet. In his presentation titled, ‘Through the clouds: A view from the edge’, Leighton quoted Gartner, saying, “While cloud providers will extend their models closer to the edge, the architecture of the edge will be driven more by technologies that already have physical edge footprints.” Leighton explained that the common misconception is that the capacity bottleneck lies in the last mile - the connection between the local ISP and the end user. “But that was 20 years ago,” he added. “Actually, there is a capacity crunch at the core of the cloud data center. As users demand

high quality video streaming, there is a congestion at the provider’s end creating an imbalance between the available bandwidth at the edge and the core.” Being at the edge also improves performance, according to Leighton. “Another area of prime focus for Akamai is website performance. From the edge, you are closer to the end user, which means that the web pages will load faster. This is important for e-commerce websites, where consumers may leave the site if it loads slowly,” he said. Also, viewers expect online streaming to match the uninterrupted experience of TV, which means high picture quality, fast start-up and no rebuffering. Being at the edge improves latency as well and that is why Akamai is working to embed more and more functionality into its Edge platform to enhance the digital experience, he added. Highlighting Tim Berners-Lee’s dilemma years ago, Leighton said that the solution lies in decentralisation and placing servers right at the edge. “Tim Berners-Lee foresaw the congestion that was to become very familiar to Internet users 20 years ago, and he challenged us to invent a fundamentally new and better way to deliver Internet content.” According to the CEO of Akamai, security is the fastest growing area of business for his company and the most challenging of all. While most think of Akamai as a CDN provider, which contributes to a large portion of the company’s revenue, security business is becoming increasingly significant as well. Leighton attributes this to the growing dependence on Internet, which has made everything vulnerable. When it comes to doing business, protecting your valuable assets is more important and even more complicated than ever before. As attacks are bigger more sophisticated and unpredictable than ever before, cloud data centre defenses aren’t enough anymore. “Today’s expanding threat landscape is a result of glory hounds, political

hacktivism, state-sponsored and cybercrime. The scale of attacks will continue to grow. It is always harder to defend yourself than to attack and the adversaries are taking advantage of the bandwidth available at the edge to launch attacks. An attack of 1.3 Tbps is enough to cripple major cloud data centers, ISPs and even countries. Just imagine what 1000 Tbps could do,” said Leighton. He added that with the proliferation of IoT, billions of people, tens of billions of devices and countless petabytes of information all becoming connected the cloud simply cannot keep up. Also, while blockchain is poised to revolutionalise the financial payment and transaction landscape, the cloud is insufficient because it doesn’t scale. Akamai uses a defensive shield to absorb attack traffic at the edge and block application layer attacks. In addition to this, the company is working on a blockchain payment platform that is still in the initial stages and scheduled to be implemented in 2020. “We are exploring the possibilities of adding blockchain to our platform and expect to achieve high availability, speed and sufficient transaction handling capacity through this technology,” said Leighton. Akamai advocates a zero-trust security model, in which no one can be trusted, not even the employees. “People are the weakest link in security. Despite all training and education, they make mistakes, such as clicking on a malicious link to become infected with malware. In the traditional security model, which uses VPN connections, hackers can also penetrate the company network,” Leighton added. He emphasized that while usually internal apps are safeguarded with a perimeter defense, most breaches are triggered from inside the perimetre. “You need to protect your internal apps the same way you protect your external apps - as if there were no perimeter. With the zero-trust model, nobody has access to the corporate network and users do not communicate directly with applications.”

DECEMBER 2018

CXO INSIGHT ME

INTERVIEW

ON THE CUSP OF CHANGE CHRIS POPE, VP INNOVATION AT SERVICENOW, TALKS ABOUT HOW THE SERVICE DESK HAS TRANSFORMED IN THE DIGITAL ERA AND THE ROLE OF EMERGING TECHNOLOGIES IN THIS TRANSFORMATION

ow is ITSM evolving in the digital transformation era? ITSM plays a key role in any organisation undergoing digital transformation as it improves business processes and makes the workforce more agile and alert to customer demands. In the ITSM space, digital transformation has enabled the modern workforce to digitalize all processes through collaboration tools. There are a number of things that can be done to digitalise a process – there are applications that can create a great user experience, or it can be in the manner you notify and communicate with the users. This essentially means that all the communication, whether it is scheduling work, managing work or answering risk-based questions, is being done in a collaborative way by following a set of processes without even realising it. Another big change is in the way the traditional service desk used to function and serve the end user. Today, consumers want information and support round the clock which has necessitated ITSM to evolve to be the next generation of service delivery. How is automation helping to streamline IT support and are there any challenges to this automation? 26

CXO INSIGHT ME

DECEMBER 2018

Automation has allowed support teams to auto-generate high-priority incidents for alerts based on severity, trigger service desk workflows and automated remediation. It also helps in providing consolidated real-time information about services and their status. This means that the support staff now has

THERE ARE A NUMBER OF THINGS THAT CAN BE DONE TO DIGITALISE A PROCESS – THERE ARE APPLICATIONS THAT CAN CREATE A GREAT USER EXPERIENCE, OR IT CAN BE IN THE MANNER YOU NOTIFY AND COMMUNICATE WITH THE USERS.

faster access to the right information for guidance on issue resolution, resulting in increased efficiency and productivity. With better insights into what people are doing and how they do it, IT has been freed from managing all the physical pieces of infrastructure and applications, to concentrate on business problems. Automation depends on the integrity of two key things – data and processes. It is important to understand if the data is accurate and of high quality because you can only automate based on known and structured vectors. Also, if you automate a bad process, then the entire model is going to fail. Organisations also need to understand that there are no off-the-shelf automation routines that fit every customer’s needs perfectly. How are you tapping AI and machine learning capabilities? AI and machine learning are not new as concepts, and while the market is interested, it still views them as upcoming technologies. We have been working on AI and machine learning for almost a year and a half now, and we look at it in terms of how these technologies can help customers get better insights and solve problems. For example, we conducted a survey

