WWW.CXOINSIGHTME.COM
ISSUE 05 \ JANUARY 2019
OUTLOOK 2019 UNCOVERING TECHNOLOGY TRENDS AND TOPICS THAT WILL MAKE WAVES THIS YEAR
PUBLICATION LICENSED BY SHARJAH MEDIA CITY
Gartner’s Top 10 Strategic Technology Trends for 2019 Intelligent #1
Digital #2
#3
Autonomous Things
#4
Digital Twins
#5
AI-Driven Development
Blockchain
#6
Empowered Edge
Augmented Analytics
#7
Mesh
#8
Smart Spaces
#9
Immersive Technologies
Ethics & Privacy
#10 Join us at Gartner Symposium/ITxpo 2019 to learn about Gartner’s technology trends, if they will work for you and how to implement them.
Gartner Symposium/ITxpo 2019 Dubai, UAE / 4 - 6 March gartner.com/me/symposium / #GartnerSYM
© 2018 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner and ITxpo are registered trademarks of Gartner, Inc. or its affiliates. For more information, email info@gartner.com or visit gartner.com.
Quantum Computing
CONTENTS
45
PRODUCTS
OPPO 5G PROTOTYPE SMARTPHONE
OUTLOOK 2019 UNCOVERING TECHNOLOGY TRENDS AND TOPICS THAT WILL MAKE WAVES THIS YEAR
ACER SWIFT 7 NOTEBOOK
AMD RYZEN 3000
08 VIEWPOINT
16 FEATURE
TRANSFORMATION TRENDS THAT WILL 08 DIGITAL 10 DOMINATE TRENDS FOR 2019 2019 TO BEAT HACKERS AT TRENDS 28 HOW 16 CYBERSECURITY THEIR OWN GAME AND OUTLOOK WHY AUTOMATION NEW AGE FOR 20 ANETWORKING 32 IS KEY TO DIGITAL
6
INTERVIEW TRENDS THAT WILL 34 TECH DRIVE BUSINESS IN 2019 TO FIGHT MOBILE APP 24 WHY DATA NEEDS 36 HOW GOOD SCIENCE FRAUDS
HELP AG LAUNCHES HACKADEMY
TRANSFORMATION PUSH
PUBLISHED BY INSIGHT MEDIA & PUBLISHING LLC
NEWS
IBM UNVEILS WORLD’S FIRST COMMERCIAL QUANTUM COMPUTER SPIRE SOLUTIONS NAMES NEW REGIONAL SALES MANAGER FOR GULF
ERICSSON, QUALCOMM COMPLETE 5G DATA CALL
JANUARY 2019
CXO INSIGHT ME
3
EDITORIAL
A
MAY YOU LIVE IN INTERESTING TIMES
s customary, in the beginning of the year, there is a blizzard of predictions from vendors and self-styled industry experts about the trends that will shape the tech landscape – some bold, some outlandish. It is always a tricky business to predict what is likely to happen over the next 12 months, especially in an industry as dynamic as ours. However, I am going to stick my neck out and weigh in with my own predictions for this year. First off, I don’t think the technology landscape is going to be radically different from last year. The biggest challenge facing IT leaders this year would be to do a balancing act and find the resources to execute on their vision in the face of shrinking IT budgets. Last year, the hype around digital transformation has reached a crescendo and I think it’s time for the industry to define what digital really is; it goes far beyond just technology updates and it’s not just about enhancing customer experience or the front-end. The real McCoy is transforming the backend, streamlining operational processes and creating a culture of innovation across the enterprise. Now, that is easier said than done. This year, we might see an accelerated adoption of cloud services in the Middle East. So far, it has been a non-starter due to a number of reasons including regulatory roadblocks and resistance to change in IT organisations. With AWS and Microsoft opening their
Published by
Publication licensed by Sharjah Media City @Copyright 2018 Insight Media and Publishing
Managing Editor Jeevan Thankappan jeevant@insightmediame.com +97156 - 4156425
Contributing Editor Sarah Rizvi editor@insightmediame.com +97155 - 8949318
data centres in the region, I think many organisations now have a compelling reason to move some of their critical workloads to cloud environments and think of a strategy to modernise their existing data centres to harness the power of cloud. Cybersecurity will continue to be a top IT budget priority and I think this region is much more prepared for threats than many think because security is an integral part of the socio-culture context in many countries in the Middle East. Having said that, I think security budgets will be under increased scrutiny because many CISOs have realised that spending more on security tools doesn’t necessarily mean more protection. We are also likely to see some real-world solutions around blockchain because the dust seems to have settled off a bit now. Contrary to popular perception, blockchain isn’t a panacea for every business problem. I think the technology will continue to evolve to address concerns related to scalability and security, and enable some new applications that we haven’t even thought of till now. On the other hand, AI is still at the ‘peak of inflated expectations’ as Gartner puts it, and it will be some time before reliable standards are established in order for enterprise to the test the waters. I am going to look back at the end of this year and see how many of these predictions had come to fruition. Meanwhile, we wish our readers a great year ahead and continued success.
Sales Director Merle Carrasco merlec@insightmediame.com +97155 - 1181730
Production Head James Tharian jamest@insightmediame.com +97156 - 4945966
Operations Director Rajeesh Nair rajeeshm@insightmediame.com +97155 - 9383094
Administration Manager Fahida Afaf Bangod fahidaa@insightmediame.com +97156 - 5741456
While the publisher has made all efforts to ensure the accuracy of information in this magazine, they will not be held responsible for any errors
JANUARY 2019
CXO INSIGHT ME
5
NEWS
SPIRE SOLUTIONS NAMES NEW REGIONAL SALES MANAGER FOR GULF
S
pire Solutions has appointed Sammy Elyan as its new Regional Sales Manager for the Gulf region (GCC excluding Saudi Arabia). “We are very pleased to welcome Sammy to our team. Sammy is recognised as an industry veteran, and his expertise in information security and business development will be vital to our Middle East operations”, said Avinash Advani, CEO at Spire Solutions. “Appointing a sales leader like Sammy will support our growth ambitions and sustain our Preferred Security Partner position in the Gulf region,” added Advani. Sammy Elyan possesses over 20 years industry experience, a successful track record of business growth acceleration as well as extensive practical knowledge of Business Development, IT
Service Management and Strategic Planning. He holds a master’s degree in computer networking, electrical and computer engineering from Wichita State University, US. “Spire Solutions has an enviable reputation in this region and an excellent track record of delivering
cutting edge cyber security solutions and services. The company’s vision, drive and commitment to this important market are inspirational and key to its continuous success. I am delighted to have the opportunity to be part of the Spire family,” said Elyan.
including internal and external penetration testing, assessment of web applications, simulating social engineering attacks, and executing advanced hacking techniques such as buffer overflows and reverse engineering. The duration of each
of these courses is either three or five days, at the end of which attendees are presented with a certificate of attendance, recognizing their successful completion of the training module. “We have seen how these efforts have contributed significantly to helping our clients strengthen their defences. With the Hackademy program, we’re now giving our customers an opportunity to empower their internal IT teams with the same skills and technical knowhow that we have gained through years of commitment to cybersecurity. This will enable them to regularly conduct simulated hacking exercises by themselves which will play a key role in mitigating risks they face from the constantly evolving threat landscape,” said Stephan Berner, CEO at Help AG.
HELP AG LAUNCHES HACKADEMY To arm Middle East cybersecurity professionals with the skills and knowledge they need, Help AG has launched the Help AG Hackademy. This offensive ethical hacking hands-on training program is conducted by qualified L33T hackers and empowers attendees to perform attack simulations that uncover security vulnerabilities in their organisations’ IT environments. At its launch, the program comprises of five courses that cover several aspects of ethical hacking 6
CXO INSIGHT ME
JANUARY 2019
IBM UNVEILS WORLD’S FIRST COMMERCIAL QUANTUM COMPUTER IBM has unveiled IBM Q System One, the world’s first integrated universal approximate quantum computing system designed for scientific and commercial use at CES 2019. The company also announced plans to open its first IBM Q Quantum Computation Center for commercial clients in Poughkeepsie, New York in 2019. IBM Q systems are designed to one day tackle problems that are currently seen as too complex and exponential in nature for classical systems to handle. Future applications of quantum computing may include finding new ways to model financial
data and isolating key global risk factors to make better investments, or finding the optimal path across global systems for ultra-efficient logistics and optimising fleet operations for deliveries. Designed by IBM scientists, systems engineers and industrial designers, IBM Q System One has a sophisticated, modular and compact design optimized
for stability, reliability and continuous commercial use. For the first time ever, IBM Q System One enables universal approximate superconducting quantum computers to operate beyond the confines of the research lab. The IBM Q Quantum Computation Center opening later this year in Poughkeepsie, New York, will expand the IBM Q Network commercial quantum computing program, which already includes systems at the Thomas J. Watson Research Center in Yorktown, New York. This new center will house some of the world’s most advanced cloud-based quantum computing systems, which will be accessible to members of the IBM Q Network, a worldwide community of leading Fortune 500 companies, startups, academic institutions, and national research labs working with IBM to advance quantum computing and explore practical applications for business and science.
ERICSSON, QUALCOMM COMPLETE 5G DATA CALL The bi-directional downlink and uplink data call was made at the Ericsson Lab in Kista, Sweden last December 20. It brings a new sub6 frequency band one step closer to commercial rollout. This latest Interoperability Development Testing (IoDT) data call is compliant with the 3GPP Rel-15 “early drop” specification that was frozen in March 2018 but further stabilized in September, and which is the basis for commercial launches expected in the first half of 2019. Per Narvinger, Head of Product Area Networks, Ericsson says: “Together with Qualcomm Technologies, Ericsson continues to make strides on commercial 5G readiness by continuously performing interoperability tests
on 5G NR networks on different spectrum bands. We’re offering our customers flexible deployment options as they gear up for commercial 5G services.” The lab demonstration used Ericsson’s commercially available 5G hardware – including its 5G NR
radio AIR 6488 and RAN Compute products – together with Qualcomm Technologies’ mobile smartphone form-factor test device powered by the Snapdragon X50 5G modem and antenna modules with integrated RF transceiver, RF front-end and antenna elements.
