WWW.CXOINSIGHTME.COM
ISSUE 03 \ NOVEMBER 2018
REIMAGINING RETAIL HOW LULU GROUP CIO IS TRANSFORMING CUSTOMER EXPERIENCE WITH DIGITAL TECHNOLOGIES
PUBLICATION LICENSED BY SHARJAH MEDIA CITY
CONTENTS
43
PRODUCTS A10 THUNDER 7445 TPS
AXIS 4-IN-1 CAMERAFOLIO
18 REIMAGINING RETAIL
HOW LULU GROUP CIO IS TRANSFORMING CUSTOMER EXPERIENCE WITH DIGITAL TECHNOLOGIES
WD PURPLE PORTFOLIO
10
24
VIEWPOINT
FEATURE
DATA IS 08 POWERFUL SHARED DATA
10 CHANGING THE FACE OF IT
6
28
FOSTERING AN AGILE IT ORGANISATION
24
SPIRE SOLUTION PARTNERS WITH FINITE STATE
32
SUCCESS BREEDS SUCCESS INTERVIEW
34 STRIKING THE BALANCE HOW TO STAY 36 GDPR: COMPLIANT PUBLISHED BY INSIGHT MEDIA & PUBLISHING LLC
22
WHAT LIES BENEATH
THE RISING ALTERNATIVE
WITH A CHANCE 39 COFLOUDY ERP
NEWS
IBM SNAPS UP RED HAT FOR $34B HONEYWELL OPENS IoT INNOVATION HUB ORACLE UNVEILS BUSINESS-READY BLOCKCHAIN APPS
NOVEMBER 2018
CXO INSIGHT ME
3
EDITORIAL
A CLOUDY FORECAST
R
ecently, I’d the opportunity to anchor a roundtable with some of the high profile C-level executives, discussing cloud strategies for digital transformation. I was surprised by the fact that cloud has gained steam in our region and many of those IT leaders who participated in the discussion have moved a significant chunk of their workloads to cloud environments. This is in stark contrast to a roundtable discussion I led a few years ago, where cloud was viewed askance by some mainly because of security reasons. According to the stats from cloud security company Skyhigh Networks (part of McAfee), an average enterprise today uses 1400 distinct cloud services. This reflects the fact that enterprises are getting increasingly comfortable with cloud and the customers in the Middle East are no different. The fact that Microsoft and AWS are setting up their data centres in the region has also instilled more confidence as it addresses the data residency issue mandated by regulators, which was a significant roadblock for many. But, does that mean cloud has finally come of age in the Middle East? The impression I got by talking to many of these CIOs is that there are
Published by
Publication licensed by Sharjah Media City @Copyright 2018 Insight Media and Publishing
Managing Editor Jeevan Thankappan jeevant@insightmediame.com +97156 - 4156425
Contributing Editor Sarah Rizvi editor@insightmediame.com +97156 - 8949318
still many unresolved issues. They may have moved less critical workloads to the cloud, but no one has moved their core production systems yet. Many of them are of the opinion that cloud is not meant for every technology workload and some systems will always remain on-premise infrastructure, on which they have invested heavily in. The number one concern, if you ask CIOs, is cloud cost management. Suddenly, they have realised that cloud is not exactly cheap as it was touted to be, and not managing underutilised assets could lead to what is being referred to as ‘cloud sticker shock.’ This can be even more dauting when you are dealing with multiple clouds. Another big worry is around exit plan. The cloud computing world is starting to be dominated by mega providers and it’s not always easy to roll back applications once you move them to the public cloud. Though multicloud strategy is now being bandied around as a solution for this pesky vendor lock-in, it is time for cloud providers to come up with a single standardised framework for SLAs and application portability between various clouds, and most importantly allow users to get out easily when they want to.
Sales Director Merle Carrasco merlec@insightmediame.com +97155 - 1181730
Production Head James Tharian jamest@insightmediame.com +97156 - 4945966
Operations Director Rajeesh Nair rajeeshm@insightmediame.com +97155 - 9383094
Administration Manager Fahida Afaf Bangod fahidaa@insightmediame.com +97156 - 5741456
While the publisher has made all efforts to ensure the accuracy of information in this magazine, they will not be held responsible for any errors
NOVEMBER 2018
CXO INSIGHT ME
5
NEWS
SPIRE SOLUTIONS PARTNERS WITH FINITE STATE
U
AE-based value-added distributor Spire Solutions has partnered with IoT and firmware security solutions provider Finite State to bring its IoT security platform to the Middle East. “The growing deployment of IoT devices within the corporate infrastructure is an asset, of course, but can also scale up risk. Backdoor accounts, software vulnerabilities and poor authentication are common problems. Simply keeping devices updated with manufacturer patches or depending on your enterprise security stack is not always effective,” said Avinash Advani, CEO of Spire Solutions. According to Advani, this proliferation of IoT has translated into mounting vulnerabilities — a single unsecured IoT device can undo an organisation’s best-laid cyber security plans. “The Finite State Platform employs national-security grade capabilities to
identify and secure IoT vulnerabilities. With its ability to provide unparalleled visibility into IoT devices, detect and assess risks, isolate attacks and send advance alerts to IT teams, it can be a tremendous asset to businesses
IBM SNAPS UP RED HAT FOR $34B
IBM and Red Hat have reached a definitive agreement under which IBM will acquire all of the issued and outstanding common shares of Red Hat for $190.00 per share in cash, representing a total enterprise value of approximately $34 billion. “The acquisition of Red Hat is a game6
CXO INSIGHT ME
NOVEMBER 2018
changer. It changes everything about the cloud market,” said Ginni Rometty, IBM Chairman, President and Chief Executive Officer. “IBM will become the world’s #1 hybrid cloud provider, offering companies the only open cloud solution that will unlock the full value of the cloud for their businesses.
in the Middle East. After evaluating its reach and reputation within the region, we believe Spire Solutions is the right partner to help us bring this platform to the Middle East,” said Matt Wyckhouse, CEO of Finite State.
“Joining forces with IBM will provide us with a greater level of scale, resources and capabilities to accelerate the impact of open source as the basis for digital transformation and bring Red Hat to an even wider audience – all while preserving our unique culture and unwavering commitment to open source innovation,” said Jim Whitehurst, President and CEO, Red Hat. With this acquisition, IBM said it will remain committed to Red Hat’s open governance, open source contributions, participation in the open source community and development model, and fostering its widespread developer ecosystem. In addition, IBM and Red Hat will remain committed to the continued freedom of open source, via such efforts as Patent Promise, GPL Cooperation Commitment, the Open Invention Network and the LOT Network.
HONEYWELL OPENS IoT INNOVATION HUB Honeywell has opened an innovation hub at the company’s regional headquarters in Dubai. The Honeywell Technology Experience Center is designed to promote knowledge exchange demonstrate the value that can be gained from the adoption of Internet of Things (IoT) technologies. With this centre, Honeywell expects to engage visitors from a wide range of backgrounds and industries, ranging from oil and gas, petrochemicals and manufacturing, to smart buildings and cities, transportation, aviation, supply chain and logistics. This Technology Experience Center will serve as a platform to engage with stakeholders from the UAE
and Gulf states, as well as Turkey, Russia, Central Asia, India and Africa. Interactive activities at the Center are tailored to industry-specific interests that allow visitors to take control of an industrial control room, oversee the security, safety and productivity of a modern skyscraper, learn how a connected city works, or test their skills
at flying an aircraft simulator equipped with advanced connected technologies. The Center is co-located with the Honeywell industrial cybersecurity center of excellence (COE), that was formally launched in February 2018. The Honeywell Technology Experience Center joins existing locations in Washington D.C., and Shanghai.
ORACLE UNVEILS BUSINESS-READY BLOCKCHAIN APPS Oracle has launched Oracle Blockchain Applications Cloud, aimed at helping customers increase trust and provide agility in transactions across their business networks. The new suite of use-case-specific SaaS applications enhance traceability and transparency throughout the supply chain. Oracle Blockchain Applications are built with Oracle Blockchain Cloud Service and seamlessly connect with Oracle Supply Chain Management (SCM) Cloud, Oracle Enterprise Resource Management (ERP) Cloud and other Oracle Cloud Applications. These applications are built with Oracle Blockchain Cloud Service, which was launched earlier this year. It helps organisations build blockchain networks to drive
more secure and efficient transactions with their trading partners. Oracle’s blockchain platform has experienced tremendous momentum and has been adopted by many global organisations spanning a wide range of industries and verticals including transportation, supply chain and logistics, energy, retail and ecommerce, financial
services, telecommunications, and public sector. A few of the many organisations already using Oracle Blockchain Cloud Service include Arab Jordan Investment Bank, CargoSmart, SERES, Certified Origins, Indian Oil, Intelipost, MTO, Neurosoft, Nigeria Customs, Sofbang, Solar Site Design, and TradeFin.
NOVEMBER 2018
CXO INSIGHT ME
7
VIEWPOINT
POWERFUL DATA IS SHARED DATA JAMES PETTER, VP EMEA, PURE STORAGE, ON HOW TO CONQUER THE DATA SILO SPRAWL
A
ccording to IDC, spending on data-intensive AI systems in the Middle East & Africa (MEA) region will grow at a CAGR of 32 percent between 2016 and 2021, reaching $114.22 million in 2021. Projects range from automated customer service agents, shopping and product recommendations to health and safety use cases such as automated cyber threat detection and AI-powered medical research, diagnosis and treatment. Some have referred to this opportunity as the “Fourth Industrial Revolution.” That’s a massive understatement. The last industrial revolution was driven by the assembly line―a feat of strategic engineering that helped build a car faster. Today we’re talking about feats of engineering that allow cars to drive themselves. It’s less apples to oranges and more apples to atoms! A new generation of tools, fuelled by an ability to ingest, store and deliver unprecedented amounts of data,
8
CXO INSIGHT ME
NOVEMBER 2018
are driving a tidal wave of innovation, previously relegated to the realms of science fiction. Data’s role in the future of business cannot be overstated. According to a survey conducted by MIT Technology Review, commissioned by Pure Storage, an overwhelming 87% of leaders across MEA say data is the foundation for making business decisions and 80% believe
that it is key to delivering results for customers. But acknowledging the importance of data and putting data to work are two separate things. To put the latter in perspective, a recent study conducted by Baidu showed its dataset needed to increase by a factor of 10 million in order to lower its language model’s error rate from 4.5 to 3.4%. That’s 10,000,000x more data for 1% of progress. All this research points to one thing— to innovate and survive in a business environment that is increasingly datadriven, organisations must design their IT infrastructure with data in mind and have complete, real-time access to that data. Unfortunately, mainstream storage solutions were designed for the world of disk and have historically helped create silos of data. There are four classes of silos in the world of modern analytics — data warehouse, data lake, streaming analytics, and AI clusters. A data warehouse requires massive throughput. Data lakes deliver scale-out architecture for storage. Streaming analytics go
• High-throughput for both file and object storage. Backup and data warehouse appliances require massive throughput for mainstream, file-based workloads and cloudnative, object-based applications. • True scale-out design. The power of data lake is its native, scale-out architecture, which allows batch jobs to scale limitlessly as software—not the user―manages resiliency and performance. • Multi-dimensional performance. Data is unpredictable and can arrive at any speed—therefore, organizations need a platform that can process any data type with any access pattern. • Massively parallel. Within the computing industry, there has been a drastic shift from serial to parallel technologies, built to mimic the human brain, and storage must keep pace.