MACHINE LEARNING ALGORITHMS CAN ACCURATELY CATEGORIZE AND ROUTE TASKS, IDENTIFY PATTERNS TO PREVENT FUTURE ISSUES, TRACK THE ORGANISATION’S PERFORMANCE AGAINST PEERS AND USE ANALYTICS TO ASSESS AND PREDICT PERFORMANCE. that shows that a significant amount of time was traditionally spent on deciding how important a customer’s call is, what kind of problem they are facing and who will be fixing it. We are using machine learning to drive new levels of automation by pushing machines to get work done faster. Machine learning algorithms can accurately categorize and route tasks, identify patterns to prevent future issues, track the organisation’s performance against peers and use analytics to assess and predict performance. Hence, the service desk has evolved as new AI and machinelearning capabilities continue to change the way employees interact with technology and devices. By using artificial intelligence and machine learning we are also able to reduce costs and time to reach a resolution. How are you expanding your service management capabilities beyond

IT to include HR, security and other departments? After perfecting the service management framework within IT, we have expanded its capabilities to interact with other departments like HR, security, legal, finance, etc. Traditionally, IT service management solutions were not designed as enterprise-wide platforms. However, a lot of the same service management principles apply to these departments and this is a natural progression as IT already deals with several similar or related activities. As an example, a lot of times the things that are requested from IT, like a new phone or laptop are because of an event originating from the HR department, like onboarding a new employee. Similarly, other departments also need to interact with IT from time to time and vice versa. So, we have expanded into other departments using the same tried and tested

principles as a natural extension to our service management product. What can CIOs do to transform their IT help desks? Considering the rate at which technology is evolving and the number of different solutions available in the market, today’s CIO needs to devise a comprehensive IT service management strategy to meet the challenges. This can be done by implementing a smart service desk to modernise operations and drive productivity. As the service desk is no longer a resource for IT alone, CIOs need to find a solution that can scale across different departments. Since transforming the IT helpdesk is not necessarily a huge investment, CIOs can decide to start small and then scale over time. Ideally, they need to look for a specific problem they are trying to solve, like removing a legacy platform and decide on the solution to transform it.

DECEMBER 2018

CXO INSIGHT ME

VIEWPOINT

THE AMAZON EFFECT

TERRI HISKEY, VICE PRESIDENT OF GLOBAL PRODUCT MARKETING FOR MANUFACTURING AT EPICOR SOFTWARE, ON HOW MANUFACTURERS CAN GAIN BACK MOMENTUM

he “Amazon Effect.” It’s a term many have heard, but what does it mean? While it can mean different things to different people, in general, it refers to the phenomenon of how consumers’ interactions with Amazon are driving new expectations for how buyers and suppliers interact with businesses, including manufacturers. With Amazon, we search for what we need, and receive a listing of items with starred rankings alongside customer reviews. Once we decide to buy, we may purchase that product with Amazon One-Click if Amazon has our payment information on file. Once the order is placed, we receive a link to track the product from the moment the order is placed to the moment it’s received. Convenient, personalized, and frictionless. It’s exactly the type of experience customers want. 28

CXO INSIGHT ME

DECEMBER 2018

The Amazon Effect is prompting many manufacturers to kickstart their digital transformation journeys. According to recent research, more than 8 in 10 business buyers want the same experience as when they’re buying products for themselves. Consider the following: • Almost 75% of business buyers expect vendors to personalize engagement to their needs • More than 66% expect Amazon-like buying experiences • Two-thirds have switched vendors for a more consumer-like experience Business-to-business buyers want to search and discover their options with a multitude of products all in one place before seamlessly placing an order online, that is trackable up until the moment it is received. Manufacturers are now expected to provide such

visibility to their end users as well as a more holistic and simplified buying experience. To this end, manufacturers must think about how they can add and extend value beyond simply delivering a product. This might include providing new services around products such as after-market servicing. Customisation can also give manufacturers a key differentiator and some are even testing out maketo-individual production models. For manufacturers, this means being able to accommodate engineer-to-order, configure-to-order, make-to-order, and assemble-to-order manufacturing modes to meet these specified requirements. Make no doubt about it, the Amazon Effect is driving significant change in how manufacturers operate. However, with great change comes great

TO KEEP UP WITH THESE NEW DEMANDS AND EXPECTATIONS, MANUFACTURERS MUST EMBRACE DIGITAL TRANSFORMATION— SUPPORTED BY ERP—TO LIBERATE AND LUBRICATE THE FLOW OF INFORMATION AND WORK PRODUCT ACROSS THE ENTERPRISE. opportunity. Manufacturers adopting customer-centric strategies are poised to realize significant bottom-line gains. How Industry 4.0 helps manufacturers compete in an Amazon era As manufacturers face pressure to deliver an Amazon-like experience, they must also streamline back-end operations via Industry 4.0 approaches, including the Internet of Things (IoT), artificial intelligence and machine learning, robots and automation, and big data and analytics. These approaches support greater flexibility, agility and responsiveness, which contributes to improved customer satisfaction. At the center of manufacturing digital transformation, IoT streamlines and simplifies manufacturing processes. A drone makes quick work of the

previously manually intensive job of inventory counts. Meanwhile, a “Google Maps” universal digital view of the connected factory floor supports improved operational awareness of when machines show signs of performance degradation or maintenance needed, so workers can step in to keep lines running smoothly, avoiding major mechanical breakdowns. Employees wearing smart gloves with 2D barcode technology can track and trace parts with a simple glove scan. Haptic feedback provides user confirmation that the right product has been scanned, providing a new level of process quality and efficiency. Advanced algorithms are also changing the way manufacturing is done. Smart factories with integrated IT systems provide relevant data to both sides of the supply chain more readily, leading to increased production

capacity and productivity. Artificial intelligence enables information to be made actionable to drive decisions around adjusting processes or predicting future behavior based on past trends. Robots and other automated technologies are integral in improving speed and efficiency, allowing manufacturing companies to optimize production work flows, inventory, workin-progress and value chain decisions. The Amazon Effect has done far more than condition consumers to a new way of transacting. It’s ushering in new ways of working, dictating changes from the front-end to the back-end of your business. We’ve become used to immediacy and intuitiveness of transactions, and we now expect the same from processes and products, requiring faster innovation from manufacturers. To keep up with these new demands and expectations, manufacturers must embrace digital transformation— supported by ERP—to liberate and lubricate the flow of information and work product across the enterprise. This increases production and transparency, while decreasing costs and down time—with the ultimate goal of satisfying customer expectations.

