CXO Insight Middle East - Outlook 2021 - January 2021

Page 1

ISSUE 27 \ JANUARY 2021



CONTENTS

44

16

INDUSTRY EXPERTS PREDICT TOP TECHNOLOGY TRENDS

26

32

12 IN THE NIC OF TIME 14 THE PROMISE

2020’S BIGGEST 32 STORIES IN AI

SECURITY AT THE 26 SPEED OF DIGITAL

SECURITY RISKS 36 MANAGING THAT IMPACT DIGITAL

OF DIGITAL

2021 GLOBAL 30 NETWORKING TRENDS

31

PRODUCTS

TECH PREDICTIONS AND ADVISORY FOR DECISIONMAKERS

PUBLISHED BY INSIGHT MEDIA & PUBLISHING LLC

EFFECTIVE IS THREAT 34 HOW HUNTING FOR ORGANISATIONS?

BUSINESS

38 DEBUNKING MYTHS THREATS PREDICTIONS 42 FOR 2021

6

NEWS

IBM OPENS SOC IN SAUDI ARABIA SAP AND MICROSOFT TO RUN SUPPLY CHAIN AND INDUSTRY 4.0 IN THE CLOUD MILESTONE LAUNCHES NEW EDITION OF MARKETPLACE

JANUARY 2021

CXO INSIGHT ME

3


Protect your data and all paths to it. Imperva is the only solution that protects it all, from the edge to inside.

imperva.com


EDITORIAL

DECODING THE FUTURE

A

s they say, it is tough to make predictions, especially about the future. 2020 was a year of challenges when the coronavirus swept the globe, prompting many to declare it as the worst year ever. In the wake of the pandemic, we can’t help but wonder what this year will bring for those in the technology industry. Here is what I believe will likely happen in the next 12 months. Although a large chunk of the workforce in the region is back to offices, thanks to the availability of vaccines, the remote work trend is likely to continue even after the pandemic. Depending on the industry and job context, employees might become common to work one or two days a week from home because of increased productivity. For IT leaders, this culture shift means they will have to invest in platforms and security tools that allow their organisations to work remotely. Last year, the cloud became the de facto way for organisations looking to accelerate their digital transformation plans and provide employees access

to data from any location. This trend is likely to gain more steam, focusing more on cloud security, costs, and unifying different cloud environments. In the same vein, along with increased automation, we are likely to see rapid growth in AI and ML, especially in industries such as healthcare, banking and insurance. Without doubt, AI will play an integral role in the way apps are developed and used, and we can also expect it to be weaponized in future cyber-attacks. Lastly, I think 2021 will also be the year for 5G to reach an inflection point, after many false starts. With increased coverage and availability of 5G enabled devices, this new generation of mobile technology is all set to drive a new wave of innovations and transformation across every industry. The advent of 5G will be a catalyst for edge computing and IoT applications, and its speed and bandwidth would be a boon for enterprises in the Middle East looking to shift gears into the next round of digital transformation.

Published by

Managing Editor Jeevan Thankappan jeevant@insightmediame.com +97156 - 4156425

Sales Director Merle Carrasco merlec@insightmediame.com +97155 - 1181730

Operations Director Rajeesh Nair rajeeshm@insightmediame.com +97155 - 9383094

Publication licensed by Sharjah Media City @Copyright 2021 Insight Media and Publishing

Production Head James Tharian jamest@insightmediame.com +97156 - 4945966

Administration Manager Fahida Afaf Bangod fahidaa@insightmediame.com +97156 - 5741456

Designer Anup Sathyan

While the publisher has made all efforts to ensure the accuracy of information in this magazine, they will not be held responsible for any errors

JANUARY 2021

CXO INSIGHT ME

5


NEWS

IBM OPENS SOC IN SAUDI ARABIA

I

BM Security has announced the official opening of its first Security Operations Center in Saudi Arabia and the region to provide managed security services to private and government sector customers. Through the center, IBM will offer clients in Saudi Arabia the option of managing their security operations around-the-clock, via IBM staff and local infrastructure. Located in Riyadh, Saudi Arabia, the key areas of focus for the new Security Operations Center are supporting clients in responding to cybersecurity incidents and helping them proactively manage emerging threats through real-time analysis and early warning notification of security events. The center also provides local data residency designed to support clients’ preferences and regulatory requirements. IBM Security analysts and experts will help clients with expedited incident investigations and remediation plans. According to a recent IBM study examining the financial impact of data breaches on organisations in Saudi Arabia, incidents cost companies

studied $6.53 million per breach on average, which is higher than the global average of $3.86 million per breach. IBM Managed Security Services manages more than 150 billion security events on average daily. It brings together the power and integration of proprietary and third-party machine learning and AI to help customers reduce incident fatigue, perform triage quickly and manage what matters most to clients. With many organizations today navigating complex environments, IBM’s managed security services are built for scale and efficiency to help protect hybrid cloud environments. “The launch of IBM’s Security Operations Center in Saudi Arabia is

SAP AND MICROSOFT TO RUN SUPPLY CHAIN AND INDUSTRY 4.0 IN THE CLOUD

Franz Hero, SAP

SAP and Microsoft have announced an expanded partnership to enable customers to design and operate intelligent digital supply chain and 6

CXO INSIGHT ME

JANUARY 2021

Industry 4.0 solutions in the cloud and at the edge. The partnership, which includes a collaborative approach to standards, consortia, and open source, will shape the future of supply chain and manufacturing. As a result of this partnership, organisations will be able to use a comprehensive set of SAP Digital Supply Chain solutions on Microsoft Azure, including SAP solutions for digital manufacturing, SAP Intelligent Asset Management solutions, SAP Integrated Business Planning, and SAP Logistics Business Network. ”SAP is excited to bring our proven and innovative solutions to Microsoft Azure for our manufacturing and digital

a critical investment in helping our clients not only respond to the everincreasing cybersecurity incidents but provide them with local data residency designed to support their preferences and industry requirements,” said Hossam Seif El-Din, General Manager, IBM Middle East and Pakistan. “We are seeing a lot of new threat actors looking to take advantage of the confusion and uncertainty surrounding COVID-19. Therefore, we are also looking to use the new SOC to drive education and awareness to help clients defend themselves from potential threats.” Amidst the COVID-19 health crisis, the rapid shift to a remote workforce alongside a corresponding increase in attacks by cybercriminals capitalising on uncertainty have combined to create unparalleled cybersecurity challenges for organisations across the globe. According to IBM Security X-Force, there was a 40% increase in security incidents in 1Q 2020 globally compared to the same quarter in 2019. In the Europe, Middle East and Africa (EMEA) region, one of the first regions to be hit hard by the virus, incident response rose 125% in the same timeframe.

supply chain customers,” said Franz Hero, SAP Senior Vice President for Digital Supply Chain Solutions. “This partnership gives our customers the ability to subscribe to our digital supply chain and manufacturing solutions in the cloud and enhances our offerings for Industry 4.0. Building on this, SAP solutions will soon be available at the edge in factories, plants, and automated warehouses in close proximity to sensors, machines, and control systems.” SAP has announced new tools, updates, and services for making developers’ lives easier, regardless of skill level or job focus. These new offerings include low-code/no-code tools, a free tier model for SAP Cloud Platform, exclusive free learning opportunities and further updates to SAP Business Technology Platform.


LENOVO DATA CENTER GROUP DELIVERS NEW DATA MANAGEMENT SOLUTIONS

L

enovo Data Center Group (DCG) has recently announced new end-to-end data management solutions allowing customers of all sizes to harness data more securely and efficiently, from edge to core to cloud, with a single set of tools and capabilities for a smarter way forward. The new Lenovo ThinkSystem DM5100F brings high-performance, low-latency all-NVMe storage at an affordable price point, enabling customers of all sizes to enhance analytics and AI deployments, while accelerating applications’ access to data. The Lenovo DM Series storage systems now include new S3 Object support, to create a next generation unified data management platform. This platform allows customers to manage and analyse all data types (block, file and object) within a single storage platform, accelerating the processing of data analytics while reducing infrastructure costs. These enhancements create expanded data protection capabilities, with transparent failover and management of object storage natively. Additionally, with Lenovo DM Series storage, customers can add cold-data tiering from hard drives to the cloud, or replicate data to the cloud. This enables an economical multi-cloud strategy for storage, reducing the overall cost of data management. “Data-driven decision-making is a key tool that can help enterprises fuel progress and advance their overall operations,” said Dr Chris Cooper, Director and General Manager, Lenovo Data Centre Group MEA. “By leveraging Lenovo’s unified hybrid cloud data management system, customers can gain insights,

Dr Chris Cooper, Lenovo Data Centre Group MEA

crucial information and AI-backed predictions to enhance their services and maintain their growth on an upward trajectory.” To help mitigate data management costs, Lenovo delivers an enhanced Lenovo ThinkSystem Intelligent Monitoring 2.0 software solution, a cloud-based management platform that uses AI to simplify and automate the care and optimisation of Lenovo’s ThinkSystem storage environment. Customers can monitor and manage storage capacity and performance for multiple locations from a single cloud-based interface, predict issues before they happen, and receive prescriptive guidance. To further accelerate the performance of customers’ applications, Lenovo has announced

the new Lenovo DB720S Fibre Channel Switch. This switch provides 32Gbps and 64Gbps storage networking, delivering higher speed and 50 percent lower latency than previous generations. The DB720S delivers autonomous SAN infrastructure with self-learning, self-optimising, and self-healing capabilities, leading to reduced downtime and simplified storage network management. The firm’s data management portfolio, including the DM Series storage solutions, are available through Lenovo TruScale Infrastructure Services. Additionally, Lenovo and SAP recently announced a new OPEX private-cloud service, SAP HANA Enterprise Cloud, Customer Edition also available through Lenovo TruScale.

JANUARY 2021

CXO INSIGHT ME

7


NEWS

MILESTONE LAUNCHES NEW EDITION OF MARKETPLACE

M

ilestone has launched its new edition of Milestone Marketplace, which helps buyers not only find the complementary hardware and software functionality but also explore solution services when building best-of-breed video management solutions The vendor says Milestone Marketplace is empowering businesses to explore the unmatched possibilities of video solutions, relevant to companies looking for a new video solution and for

INFOR HELPS MANUFACTURERS IN THE MIDDLE EAST PREPARE FOR INDUSTRY 4.0 With the Middle East’s manufacturing sector roiled by demographic shifts, changing customer profiles, and the proliferation of digital devices and apps, Infor will shine a light on how manufacturers in the region can embrace digital transformation and prosper amid the 4th Industrial Revolution. Speaking at Industry 4.0 Middle East Virtual Confex on December 15, Andrew Kinder, Infor’s SVP for international strategy & sales support, discussed the many opportunities open to Middle East manufacturers who are able to devise, implement, and execute the right digital transformation strategies. To modernise the industrial sector, many countries in the Middle East are pursuing sector-specific development plans as part 8

CXO INSIGHT ME

JANUARY 2021

existing users of Milestone XProtect looking to enhance the solution’s functionality. In addition to verified hardware and software, the new release of Milestone Marketplace also holds solution services with a total of more than 500 options to choose from. The global digital platform includes powerful technologies, like artificial intelligence, augmented reality, video analytics, GIS and GPS along with combined solutions tailormade to meet several business challenges. The partners behind this are all part of the Milestone Community, ready to help businesses use video solutions to solve new challenges. Milestone Marketplace allows buyers access to a vast catalog of Milestone Systems XProtect-compatible software, hardware and solution services, as well as recommendations and guidance on how to solve specific challenges. Moreover, buyers can filter through a

network of trusted Milestone integration partners to find the best fit for their business across the globe. Customer cases, documentation, implementation guides and demos are just some of the elements made available by the partners using Milestone Marketplace to allow customers to explore solutions available to them. “Since we first introduced Milestone Marketplace in 2019, we’ve been working to extend the experience for both customers and partners when searching for and creating XProtect-compatible solutions. With this version, we’ve onboarded integrators as a new partner type, improved the search functionality, and added use categories to name but a few, all with the aim to offer a futureproof platform open to integrating with innovation from around the world,” said Chief Sales & Marketing Officer Kenneth Hune Petersen, Milestone Systems.

of their national transformation initiatives. The disruption caused by the COVID-19 pandemic, and the fact that 75% of the Khaled Al Shami, Infor Middle East population is either Millennials or Gen Z, is accelerating the pace of change, according to a recent report from IDC. While 76% of manufacturers in the Middle East, Turkey, and Africa region are already engaged in, or soon to start, a formal digital transformation program, it is important that they avoid common pitfalls and follow the correct steps when planning and implementing their DX plans to achieve the optimal results, according to IDC. Infor is already working with major companies including manufacturers on their digital transformation plans in the Middle East. For example, Saudi Bugshan Barmaja, a major diversified business group in Saudi Arabia, is digitally transforming its businesses in its home

market and overseas with a new suite of Infor solutions. The company, which has 30 businesses spread across 10 countries and is involved in diverse sectors including fast-moving consumer goods (FMCG), automotive, healthcare, education, and real estate, is deploying a suite based around Infor LN to provide a single integrated digital platform. Saudi Bugshan aims to digitally transform and automate key business functions including human capital management, customer relationship management, finance, procurement, warehouse, and supply chain management. Khaled Al Shami, Infor’s director of solution consulting for the Middle East & Africa, said, “Manufacturers of all types in the Middle East can reap huge benefits from the 4th Industrial Revolution if they embrace change and digitally transform with the right strategy and the best digital solutions. Attendees at Industry 4.0 Middle East will have the opportunity to learn more about strategies to succeed in these fastchanging times, and how Infor solutions can automate, digitise, and future-proof their processes and operations.”


ARAMCO INTRODUCES GOOGLE CLOUD SERVICES TO SAUDI ARABIA

S

audi Aramco Development Company, a subsidiary of Aramco, has announced that it has teamed up with Google Cloud to offer highperformance, low-latency cloud services to enterprise customers in Saudi Arabia. The Kingdom is being added to the global network of Google Cloud Platform regions, as part of a strategic alliance agreement signed between the Company and Google Cloud this month. Google Cloud will establish and operate a new cloud region in Saudi Arabia, while a new company will be formed following all required regulatory clearances to supply cloud solutions and services to enterprise customers, with an emphasis on businesses inside Saudi Arabia. This new cloud region will allow organisations nationwide to grow and scale their offerings, while delivering digital products and services faster and more reliably. The collaboration taps

into rapidly expanding cloud services demand in Saudi Arabia, which is forecasted to reach a market opportunity up to $10 billion by 2030. Increased dependence on online services during the COVID-19 pandemic has further accelerated the shift toward digital solutions. The rollout of Google Cloud services and infrastructure in Saudi Arabia will deliver robust, reliable and agile solutions to meet growing demand for IT and cloud services. Aramco Senior Vice President of Technical Services, Ahmad Al Sa’adi, said, “We live in a world driven by data, and it is essential that companies not only have secure infrastructure to protect enterprise data, but also the tools that

enable them to make the best use of it. Bringing Google Cloud to Saudi Arabia will deliver significant benefits, both now and in the future, and we are grateful to the Ministry of Communications and Information Technology for supporting this initiative. The future of Saudi Arabia’s business transformation and growth depends on its ability to successfully leverage cloud services.” Google Cloud CEO Thomas Kurian said, “We are committed to helping businesses modernise and accelerate their digital transformations with Google Cloud. With this agreement, Google Cloud’s innovative technology and solutions will be available to global customers and enterprises in Saudi Arabia to enable them to better serve end consumers.” Google Cloud offers its customers multiple solutions, including artificial intelligence, smart analytics, data management, security, infrastructure and application modernisation. It delivers these services globally while matching 100 percent of the energy used to power its operations with renewable energy.