WE PUT OUR MONEY IN BANKS, OR IN THE STOCK MARKET BECAUSE WE WANT OUR MONEY TO WORK FOR US. MODERN ORGANISATIONS NEED TO DO THE SAME WITH DATA, AND THEY SHOULD SPEAK TO THEIR PREFERRED VENDORS TO SEE HOW THEY CAN HELP. beyond batched jobs in a data lake, requiring storage to deliver multidimensional performance regardless of data size (small or large) or I/O type (random or sequential). Finally, AI clusters, powered by tens of thousands of GPU cores, require storage to also be massively parallel, servicing thousands of clients and billions of objects without data bottlenecks. As a consequence, too much data today remains stuck in a complex sprawl of silos. Each is useful for its original task, but in a data-first world, silos are counter-productive. Silos mean organisational data can’t do
work for the business, unless it is being actively managed. Modern intelligence requires a data hub—an architecture designed not only to store data, but to unify, share and deliver data. Unifying and sharing data means that the same data can be accessed by multiple applications at the same time with full data integrity. Delivering data means each application has the full performance of data access that it requires, at the speed of today’s business. Data hub is a data-centric architecture for storage that powers data analytics and AI. Its architecture is built on four foundational elements:
A true data hub must have all four qualities as all are essential to unifying data. A data hub may have other features, like snapshots and replication, but if any of the four features are missing from a storage platform, it isn’t built for today’s challenges and tomorrow’s possibilities. For example, if a storage system delivers high throughput file and is natively scaleout but needs another system with S3 object support for cloud-native workloads, then the unification of data is broken, and the velocity of data is crippled. It is not a data hub. For organisations that want to keep data stored, a data hub does not replace data warehouses or data lakes. For those looking to unify and share their data across teams and applications, a data hub identifies the key strengths of each silo, integrates their unique features and provides a single unified platform for business. Think of storage like a bank, or an investment. We put our money in banks, or in the stock market because we want our money to work for us. Modern organisations need to do the same with data, and they should speak to their preferred vendors to see how they can help.
NOVEMBER 2018
CXO INSIGHT ME
9
FEATURE
CHANGING THE FACE OF IT HYPERCONVERGED SYSTEMS, WHICH PROMISE TO REDUCE DATA CENTRE COMPLEXITY AND INCREASE SCALABILITY, ARE DESIGNED FOR CONVENIENT CONSUMPT ION. HOWEVER, IT MAY NOT BE FOR EVERYONE. TEXT Sarah Rizvi
10
CXO INSIGHT ME
NOVEMBER 2018
H
yperconverged infrastructure natively collapses core storage, compute and storage networking functions into a single software solution or appliance. According to IDC, global spending on HCI is set to surpass $7.6 billion by the end of 2021. IDC believes that hyperconverged infrastructure has moved past its early market phase and is now being leveraged by a large number of organizations for a wide range of uses. However, since the MEA market is currently at the adoption stages of converged systems, hyper-converged systems are still new to the region. However, IDC analysts expect that with increased conversations around software-defined everything, along with the demands placed on the infrastructure by the adoption of technologies such as cloud, mobility, analytics, and virtual desktops, the disruption in the market by hyperconverged systems could be quite significant. “The rising interest in hyperconverged infrastructure is mainly for certain workloads like visualisation, private cloud, database, and VDI,” says Walid Gomaa, Vice President, Data Center & Cloud Solutions - Middle East at Huawei Enterprise Business Group. “Top drivers for enterprise adoption of HCI include faster deployment, simplified management, better performance, and better scalability, w hich all lead to better TCO. Another important consideration is ‘time to market’ which is why some industries have been quicker to adopt HCI. We see that financial and government sectors are leading in the implementation of HCI solutions at this stage.” Hyperconverged systems can be extremely beneficial in handling specialized applications. Considering that deploying hyperconverged infrastructure translates into faster, more reliable and secure data management with the optimum level of efficiency, are there any use cases for which hyperconverged is not appropriate? Santhosh Rao, Research Director at Gartner, says that for large scale-
Walid Gomaa, Vice President, Data Center & Cloud Solutions - Middle East at Huawei Enterprise Business Group
Swapna Subramani, Senior Research Manager – Enterprise Technologies at IDC
Paulo Pereira, Director, Systems Engineering – Emerging Markets and Eastern Europe at Nutanix
NOVEMBER 2018
CXO INSIGHT ME
11
FEATURE
Shams Hasan, Infrastructure Solutions Manager - Middle East, Turkey and Africa at Dell EMC
Santhosh Rao, Research Director, Gartner
Anand Chakravarthi, Area Vice President - Middle East, Africa and Asia Pacific at Pivot3
up databases with high CPU and memory requirements, in-memory systems are recommended to run in traditional three-tier architectures as there is no compelling technical or financial advantage for them to run in a hyperconverged cluster environment. While most HCI platforms claim to deliver both file and block services, large petabyte scale file storage is rarely consolidated on HCI platforms, he adds. “The concept of HCI currently being offered by many vendors differ greatly in the implementation, and as a result, the experience customers have can be dramatically different,” says Paulo Pereira, Director, Systems Engineering – Emerging Markets and Eastern Europe at Nutanix. Rao from Gartner says the research firm’s interactions with end-user organizations in the region reflect a strong willingness to consider alternate delivery models for infrastructure requirements. “Users are keen to understand and deploy newer technologies such as hyperconverged infrastructures which promises operational simplicity.” However, a lot of people are still unclear how converged and hyperconverged infrastructures are fundamentally different in terms of their architecture approach. “Both architectures offer customers tighter integration between components; decreased costs in deployment,
maintenance and operations; and peace of mind that the customer is acquiring a solution that works holistically; but through different architecture strategies. This difference is crucial for customers to understand because it aligns to their operational culture, skills and capabilities,” explains Shams Hasan, Infrastructure Solutions Manager - Middle East, Turkey and Africa at Dell EMC. Before taking the plunge, users will have to evaluate why they need HCI since it is not suitable for all types of workloads. Also, they need to evaluate what is the scalability required to avoid surprises in the future. In addition, they must ascertain the compatibility of the applications/ software that will run on the HCI systems. “The main benefits of HCI lie in the reduction in operating expenses and time to provision applications which is key for enterprises on their DX journey. It is best to evaluate the infrastructure demands and workloads before HCI adoption. HCI is most suited for digitally born and cloud native applications along with specific use cases and it is important to evaluate if the use case demand HCI before making that investment,” says Swapna Subramani, Senior Research Manager – Enterprise Technologies at IDC. “Going all-in for HCI can be challenge for many CIOs. Channel partners should be monitoring their customers’ storage refresh cycles, and start bringing
customers on board with softwaredefined storage. CIOs that succeed with software-defined storage can open up a broader discussion on software-defined data centers, with the cloud-based server and network virtualization that leads to hyper-converged infrastructure,” says Ossama Eldeeb, Director, Partner Organization, Middle East, Turkey and North Africa at VMware. Research firms point out that HCI will not replace legacy SAN and NAS but will be used in conjunction with them for specific workloads. “For instance, you will not deploy HCI for CCTV solution, or backup and archiving. High performance computing, artificial intelligence, big data lake and machine learning workloads are other such examples. In addition, I still don’t see HCI being deployed for billing systems for teclo or core banking solutions,” says Gomaa. Anand Chakravarthi, Area Vice President - Middle East, Africa and Asia Pacific at Pivot3, agrees: “SAN and NAS will never be truly replaced but they may become lower levels of tiered storage that is under the control of the HCI environment and management framework, with workloads and data being moved on and off them as the business requires. I do believe that they will be phased out in ME to a greater degree once the large public cloud providers truly gain a foothold, and they come to the natural end of life.”
12
CXO INSIGHT ME
NOVEMBER 2018
What does progress look like for you? Your journey into the digital future is unique. As your software partner we have the vision and industry expertise to help chart your course— and the technology to take you wherever that path leads.
Designed for progress
infor.com @InforMiddleEast
ROUNDTABLE
A FRAMEWORK FOR TRANSFORMATION HARNESSING THE POWER OF DIGITAL TECHNOLOGIES IS A TOP PRIORITY FOR ENTERPRISES IN THE REGION, REVEALS A C-LEVEL DISCUSSION ORGANIZED BY CXO INSIGHT LAST MONTH.
C
loud and IoT technologies are fuelling digital transformation of enterprises in the Middle East yet CIOs in the region are still grappling with some fundamental questions. These range from what to use cloud computing for and the hurdles to its adoption, all the way to enabling consistent operations from the data centre to the cloud and securing virtualized environments. CXO Insight ME in association with VMware assembled a high-profile panel of IT and security leaders in Dubai last month on the side lines of Gitex to discuss these vexing questions and unlock business value from digital transformation initiatives. Joe Baguley, VP and CTO, EMEA at VMware, kicked off the discussion with an overview of the challenges faced by customers in the digital era. He said: “Everyone is talking about AI, blockchain and IoT, but no one has actually done it. If we go back to the
14
CXO INSIGHT ME
NOVEMBER 2018
1990s, trends took 3 to 5 years and as an industry, we had time to work out what it was, deploy it and then move on; nowadays we have trends that last six months, and it is difficult for customers to deal with all these new things coming in.” Baguley observed that these new technologies are still in infancy with few real-world examples of “companies doing great things” with them. “Blockchain is a case in point. It is a solution looking for a problem but what most people can do with blockchain today they can do equally well with just a database. It’s the same with AI – most of what we call AI today is predictive analytics that we have been doing for the last 20 years. Also, IoT
can be a massive cycle of hype because in essence, what we are doing is just extending the network and putting insight into it,” he said. A major challenge faced by companies today is silos in their IT environments, according to the VMware CTO. He explained: “They are looking to bridge those gaps and cloud could become an extension of their existing silos. At the same time, companies are looking to what to do with their infrastructure already in place. The general trend we see is data centre consolidation, where companies are shrinking their 15 data centres to four. It is very rare to see them leaving all of their data centres and moving to the cloud. Realistically, the future of IT is hybrid.”