DECEMBER 2018

CXO INSIGHT ME

BLOG

10 WAYS TO FEND OFF DATA BREACHES AMIT MEHTA, REGIONAL HEAD OF SECURITY FOR MASTERCARD, MIDDLE EAST AND AFRICA, ON HOW TO PREVENT SECURITY BREACHES.

he risk of data breaches has increased significantly over the years. Every organization should consider it as an ongoing business risk and should implement appropriate security safeguards to not only prevent but also deal with it. A number of best practise frameworks and international security standards are available and can provide the required knowledge to deal with security incidents. It’s critical for organisations to prepare for such incidents and carve out an appropriate response strategy based on its risk appetite. Responding effectively to data breaches is critical to both your operations and reputation. If not managed well, breaches can present a range of immediate and ongoing risks. The following are some of the best practises that organisations can use to better prepare and respond to data breaches: 1. Establish effective monitoring Establish measures to constantly monitor your data for potential security breaches – detecting a breach quickly to contain and limit its impact. Assign responsibility for monitoring access to, and exportation of data, combined with analysis of industry intelligence, regular systems testing, employee education and training, and partnerships with customers and partners to ensure a comprehensive approach. 2. Appoint an incident response team Identify the skills and expertise required to support your response to a breach. In addition to technical expertise, all key functions including legal, communications, HR and finance must be represented. Those nominated must be briefed on the role of the team, as well their individual

CXO INSIGHT ME

DECEMBER 2018

responsibilities. Ensure training is provided to build confidence and competence. 3. Build a culture of cybersecurity awareness Cybersecurity must be the responsibility of all employees. Educate employees on potential security risks, encouraging a culture of awareness. Ensure employees know how to report suspected breaches and instil the principle of ‘prudent overreaction’ to ensure all threats are escalated. 4. Understand the regulatory landscape The regulatory environment for data protection and privacy is complex, operating as a matrix across countries, regions and continents. During business-as-usual, map the relevant regulatory bodies for the data you hold and understand their expectations and requirements in the event of a breach. 5. Build relationships with law enforcement Law enforcement can be a valuable resource during a cyber breach. In addition to providing guidance on actions to take to protect your organisation and apprehend threat actors, law enforcement agencies can be a valuable conduit for sharing crossindustry information. Work with local law enforcement agencies during businessas-usual to understand how you will work together in the event of a breach. 6. Identity specialist resources Responding to data breaches can require extraordinary resource – be it responding to customer enquiries, conducting forensic analysis, providing specialist legal guidance, or providing monitoring and support to impacted data subjects. These resources should be identified and briefed in advance, to ensure they can be promptly mobilised should a breach occur. Consider

putting critical suppliers on a retainer/SLA to guarantee support. Check your cyber insurance policy to see if your insurance company will provide access to specialists, such as lawyers, media management, call centres or cyber forensic specialists, as part of your policy. 7. Develop a cyber breach response plan Codify your response structure in a breach response plan – a step-by-step guide you can use during a breach. The plan should contain: • Alert, escalation and mobilisation • Incident response team membership • Roles and responsibilities • Priority actions • Meeting structure and discipline • Approval process • Communication • Tools and templates 8. Work through the logistics It is important to ensure your cyber response plan is not built on assumptions. Understand the tactical steps required to implement your plan and ensure these can be fulfilled in required time frame. For example, access to foreign currency for local transactions; identified contacts for key partners/stakeholders; mobilisation of specialist resources; and recalling IT equipment and restricting access. 9. Debate the critical decisions While each breach will present different challenges, there are some common strategic decisions, which can be debated during business-as-usual. Agreeing to a position on these can save time during live response. This could include: • Whether to pay a ransom or extortion demand • Whether to communicate internally and externally • When and who to mobilise as a spokesperson • Who should approve the costs to engage a forensic investigator 10. Rehearse Only through stress-testing your response against realistic scenarios will you be able to test its efficacy and identify potential gaps. Rehearsing your cyber response through regular training and exercises not only highlights areas for improvement, but also enhances the skill and capabilities of incident response team members, and drives a cycle of continuous improvement.

What does progress look like for you? Your journey into the digital future is unique. As your software partner we have the vision and industry expertise to help chart your courseâ&#x20AC;&#x201D; and the technology to take you wherever that path leads.

Designed for progress

infor.com @InforMiddleEast

VIEWPOINT

HOW TO GET A HANDLE ON DATA DAVE RUSSELL, VICE PRESIDENT FOR PRODUCT STRATEGY AT VEEAM, ON MEETING THE INTELLIGENT DATA MANAGEMENT NEEDS OF 2019

he world of today has changed drastically due to data. Every process, whether an external client interaction or internal employee task, leaves a trail of data. Human and machine generated data is growing ten times faster than traditional business data, and machine data is growing at 50 times that of traditional business data. With the way we consume and interact with data changing daily, the number of innovations to enhance business agility and operational efficiency are also plentiful. In this environment, it is vital for enterprises to understand the demand for Intelligent Data Management in order to stay one step ahead and deliver enhanced services to their customers. Iâ&#x20AC;&#x2122;ve highlighted 5 hot trends in 2019 decision-makers need to know â&#x20AC;&#x201C; keeping the Europe, Middle East & Africa (EMEA) market in mind, here are my views: 32

CXO INSIGHT ME

DECEMBER 2018

1. Multi-Cloud usage and exploitation will rise. With companies operating across borders and the reliance on technology growing more prominent than ever, an expansion in multi-cloud usage is almost inevitable. IDC estimates that customers will spend US$554 billion on cloud computing and related services in 2021, more than double the level of 2016. On-premises data and applications will not become obsolete, but that the deployment models for your data will expand with an increasing mix of onprem, SaaS, IaaS, managed clouds and private clouds. Over time, we expect more of the workload to shift off-premises, but this transition will take place over years, and we believe that it is important to be ready to meet this new reality today.