JANUARY 2019
CXO INSIGHT ME
7
VIEWPOINT
DIGITAL TRANSFORMATION TRENDS FOR 2019 SRINIVASAN CR, CHIEF DIGITAL OFFICER, TATA COMMUNICATIONS, DISCUSSES KEY FINDINGS FROM HIS COMPANY’S CYCLE OF PROGRESS DX BENCHMARK STUDY
N
o matter where you are in the world, the year drawing to its close signals a time to reflect on the last twelve months and presents an opportunity to use these learnings to look forward with fresh eyes into 2019. This year, I have the benefit of leaning on the recent findings of our inaugural Cycle of Progress digital transformation benchmark study to inform my predictions. This global survey examines global business leaders’ hopes and fears about emerging technologies, and reveals which technologies they are actively implementing to drive the digital transformation of their business – versus which ones are yet to live up to the hype. Thinking about 2018, we’ve seen several game-changing events within the technology industry such as the rollout of GDPR across Europe in May and the crash in Bitcoin value, potentially signalling a bubble-bursting moment for
8
CXO INSIGHT ME
JANUARY 2019
cryptocurrencies. We’ve also seen the lines between technology, politics and society become increasingly tangled, exemplified in Facebook’s ongoing battles against fake news and the continuing fallout from the Cambridge Analytica scandal. In spite of all this, the Cycle of Progress study shows that business leaders remain unwaveringly positive about the impact of technology innovation on their businesses and society as a whole. Based on our findings, I see several technologies continuing to lead the way in 2019, namely Internet of Things (IoT), Artificial Intelligence (AI) and blockchain. The evolution of IoT More than half (53%) of Cycle of Progress respondents say that they have adopted IoT in some shape or form so far. Already well established in many businesses, IoT applications and services are leading
the pack in having the greatest positive impact. It helps businesses gather and analyse real-time data to enable everything from improving the customer experience to streamlining supply chain operations. And the future looks bright, with 48% of decision makers seeing it as having the most significant impact, ranking above any other emerging technology in our study. While IoT has been consistently on predictions lists in recent years, I see the technology being implemented in a more meaningful way in 2019, as more interesting use cases arise across vertical sectors. I’m particularly excited to see how IoT can support sustainability projects such as creating new ways to battle food waste in the agricultural industry. In 2019, I believe that IoT – supported by advanced connectivity solutions such as 5G and LoRaWAN – will continue to go from strength to strength especially in emerging markets such as India, where
barrier to integrating new innovations, while security and privacy were also highlighted as major challenges. There is also significant concern over the ever-growing skills gap, with 30% of decision makers stating that the lack of the right skills in their workforce is preventing them from adopting the latest technologies.
a staggering 69% of Cycle of Progress respondents reported to have adopted the technology. AI goes mainstream This brings us to another data-driven elephant in the room: AI and machine learning, which are increasingly being integrated into a variety of services, making the technology far more accessible and digestible than it was just a few years ago. From consumer applications like Alexa Skills, which has been implemented by organisations such as the Lancashire Police in the UK, to the built-in machine learning in the security solutions we use to keep our businesses safe from hackers. At Tata Communications, we are using AI to sharpen our recruitment processes, for example. Previously, our hiring managers used to skim through job descriptions to shortlist candidates. Now, they save time and effort by using an AI-based automated tool that automatches a candidate with best-in-class individuals, with the latter acting as the benchmark. According to the Cycle of Progress, AI has already been adopted by 46% of global businesses like ours in some way. What’s even more interesting is that – despite the scaremongering around the potential negative impact of AI on people and jobs – just 8% of business leaders who took part in our survey have no plans at all to start using AI. Furthermore, 43% of decision makers see AI as having a positive impact, and only 3% of business leaders think that it will have a negative impact. So, it seems that the fear of sentient robots has abated for now! Blockchain finds a new lease of life Perhaps one of the most hyped new technologies of the digital era is blockchain. Shared ledgers like blockchain have the potential to enhance security while also boosting efficiency and speed. Yet, up until recently most people have tended to associate the technology exclusively
PERHAPS ONE OF THE MOST HYPED NEW TECHNOLOGIES OF THE DIGITAL ERA IS BLOCKCHAIN. SHARED LEDGERS LIKE BLOCKCHAIN HAVE THE POTENTIAL TO ENHANCE SECURITY WHILE ALSO BOOSTING EFFICIENCY AND SPEED. with cryptocurrencies, which are currently moving from peak to trough – exemplified by the current fluctuations in Bitcoin. However, the potential of blockchain goes way beyond crypto currency, and our survey shows a global implementation rate of 44%. While the outlook for digital transformation in the coming year is positive, implementing new technologies like blockchain is not without its challenges. In fact, business leaders cited cost as the biggest
A constant cycle So, what does our study tell us about the way ahead for global businesses’ digital transformation? Over the course of 2018, ‘digital transformation’ has become such a widely used term and much-hyped concept that it can be easy to forget what it actually means. I like to think of it as a constant cycle of progress. Businesses use the latest technology advancements to thrive and survive in this constantly evolving environment, often dubbed the Fourth Industrial Revolution. To make a real difference to the bottom line, technology-enabled business transformation must have speed, scope and impact. And, as transformation gains momentum in businesses, new possibilities present themselves. For example, the successful use of AI-enabled tools in customer service can inspire a business to extend the use of AI to increase efficiencies in internal collaboration through more automated processes that shift administrative tasks from humans to machines. So, finally, empowered by transformation like this, businesses aspire to evolve further, completing the cycle and starting it all over again. While our study shows that there is more work to be done to enable organisations to maximise the potential of the latest technologies, the future is bright. Next-generation innovations like IoT, AI and blockchain are set to have a huge impact in 2019 and beyond, with businesses aspiring to harness these technologies to evolve constantly and gain a competitive edge in the digital economy.
JANUARY 2019
CXO INSIGHT ME
9
FEATURE
TRENDS THAT WILL DOMINATE
2019
CONSIDERING THE PACE AT WHICH TECHNOLOGY IS EVOLVING, IT IS NOT POSSIBLE TO TRULY PREDICT WHAT WILL HAPPEN IN THE NEXT QUARTER, LET ALONE A WHOLE YEAR. CXO INSIGHT ME SPOKE TO SOME OF THE INDUSTRY PROS FOR THEIR TAKE ON THE TRENDS THAT WILL SHAPE THE TECH LANDSCAPE IN 2019.
10
CXO INSIGHT ME
JANUARY 2019
A
number of new technologies that made headlines last year are finding its way into real-world applications. Innovations in the areas of artificial intelligence, machine learning, Internet of Things and virtual reality have the potential to fuel growth across the whole IT industry. These advancements have been reinventing the way we work, redefining business strategies and helping organisations to make sense of the evergrowing volume of data they possess. The challenge? There’s not enough talent to go around. “As the artificial intelligence (AI) skills ‘gap’ becomes more like a chasm, next year we will see the tech talent war heat up even more. AI and data specialists are not being trained fast enough to meet demand, with the best professionals likely to be monopolised by large firms with deep pockets. This could result in an innovation vacuum in the start-up and SMB space,” says James Petter, EMEA VP, Pure Storage. A similar gap exists in the cybersecurity space as well. ISC recently revealed that the global cybersecurity skills gap now stands at three million, with 63% of businesses lacking the cyber skills to actually keep threats at bay. According to Michael Flouton, VP of Product Ops and Security Strategy at Barracuda Networks, many organisations are finding it harder and harder to recruit and retain cyber specialists. “This means they’re relying on fewer people with the skills and expertise needed to protect their organisation. These decreasing
James Petter, EMEA VP, Pure Storage
Laurent Sirgy, Regional Director of France, Southern Europe and MEA at Kingston
human resources will come to a head in 2019, where I predict that organisations will stop being able to keep up with investigating these ‘stealth’ cyberattacks,” adds Flouton. With this in mind, one can expect to see businesses of all sizes and industries begin working with educational institutions to ensure that courses are designed to prepare students with the skills that organisations need today. To end the war for talent, industry experts say we need to see the creation of AI-specific internships and flexible university curriculums that keep up with technological changes. We also expect to see new tools that will simplify the adoption of AI, reducing the learning curve for new talent.
Talking about the IT industry in general, Gartner expects cloud, security and the move to digital business to bolster growth in EMEA. End-user spending on public cloud services in EMEA is projected to grow 15 percent in 2019 to total $38.5 billion. While this sounds like a ‘all sunshine and no clouds’ scenario, analysts do not expect a very favourable year for IT spending and it would ultimately depend on the kinds of innovations and breakthroughs that the industry is able to achieve. Gartner has forecasted a mere two percent increase in IT spending in the region compared to last year. The analyst company estimates this spending to amount to a total of $973 billion in 2019. Kingston, however, expects an increase in 2019 budgets and IT spending as the general support from the region’s governments increases in terms of economic activities and IT expansions. “This can be supported by a statement from Saudi Arabia, which forecasts another 13% growth for 2019’s budget based on 2018 figures. Even with oil prices decreasing, the Saudi Arabian government presumes an increase in revenue of 11%,” explains Laurent Sirgy, Regional Director of France, Southern Europe and MEA at Kingston.
WHILE THIS SOUNDS LIKE A ‘ALL SUNSHINE AND NO CLOUDS’ SCENARIO, ANALYSTS DO NOT EXPECT A VERY FAVOURABLE YEAR FOR IT SPENDING AND IT WOULD ULTIMATELY DEPEND ON THE KINDS OF INNOVATIONS AND BREAKTHROUGHS THAT THE INDUSTRY IS ABLE TO ACHIEVE.
JANUARY 2019
CXO INSIGHT ME
11
FEATURE
ManageEngine’s Vice President, Shailesh Kumar Davey, adds that enterprise adoption of process automation technologies will continue with the same vigor as the technologies are expected to make the enterprises nimble, data-centric and quick to make decisions across geographies. “More importantly, process automation will also help enterprises to go beyond the simple operational and efficiency gains made with basic automation to tap new revenue opportunities,” he adds. A number of countries in the region are also investing in building a robust IT sector and making the journey to digital business. “With digital transformation being embraced in the UAE and KSA at a rapid pace, it has become critical for enterprises to change their business models. The models need to be technology friendly and of benefit to the business,” explains Taj El-khayat, Regional Director MENA at Citrix. Furthermore, the continued shift from traditional on-premises IT business models towards cloudbased models will constitute another big trend. The public cloud market is maturing, and we expect to see a huge appetite for cloud security in 2019. Businesses aren’t just experimenting with the public cloud anymore, and now that more customers have critical infrastructure and workloads on platforms like AWS and Microsoft Azure, they’re also realizing they need purpose-built cloud security solutions to help them protect workloads moving to these platforms. Tim Jefferson, VP, Public Cloud, Barracuda Networks, says that public cloud security will become more automated, and attackers will get stealthier this year. “I expect to see more teams embracing automation to continuously monitor cloud security and remediate problems automatically. Providing these types of automated cloud security controls will be more important now than ever because cyber criminals are getting better at finding compromised credentials or access keys and exploiting them.” 12
CXO INSIGHT ME
JANUARY 2019
Shailesh Kumar Davey, Vice President, ManageEngine
CIOs MUST INVEST IN EDUCATING THE BOARD AND SENIOR LEADERSHIP ABOUT CYBERSECURITY AND THE STEPS TO SECURE SENSITIVE DATA LIKE HARDWARE AND SOFTWARE ENCRYPTION TO PROTECT THEIR ORGANISATION. Gartner analysts emphasize that the enforcement of GDPR has finally moved security to a board-level priority with EMEA IT security spending expected to reach $40 billion in 2019 amounting to an increase of 7.8 percent from 2018. Sirgy from Kingston says that with the increasing risk of data breaches, CIOs must invest in educating the board and senior leadership about cybersecurity and the steps to secure sensitive data like hardware and software encryption to protect their organisation. “This becomes especially relevant as new rules and
Taj El-khayat, Regional Director MENA at Citrix
regulations in Europe (GDPR) are sooner or later expected to reach the Middle East as well. Also, an increasing amount of organizations are now moving to cloudbased services. So, I would advise CIOs to reduce on-premises capabilities in coordination with more investments in off-premises capabilities,” he adds. With the dynamic changes in consumer demand and technology, it becomes more and more relevant for CIOs and IT leaders to switch from information technology to digital services and provide the right capabilities to secure consumer engagement, which draws an important focus to the way products are sold. El-khayat from Citrix adds that this year a new breed of CIOs will emerge, especially in the region where digital transformation now turns into practical and measurable initiatives across different industries. “A CIO who is technology and business savvy, combined with a relentless capability to challenge status quo, would lead the way. It’s a CIO’s role to tear down the remaining barriers between IT and the business and focus on the ‘why’ of technology, rather than the ‘how’.” There is a lot that can be leveraged to further the fate of the IT industry this year and going forward. It will all finally come down to how IT budgets are structured, where the investments are made and the ultimate decisions made by the CXOs.
MADE BY ZEBRA SUPERIOR CARE BY ERIN
Erin is beyond busy. So is her mobile computer. Secure communications with physicians. Patient alerts. Access to medical records. Scanning patient wristbands and medications. Together, they make more rounds without running in circles. You could say this mobile computer was made for her.