AVEVA PARTNERS WITH OEG FOR 3D CLOUD-BASED VIRTUAL TRAINING OEG LLC, an industrial learning platform software and content provider that enables companies to build, maintain and evolve learning resources specific to their industry and operations, has announced a significant new strategic learning partnership with AVEVA, a global player in engineering and industrial software. The partnership will integrate OEG’s 3D advanced, remote learning content into the AVEVA Unified Learning offering to optimise and ensure remote operator safety and efficiency, which has become particularly important for industrial organisations during the current global pandemic. AVEVA Unified Learning delivers engaging off-the-shelf and customer training programs for industrial operators, bringing together the latest technologies with sound instructional design to deliver competency-based experiential learning,

empowering operators to perform better in less time. The OEG content will be used in conjunction with AVEVA’s Learning Management System and high-fidelity Operator Training Simulators to provide a library of on-demand, cloud-based, experiential courses for industrial customers to enhance the training of process operators. “The OEG Knowledge Library will enhance AVEVA Unified Learning with rich, purpose-built content for basic process operator training, as well as reduce learning time and improve knowledge retention to enable our customers to build and sustain workforce competence,” said Ravi Gopinath, Chief Cloud Officer and Chief Product Officer, AVEVA. Today’s workforce is increasingly preferring to learn in an on-demand, self-paced manner versus a traditional classroom environment. This trend,

Ravi Gopinath, AVEVA

fueled by the challenges of the COVID-19 pandemic, is driving a shift in the training strategies of process manufacturing companies as more and more opt for a virtual environment. Ted Davis, President and CEO of OEG, added, “We are thrilled to partner with AVEVA to become part of the AVEVA Unified learning solution. This partnership will accelerate our fundamental mission, to bring life-like, immersive content to enhance learner engagement, enjoyment, retention and facilitate greater efficacy in adult learning to the process industries.”

JANUARY 2021

CXO INSIGHT ME

9


NEWS

LULU JOINS HANDS WITH EMPAY FOR CONTACTLESS PAYMENT

R

egional hypermarket and supermarket chain Lulu Group has become the first major retailers to sign up on Empay, the world’s first contactless lifestyle payment ecosystem with instant credit. Empay, designed and developed within the UAE’s Smart Government program framework, is a payment application for secure and cashless transactions. The agreement was signed at Department of Economic Development, Dubai between Ali Ibrahim, Chairman, Empay and Salim MA, Director of Lulu Group in the presence of H.E. Sami Al Qamzi, Director General of Department of Economic Development; James K Varghese, Director of Lulu Group International, Muna Al Qassab, CEO Empay and Gigi George Koshy, Deputy CEO and CPO of Empay. Lulu Customers can now use the payment platform for safe and contactless

Tap and Go payments while shopping at all of Lulu’s 250 plus stores worldwide. Apart from Tap and Go, users can also make various in-app payments like government payments, online food ordering, education payments, utility bill payments and so much more. In addition to this, Empay will provide instant credit facility to people who are in need of funds for making various payments without having to visit banks and complete long formalities and paperwork. The partnership will set the course for the new age shopping and payment. Empay will also have exciting offers and deals for Lulu shoppers in the days

AMAZON PAYMENT SERVICES LAUNCHES IN THE MIDDLE EAST AND NORTH AFRICA Amazon has announced the launch of Amazon Payment Services, a payment processing service in the Middle East and North Africa (MENA) region with a mission to empower businesses with simple, affordable, and trusted online payment experiences. The newly launched Amazon Payment Services provides secure online payment services that are easyto-use, leveraging Amazon scalable and reliable technologies. Established in 2013 as one of the first Fintech companies in the region, PAYFORT has gained a deep understanding of businesses’ needs across the region. In 2017, Amazon acquired PAYFORT as part of the Souq Group acquisition. Since then, the focus has been on integrating PAYFORT and Amazon offerings to provide businesses with a convenient and trusted service. 10

CXO INSIGHT ME

JANUARY 2021

With the launch of Amazon Payment Services, businesses that use the service will continue to have access to a range of payment services that enables them to accept online payments using both global and local payment methods, offer installments to the customers to make purchases affordable for their customers, and monitor payment performance round the clock. As of today, PAYFORT is Amazon Payment Services. Omar Soudodi, Managing Director, Amazon Payment Services, said, “This launch marks another key milestone in Amazon’s promise to build the future of digital payments in the region, empowering businesses to provide user-friendly payment experience for their end-users. We listened to businesses across a broad range of industries to continue improving our offering. Amazon Payment Services is a natural next step in our journey, focusing on four fundamental pillars of trust, convenience, selection and pricing, underpinned by a bestin-class experience focused on reliability,

to come. The UAE residents can freely download the super app from Google Play store or iOS App store, register in just two minutes and avail a Master Card powered Digital card within the app. Ali Ibrahim, Deputy Director General of Dubai Economy and Chairman of Empay, said, “It’s our honour to announce a compatible partnership of Empay with the biggest retail chain in the region – Lulu Group. Our multi-faceted, cashless and secure payment system to build a convenient and safe platform for reaching a larger diaspora of audience. We now bring Lulu to your fingertips”. Muna Al Qassab, Chief Executive Officer at Empay, said, “Empay prides in signing a great opportunity with the most prestigious retail chain in our region – Lulu, such that we are able to cater to a larger audience that enjoy buying groceries, purchasing products and much more with just a tap of the button. Lulu shopping is now simple, smart, fast and secure”.

scale and operational excellence.” The new service processes transactions for thousands of businesses across multiple industries, ranging from aviation to travel and tourism, retail, insurance, real estate, government, and more. With such a diverse customer base, it has built strong expertise that supports businesses at every scale, from small and medium enterprises (SMEs) looking to establish their online presence to large-scale enterprises requiring a dependable payment service to handle high volumes of transactions safely. Amazon Payment Services also has a wide range of partners, including leading banks such as RAKBANK, First Abu Dhabi Bank (FAB), Mashreq, The Saudi British Bank (SABB), Al Rajhi Bank, Riyad Bank and National Commercial Bank (NCB). Partners also include local card schemes such as MADA, and Meeza, and international card schemes such as Visa, and MasterCard. New businesses using Amazon Payment Services, will be able to easily accept online payments by choosing from selection of services that fit their customer needs and access rich content to help them with their digital transformation.


ARTIFICIAL INTELLIGENCE HELPS AFRICAN FARMERS FIGHT LOCUSTS

A

free tool that will help farmers and pastoralists across Africa to predict and control locust behaviour has been launched. Kuzi—the Swahili name for the wattled starling, a bird renowned for eating locusts—is an AI-powered tool that generates a real-time heatmap of locusts across Africa, shows all potential migration routes, and gives a real-time locust breeding index. Using satellite data, soil sensor data, ground meteorological observation, and machine learning, Kuzi can predict the breeding, occurrence and migration routes of desert locusts across the horn of African

and Eastern African countries, and uses deep learning to identify the formation of locust swarms. Kuzi then sends farmers and pastoralists free SMS alerts 2-3 months in advance of when locusts are highly likely to attack farms and livestock in their areas. Without preventative measures, a swarm of 80 million locusts can consume food equivalent to that eaten by 35,000 people a day, devastating food stocks for vulnerable communities. Putting in place early detection and control measures, which are critical in desert locust management, will offer farmers and pastoralists a vital tool in the fight against world hunger and food insecurity. Alerts are currently available for Ethiopia, Somalia, Kenya, and Uganda, in

the regional languages of Kiswahili, Somali and Amharic, spoken by over 200 million people across Eastern Africa. “The first international anti-locust conference was held in Rome in 1931 and yet Africa continues to experience locust invasions almost 100 years later, with the worst locust invasion in 70 years occurring in 2020, threatening food supplies for millions of people across Eastern Africa. There has to be a better way to do this, one that has the local communities being central in the fight against locusts,” said John Oroko, CEO of Kuzi’s creator, Selina Wamucii. “A new wave of locust upsurge now threatens millions across Eastern and Southern Africa, exacerbating food insecurity for already vulnerable communities, amidst the challenges of the COVID-19 pandemic. We have a responsibility to develop and deploy locally bred solutions that address these challenges faced by our vulnerable rural communities,” added Oroko.

SAUDI ARABIA TO ESTABLISH A DIGITAL HUB FOR THE MENA REGION stc Group said that it intends to establish a premier digital hub for the MENA region, in cooperation with regional and international partners. This is expected to create an ecosystem of advanced technology services that will establish Saudi Arabia as a leading business hub in the region, and meet the expected future growth in services and investments in the ICT sector. This will be achieved by taking advantage of the Kingdom’s strategic location at the intersection of three continents’, and promoting investment in international connectivity services and data centers to leverage the Group’s various assets, services, and advanced technologies. A number of next generation multi-terabit cables are currently in the planning stages to meet the very high cloud and content demands predicted in the future, and the first of those to come to the region will land with stc. Existing assets, which stc will bring to this initiative, include its extensive international

submarine cable network, which already offers the highest connectivity to the world for the region. This is achieved through stc’s investment in a state of the art optical mesh, which ensures continuous service availability in the event of any cable outages by offering low latency to Europe from the Red Sea, and from the Gulf, and by leveraging the terrestrial cross border network. stc’s optical terrestrial network connects to all neighbouring countries, allowing it to offer faster connectivity to customers in many countries than they can achieve through the submarine cables. The Group’s future investments are expected to strengthen Saudi Arabia’s position as the natural home for the region’s digital services. The Kingdom has an enviable combination of infrastructure assets today, making it the first among G20 countries in terms of digital competitiveness during the past 30 years, according to a report by the European Center for Digital Competitiveness, which is based on the report of the World

Economic Forum, in line with Vision 2030 which is the country’s roadmap to becoming a hub connecting the three continents for multiple sectors. This world class digital ecosystem could achieve this goal and turn this vision into reality. stc Group is a primary investor partner of the 2Africa submarine cable project, which will deliver very high-capacity interconnectivity between the three continents. The Group will land this submarine cable in the Red Sea, and will extend it into the Gulf, linking multiple countries. It will also will facilitate multiterabit connection to the North West region of Saudi Arabia, in support of the Kingdom’s ambitious plans for Neom project, and onwards to Jordan.

JANUARY 2021

CXO INSIGHT ME

11


VIEWPOINT

IN THE NIC OF TIME BART SALAETS, SENIOR DIRECTOR OF SOLUTIONS ENGINEERING AT F5, ON THE IMPORTANCE OF NETWORK INTERFACE CARD (NIC).

I

f you removed the case of your desktop computer back in the 1990s, one of the first things you’d see is a network interface card (NIC)—the component used for plugging your machine into an Ethernet cable. Unlikely as it may sound, the humble NIC is now set to help the telecoms industry, and its customers, combat a huge global surge in distributed denial of service (DDoS) attacks. Among other things. Modern day NICs do much more than direct traffic. Now known as SmartNICs, this specialist hardware can help solve one of telcos’ biggest challenges: moving to a virtualised architecture that relies on industry 12

CXO INSIGHT ME

JANUARY 2021

standard servers controlled by CPUs (central processing units). Designed to support network functions in the cloud, these virtual machines are often ill-equipped to cope with major DDoS attacks where large numbers of devices request network resources at the same time. The CPUs would be quickly overwhelmed. Right now, these CPUs need more protection than ever. According to recent F5 Labs analysis of Security Incident Report (SIRT) data, DDoS attacks accounted for just a tenth of all reported customer incidents in January. By March, they had grown to three times that of all incidents. What’s more, 4.2% of DDoS attacks reported to the F5 SIRT last year were identified

as targeting web apps. This increased six-fold in 2020 to 26%. There are numerous other studies echoing these trends, and it is no mystery why it is happening. Remote working and people spending more time online has significantly heightened both risk levels and available attack surfaces. One way to protect yourself is to put a dedicated piece of kit, specifically designed to detect and mitigate DDoS attacks, in front of the virtual network. While that is still a viable option, it does reduce some of the cost advantages of going for a full virtual network. The dedicated appliances would also take up valuable space in the compact edge computing centres now being rolled out by telcos to reduce network latency.


Hardware Lends a Hand At F5, we realised that porting volumetric DDoS mitigation capabilities to a SmartNIC equipped with specialised processors—a.k.a. field programmable gate arrays (FPGA)— can make a big difference in a more virtualised and cloud-centric world. Crucially, the specialised processors are able to handle much of the heavy lifting and filter the incoming traffic much faster than a traditional software implementation running on CPUs. It was an insight that prompted us to become the first software company to create an application specially for Intel’s FPGA programmable acceleration card (N3000 SmartNIC). It has been validated and tested by some of the world’s leading service providers. To bring our vision to life, we programmed the Intel SmartNIC FPGAs the same way we program FPGAs in our own hardware to support the BIG-IP Advanced Firewall Manager (AFM) Virtual Edition solution, which is designed to efficiently block incoming DDoS attacks in cloud environments using hardware acceleration. By using the SmartNIC to handle network threat intelligence, packetbased analysis, allowlisting, and other DDoS mitigation measures, the solution keeps the CPU cycles free for other functions. This enables the network to keep running as normal. Better still, SmartNICs are extremely fast. The inspection and removal of malicious packets within the SmartNIC occurs at line rate, meaning that both latency and the user experience are unaffected. Indeed, moving specific functions to a SmartNIC, such as DDoS countermeasures, can boost performance and lower latency in both the core and at the network edge. This isn’t about achieving incremental gains either, and the benefits of harnessing SmartNICs are potentially huge. For example, the F5 BIG-IP VE solution can handle DDoS attacks up to 300x larger than software-only implementations, all while reducing

At the same time, an FPGA can be re-programmed to suit, giving telcos greater architectural flexibility and agility, while also allowing standard servers to focus solely on the core job of handling cloud-native network functions.

MODERN DAY NICS DO MUCH MORE THAN DIRECT TRAFFIC. NOW KNOWN AS SMARTNICS, THIS SPECIALIST HARDWARE CAN HELP SOLVE ONE OF TELCOS’ BIGGEST CHALLENGES: MOVING TO A VIRTUALISED ARCHITECTURE THAT RELIES ON INDUSTRY STANDARD SERVERS CONTROLLED BY CPUS (CENTRAL PROCESSING UNITS). the total cost of ownership by approximately 47%. By keeping a carrier-grade network secure and readily available, a SmartNICbased solution means that operators can meet demanding service level agreements and deliver ultra-low latency connections without resorting to costly, high-performance custom hardware.

Defending with an Edge With the telecoms industry rapidly adapting to increasingly complex business and consumer demands, Intel’s SmartNIC appears to have arrived in the nick of time. In a traditional telco network, there may have been a few large data centres with everything centralised. You could deploy a couple of large boxes in front of these to protect them from DDoS attacks. That was then. Nowadays, physical purpose-built appliances are becoming obsolete as the computing becomes more widely distributed around the network. This includes telcos deploying data centres at the edge of their infrastructure to make demanding apps and services, such as online gaming and virtual reality, respond better. SmartNICs will play a particularly important role as edge computing becomes more widespread, serving as one of the main lines of defence in a distributed network. And, at F5, we’re already talking to several major operators about migrating their DDoS mitigation systems from dedicated hardware over to the technology. The future certainly looks bright for SmartNICs, which clearly offer an innovative and cost-efficient way to bolster the security and performance of a cloud-native network. F5’s groundbreaking DDoS implementation is strong evidence of this, and many other use cases are likely to follow. There’s plenty of life in those trusty old network interface cards yet! In fact, thanks to their new and smarter incarnations, their best (and most productive) days are yet to come. Watch this space.

JANUARY 2021

CXO INSIGHT ME

13


CASE STUDY

THE PROMISE OF DIGITAL SHUMON ZAMAN, CHIEF INFORMATION AND DIGITAL OFFICER, ALI & SONS HOLDING, ELABORATES ON THE COMPANY’S VISION TO BECOME A CLOUD-NATIVE, AGILE, FULLY AUTOMATED AND DIGITALLY EMPOWERED ENTERPRISE IN THE NEXT THREE YEARS.