October this year, flash memory supply is expected to revert to a modest shortage in mid-2019, with prices expected to stabilise largely due to the ramping of Chinese memory production. Greater supply and improved pricing will result in greater use of flash deployment in the operational recovery tier, which typically hosts the most recent 14 days of backup and replica data. We see this greater flash capacity leading to broader usage of instant mounting of backed up machine images (or copy data management). Systems that offer copy data management capability will be able to deliver value beyond availability, along with better business outcomes. Example use cases for leveraging backup and replica data include DevOps, DevSecOps and DevTest, patch testing, analytics and reporting.

2. Flash memory supply shortages, and prices, will improve in 2019. According to a report by Gartner in

3. Predictive Analytics will become mainstream and ubiquitous. The predictive analytics market is

forecast to reach $12.41 billion by 2022, marking a 272% increase from 2017, at a CAGR of 22.1%. Predictive analytics based on telemetry data, essentially Machine Learning (ML) driven guidance and recommendations is one of the categories that is most likely to become mainstream and ubiquitous. Machine learning predictions are not new, but we will begin to see them utilizing signatures and fingerprints, containing best practice configurations and policies, to allow the business to get more value out of the infrastructure that you have deployed and are responsible for. Predictive analytics, or diagnostics, will assist us in ensuring continuous operations, while reducing the administrative burden of keeping systems optimised. This capability becomes vitally important as IT organisations are required to manage an increasingly diverse environment, with more data, and with more stringent service level objectives. As Predictive Analytics become more mainstream, SLAs and SLOs are rising and businesses’ SLEs, service level expectations, are even higher. This means that we need more assistance, more intelligence in order to deliver on what the business expects from us. 4. The “versatalist” (or generalist) role will increasingly become the new operating model for the majority of IT organisations. While the first two trends were technology-focused, the future of digital is still analogue: it’s people. Talent shortages combined with new, collapsing on-premises infrastructure and public cloud + SaaS, are leading to broader technicians with background in a wide variety of disciplines, and increasingly a greater business awareness as well. Standardisation, orchestration and automation are contributing factors that will accelerate this, as more capable systems allow for administrators to take a more horizontal view rather than a deep specialisation. Specialisation will of course remain important, but as IT becomes more and more fundamental to business outcomes, it stands to

I BELIEVE 5G WILL LIKELY BE MOST QUICKLY ADOPTED BY BUSINESSES FOR MACHINETO-MACHINE COMMUNICATION AND INTERNET OF THINGS (IOT) TECHNOLOGY. CONSUMER MOBILE NETWORK SPEEDS HAVE REACHED A POINT WHERE THEY ARE PROBABLY AS FAST AS MOST OF US NEED WITH 4G. reason that IT talent will likewise need to understand the wider business and add value across many IT domains. Yet, while we see these trends challenging the status quo next year, some things will not change. There are always constants in the world, and we see two major factors that will remain top-of-mind for companies everywhere.

a. Frustration with legacy backup approaches and solutions. The top 3 vendors in the market continue to lose market share in 2019. In fact, the largest provider in the market has been losing share for 10 years. Companies are moving away from legacy providers and embracing more agile, dynamic, disruptive vendors, that are needed to thrive in the data-driven age. b. The pain points of the 3 C’s: Cost, complexity and capability These 3 C’s continue to be why people in data centers are unhappy with solutions from other vendors. Broadly speaking, these are excessive costs, unnecessary complexity and a lack of capability, which manifests as speed of backup, speed of restoration or instant mounting to a virtual machine image. These three major criteria will continue to dominate the reasons why organisations augment or fully replace their backup solution. 5. The arrival of the first 5G networks will create new opportunities for resellers and CSPs to help collect, manage, store and process the higher volumes of data In early 2019 we will witness the first 5G-enabled handsets hitting the market at CES in the US and MWC in Barcelona. I believe 5G will likely be most quickly adopted by businesses for Machine-toMachine communication and Internet of Things (IoT) technology. Consumer mobile network speeds have reached a point where they are probably as fast as most of us need with 4G. 2019 will be more about the technology becoming fully standardised and tested, and future-proofing devices to ensure they can work with the technology when it becomes more widely available, and EMEA becomes a truly Gigabit Society. For resellers and cloud service providers, excitement will centre on the arrival of new revenue opportunities leveraging 5G or infrastructure to support it. Processing these higher volumes of data in real-time, at a faster speed, new hardware and device requirements, and new applications for managing data will all present opportunities and will help facilitate conversations around edge computing.

DECEMBER 2018

CXO INSIGHT ME

VIEWPOINT

CYBERSECURITY PREDICTIONS FOR 2019 MOREY HABER, CTO, BEYONDTRUST, LISTS OUT CYBERATTACK TARGETS AND OUTCOMES TO WATCH OUT FOR NEXT YEAR

here are three jobs in this world where you can be completely wrong all the time and still not have to worry about being fired. One is a parent. Another is a weatherperson. And the last one is a technology trends forecaster. Having failed as a weatherman, and with the results of my parenting skills still up for debate, I have turned my mental prowess toward bold predictions on the state of data breaches, IT security, and cyber risks!