Discover the Scanners, Mobile Computers, Tablets and Printers Made for You.
zebra.com/products
EVENT REPORT
IN PURSUIT OF SIMPLICITY JUNIPER NETWORKS WANTS TO TRULY DEMOCRATISE THE MODERN ERA OF CLOUD OPERATIONS AND MAKE MULTI-CLOUD SIMPLE, SECURE AND ACCESSIBLE TO ALL. IN THE PROCESS, THE VENDOR ALSO PLANS TO MAKE NETWORKING SIMPLE.
A
Rami Rahim, CEO of Juniper Networks 14
CXO INSIGHT ME
JANUARY 2019
t its NXTWORK 2018 annual user conference held in London, Juniper Networks has unveiled its game plan to help its enterprise customers to consume cloud delivered services simply and securely, and announced intention to break into the hyperscale data centre switching market. The networking giant also announced its plan to focus more on 5G and IoT to offset the flat-lining business in core and edge routing market as a result of service providers reining in their spend on hardware. The event was kicked off by Rami Rahim, CEO of Juniper Networks, who declared war on network complexity. “Networking is inherently a hard problem, and it gets more difficult with growth. We have to be on the right side of change in the industry – the biggest problem facing us today is complexity. While growth has created value, it has come at the cost of complexity,” he said. Rahim added that Juniper continues to be an engineering company. “Our M40 router defined what scale-up era was, but it is not cutting it anymore. Scaleout has fueled this cloud supernova that we see all around over, and it started in the data centre. It is slowly moving into every use case in networking including WAN and has a profound impact on how
we innovate and our product roadmap forward. But, left to its own device, it can also create challenges,” he cautioned. The CEO also highlighted the importance of SDN and network automation at the event. “SDN should make the network abstracted, programmable and automated. That is what makes a system software defined. Everyone needs to reap the benefits of SDN in order to benefit from the era of multi- cloud. It is the ability to operate distributed resources around the planet as a single pool of resources. It is a shift from building better networks to making networking better. This distinction is subtle but very important.” Rahim added that automation is enabling companies to run their networks with least amount of human interaction possible and his company has many customers who are moving through different stages of automation. “We have created and launched a 5-step guide for our customers to better understand where they are on the automation journey.” Bikash Koley, CTO of Juniper Networks, echoed a similar opinion: “Automation is a matter of survival in the scale-out world, not a luxury. Multicloud is one of the inflection points our industry has seen, and software makes the system reliable. The difference between scale-out and multi-cloud era is the explosion of a multitude of apps and how we consume them,” he said. He went on add that there are common principles between scale out and multi-cloud and pitched the company’s Junos OS as an ideal solution to simplify multi-cloud environments. “Junos is disaggregated from groundup, programmable at every layer- single platform irrespective of what underlying infrastructure is.” Terming cloud as the biggest tectonic shift in the industry today, Juniper executives said the company is relentless in its pursuit of simplicity. “I have been in the networking industry for 30 years, and it has never been
Yarob Sakhnini, Head of Middle East, Africa and Turkey, Juniper Networks so complex before. When we went through all the tech changes in the past, customers had a clear choice – they knew what was going to happen. Today, things are a bit murky. Whether it is software-defined or multi-cloud orchestration, customers are confused to which way is the right way. What we are trying to do is to mask that complexity with configuration, deployment, and management built right into the system. This is what we mean by engineering simplicity,” says Yarob Sakhnini, Head of Middle East, Africa and Turkey, Juniper Networks. Juniper is also bullish about the opportunities around 5G and claims to have the right solutions in its portfolio. “Obviously, we can’t do 5G on our
own; this is where the partnership with Ericsson becomes very important. With this alliance, we provide an end-toend solution to services providers by combining our IP transport solutions with Ericsson’s RAN portfolio. This solution also leverages our Unified Cybersecurity Platform to secure the entire 5G mobile infrastructure,” said Yakhnini. He attributed Juniper’s growth, both regionally and globally, to its track record of solving hard problems. “One thing we have managed to convince customers is to see us a total solution provider. Be it security, switching, multicloud orchestration or SDN, we have a comprehensive portfolio that enables our customers to innovate. That is the power of Juniper.”
JANUARY 2019
CXO INSIGHT ME
15
FEATURE
CYBERSECURITY TRENDS AND OUTLOOK WHAT’S GOING TO HAPPEN IN THE WORLD OF CYBERSECURITY IN 2019? WE HAVE COMPILED RESPONSES FROM THE INDUSTRY PUNDITS TO GET A SENSE OF THE LAY OF THE LAND AND WHAT WE ARE LIKELY TO FACE THIS YEAR.
16
CXO INSIGHT ME
JANUARY 2019
HOW HAS THE CYBERSECURITY SPACE EVOLVED? Morey Haber, CTO, BeyondTrust The cybersecurity space has evolved over the past few years to include more integrated solutions based on standards, in lieu of point solutions that were difficult to interoperate.
While this may seem like a commonsense approach, only a few years back organizations struggled to integrate data into SEIMs, suffered from meaningful prioritized vulnerability data, and did not consider next generation technology like Cloud, DevOps, or IoT to be a security risk. The evolution of cybersecurity has revealed that attack vectors can occur in the most trivial of places and the only way to manage threats is correlated and integrated security information. cybersecurity solutions can no longer be point solutions operating on their own. Over the last year, threat actors have been exploiting the weakest link in cybersecurity—the human user. Through social engineering, phishing attacks, and poor password management, threat actors have been leveraging privileged attack vectors to compromise an organisation’s resources. Common problems like reused passwords, default credentials, stolen passwords, and
dictionary-based attacks have plagued organizations over the last year. These typically appear in public disclosure as “unauthorized access” attacks and have their root cause analysis based on poor identity, password, and privilege management. Sam Olyaei, Prinicipal Research Analyst, Gartner More and more organisations are storing data in the cloud. According to a Gartner survey, nearly 75% of North American and EMEA region respondents will be engaged in cloud deployments in the coming year. Spend on Cloud Security alone is expected to double over the next year in the GCC region. This has economies of scale but also presents risks – such as shadow IT. Companies are using up to 15 times more cloud services to store critical company data than CIO/CISOs were aware of or had authorised. Seventy-seven percent of line-of-business decision makers admit to using a third-party cloud
application without the approval or knowledge of their IT department. This new IT landscape brings with it new threats, and it can’t be secured in the same old ways. Change doesn’t mean more security, but different security. Not enough security spending isn’t always the issue — it also comes down to a shortage of people. A staff’s ability to confront new challenges is defined by a broad shortage of skilled people.
JANUARY 2019
CXO INSIGHT ME
17
FEATURE
A consistent problem in information security only continues: Leaders across the global economy perceive a worsening shortage of professionals equipped with the skills to perform IT security functions (3.2 M unfilled positions globally by 2022).Additionally, Advanced machine learning and intelligent apps represent options that more and more companies will prepare to utilize. This evolution in IT also carries complex security situations — and technologies that are as promising in terms of operational benefit as they are potentially dangerous as a mechanism for cybercrime. Nicolai Solling, CTO, Help AG Cybersecurity provides an accurate reflection of how we use technology in general and there have been a number of things that have changed in recent years. Consider, the devices we connect from such as smartphones.
While they’ve been around ever since the launch of the first iPhone, they’ve now come into their own as a business enablement and productivity tools instead of just a means to check email on the go. On the Apple Watch, there are now apps for Salesforce and even the identity solutions that Help AG offers that are custom built for this device. This changes the way we utilise technology. Simultaneously, behind the scenes, there have been dramatic changes to how we deliver technology. We have the cloud, which represents a 18
CXO INSIGHT ME
JANUARY 2019
paradigm shift, and IoT which, for both consumers and businesses, is entirely changing processes. As a result, cybersecurity is evolving, and we see attackers focusing more and more on three threat vectors- those that exploit user behaviour, those that attack the endpoint and those that target the end user’s identity. This results from the fact that as we move to the cloud, attackers need to find new ways to get to the data. Understanding that end users present the weakest link in the security chain, attackers leverage phishing and social engineering attacks exploit their behaviour.
HOW DO YOU EXPECT THE THREAT LANDSCAPE TO EVOLVE IN 2019? Yasser Zeineldin, CEO, eHosting DataFort Like in 2018, the growth trend of cyber security attacks will continue to increase and so are the risks. There is an expected rise in the need for cloud security in the Middle East as well as globally. As a part of the cloud business in the Middle East, we will see a lot more service providers laying emphasis on their security posture to ensure that customers data is secure. The approach will be more towards how organizations are using security offerings rather than questioning what are the security measures in place. One of the most targeted areas for cybercrime given the ready tools will be
around crypto mining for fast cash that the attackers get. Another focus area will be the general consumers who are now getting more conscious of the need for data privacy and will be demanding more responsibility as well as accountability on the part of the organisations to ensure their safety. This will be supported by governmental rules and regulations coming to the forefront. Harish Chib, vice president, Middle East & Africa, Sophos In the world of cybersecurity, predictions are difficult with the evolving threat landscape due to the continuous innovation in technology. In the year ahead, ransomware isn’t going away.
Capitalist cybercriminals are turning to targeted ransomware attacks that are premeditated and reaping millions of dollars in ransom - 2018 saw the advancement of hand-delivered, targeted ransomware attacks that are earning cybercriminals millions of dollars. These attacks are different than ‘spray and pray’ style attacks that are automatically distributed through millions of emails. Many of the worst manual ransomware attacks started when the attacker discovered that an administrator had opened a hole in the firewall for a Windows computer’s remote desktop. Closing these easy loopholes goes a long way to preventing these kinds of attacks. If you need to RDP, put it behind a VPN.
MEANWHILE, IN THE ENTERPRISE, THE NEXT GENERATION OF FINGERPRINT SOLUTIONS WILL INCLUDE OPTIONS FOR MUCH HIGHER MATCHING SPEED AND BETTER IMAGE CAPTURE QUALITY AND OVERALL PERFORMANCE, AND LIVENESS DETECTION WILL BECOME INCREASINGLY IMPORTANT FOR ENSURING CAPTURED DATA IS FROM A LIVING PERSON. Also, malicious spam a primary vector of malware. Many malware infections start with an email message, which may or may not have either a link, an attachment, or both. At the very least, be aware that malware may leverage files you might not consider dangerous, like Office documents, to start the infection process. Sophos experts believe the financial success of SamSam, BitPaymer and Dharma to inspire copycat attacks and expect more happen in 2019
evolve over time, one thing has not changed and perhaps, never will. It is of paramount importance that organizations keep current with updates and patches. This simple practice precludes a majority of the vulnerabilities that exist in the wild.
Michael Currie, Principal Cyber Security Engineer at Pelco When we consider cybersecurity attack vectors, overwhelmingly these are related to applications. It is the application that is open to a community of users over a network and it is the application that is typically attacked. While the prevalent attack techniques and risk exposures may
Wisam Yaghmour, Regional Sales Director MEA, HID Global. From HID Global perspective, we see that data analytics is currently one of the biggest areas of interest -- how to use machine learning analytics to generate valuable insights from today’s access control solutions. As organizations incorporate this type of analytics engine into their access control systems, they will improve security and personalize the user experience while driving better business decisions. Biometrics adoption will grow in consumer applications as well as in public-sector use cases such as immigration and border control, law enforcement, and military and defense market segments. Meanwhile, in the enterprise, the next generation of fingerprint solutions will include options for much higher matching
WHICH TECHNOLOGIES ARE EXPECTED TO IMPACT THE CYBERSECURITY SPACE?
speed and better image capture quality and overall performance, and liveness detection will become increasingly important for ensuring captured data is from a living person. The availability of application programming interfaces (APIs) will remove a previous pain point for biometrics authentication and enable solutions to be integrated directly with the access control infrastructure. Jose Thomas Menacherry, CEO, Bulwark Technologies The cybersecurity space has been evolving over the past few years globally. There could be more
regulations and strategies those help to develop a safer and more secure environment. Adoption of new technology-based solutions using AI, Machine Learning and Big Data would help to combat such threats with better and appropriate controls. Proper security focused strategies need to be there for IoT and OT devices as well.