F

ounded in 1979 under the direction of H.E. Ali Bin Khalfan Al Mutawa Al Dhaheri, Ali & Sons was established to serve the oil and gas and power and water sectors. It began its operations in contracting and interiors in 1980 – and from there the business only expanded and flourished to include a number of other sectors as well as its own brands and concepts. Today, the 41-year-old company has grown into a successful conglomerate that has a strong standing in areas such as automotive, construction, oil & gas, real estate, investments and retail. While the group has gone from strength to strength in its operations, the technology supporting the company’s ambitions and future plans now needs to undergo a major overhaul. Industry veteran Shumon Zaman joined the company recently as its Chief Information and Digital Officer, to lead the digital and technology transformation for Ali & Sons. “Digital disruption is taking place across many industries and the board felt it was the right time for us to go through the transformation to ensure we become more agile and develop new digital business models. This will allow us to expand our operations and grow our products and services portfolio,” says Zaman. Ali & Sons was looking to leverage its experience of operating in many

14

CXO INSIGHT ME

JANUARY 2021

different industries when it comes to developing digital ventures. “Our immediate priorities include moving everything to the cloud, building our ERP infrastructure and above it all, working on the complete digital transformation layer,” explains Zaman. As the person leading this mandate, Zaman along with his team have developed the strategy and will soon commence the execution phase of this multi-year program. The team identified a crucial first step in the transformation journey, which is ensuring that the business processes across the whole group are welloptimized and are as agile as possible. “In this regard, we’re going to run the Lean Six Sigma methodology to improve performance of all processes by systematically removing waste. This will result in the most optimized processes, which we will then automate using the latest cloud-based ERP. We then aim to add more best of breed business applications for various different types of industries that we’re in. Additionally, we will add layers for analytics and AI,” he says. According to Zaman, this will help the conglomerate to gain new insights from the data collected and help in enhancing focused decision-making. It will also allow the company to develop new products and services along with new digital business models. “In terms of technologies, we’re at the moment looking at the top tier one ERP

vendors and cloud ERP solutions. We’re also working with Microsoft, Microsoft Azure and M365 along with different applications vendors,” he adds. Zaman point out the primary challenge in achieving this goal is defining digital transformation and getting everyone to understand what it really means. “Many people understand digital in different ways. For me, it’s all about creating different business models, new ways of generating revenue, using digital tools such as AI, machine learning, big data, cloud and so on. “However, people tend to think a simple automation of a process counts as digital. But that’s only the very initial stage. Currently, we are working on getting everyone aligned as to where we want to go, how we want to get there and the driving reason for us to achieve digital transformation. This is very important,” he says. The motivating factor for Ali & Sons to go digital is business continuity, he adds. “We want to be one of the leading family-led conglomerates in the region. We want to achieve double digit growth and disrupt areas that are being transformed so that we are not left behind. It’s all about safeguarding what we do, but also prolonging the life of our business because we need to keep up with what’s happening globally.” Upon the completion of its digital transformation, apart from being an agile organisation, one of the biggest advantages that Ali & Sons will enjoy


is having insights from data at its fingertips. “We are excited to embark on this journey as once we complete it, the potential is infinite. We can create new insights using digital tools such as AI and machine learning. We will be in a better position to understand the trends across the different industries that we operate in and look at ways how we can take advantage of what the data is telling us. This is key to our business continuity in the long-term,” says Zaman. The past year has further cemented the company’s decision to begin its digital transformation. “It has made the board realize that unless it’s an agile organisation, it is very difficult to make decisions and take advantage of opportunities that might arise during a crisis like the ongoing pandemic. In order to do this, we need to nurture a digital mindset within the organisation and invest in advanced technologies. Today there is a sense of urgency to become a digital enterprise. Those with digital capabilities were able to make the transitions quickly during the pandemic.” Zaman expects it to take three to five years for the organisation to grow by double digits. For this to happen, the company will have to create several different digital enterprises, become digitally-enabled and more mature in its digital usage. “One of the key aspects of my vision is making sure that every employee, no matter where they are and what device they have, should be able to access decision making information powered by AI and do their jobs from wherever they are. Everything should be accessible from the palm of their hands. This is the vision that we want to execute very quickly and this will also give us the agility that we need. “As an established and well respected business, we want to attract and retain

the best talent to come and work with us. In order for that to happen, we need to give them the best tools.” Zaman explains that attracting the younger generation, especially Emirati nationals, to its workforce is key to the long-term growth and success of the organisation. “Developing a digital environment will allow that to happen and attract the right kind of talent,” he concludes.

JANUARY 2021

CXO INSIGHT ME

15


OUTLOOK

VMware

ensuring their systems and services are fully secure. We help organisations to achieve this by helping them on their digital transformation journey. We enable our customers to build, run, manage, connect and protect all of their apps on any cloud, which allows them to respond rapidly to market opportunities, challenges and their customers’ needs. Moreover, by helping organisations embrace cloud solutions, we provide them with the flexibility they need to scale up or down, without the costs associated with physical network infrastructure. Our solutions also allow organisations to manage their distributed workforces efficiently and securely, just as if their employees were all in a physical office. These solutions are all vital to business continuity and growth, especially at the current time with the uncertainly and volatility caused by COVID-19.

Are you seeing any significant shift in the technology investment priorities of your customers?

AHMED AUDA

Managing Director, Middle East, Turkey and North Africa

What are the top tech trends we need to watch for in 2021 and beyond? Digital transformation will be high on the agenda for organisations in the Middle East in 2021, and this is in large part driven by the commitment of governments in the GCC to introduce smart government and smart city initiatives. Private enterprises also recognise the need to transform and they understand that modern applications are the fuel for digital transformation. As such, they need to be built, run, managed, secured and connected in the right way, allowing them to add immense value to all industries and verticals, from retail, to energy, healthcare and education. Digital transformation is being powered by the growth and development of technologies including cloud, 5G, AI and data analytics, which will each experience rapid growth in 2021. In combination, these technologies provide phenomenal potential for organisations across all sectors to transform and have a positive impact on society: from the automation of transport, to advances in healthcare and medicine, and improvements in agriculture. New ways of analysing and using data, combined with seamless communication will transform all aspects of society and we will see continued moves in this direction in 2021 and beyond.

How do you help your clients to accelerate business growth? Organisations need flexibility more than ever: They want the flexibility to launch new products and services, expand in new markets, and boost the efficiency of their operations, all while 16

CXO INSIGHT ME

JANUARY 2021

In 2020 we saw a rise in demand for remote working and cloud solutions. Organisations in the region are aware that while life will start returning to normal in 2021, it will not be quite the same as before the pandemic. We expect to see many organisations adopt a more flexible approach to managing their workforces, allowing teams to work remotely some of time, if not permanently. Organisations are embracing the cloud more than ever and this is partly due to volatility caused by the pandemic. Companies don’t want to buy expensive IT infrastructure, especially when it’s difficult to accurately forecast demand. Cloud solutions were already on a growth curve, and the trend strengthened in 2020. We expect to see continued strong growth in 2021.

Is intrinsic security the key to future of work? In 2020 the world saw a rise in cybercrime targeting both public and private organisations. VMware Carbon Black’s recent Global Incident Response Threat Report revealed that 53% of Incident Response managers had encountered or observed a surge in cyberattacks exploiting COVID-19, specifically pointing to remote access inefficiencies (52%), VPN vulnerabilities (45%) and staff shortages (36%) as the most daunting endpoint security challenges. In this scenario it is imperative that organisations ensure they have the highest levels of cybersecurity in place, in terms of both IT systems and software, and education and awareness among employees. At VMware, we have developed the concept of Intrinsic Security – a strategy for leveraging your infrastructure and control points in new ways—in real time—across any app, cloud, or device so that you can shift from a reactive security posture to a position of strength. Our commitment to Intrinsic Security also means that all our solutions are designed with security in mind from the beginning, rather than being an afterthought. Intrinsic Security is vital to the future of work. Whether your workforce is at the office, at home, or a combination of both, cyber attacks are on the rise and Intrinsic Security is an important way of mitigating the risk.


R&M

How are you helping your customers to adapt to the post-pandemic normal? We recognise that despite the challenges that have resulted because of the pandemic, we are obligated to ensuring our partners and customers continue to receive the highest quality of training. Of course, this has called for a paradigm shift in the way we deliver trainings. Traditionally, our Qualified Partner Program (QPP) trainings have been class-room style with emphasis on hands-on practice. Recognising that such sessions would not be possible during lockdown, we conducted in-depth analysis of virtual tools and invited select partners to help us create and finetune an effective online live training program.

How are your adapting your product portfolio to meet the new market demands?

NABIL KHALIL

Executive Vice President of Middle East, Turkey and Africa

What are the top technology trends to watch in 2021? The consumer telecoms market is relatively resilient even during the COVID-19 pandemic. Consumer services, which account for most of the telecoms providers’ revenue, tend to be more resilient during economic downturns. The restrictions of movement in place in many countries and the emphasis on home working and entertainment means that fixed broadband services will continue to perform relatively well. This will continue to make many regional operators expand their capacities and connected households. So, we see Telecom Market should stay healthier than almost any industry in this crisis. 5G is another major trend in this sector. Once rolled out, 5G should be able to link 100 billion devices. Connecting 5G base stations using radio links will no longer suffice - antennas must be integrated into fiber networks and connected to edge data centers. The required small cells, 5G macro cells and antennas require considerable bandwidth and low latency. Without ubiquitous fiber, introducing 5G would make little sense. Service providers are combining FTTx and 5G rollouts to benefit from a common infrastructure that supports both platforms. In fact, according to studies by the FTTH Council Europe, investing in fiber means operators can get 5G practically ‘for free’. Wider availability of fiber and 5G will bring demand for a wide range of new products and private, business and industrial applications, such as hidden or camouflaged antennas, PoE-equipped devices and solutions for bridging short distances. Low-latency connectivity will support everything from self-driving cars to remote healthcare services, machine communication, smart city services and extended mobile communication including UHD, AR, smart home, and highspeed internet.

In the coming year, the solutions that R&M will be focusing on include: R&MhealthLine: Our antibacterial R&MhealthLine range is especially relevant for the post-COVID world as it lets hospitals and other facilities reduce the risk of cross-contamination between patients and visitors while simultaneously extending IT risk management to include the area of hygiene. These products represent a complete and consistent solution for the whole network infrastructure that can be touched by the user in patient rooms and comparable, highly frequented areas of use. Moreover, our implementation partners require no special training for the installation of these solutions as the R&MhealthLine range offers the same installation and userfriendliness as standard products and fits into the R&Mfreenet range. Polaris: The Polaris family of FO terminal boxes comprises five models. The fiber optic terminal boxes help network operators to connect and manage the growing number of FO cables in the tightest of spaces. The smallest variant can accommodate up to four adapters for FTTH subscribers, the largest up to 36 adapters or 288 splice connections. ODF Prime: At maximum capacity, 5,376 optical fibers can be connected in an ODF with the R&M PRIME modules, setting new density standards for the Fiber-to-the-Home (FTTH) market. Above-ground street cabinets and basements, main distributor frames, central offices and POP sites are some of the most important locations for the PRIME ODF racks. Here they can form the nodes of local broadband networks such as city rings and feeder networks. The platform is also suitable for fiber optic distribution in data centres, and the backhaul networks of mobile communication providers. Netscale: R&M Netscale solutions combine unmatched fiber cable management with automated connectivity tracking and an innovative tray design to deliver the world’s highest port density for 10/40/100G Ethernet. Most existing high-density fiber solutions for data centers offer up to 72 LC duplex ports per rack unit and pose great difficulties for management. Thanks to R&MinteliPhy technology, Netscale delivers a density of up to 80 RFID-monitored LC duplex or MPO ports, and even 120 standard LC duplex or MPO ports per rack unit.

JANUARY 2021

CXO INSIGHT ME

17


OUTLOOK

SentinelOne

positivity will determine factors for success. New leadership styles must emerge to communicate, collaborate, and operate in the increasingly complex environment of this virtual era. For technology leaders, this is the best opportunity to move away from outdated schemes and adopt bolder and more effective AI-based solutions.

How are you helping your customers adapt to the new normal? 2020 was a busy year for the cybersecurity industry; with employees distributed between home and the office, the rising rate of cyberattacks, and the lack of proper infrastructure to protect sensitive data remotely and offline. With such severe challenges, we had to innovate in order to meet our customers’ needs. In the past couple of months, technology and cybersecurity designed for remote work have become a top priority. From endpoint device to server and cloud workload, cybersecurity platforms are now being built for a new world where physical locations are irrelevant. The past couple of months were deemed as a learning experience for most people; we took a pause, examined the novel needs of our market and customers, and made sure to offer the needed solutions during these unprecedented times.

Can you share some business highlights from this year and customer successes?

TAMER ODEH

Regional Director, Middle East

What will be the top trends that will transform the Middle East tech landscape in 2021? We expect that 2021 will see greater adoption of automation in cybersecurity and response. The frequency and effectiveness of attacks have rapidly gone up during the course of 2020, and the inadequacy of depending solely on human intervention is now more apparent than ever before. Such an evolution of cyberattacks requires us to also take lead, innovate, and come up with machine-speed solutions and other means for protection. The next-generation antivirus and endpoint detection & response (EDR) capabilities in SentinelOne are extremely powerful tools for cybersecurity defense, allowing analysts to find a needle in a haystack and then take immediate action – with minimal effort. As human resilience takes on a new meaning in the coming year, as staying connected and cultivating an attitude of 18

CXO INSIGHT ME

JANUARY 2021

On the onset of the COVID-19 virus, businesses worldwide took a deep breath as they waited to see the effect of the global pandemic on the normality of life. We were all able to see the macroeconomic impact; economies worldwide were severely hit by the challenges that came with the occurrence of the pandemic. With the enforcement of lockdowns, there were several challenges in certain sectors globally – the hospitality sector being the most prominent. However, given those challenges, we were able to sign customers in even the worst-impacted domains. We provided solutions for businesses in travel agencies and hotels, and we are proud to have been able to offer effective solutions to businesses who were severely hit during these unfortunate times. Moreover, when the work-from-home phenomena saw great attraction during the first half of the year, SentinelOne’s solutions were deemed to be effective for users worldwide and in the Middle East in particular. Throughout the year, were able to pivot our target markets depending on global restrictions, and naturally, we turned towards digital conferences and roundtables with CIO’s in Africa and the GCC. We were constantly busy as we did not want to stand idle in such challenging times, and we took this opportunity to learn about different markets and keep up the momentum of the previous year. As tough as this year has been on a global scale, we are happy to have been able to offer support and effective solutions to our partners and customers worldwide.


ManageEngine

will need tools to manage all of the rapid transformation and stay on top of their game. As their supplier, we at ManageEngine are excited to be building the tools they need. We are investing heavily in bringing AI and ML capabilities to our tools, and we envision a fully integrated suite that will help our customers manage their users, endpoints, and infrastructure components holistically, from both operations and security perspectives. The IT industry has been particularly resilient over the past year, and we expect that to continue throughout 2021. As more users, companies, and regulators become concerned with user data privacy practices, we will see increased regulation on that front. Due to COVID-19 and the rise in remote work, endpoint protection and security tools with data analytics will remain especially important.

How are you helping your customers adapt to the new normal?