CXO INSIGHT ME

DECEMBER 2018

I have categoriSed this list of predictions into two categoriesâ&#x20AC;&#x201D;attack vectors/targets, and attack outcomes. Attack vectors/targets include the mechanisms cyber attackers will use, as well as their ultimate objectives. Attack outcomes include how organisations will respond. Attack vectors/targets Privileged attacks continue - Privileged attack vectors will continue to be the number one root cause of breaches for

both consumer and business data. While Gartner acknowledged that Privileged Access Management as the top security priority for 2018, many organisations are still in denial of their privileged account risks, which frequently stem from poor password management hygiene. 2019 will see even more high-profile breaches. Organisations must discover and manage their privileged accounts because the attack vector is not going away anytime soon, and ugly newspaper headlines will continue to plague boardrooms. Well-known vulnerabilities will continue to dominate cyber-attack reports - The pattern of successful attacks through the use of well-known and entirely preventable vulnerabilities shows little sign of abating. Organisations continue to focus their efforts injudiciously, ignoring the lower severity vulnerabilities with known exploits in favor of largely academic, high severity vulnerabilities. This leaves their systems vulnerable to becoming footholds, which can then open up pathways for further exploitation, resulting in major data exfiltration incidents. Artificial Intelligence (AI) on the attack â&#x20AC;&#x201C; Skynet is becoming self-aware - 2019 will see an increasing number of attacks coordinated with the use of AI/Machine Learning. AI will analyse the available options for exploit and develop strategies that will lead to an increase in number of successful attacks. AI will also be able to take information gathered from successful hacks and incorporate that into new attacks, potentially learning how to identify defense strategies from the pattern of available exploits. This evolution may potentially lead to attacks that are significantly harder to defend against. Industrial control systems come into focus - The next few years will see an increase in the attention that ICS/SCADA systems attract from cybercriminals and nation-state hackers. The opportunity to create ransomware scenarios directly affecting critical national infrastructure will draw attention from cyber criminals motivated both, by financial gain, as

well as those who are looking to develop weapons in the evolving cyber-frontline. Historically, Operational Technology (OT) teams have been reluctant to engage with IT security practices, but we are seeing this change as all teams recognise that cybersecurity is a critical aspect of business continuity. The supply chain is at risk - Major security breaches will continue to dominate the news, but the latest form of attacks on organisations will come in the form of an attack on their supply chains. Considering the recent Bloomberg article accusing China of embedding chips the size of a grain of rice into supermicro servers, and previous attacks using embedded chips on printers purchased by the United States Government, the threat is very real. Corporate attacks and corporate espionage will take on a whole new meaning as more supply chain attacks with embedded malware are discovered. But this is the tip of the iceberg in terms of cyber threats—the major devices targeted will be IoT and will range anywhere from consumer-based routers to home-based nanny cams. Expect the supply chain for many vendors, including those that produce personal digital assistances, to be a new target from threat actors who infiltrate environments and insecure DevOps processes. Attack outcomes Android closes open access Android will no longer be fully open and extensible. Google has already announced that only the “default” application can access calls and SMS texting data for the next release of Android, and the default application must be explicitly set in the configuration. No longer can multiple applications—including tools used for spam detection—be shared with your favorite calling and texting applications. Expect Google to continue this trend to fight malware and spyware by closing more of the operating system in the name of security. Monetising data - Infonomics will begin to become mainstream and, just

CONSIDERING THE RECENT BLOOMBERG ARTICLE ACCUSING CHINA OF EMBEDDING CHIPS THE SIZE OF A GRAIN OF RICE INTO SUPERMICRO SERVERS, AND PREVIOUS ATTACKS USING EMBEDDED CHIPS ON PRINTERS PURCHASED BY THE UNITED STATES GOVERNMENT, THE THREAT IS VERY REAL. like other intellectual property, expect businesses to begin applying a value to the data and disclosing the information they have and what it costs “for sale”. If you think this is farfetched, consider the value of GPS data over the last 30 years. From the early days of MapQuest to dedicated GPS receivers, driving and transportation data has become a commodity. However, if you start layering other data—like traffic, construction, etc.—used by the likes of Waze, you have a highvalued database that will become crucial for autonomous cars. There is real value there, and it will come at a price to car manufacturers. The data itself therefore has a value, and businesses will begin rating themselves more publicly on the Infonomics they possess. And not just to private equity firms or other businesses looking at merger and acquisition activities, or purchase of the information. Millennials ruin everything–evolving definitions of privacy - The millennial generation will share almost anything on the Internet. Social media has proven that almost anything goes regardless of its perceived sensitivity. This implies that nearly an entire generation has a lower sensitivity to private data and that a “who cares” attitude for sensitive information is beginning its own movement. In addition, as we become numb to data exposure, expect some push back from the youngest voting group regarding the data being exposed due to a hack. If most sensitive personal data is public (like name, email, address, birthday, etc.)

and only the most important information protected (national ID numbers, bank records, credit cards), the value is diminished for anything already being exposed today and the “who cares” movement has begun. Expect data classification to evolve based on the youngest users, and what we consider private today will not be private, or of a concern, tomorrow. Centralised information brokers emerge - In an effort to protect and control the exposure of personal data, information ‘brokers’ will begin to emerge. These services will provide centralized mechanisms that allow granular sharing of data so that only the essential data is shared for whatever service you are signing up to. The EU has been working on digital identity in this form for several years and may well be the first to bring that into full effect, but others will follow in providing a mechanism by which our data is decentralized. This will help limit individual data exposures when systems are compromised and allow more control by individuals over their data and who has legitimate access to it. In closing, as in any cyber defense strategy, I first recommend getting the basics right—secure your privileged accounts, eliminate excessive user privileges, ensure secure remote access to critical systems, patch the vulnerabilities with known exploits, and report, report, report. I wish you all a prosperous and attackfree 2019!.