JANUARY 2019
CXO INSIGHT ME
19
FEATURE
A NEW AGE FOR NETWORKING SDN HAS THE POTENTIAL TO HELP ORGANISATIONS CONSOLIDATE AND MODERNISE THEIR NETWORK INFRASTRUCTURE WHILE RATIONALISING COST. HERE IS HOW ORGANISATIONS CAN FULLY LEVERAGE SDN TO MAKE THEIR NETWORKS MORE AGILE AND FLEXIBLE. TEXT Sarah Rizvi 20
CXO INSIGHT ME
JANUARY 2019
S
oftware Defined Networking (SDN) is an architecture approach that allows enterprises to programmatically control their network resources for more management flexibility. Using a softwarebased platform that controls commodity network hardware, it helps enterprises deploy their applications seamlessly, leading to increased agility and simplified operations. It also allows for a centralised, programmable control plane, which reduces the administrative burden of having to configure individual networking devices. Globally, software-defined networking is poised for a period of explosive growth in the coming years, according to IDC.
In the Middle East, SDN adoption is now gaining momentum and there is strong interest from sectors that need to adapt fast to digital distribution, especially within government and the public sector, banking and finance, and oil and gas. Swapna Subramani, Senior Research Manager - Enterprise Technologies at IDC, says SDN is currently in an early adoption phase across the region. “In the Middle East, SDN reached an inflection point in 2016 and is poised for large-scale adoption. Like any technology, SDN has an adoption curve that first involves early adopters, followed by early mainstream users
and then the rest of the market. Early adopters from the government, finance, education, and telecom verticals were seen in 2018.” Though SDN is still at an early adopter stage, enterprises in the Middle East have already started to shift towards software and serviceoriented architecture, according to Osama Al-Zoubi, CTO of Cisco MEA. “Nevertheless, as digital transformation gains momentum and enterprises understand the urgency and the need to enhance network programmability as a key ingredient in the transformation, SDN adoption is bound to become inevitable.” Faisal Ameer Malik, CTO at Huawei Enterprise Middle East, says that the growth momentum is coming from global SDN deployments in data centres – be it telecom industry, enterprises or cloud service providers. “In enterprises with large and multiple campuses, mobility requirement is driving SDN deployment across the world. Implementation of NFV in telecom industry is also gaining pace in the region. SDN is not just as an option but a basic network architecture that everyone will eventually adapt to.” As regional organizations slowly adopt SDN technologies, its outright acceptance is hindered by the additional capital costs compared to the cost of traditional way of managing the network, according to Saurabh Verma, Head, ICT & Digital Transformation Practice, Frost & Sullivan. “It is difficult for IT heads to justify the investment through ROI. More mature SDN adoption is found at telcos and cloud service providers, that strive to provide agility and self-service to their clients. In general, the spending on SDN in this region has not caught up to be at par with mature markets like Europe or APAC.” SDN is helping data centres in the cloud era to service networks faster and drastically improve security controls. Research analysts at IDC add that there are several scenarios for data centre SDN adoption including maximizing value from server virtualisation, elastic scaling
Swapna Subramani, Senior Research Manager – Enterprise Technologies at IDC
Osama Al-Zoubi, CTO of Cisco MEA
Faisal Ameer Malik, CTO at Huawei Enterprise Middle East
JANUARY 2019
CXO INSIGHT ME
21
FEATURE
Saurabh Verma, Head, ICT & Digital Transformation Practice, Frost & Sullivan
Rasheed Al-Omari, Principal Business Solutions Strategist at VMware
Amresh Nandan, Vice President, Analyst – Tech Industry, Gartner
for cloud service providers, private cloud deployments in the enterprise, network programmability and customisation, data centre security and network analytics. According to Al-Zoubi, it is easy for users to deploy SDN alongside their existing networks and that is what will fuel its growth. “The main reason SDN stands out is because it is capable of running over any infrastructure. This process allows greater control, abstraction, independence and efficiency.” As cyber-threats continue to disrupt traditional security measures, it has become imperative for organisations across all industries to protect businesscritical data. Hence, security is another motivating factor for organizations to adopt network virtualization and SDN. Rasheed Al-Omari, Principal Business Solutions Strategist at VMware, adds that early adopters of SDN in the region are seeing strong business results. “The automation of IT services is freeing IT staff to focus on innovation. Cloud-native applications are enhancing employee productivity and the customer experience. With security embedded from within the data centre network, organisations are finding new levels of data protection and security.” Al-Omari believes that there will be a gradual shift towards software and service-oriented architectures within local enterprise data centres, driven by
accessibility, availability, and security – necessities in today’s digitalised environments. “One of the biggest hurdles to the adoption of SDN in the Middle East is changing mindsets from what was normal practice for years, raising awareness of the new possibilities and business benefits, he adds. Amresh Nandan, Vice President, Analyst – Tech Industry, Gartner, points out that some of the SDN use cases may involve Network Function Virtualisation (NFV) also since there are some overlaps between the two. “The Middle East is expected to see strong growth during next three years. The regional SDN market is now growing rapidly and several telcos have already initiated NFV/SDN implementation programs.” Al-Omari explains that the key value proposition of NFV is to increase the velocity at which IT services are deployed. Fundamentally, NFV aims to virtualize network services and abstract them from dedicated hardware. NFV deployments typically use commodity servers to run software versions of network services that were previously hardware-based. These software-based services are called virtual network functions (VNF) and would run in an NFV environment. Additionally, NFV offers reliability and uptime – network devices fail, just as servers do. Virtualising network devices allows rapid provisioning of
replacements with minimal downtime. Software defined networking, on the other hand, is the idea of separating the control plane of a network from the data plane that forwards network traffic in order to create a network that is centrally managed and programmable. Though SDN and NFV both use network abstraction, each uses the resources distinctly and for different purposes, adds Al-Zoubi. “While both technologies depend heavily on virtualisation to abstract functions from a software, there is still a significant difference between the two. SDN aims to abstract physical networking resources like switches from an independent virtual network, as opposed to NFV which abstracts functions from the hardware, then moves them to virtual servers. Hence, enterprises using NFV must have a server in order to extract functions from to move them virtually.” Verma from Frost & Sullivan offers another perspective: “NFV highly complements SDN but not dependent on it. SDN is a technology architecture that decouples the network control from the forwarding functions of the physical infrastructure and the goal of this disaggregation is to create a network that is centrally managed and programmable. On the other hand, NFV is a related network architecture that proposes virtualisation technology to networks.”
22
CXO INSIGHT ME
JANUARY 2019
Hyperscale Storage for Unlimited Capacity Growth
Enterprise File & Object Storage Exabyte Scalable Geo-Distributed Cloud Integration
Insider’s Guide to Object Storage cloudian.com/guide
INTERVIEW
WHY DATA NEEDS GOOD SCIENCE SETH DOBRIN, CHIEF DATA OFFICER AT IBM, EXPLAINS WHY DATA SCIENCE IS AN IMPORTANT TOOL IN ENTERPRISE ARSENAL TODAY.
H
ow do you define data science? How different is it from analytics or Big Data? In simple terms, data science is about applying a scientific method to solve business problems. If you looked back ten years ago, we’d have statistics or descriptive analytics, and we are using the same tools today for what we call data science. The big difference is the abundance of data and specifically, labeled data. The other difference is now we have the compute power to allow these data models to be retrained – statistical models tend to be static and a machine learning-based model, as the data changes over time, retrains itself and stays continuously refreshed. When you start applying ML, you are creating a self-fulfilling prophecy where you are going to change the data because you are going to do things differently. Big Data plays into this from the fact that now you have a lot of labeled data and it is more than Hadoop, which is just one of part of the eco-system. Now you have new methodologies leveraging Spark for these types of analysis, which are more efficient. Why should enterprises embrace data science? There has been a lot of business journal studies on this where they show that companies which leverage statistical 24
CXO INSIGHT ME
JANUARY 2019
methodologies are much more efficient in achieving their business goals compared to their peers who don’t. They may not outperform their peers when they are at this descriptive analytical stage, but they are consistent in hitting their business goal. However, when you start applying AI and ML, the research shows that those companies significantly outperform their peers that who don’t. When you leverage these tools to get new insights it also helps to drive a change in business models. Is data the new oil? I don’t like to think of data as the new oil because that limits your thinking. When you consume oil or any other commodity, it is done. But, when you consume data, you make it more valuable. And when you bring different data types together and start applying analytics, you get insights, which is also new data from data. Data is really the driver of the fourth industrial revolution, which is fundamentally changing the way we work. Unlike the previous three industrial revolutions, which happened region by region, 4IR is a global one, changing how we operate, types of work and how efficiently we do it. Data science is still like a dark science to IT leaders. What are you doing to demystify this?
There are many companies where the data science programme do start in the CIO office and most CIOs understand it. However, I think the deeper issue is the underlying foundation. CIOs want to move towards containerisation. They want to build a cloud environment, and in some parts of the world they can’t use the traditional public cloud; it is important for them to bring these container platforms to the private cloud. So, we built something called IBM Cloud Private for data which enables a cloud-like environment on-premise, built on containers and Kubernetes. That helps you to get your data foundation and infrastructure into the cloud environments, and it also has a governance layer, which is important because that makes it much easier for you to find your data. Once you have these components in place, then you start talking about what business outcomes you want to drive with your data without talking about data science or ML. I will give you an example at IBM, where I am responsible for internal transformation as well. When I joined IBM two years
DATA IS REALLY THE DRIVER OF THE FOURTH INDUSTRIAL REVOLUTION, WHICH IS FUNDAMENTALLY CHANGING THE WAY WE WORK. UNLIKE THE PREVIOUS THREE INDUSTRIAL REVOLUTIONS, WHICH HAPPENED REGION BY REGION, 4IR IS A GLOBAL ONE, CHANGING HOW WE OPERATE, TYPES OF WORK AND HOW EFFICIENTLY WE DO IT. ago, one of my peers came to me and said, ‘we have a problem – we have subscriptions we don’t know when companies are going to renew.’ We never talked about data science, but about the outcome he wanted to drive, which was to reduce the churn on support and services subscription. We ended up building a predictive model which not only tells them which Should data science be part of IT or a stand-alone department? My opinion is that the ultimate goal should a hub-and-spoke model where you should have an enterprise data science function and at business unit leaders’ level as well because you need people who truly understand the needs of business. Now, you might ask why do you need an enterprise function? It is because there is a gap in how companies approach data science today. You need a central group to build a data science strategy to understand what decisions your company is making and assign a dollar value to those decisions. Secondly, as an enterprise you need to have guardrails on what tools people can have – everyone is using open source tools and they should. But, there are some open source packages that you don’t have a license to use or some of them have worms and viruses. This is why you need a central group both from a strategy and toolbox perspective. However, it shouldn’t be an ivory tower exercise.
JANUARY 2019
CXO INSIGHT ME
25
EVENT REPORT
CHARTING A NEW COURSE AT ITS ANNUAL MPOWER SUMMIT HELD IN ROME, MCAFEE LAID OUT ITS STRATEGY TO BUILD SOLUTIONS THAT ARE PREPARED FOR THREATS NEVER SEEN BEFORE AND SECURE THE CLOUD JOURNEY OF ITS CUSTOMERS.