Baguley went on to add that customers are now looking for a strong choice of architecture and digital foundation to consolidate their existing data centres and extend it to the cloud and take advantage of moving computer and storage to the edge. They want one, globally consistent infrastructure and operations.” Herbert Fuchs, CIO of ASGC, shared an early adopter’s perspective on cloud technologies. “We have already moved a big part of our infrastructure to the cloud, and we are now pushing very aggressively into IoT area to improve labour productivity and on-site safety. However, digital transformation and automation are not a panacea to all the problems as we need to rethink our processes and see which can be improved or eliminated.” Ajay Singh, GM of VMware’s cloud management business unit, agreed and added that at the heart of digital transformation is process reengineering. “The biggest roadblock to digital transformation is the resistance to change. What is driving the push for DX is a lot of heavily-funded start-ups that are re-imagining the way we do banking, construction, agriculture or any other industry. And they are doing
NOVEMBER 2018
CXO INSIGHT ME
15
ROUNDTABLE
it with a new set of processes and a high degree of automation.” Saleem Ahmed, CIO of Sharjah Islamic Bank, raised security concerns related to the cloud. “How do we convince our management that cloud is secure and regulators, who stipulate confidential customer data should reside in the same geography?” he asked. In response, Baguley said solving these concerns is at the heart of VMware’s cloud strategy, noting that in regulated industries such as financial services and healthcare, regulators are usually quite a long way behind the real world. 16
CXO INSIGHT ME
NOVEMBER 2018
He continued: “We are allowing customers to deploy and benefit from cloud services as much as possible on premises though the economics are different. Also, to be local, we are enabling local cloud providers. We already have 4,500 companies as part of our cloud provider programme, who operate their public cloud offerings using our software. You don’t have to depend only on the top 3-4 cloud service providers anymore.” Ahmed Auda, regional managing director of VMware, pitched in with a regional perspective by pointing out the growing number of VMware cloud providers in the region that include Etisalat and Du in the UAE and STC in Saudi Arabia. However, local service providers are a better for SMEs than large enterprises, countered Faisal Ali, CIO of Gargash Group. “We have enterprises with very mature data centres and security practices in the region. It is not feasible for them to choose a small cloud service provider, whose security footprint we have no idea about. Besides, you can’t leverage the benefits of the cloud with smaller providers,” he said. Baguley allayed such fears and said that VMware would back its customers even if they choose to remain onpremise. “We are not saying the ultimate destination is public cloud and we are giving our customers a choice. When it comes to local cloud providers, you might be able to negotiate better SLAs with consulting thrown in. Besides, there is also a risk getting locked in with large service providers. You have to be aware of how easy is it to get out if you want to roll back your applications.” Vinay Sharma, CIO of Gulftainer, brought another set of issues to the table. “It is easy to move your nondifferentiating workloads to the cloud but not operational systems because we can’t afford downtime. Also, there is no standards SLAs across multiple cloud providers and a framework for service availability. We have to do a lot of due diligence and risk assessment.” Cloud computing is not necessarily
ideal for every application was the outlook of Ahmed Ebrahim Al Ahmad, CIO of Nakheel, who shared insights from his journey to the cloud. “We adopted cloud three years ago for some of our services and now we have 400 virtual machines. One of our key applications was running on 24 servers, which we managed to bring down to six VMs. By adopting a SaaS model, we have been to achieve huge cost savings, but you have to go about it in a case-to-case manner. It might be cheaper to run some services in-house.” Ajay Rathi, CIO of Meraas, gave an interesting spin to the discussion by highlighting new cloud-only applications that could persuade companies to switch over to the cloud. He said: “Enterprises are slow to adopt cloud because they have massive data centres. IT leaders don’t look at the capex, for example, we never get to the cooling costs of these facilities. So, in the near future we may close down our data centres and move everything to the cloud. Likewise, when 5G becomes available, we wouldn’t need any WLANs either.” While there are strong drivers to adopt cloud technologies, there are some important barriers as well, according to Shabeer Mohammed, CIO of Habib Bank Zurich. “We have latency-sensitive applications, which we can’t move to the cloud. Right now, you can move low hanging fruits to the cloud, but that doesn’t change the dynamics. And some of the constraints are more regional because we don’t have the flexibility of co-locating our data centres in the same facility as cloud providers as they do in Europe and the US,” he said. Other participants in the roundtable included: Rasheed Al Omari, principal business solutions strategist; Arun Tiwary, CIO of Emirates Flight Catering; Ashith Piriyattiath, CIO of Al Masah Capital; Madhav Rao, CIO of Lulu Group; Sreedhar Reddy, CIO of Aldar; Terence Sathyanarayan, CIO of Drake & Scull; Arul Jose Vigin, CIO of DIFC Courts; Ankit Satsangi, CISO of Azizi Developments; Justin Thiraviyam, CIO of Avivo Group; Ronald D’sa, CIO of OSN; and Maisam Zaidi, CIO of ALEC.
INTERVIEW
REINVENTING RETAIL WITH AN ARSENAL OF TECHNOLOGY AT ITS DISPOSAL, LULU GROUP INTERNATIONAL IS IMPROVING ITS CUSTOMERS’ SHOPPING EXPERIENCE. MADHAV RAO, CIO OF THE RETAIL GIANT, TALKS ABOUT HOW HIS COMPANY IS REVOLUTIONISING THE RETAIL WORLD BY LEVERAGING NEW TECHNOLOGIES.
18
CXO INSIGHT ME
NOVEMBER 2018
A
s a CIO, how do you see digital technologies transforming the retail sector? Embracing digital transformation is an imperative today as the pace of change in retail is accelerating. To succeed, every retailer must stay ahead of the curve with a clear strategy that will help them build lasting relationships with all the stakeholders - primarily their employees, vendors, partners and of course, the customers. I believe digital transformation is a foundational change that helps bring end-to-end transparency at every level of decision making so that all LOBs are entirely aware of all the critical decisions made across all departments in the organization.
Do you see any use cases of AI and machine learning in retail? With advances AI and machine learning, retailers can offer 24/7 support to visitors, quickly collect valuable data, track user behavior, and drive seamless brand continuity. It is already revolutionising every stage of inventory management and supply chains. AI can also help us improve conversion rates by tailoring the online experience for the consumer by making it more personalized, branded, and intelligent within the new few years without having to do any extra work. There are plenty of opportunities available in the retail domain to leverage these technologies, especially in areas such as merchandise price optimisation or a chatbot service. Another area where AI will help improve the customer experience is smart predictable searches, while machine learning algorithms will help refine the results to the customers taste. With a better understanding of the customer data, these technologies will greatly help drive us to cross-sell and upsell goods
AI CAN ALSO HELP US IMPROVE CONVERSION RATES BY TAILORING THE ONLINE EXPERIENCE FOR THE CONSUMER BY MAKING IT MORE PERSONALIZED, BRANDED, AND INTELLIGENT WITHIN THE NEW FEW YEARS WITHOUT HAVING TO DO ANY EXTRA WORK. NOVEMBER 2018
CXO INSIGHT ME
19
INTERVIEW
and services, leading to a vastly improved customer experience. Can you tell us about your IoT pilot project? At all our shopping malls, which are currently under construction, we are enabling IoT on all the assets including BMS systems, chillers, central HVAC system, escalators, parking systems, and lighting controls, etc. This will help us reduce the TCO on a long-term basis, do more proactive maintenance and give better SLA’s to the end users such as automated facility management, concierge services and become more environmentally friendly too. How do you plan to provide an integrated technology experience in your stores? Being a retail giant, we do deliver a seamless and secure omnichannel shopping experience to all our customers. I believe what it takes to become a successful omnichannel retailer is to have a smooth blend of both digital and traditional channels working as one to foster lasting relationships with customers. With this in mind, we are empowering in-store staff with digital technologies in real time, such as tablets and mobile devices to carry out in-store functions and serve customers more effectively. For example, if a customer is looking for a specific product in the store, our sales associate can check the product availability across all the stores in the region using a native mobile app. As a brick-and-mortar retailer, how do you see the e-commerce boom in the region? If you observe the key statistics, the GCC region has a population of around 246 million, of which 60% are active internet users and 93 million active social media users. It means e-commerce is a huge business opportunity today. In the UAE, for example, online commerce is the fastest growing segment of the retail 20
CXO INSIGHT ME
NOVEMBER 2018
I BELIEVE WHAT IT TAKES TO BECOME A SUCCESSFUL OMNICHANNEL RETAILER IS TO HAVE A SMOOTH BLEND OF BOTH DIGITAL AND TRADITIONAL CHANNELS WORKING AS ONE TO FOSTER LASTING RELATIONSHIPS WITH CUSTOMERS. sector. Thanks to the many expats in the region and also a large population of young, tech-savvy millennials, omni-commerce is on the rise across the region and has been growing yearon-year by 30 percent. So, it becomes even more imperative for a traditional retailer like Lulu to extend our brand offerings online and offer the same shopping experience to the customer by investing heavily in innovative technologies in mobile, data analytics and social media.
What are some of the new technologies you have adopted to improve operational efficiencies? Lulu was the first company in the GCC region to adopt in-memory technology ahead of peers by implementing SAP HANA across ERP, analytics and Integration platforms to achieve realtime visibility across key operation metrics. We have also adopted cloud technologies to leverage the benefits of flexibility, scalability and high availability that it brings. As one of the senior IT leaders in the region, what is your advice to aspiring CIOs. There are several senior IT leaders out there, and every new and aspiring CIO can connect with them and learn from their vast experience. Lead and disrupt should be the way forward. While ‘exploiting’ the existing business model, you need to ‘explore’ the new innovative business models such as real time customer engagement experience. Be proactive in your approach in terms of new ideas. Of course, every organization has its own governance, and everyone needs to follow the rules, but you still need to persuade the business leaders persistently.
INTERVIEW
THE RISING ALTERNATIVE
INFOR IS BETTING BIG ON ITS CLOUD ERP STRATEGY. JONATHAN WOOD, GENERAL MANAGER FOR INDIA, MIDDLE EAST AND AFRICA, EXPLAINS HOW HIS COMPANY IS PLANNING TO ENTICE USERS TO MOVE AWAY FROM ON-PREM SOFTWARE TO ITS CLOUDSUITE SOLUTIONS.
22
CXO INSIGHT ME
NOVEMBER 2018
I DON’T THINK THIS REGION HAS BEEN LAGGING. HOWEVER, THEY WERE THOUGHTFUL OF THE TYPE OF WORKLOADS THEY WANTED TO MOVE TO THE CLOUD. THEY HAVE MOVED NONDIFFERENTIATIVE WORKLOADS SUCH HCM AND CRM AND UNDERSTOOD WHAT IT ENTAILS. IT’S A DIFFERENT EXPERIENCE THE MOMENT YOU ENGAGE WITH A CLOUD PROVIDER AND MANY CUSTOMERS HAVE ALREADY GONE THROUGH THAT PROCESS.
I
s there a demand for cloudbased ERP solutions in the Middle East? Globally, we have 70 million active customers on Infor CloudSuite. If you look at the uptake across the region, it is consistently high, and 70 percent of what we are doing is on the cloud. Many businesses have had the time to think through the benefits and use cases. Five years ago, they were talking about security and reasons as to ‘why not.’ Today, they are asking us to show the business case, benefits and enable them to migrate from onpremises to the cloud or go directly to the cloud. In our region especially, it is a combination of these two – customers coming off individual point solutions to go directly to the cloud ERP and installed base customers who want to migrate. The nature of conversation around cloud for ERP is fundamentally changing as customers are starting to the benefits of multitenant cloud around cost efficiencies, consistency and uptime. Why is multi-tenancy better? It’s about the consistency of experience. We are providing a service that is very different from where we were five years ago in the on-prem world; we were offering a product that we built and spent our R&D dollars on, and now we are providing an ongoing solution that goes way beyond
the scope of creating just a brilliant product. We have reached a critical mass with multi-tenant environment, and we provide that consistent experience in a much simple way.
investment dollars into providing a great multi-tenant business software service. We are not typically asked by customers about on-premise offerings when we go to them and lead with cloud solutions.
Don’t you think this region has been slow to embrace cloud technologies? I don’t think this region has been lagging. However, they were thoughtful of the type of workloads they wanted to move to the cloud. They have moved non-differentiative workloads such HCM and CRM and understood what it entails. It’s a different experience the moment you engage with a cloud provider and many customers have already gone through that process. They have multiple solutions from different providers in the cloud, and now they are saying, “we have more confidence in the cloud and understand a little bit more about what it means to have a service provided to us.” They are willing to take the next step and look at cloud ERP, and that is a natural evolution. I don’t think it has been any slower in our region. The opportunity now is to cannibalise the on-prem ERP market and provide true multi-tenant cloud experience to customers.
What is the migration path for existing on-prem customers? We have made it simple for existing customers to get there. We are offering pre-packaged services centred around their essential needs -first of all, if they have an on-premise ERP they would have customised it significantly. What we provide is a pre-packaged service that helps them understand what those customisations are and how redundant most of them are. As an anecdote, we typically find a high percentage of those customisations are either available in standard product or customers haven’t used those processes in a way they expected it to be. Most business processes are not so unique to a customer that it can’t be moved to the cloud. If you need to make additions, we have extensibility tools available in the cloud. It is not that multi-tenant cloud doesn’t allow you to extend the capabilities; it’s just that you do it differently. Instead of configuring a solution on-premise, you have a service provided to you, and you can use our tools to extend its capabilities.