DECEMBER 2018

CXO INSIGHT ME

VIEWPOINT

HOW ARE YOUR EMPLOYEES USING WORK-ISSUED DEVICES? MICHAEL MADON, SVP & GM OF MIMECAST SECURITY AWARENESS, REVEALS A LOOMING CYBERSECURITY CRISIS THIS HOLIDAY SEASON.

he holiday shopping rush is in full swing, and employees are increasingly using company-issued devices to complete their gift purchases while at work. In fact, recent research from Robert Half Technology found that 75% of employees admitted to shopping during work hours on a company device on Cyber Monday and 23% spent even more time online bargain hunting while at the office. This data shows how critical it is for organisations to be aware of the risks that their employees pose throughout the holiday season, and beyond. To explore what today’s employees are doing during work hours when it comes to web usage, Mimecast surveyed more than 1,000 people who use company-issued devices (i.e. mobile phones, desktop computers or laptops) in the workplace. This allowed us to get a better sense of not only their behaviour, but also their awareness of basic threats plaguing organisations. We also inquired about how much—if any—cybersecurity awareness training they’ve received from their employer. Here’s what we found: 36

CXO INSIGHT ME

DECEMBER 2018

IN FACT, RECENT RESEARCH FROM ROBERT HALF TECHNOLOGY FOUND THAT 75% OF EMPLOYEES ADMITTED TO SHOPPING DURING WORK HOURS ON A COMPANY DEVICE ON CYBER MONDAY AND 23% SPENT EVEN MORE TIME ONLINE BARGAIN HUNTING WHILE AT THE OFFICE.

Today’s employees are lacking basic cybersecurity awareness It seems like every day there’s another breach (with Marriott Hotels providing the latest example), vulnerability or other cybersecurity incident in the news. Cyberattacks are the number one business risk in North America, yet we found that nearly one-in-four employees aren’t aware of the most common threats plaguing today’s organisations—such as phishing attacks, impersonation attempts and ransomware. Additionally, 15% of respondents admit they could either be more cautious or just completely trust that the emails being sent to their devices are safe from any type of threats. In an age where one wrong click from a single employee can compromise a company’s entire infrastructure, these are rather alarming numbers. When we asked what they use their company-issued device for, more than two-thirds (69%) said in-part for non-work-related activities. The top three personal use cases are reading the news (53%), checking personal email (33%) and browsing social media (23%).

A ONE AND DONE APPROACH ISN’T ENOUGH. IT’S IMPORTANT TO KEEP REITERATING TO EMPLOYEES WHAT THEY NEED TO BE AWARE OF WHEN IT COMES TO CYBER THREATS AND BEST PRACTICES TO SPOTTING MALICIOUS MESSAGES, WEBSITES, ETC. Additionally, nearly 28% use their company-issued device for personal reasons for at least one hour per day, with the number rising to 40% among younger workers (18-24-year-olds). Shockingly, one-in-10 employees are using their devices for personal reasons for more than four hours per day. In addition to wasting valuable time at work, personal use of corporate devices presents security concerns. It’s extremely difficult for employers and IT departments to know exactly what these individuals are clicking, browsing and engaging with each work day. So, employees are ultimately to blame for making hackers’ jobs easier, right? Well, not exactly… Let’s take a look at what employers themselves are (or aren’t) doing to help the cause. Cybersecurity and awareness training is missing in a time when it’s needed most According to our findings, nearly 60% of employees either aren’t aware of their companies having a formal policy on their personal web use at work, or there isn’t one in place at all. In fact, just 45% of modern businesses provide mandatory formal

cybersecurity training, despite human error being one of the most common causes of security incidents. Another 10% offer this type of training as optional. Additionally, amongst those businesses that do offer cybersecurity training and education in some capacity (kudos to you brave few), just 6% provide trainings monthly, while 4% do so quarterly, 9% of the respondents stated they had only received formal cybersecurity training during the onboarding process when they started their job. As we drilled down a little deeper, many companies are relying on rather archaic, and frankly ineffective, practices. The most common approach revolves around an emailed or printed list of cybersecurity tips and reminders (33%). This is followed by issuing proactive prompts around safe and unsafe links (30%) and interactive best practices videos (28%). What does this all mean? It could indicate that businesses are inherently trusting their employees to know what, and what not, to click on, and to be smart when it comes to browsing the web—for both professional and personal reasons. It could also

mean that today’s organizations simply don’t have the resources or know-how to implement formal cybersecurity and awareness training. And with cyberthreats continuing to evolve so they can bypass traditional security methods, like anti-virus and anti-spam filters, it’s essential organizations integrate cybersecurity awareness training into their overall cyber resilience strategy. For organizations looking to kickstart, or refresh, their cybersecurity education practices, a few simple tips can make all the difference: • Be persistent: A one and done approach isn’t enough. It’s important to keep reiterating to employees what they need to be aware of when it comes to cyber threats and best practices to spotting malicious messages, websites, etc. Don’t try to get every bit of training out of the way in a single onboarding class or annual refresher session. Instead, teach in short bursts of no more than a few minutes. • Make it mandatory: Training should be provided at 30-day intervals. More importantly, after you train once or twice, don’t stop there—make it a consistent, mandatory, company-wide practice. • Make it funny: The easiest way to lose your audience is by making the training boring, irrelevant, and worst of all, forgettable. Incorporating personalities, recurring characters and relatable content can go a long way toward the content having a lasting impact. As we look toward 2019 when cybersecurity incidents are almost guaranteed to continue on this hectic pace, it’s a perfect time for businesses to institute more formal cybersecurity awareness training and education practices to defend against one of the biggest threats – themselves.