T
he event was kicked off by Chris Young, CEO of McAfee, who drew parallels between cartography and cybersecurity – both deeply rooted in highly manual processes. “Unlike cartography, cybersecurity journey has just begun. Customers need richer intelligence, greater automation and human-machine teaming and our map forward is being defined for us. You must speed time from implementation to outcome,
eliminate silos, reap the benefits of insights and your defense must span across multiple domains,” he said. The CEO said McAfee is committed to deliver outcome-driven security and has become cloud-first and cloudnative in everything it does. “We must protect the cloud itself and that is why we have added cloud protection and EDR to our MVISION portfolio.” At the event, McAfee also unveiled its 2019 threat predictions report, which predicts malware-as-a-service families to strengthen, energizing
CUSTOMERS NEED RICHER INTELLIGENCE, GREATER AUTOMATION AND HUMAN-MACHINE TEAMING AND OUR MAP FORWARD IS BEING DEFINED FOR US. YOU MUST SPEED TIME FROM IMPLEMENTATION TO OUTCOME, ELIMINATE SILOS, REAP THE BENEFITS OF INSIGHTS AND YOUR DEFENSE MUST SPAN ACROSS MULTIPLE DOMAINS. Chris Young, CEO of McAfee
26
CXO INSIGHT ME
JANUARY 2019
the market for attacks outsourcing and the evolution of increasingly innovative and agile attack methods. As a result, corporate data, home IoT devices and brand reputations will be under siege, with cybercriminals largelyusing social media, the cloud and mobile phones as increasingly prominent attack vectors. “In 2018, we witnessed even greater collaboration among cybercriminals through underground alliances,” said Raj Samani, chief scientist at McAfee. “This collaborative mentality has allowed for efficiencies in underground technologies and tactics, and the evolution of bad actors into some of the most organised and agile adversaries in the world. However, while we expect the underground market collaboration to continue, the year 2019 will also see cybersecurity alliances of defenders continuing to mature and further fortify defenses.” According to the report, cybercriminals are quickly fortifying the malware-as-a-service market by aligning to sell modular attack components. These one-stop shops make it easier for criminals of all experience and skill levels to execute
WHILE WE EXPECT THE UNDERGROUND MARKET COLLABORATION TO CONTINUE, THE YEAR 2019 WILL ALSO SEE CYBERSECURITY ALLIANCES OF DEFENDERS CONTINUING TO MATURE AND FURTHER FORTIFY DEFENSES. Raj Samani, chief scientist at McAfee
successful attacks. “This market consolidation will continue in 2019 and cybercriminal enterprises are expected to flourish as established cyber gangs partner with other top-level services such as money laundering, evasion techniques, and vulnerability exploits. As evidenced by conversations within the underground community, an increase is expected in mobile malware, botnets, banking fraud, ransomware, and attempts to bypass two-factor authentication,” said Samani. Though AI is being touted as the future of cybersecurity, McAfee report says bad actors will also use AI for improved evasion. “The accessibility of technologies such as artificial intelligence-as-a-service will enable cybercriminals to develop cyberattacks with increasingly sophisticated evasion techniques. With artificial intelligence, cybercriminals will have the ability to automate target selection, scan for target network vulnerabilities, and assess the posture and responsiveness of infected environments to avoid detection before deploying later stages of attacks,” states the report.
Another interesting trend is the public-private partnership in the Dark Web, said Adam Philpott, EMEA president of McAfee. “In the cyber domain, we are seeing bad actors collaborating with governments to deliver malware services as part of nation-state strategies. On the other hand, we are seeing increasing sophistication in not only just exploit-and-monetise type of attacks but also in campaigns that target
data integrity where bots are being dispersed through social media misinformation to threaten brands,” he said. Over the next 12 months, McAfee foresees a significant increase in data exfiltration attacks via the cloud. The report says possible scenarios include cloud-native attacks targeting weak APIs or ungoverned API endpoint, expanded reconnaissance and exfiltration of data in cloud databases, and leverage of the cloud as a springboard for cloud-native man-in-the-middle attacks to launch cryptojacking or ransomware attacks. McAfee report also predicts home IoT attacks via smartphones, tablets and routers. New mobile malware will likely investigate smartphones, tablets, and routers to gain access to the digital assistants and home IoT devices they control. Once infected, these devices can serve as a picklock to consumer homes while supplying botnets, which can launch DDoS attacks or grant cybercriminal access to personal data and the opportunity for other malicious activities such as opening doors and connecting to control servers.
ON THE OTHER HAND, WE ARE SEEING INCREASING SOPHISTICATION IN NOT ONLY JUST EXPLOIT-AND-MONETISE TYPE OF ATTACKS BUT ALSO IN CAMPAIGNS THAT TARGET DATA INTEGRITY WHERE BOTS ARE BEING DISPERSED THROUGH SOCIAL MEDIA MISINFORMATION TO THREATEN BRANDS. Adam Philpott, EMEA president of McAfee
JANUARY 2019
CXO INSIGHT ME
27
VIEWPOINT
HOW TO BEAT HACKERS AT THEIR OWN GAME GET INTO THE MIND OF A CYBERCRIMINAL, BEFORE THEY GET INTO YOURS, WRITES FADY YOUNES, CYBERSECURITY SALES DIRECTOR MIDDLE EAST AND AFRICA
C
yber-attacks are not accidents of nature. Behind every attack is an individual with objectives that they are trying to achieve. Understanding the profile of the person behind the attacks allows us to identify what they might be after, how they might go about getting it, and how we may best be able to stop them. Broadly speaking we can divide threat actors into three groups: Hooligans – This group is seeking to cause visible disruption. This could be for personal satisfaction, to raise their profile within a peer group, or possibly for gratification against a grievance. The tools and techniques used as part of the attack are unlikely to be sophisticated or bespoke. If the attack is part of an on-going campaign, the attackers may 28
CXO INSIGHT ME
JANUARY 2019
be tenacious and persistent, but are likely to be ‘noisy’ and to leave lots of evidence of an impending attack. Criminals – The vast majority of cyber-attacks are criminal in nature, someone trying to make illicit financial gain. Con-artistry, extortion, kidnap are age old criminal business models, in their modern guise we encounter them as phishing, denial-of-service and ransomware. The method of making money is the same, but the techniques and ambition are updated for the 21st century. Criminal gangs can be incredibly inventive and technically sophisticated, however, often criminals tend to stick with the techniques with which they are familiar, and presumably that they know are profitable. Familiarity with laundering the proceeds of their crime, and adept at
masking their real identities means that proficient criminals far too often remain at large instead of being held to account for their actions. Advanced persistent threats – Although the efforts of the shadowy APT threat actors, with their suspicion of state backing tend to make the headlines, their attacks are a very small proportion of the total. Nevertheless, their attacks are characterised by skill, sophistication, access to resources and importantly patience. Their goals often appear to be the gathering of sensitive information, however they can be destructive in nature, and may seek to compromise the systems of third parties in order to conduct attacks against a final target. It’s not necessary to know the exact identity of a threat actor in order to build up defences. Organisations
THE MALWARE AND COMMAND AND CONTROL TRAFFIC OF APT THREAT ACTORS DO LEAVE TRACES, WHICH CAN BE DETECTED. HOWEVER, IT TAKES A WELL DRILLED AND PREPARED SECURITY TEAM TO IDENTIFY AND PRIORITISE SUCH INFORMATION. should be aware of the nature of the threat actors who may target them and prepare accordingly. There are many case studies and published examples of attacks by various types of threat actors which can be used to consider how existing defences could protect or detect the attack. For example, hooligans frequently discuss and co-ordinate their campaigns over social media. Would you be able to identify if the name or your organisation or brands were mentioned as a target for a forthcoming attack? If so, how would you prepare? Do you have denial of service (DoS) mitigation already in place, or could it be deployed in time? Similarly, hooligan threat actors may seek to discredit an organisation by taking control of the organisation’s social media accounts. Businesses need to ensure they have two factor
authentication enabled for social media accounts so that even if the password was disclosed, the attacker wouldn’t be able to access the account. Also, those who have access to the organisation’s social media accounts need to be trained in how to spot and report phishing – and that includes the intern. Criminal attacks are relentless. Organisations are bombarded with phishing emails and attempts of getting malware inside of organisations. Perimeter defences are excellent at repelling these attacks, but we must be mature enough to recognise that these defences are not infallible. How would the security team identify a successful infiltration before it resulted in a data breach? How would teams react to resolve an infiltration and expulse attackers from a system?
These are all good questions to have prepared in advance of tackling Advanced Persistent Threat (APT) actors. Not everyone will be faced by APT attacks. Although protecting against attackers with the skill and patience to persist and wait within a compromised system for months before advancing their attack is difficult, it is not impossible. The malware and command and control traffic of APT threat actors do leave traces, which can be detected. However, it takes a well drilled and prepared security team to identify and prioritise such information. A strong cyber defensive posture is built on many overlapping layers of security systems. Considering who might attack you, how they could do it, and what their attack might look like within your systems is a very good exercise to conduct in order to spot weaknesses that may let an attacker slip through, but also to train teams to be able to better spot the attack when it does happen. Like I said – protecting against threat actors is difficult, but it can be done. You just have to get into the mind of one.
JANUARY 2019
CXO INSIGHT ME
29
INTERVIEW
THINKING DIFFERENTLY ABOUT CYBERSECURITY STEVE GROBMAN, SENIOR VP AND CTO, MCAFEE, TALKS ABOUT HOW TO MAXIMISE THE EFFECTIVENESS OF DEFENSE TECHNOLOGIES AND THWART THE EVASION TECHNIQUES OF BAD ACTORS.
M
cAfee report says bad guys are also leveraging new tech such as AI to evade detection. How can we deal with this challenge? This is a problem the industry has had for decades – attackers building tools and changing it enough to evade the existing software. Now, our approach is different. Because we are able to update things like threat intelligence, even if an attack is successful once we are able to quickly add defensive capabilities for it. One of the challenges with solutions exclusively focused on machine learning is that they need additional training or need to look for new threat vectors. We use multiple technologies to defend against that kind of scenario. Is it a good idea to automate security operations and how important is the human factor? You absolutely human in the loop, especially in organisations that are likely to be targeted. What I am alluding to is clearly we need to defend consumers and it is very difficult to get consumers to understand the nuances of security.
30
CXO INSIGHT ME
JANUARY 2019
I THINK IT’S IMPORTANT TO UNDERSTAND THERE ARE DIFFERENT LEVELS OF BREACH AND EVERY ORGANIZATION HAS A RISK CURVE. WHAT I MEAN BY THAT IS EVERY ENTERPRISE IS GOING TO HAVE A HIGH A PROBABILITY OF A SMALL BREACH. WHEN I THINK ABOUT CYBERSECURITY, THE OBJECTIVE IS NOT TO ELIMINATE RISKS BUT TO UNDERSTAND WHAT ARE THE ACTIONS YOU CAN TAKE TO LOWER RISKS.