Will you pull the plug on singletenant and on-prem solutions? Ultimately, that is the goal so that it would allow us to put all our focus and
NOVEMBER 2018
CXO INSIGHT ME
23
FEATURE
WHAT LIES BENEATH
MANAGING SECURITY OF OPERATIONAL TECHNOLOGY AND IOT ALONGSIDE OF INFORMATION TECHNOLOGY IS A CHALLENGE FOR MANY INDUSTRIAL FIRMS. HERE IS HOW TO DEAL WITH DIFFERENT LINES OF ATTACKS. TEXT Sarah Rizvi
24
CXO INSIGHT ME
NOVEMBER 2018
T
he security aspects of IT and OT have traditionally been managed separately. It is primarily due to the high mission-critical nature of the OT infrastructure, and also the very different skill sets required to manage the IT and OT systems. Historically, OT systems have been designed to run offline on independent networks. But, now more and more OT systems are getting connected online to take advantage of Internet of Things, analytics, robotics and other emerging technologies. In many enterprises, there is a clear demarcation between IT and OT environments, and different teams tackle security concerns. While IT security is more mature with standard applications, what makes OT security particularly challenging is the fact that many of these systems were designed without secure access control in mind. Does this mean IT and OT security are entirely different? Gartner believes that 80 percent of the security issues faced by OT are almost identical to IT, while 20 percent are unique. Also, the degree to which enterprises are equipped to tackle OT security threats varies as much as it does for IT security threats. Organisations in similar verticals and of similar size are all at different points of the journey, even in the same geographies. According to the Saurabh Verma, Head of ICT & Digital Transformation
WITH CYBERCRIMINALS SPENDING UP TO 10X ON OFFENSE COMPARED WITH WHAT ORGANISATIONS ARE SPENDING ON DEFENCE, THERE NEEDS TO BE A FOCUS ON CYBERSECURITY AS A WHOLE AND NOT IN ISOLATION. Brian Chappell, Senior Director, Enterprise and Solution Architecture at BeyondTrust
- MENA at Frost & Sullivan, large and mature organisations in oil and gas, utilities, transportation, financial services are better prepared, but this in no way means that they are not vulnerable. “It is important to realise that no security solution can guarantee 100% protection; attacks and breaches are inevitable, and as much as it is about protecting the systems, it is also about how quickly enterprises can recover from an event,” he adds. Brian Chappell, Senior Director, Enterprise and Solution Architecture at BeyondTrust, says that, in general, organisations of all sizes are behind the curve in securing their systems. “With cybercriminals spending up to 10x on offense compared with what organisations are spending on
ONCE THE SHORTCOMINGS ARE UNDERSTOOD, THE ORGANIZATION SHOULD DEVELOP A TRAINING/SKILL DEVELOPMENT PLAN FIRST TO ADDRESS THE MOST IMMEDIATE NEEDS FOLLOWED BY DEVELOPING A SYSTEMATIC PLAN TO FILL IN THE REMAINDER OF THE GAPS. Kalle Bjorn, Director, Systems Engineering at Fortinet
defence, there needs to be a focus on cybersecurity as a whole and not in isolation.” A Fortinet study states that nearly 90% of organisations have now experienced a security breach within their Supervisory Control and Data Acquisition and Industrial Control Systems (SCADA/ICS) architectures, with more than half of those breaches occurring in just the last 12 months. Kalle Bjorn, Director, Systems Engineering at Fortinet, adds that the more alarming issue here is that most of those breaches have resulted in a high or critical impact on their business, from compromising their ability to meet compliance requirements, to decreased functionality and financial stability, and even affecting employee safety. The increased OT-IT convergence has brought in a variety of unique challenges in different industries, resulting in the need to create a single and unified view to monitor the security status of this diversified set of industrial and IT systems. As the two systems intertwine to enable new agile business models, it is also introducing significant new risks, many of which are catching organisations entirely unprepared. “The logical place to start securing OT systems should already be in place and that’s limiting access whether physical
NOVEMBER 2018
CXO INSIGHT ME
25
FEATURE
or network. Adopting and adapting IT cybersecurity practices for network access (firewalls), configuration management, vulnerability management, privileged access management and identity management is vital,” adds Chappell. “There exists a lot of experience in the industry when it comes to IT security. A lot of underlying technology has already been developed over the years which can be utilised in the OT environment. As traditional IT security vendors start focussing in this area, the need of the hour is to take care that the solutions deployed in the OT environment are designed according to OT protocols and are relevant to this specialised field,” says Nicolai Solling, Chief Technology Officer at Help AG Middle East. Securing an intermingled ITOT environment is not so much a requirement of a separate set of skills but the awareness that crucial elements in an OT environment are different than in IT. IT security professionals moving into or extending their remit to include OT must learn to speak the language of OT. One of the main challenges, according to Sean McGurk, Vice President for Cyber Advisory Services at DarkMatter, is addressing the skills issue with formal training in ICS security. He says that there is a need for a structured approach at the secondary and post-secondary levels.
ENGINEERING PROGRAMS OFTEN FOCUS ON DESIGN PRINCIPLES AND OPERATIONAL CAPABILITY BUT DO NOT NORMALLY ADDRESS CYBERSECURITY. A PARTNERSHIP BETWEEN ACADEMIA AND INDUSTRY, WORKING WITH
GOVERNMENT, CAN HELP TO ADDRESS THE SKILLS GAP AT THE NATIONAL LEVEL. Sean McGurk, Vice President for Cyber Advisory Services at DarkMatter “Engineering programs often focus on design principles and operational capability but do not normally address cybersecurity. A partnership between academia and industry, working with government, can help to address the skills gap at the national level. Focused training at the corporate level on expanding the understanding of both IT and OT security will close the gaps,” adds McGurk. Fortinet’s Bjorn agrees and says the first action any organisation should take is to carefully conduct an audit on the state of their staff’s skill sets. Until the skills gaps are identified, any effort to upgrade individual skill sets would be futile. “Once the shortcomings are understood, the organisation should develop a training/ skill development plan first to address
A LOT OF UNDERLYING TECHNOLOGY HAS ALREADY BEEN DEVELOPED OVER THE YEARS WHICH CAN BE UTILISED IN THE OT ENVIRONMENT. AS TRADITIONAL IT SECURITY VENDORS START FOCUSSING IN THIS AREA, THE NEED OF THE HOUR IS TO TAKE CARE THAT THE SOLUTIONS DEPLOYED IN THE OT ENVIRONMENT ARE DESIGNED ACCORDING TO OT PROTOCOLS AND ARE RELEVANT TO THIS SPECIALISED FIELD. Nicolai Solling, Chief Technology Officer at Help AG Middle East
26
CXO INSIGHT ME
NOVEMBER 2018
the most immediate needs followed by developing a systematic plan to fill in the remainder of the gaps.” Some of the existing OT infrastructure is still physically separated from the IT networks, making them easier to defend. This, however, does not mean that these airgapped OT networks are impenetrable if the attackers have enough resources and time available. Industry experts say any efforts to apply security to an environment that was previously insecure will always involve some degree of disruption. However, with a proper planning process the level of disruption can be minimised and subsequently managed efficiently. According to Chappell, it is important to accept that the transition may temporarily affect operation. It may be impossible to implement a more secure environment without some impact to production, but that must be weighed against the risks of not securing the environment, especially if it involves a threat to human life when a system is breached. IT/OT convergence has become a business imperative in industrial organisations, and it is necessary to stop thinking of these environments as being separate. For that to happen, enterprises will have to bridge the gap between these siloed departments and bring them under an integrated security strategy to mitigate risks.
PREFERRED SECURITY PARTNER
Who we are OUR PURPOSE
WE ARE
To solve customer challenges while bringing global cyber security practices to the Middle East and provide state of art security services
Team of highly skilled solution architects and security consultants
WE PROVIDE
OUR DIFFERENCE
Niche technologies and solutions from world’s best known vendors to help customers to become cyber resilient and achieve business continuity
We offer solutions to our customers that do not create one problem while solving others
Solutions Threat Exposure Management
EDR & Threat Hunting
Email Authentication As A Service
Third Party Risk Management
Employee Powered Information Security
Deception & Response Platform
IT Management & Monitoring Tools
Services VULNERABILITY ASSESMENT / PENETRATION TESTING MAPT, WAPT, infrastructure and source code assessment
ATTACK SIMULATION Red Team Service, Purple Team Service and Adversarial Simulation
PRODUCT TRAINING
Highly customized product trainings driven by our certified security experts
1504, Jumeirah Business Center 3, Cluster Y – Jumeirah Lakes Towers, Dubai, United Arab Emirates T: +971 4 427 9940 | F: +971 4 428 9038 | E: info@spiresolutions.com | W: spiresolutions.com
VIEWPOINT
FOSTERING AN AGILE IT ORGANISATION CHRIS BEDI, CIO, SERVICENOW, REVEALS THE SECRET TO IMPLEMENTING AGILE METHODOLOGIES WITHIN IT.
A
gility is a big deal. As companies embrace digital transformation, we have stopped defending the old ways of doing business. Instead, we focus on making sure appropriate change occurs. We reorganise people, processes and technology to empower change and drive tangible results. Organisational agility matters now and is part of the business DNA. In IT, we are used to thinking of agility in terms of the development team. Today, it means more. CIOs need to build and present an entire agile IT organisation, which requires giving some serious thought to the way the organisation works. We must move to a new IT operating model. This sounds daunting, but it doesn’t have to be. To start putting more action behind all this talk of IT agility, CIOs have to lead their teams through some fundamental shifts. Automate everything routine IT departments continue to fall into the same trap. Traditionally, 70-80% of IT spending goes to maintenance and upkeep of legacy systems—keeping the lights on—and only 20% on innovation to move the business forward. Most of us have operated under cost pressures, more in some industries than others. Operating with half the IT staff, or sometimes less, is the new normal and we shouldn’t expect that to change significantly-everyone across
28
CXO INSIGHT ME
NOVEMBER 2018
the entire business has to do more with less. However, the business needs IT to support new initiatives in order to grow. Therein lies the rub; with limited people and time, we can’t respond because we’re too busy keeping the lights on. It’s time we dramatically shift the 80:20 ratio; until we do so, IT will be seen as just another cost center. CIOs need to lead their IT teams to root out their own manual, repeatable processes. All the routine, menial stuff that takes up valuable IT resources should be automated so that staff can
IN IT, WE ARE USED TO THINKING OF AGILITY IN TERMS OF THE DEVELOPMENT TEAM. TODAY, IT MEANS MORE. CIOS NEED TO BUILD AND PRESENT AN ENTIRE AGILE IT ORGANISATION, WHICH REQUIRES GIVING SOME SERIOUS THOUGHT TO THE WAY THE ORGANISATION WORKS. WE MUST MOVE TO A NEW IT OPERATING MODEL.
tackle productive work that requires creativity and imagination and moves the business forward. If a company is just starting to automate IT processes, it’s typical to start with the simplest tasks like password resets and onboarding new hires. This makes sense; on average 25% of the helpdesk calls are password related. Resetting employees’ forgotten passwords is an easy problem for the helpdesk to fix, but it still takes time. Automate it. Automating the simple tasks will deliver incremental improvements but, for maximum impact, tackle some of the messier stuff first. Automating complex, multi-step, highly manual activities that touch multiple people can more quickly deliver the agility needed. Routine changes, diagnostics, performance monitoring and incident resolution are a few places ripe for automation. Increasingly, machines are aware when something isn’t right. Automation should start with the creation of work (incidents in the first place). Why can’t the infrastructure and end-user machines create the incident vs. a human having to do it? To take this a step further, why can’t an intelligent machine resolve the incident once it is received? All without requiring a human to intervene. The time we get back by automating everything that simply “makes systems work” affords IT departments the muchneeded room to be agile and deliver business value.