DECEMBER 2018

CXO INSIGHT ME

INTERVIEW

WHY BLOCKCHAIN IS HERE TO STAY MICHAEL FAY, VP PRODUCT MARKETING AND OPERATIONS AT AKAMAI, ON WHY BLOCKCHAIN IS A DISRUPTIVE TECHNOLOGY AND HOW ENTERPRISES CAN LEVERAGE IT.

available and notions of using blockchainas-a-service (BaaS) will be reserved for more transactional use cases. Typically, the opportunity for this technology sits with the CISO or the CTO as they realise the benefits of blockchain in a similar way they saw the advantages of SSL and cloud compute many years ago. It is compelling to think of this technology alongside AI and cognitive capabilities where data inside the ledger can be manipulated or used to create new value not recognized before.

hat is the state of blockchain adoption in the Middle East region? Globally, UAE has one of the most advanced deployments of practical blockchain technology that we have seen, leading other countries by almost eight months. In this region, we have seen interest from some oil & gas brands in Saudi Arabia. While there is interest from the financial sector and government bodies in the region, UAE stays far more advanced in their adoption of nlockchain technology. The Dubai 2020 initiative is particularly impressive as it drives the adoption of real innovation. What are the biggest barriers to Blockchain adoption? Mostly, people don’t understand what blockchain really is; some equate it to bitcoin while others are convinced that they can enjoy its benefits with a database. As with any new technology, the hype cycle can be distracting. The rise and fall of the ICO (initial coin offerings) industry and volatility in the bitcoin market have stimulated interest and created fear in the practical applications of blockchain. What are the most popular use cases for blockchain? First would be FinSec where there is interest in revamping the payment networks to improve cost and drive better transparency of transactions. Supply chain is another popular use case where chains of custody and product quality need to be audited

CXO INSIGHT ME

DECEMBER 2018

dynamically for the life of the product. Next in line would be advertising where data and fraud have polluted the value of advertising online and in broadcast. Thus, this solution can solve tomorrow’s problems in segments where transaction volume and speed are paramount – namely finance, healthcare, advertising, government etc. How are blockchain solutions being implemented? Slowly. We are seeing providers use a variety of vendors to build wallets, ledgers and cloud layers to accomplish their goals. Most PoCs today engage ‘blockchain’ in an ecosystem ASP model where they take multiple vendors, technologies and clouds to combine them for the desired result. Within the next three years, as the hype is mediated and dies down, more streamlined products will become

Which industries have invested the most in blockchain and what are the benefits of implementation? The financial segment leads in terms of investment in this technology – be it exploring proofs-of-concepts (PoC) or setting up infrastructure – followed closely by supply chain, oil and gas and advertising. We live in a zero-trust world. What that means is that we need to start making decisions based on the premise that everything is fraudulent and is getting hacked. Blockchains and distributed ledger are a zero-trust technology that helps build and report transactions in a zero-trust world, essentially adding visibility and trust in the business. Another key benefit is transparency as with this technology information becomes available to all parties in the system. Also, blockchain implementation can speed up transactions and there is an overall reduction in fraud during transactions. There is also the potential for reduced costs.

BLOG

HOW AI WILL CHANGE THE WORLD DR. JASSIM HAJI, PRESIDENT OF ARTIFICIAL INTELLIGENCE SOCIETY OF BAHRAIN, GETS INSIDE THE TRANSFORMATIVE TREND OF AI AND PREDICTS THE FUTURE.

he truth about Artificial Intelligence and particularly machine learning is far less sinister, and it’s actually not something that should be viewed as part of the distant future. It’s here today, and it’s shaping and simplifying the way we live, work, travel and communicate. Here are some interesting use cases of AI across transportation, diamond, health industries and impact of Industry 4.0 applications, though there’s plenty of room for overlap. Each example is accompanied by a “glimpse into the future” that illustrates how AI will continue to transform our daily lives in the near future. • Chatbots Online chatbots save time and efforts by automating customer support. Gartner forecasts that by 2020, over 85% of customer interactions will be handled without a human touch. However, the opportunities provided by chatbot systems go far beyond just answering customers’ inquiries. They are also used for other business tasks, such as collecting information about users, helping to organize meetings and reducing overhead costs. It is no wonder that size of the chatbot market is growing exponentially. Of course, it is not so simple to create an interactive agent that the users will really trust. That’s why IM bots have not replaced all the couriers, doctors and the author of this article. • AI spreads to full diamond grading The development of more and more advanced technologies, both in AI and in the diamond analysis, has led to the capability of expanding AI-based technologies to cover the full suite of diamond grading. AI-based

colour and clarity grading technologies were announced back in 2016. And in 2018, the world’s first fully automated, AI-driven diamond grading lab was opened. But what effect will AI diamond grading have on the industry? The full implications of AI diamond grading are yet unknown, and will surely unfold in the years ahead. • AI in healthcare AI is already being used to detect diseases, such as cancer, more accurately and in their early stages. According to the American Cancer Society, a high proportion of mammograms yield false results, leading to 1 in 2 healthy women being told they have cancer. The use of AI is enabling review and translation of mammograms 30 times faster with 99% accuracy, reducing the need for unnecessary biopsies. The proliferation of consumer wearables and other medical devices combined with AI is also being applied to oversee early-stage heart disease, enabling doctors and other caregivers to better monitor and detect potentially life-threatening episodes at earlier, more treatable stages. • AI and transportation Uber recently announced its plan to offer a pilotless flight taxi service in 2023, though it still faces major hurdles. Boeing and Airbus are also among aircraft companies working on the new technology for commercial airliners. In ten or 15 years, artificial intelligence will be better than human drivers and human pilots. The first fully automated airliners will likely carry freight, as parcels don’t care whether there’s a human in the cockpit or not. But not all experts are as optimistic, from the debate about the relative safety of

unmanned cockpits to concern about the technology’s lift-off among passengers, the future of pilotless planes remains cloudy. Experts are confident unmanned planes will soon be safer than those with pilots, stressing that the majority of traffic collisions are a product of human error. • Industry 4.0 Current Industry 4.0 and smart manufacturing developments clearly point to the adoption of AI. And yet few AI developments have led to the creation of smart manufacturing applications. Head to Wikipedia and a basic definition of AI reveals five steps to achieving real intelligence – from simple reflex agents leading up to the more advanced type of AI: learning agents. I think most readers would agree that current systems are at the lowest level of AI and we have a long way to go to get to level five – fully contextualised decision making. People have the wonderful ability to make decisions by taking account of a massive range of variables, which can be instinctive, learned and factual. A simple example: before going out we might check the weather forecast before deciding to take an umbrella with us. When we think this through, we not only consider factors such as how heavy the rain might be and how hard the wind might blow, but also how long we might be outside, and whether we trust the forecast or care if we get wet. Last word Though many of the concerns around AI lie with the fact that workers are worried their jobs will be automated, and they will be out of work, in reality, AI helps users work faster and smarter, moving from a more administrative role to be able to focus on strategy and technique.