But, organisations need to work with technology to optimise it for their environments and look for new threat scenarios that are potentially unique to them. Is it time to plan to fail and limit the damage? I think it’s important to understand there are different levels of breach and every organization has a risk curve. What I mean by that is every enterprise is going to have a high a probability of a small breach. When I think about cybersecurity, the objective is not to eliminate risks but to understand what are the actions you can take to lower risks. Do you advocate a zero-trust security model? Models are good for thought process but it’s important not to be beholden to a particular model - understanding the unique requirements of an organisation is more critical. I will give you an example of my own internal security group at McAfee and our CISO works for me. His previous job was in an energy company. Now, if you look at the two companies, McAfee is a
high-tech engineering company compared to the highly regulated nuclear energy company where he was working before. The way you think about running those two environments is very different. There is no one right answer because it is very situational and if you ask me, thinking about risk as a spectrum of impact is one of the most important things you can do. Can AI and machine learning help us to find the needle in a needle stack? To a large degree, yes. But, part of the problem is that there is a massive amount of data and finding the right data is what really matters. Even with AI and ML, we get many potential candidate situations that are malicious. Let me give you an example of behavioural analytics, which is a hot topic today. One of the classic examples given is that an employee typically works from 8-5 and all the sudden there is a spike of them doing something at 3 in the morning, which raises the flag. What if that was the day when their boss called them for some report that is required urgently and they were working at that hour? There is a lot of false positives in security and I do think we have good data science tools at our disposal to manage this problem. We have seen a surge in DDoS attacks lately. Why aren’t we able to prevent this type of attacks? I would say DoS attacks with DDosS being one variant. Doing harm to an organisation is something we are seeing new variants of. We have all these disk wipers and ransomware campaigns that hold systems to ransom as opposed to data. It is always easy to detect malicious activity but denial of service or disruption to a system is a difficult category to react to.
JANUARY 2019
CXO INSIGHT ME
31
VIEWPOINT
WHY AUTOMATION IS KEY TO DIGITAL TRANSFORMATION PUSH WHILE ORGANIZATIONS WILL RELOOK AT THEIR STRUCTURE AND JOB ROLES TO ENABLE SUCCESSFUL DIGITAL TRANSFORMATION ACROSS 2019, OTHER KEY ACTIVITY AREAS WILL BE AUTOMATION OF CUSTOMER EXPERIENCES AND THE SUPPLY CHAIN, EXPLAINS PAUL POTGIETER, MANAGING DIRECTOR - UAE, DIMENSION DATA
A
s organisations get moving on the digital transformation road map, they may abruptly find themselves running more on a bumpy dirt track rather than a Formula One race course with expected high-speed pit-stops. The learnings from this experience are sometimes hard to accept. One of the key reasons for the bumpy track is that existing organisational structures are often incompatible with the requirements of delivering digital experiences to customers. Organisations need to take a deep breath and start relooking at their structure from the point of view of the customer rather than traditional departmental silos and legacy job functions. One of the key changes likely to happen across 2019 is that
32
CXO INSIGHT ME
JANUARY 2019
organisations moving down the path of digital transformation will restructure to bring in flexibility so that they can refocus on what the customer wants. Digital technologies will be leveraged to enhance the customer experience and project teams will work together to rebuild the organisation around customer data, innovative experiences, revamped business processes, and redesigned job roles. This will help the organisation to move forward rather than face resistance, similar to fitting a square peg into a round hole. Other than organisational structure, another area that will need revamp in 2019 will be the approach around generating, accessing and analysing customer data. Organisations beginning their digital transformation exercise will quickly realize that they have a lot of data that they do not need, and
very little data that they do need, to begin their journey into understanding customer insights. Organisations will need to build new processes to generate the data that they do need and also build new structures to aid in the analysis of that data. In order to build their repositories of insightful and valuable, customer centric data across 2019, organisations will be successful this time around by investing in the Internet of Things. By investing in sensors, devices, applications, connected core and edge networks, across entire business processes and supply chains, organisations will begin to realize how to generate their return on investments through customer data aggregation and analytics. Not only will organisations be more successful in 2019 by investing in the
Internet of Things, for their own data analytics, but they will also begin to see the value in blending into their data, repositories from third party data sources. This may include data from open data platforms maintained by national government agencies such as weather, population demographics, urban statistics, vehicular movements as well as open data repositories from global agencies. By building correlations between their own data and other third-party data sources, organisations will better model customer behavior and responses in a predictive manner, yielding better return on investments and net new revenue sources. Successful availability of data across the entire customer experience and business supply chain will give organisations the confidence to open
AS ORGANISATIONS BEGIN TO MAKE PROGRESS IN THEIR DIGITAL TRANSFORMATION EXERCISE IN 2019, ANOTHER KEY LEARNING AND REALIZATION FOR THEM WILL BE THE AVAILABILITY OF PRE-BUILT DIGITAL TECHNOLOGY SERVICES, FRAMEWORKS, AND PLATFORMS. up their inventory and delivery in a real time manner to suppliers, partners and end-customers. As suppliers, partners and end-customers get access to not only current levels of product and stock availability but also future levels in a predictive manner, they will also begin to engage in a more proactive manner. This enhanced level of supply
chain forecasting with predictive demand levels, combined with ERP, CRM, artificial intelligence, robotics and automation, promises to be one of the exciting new trends in 2019. Automation using robotic processes will drive huge gains across 2019 as machine learning, neural networks and artificial intelligence are progressively added to the complete end-to-end of business processes. Geographical compliance challenges coupled with market behavior will be a key driver for the adoption of more and more automation driving predictive behavior of demand levels for a product or service. Other drivers for the adoption of robotic process automation will be the ability to reduce costs of operation, enhanced support levels for customer demands, and ability to deliver personalised experiences effectively. As organisations begin to make progress in their digital transformation exercise in 2019, another key learning and realisation for them will be the availability of pre-built digital technology services, frameworks, and platforms. As much as possible, digital transformation adopters need to reach out and access service partners who have prepared such tools and building blocks for them. There is little need for such organisations dabbling in the early stages of digital transformation to start building the blocks themselves or start tackling the complexities of creating such platforms. It is far easier to leave the challenges and complexities of building and managing the digital technology components of 2019 to vendors and their service partners and focus on making progress in the organization’s digital transformation objectives. Organisations adopting an active role of buying-in managed technology services, will find themselves making accelerated progress in their journeys. They will also find it easier to invest and build scale around pre-tested, compliant and secure platforms, that are reliable building blocks for their onward transformation journeys. Success in 2019 appears to be more predictive than before.
JANUARY 2019
CXO INSIGHT ME
33
VIEWPOINT
TECH TRENDS THAT WILL DRIVE BUSINESS IN 2019 SHAILESH KUMAR DAVEY, VICE PRESIDENT, MANAGEENGINE, LISTS SOME OF THE TECHNOLOGY TRENDS FOR 2019.
34
CXO INSIGHT ME
JANUARY 2019
T
echnology is considered an important driver of future business. As it evolves, it is becoming ever more pervasive and the adoption is growing steadily all over the world. So, what will happen in the world of technology in 2019? Digital process automation will accelerate Enterprise adoption of process automation technologies will continue with the same vigor as the technologies are expected to make the enterprises nimble, data-centric and quick to make decisions across geographies. More importantly, process automation will also help enterprises to go beyond the simple operational and efficiency gains made with basic automation to tap new revenue opportunities. For example, a bank embracing fintech can use digital process automtion to improve real-time visibility into its customers’ data and factor the improved view into real-time risk assessment of the customers. To elucidate further, a bank could provide its customers with digital tools related to accounting, receivables, payables, and all other back office functions. The customers can give permission to the bank to use selective data to have good visibility on the velocity of their businesses. This could enable the bank to provide financial services at a faster clip to the customer and at lower cost, not only due to automation but also do due to better risk visibility of the customer. OCR/NLP/voice/video/image processing will aid productivity gains The main nemesis of process automation is any web form customers, employees, or partners must fill out when an organisation wants to capture their data. Every one dreads screens with forms. AI/machine learning technologies are mature enough to process voice, video, text, and images reliably. Using
THIS INCREASE IN DATA LOCALITY WILL ALSO REQUIRE FEDERATED IDENTITY AND ACCESS MANAGEMENT (IAM) WITH ZERO TRUST SECURITY CONSIDERATIONS. SINGLE SIGN-ON, MULTI-FACTOR AUTHENTICATION, AND ENTERPRISE MOBILITY MANAGEMENT WILL ALSO BECOME COMMON PLACE IN THE ENTERPRISES. these mature technologies, the natural activities of making a phone call, taking a video, or taking a picture could be used to fill out data-enriched forms automatically. Hence both objectives will be met—collecting adequate data and filling out fewer forms—and these technologies will continue their march into the enterprise. Privacy concerns will hold centre stage With GDPR becoming a reality and hosts of other countries passing similar privacy laws, data usage will be closely monitored. Data will be tagged so that its origin will be known at the point of usage. Tools related to data tagging and master data management will become crucial. Privacy concerns and related legal ramifications could slow down decision making in enterprises. In response, new generation messaging, audio/video web conferencing tools will be used by enterprises to achieve the twin objectives of privacy compliance and rapid decision making. Data locality will increase diversity Lots of countries mandate that data needs to reside within geographical boundaries. Enterprises using SaS
or Paas will end up using countryspecific public clouds or even private clouds. As a result, critical data and applications that need to be monitored will be spread across geographies. Monitoring tools and technologies that help consolidate the view of these applications and data will see larger enterprise adoption. This increase in data locality will also require federated identity and access management (IAM) with Zero Trust security considerations. Single sign-on, multi-factor authentication, and enterprise mobility management will also become common place in the enterprises. New kinds of hardware in the data centre Data workloads in the data centre are increasing, and the demise of Moore’s law is not helping the CPU to keep pace. Newer hardware like GPU, FPGA, ASICs will become commonplace in the data centre. Enterprise IT teams will have to be knowledgeable about these technologies and use the right applications and tools to ensure that money is wisely spent on the newer hardware.
JANUARY 2019
CXO INSIGHT ME
35
VIEWPOINT
HOW TO FIGHT MOBILE APP FRAUDS LYSA MYERS, SECURITY RESEARCHER AT ESET, EXPLAINS HOW USERS CAN SAFEGUARD AGAINST THE GROWING THREAT FROM DECEPTIVE PRACTICES TO SCAM IOS AND ANDROID USERS.
T
here’s nothing new about advertisers and app developers using deceptive practices, but the Touch ID scam that Lukáš Štefanko wrote about recently is a significant twist in this ongoing story. Of course, iOS users are not alone in facing these dilemmas; as Lukáš wrote earlier this year, Android users are experiencing their own flood of predatory app tactics too. What can we do to protect ourselves against these fraudulent practices? Be aware of the limitations of app store review processes The policies and review procedures of major app stores do keep out a large number of fraudulent apps. While there are always more things they might and probably should be doing to continue to improve this problem, it is an ongoing learning process for all of us. Due to the incredibly large total number of apps and updates that each major app store sees every day, much of the work involved in the review of new submissions is automated. This means that each app likely has functionality that will not necessarily be seen by a human or be tested specifically. Even very well-known and more-or-less legitimate 36
CXO INSIGHT ME
JANUARY 2019
IT’S A GOOD IDEA TO DO A LITTLE MORE RESEARCH FIRST, TO GET A BETTER SENSE OF WHETHER A PARTICULAR DEVELOPER ALREADY HAS OTHER WELL-REVIEWED AND POPULAR APPS THAT ARE CURRENTLY AVAILABLE FOR DOWNLOAD. app vendors have been caught doing things to try to evade having certain functionality reviewed. This means it’s still crucial to do our own due diligence. Read reviews While most scam apps do in fact include numerous positive reviews, these often show signs of phoniness. Wording may be very vague, downright nonsensical, or exhibit repetitive patterns (including
different reviews repeating the same phrases or having similar usernames, for example). It’s a good idea to re-order the ranking options on reviews to see a more balanced picture: depending on the particular app store, you can sort the reviews to see those that have been deemed “most helpful” or that are ranked “most critical” first. Be patient The best time to figure out whether an app is a scam is before you download it. While it may be hard to calm the fear of missing out, it’s best to wait a few days or weeks before downloading brand new apps, to let other people be the “guinea pigs”. This way you can read what other people have to say about the app’s functionality before making a decision. Use apps by developers you know and trust If at all possible, it’s a good idea to stick with reputable app developers. If you’re new to a platform, that may be easier said than done. In that case, it’s a good idea to do a little more research first, to get a better sense of whether a particular developer already has other well-reviewed and popular apps that are currently available for download.