Make sure your IT people can talk the talk Most IT organisations struggle with talking in a language that speaks to business leaders. If IT sits down with the head of sales about a project and the question we ask is “What do you need us to do?” then we’ve become an order taker. We need to talk to stakeholders in their business terms and outcomes. An agile IT organisation needs people who have half their brain in IT and the other half in sales, marketing, finance or whichever line of business is sitting across the table. These IT people work with the business leaders to define the outcomes they are after. They seek to understand why something needs to change, not just how. This skillset is what separates leading IT organisations from the rest. To help IT to start using the same vocabulary, one of my CIO peers started requiring all IT staffers to listen to quarterly earnings calls with analysts. That helped IT to understand the strategic goals of the business and to ask some poignant questions. It didn’t take long for this IT organization to start finding ways they could deliver results
that not just align with business priorities but deliver business results. Focus on what’s really important As you free up IT’s time to be creative, innovative and imaginative, there will be no shortage of good ideas. CIOs know we can’t be agile at everything that comes our way. What’s truly important will be grounded in tangible business results; what’s not will waste valuable IT time and kill agility. It is critical IT recognise the difference. As IT staff become fluent in the business language and asks the right questions, what’s important will become easier to spot. We also need to consider that there is a difference between what is important vs. what is urgent. Urgent is putting out fires, busywork or tasks IT staff tackle first because they are easier than the project list. But urgent requests that should only take a couple of minutes end up taking an hour. At the end of the day, we’re wondering where all the time went. What’s stopping IT agility? As CIOs, we’re focused on driving business outcomes and strategies for growth, efficiency and productivity. As
WHAT’S TRULY IMPORTANT WILL BE GROUNDED IN TANGIBLE BUSINESS RESULTS; WHAT’S NOT WILL WASTE VALUABLE IT TIME AND KILL AGILITY. IT IS CRITICAL IT RECOGNISE THE DIFFERENCE. AS IT STAFF BECOME FLUENT IN THE BUSINESS LANGUAGE AND ASKS THE RIGHT QUESTIONS, WHAT’S IMPORTANT WILL BECOME EASIER TO SPOT. we build agile IT organisations and focus on delivering business results, we cannot overlook the legacy internal structures— down to compensation structures—that need to change too. It comes down to fear. Fear is a show stopper for building an agile IT organisation. CIOs need to have patience, train their IT teams and get them past the fear, uncertainty and doubt (FUD). Bear in mind it’s not just fear of irrelevance that derails IT agility. Having the time to innovate and take risks in IT all in the name of better business outcomes sounds great, but what happens when an idea doesn’t work? IT folks need to know it is OK to fail and that mistakes will not be a capital crime. It’s the CIO’s job to give their teams a safety net. Building an agile IT organisation will not be easy. It will be uncomfortable at times, but it will be worth the effort. The agility we build into our organisations today will ensure IT does not become the order takers of tomorrow.
NOVEMBER 2018
CXO INSIGHT ME
29
ANALYSIS
READY FOR PRIME TIME IBM IS MAKING THE DISTRIBUTED LEDGER TECHNOLOGY READY FOR GOVERNMENT USE BY LAUNCHING BLOCKCHAIN AS A SERVICE PLATFORM IN PARTNERSHIP WITH SMART DUBAI. THIS OFFERS BOTH PUBLIC AND PRIVATE SECTOR FIRMS AN OPPORTUNITY TO PILOT THE TECHNOLOGY WITHOUT SPENDING BIG BUCKS.
30
CXO INSIGHT ME
NOVEMBER 2018
L
ast month, Smart Dubai and IBM announced the launch of the Dubai Blockchain Platform, the first government-endorsed blockchain platform as-a-service in the UAE. Delivered through an IBM Cloud environment and built locally in the UAE, the enterprise-ready platform is expected to serve as a stepping stone for organisations in the UAE and globally to transition their blockchain testing and development into fullproduction. It will also transform and digitise applicable government processes and citizen services. Dubai has been leading efforts to encourage the use of blockchain, with a vision to make the emirate a paperless government by 2021. As part of the blockchain strategy, Dubai has
seen the launch of various blockchain applications in a number of government entities across different sectors, including roads and transport, energy, healthcare and education. The new Dubai Blockchain Platform will help integrate digitised services and experiences run on IBM Blockchain into citizens’ day-to-day lives. Organisations will also benefit from keeping their data in-country and conducting transactions locally, and in turn, lower operational costs. The platform will conform to the Information Security Regulation (ISR) standards issued by the Dubai Government. It will also be powered by IBM’s mainframe technology, LinuxONE, which is capable of running more than 6.2 billion web transactions per day. The Dubai Pay Blockchain Settlement and Reconciliation System, officially launched in September, will be one of the first projects to migrate onto the Dubai Blockchain Platform. Through this service, a process that used to take entities approximately 45 days to reconcile and settle payments with other government entities, banks and financial institutions, is now reduced to real time. Her Excellency Dr. Aisha Bint Butti Bin Bishr, Director General of the Smart Dubai Office (SDO), says: “Dubai has been a pioneer in blockchain technology since its inception, while other major cities around the world were reluctant to embrace it for city-wide implementation. The Dubai Blockchain Strategy set a clear path for the emirate to have the world’s first fully digitised government by 2021.” According to H.E. Wesam Lootah, CEO of the Smart Dubai Government Establishment (SDG), blockchain is steadily moving towards becoming a multibillion market by 2019 and Smart Dubai has successfully embedded the technology in numerous services, including ‘Dubai Pay Blockchain Settlement and Reconciliation System’, which eliminates friction from financial processes between government entities
Amr Refaat, GM of IBM Middle East and Pakistan
through automation and minimal human intervention. “In the past few years, technologies such as blockchain have moved up on the agenda in Dubai. Today, proof of concepts are bypassed and organisations are moving into fullscale production,” says Amr Refaat, General Manager, IBM Middle East and Pakistan. “Blockchain provides an added layer of trust and transparency among government organisations and businesses and helps make collaboration more efficient. The new IBM Blockchainbased service will enable organisations to keep their data in-country and conduct transactions locally.” He says IBM Blockchain is already enabling clients across the world to build and scale active networks across complex use cases. “Recently, we have worked with the Department of Economic Development (DED) in Dubai to launch its unified corporate registry on IBM Blockchain. The aim of the registry is to digitise the process of issuing business licenses and exchanging commerce information for business owners, investors, entrepreneurs and start-ups, enabling
them to conduct transactions digitally in real-time and in a trusted and secure environment.” Refaat adds that IBM has also worked with Dubai Airport Freezone Authority (DAFZA) to transform and automate the free zone commercial licensing and renewal process. “Through IBM Blockchain, they can manage digital blockchain transactions and accurately and quickly verify documents, enabling businesses to establish operations in the UAE in a time efficient manner.” The decentralised nature of the technology does pose some real challenges for regulators and governments. Refaat says IBM is addressing this by cranking up security. “When we start thinking about a blockchain-powered government, we need to think about security, resiliency, and performance. You need a platform that is built to comply with the requirements of government. “The IBM Blockchain Platform is the ideal technology for these types of workload because it was designed, from the ground up, with security and resiliency in mind. It has a high degree of security at the hardware level with tamper-resistant and redundant components. It incorporates encryption of data at rest and in flight and will be delivered through an IBM Cloud environment in the UAE, providing organisations and government entities with the ability to host data and conduct transactions locally,” he says. Refaat says blockchain as a service is an ideal solution for enterprises looking to test the waters without the expenses related to a new roll out. “As private and public sector both explore blockchain and move beyond pilots and proofs of concept to production, there is increasing demand for blockchain as a service. This frees them from having to worry about the complexity of operating a blockchain, such as dealing with platform integration, patches, security and operational aspects, and enables them to focus on their core business.”
NOVEMBER 2018
CXO INSIGHT ME
31
VIEWPOINT
SUCCESS BREEDS SUCCESS VINCENT LAVERGNE, RVP, SYSTEMS ENGINEERING, F5 NETWORKS, DEMYSTIFIES PERSONAL SUCCESS
T
he concept of success relates to ‘wealth of mind’ just as much as it does ‘mind on wealth’. Today’s highly competitive and dynamic business world places greater demands on managers and employees than ever before. The pressure to deliver results quickly and in shorter time periods means that workforces are often conditioned to view success through a narrow financial lens. Encouragingly, I have started to witness a changing mindset wherein goals go beyond improving a company’s balance sheet. For example, they can range from improving staff well-being to philanthropic community endeavours. Whilst there is no hard rule on what approach is right or wrong, it is apparent that many of today’s esteemed business 32
CXO INSIGHT ME
NOVEMBER 2018
leaders place enormous importance on softer virtues such as building strong relationships, enhancing reputations, nurturing credibility, and maintaining ‘quality’ time. Author and entrepreneur Arianna Huffington recently said, “to live the lives we truly want and deserve, and not just the lives we settle for, we need a measure of success that goes beyond the two metrics of money and power, and consists of four pillars: well-being, wisdom, wonder, and giving.” It also is worth noting that big achievers do not necessarily consider themselves successful simply because they are rich or powerful. Legendary business magnate Warren Buffett once told shareholders at an annual meeting that he measured success by how many people loved him.
Coach your approach Behavioural change needs to happen from the top and percolate throughout the organisation. However, while there are many leaders and advisors we can turn to, we must always learn to coach ourselves. Each day we need to ask ourselves if we have performed to expectations or added value. We must also consider what can be done differently to improve as individuals and effect positive change within the business. Here are my top tips to help achieve greater success: Focus on what matters Prioritisation is the paradigm for progress. Throughout our daily lives, we are inundated with information, which can distract us from the
Don’t dither According to the self-help guru, Napoleon Hill, action is the real measure of intelligence. Successful people act whether it is the right time or not. Don’t dither, dally or delay – go with your instinct and experience.
Set clear goals Aside from company goals, it is important that you are clear about what you want from both your career and personal life. It is easy to drift without aspirational direction. Goals can be ‘hard’ or ‘soft’, covering career progression through to social development. Remember, be specific, act with integrity, and embrace collaboration to activate your best qualities.
important tasks that genuinely drive results. Always question if a request or task helps to reach defined goals or move the business forward. Be laserfocused on the right projects and the prize will come.
Make decisions Take ownership of your destiny by making decisions for yourself. It is the best way to learn. You can listen to and gain counsel from others, but ultimately you need to be decisive and accountable. Push yourself to make a positive difference each day. If everyone did this, the aggregated effect would scale any organisation to greater heights.
ASIDE FROM COMPANY GOALS, IT IS IMPORTANT THAT YOU ARE CLEAR ABOUT WHAT YOU WANT FROM BOTH YOUR CAREER AND PERSONAL LIFE. IT IS EASY TO DRIFT WITHOUT ASPIRATIONAL DIRECTION. GOALS CAN BE ‘HARD’ OR ‘SOFT’, COVERING CAREER PROGRESSION THROUGH TO SOCIAL DEVELOPMENT.