RAJESH GANESAN Vice President

What will be the top trends that will transform the Middle East tech landscape in 2021? The year 2020 was challenging for organisations around the world. However, with the lessons and experiences from the past year, we hope 2021 is full of possibilities and new opportunities. We’re especially optimistic about the technology industry, which is going to lead major transformations as organisations reinvent and execute new business models and new players arrive with fresh ideas. In 2021, 5G networks, IoT, and smart devices will disrupt how every industry operates. Technology will be a key underpinning for businesses regardless of their size and location. Also, that underpinning means the teams responsible for running the technology infrastructure will literally progress to the front line, leading their business to achieve higher objectives such as delivering on user experience and business outcomes as opposed to just maintaining systems. And they

Remote working is not entirely new and has been prevalent at least over the last decade. It let people get their normal work done regardless of their location. That said, mission critical work was still done at the office premises. In 2020, the pandemic forced everyone out of the office premises for extended periods, which brings with it new data security risks, especially the risks of unintentional and malicious data exfiltration. Our solutions that harden IT security like Desktop Central and Password Manager Pro help manage and secure endpoints and passwords, respectively. With sophisticated phishing attacks on the rise, it is important that organisations monitor users who log on from multiple locations simultaneously or who access multiple resources in a short period of time. Therefore, our new-gen SIEM solutions like Log360, which includes user and entity behavior analytics (UEBA) capabilities, and our privileged access management solution, PAM360, are very useful for enterprises. We also exclusively launched a couple of products in the first quarter of 2020 to help enable secure remote access for all employees. Remote Access Plus enables employees to initiate remote connections to Windows, Linux, or Mac computers regardless of the user’s or device’s location. It also allows technicians to remote access into users’ computers at home for troubleshooting assistance. Access Manager Plus lets administrators launch RDP, VNC, and SSH connections to critical infrastructure components without the need for VPN or any special software in employee devices. Both products come with complete session monitoring, shadowing, and recording capabilities to augment the remote access convenience with high levels of security and compliance. We also understand the growing need for businesses to adopt technology into every department, and we are here to help them manage their IT from the cloud with our IT management and security solutions hosted on the Zoho platform.

JANUARY 2021

CXO INSIGHT ME

19


OUTLOOK

CommScope

limitations. The IEEE 802.3db task force targets 100, 200 and 400Gbps speeds for short reach server connections which will aid in the development of lower cost VCSEL based optics.

Can you share some business highlights from this year and customer successes?

EHAB KANARY

Vice President of Enterprise Infrastructure for MEA

What will be the top trends that will transform the Middle East tech landscape in 2021? Covid-19 changed business priorities, and with them the role of networks in buildings and campuses. In 2021, we see companies embracing remote networking as some offered employees the opportunity to work remote permanently while other companies adjusted their offices to accommodate social distancing, meaning less employees back in the office. The network that connects those remote workers with their companies has become more important than ever. With a focus on employee and customer health and safety, building owners will continue to roll out secure VPN connections and manage their networks differently. In addition to fewer people and more important networks, 2021 will see the accelerated deployment of new and evolving technologies in the data center. For example, in the absence of “business as usual,” enterprises and small businesses are moving to the cloud, and this trend will only accelerate in 2021 no matter what happens with the COVID-19 pandemic. Companies that were eyeing an eventual migration are now quickly moving to adopt a cloud-based paradigm for their businesses. Indeed, many companies that told workers to stay home have adopted remote working policies that rely on cloudbased applications, while retailers follow the lead of industry giants like Amazon and Alibaba in shifting sales tools to the cloud. In fact, these online retailers see triple-digit profit growth thanks to the pandemic. Data centre capacity must continue to grow, however, there must also be a continuous improvement in DC efficiency. This is precisely why fibre networks are shifting the bandwidth of network optics up – creating a need for more efficient network switching elements and driving the use of “fibre to the server” as previous generations of copper cabling reach speed and distance 20

CXO INSIGHT ME

JANUARY 2021

One of CommScope’s key business highlights includes providing the necessary infrastructure to enhance connectivity in buildings and campuses. In the region, we helped Al Qasimia University, Sharjah, build new high-performance physical infrastructure to support their digital needs and serve high-density and high-capacity needs. The University recognised that its infrastructure couldn’t keep up with the rising demand and Wi-Fi needs of its 1,200 students, across a 1.4 sq km campus with new academic and residential buildings. Along with the University’s IT team, we deployed 1,000 indoor and outdoor wireless access points (APs) all over the campus, updated over 800 km of cabling infrastructure with SYSTIMAX GigaSPEED X10D cabling and 10,000 Category 6A outlets. The modern infrastructure allows Al Qasimia University to support new applications and increased demand. The technologies built into the APs ensured enhanced performance at the University’s busiest locations, to handle hundreds of concurrent users and their multiple devices.

How are you helping your customers adapt to the new normal? The COVID-19 crisis has affected individuals, businesses and communities in a way we’ve never seen before. Government-imposed lockdowns have resulted in demands on businesses changing, with the physical moving to digital seemingly overnight. Weeks became months, and what started with business continuity is now seeing organisations shift their focus towards what’s next. Delivering operational efficiency and improving the digital customer experience, must play centre stage for businesses if they are going to survive – as well as thrive – as we move throughout the pandemic the businesses that can adapt most effectively will fare best. IDC estimates there will be 41.4 billion connected IoT devices, or “things,” generating 73.1 zettabytes (ZB) of data in 2025 – and deploying such technology will alter the demands placed on the network. Different network architectures will be required in buildings, for example, in order to meet this new requirement. Deploying thousands of connected ‘things’ that consume data requires strong and reliable connectivity, of course, but consideration must also be given as to how to power those devices. Many connected devices – such as radios, security cameras and sensors – also house high bandwidth applications. These enable an organisation to consume data quickly and deliver it to cloud applications for processing and analytics – but they also often need power. Many devices won’t work with traditional Power over Ethernet (PoE) cabling, so IT and operations must look towards industry leading solutions, such as single pair Ethernet, which combine power and connectivity to simplify installation and management processes. As we look forward to 2021, we see the opportunity to leverage the network to improve organisations, driving business outcomes such as increasing efficiency, cutting costs, improving health and safety, and the customer and employee experience.


Checkmarx

the value of automated application security testing (AST) and how industry-leading solutions can help developers achieve both speed and security with their software development efforts. Traditional approaches like pen testing and one-stop shop solutions are no longer enough for securing today’s complex software. Platforms that insert automated security testing throughout all stages of the SDLC are critical.

What are the cybersecurity trends that will shape the coming year? For the Middle East specifically?

SHABIR BHAT

Regional Sales Director – Middle East

Can you elaborate on two milestones from Checkmarx over the past 12 months? First and foremost, Checkmarx achieved unicorn status in 2020 when we made a deal with U.S. private equity firm Hellman & Friedman to be acquired for $1.15B. This was a pivotal moment in the industry, as it was the largest acquisition of an AppSec company to-date. Not only does this signify just how essential application security has become, but it also recognises our unique approach to AST, our business model, and overall trajectory. This partnership will further propel us forward and strengthen our ability to grow and innovate. Second was the launch of our new, next-gen software composition analysis solution, CxSCA. With this, security and development teams are empowered to easily identify, prioritise, and remediate vulnerabilities within open source software. The true value of CxSCA is realised when combined with our SAST solution, CxSAST, allowing developers to secure both custom and open source code via one unified platform.

How is Checkmarx enabling businesses to stay secure and identify vulnerabilities efficiently? Developers are under immense pressure to develop and deliver software as quickly as possible in order to keep their organisations competitive and relevant. This has only been further exacerbated in the past year, as the global pandemic has put digital transformation on steroids, so to speak. However, this heightened focus on speed often causes security to fall by the wayside. By not embedding security into software development from the start, organisations are ironically setting themselves up for slowdowns or, worse, security incidents down the line. We’ve placed a big emphasis on educating the market about

There are a few things in particular I’m expecting: Shift to the cloud: Many of our customers and prospects are interested in building and deploying applications in the cloud and the tools that enable them to do this in a secure manner. This is unsurprising given the digital-shift that occurred throughout 2020 and will be a continuing trend. Securing open source: We discussed earlier the importance of software development speed. Utilising open source packages is essential for this. But, open source is also an easy target for hackers, and securing these components must be prioritised. SCA solutions are highly-valuable in this regard. Prioritising API security: APIs are still a relatively new territory for many security teams. Our customers are eager to learn more about the security pros and cons of these endpoints. APIs, containers, microservices, etc. are all common in modern software, and understanding the intricacies of these components is essential.

What is Checkmarx’s business objective for 2021? The same as always - we’re focused on enabling all organisations and developers to build and deploy more secure software so that they can expand, innovate, and flourish. We’ve had an immensely successful 2020, and we’ll look to continue this momentum into the New Year.

What can the regional market expect from Checkmarx in the New Year? As we continue to expand our global presence, we’ll have more ‘onthe-ground’ resources in the Middle East to support our customers’ and prospects’ needs. As part of this, we’re also increasing our regional partner ecosystem to extend our reach, providing each of these teams with comprehensive training, PRM, and more. Spreading education to our customers and prospects about changes in software development and security testing - whether on-prem, in the cloud, or a mix of both - will also continue to be a priority. While we’re clearly dedicated to providing the industry’s best solution for comprehensive AST, we also pride ourselves on being informative, and trusted, resources for the broader DevOps, developer, and AppSec communities.

How are you helping your customers adapt to the new normal? At the end of the day, going down a path of digital transformation shouldn’t be done alone, especially with security being mission-critical. We constantly strive to be the best possible partners for our customers as they navigate the rapid evolution of software development and the diverse security challenges that crop up along the way.

JANUARY 2021

CXO INSIGHT ME

21


OUTLOOK

AppDynamics

IT trends I predict will be most critical to the technologists looking to grab hold of this opportunity:

Observability will take centre stage As more organisations have shifted to accommodate our new digital lives, observability connected to business outcomes is now a necessity. The past year has been incredibly transformational for teams across industries. 2021 will be the year of observability as companies continue to develop more complex IT systems and expand their technology infrastructures. Using observability solutions will enable developers to cut through the noise and focus on the performance issues that have the biggest impact on the business.

User experience will determine business decisions

TY AMELL

CTO, AppDynamics 2020 was a year that will go down in history as one of the most challenging, tragic and complex years of our lives. And yet, amid all of the loss and hardship of this year, it has also shown how resilient and strong human beings can be when we work together toward a common goal. In the technology industry, we watched IT leaders become the overnight superheroes of their organisations. They enabled entire workforces to shift to working remotely, supporting the IT needs and their entire businesses to be set up and supported while working from home. They accelerated digital transformation projects, delivering in weeks what would normally have taken months, empowering their organisations to deliver flawless customer experiences as businesses shifted to a digital-first approach. From supporting hospital management to COVID-19 contact tracing applications and contactless grocery orders — IT teams played an essential role in all aspects of our lives throughout the course of this unprecedented year. Technologists have never been more critical to the success of the businesses they support, and I see 2021 as being the year they have the biggest opportunity to elevate their careers and truly change the perception of the IT industry and its impact on meaningful business outcomes. It will be paramount that IT teams are granted the tools, technologies and support needed to deliver on this opportunity. Research we conducted in May found that 97 percent of UAE technologists believe that having visibility and insight into the performance of the technology stack and its impact on customers and the business is the most important factor right now. It’s that opportunity for technologists that has me excited about 2021 and all of the meaningful change these teams can bring to every industry around the world. As we look to the new year, here are the top 22

CXO INSIGHT ME

JANUARY 2021

Part of the reason it is important to keep technology solutions operating at their highest level is to maintain a consistent digital user experience. In 2021, user experience will matter more than ever before as workers and consumers become more accustomed to digital solutions across their day-to-day lives and their expectations for flawless engagement increase significantly. To successfully navigate this need for a seamless digital user experience, organisations will need to view maintaining their applications and technology stack as not just one-off projects, but as business-critical solutions that serve as the backbone to providing the ideal experience for end users. Another element of this renewed emphasis on user experience in 2021 will include an elevated focus on observability not just at the application level, but beyond. For businesses that want to thrive in 2021, incorporating network visibility into existing monitoring efforts can ensure that nothing impedes the user experience, whether it’s an anomaly in an application or an issue that stems from the Internet. This enables end-users to have the best possible experience as IT teams are able to spot and address issues efficiently.

Technology will bring even bigger impact to business outcomes This year has put a spotlight on IT teams and demonstrated just how important technologists are to the success of any organisation. In particular, the Agents of Transformation, those elite technologists driving successful digital transformation within a company. The AppDynamics Agents of Transformation Report 2020: COVID-19 Special Edition showed 85 percent of UAE technologists said the rapid response of their IT team to the pandemic positively changed the perception of IT within their organisation and 86 percent said digital transformation projects that would have taken years for sign off were now being approved in a matter of weeks. 2021 will be the year that positive perception will kick into overdrive and technologists will have the opportunity to impact business critical outcomes more than ever before. The emphasis that the COVID-19 pandemic has had on the need for flawless digital experiences will have lasting impacts in 2021. Organisations are already seeing the benefits of enabling their IT teams to take calculated risks and drive a faster, more innovative approach and will continue to invest in those teams and solutions in the new year.


Thales

under the California Consumer Privacy Act (CCPA) surfaced, all while individual states continued to refine their privacy laws. The sudden invalidation of the legal framework known as Privacy Shield, by European Union ruling called Schrems II, dealt a blow to nearly 6,000 companies in the U.S. who rely on trans-Atlantic data flows, renewing debate over whether and when a federal privacy law might come into existence. With consumers’ heightened awareness of their privacy rights, companies that leverage data discovery technologies and protect sensitive data (with encryption) will keep themselves out of unwanted headlines in 2021.

5G Will Provide New Capabilities and the Biggest Attack Surface Ever

SÉBASTIEN PAVIE

VP Sales Southern EMEA, Data Protection Solutions

A Distributed Workforce is Here to Stay and Will Evolve to Arenas Never Imagined The remote work trend, already steadily increasing pre-pandemic, accelerated exponentially in 2020 as a result of the pandemic Some workers will return the office, but many will indefinitely continue to work from anywhere. The lessons learned in 2020 will force IT organisations to invest more in physical and digital security to address new threat vectors resulting from a remote work culture. With more and more devices connected to networks, employee cybersecurity training will become a top business initiative as individual accountability increases. Organisations will require more cyber distancing to reduce the mixing of personal devices and corporate data to support compliance requirements. There will also be a new wave of remote workers.

The Password Will Finally Disappear as Digital Identity Becomes a Great Equaliser As mobility reached a new level of critical need in 2020, the need for digital identity capabilities also crystalised. Lockdowns and remote work on a global level meant strong identity verification became the lifeblood for enrolling new customers, payment data encryption, and multiple authentication schemes, including biometrics. In the New Year, digital identity capabilities will become the great equaliser in the fight against fraud. Financial services, healthcare, government, mobile and other industries will need to build and maintain trust as data breaches continue with regularity and compliance mandates get more stringent.

The Fight for Data Privacy Will Make Bigger Headlines Demand for privacy protection, snowballing for years, stole much of the spotlight in 2020 as data breaches soared. Global Data Protection Regulation (GDPR) fines added up and the first company to be fined

As expected, 5G began to fuel the proliferation of IoT. The push for more mobile services, demand for streaming, touchless interactions via mobile devices and the need to accommodate a remote workforce sped up appetite for this new generation of capabilities. In 2021, the continuation of the 5G rollout which will allow billions of connected devices, will create the largest attack surface that’s ever existed, making early threat detection a top protector of data. Enterprises and employees, eager to capture new capabilities, must make access management, authentication and data discovery a top priority as data sprawl pushes the boundaries of computing devices.

Cybercrime Rings Will Be Well Funded and Motivated As organisations – including hospitals and other healthcare entities – struggled to contend with the global pandemic, organised cybercrime rings wreaked havoc. Ransomware-as-a-Service rose up with an alarming potency that crippled government agencies, schools and businesses. Unfortunately, one of the biggest threats in the New Year will be devastating: The United Nations estimates that organised cybercrime will cost the global economy around $5.2 trillion between now and 2025.

In Response, Businesses Will Take the Fight to the Hackers It was predicted that the volume and efficacy of cyberattacks would increase in 2020, but no one knew the true extent and speed to which malware and ransomware would explode. For 2021, Cybersecurity Ventures predicts that a business will fall victim to an attack every 11 seconds, and the estimated cost to businesses will be around $20 billion. In the New Year, business will finally take the fight to hackers and go on the offensive by using deceptive technology to proactively set traps and allow access to fake data to frustrate attackers. These tactics, along with multi-factor authentication and access management controls, will reign supreme.