SOME DARK PATTERNS ARE MUCH LESS OBVIOUS, BECAUSE THEY TAKE ADVANTAGE OF EXPECTATIONS THAT WE MAY NOT BE CONSCIOUSLY AWARE THAT WE HAVE, OR BECAUSE THEY CAUSE US TO BE MORE INATTENTIVE. Be aware of valid functionality While it can be hard to keep up with the complete picture of what each new device can do, it’s a good idea to be at least somewhat aware of the functionality of your device. For example: fingerprint data are not accessible to apps, only a “yes” or “no” verdict about whether your fingerprint matches the one previous stored on your device. This is to say that apps cannot use a scan of your finger to give advice on calorie data, nutrition information, how much water you should drink, or to present ancestry analysis. (It’s worth noting that you couldn’t really get valid information on any of those things from a scan of your finger even if the app could access those data.) If your phone has existing functionality like a QR reader or a flashlight app, it might not be a good idea to install an app that does that exact same thing, especially as many of these apps have a history of being problematic. If you’re looking to specifically try a different app than one your phone already has – like a mail reader or an internet browser – be sure to read some third party reviews first, to see which options are wellreviewed and popular.
Dig deeper There are a variety of things you can look at to find information that might indicate a predatory app. Do the developers have other apps available already, and are they reviewed well? Do they have a website that appears professional, including contact information? What results are returned if you do an internet search for the name of the app or developer plus the word “scam”? Can you find more information on third-party sources regarding subscription rates or in-app purchase prices? (Apple may offer information about the latter within the app description.) Does the app purport to give you a free or discount version of more expensive for-fee app? (These scams often cost more than just money!) Request a refund and report bad actors If you’ve gotten as far as having already downloaded an app that turned out to be a scam, ask the app store or the bank attached to your payment card to refund the charge. If the purchase was in the form of a subscription, this may be more complicated, but it will soon become worth your time and effort to have gone through the entire process. You can also
report fraudulent apps to the app stores themselves, as well as contributing reviews that describe your experience. It’s time to push back against “dark patterns” Many of us already vote with our wallets when it comes to sub-optimal software behavior, by choosing not to purchase or support companies that fail to consider privacy or security, or that behave in ways that we consider too predatory or problematic. But there is another area that more people should be aware of, that describes a more understated category of sketchy behavior. “Dark patterns” describe the scenario where a user interface is designed to intentionally trick or emotionally manipulate you into clicking where otherwise you might not. In the case of the Fitness Balance app, it takes advantage of the fact that the Home button on some iPhones or iPads can serve two purposes: your finger is already resting on a (fingerprint) sensor in a way that can also be used to select an option on the screen. Newer versions of the iPhone require you to make two distinct actions for these things; you must take your finger off the sensor for a moment after a fingerprint scan, before it can be used to select an option. Some dark patterns are much less obvious, because they take advantage of expectations that we may not be consciously aware that we have, or because they cause us to be more inattentive. In cases where emotional manipulation is in play, there may be a confirmation dialog that tries to guilt-trip or scare you into changing a selection. This is where things can get a little nebulous: when is it a legitimate warning, rather than unnecessary fearmongering? This can be something of a value judgment, which is subject to our own interpretation. Whatever you decide, you can let software vendors know that you value a clear and predictable user experience that does not rely on fear, uncertainty and doubt.
JANUARY 2019
CXO INSIGHT ME
37
INTERVIEW
RPA IS A GAME CHANGER DANIEL DINES, CO-FOUNDER AND CEO OF UIPATH, TALKS ABOUT HOW RPA (ROBOTIC PROCESS AUTOMATION) HAS THE POTENTIAL TO REVOLUTIONISE BUSINESS OPERATIONS.
38
CXO INSIGHT ME
JANUARY 2019
O
ther than tackling repetitive business tasks, what is the compelling business case for RPA? RPA is a game changer for organizations of all sizes. Before deploying RPA, it is important to look at how processes in finance, HR, supply chain, etc. are being carried out, identify pain points, and instances where collaboration among departments ceases. For people who are in charge of analysing and optimising business processes in an organization, RPA is an easy tool to implement, as the deployment of software robots can be done without modifying existing
UIPATH IS CONSTANTLY EMBEDDING AI AND MACHINE LEARNING ALGORITHMS INTO ITS PLATFORM SENTIMENT ANALYSIS, OPTICAL CHARACTER RECOGNITION (OCR), TOOLS TO EXTRACT INFORMATION SIMPLER AND FASTER FROM UNSTRUCTURED DATA SOURCES, ETC. time-consuming, repetitive, rules-based monotonous tasks can be automated with RPA. The first step is always to identify the right processes that are suited for automation and pinpoint the departments in which employees are performing time-consuming work.
infrastructure and systems. RPA manages tasks with virtually zero errors, very fast and yields financial benefits to the enterprise. As an example, a software robot can reduce four to five painstaking human labour hours spent reviewing hundreds of invoices to identify a payment due in three seconds. When companies deploy RPA, they increase productivity and accuracy, improve customer experience, optimize costs, and free employees to focus on higher value assignments. Can you automate any business process with RPA? Any business process that involves
Is it important to build in-house RPA expertise? This is, of course, up to each organisation, but we found that seamless implementations are occurring in companies with dedicated people who are part of an RPA Center of Excellence - comprising different functions with clearly established roles. This ensures internal ownership. Does RPA leverage machine learning and AI? Yes, indeed, RPA has actually become the path to AI for enterprises. UiPath is constantly embedding AI and machine learning algorithms into its platform sentiment analysis, optical character recognition (OCR), tools to extract information simpler and faster from unstructured data sources, etc.
How can enterprises make sure that their RPA projects don’t fail? A series of factors determine the success of the RPA project - getting the IT department on board with RPA deployment by management, creating an in-house ‘Center of Excellence’ that caters to all the requirements of implementation, making RPA part of a larger digitization initiative, pairing RPA with other complementary tools, such as business process management, etc. How important is security when implementing RPA? Can processes be manipulated? Security is paramount as RPA inherently deals with a lot of confidential business data. In automating everyday business processes such as transferring files, processing orders, and running payroll, RPA’s software robots process information from various company databases and log into different accounts using supplied passwords. In this way, the automation platform gains access to all kinds of information (inventory lists, credit card numbers, addresses, financial information, passwords, etc.) about a company’s employees, customers, and vendors. UiPath has CyberArk integration where all credentials are stored in the Enterprise Password Vault and is VeraCode certified, meeting stringent security standards. How do you plan to meet the demand for RPA skills? Are you planning to offer any training and certification? In April 2017, as part of our efforts to democratize RPA and prepare the workforce of the future, UiPath started UiPath Academy. This online platform offers free training for all RPA functions and is available in multiple languages. Upon completion of courses, trainees can obtain certifications that will recommend them as strong candidates. Moreover, our Academic Alliance program is meant to enable universities all over the world offer automation courses to their students.
JANUARY 2019
CXO INSIGHT ME
39
VIEWPOINT
I THE YEAR OF CHOICE FOR CLOUD JAMES PETTER, EMEA VP AT PURE STORAGE, EXPLAINS THREE UNIQUE WAYS IN WHICH MODERN DATA SOLUTIONS ENABLE UAE ENTERPRISES TO DELIVER ON THEIR CLOUD VISION.
40
CXO INSIGHT ME
JANUARY 2019
t’s hard to believe we’re now 15 years into “cloud” — it’s been great to see adoption levels increase in the UAE over the past year or so, in line with a marked shift and a real maturity in how organisations are thinking about their cloud strategies. In fact, according to IDC, spending on public cloud in the UAE is expected to almost quadruple, from approximately $119.6 in 2017 to $411.4 in 2022. But as a consequence, today, regional enterprises may feel like they have to compromise in order to bridge the divide between on-premise and public cloud. It’s a divide that is now set against the backdrop of the increasing imperative for enterprise application mobility, driven by the likes of artificial intelligence (AI), machine learning (ML) and data analytics. While each approach carries its own benefits, what organisations really need is flexibility and choice when it comes to infrastructure. This choice should be based on business objectives, not constrained by what the technology can do or where it lives. Flexibility is key here — business objectives change all the time, and organisations need the freedom to adjust and adapt where necessary. Workloads and applications should live where it makes the most sense for them to live.
AT PRESENT, MANY LOCAL BUSINESSES ARE BEING FORCED TO COMPROMISE, AS OPPOSED TO HAVING THE ABILITY AND AGILITY TO DESIGN AN INFRASTRUCTURE THAT WORKS FOR THEM. FORTUNATELY, THE TIDE IS CHANGING, AND WE ARE ENTERING INTO THE ERA OF AND, NOT OR. Overcoming Barriers to Hybrid Cloud The obvious solution is a hybrid approach. Most CIOs have now moved beyond simple “all on-prem” or “all cloud” strategies, to realise that both are powerful tools in delivering on their IT strategies. They are opting instead for “hybrid cloud” with a real commitment to using both. This however is easier said than done, and poses many challenges itself. Firstly, most enterprise applications run on-premise, and migrating them to the cloud can be tricky. By that same token, most web scale applications are built in the cloud and so migrating them on-premise can be equally difficult. Today’s organisations cannot afford disruption or downtime, making seamless and agile movement across different clouds a business necessity. In addition, on-premise and cloud storage have different features and APIs, rendering development of applications that run seamlessly across both nearly impossible. Modern Requirements If these barriers were not enough to cause regional enterprises a headache, there’s the added complexity that faces all modern organisations—data. Data is now considered the “new currency”
for businesses, but keeping this data in check and using it to its full advantage is no easy feat. To put this in to context, according to IDC, the volume of data generated by the Internet of Things (IoT) alone will be as much in 2025 as the amount of ALL data created in 2020. That’s a tremendous amount of data, which will dictate the needs of a business’s infrastructure. Once this data dictates a different set of requirements, enterprises will need to have the ability to quickly and seamlessly move an application born in the cloud to an onpremise environment (or vice-versa). No longer a case of either-or… AND is now possible At present, many local businesses are being forced to compromise, as opposed to having the ability and agility to design an infrastructure that works for them. Fortunately, the tide is changing, and we are entering into the era of AND, not OR. As storage providers, we want customers to have the flexibility to maximise benefits of multi cloud, and now we can offer that bridge by unifying the cloud. Simply put, businesses no longer need to compromise — modern data solutions enable UAE enterprises to deliver on their cloud vision in three unique ways.
• Build: Organisations will be able to build private clouds on-premise or in hosted environments to deliver storage-as-a-service with the performance, availability and ease of use that every business needs and deserves. • Run: Businesses will have the ability to run applications in on-prem or hosted environments, yet also run them seamlessly in the public cloud. Having a single storage platform will deliver consistent storage services, resiliency and APIs — meaning applications can be built once and then run anywhere in the hybrid cloud model. • Protect: A new model for data protection— and this is a crucial point. The traditional disk and tape-based data protection model is failing to keep up with the demands of the cloud era. Data sizes are growing, customers expect global availability, and having PBs of backup data stuck in a vault is no longer acceptable. The combination of flash and cloud allows customers to re-invent data protection, enabling both fast local recovery from flash and low-cost long-term retention and data re-use in the cloud. Data is the lifeblood of any organisation and there needs to be flexibility for businesses to maximise value from this data. The era of the cloud divide is coming to an end, ushering in the age of choice where public and on-premise worlds can now co-exist, bridged seamlessly with a common storage layer, so applications and data are free to move easily between owned and rented clouds. The ultimate result for UAE enterprises? They can take advantage of the agility and flexibility of a hybrid environment to develop applications faster and have the freedom to ensure applications no longer have to be linked to any one type of infrastructure. This in turn allows them to create a data centric architecture that’s right for the business, and one that puts enterprises on the right path for future success.