Explore more Every role has routine elements and it’s easy to get sucked into a silo of complacency. Think differently and approach each new task with fresh thoughts and rigour, including embracing new technologies and collaborative ways of working. Don’t be afraid to make mistakes – they can be corrected quickly with the right safety mechanisms in place. Get out of your comfort zone and put yourself under pressure to learn more. Avoid analysis paralysis It is vital to measure progress, but it is critical to avoid the trap of overanalysing results. Slicing and dicing data and reviewing information needn’t be time-consuming if done intelligently and with purpose. Don’t labour the process. Keep the pondering to a minimum, review, report, learn and move on. Be realistic Take pride in what you do, and you will be successful. It is easy to get starryeyed over other people’s achievements. It is better to put things into perspective and stop chasing dreams that aren’t yours. Enjoying your job and toward realistic goals. You will soon uncover opportunities that others cannot. Live to succeed and succeed to live! Success does not always revolve around self-promotion or selfgratification. In many ways, it is about how you continually achieve results by improving knowledge and self-worth. It also relates to how you gain respect and recognition from those that trust you to do the right thing, embrace fairness, and commit to excellence. Success needn’t be enigmatic. It’s all about demystifying what matters to you and staying relevant.
NOVEMBER 2018
CXO INSIGHT ME
33
VIEWPOINT
STRIKING THE BALANCE DEREK MANKY, GLOBAL SECURITY STRATEGIST, FORTINET, WRITES ABOUT HOW CISOS CAN MAINTAIN CORPORATE PRIVACY AS EMPLOYEES ADOPT EMERGING TECHNOLOGIES
T
oday’s workforce is increasingly comprised of millennials and other tech-savvy individuals that are accustomed to using technology in every aspect of their lives. As new technology emerges, this group of employees expects a seamless user experience across devices and locations, using personal applications and devices at work and vice versa. However, many times these employees are not considering the cyber risks that may accompany bringing new technology into the corporate environment. The resulting security challenges have become a major pain point for CISOs. In addition to maintaining perimeter defenses, monitoring threat intelligence, and the other daily responsibilities required to stop cybercriminals from accessing the network via zero-day threats and vulnerabilities, CISOs must now also consider all of the ways cybercriminals might leverage the tools and behaviors of their employees to gain access to the network. The expanding user attack surface Insider threats have become a key concern for CISOs and security 34
CXO INSIGHT ME
NOVEMBER 2018
teams. These threats do not only refer to employees intentionally attacking their organisation. More often, these threats come down to employee negligence and the use of technologies without thought being put into related cybersecurity best practices. As a result, today in 2018, 51 percent of organisations worry about security risk due to human error. Unfortunately, insider threats will only continue to increase as the
human attack surface grows. It’s predicted that there will be six billion internet users by 2022. As a result, some cybercriminals have begun turning their focus to leveraging and exploiting human access, rather than attacking machines. To minimise risk, CISOs and security teams will have to be aware of the devices and tools being used by employees and deploy the necessary controls to secure them.
INTEGRATION AND AUTOMATION BETWEEN SECURE EMAIL GATEWAYS, FIREWALLS, ENDPOINT PROTECTIONS, WAFS, ACCESS MANAGEMENT, AND MORE PROVIDE A HOLISTIC VIEW INTO ACTIVITY ACROSS THE NETWORK, ALLOWING TEAMS TO QUICKLY DETECT POTENTIALLY-THREATENING BEHAVIOUR OR ACTIONS AND THEN RESPOND IN A COORDINATED AND HOLISTIC FASHION. Maintaining privacy and security with emerging technology In particular, there are five common and emerging technologies, trends, and behaviors that CISOs must pay attention to. Reusing Passwords: People commonly have a host of accounts on different platforms and apps. Many use the same login credentials on all of them, regardless of whether they are personal or corporate accounts. This is a significant issue. If one account is hacked, cybercriminals can use credential stuffing to leverage one password for access to other accounts. The issue is especially exacerbated by cloud use – if the same password is used across all cloud accounts, then when one is hacked, they all are. To combat this, security teams must promote the use of new passwords, especially for corporate accounts, and at the same time, limit access to areas of the network not required of the employee. This can be done with identity and access management solutions that enforce two-factor authentication, password management software so users can implement a more sophisticated password strategy without constantly losing track of passwords, and internal segmentation firewalls that restrict access to sensitive parts of the network. Shadow IT: When employees use technology not reviewed by IT teams, it can lead to data leakage,
vulnerabilities, and non-compliance as they move sensitive corporate information beyond approved programs and networks. CISOs and security teams must be aware of what devices and applications are being used within the network at all times. Using endpoint protection and web application firewalls allow security teams to minimise the risk posed by these insiders by discovering endpoints and applications on the network and then identifying and segmenting those at risk. Remote Connections: Working remotely is becoming more common, with employees going online from home, coffee shops, or on the road. While this can help productivity and efficiency, CISOs must be sure that these devices are connecting from secure access points. When using public WIFI, cybercriminals can intercept data running between the end user and the organisation. CISOs can minimise this risk by encouraging the use of VPNs and deploying wireless management solutions. Email and Phishing Scams: While not new, this remains one of the most common attacks that cybercriminals use to target people, as nearly everyone uses email on a regular basis. With phishing scams, users receive an email from a seemingly trustworthy source, such as their bank, a coworker, etc. These emails will typically ask the user to submit their credentials or click a link, which
results in stolen passwords and/or downloading malware that infects the device. To minimise the chances of a phishing attack infecting the network, CISOs should implement controls such as secure email gateways. Social Media: Social accounts are a common avenue for cybercriminals to distribute malicious links, or gather personal data that can be used to create more targeted attacks. CISOs should implement a strong social media policy, and discourage employees from accepting friend requests and message requests from strangers, especially if they are encouraged to click on a link while on the corporate network. Security teams should ensure they have antimalware and firewall solutions in place. They should also train employees to recognise social engineering schemes that seek to steal their data to access corporate networks and accounts. While CISOs often already own many of the tools needed to minimise the risk of these trends, it is equally important that they use them in a unified manner rather than deploying disparate, isolated solutions. Integration and automation between secure email gateways, firewalls, endpoint protections, WAFs, access management, and more provide a holistic view into activity across the network, allowing teams to quickly detect potentially-threatening behaviour or actions and then respond in a coordinated and holistic fashion. Final Thoughts The trends and technologies being adopted by employees and then brought into the corporate network are keeping security teams and CISOs on their toes when it comes to defense. These emerging technologies require new solutions and process to be deployed to stop seemingly harmless behaviours from turning into a network compromise of data breach. This can be done by staying aware of emerging technology trends and deploying integrated security solutions to minimise their risk.
NOVEMBER 2018
CXO INSIGHT ME
35
VIEWPOINT
GDPR: HOW TO STAY COMPLIANT RABIH ITANI, REGIONAL BUSINESS DEVELOPMENT MANAGER, SECURITY, MIDDLE EAST AND TURKEY AT ARUBA, A HEWLETT PACKARD ENTERPRISE COMPANY, ON CREATING A GDPR COMPLIANCE FRAMEWORK WITH SECURITY AS ONE OF THE PILLARS.
C
yber criminals today are attempting to penetrate your organisation’s network to try to get hold of critical assets with most looking for the valuable personal identifiable information (PII). It is a fact that cybersecurity attacks are on the rise all over the world, and the Arab world is no exception. There are even some recent reports stating that the Arab countries are among the ones facing the highest number of attacks. Meanwhile in EU, GDPR was launched back in May 2018 to create a new benchmark for personal data protection, and its influence was felt far and wide. It is now the template for privacy laws throughout the world. So how can organisations in the Middle East create a framework to ensure attacks are dealt with in a GDPR-aware manner, minimising fines, reducing breach-related costs, and ultimately better protecting the personally identifiable information? There has been a lot of talk of GDPR over the last year, so organisations today understand the serious repercussions of non-compliance and many have put basic frameworks in place with a focus on two pillars ‘people’ and ‘process’. 36
CXO INSIGHT ME
NOVEMBER 2018
People - GDPR stipulates the appointment of a data protection officer (DPO) for any organisation that is a public authority that has a core activity involving the monitoring of individuals on a large scale, or the processing of large volumes of sensitive data. The DPO needs to have a thorough knowledge of GDPR and have an independent voice within the organisation. Process - Many organisations’ GDPR approach so far has been data mapping – identifying where, why and how personal data is being used, while also eliminating any unnecessary data processing. Once this is done, each organisation has a foundation from which to ensure secure policies and processes are in place. While the two GDPR pillars – ‘people’ and ‘process’ have been looked at, there has been a bit of lag in the use of the third pillar - ‘technology’ – which plays an important role in detecting attacks and crucially, responding to attacks. Do organisations need to rip and replace existing cybersecurity tools? Let’s now look at the technology aspects of data protection and GDPR. Technology: Security solutions to the rescue A GDPR security strategy should look
at four technology areas. By applying good quality security solutions to each of these areas, security teams and the DPO can together manage the inevitable exposure to the risk of cyberattack. Network Access Control (NAC) Businesses today embrace the idea of anywhere, anytime connectivity, but have largely ignored the need for secure NAC. Many employ a laid-back “connect now, secure later” NAC philosophy. Others simply choose the same vendor for security that they use for network infrastructure. Both of these approaches give the illusion of security—even compliance—but in reality, leave extensive security gaps. Network access control (NAC) offers, at a minimum, authentication of a user or device. With mobile access now the norm and Internet of Things devices connecting to the network, the only way to ensure proper access is maintained is to go beyond simply validating credentials. The next level beyond this is to tightly control who and what is authorised to access IT assets, including personal information. With advanced NAC, the IT team knows where personal data is located. They can use NAC to stipulate who is entitled to access that information and
GDPR REQUIRES THE REPORTING OF A DATA BREACH WITHIN 72 HOURS. MANY EXISTING SYSTEMS CAN TAKE ALMOST ALL OF THIS TIME TO DETECT AND GENERATE THE REQUIRED EVENT INFORMATION.
under what circumstances. In an ideal world, NAC and policy management solutions will provide device discovery, role-based access to IT assets and a closed-loop, policy-based attack response. For complete convenience, it should also integrate seamlessly with existing network infrastructure, perimeter security systems and service and support offerings. Assurance The next level of protection relies on the fundamental security of the underlying network infrastructure. If data can be easily tapped off the network in normal day-to-day business flows and process, the chances of a breach increase. This is where technologies such as equipment tamper-proofing, encryption, key management and secure network administration are critical to the overall security strategy. Breach detection GDPR requires the reporting of a data breach within 72 hours. Many existing systems can take almost all of this time to detect and generate the required event information. While prevention is better than cure, early detection of a breach is a
close second. There’s a huge range of different technologies and products available that find attacks before they do damage. Today more and more attacks are specifically designed to breach traditional defences. It is because these exploits almost always result in the loss of personal information (and a quick sale on the Dark Web) that new approaches to attack detection are required. For example, a high volume of breaches make use of valid credentials, which means phishing attacks and social forensics are one of the biggest risks. The result is the bad actor using legitimate credentials to execute an attack that may take days, weeks or even months to unfold. How do you stop an ‘attack’ using valid credentials to tap information the real user has a valid reason to access? Because these are previously unknown attacks, it’s no use to look for a signature or pattern to detect them. This means IT and security teams introducing an additional level of monitoring that complements existing defences, one that uses new types of attack detection such as machine learning to detect small behavioural changes that suggest an attack has occurred. Actions can
range from requiring re-authentication or quarantining to totally blocking network access. Machine learning can establish a ‘risk score’ based on the characteristics of suspected unusual behaviour and how these characteristics differ from the norm. This helps organisations to prioritise their resources and investigate suspected attacks before they do damage. Response to breach The GDPR’s breach notification requirements are very clear when it comes to what an organisation must do when a personal data breach occurs. These include notifying the regulator within 72 hours of being ‘aware of the breach’ and notifying impacted individuals ‘without undue delay’. The notifications must include details of the breach including: • The type of data, type of exposure and the number of individuals involved • The probable consequences of the breach • Any mitigation actions taken So, in the unfortunate event that a breach occurs, the DPO and his team need to rapidly gather the facts: what happened, the scope of the damage, and a plan of containment and remediation. This all has to be communicated to the regulators and authorities in a clear, concise manner. It is vital they have the tools and solutions to deliver this information efficiently. Any delays in gathering this information could cost the organisation dearly, both reputational and financially. In conclusion, GDPR ‘compliance’ is not fully defined by the law and will be determined in part by rapidly advancing security technology capabilities and evolving best practices. Only technologies that are open and interoperable will make it through to the next generation of cybersecurity defences.