Quantum Will Make Significant Headway The race for quantum supremacy is on as major players like Amazon, Google, IBM and others heavily invest in research and development. Advances made in 2020 will drive momentum in the New Year. Universally regarded as among the most significant threat to cybersecurity in history, quantum computing in the hands of bad actors will put data protected by today’s conventional encryption methods at risk. Enterprises that hold the world’s most sensitive data have no time to waste in rolling out plans for enabling quantumresistant algorithms in the data security products they deploy.

JANUARY 2021

CXO INSIGHT ME

23


VISIT: www.cxoinsightme.com/cxo2021/50/nomination.php

The coronavirus crisis has accelerated the adoption of digital technologies in the Middle East. The pandemic has demonstrated the importance of business continuity plans and the need to improve operational efficiencies through digital business. In its third year, CXO 50 Awards seek to recognise IT leaders who have taken the reins during the crisis to shape the new normal. The award is designed to honor innovative and forward-thinking IT executives whose actions have had an impact on their own organisations and the industry they work in. The awards are open to IT executives anywhere in the Middle East and all entrants for CXO 50 Awards will be evaluated by a judging panel comprising industry stalwarts. So, if you are an IT pro who has demonstrated innovative leadership with real-world results we would like to hear from you.

PLATINUM PARTNER

GOLD PARTNERS

ORGANIZER Pantone: Pantone Process Cyan

SILVER PARTNERS

OFFICIAL MEDIA


OUTLOOK

Red Hat

AVEVA

ADRIAN PICKERING

Regional General Manager, EMEA

What are the biggest trends that will change the regional technology landscape in the next 12 months? Over the next 12 months and beyond, one of the biggest trends we will witness is the continuous evolution of new and emerging technologies, such as artificial intelligence (AI), the internet of things (IoT), big data analytics, and blockchain. From our perspective, what’s important here is that these same technologies are all contributing factors behind the vast benefits of open source. As their potential continues to come to fruition over the coming period, their power and influence will, in turn, drive the growing trend of open source adoption and implementation. It is also essential to note that because digital transformation, the cloud, and demand for open source have become more mainstream, the required digital skills to manage and maintain such environments call for urgent attention. Therefore, another major trend that we will see moving forward is widespread efforts to bridge the digital divide and ensure emerging talent have the competencies and skills to succeed professionally in tomorrow’s digital environments.

How is your company helping its customers adapt to the new normal? At Red Hat, we have always aspired to be a catalyst for clients and customers’ communities by providing them with world-class technology from which they can learn and harness their potential. Now that we have been propelled into the new normal, our efforts help those we work alongside adapt to this new reality have only increased as the demand for open source solutions continues to rise exponentially. After all, open source technology fosters public sector innovation and, by driving innovation quickly, bridges the digital divide, empowers people and projects, and enables organisations to unlock their full potential through corporate action and social activism. Today, we are helping more enterprises than ever before become acquainted with the new normal by sharing our expertise and experience and providing them with the open source software and products they require to succeed in the new digital landscape.

DR TARIQ ASLAM Head of MEA

What will be the top trends that will transform the Middle East tech landscape in 2021? As we look ahead into 2021, four key technology predictions stand out for the Industrial sector. First, digitisation will continue to spread and mature within organisations – connected IIoT will go deeper and wider across the core of many businesses. Second, Artificial Intelligence (AI) and Machine Learning (ML) enabled technologies will continue to automate processes to deliver improved performance and agility. Third, there will be greater focus on sustainability as businesses look to become cleaner and more efficient in their use of natural resources. Fourth and not least, businesses will look to unlock critical insights from data.

How are you helping your customers adapt to the new normal? Digital capabilities are increasingly acting as a barometer for economic resilience in this ‘new normal’ and the industries that will thrive post this crisis are those that can digitalise completely. COVID-19 has forced organisations to consider how they can expedite their digital transformation while still operating. They are opting for cloud, digital twin, Artificial Intelligence (AI) and automation technologies to address the complexities of today’s challenging macro-economic environment. With unified data and analytics, companies are empowered with better information, which means they can make more informed decision to optimise operations for the new environment. Cloud is especially critical right now and we are working across our customers to expedite their use of the technology. New technologies like AI enable four key areas to mitigate business and operational risk, improve workforce safety and efficiency, and forge a more reliable and secure enterprise - the four Ps: Predictive, Performance, Prescriptive and Prognostic.

JANUARY 2021

CXO INSIGHT ME

25


FEATURE

SECURITY AT THE SPEED OF DIGITAL INDUSTRY EXPERTS SAY DIGITISATION WITHOUT SECURITY IS A RECIPE FOR DISASTER

26

CXO INSIGHT ME

JANUARY 2021


T

he fallout of the coronavirus pandemic has forced many organisations to reshape as digital businesses. However, the race to create new processes and services is not without pitfalls, with cybersecurity on top of the list. As organisations kick their digital initiatives into high gear, CISOs struggle to support ongoing transformation projects and gain visibility into their complete technology ecosystems. The research firm Gartner says the momentum of transformation projects within the digital business will outpace the ability of organisations to accommodate changes related to security. Security teams must evolve their practices to keep pace with digital business. How does digital transformation change cybersecurity needs? “It starts with the underlying premise of what is ‘digital transformation’- the use of technology to change how a business delivers goods or services. Regardless of which technology is being deployed at any point in time, the common point is that technology is also an expansion of the organisation’s attack surface. This, in turn, increases exposure to malware and cyberattacks that the existing security infrastructure is not equipped to handle, exposing weak links in the cybersecurity chain,” says Patrick Grillo, Senior Director, Solutions Marketing at Fortinet.

Patrick Grillo

Nicolai Solling

Nicolai Solling, CTO of Help AG, says as digital transformation becomes a necessity for business continuity and future relevance in the wake of Covid-19, the need for cybersecurity is more critical than ever before. “In a rush to innovate and shift to delivering their business models online, organisations have tended to focus primarily on functionality and features. However, the more organisations integrate systems and IT into their everyday business, the more they increase their attack surface and risk profile. This was further exacerbated by the overnight shift of millions of workers from onsite to remote work in response to the virus outbreak, luring cybercriminals to capitalise on the work-from-home disruption and the sheer volume of new target opportunities online.” For this reason, we always recommend for security to be treated as a day-zero job and as foundational to any kind of digital transformation. Recently, the biggest problem we see is companies still playing catch-up to secure their remote access while cyber threats continue to multiply. Many businesses have failed in securing their assets because their digital transformation was focused on functionality and overlooked security, he says. According to Maher Jadallah, Regional Director – Middle East at Tenable, the tools and processes of yesterday are being used to solve

Maher Jadallah

today’s problems – built and designed for the old era of IT when the attack surface was a static laptop, desktop or on-premises server. “As a result, organisations struggle at every step – seeing their assets, detecting weaknesses, prioritising issues for remediation, measuring risk, and comparing to peers. The digital era requires a new approach. “Organisations need a modern, comprehensive strategy to quickly and accurately identify vulnerabilities and misconfigurations in their dynamic infrastructures, that delivers clear guidance and recommendations on how to prioritise and remediate any risks.” Key stages in building a secure digital strategy Building a roadmap to get your digital transformation securely can be an uphill task as it involves creating a framework and execution guidance. “The most important step is getting together with all the stakeholders to gain a clear understanding of what new technologies are required for the transformation to be deemed successful,” says John Shier, Senior Security Advisor, Sophos. “That will then help inform the security of the new protection technologies or processes that need to be put in place to protect the environment. Part of the planning should also include a plan for what happens in the event of a failure or

JANUARY 2021

CXO INSIGHT ME

27


FEATURE

John Shier

Giuseppe Brizio

Dr. Mike Lloyd

cyber-attack. Taken together, these plans will help steer the roadmap towards a plan that is suitable for the business and resilient against attack.” Giuseppe Brizio, CISO EMEA, Qualys, says a cybersecurity roadmap should be based on four key areas: Risk Management in order to identify and analyse cyber risks, threats likelihood, and business impact; People to ensure users cybersecurity awareness and right-sized cybersecurity professionals team; Processes in terms of IT assets visibility, prevention, remediation, detection and response to cyber threats/attacks and; technology in order to support and automate the cybersecurity processes and ensure their effectiveness. Dr. Mike Lloyd, CTO, RedSeal, says to get the benefits from digital transformation, we have to focus on automation of basic hygiene. “This starts with inventory — it’s no small task to keep track of all the things on your part of the Internet of Things. Inventory is the bedrock, but above that, we have to map out our cyber terrain and how digital assets interact. Without that, we are like generals without a map — we’ll have no idea what is going on when the inevitable emergencies arise. We also have to learn the discipline of social distancing for our networks — keeping things apart that do not need to communicate.”

What are the key barriers to a secure digital transformation process? Solling says in practice, the barriers that present themselves in the digital transformation journey are the inflexibility of existing systems, siloed IT systems, lack of technical resources, as well as the difficulty in defining a strategy for what needs to be achieved. “There is no doubt we have the tools and security systems available today to mitigate the vast majority of attacks, so the risk actually lies in an organisation’s failure to implement a cybersecurity strategy through every step of its digital transformation journey as well as a failure to look at security requirements proactively rather than reactively,” he says. Jadallah from Tenable says companies must return to the basics of cyber hygiene by leveraging vulnerability management and honest assessment of the challenges they face. This way, they can understand where the risks exist within their infrastructure and establish an efficient process to measure overall risk and secure their network. He adds acquiring the tools, technologies, skills, and services to confidently define the boundaries of the network, the type and quantity of assets, applications, and services should be the priority for any security

leader to keep up as the business adopts new technology and systems evolve. This begs the question - How can organisations take advantage of the myriad of security tools they have invested in over many years? Shier from Sophos says some of the already present tools in the organisation will be suitable for protecting newly transformed services or processes. This means companies can reduce the cost of deployment by leveraging existing technologies. In some cases, however, new security tools will be required, especially if the transformation introduces new technologies Solling from Help AG concludes: “An organisation must periodically assess the effectiveness of its security systems, such as by getting endpoints tested by experts with a service such as penetration testing. Along with this, employees need to receive regular training to continue promoting their cybersecurity awareness and ensure they remain an additional line of defense and don’t detract from cybersecurity measures. Powerful bi-directional integrations between different security tools can also enable organisations to act efficiently and see true value from cybersecurity investments as they continue updating their security tools and software whenever needed.”

28

CXO INSIGHT ME

JANUARY 2021


THE

FUTURE

OF THE

AEROSPACE INDUSTRY

14-18 November 2021

Unparalleled line-up of thoughtprovoking content, aerial displays and game-changing innovations

DWC, Dubai Airshow Site

www.dubaiairshow.aero Book your space today: sales@dubai.aero

Follow us on: #DubaiAirshow

CommerCIal Aviation | Aircraft Interiors | MRO | Business Aviation | Air Traffic Management Space | Defence & Military | Air Cargo | Emerging Technologies NEW Supported by:


REPORT

2021 GLOBAL NETWORKING TRENDS THE CISCO STUDY REVEALS BUSINESS RESILIENCY WILL TAKE CENTRE STAGE

B

usinesses around the world experienced unprecedented long-term disruption to their operations almost overnight due to the Covid-19 pandemic. In response, Cisco has conducted an extensive study of the issues that have arisen in relation to business resiliency during the last 12 months. The report highlights the key enterprise network trends companies should consider ensuring they are well positioned to successfully navigate 2021. The 2021 Global Networking Trends Report: Business Resilience Special Edition identifies resiliency as the ability for a business to do more than provide an acceptable level of service in a challenging period. Instead, it is to have an intuitive network platform that can respond quickly to any circumstances, enable new operating models and digital services, integrate with IT processes, and safeguard their employees, core activities, customers, and brand. The report highlights a Business Continuity Institute (BCI) survey that found 59.8% of business continuance professionals rate IT resilience as the most significant factor in responding to the current pandemic. It explores how a company can develop its network strategy so that it is able to complement a business’s resilience strategy. The 2021 Global Networking Trends Report: Business Resilience Special Edition highlights five key networking trends and the need to employ multi-dimensional approaches across the workforce, workplace, workloads and IT operations. Secure remote access: Studies have found that an average of 4.7 times more people are now working from home

1 30

CXO INSIGHT ME

JANUARY 2021

data across on-premises data centers and public cloud providers — has sped up, reducing costs, increasing flexibility, and protecting against and spreading the risk of catastrophic failures. Network automation: The impact of the pandemic has also been felt in the unprecedented levels of steep fluctuations in client counts, application traffic patterns, and rapid increases in new use cases for e-learning, video conferencing, virtual events, remote care, process automation, and other network-dependent services. To ensure continued service it is essential that repetitive administrative tasks, network access, onboarding, and segmentation as well as policy beyond the data center to the cloud are automated in addition to many other network functions. AI-enabled assurance: The sheer complexity of modern networks and the deluge of events and issues bombarding multiple disparate monitoring platforms can be overwhelming and ineffective, especially when a disruption hits. A Cisco study found an average of 4,400 wireless-related monthly events on an enterprise network. By implementing AI-enabled network analytics and machine learning techniques, NetOps teams are able to achieve a much more manageable set of issues they can take action on.

4

5 compared to pre-pandemic levels. As such companies should empower their staff to be productive and collaborative from anywhere by improving security on work-from-home networks by scaling VPN, use multifactor authentication MFA to protect applications and deploy cloud security and secure access services edge (SASE) to defend against cyber threats. Smart-trusted workplaces: Networking teams are preparing for a safe return to the office by improving existing video conferencing and locationbased Wi-Fi services while others are deploying new services and safeguards, such as physical distance monitoring, proximity reporting, increased workplace automation, and more. IT departments must ensure networks are stress tested, automate identity-based secure access and enhance the safety of employees and customers via location-based analytics once people return to offices. Multicloud networking: Increasingly, IT leaders are now using cloud solutions to improve business resilience in the wake of the global pandemic. As a result, the adoption of a multicloud model — distributing applications, workloads, and

2

3

“Despite the challenges businesses have faced in 2020, due to the huge disruption to networks created by the Covid-19 pandemic, solutions are available. Businesses that rethink their network strategy to focus on resiliency by adopting the latest network capabilities will be agile enough to stay ahead of the next big challenge. They can do this by implementing greater automation and AIpowered insights to empower companies and enable them to adapt to an everchanging environment while maintaining high levels of service. By becoming aware of the key networking trends for 2021 such as the workforce, workplace, workloads and within operations, business will be able to employ strategies that will allow them to be flexible enough to meet potential future disruptions with greater confidence and success,” said Osama Al-Zoubi, Cisco CTO for Middle East and Africa.


VIEWPOINT

TECH PREDICTIONS AND ADVISORY FOR DECISION-MAKERS ABBOUD GHANEM, REGIONAL VICE PRESIDENT, MIDDLE EAST AND AFRICA, ALTERYX, SHARES THE COMPANY’S OUTLOOK FOR 2021 AND GUIDANCE TO HELP DECISIONMAKERS BETTER STRATEGISE AND LEVERAGE TECHNOLOGY TO SUIT INDIVIDUAL BUSINESS REQUIREMENTS.