DECEMBER 2018

CXO INSIGHT ME

PRODUCTS

SONY TRAVEL HIGH ZOOM CAMERAS Sony boosted its Cyber-shot line-up of travel high zoom cameras with the launch of the DSC-HX99 and DSC-WX800 for photography lovers in the UAE. Designed for users who want an unobtrusive camera that can be carried at all times, the new models are packaged in the world’s smallest body and offer a truly versatile zoom range from 24mm at the wide end up to 720mm super-telephoto. In addition to stunning 4K movie footage, at the heart of both models sits the powerful BIONZ X image processing engine combined with a front-end LSI that delivers high-speed continuous shooting at up to 10 fps with a buffer limit of up to 155 images. Furthermore, these new models present a fast AF speed of 0.09 seconds. Some newly added features are Eye AF, Touch Focus/Touch Shutter function, and location data acquisition via Bluetooth.

NVIDIA JETSON AGX XAVIER Developers can use Jetson AGX Xavier to build the autonomous machines that will solve some of the world’s toughest problems, and help transform a broad range of industries. Millions are expected to come onto the market in the years ahead. The Jetson AGX Xavier module can serve as the powerful brain behind any bot you dream up. It delivers the performance of a workstation server in a computer that fits in the palm of your hand. Consuming as little as 10 watts — about as much as a clock radio — the module enables companies to go into volume production with applications developed on the Jetson AGX Xavier developer kit, bringing next-gen robots and other autonomous machines to life. The Jetson AGX Xavier module leverages NVIDIA’s AI platform, which is used for numerous AI applications. This includes a complete set of tools and workflows to help developers quickly train and deploy neural networks.

NOKIA 8.1 HMD Global has launched the Nokia 8.1, the newest addition to its value flagship range. The Nokia 8.1 features a highly sensitive camera sensor, ZEISS Optics and Optical Image Stabilization (OIS). Proprietary PureDisplay screen technology with HDR 10 support along with highly accurate colour reproduction delivers enhanced viewing experiences even in bright sunlight, while the chipset ensures smooth performance for up to two days per charge. Running the latest Android software, Android 9 Pie, ensures the Nokia 8.1 delivers the best Android experiences with the latest innovations right out of the box. The 20MP adaptive front camera lets you capture the ultimate night-time selfie, as it enhances how much light it is able to capture by combining four pixels into one super pixel. You can also shoot movies like a pro with 4K video and relive your memories as if you were still there with high fidelity Nokia spatial audio stereo surround sound recording. 40

CXO INSIGHT ME

DECEMBER 2018

Drive Innovation with Robotic Process Automation Kofax RPA is your proven digital workforce • • • •

Automate and accelerate error-prone processes Scale securely with lower cost of ownership Complement existing technologies Create a 24/7 digital workforce

www.kofax.com/rpa © 2018 Kofax. Kofax and the Kofax logo are trademarks of Kofax, registered in the United States and/or other countries. All other trademarks are the property of their respective owners.

BLOG

IS YOUR CITY SMART? TO GET SMART, CITIES MUST FOCUS ON FRICTION, WRITES DARRYL COX, DIRECTOR OF ALLIANCES, INFOR, IMEA.

hat exactly is a smart city? If you type in the term into your preferred search engine, in this case Google, and you come up with the following definition: A smart city is an urban area that uses different types of electronic data collection sensors to supply information which is used to manage assets and resources efficiently. This basic definition paints a picture of an urban setting that is “smarter” because it can see, understand and react faster to the everyday events due to greater digital connectivity. But does that mean a city has truly become “smart?” I think it is important to ensure that what the vision is for a smart city goes beyond being as smart as a ten-year-old (trust me I have one). A truly smart city will be on that leverages digital assets to go beyond better management of assets but achieves transformative impacts on the citizens, environment and ecosystem. And the essential element for this 42

CXO INSIGHT ME

DECEMBER 2018

transformative impact – friction. Friction comes in many forms in an urban environment, from the movement of people to the movement of inventory and the usage of resources. So, what are some transformational aspects that address specific areas of friction? True smart cities reduce the friction created by old supply chains. Anyone who has ventured through the streets of New York City during the day see the impacts of legacy supply chains all around them. Trucks, boxes, pallets,

forklifts and dollies are not meant for sidewalks. Yet, throughout an average day in New York or Shanghai or Frankfurt, these tools of our supply chains can be seen roaming sidewalks and streets. Why? As the velocity of commerce continues, the stores and physical assets of retailers cannot keep pace. They require constant replenishment and therefore constant visits from trucks unloading pallets and boxes using the dollies and forklifts. This has the unintended consequence of turning, already heavily populated sidewalks, even more dangerous and incumbered. So what does a smarter city have to do to solve this? With greater digital assets – IoT, RFID, connected machinery and assets, connected consumers and connected stores for example – the smart city will be more finely orchestrated when it comes to replenishment. Inventory will be more optimally stored throughout an urban setting and beyond. Replenishment will be done with greater understanding of what needs to be replenished and when, rather than being dependent on assumptions and models. This will reduce a major cause of friction within a city. A smarter city reduces the friction of red tape. This might be too optimistic, but let’s imagine what a city might look like if there was more transparency rather than blind spots when it comes to the number of functions that occur within an urban setting. Citizens would have full transparency into how funds are leveraged, how resources are allocated and how the city is truly run. Maybe this is too utopian of a view, but why not imagine what might be with greater clarity and insights into the everyday function of a city. The bottom line is a city is really a collection of systems that are all intertwined. Friction and inefficiencies occur when there are blind spots and areas where there are uncertainties. Could digital bring clarity and insight into these areas? Absolutely. Smart cities are becoming a reality due to greater access to computing and digital assets. What is really interesting is what are the transformative changes true digitisation could open up for supply chains and cities in general.