NOVEMBER 2018
CXO INSIGHT ME
37
VIEWPOINT
LET’S TALK DIGITAL REINVENTION HENRIQUE VALE, HEAD OF NOKIA SOFTWARE FOR MEA, WRITES ABOUT THE VALUABLE ROLE OF DATA FOR SUSTAINED AGILE SUCCESS.
W
e’re living in unprecedented age of opportunity for communication service providers (CSPs). Those that are customercentric, data-driven and agile will seize the day and break through their legacy barriers. Agility and data often go hand in hand. For instance, most CSPs are sitting on a goldmine of data. The approach to data should be more proactive and reactive, creative and innovative. It’s about being datadriven in their decision-making – connecting insights with actions and predictions with personalisation. And this needs to happen within a fabric that combines the intelligence of technology and people to enhance each other. The totality is what we at Nokia call “connected intelligence”. In the digital world, everything must be immediate, intelligent and intuitive. But advances in technology don’t necessarily mean faster, smarter and better. According to a study made by Forbes, on a global basis, enterprises are expected to spend about $1.3 Trillion in digital transformation. However, the sad truth is that 70% of their projects fail translating into a $900 billion miss. This is an expensive proposition. We need to see what the successful 30% have in common? They move
38
CXO INSIGHT ME
NOVEMBER 2018
in digital time, with a corporate wide approach to digitalisation, without fear of disruption. They are bold and have a thoughtful approach to digitisation. For that reason,
AGILITY AND DATA OFTEN GO HAND IN HAND. FOR INSTANCE, MOST CSPS ARE SITTING ON A GOLDMINE OF DATA. THE APPROACH TO DATA SHOULD BE MORE PROACTIVE AND REACTIVE, CREATIVE AND INNOVATIVE. we should not talk about digital transformation but rather digital reinvention. This involves getting rid of the notion of transformation entirely. Digital leaders don’t transform slowly. They reinvent quickly. They do it by setting a clear digital ambition, having
a clear end to end design point and launching smart pilot projects that go beyond providing new technology and rather aim at exploring new ways of working. Such pilots are important as they provide the opportunity to either succeed or quickly fail. Then they scale successful projects with the newly created knowledge from the pilot and de-risk through the proper investments in change, resources, models and technology is the final step. Many companies fail here – especially in the human factor of change management. Therefore, all systems within a service provider must come together to create a great experience. The operations engineer needs tools that allow delivering services in digital time. The networks need to feed relevant information to the customer experience layer and so on through the entire organisation to provide immediate, intelligent and intuitive experience to customers. The challenge owed to silos in departments and preventing service providers from getting a holistic view of what’s happening with their customer and what’s the next best action to take, needs to be overcome. They can’t wait until analysis is pieced together and the digital time window has closed. Nor should they have to anymore.
INTERVIEW
CLOUDY WITH A CHANCE OF ERP AHMED SAMI, REGIONAL DIRECTOR AT ORACLE NETSUITE, TALKS ABOUT WHY THE FUTURE OF ERP AND OTHER BUSINESS SOFTWARE IS CLOUD
W
hat is driving the adoption of cloud ERP? As the global market dynamics shift towards adopting a cloud model, I feel that the level of adoption in the Middle East far exceeds market expectations. This is because of a number of reasons. Over the past two years, we have had discussions around adoption of cloud ERP with organisations ranging from start-ups to global enterprises. While, initially, most had concerns about the security of their data residing on the cloud, there has now been a change in in their mindset. The discussions have now moved from ‘whether a company should move to a cloud-based model or not’ to how they can do it efficiently. So, one of the key drivers is that the market is now educated on the benefits of this model. Reducing costs is the key reason for moving any process or application to the cloud. Another driving factor for many enterprises is that the upfront investment is quite low as this is a subscription-based model. Is there a security risk involved in moving a core business system to cloud? Security is always a concern whether the data is on-premise or on the cloud. When moving their data to the cloud, organisations need to make sure that the right security set-up is in place before they embark on their cloud journey. Organisations must adopt solutions that not only reduce security
and increase productivity and efficiency without having to make any investments in hardware. Also, cloud ERP enables cost saving not only in terms of the initial investment cost but also with better suited inventories and less duplicated efforts.
costs but also specifically designed to keep the data secure even when breaches and attacks increase in sophistication. At Oracle, we enable organisations to implement and manage consistent security policies across the hybrid data centre.
Why do you think CIOs who have invested heavily in on-premise ERP systems would move to cloud? For CIOs, moving to the cloud or not is no longer a matter for debate. However, it is possible to have a hybrid model so that they don’t have to let go of the investment already made, and keep up with their competitors in the market. It is important for them to remember that even if significant investments were made in having an on-premise ERP system, in the long run, the organisation will definitely reap the benefits of having a cloud model. Also, if this transition is not made in time, such organisations will be left behind.
How does a cloud native ERP such as Netsuite compare with traditional ERP vendors? Traditional ERP systems are hosted locally on-premise and customer is given the required access, which is not an ideal situation. NetSuite started out as a cloud company and I would say that this is the main differentiating factor. Cloud ERP is a service that is managed by the provider and is accessed by users through a web browser. For our customers, this means they can get access to real-time data much faster,
Is fit for purpose ERP the new trend in market instead of one size fits all approach? Users want a system that caters to their specific role. There is a need to customize the solution to meet the needs of different industries and verticals, such as services firms, manufacturers, retailers, and more. The core of the product should put all the key business functions on an equal footing while being able to handle the complexity and variances that real businesses encounter.
NOVEMBER 2018
CXO INSIGHT ME
39
EVENT
HYBRID IT, UNIFIED MONITORING SOLARWINDS AND SPIRE SOLUTIONS ORGANISED A WORKSHOP IN KUWAIT TO THROW LIGHT ON THE SKILLS AND TOOLS REQUIRED TO MANAGE AND MONITOR HYBRID IT ENVIRONMENTS PROPERLY.
B
usinesses in the Middle East are increasingly shifting from on-premise infrastructure to hybrid IT environments. With the rapid adoption of the cloud, hybrid IT is an evolving trend in modern enterprises in cutting operational costs and management overhead. Living in this reality, one cannot ignore the need for a harmonised orchestration between the multiple platforms to allow complex workloads to move between the public and public cloud. Greater flexibility, simplicity and unified IT monitoring is the need of the hour for IT professionals who need to ensure alwayson performance of applications, devices, networks, and systems. SolarWinds in association with its regional partner Spire Solutions organised a workshop for customers and partners on 8th October in Kuwait, which delved deep into the critical need for monitoring applications and compliance in a hybrid and complex IT infrastructure. 40
CXO INSIGHT ME
NOVEMBER 2018
The event was kicked off by Tony Johnson, senior sales engineer at SolarWinds with a presentation on the complex world of IT. He shared key findings from an online survey carried out by the company and said only half of global IT professional surveyed indicated that their IT environments are performing at optimal levels. “Over half of the survey respondents spend less than 25 percent of their time proactively optimising performance. This is why customers need to adopt a unified approach to IT monitoring. We deliver complete visibility for hybrid IT with
native support for the major on-premise and public clouds.” He added that SolarWinds offers three distinct ways to manage IT - a hybrid IT management platform with broad and deep visibility; an integrated remote monitoring platform with valueadd services; and a cloud-based fullstack monitoring. He went on to explain the value of integrated monitoring and management with the Solarwinds Orion platform. “With this you can have a single connected view of the entire IT stack and a complete view of internal and external networks with automated response to alerts. We also offer integration with existing solutions. A case in point is SolarWinds Network Performance Monitor and Server and Application Monitor which offer native integration with ServiceNow IT Service Management solution.” This was followed by an overview of product portfolio spanning across network management, system management, database management and security solutions by Mansoor Saleh, senior territory sales manager at SolarWinds. Venkatesh Ayyala, network operations specialist from Spire Solutions took to the stage to give the audience a quick introduction about his company. “Spire Solutions is a regional leader in information security solutions and services with exclusive distributorship agreement with the world’s bestknown security solutions. Driven by a passionate dedication to customer success, Spire Solutions has come to be acknowledged as the preferred security partner in the region,” he said.
ADVERTORIAL
GEARING UP FOR GROWTH BY TERRI HISKEY, VICE PRESIDENT OF PRODUCT MARKETING FOR MANUFACTURING AT EPICOR SOFTWARE.
I
t’s an exciting time, with manufacturers gearing up for growth, investing in equipment, new manufacturing modalities such as 3D printing, and software to support digital transformation and new collaborative, connected factory floor competencies. Expect cloud, the Internet of Things (IoT) and analytics to be key areas of technology investment for manufacturers across the region. While these have been topics of conversation and exploration for a while, manufacturers are now moving past the design and concept stage to full-on production execution and deployment of these technologies. CLOUD – FROM STRATEGY TO ACTION Now is the time for Middle East manufacturers to put a cloud readiness plan into action. The cloud is quickly levelling the playing field, enabling even smaller manufacturers to leapfrog older, more established manufacturing players. Aside from bringing about improvements in responsiveness, agility and costs, the cloud is helping businesses transform. As manufacturers shift away from traditional on premises systems to cloud-based ERP they are taking advantage of new capabilities to transform their business and optimize processes. What’s more, it’s enabling the surfacing of information from even the most far-flung and darkest recesses of the organisation and transforming this data into insights necessary to run and drive their business. THE IoT IMPERATIVE – START SMALL, START TODAY The application of Big Data and the
IoT continues to offer growth opportunities as insights gleaned from various internet-connected devices enable even more targeted customer engagement and business revenue channels as well as the ability to support operational efficiencies. The McKinsey Global Institute says that despite the immense potential factories have for value creation in the IoT era, an estimated 70 percent of data captured in manufacturing goes unused. While most manufacturers recognize the promise of the IoT, many— especially small and midmarket manufacturers—have taken a “wait and see” approach because IoT initiatives can seem daunting. They don’t have to be. You don’t need to boil the ocean; there are likely processes that can be IoT and/or cloud enabled that represent low-hanging fruit in your manufacturing organisation. Start there (and start now!). STEPPING UP TO “SERVITISATION” In the past few years, we’ve seen the emergence of new disruptive business models, and this trend is only set to continue. For example, the emergence of the “distribu-facturer” where distributors—under pressure to provide more customer value—are now adding services such as light manufacturing or kitting, and manufacturers are doing the same to extend their value by offering field service and maintenance options. As organisations align their offerings to meet a wider array of needs and requirements throughout the customer journey, this creates opportunities to capture greater revenues and competitive differentiation. But as they
branch out to serve a broader range of customer needs, and get closer to the end consumer, customer experience becomes more critical. EMBRACING ANALYTICS FOR BETTER DECISION MAKING With globalisation and disintermediation, supply chains have gotten more complex and business more competitive. Supply chain visibility and responsiveness is key to know when there are deviations to plan and move quickly to ensure customer obligations can be met. Over the years manufacturers have leaned out manufacturing processes and cut costs as much as possible. The supply chain is fast becoming “the new frontier” for opportunities to lower costs, improve responsiveness and reduce risk. The customer experience imperative mandates widespread collaboration and visibility across the entire manufacturing value chain—shop floor operations and top floor operations must be connected. Siloed systems that stand in the way of a clear “line of sight” from the manufacturing floor to the finance office will impede organizations. SEIZING THE DAY WITH STRATEGIC TECHNOLOGY INVESTMENTS This time of year is an important one for Middle East manufacturers; it’s time for smart strategic moves. Focused investments in the cloud, the IoT and analytics will enable manufacturers to seize opportunities today, and also be prepared to embrace change and whatever lies ahead in 2019 and beyond.