T

he predictions focus primarily on key learnings from the past year, as well as anticipated trends and areas of clear business necessity. At the core of these forecasts, Alteryx identifies better use of data analytics and process automation, in addition to investments in upskilling as areas which are pivotal to aiding sustained growth in the digital age. Businesses must be on the right side of the analytic divide Like the much-publicized ‘digital divide’, an ‘analytic divide’ is also starting to emerge. Many companies were driven to invest in analytics due to the pandemic, while others were forced to cut anything they did not view as critical, simply to keep the lights on – and a proper investment in analytics was, for these organisations, one of the first items on the chopping block. This means that the analytic divide will further widen in 2021, and this trend will continue for many years to come. Without a doubt, the winners and losers in any industry will continue to be defined by those that are leveraging analytics and those that are not. Data democratization and synergy between teams will become the new norm It is the job of the Chief Data Officer (CDO) to ensure expansion of growth across the entire business. This can be achieved by providing structured data that people can actually use. A successful CDO should democratise data so that it is accessible

and understandable by people. A good CTO will complement the CDO by creating the necessary tooling to find the required data. This means giving users a set of visualisation and reporting tools that allow them to identify trends and key learnings. The new year will bring closer collaboration between these two roles, driven by sheer necessity. If a business has tools with ‘bad’ data, data challenges are exacerbated. If there are limited tools, only a small subset can exploit that data for the good of the organisation and the audiences it serves. Citizen data scientists will play a bigger role in preventing cyberattacks Using a powerful analytics platform that enables machine learning capabilities is crucial to detecting and addressing cybersecurity threats more rapidly, providing the ability to examine large volumes of data, identifying patterns and deliver actionable intelligence. With the further democratisation of data, industries will witness citizen data scientists increasingly playing a key role in helping security teams enhance and simplify their cyber defense technologies by precisely detecting future attacks, proactively identifying security blind spots across the network and protecting valuable company information. The zero-trust approach to security will be a responsibility for all to bear The work-from-anywhere concept has created an opportunity for CISOs to consider strategic approaches for managing non-traditional security risks.

To accommodate this shift, corporate security departments will begin expanding the perimeter into employees’ homes to ensure that cyber risks are not unknowingly introduced into the corporate network. CISOs must work with HR teams to increase employee awareness of cybersecurity measures, proactively recognising and reporting risks. CISOs adopting the zero-trust model will be able to improve secure access to corporate resources through continuous assessment and intent-based authentication policies. AI-driven supply chain analytics will help businesses see around corners The pandemic has made it clear that the world still depends on robust manufacturing and supply chains. As businesses gear up not just to survive, but to thrive in the era of social distancing, predictive analytics will further emerge as a crucial tool for mitigating risks, managing volatility and offsetting risk. During the height of the pandemic, businesses saw their forecasting models and processes simply break down. With supply chains more complex and dynamic than ever, moving forward it will be crucial that they are augmented, automated and enhanced through the support of analytics processing that matches their sophistication. The greater focus on data and analytics is here to stay COVID-19 forced organisations to address an enormous number of challenges and in doing so, drove an intense focus on data and analytics to provide much-needed insight. From genome sequencing and understanding the virus, its mutations and spread, to anticipating the needs of healthcare workers and managing the rollout of government aid – all of this was made possible by the analysis of data. With the virus also shedding light on other areas more improvement, organisations are now more acutely aware of how data analytics and automation can solve not only business, but also some of humanity’s greatest challenges.

JANUARY 2021

CXO INSIGHT ME

31


VIEWPOINT

2020’S BIGGEST STORIES IN AI CHRISTOPHER THISSEN, SENIOR DATA SCIENTIST; BEN WIENER, DATA SCIENTIST AND SOHROB KAZEROUNIAN, AI RESEARCH LEAD AT VECTRA, ON TOP AI DEVELOPMENTS THAT MADE HEADLINES LAST YEAR.

2

020 provided a glimpse of just how much AI is beginning to penetrate everyday life. It seems likely that in the next few years we’ll regularly (and unknowingly) see AI-generated text in our social media feeds, advertisements, and news outlets. The implications of AI being used in the real world raise important questions about the ethical use of AI as well. So as we look forward to 2021, it is worth taking a moment to look back at the biggest stories in AI over the past year. 32

CXO INSIGHT ME

JANUARY 2021

GPT-3: AI Generated Text Perhaps the biggest splash of 2020 was made by OpenAI’s GPT-3 model. GPT-3 (Generative Pretrained Transformer 3) is an AI capable of understanding and generating text. The abilities of this AI are impressive — early users have coaxed the AI to answer trivia questions, create fiction and poetry, and generate simple webpages from written instructions. Perhaps most impressively, humans cannot distinguish between articles written by GPT-3 and those written by humans. Although GPT-3 is not yet approaching the technological singularity, this model

and others like it will prove incredibly useful in the coming years. Companies and individuals can request access to the model outputs through an API (currently in private beta testing). Microsoft now owns the license to GPT-3, and other groups are working to create similar results. I expect we’ll soon see a proliferation of new capabilities related to AI’s that understand language.


AlphaFold: Protein Folding Outside of Natural Language Processing, 2020 also saw important progress in biotechnology. Starting early in the year, we got the rapid and timely advancement of mRNA vaccines. Throughout the year, clinical trials proved these to be highly effective. As the year came to a close, another bombshell — DeepMind’s AlphaFold appears to be a giant step forward, this time in the area of protein folding. This fall, the latest version of AlphaFold competed against other state-of-the-art methods in a biennial protein folding prediction contest called The CASP Assessment. In this contest, algorithms were tasked with converting amino acid sequences into protein structures and were judged based on the fraction of amino acids positions the model predicts correctly within a certain margin. In the most challenging Free-Modeling category, AlphaFold was able to predict the structure of unseen proteins with a median score of 88.1. The next closest predictor in this year’s contest scored 32.4. This is an astonishing leap forward. Going forward, scientists can use models like AlphaFold to accelerate their research on disease and genetics. Perhaps at the end of 2021, we’ll be celebrating the technology that work like this enabled. Democratising Deep Learning As highlighted above, deep learning — the primary method underlying many state-ofthe-art Ais — is proving useful in domains as disparate as biology and natural language. Efforts to make deep learning more accessible to domain experts and practitioners is accelerating the adoption of AI in many fields. Anyone with an internet connection can now generate a realistic but completely fake photograph of a human face. Similar technology has already been used to create more realistic — and more difficult to detect — fake social media accounts in disinformation campaigns, including some leading up to the 2020 U.S. election. And OpenAI is planning to make the capabilities of GPT-3 available to vetted users through a comparatively easy-to-use API. There

is genuine concern that as deep-learningenabled technology becomes more accessible, it also becomes easier to weaponise. But pairing AIs with human domain experts can also be leveraged for good. Domain experts can steer the AIs towards impactful, solvable problems and diagnose when the AIs are biased or have reached incorrect conclusions. The AIs provide the ability to rapidly process enormous volumes of data (sometimes with higher accuracy than humans), making analyses cheaper and faster, and unlocking insights that might otherwise be out of reach. User-friendly tools, APIs, and libraries facilitate the adoption of AI, especially in fields that can leverage already well-established techniques such as image classification. AI Ethics One of the interesting consequences of AI and ML systems becoming more readily accessible has been the resulting shift of priorities in the field of AI Ethics. What stands out about the field of AI Ethics in 2020 is not any single achievement or breakthrough, but rather the sheer amount of work that was done in re-orienting and focusing attention towards topics of immediate concern. These include questions ranging from how to deal with racial and gender biases in datasets to inequities resulting from lowpaid gig work labeling the very data used to train algorithms. Some of these issues are now being confronted because of increasing interaction with AI systems but the other driving factor has been a small but dedicated group of researchers, often from groups that are underrepresented in the broader AI community, who have not only been sounding the alarm about these ethical concerns but have also been pushing for increased diversity and representation in the field itself. Despite all the progress that has been made so far, a large uphill battle remains. At the beginning of December, Google fired its ethical AI co-lead, Timnit Gebru. The news has been unsettling for the broader Ethical AI community, not only

because Gebru was attempting to publish a research study on the environmental consequences of training large scale language models (core to Google’s business) and the issues regarding lack of diversity that have been exposed as a result of the review process, but also because the incident raises questions about how the academic research community should relate to industry. Nevertheless, the accomplishments in this burgeoning field lay the groundwork in determining for whom and for what AI should get used. Looking towards 2021 At the start of 2020, some researchers expressed concerns that AI research may soon be entering another winter, in which progress reaches a standstill and both interest and funding dry up. While the novelty and excitement surrounding deep learning may indeed be wearing off, it is certainly interesting to note that two of the more exciting breakthroughs in 2020 were GPT-3 and AlphaFold, both of which leveraged existing theoretical approaches, but greatly advanced the practical applications of AI algorithms in their respective domains. Moving forward, we suspect focus will shift towards making it possible to learn from smaller amounts of data, while improving generalisability and interpretability, all in service of making AI models more practicable. Human domain experts will also continue to play an important, if different, role, as democratisation efforts continue to push AI capabilities into new fields. As these changes continue to change the landscape in which AI is deployed, and the methods by which we interact with such systems, we’re also likely to see continued focus on pragmatic problems with real societal impacts, and continued discussions about the role of AI in society. In any case, practical applications appear to have substantial room before they exhaust the available theoretical advances. And unlike prior decades, the penetration of AI into society and the promise of attainable pragmatic solutions seems likely to sustain AI progress for the foreseeable future.

JANUARY 2021

CXO INSIGHT ME

33


VIEWPOINT

HOW EFFECTIVE IS THREAT HUNTING FOR ORGANISATIONS? ANTHONY PERRIDGE, VP INTERNATIONAL, THREATQUOTIENT, SHARES KEY LEARNINGS FROM THE SANS 2020 THREAT HUNTING SURVEY

I

n recent years threat hunting has become much more widely adopted, but today the definition of threat hunting is still quite a controversial topic. Threat hunting is the art of finding the unknown in your environment, going beyond traditional detection technologies, with active cyber defence activity, proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions. An essential part of security operations centre (SOC) services, threat hunting should be incorporated at an early stage. However, even though organisations have been threat hunting 34

CXO INSIGHT ME

JANUARY 2021

for a number of years now, with the job of ‘threat hunter’ being defined about five or six years ago, adoption and use is still quite a hotly debated topic. This is one of the reasons why we recently sponsored this year’s SANS 2020 Threat Hunting Survey, to see if this would shed more light on how organisations are using threat hunting and how valuable it is proving to be. Threat hunting is being utilised to tick the compliance box Whenever introducing new threat hunting strategies to find malicious activities, there are various methods that organisations can utilise. The

SANS survey found that some companies define how their threat hunting operations need to work and build up teams to meet these goals. Unfortunately, the other stillquite-common approach is to run threat hunting operations with what organisations already have. Instead of defining goals that threat hunting needs to deliver the maximum value to the organisation, they define threat hunting as simply having some form of threat hunting in the business, classifying it as an activity for existing teams to adopt. While this approach might still render results, these will not be as beneficial to the organisation and


and that it was proving effective with 86% saying it had strengthened their company’s defences.

its security posture as they could be. SANS frequently sees this approach at compliance-driven IT organisations whereby some standards require them to have threat hunting in place, which prompts them to set up a form of threat hunting simply to tick that box. Security professionals state that threat hunting has strengthened their company’s defences Interestingly, in the recent VMware Carbon Black 2020 Global Threat Report which interviewed over 3,000 IT leaders from 13 different countries, it found that threat hunting teams were starting to formalise their processes and procedures, and that trends were moving in the right direction for the industry overall. 80% of respondents stated that attacks had become more sophisticated, however respondents also said unequivocally that threat hunting was paying dividends and increasingly being recognised for its value in identifying malicious actors already in the system. When asked “In the last 12 months did your company’s threat hunting achieve a goal of strengthening its defences against cyberattack and did the threat hunting find malicious cyberattack activity you would not have ordinarily found?” 88% of respondents said they are using it as part of their cybersecurity strategy

The difference between threat hunters and incident responders However, the SANs report found that many organisations were tagging threat hunting activities onto the incident responder’s role. Undoubtedly there are commonalities and differences between threat hunting and incident response. While threat hunting comes in various shapes and forms, the most sophisticated way of threat hunting is hypothesis-based hunting. In this case, the hunter envisions an attack scenario that might have happened in the organisation. That scenario leads to a hypothesis that subsequently must be tested. Testing that hypothesis usually requires intimate knowledge about the suspected attack path as well as the right toolset and visibility to either accept or reject the hypothesis. Incident responders usually know that an attack occurred, then start their investigation with limited knowledge about the attack path. This results in incident responders extending their knowledge about the attack and establishing visibility to investigate further. The tools and techniques for this overlap broadly between incident response and threat hunting. For that reason, it tends to be beneficial to use incident responders when building up threat hunting operations. However, over time the incident response-led approach should transform into a dedicated threat hunting team. A lack of automation and frequently switching applications all impact the hunt The report also found that there does appears to be a significant gap in the use of automated tools to aid in the curation of useful and applicable threat intelligence. And that most threat hunters are not full-time threat hunters but split their time with other responsibilities. The trend to staff threat hunting operations with incident

responders and SOC analysts was also very prominent. While incident responders may be very familiar with the task of finding new, unknown threats, SOC analysts might have difficulties deviating from their routine of analysing alerts to actively searching for signs of a breach. The report found that what threat hunters struggle most with are frequent context switches, as only a few respondents said that they never need to switch tools while doing their job. So, jumping between applications is one area that has a huge potential for improvement and increased efficiency. What also factors into efficiency is that a high proportion of respondents (36.3%) are manually applying the threat intelligence they have collected. One of the reasons appears to be that almost half of the respondents don’t store threat intelligence in a platform but rather they are using traditional file-based methods such as spreadsheets or PDFs. Finding a common understanding of threat hunting I found it surprising that half of the respondents said that they see no value in hunting for new or unknown threats because uncovering unknown threats is one of the main arguments for threat hunting, while daily threats can be met by a SOC. In summary and to move forward, we need to establish a common understanding of threat hunting, improve tools that reduce context switches, automate the process and make threat hunting more measurable. Low-hanging fruit for many respondents would be to switch their intelligence management from document-based to an open-source or commercial platform to make threat intelligence easier to consume, evolve and apply. Threat hunting is becoming more pervasive in the industry, but its general value is still not widely understood, nor is there a gold standard for threat hunting today. If you are interested why not download the SANs Threat Hunting Report 2020 by clicking here [insert link].

JANUARY 2021

CXO INSIGHT ME

35


VIEWPOINT

MANAGING SECURITY RISKS THAT IMPACT DIGITAL BUSINESS COURTNEY RADKE, RETAIL CISO AT FORTINET, ON WHY SECURITY SHOULD BE BAKED INTO THE FRAMEWORK OF A DIGITAL STRATEGY

S

ince the rise of the Internet, businesses have been forced to continually shift their strategies to effectively compete in the digital marketplace. From on-demand to subscription-based offerings, all digital business models center on the use of various technologies to improve operational efficiency and the customer experience, thereby enhancing their overall value. But while digital-first strategies are proving to be beneficial across all business sectors, it is ecommerce that stands out as one of the most widely used models available. This was especially true in 2020, as many shifted to online shopping as a result of the COVID-19 pandemic. In fact, it is 36

CXO INSIGHT ME

JANUARY 2021

predicted that global B2C ecommerce sales will reach $4.5 trillion by 2021. Security Risks Impacting Digital Business Digital business models such as ecommerce have become a critical component of the global economy, but they do not come without their own set of risks. As organisations rush to digitise, cybersecurity is often left out of the equation for the sake of saving time and initial costs. However, when security is not weaved into the framework of a digital strategy, organisations may end up losing the resources that they had initially fought to save. This fact alone should be of concern for any digital business, especially those in the ecommerce space.