JANUARY 2019
CXO INSIGHT ME
41
VIEWPOINT
PAVING THE WAY TO DIGITAL FUTURE SRINIVAS VEGE, MIDDLE EAST COUNTRY MANAGER FOR ARRAY NETWORKS, WRITES WHY HYPERCONVERGENCE HAS A COMPELLING BUSINESS CASE FOR ENTERPRISES LOOKING TO TRANSFORM THEIR DATA CENTRE INFRASTRUCTURE.
H
yperconverged infrastructure (HCI) is getting increased attention from IT professionals, managers and is amongst the hottest trend in IT industry today. Why? It helps in keeping pace with the digital transformation and simultaneously results in significant gains—performance, agility, and scalability—all at a lower cost. With data centre architecture evolution at high pace, many IT managers are turning to hyperconverged infrastructure. From streamlined management of scalable storage to modernising application deployment and cloud service delivery, hyperconvergence is appealing to many organisations. Why go hyperconvergence way? Should companies go hyperconverged? There are many different answers as to why you should or shouldn’t join the hyperconverged bandwagon. HCI is the fastest-growing segment of the overall market to address the cost and complexity of legacy infrastructure. It’s enabling IT departments to improve efficiency, reduce operational complexity, and quickly scale to meet growing requirements. Companies are increasingly embracing hyper-converged infrastructure as a go-to technology platform to address security, productivity, and other concerns. HCI not only delivers the performance companies are looking for, but also brings a lot of other benefits, including less networking, storage or physical equipment.
42
CXO INSIGHT ME
JANUARY 2019
According to a Gartner study, HCI market will reach $5 billion by 2019. Another report by Markets and Markets says HCI market is expected to reach $12,607.4 Million by 2022, at a CAGR of 43.59% between 2016 and 2022. Hyperconvergence is gaining popularity with the simplicity of all-in-one data centre offerings. It can be seen as a true successor of converged infrastructure (CI). As soon as organisations have started realizing the limitations of hardware-centric infrastructures, they’re shifting to HCI, which allows them to keep up with the rapid pace of digital transformation. With software-based solutions, companies can improve performance in production environments cost-effectively and can address the capacity and performance challenges of business. Unlike CI, HCI is not a merely a bundling of servers and storage, but also helps in solving complex data center infrastructure challenges like storage, downtime, etc. To explain that in detail, let’s take it one by one. No downtime with the softwarecentric approach – In hyperconverged environment, software-defined approach is being used. All nodes act as a single highly-reliable and redundant pool of storage, which means all other nodes will remain unaffected if any one node goes down. Manage and maintain workload with ease – As the entire workload falls under the same administrative
umbrella in a hyperconverged infrastructure, shifting workloads from one location to another is easier irrespective of the location. Better ROI with optimised cost – It is one amongst the key advantages of HCI. Companies can reduce total cost as less equipment are involved, making the maintenance and support easier. Lower IT costs accelerates speed to market and reduce complexity related to the IT environment and the business as a whole. Great performance and capacity with scalability – Definitely, hyper convergence has emerged as a crucial part of architecture for organisations of all sizes. With HCI, companies can scale up data center based on the specific resource demands/requirements. Protect data without complexity – Hyperconvergence gives an organisation the ability to easily restore data without letting them face complex issues. Manage complex infrastructure By delivering virtualisation, storage, compute, network, management and data protection in an easy to manage but scalable application, an organisation has the ability to seamlessly manage their complex infrastructure. In the coming years, we will witness more and more companies embracing hyperconverged infrastructure. To stay ahead in competition, lowering operational costs and enhancing customer experience is the core of digital transformation—which can be achieved with hyperconverged systems.
CO-LOCATED EVENTS
1 – 3 APRIL 2019
| DUBAI WORLD TRADE CENTRE, UAE
SECURITY FOR DIGITAL INNOVATION The Largest cyber security exhibition & conference in Middle East, Africa and Asia.
12,000+
170+
300+
300+
ATTENDEES ACROSS THREE CO-LOCATED SHOWS
TECH COMPANIES EXHIBITING
LECTURES & WORKSHOPS ACROSS THREE SHOWS
SPEAKERS
USD 270 million
the amount visitors reported they will spend within 12 months of the show
BOOK A STAND NOW! gisec@dwtc.com |
OFFICIALLY SUPPORTED BY
www.gisec.ae
OFFICIAL DISTRIBUTION PARTNER
GOLD SPONSORS
DIGITAL WORKPLACE PARTNER
STRATEGIC PARTNERS
POWERED BY
ORGANISED BY
PRODUCTS
ACER SWIFT 7 NOTEBOOK
OPPO 5G PROTOTYPE SMARTPHONE
Acer announced the incredibly thin and light Swift 7 at CES 2019. This lightweight notebook is powered by Windows 10 and received a CES 2019 Innovation Award as well. The Swift 7 is powered by the latest 8th Gen Intel Core i7-8500Y processor with up to 512GB of fast PCIe SSD storage and up to 16GB of LPDDR3 RAM. The new Swift 7 features a push-to-open camera for webchats and video recording. The Swift 7 has a four-side narrow bezel design with bezels measuring 2.57 mm. It is made with magnesium-lithium and magnesium-aluminum alloys. The 14-inch Full HD 1920×1080 touch display with IPS technology allows smooth touch interactions and presents vibrant and crystal-clear images. Plus, it’s extra durable due to a layer of Corning Gorilla Glass 6.
OPPO has launched a prototype 5G version of its flagship ‘Find X’ smartphone, to support development of the 5G ecosystem. The company has also completed a multiparty video call on a smartphone via 5G network. Engineers from six Oppo R&D institutes worldwide participated in the video call using WeChat, with an inaugural message of “Hello Oppo, Hello 5G”. The OPPO Find X 5G prototype uses engineering samples of the Snapdragon 855 processor and X50 5G modem. Oppo, Qualcomm and Keysight Technologies have also demonstrated 5G data connectivity and applications including browsing, online video replay and video call using the Find X 5G prototype. In building a 5G ecosystem, OPPO will continue deepening its collaboration with Qualcomm, network infra-structure manufacturers telecom service providers and other supply chain partners. OPPO is in talks with tel-ecom service providers in China, Europe, Australia and other overseas markets, with plans to launch commer-cial 5G products this year. Looking forward to the longer term, OPPO has introduced the concept of “5G+”, with a belief that the 5G+ era will be an era where everything is connected and ‘experience is king’.
AMD RYZEN 3000 AMD has announced its 2019 mobility line-up including processors for all notebook segments. Among the new chips from AMD are second generation AMD Ryzen 3000 Series Mobile Processors for ultrathin and gaming notebooks; AMD Athlon 300 Series Mobile Processors powering mainstream notebooks, and seventh generation AMD A-Series processors, for mainstream Chromebooks. The new 12nm AMD Ryzen 3000 series mobile processors are built for best-in-class performance, a high-end entertainment experience, state-ofthe-art features and performance
improvements. Features include Wake on Voice, Modern Standby, smooth PC gaming, 4K HDR Streaming capability; and up to 10 hours of video playback battery life. The 7th Gen AMD A-Series processors for Chromebooks deliver ideal computing experiences, from fluid web browsing to effortless everyday productivity, social media, streaming and web gaming, AMD said. The first models with the new chip will be the Acer Chromebook 315 and HP Chromebook 14, and leading global OEMs are scheduled to release several AMD powered Chromebooks
throughout the year. In addition, AMD announced that starting this quarter, gamers, creators and enthusiasts will be able to install Radeon Adrenalin software to bring the latest GPU features and game optimizations to all systems powered by AMD Ryzen Processors with Radeon Graphics.
JANUARY 2019
CXO INSIGHT ME
45
BLOG
BLOCKCHAIN:
A SOLUTION FOR TOMORROW’S CHALLENGES BY SUNIL PAUL, COO OF FINESSE
W
hat is the first thing that comes to your mind when you hear the word blockchain? For many people, it is usually bitcoin. Though cryptocurrency is the most well-known use case, blockchain technology has gone beyond that to infiltrate virtually every industry and transform global economies. Blockchain is indeed a disruptive technology that has a unique data structure with a linear, chronological set of records of information, which is immutable. As a distributed ledger, this technology can enhance security and enabled structured collection of data, without duplication or distortions from outside. While blockchain is certainly not a panacea for all business transaction problems, it has seen an uptick in all major verticals including financial services, energy, and manufacturing. As we have seen in the Middle East, blockchain technology is also being adopted in the public sector to improve transparency and build better public services. Industry experts forecast that the blockchain market will grow at a rapid pace in the coming years. The financial sector will lead this growth curve, driven mainly by rapid adoption in the banking industry. This stems from the fact that blockchain technology has some truly disruptive implications for the financial industry as it offers a decentralized ledger of all transactions, is tamperproof and virtually instantaneous. It also has the advantage of expediting payment processing and money transfers between parties.
46
CXO INSIGHT ME
JANUARY 2019
Another strong use case is monitoring supply chains where collaboration, traceability, and transparency are some of the most important considerations. In the real world, this means adding greater visibility and efficiency by removing paper-based trails and knowing in real-time the exact source, location, and state of all inventory. For the retail industry, blockchain offers consumer-facing possibilities to enhance the shopping experience, real-time liquidity to consumers, fraud prevention and management of loyalty points. Blockchain enables the use of cryptocurrencies — sometimes also called tokens — as of a means of exchanging value or data. Tokens can dramatically simplify the tracking and managing of loyalty points, making it more easily swappable between consumers and across retailers. Blockchain technology has also recently been adopted by the real estate industry to transform core operations such as property transactions including purchase, sale, financing, leasing, in addition to land and title transfers. It
enables all the parties involved to have a transparent view of all the data from a property transfer, significantly reducing costs and time in payment processing. Businesses of all sizes are taking an active interest in this disruptive technology as it offers immediate benefits and recently, tech giants have started to offer blockchain-as-a-service to ease the deployment process for first-time adopters looking to test the waters without upfront investments. The Middle East is exceptionally receptive to this new technology and investments are constantly increasing as regional organisations continue to launch proof-of-concepts and pilot projects. I believe 2019 is going to be a tipping point as we are going to see blockchain break out of the oven with some real-world solutions, enabling new applications across various industries. Though blockchain is surely gaining traction, for enterprises implementing the technology comes with its own set of challenges, especially around integration issues with legacy enterprise software systems. Another stumbling block for CIOs is regulatory concerns and lack of industry standards and interoperability between various blockchain networks. It is important to remember that blockchain is a technology that continues to evolve and grow, and these kinks will be ironed by out by the industry as we move forward. Undoubtedly, blockchain has the potential to eliminate existing inefficiencies in key business processes, and it is worth investing time and resources in this exciting new technology to explore new opportunities that could help fundamentally change your organisation.
Partnership Announcement!
Empowering Technology Distribution
Data Storage & Back-up I CCTV Surveillance I Networking I IT Security
Contact us @ +971 4 2602760 or email us at marketing@snbgroup.net India +91 9947 989 389 salesindia@snbgroup.net
KSA +966 5485 37521 salesksa@snbgroup.netn
UAE +971 4 2602760 sales@snbgroup.netet
QATAR +974 5508 9055 salesqatar@snbgroup.netn
PAKISTAN +92 306 021 6771 salespakistan@snbgroup.netn
The need for speed: Quickly detect, respond, and remediate Protect your organization before, during and after an attack with GBM.
www.gbmme.com security@gbmme.com