A rise in online shopping has led to increased web traffic, something cybercriminals have been all too quick to exploit. And in 2020, this issue only grew more significant, further impacting the security of ecommerce sites. Between September and October alone, the FortiGuard Labs team saw a 140% increase in attempted attacks targeting this space. With the knowledge that more people are shopping online now than ever before, cyber criminals have taken advantage of the increase in virtual queues and slow web processing times. With digital transformation comes the expansion of the threat landscape, presenting various opportunities for cybercriminals to target unsuspecting individuals. One strategy that threat actors have adopted is placing ads or links


on trusted websites to lead shoppers away from their secure browsing experience, usually with the promise of a great deal. Upon arriving at the fraudulent site, shoppers will be directed to enter access credentials – including a username and password – that a cybercriminal can then use on the real website to steal personal information. Through the deployment of phishing, malware, and man-in-the-middle attacks, and by leveraging Rogue Access Points (APs), cyber criminals can further their attempts to exploit wireless or proxy servers. Often, the goal here is to gain access to payment card information that can be used to fund other efforts. And while cyberthreats such as these are unfortunately common across digital businesses in general, the lack of security measures across many ecommerce sites is particularly concerning considering the large portion of the public that shops online without understanding the potential risks. Taking Steps to Secure Digital Experiences The ecommerce space is extremely profitable, which is exactly why cybercriminals target these types of businesses. They rely on the fact that most individuals do not ask themselves, “How do I know if this online shopping site is safe?” For this reason, it is up to the business to implement strategies that will enable secure transactions from behind the scenes, stopping threat actors in their tracks before they can even reach customers. Below are just a few ways in which this can be accomplished: • Ensure Compliance: Meeting compliance standards is one of the most basic, yet critically important, ways that ecommerce sites can protect their customers. By taking certain steps, businesses can ensure they have laid a partial framework for combatting cyberthreats – this often means not storing more data than is necessary. Major cybersecurity-related regulations that ecommerce sites should comply with include: Payment Card Industry Data Security Standard (PCI-DSS), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA)

and International Organisation for Standardisation (ISO). • Confirm Infrastructure is Up to Date: Unsurprisingly, outdated security is a top reason for repeated attacks. This often comes with basic misconfigurations on storage buckets and public cloud computing access systems, resulting in vulnerabilities that can be easily exploited. And while this is undoubtedly an issue across all types of digital businesses, having up-to-date infrastructure within ecommerce is especially critical due to the complexity of these sites. In some scenarios, this could be as simple as upgrading a plugin, but in other cases, entire systems and websites may have to be updated to effectively manage vulnerabilities. In other words, there is not a one-size-fitsall solution, and requirements will vary on a case-by-case basis. •Require Strong Passwords: Both ecommerce sites and digital businesses in general should require customers to create passwords that cannot be easily guessed by cybercriminals. While this can come in the form of general recommendations (i.e., discouraging the inclusion of phone numbers or birthdays), it can also mean rejecting certain passwords altogether. To be effective in their security goals, websites should require passwords that contain at a minimum 8 characters, including a combination of numbers, symbols, and uppercase and lowercase letters.

Further, it is recommended that users leverage random word combinations (the revised passphrase method) or transform sentences into a password (the Bruce Schneier method). Above all, remember that length and obscurity is key. • Maintain Updated SSL/TLS Certificates: While maintaining an updated SSL/ TLS certificate is essentially tablestakes for ecommerce merchants due to PCI and other industry regulations, it is critical nonetheless and doing so allows businesses to realise a number of benefits. From a security standpoint, they help ensure their websites can stand up to cyberthreats, exploits, and website misuse while also keeping customer data secure by enforcing end-to-end encryption of data. From a reputational standpoint, the inclusion of “HTTPS” at the beginning of their page URL creates a sense of trustworthiness that will help customers feel more confident in the security of their digital experience. From a business standpoint, HTTPS allows for use of more powerful web platform features and API integrations that require permissions to execute such as Geolocation services. While these strategies are all crucial to the security of digital businesses, each one cannot stand on its own. Instead, security teams must weave a framework of tactics such as these to deliver the highest level of protection to keep their organisations and their customers secure. Final Thoughts on Securing Digital Business Digital transformation continues to change the way we do business, as well as what customers have come to expect. This is especially true across the ecommerce space. With more of the public shopping online now than ever before, businesses must ensure their websites can handle this influx of traffic, both from a performance and security standpoint. While there is no single foolproof way to manage ecommerce site security, businesses that take care to consider the basics when working to protect their customers set themselves up for success versus those that look to cut corners.

JANUARY 2021

CXO INSIGHT ME

37


VIEWPOINT

DEBUNKING MYTHS JOHNNY KARAM, VICE PRESIDENT EMERGING MARKETS AT VERITAS, LOOKS AT SOME OF THE MOST COMMON MISCONCEPTIONS ABOUT RANSOMWARE, COMPLIANCE AND DATA STORAGE

A

s children we are taught to practice caution to ensure our safety and security are not compromised. Now that most of our daily activity is online, businesses need to take the same level of precaution that we did as children, albeit in a more sophisticated and digital manner. There have long been a number of myths, or preconceptions adopted by the IT industry that have led to poor data practices, leaving them wide open to a myriad of issues. Ransomware Although our rapidly advancing technology continues to help protect businesses against ransomware, it would be naïve to assume that ransomware is not simultaneously keeping up. The cost of ransomware is on the rise, and estimates state that global costs will reach $20 billion by next year; an increase from their predicted damages of $11.5 billion in 2019 and $8 billion in 2018. In the last year alone, 49% of organisations surveyed in the UAE had witnessed a ransomware attack. 38

CXO INSIGHT ME

JANUARY 2021

We’re also seeing an exponential increase in ransomware payments. According to one company, ransomware encryption fees went up 33% in the last quarter alone and are now on average around $110k. Travelex is even reported to have paid hackers a huge $2.3m in an attempt to recover from an attack in January which was instrumental in eventually forcing the company into administration. We’re seeing the same threats that organisations have faced for years, now evolving with tactics that capitalise on world events to facilitate their effectiveness. The increase in remote working due to the global pandemic is one example of this; significantly amplifying the risks businesses face from these threats, and making the need for effective cyber resilience essential.

It is likely that cyber resilience strategies are lacking key elements, with some organisations not having a strategy at all - Security leaders need to invest in strategies that build resilience, while moving at the same pace as digital transformation. When it comes to protection, raising user awareness across the whole business is of paramount importance. Arming employees with the knowledge they need to practice secure email and browsing habits can prevent many ransomware attacks from succeeding. Protection also involves backing up data securely, reliably and automatically. The strongest position to be in is one where you can just walk away from attackers because you have another clean and safe copy - backup and recovery solutions can give you this. Protection is only one element of a


(DIFC DP Law) came into force on 1 July 2020 and, as of 1 October 2020, is now being enforced. The new DPL 2020 law will actively benefit companies in a range of ways. Not only will it ensure companies have to manage data more effectively to achieve compliance, it will also increase companywide efficiency, provide competitive advantage, and protection against malware attacks. Compliance is most effective when organisations enter into the spirit of regulations, rather than trying to paper over the cracks in their systems in order to abide by the letter of the law. To truly engage with compliance, businesses need to implement good data management practices. comprehensive data strategy, something that has always been a necessity is compliance – an area where many have struggled to distinguish myth from fact. Compliance Despite months of publicity surrounding the General Data Protection Regulation (GDPR), including the potential benefits of compliance, very few organisations were actually ready for the designated deadline, with many of the view that this would merely be an arbitrary law with little consequence. This led to many businesses scrambling to catch up, both before and after the implementation date. One of the most common myths surrounding GDPR is that it only applies to companies that store or processes personal information about EU citizens within EU states. This view doesn’t go anywhere near far enough, however. Even if your business is GDPR compliant, you must ensure suppliers and contractors are also GDPR compliant – regardless of where they sit in the world. Many ended up falling into this trap, which had led to overconfidence, poor risk assessments, wasted effort and ultimately noncompliance. It’s easy to forget that the new regulations are a unique opportunity for businesses to improve data protection practices and help to prevent cybercrime. In the Middle East, the recent DIFC Data Protection Law, Law No. 5 of 2020

Data Storage Another question to consider is, where is all the data actually stored? For most, the answer to this is in mega data centres. Hordes and hordes of data are stored in such facilities – where organisations adopt an ‘out of sight, out of mind’ approach. A large portion of this is actually considered as ‘dark data’ - data which is acquired through various dayto-day operations but not categorised for use to derive insights or for decision making. People also think that data centres are just ‘safe’ storage facilities – however maintaining the upkeep of the data in these centres has come into sharp focus in recent months. For instance, on average 52 percent of all data stored by organizations worldwide is ‘dark’ as those responsible for managing it don’t have any idea about its content or value. Here in the UAE, dark data stood at around 47%, according to the 2019 Veritas Middle East Databerg Report. More recently, updated findings for 2020 revealed that 75% of the data stored by the surveyed organisations in the UAE is dark and ROT (Redundant, Outdated, Trivial information) – 42% being dark and 33% being ROT. The associated belief is that this dark data is no longer required, so it has little value and therefore little impact on operations. What organisations need to remember is that they themselves

are 100% responsible for all of it, whether it lives on premises, or has been outsourced via a third-party cloud provider. It’s important to remember that all data that is deemed worthy to keep hold of has tremendous value, if not to the organisation – then at the very least to hackers. Much has been said about the financial cost of dark data, but the environmental cost has, so far, often been overlooked. In April this year Veritas estimated that 5.8 million tonnes of CO2 will be unnecessarily pumped into the atmosphere as a result of powering the storage of dark data this year alone. While, on average, 52 percent of all data stored by organisations worldwide is ‘dark’, analysts predict that the amount of data that the world will be storing will grow to 175ZB by 2025. This implies that, unless people change their habits, there will be 91ZB of dark data in five years’ time – over four times the volume we have today, with all the energy associated with powering the infrastructure in which the data lives. By simply managing and clearing out our dark data, we will be helping the planet. When a more structured and responsible approach to data management is taken, there are countless potential rewards. Organisations that take a holistic view of their data can expect to see improved employee productivity, lower costs, more satisfied customers and increased compliance. When the correct approach is taken, data management stops being a cost to the business, and transforms into an asset that creates both value and unveils better business opportunities. It’s time for organisations to understand that big data is a big responsibility. Properly managed data has the potential to make or break a business, providing benefits that begin with knowing where their data is located to utilising their data in a way that builds competitive advantage. With data being at the heart of every business, it’s time we start treating it and managing it with the weight that it deserves – and there’s no better time to do so than now.

JANUARY 2021

CXO INSIGHT ME

39


VIEWPOINT

HOW THE PANDEMIC IS CHALLENGING YOUR IT NETWORK WHILE CONVERGENCE OF NETWORKING SYSTEMS HAS BEEN TAKING PLACE, THE BENEFITS OF A SINGLE AND AGILE NETWORK TO MANAGE EVERYTHING HAS BEEN ACCELERATED, EXPLAINS ARAFAT YOUSEF, MANAGING DIRECTOR – MIDDLE EAST & AFRICA, NEXANS DATA NETWORK SOLUTIONS

T

he pandemic of 2020 has made the concept of remote teams and remote work collaboration a reality. Previously used by digitally mature and advanced organisations, like high-tech companies, the requirement of enabling mobile work triggered by the need for social isolation across much of 2020, has forced all organisations to adapt to this new reality. Transformation of the physical workplace has been a logical consequence, whether at home or at the office. Team members whether they are part of the family working at home, or employees when they are working from the office by rotation, will usually not sit at any one physical location. They need to be able to work equally well from any place in the office work area. Wi-Fi network connectivity and power over the Ethernet networks (PoE) need to be ubiquitously available and scalable across such places of work. Flexibility and scalability of the Wi-Fi network access points, access to the Ethernet, and availability of Power over the Ethernet, are now prerequisites to support teams working in the “new normal”. While places of work, whether they are supporting the family working and schooling at home, or employees at the office premises, are transforming, on a much wider scale, networks within buildings themselves are also transforming. Just a few years ago, the convergence of voice into IP based, LAN data networks, 40

CXO INSIGHT ME

JANUARY 2021

was a high point of disruption and innovation. Since then, there has been a relentless trend into converging siloed networking systems into IP networks. Today, these include security systems, building management systems, access entry systems, biometric systems, digital signage, low voltage power, LED lighting. This has spawned the term – ‘Everything over IP’ or an ‘All-IP’ approach in the convergence of isolated networks. The benefits of this convergence of networks are many, fueling continuous industry innovation and end user adoption. Such, ‘Everything over IP’ networks, offer significant benefits ranging from savings in power, cost, time for installation, activation, modifications and upgrades of networks. Such types of networks also reduce the chances of network failures and downtime and because of their ability to rapidly scale up or down, match today’s requirements demanded by agile organisations. However, all these innovations and transformations are also putting pressure on the design and architecture of networks. These include: • Mapping the networks to match the functional distribution of workers. In others words, there should be more network points and connectivity, wherever there is more employee activity. Working areas with a high density of people and devices should also have the provision to provide higher network connectivity and power usage. • Creation of active consolidation points to allow networks to scale. Creation of

consolidation points allow the network to support an unlimited number of devices in theory. In practice, it means it should be possible to create additional network points on demand. • Fibre To The Office (FTTO), can be used to boost redundancy and longevity. FTTO is a centralised LAN cabling technology that combines passive fibre cabling with active switches and requires no floor distributors or technical rooms. Combining fibre and copper offers the advantages of a fibre infrastructure, while end user devices can be connected with a standard copper connection, guaranteeing no changes in usage and comfort for the end user. The concept of a digital ceiling solution is becoming increasingly relevant in digitally advanced buildings. The traditional LAN network is now being deployed vertically to support growing installation of ceiling access points, surveillance cameras, motion sensors, indoor atmospherics, amongst others. A digital ceiling approach combined with an FTTO solution could bring significant benefits in terms of flexibility and scalability to the building’s IT network infrastructure. The benefits of such, single converged networks, that support the connectivity requirements of agile organisations, are being realised every day. Hot-desking and smart desking are now logical and functional solutions realised in the office workspace. For network administrators, managing a single network for operations, performance and efficiency offers huge time and cost savings.


VIEWPOINT

TIPS TO PROTECT YOURSELF AGAINST CYBERCRIMINALS EFI DAHAN, MANAGING DIRECTOR, PAYPAL FOR CENTRAL AND EASTERN EUROPE AND ISRAEL, EXPLAINS HOW CUSTOMERS CAN SAFEGUARD THEMSELVES AGAINST CYBERCRIMINALS IN THE GLOBAL DATA CHAOS.

A

t the beginning of the pandemic, along with the rapid rise of digital workplaces’ popularity, 40% of companies saw an increase in cyberattacks and only 30% of them declared they feel fully prepared to move to remote work. Even World Health Organisation noted that since the start of the pandemic it has seen fivefold increase in cyberattacks directed at its staff. The most common attack that internet users are likely to experience is phishing – about 90% of all cyberattacks’ attempts are based on impersonating other entities. Many industry organisations and companies note that ever since the start of the pandemic they observed a significant increase in the cyberattacks. Phishing or scam attempts will usually promise something impossible yet very desired in return for our personal data. Before the user understands what is going on, it is usually too late because some damage has been already done. The global chaos is a perfect playing field for the cybercriminals who usually do not hesitate to use their advantage in such situations. The fears for the health and safety of families might make the internet users an easier prey for them. But there are some steps that everyone can take in order to avoid unpleasant situations. Watch out for phishing The cybercriminals will try to

impersonate various companies, delivery couriers, payment methods, e-stores or traditional stores. They might call, send emails, or text messages. Usually, they will state that there’s an incredible opportunity which needs to be taken advantage of very quickly (i.e, a sale or a discount), or highlight that there is some sort of danger which needs to be fixed quickly (i.e. to prevent your account from being blocked). If the user is unsure about the authenticity of that email, they might want to avoid clicking links in the message and instead of that, log in to their account directly from their browser or check in with the customer support. Pay attention also to typos, punctuation, or weird grammar – usually, official messages

from the company will not contain such omissions. To make sure that everything is alright, it is also worth contacting them directly, i.e, by phone. Suspicious shop promotions Many users are exposed to targeted advertisements in social media showcasing unique products or highlighting discounts. Among a variety of really interesting goods offered by many niche shops, it is often difficult for sellers to understand whether they can trust a particular e-store, especially if it’s located abroad. In such cases, the user could look up reviews of the store to see what other buyers think about it. It is also helpful to take a look at the return policy and check the quality of its customer support. Payment methods that are available in the e-shop are also a good indicator of its trustworthiness. For example, if the user pays with PayPal and there is something wrong with the product or – worse – it never arrives at all, it is easy to dispute the unsuccessful purchase and receive the money back. Other suspicious situations might involve a seller asking the buyer to transfer money through unofficial channels rather than the official payment method available on the website. The companies also protect their customers Customers should be careful at all times and be wary of offers that are too good to be true. The importance of the trusted payment method is highlighted in such situations, as the fintech companies not only help their customers in recovering the money when something goes wrong. They also continuously work to ensure the highest protection measures are used for money transfers, such as fraud prevention based on machine learning, throughout the efforts of in-house IT specialists or acquisitions, such as the purchase of Simility by PayPal in 2018, valued at $120 million.

JANUARY 2021

CXO INSIGHT ME

41


REPORT

THREATS PREDICTIONS FOR 2021 A NEW REPORT FROM MCAFEE LOOKS AHEAD AT CYBER THREATS LIKELY TO CONFRONT US IN THE MONTHS AND YEARS AHEAD.

O

n December 13, 2020, the cybersecurity industry learned nationstate threat actors had compromised SolarWinds’s Orion IT monitoring and management software and used it to distribute a malicious software backdoor called SUNBURST to dozens of that company’s customers, including several high-profile U.S. government agencies. This SolarWinds-SUNBURST campaign is the first major supply chain attack of its kind and has been referred to by many as the “Cyber Pearl Harbor” that U.S. cybersecurity experts have been predicting for a decade and a half. The campaign also represents a shift in tactics where nation state threat actors have employed a new weapon for cyber-

42

CXO INSIGHT ME

JANUARY 2021

espionage. Just as the use of nuclear weapons at the end of WWII changed military strategy for the next 75 years, the use of a supply chain attack has changed the way we need to consider defense against cyber-attacks. This supply chain attack operated at the scale of a worm such as WannaCry in 2017, combined with the precision and lethality of the 2014 Sony Pictures or 2015 U.S. government Office of Personnel Management (OPM) attacks. Within hours of its discovery, the magnitude of the campaign became frighteningly clear to organisations responsible for U.S. national security, economic competitiveness, and even consumer privacy and security. While some may argue that government agencies are legitimate targets for nation-

state spy craft, the campaign also impacted private companies. Unlike government networks which store classified information on isolated networks, private organisations often have critical intellectual property on networks with access to the internet. Exactly what intellectual property or private data on employees has been stolen will be difficult to determine, and the full extent of the theft may never be known. This type of attack also poses a threat to individuals and their families given that in today’s highly interconnected homes, a breach of consumer electronics companies can result in attackers using their access to smart appliances such as TVs, virtual assistants, and smart phones to steal their information or act as a gateway to attack businesses while users are working remotely from home.


What makes this type of attack so dangerous is that it uses trusted software to bypass cyber defenses, infiltrate victim organisations with the backdoor and allow the attacker to take any number of secondary steps. This could involve stealing data, destroying data, holding critical systems for ransom, orchestrating system malfunctions that result in kinetic damage, or simply implanting additional malicious content throughout the organisation to stay in control even after the initial threat appears to have passed. McAfee believes the discovery of the SolarWinds-SUNBURST campaign will expose attack techniques that other malicious actors around the world will seek to duplicate in 2021 and beyond. Weaponised AI Attacks on Cloud Platforms and Users The COVID-19 pandemic has also hastened the pace of the corporate IT transition to the cloud, accelerating the potential for new corporate cloudrelated attack schemes. With increased cloud adoption and the large number of enterprises working from home, not only is there a growing number of cloud users but also a lot more data both in motion and being transacted. McAfee cloud usage data from more than 30 million McAfee MVISION Cloud users worldwide shows a 50% increase overall in enterprise cloud use across all industries the first four months of 2020. Our analysis showed an increase across all cloud categories, usage of collaboration services such as Microsoft O365 by 123%, increase in use of business services such as Salesforce by 61% and the largest growth in collaboration services such as Cisco Webex (600%), Zoom (+350%), Microsoft Teams (+300%), and Slack (+200%). From January to April 2020, corporate cloud traffic from unmanaged devices increased 100% across all verticals. During the same period, McAfee witnessed a surge in attacks on cloud accounts, an estimated 630% increase overall, with variations in the sectors that were targeted. Transportation led vertical industries with a 1,350% increase in cloud attacks, followed by education (+1,114%),

government (+773%), manufacturing (+679%), financial services (+571%) and energy and utilities (+472%). The increasing proportion of unmanaged devices accessing the enterprise cloud has effectively made home networks an extension of the enterprise infrastructure. We expect that widespread attacks will start weaponising AI for better efficacy against thousands of heterogenous home networks. One example could be a widespread brute force attack against O365 users, where the attacker seeks to leverage stolen credentials and exploit users’ poor practice of re-using passwords across different platforms and applications. As many as 65% of users reuse the same password for multiple or all accounts according to a 2019 security survey conducted by Google. AI will be leveraged to exploit this practice at scale. Where an attacker would traditionally need to manually encode first and last name combinations to find valid usernames, a learning algorithm could be used to predict O365 username patterns. Additionally, instead of launching a classic brute force attack from compromised IPs until the IPs are blocked, resource optimisation algorithms will be used to make sure the compromised IPs launch attacks against multiple services and sectors, to maximise the lifespan of compromised IPs used for the attacks. Distributed algorithms and reinforcement learning will be leveraged to identify attack plans primarily focused on avoiding account lockouts. While the volume of sensitive data in motion increases and enterprise cloud postures mature, we also predict that the attackers will be forced to handcraft highly targeted exploits for specific enterprises, users and applications. The recent Capital One breach was an example of an advanced attack of this kind. The attack was thoroughly cloudnative, it was sophisticated and intricate in that a number of vulnerabilities and misconfigurations across cloud applications (and infrastructure) was exploited and chained. It was not a matter of chance that the hackers were successful, as the attack was very well hand-crafted.

McAfee believes attackers will start leveraging threat surfaces across devices, networks and the cloud in these ways in the months and years ahead. New Mobile Payment Scams Mobile payments have become more and more popular as a convenient mechanism to conduct transactions. A Worldpay Global Payments Report for 2020 estimated that 41% of payments today are on mobile devices, and this number looks to increase at the expense of traditional credit and debit cards by 2023. An October 2020 study by Allied Market Research found that the global mobile payment market size was valued at $1.48 trillion in 2019, and is projected to reach $12.06 trillion by 2027, growing at a compound annual growth rate of 30.1% from 2020 to 2027. Additionally, the COVID-19 pandemic has driven the adoption of mobile payment methods higher as consumers have sought to avoid contact-based payments such as cash or physical credit cards. But fraudsters have followed the money to mobile, pivoting from PC browsers and credit cards to mobile payments. According to research by RSA’s Fraud and Risk Intelligence team, 72% of cyber fraud activity involved the mobile channel in the fourth quarter of 2019. The researchers observed that this represented “the highest percentage of fraud involving mobile apps in nearly two years and underscores a broader shift away from fraud involving web browsers on PCs.” McAfee predicts there will be an increase in “receive”-based mobile payment exploits, since they provide a quick mechanism for fraudsters that combines phishing or smsishing messages with payment URLs. This could take shape in schemes where fraudsters set up a fake call center using a product return and servicing scam, where the actors send a link via email or SMS, offering a refund via a mobile payment app, but the user is unaware that they are agreeing to pay versus receiving a refund. In the same way that mobile apps have simplified the ability to conduct transactions, McAfee predicts the technology is making it easier to take advantage of the convenience for fraudulent purposes.

JANUARY 2021

CXO INSIGHT ME

43


PRODUCTS

Sony wireless speakers

S

ony has launched the SRS-RA5000 and SRS-RA3000, its latest premium wireless speakers. Equipped with Sony’s unique spatial sound technologies and packed with smart features, the speakers fill your room with your favorite background music. The ambient room-filling sound creates a calm atmosphere, allowing you to relax as if you were at your favorite café. Perfect for everyone, these speakers allow you to immerse yourself in your favorite music and create a calm and unobtrusive atmosphere where music is your perfect companion every day. Unlike most speakers that

spread sound horizontally, these speakers spread background music both horizontally (wallto-wall) and vertically (floor-toceiling) with Immersive Audio Enhancement and Sony’s 360 Reality Audio content playback. The RA5000 and RA3000 provide Immersive Audio Enhancement (IAE) based on Sony’s unique algorithm, transforming 2-channel stereo tracks into ambient room-filling sound. Whether you’re cooking, cleaning, working or catching up with friends, the speakers diffuses sound both horizontally and vertically to envelop you in all directions, while recreating a soothing atmosphere.

NOKIA 5.4 Championing speed and performance at amazing value, the Nokia 5.4 is the perfect partner for budding photographers. The signature quad camera stamps out shutter lag completely and has been upgraded to 48 megapixels – that’s 162 times better than the first Nokia camera phone (the Nokia 7650). This means you’ll never miss a moment – whether your capturing your passion project or precious family moments. Treasured videos will look richer than ever with professional colour grading for a cinematic feel to your home and work movies. As for that all-important performance, the Nokia 5.4 promises a 44

CXO INSIGHT ME

JANUARY 2021

faster and smoother experience. The impressive combo of a 48MP quad camera and 16MP front camera allow you to take stunning photos and videos. Capturing incredible detail at any time and in any place has never been easier – be it in the light, dark, at home or on the move.

The main camera’s ultra-wide lens takes in the bigger picture and is perfect for expansive landscape shots. Meanwhile, the depth and macro cameras will get those portraits and close-up snaps just right. Shutter lag is so often the ruin of that on-the-move, once in a lifetime shot – for the Nokia 5.4, this has been reduced to zero, meaning you won’t miss that neveragain moment.


Thales doublesided ID reader Thales has announced the world’s only doublesided ID card reader, the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds. The design of the intelligent reader allows to speed up the process, while guaranteeing a high security level, and offering cost benefits to the operators. It simplifies the process of ID verification and offers a touchless check, which is all the more important in the Covid-19 era. The Thales Gemalto Intelligent Double-sided ID Card Reader CR5400i enables fast, secure and remote identity document verification. The reader protects

businesses (airports, casinos, hotels, stores, etc.) from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The “i” version permits multiple intelligent readers to be centrally connected via WiFi – ideal for organisations that need to deploy a fleet of readers such as retail stores and financial institutions. The compact device can also be set up, managed and serviced remotely. Using the device is very easy: the user simply inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator. It provides a better customer experience while capturing and authenticating scanned data.

FORTIGATE RUGGED 60F

Belkin SOUNDFORM audio

Fortinet announced the FortiGate Rugged 60F with built-in LTE next-generation firewalls, the industry’s first secure SD-WAN appliances certified to perform in operational technology (OT) environments. Built for non-environmentally controlled sites, these new ruggedized versions of the FortiGate platform enable the easy deployment of Fortinet’s industry leading Secure SD-WAN solution in locations never before possible for OT organizations in industries such as utilities and energy, manufacturing, and transportation. In addition to being the only Secure SD-WAN appliance certified for operational technology environments, the FortiGate Rugged 60F platform delivers the industry’s highest security and networking performance. Powered by Fortinet’s patented SOC4 SD-WAN ASIC, the FortiGate Rugged 60F platform delivers low-latency protection, including SSL decryption, and higher IPsec VPN scale on top of integrated SD-WAN capabilities that are all managed by Fortinet’s intuitive SD-WAN orchestrator. Fortinet’s solution is also backed by industry validation.

Belkin, has unveiled two new products across its SOUNDFORM audio portfolio and BOOST↑CHARGE mobile power collection, adding new device location features utilising Apple’s Find My network, and expanding its lineup of MagSafe compatible products. The SOUNDFORM Freedom True Wireless Earbuds offer an enhanced listening experience with custom-built drivers, 8-hour non-stop play time, environmental noise cancellation, and Qi wireless charging with an additional 20 hours of charge. The new True Wireless Earbuds are also built with finding capabilities through Apple’s Find My network, an advanced crowdsourced finding network with uncompromising privacy built in, that will allow customers to use the Find My app to locate them in case they are lost or stolen. Belkin’s signature sound with custom drivers deliver powerful bass and exceptional clarity. Together with the Qualcomm QCC3046 Bluetooth SoC, Belkin’s clear call technology delivers the best possible call quality without the distraction of background noise, said the firm.

JANUARY 2021

CXO INSIGHT ME

45


BLOG

WAYS OF WORKING IN 2021 AND BEYOND ASSAAD EL SAADI, REGIONAL DIRECTOR – MIDDLE EAST, PURE STORAGE, SAYS WE SHOULD RETHINK, REFRESH AND REVISE HOW WE WORK

T

o say that 2020 has been a tumultuous year would be an understatement. We’ve faced disruption and upheaval to every facet of our personal and professional lives, including routines that we have relied on for years if not decades, right down to buying groceries and exercising. Understandably, many of us have been left wondering when things might go back to normal. With vaccines now available, there are early signs that we may be on the road back to normality. However, just because we may be able to return to the status quo in 2021, who’s to say that we should? I speak in the context of our professional lives. This year has presented us with an opportunity to take pause and rethink the way we live and work, as well as the chance to establish a new sense of balance moving forwards. 2020 has been a challenging year but the optimist in me sees the silver linings. For example, many of us have eliminated long or costly commutes and traded non-essential meetings and international travel for tele-working and Zoom calls, resulting in more time spent with our families, room for hobbies, a lower carbon footprint and a decrease in global emissions to name a few. In particular, over the last several months I have spent a lot of time thinking about how we have navigated this change, how to apply key learnings, and how to help my colleagues and their teams adapt to the new normal that’s set to arrive in 2021 and beyond. Here’s what I’ve learned so far: Empathy comes first – at this time, more than ever, empathy must come first in every conversation. “Seek to understand before seeking to be understood” – Stephen Covey

1 46

CXO INSIGHT ME

JANUARY 2021

2

Energy stores are generated by Self, Family, Work in that order – Focus on your own health and your family bond in order to supercharge your energy available at work. Perspective helps people process change – maximise your exposure to a wide array of opinions, including ones that conflict with what you believe. Challenge your thinking and create new opinions. Share your learnings with your teams. Remote meetings – evolve your format - Don’t simply leverage Zoom as a platform for your meetings, evolve the way you conduct meetings to drive engagement, participation and most importantly collaboration – think about breakout rooms, post-it notes and whiteboard functionality to really change the experience. Integrate podcasts to breakthrough monotony of webinars. In my opinion thoughtful dialogue delivered via podcast provides a different forum than conference calls or webinars and within my organisation, overall knowledge and learnings have dramatically improved. One of the things I love best about the podcast format is how easy it is to access them on my mobile device and having the choice to listen to just the audio, or to get a richer experience with video for those shows that are also filmed. Ruthlessly Prioritise – Focus on what is important, eliminate “busy work” with no tangible outcomes and help your teams prioritise outcomes over activity. Inspect the outcomes, not the tasks. Get beyond the walls of your office – Get out of your home office, enjoy nature, listen to a podcast, or even take a call the “old school” way while

3

4

5

6 7

walking around the neighborhood. Video conferencing is an incredible technology but it is not intended to replace every other form of communication. Communicate to your teams with an emphasis on ‘why’ – Help your teams connect every announcement or corporate change with the relevance to your organisation and why it matters. You should also make the connection clear as to how changes and developments will help employees deliver a better service/experience to your customers. Cut yourself some slack – This is hard and not every idea you try is going to work. Be honest with yourself and your teams about what is working and what is not. Don’t be afraid to show humility. We are going through 10 years of change in less than 12 months and there are bound to be bumps along the road. There are countless other lessons to be learned from this year, but if you can integrate some of these learnings into your work life you’ll soon see the benefits. Your colleagues will appreciate a conscious effort to lead by example through compassion and a laser-focus on outcomes. Indeed, companies and managers who place physical and mental health of employees first and foremost are set to attract and retain the best talent. Those leaders who champion empathy, an innovative way of doing business and an understanding and recognition of their employees’ unique personal lives will get the most out of their staff, regardless of whether this is in-person or remote. It will be interesting to see which companies get it right, and whether new companies emerge to take market share from those unable to adapt to this uniquely challenging environment.

8

9




Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.