NOVEMBER 2018
CXO INSIGHT ME
41
REVIEW
RATING 4/5
HUAWEI MATE 20
HANDS ON WITH HUAWEI’S LATEST FEATURE-RICH OFFERING, WHICH IS A WORTHY CONTENDER FOR THE BEST SMARTPHONE OF THE YEAR.
H
uawei Mate 20 is the company’s new flagship device that hosts a 24-megapixel selfie camera. The smartphone also has a large IPS screen with Full HD+ resolution, a top-of- the-line chipset and a camera that is among the best you can get in a smartphone today. The phone is boasts of an aesthetic design with flat Gorilla Glass and an attractive edge-to-edge screen with a rear mounted fingerprint reader. The phone has a metal frame with a glossy finish and a power button with red highlights that makes it stand out ever so subtly. The Huawei Mate 20 features a 6.53” LCD display that stands tall at 158.2 x 77.2 x 8.3 mm. Weighing about 188g, the phone is comfortable and light to hold. While the ‘hyperoptical’ surface finish on the Midnight Blue version does add some grip, the phone is as slippery as it looks. So, using the bundled silicone back cover would be a good idea. Its 1080p resolution screen is very bright with a special RGBW matrix and HDR10 support. The phone is powered by the Kirin 980 processor, which is teamed with either 4GB RAM and 64GB internal storage or 6GB RAM and 128GB storage. Other design elements 42
CXO INSIGHT ME
NOVEMBER 2018
include an audio jack and a hybrid SIM slot that supports only Huawei’s new NM (nano memory) cards that are the size of a nanoSIM and offer up to 256GB capacity and 90Mbps read speeds. The Mate 20 has a large 4,000 mAh battery but is stripped of all wireless charging capabilities. However, it makes up for it with 22.5W SuperCharge that allows the battery to charge about 50% in half an hour. For us, the battery lasted two days easily with light to moderate use and a whole day even with heavy use. The Mate 20 triple camera system includes one ultrawide, one wide and one telephoto lens, and there is no optical stabilization. The camera takes great photos in good light with plenty of detail, impressive dynamic range, accurate colors and superb contrast. The 12MP low-light photos with the main camera are pretty decent as well. The camera app is enhanced by Huawei’s Master AI 2.0, that has been made less aggressive giving better output than previous AI-enabled Huawei phones. The phone records video up to 4K resolution at 30fps there’s still no 4K/60fps mode though. The Mate 20 does not have any 3D face scanning tech but does enjoy a regular fingerprint sensor on its
back, which is fast and accurate. Face Unlock is available, but it just uses the front camera, which means it’s less secure and can potentially be fooled by a picture. So, if privacy is of utmost importance, you may want to avoid this option. Another downside is that the Mate 20 is only IP53-rated for (some) dust and splash resistance. Definitely, Huawei Mate 20 is one powerful smartphone that does a great job of delivering a flagship experience. It has an attractive and bright display with a plethora of well selected features, and offers great value for its price. Also, it is among the few remaining flagships that still have a 3.5mm jack. So, if the absence of 3D face recognition and wireless charging are not deal breakers for you, the Mate 20 is a good buy as your primary device.
PRODUCTS
AXIS 4-IN-1 CAMERA
A10 THUNDER 7445 TPS A10 Thunder 7445 Threat Protection System (Thunder TPS) is, claims the company, the industry’s highest performance 1 rack unit (RU) and highest density of throughput per RU appliance. Now cloud, Internet and gaming providers can protect their infrastructure with A10 DDoS defense while enjoying the cost benefits of 100 GbE networking in the smallest form factor. A10 Network’s highperformance Thunder TPS is a flexible and robust DDoS protection solution that offers surgical precision in detecting and mitigating against the full spectrum of DDoS attacks. The solution is available in a wide range of hardware and software deployment options. The solution enables smaller, more efficient deployment at a time when real estate has never been at more of a premium in data centers, colocation facilities and Internet Exchange Points (IXPs)
WD PURPLE PORTFOLIO WD has launched three key new products for the Middle East Market - the WD Purple MicroSD card (Capture); the WD Purple12TB HDD (Store), and the enterprise class WD Ultrastar 14TB (Analyze). The new WD Purple MicroSD card comes with 24/7 video recording capabilities for up to two years of continuous use. It is also built for endurance, being able to withstand the toughest of weather conditions, and even function seamlessly at extreme temperatures of -25 degrees to 85 degrees. The WD Purple 12TB HDD is a surveillance-class drive with
Axis Communications has launched AXIS P3717-PLE Network Camera, the multidirectional high image resolution camera which provides flexible positioning of four varifocal camera heads in one camera. This offers a panoramic 360° overview, or a combination of overviews and zoomed in details. Its IR illumination with individually controllable LEDs provide clear images even in low light or darkness. The cameras, with an integrated weather shield, can be used in any outdoor or in indoor area, from shopping malls and warehouses to hallway intersections and outer corners of buildings. Furthermore, the four-in-one camera enables a lower overall cost for cabling and installation services and includes a redundancy system between the SD card and server should the connection with the server fail.
purpose-built Artificial Intelligence (AI) capabilities that support realtime detection of AI-triggered events at the point of capture with continuous background learning in emerging DVR and NVR systems with AI capabilities. With up to 3 times the workload capacity of desktop drives, WD Purple can store up to 12 terabytes of high-quality footage, and can support up to 64 cameras per drive. WD Purple 10TB and 12TB capacities feature AllFrame AI technology that provides an additional 32 streams for Deep Learning analytics within the system. The UltraStar HDD is targeted at Enterprise solutions and has 10 times the workload capacity of the regular desktop drives and also includes Deep Learning technology.
NOVEMBER 2018
CXO INSIGHT ME
43
Drive Innovation with Robotic Process Automation Kofax RPA is your proven digital workforce • • • •
Automate and accelerate error-prone processes Scale securely with lower cost of ownership Complement existing technologies Create a 24/7 digital workforce
www.kofax.com/rpa © 2018 Kofax. Kofax and the Kofax logo are trademarks of Kofax, registered in the United States and/or other countries. All other trademarks are the property of their respective owners.
COLUMN
A VISION FOR THE DIGITAL FUTURE IN THIS SERIES, ASHITH PIRIYATTIATH, CIO OF AL MASAH CAPITAL, WRITES ABOUT WHY BUSINESSES NEED TO DEVELOP A LONG-TERM ROADMAP FOR DIGITAL TRANSFORMATION INITIATIVES.
U
nless you have been living under a rock, you must have heard about the latest buzzword in IT – digital transformation. It entails a mix of technologies including cloud, blockchain, robotics, AI and machine learning. For the last couple of years, reams of newsprint have been devoted to espousing the cause of digital transformation, which implies a foundational change in how organisations deliver value to its customers. Among this new crop of new technologies, I believe AI and machine learning will have a profound impact on the way we live and work. Dubai has already emerged as an AI capital, and we have seen rapid advancements in this domain with the support of the government. We are also seeing many innovations and prototypes based on artificial intelligence coming to the market, which promises to usher in a new revolution. I think we have to look beyond the hype
and focus on its practical applications of business and how it will transform our day-to-day lives. Last month, Gitex featured many innovations around robotics, blockchain with a big focus on AI and machine learning applications in a host of industries such as transport, financial services, hospitality, and tourism, etc. Now, the real test is how we as individuals use these prototypes innovatively or how businesses operationalise it to transform user experience. The timeframe for each showcased prototype to be implemented in real world is estimated to be between 5 to 10 years. As AI goes mainstream, it would be a good idea for businesses to move beyond small-scale experiments to develop inhouse capabilities around AI and machine learning to automate and streamline business operations. This would allow enterprises to have the required expertise and a balanced approach to mold the technology to suit their own unique business needs rather than relying on offthe-shelf tools and solutions. In this digital age, technologies change in the blink of an eye, and it is important for the IT industry to foresee future needs in the market while developing any new technology. In my own personal experience, around two year ago we started moving a big part our group’s infrastructure to the public cloud. Though we have been able to reap the benefits of this new way of IT consumption, we soon realised we have shelled out too much for the cloud; the amount we invested yearly in the public cloud was ample enough for
AMONG THIS NEW CROP OF NEW TECHNOLOGIES, I BELIEVE AI AND MACHINE LEARNING WILL HAVE A PROFOUND IMPACT ON THE WAY WE LIVE AND WORK. DUBAI HAS ALREADY EMERGED AS AN AI CAPITAL, AND WE HAVE SEEN RAPID ADVANCEMENTS IN THIS DOMAIN WITH THE SUPPORT OF THE GOVERNMENT. us to build a private cloud. And so now we are in the process of doing precisely that. Similarly, when I started thinking about blockchain in the capital market, the technology itself was getting outdated, and new technologies such as hash graph made its debut. In short, while thinking of building new technologies in-house, we must always bear in mind how innovatively can the same product be utilised further so that we are in line with the future needs and possibilities. Also, we must be conscious of the RoI and investments in terms of money, time and effort and scrutinise if it justifies the results it harvests.
NOVEMBER 2018
CXO INSIGHT ME
45
COLUMN
WINNING THE WAR FOR TALENT VENKATESH MAHADEVAN, CIO OF DUBAI INVESTMENTS, WRITES AS TO WHY TALENT MANAGEMENT IS A KEY SUCCESS FACTOR IN THE DIGITAL WORLD.
C
ultural and behavioural changes are the most significant challenge an organisation faces while they are pursuing their digital strategies. Talent and appropriate resourcing is the single most crucial element in the digital transformation Journey. Every organisation will have experienced resources and people who have spent years, accumulating a tremendous amount of knowledge. These are the most critical resources for every organization. People management from a retention and hiring standpoint
46
CXO INSIGHT ME
OCTOBER 2018
is the key and under no circumstances must you pay less attention to this aspect. One should also remember as we embark on this transformation journey, you need to bring in fresh talent. This is important because digital transformation warrants new age thinking and bringing in young fresh and energetic minds will usher in some new thinking within the organisation, and if these talents are hired across different business functions, then each of these functions will get the required infusion of new age thinking.
Once this is done, Integration of the existing valuable resources with the new fresh talent is a very important activity that HR and the organisation need to pay special attention to. The integration needs to be done seamlessly so that the organisation gets to enjoy the best of both worlds. However, attracting top-level talent to your organisation can be a daunting task and you can’t depend only on HR or ad hoc initiatives for this. It requires a cohesive strategy with the right workplace culture to find, recruit and retain the best talent. The new age thinkers, whom I call “digital thinkers,” need the guidance of the experienced resources within the organisation, as these people have been with the corporation for considerable amount of time and have built processes and management framework on which the company exists. In other words, this the culture and heritage of the company and when this is combined with the innovative methods of “digital thinkers,” the outcome is undoubtedly the right one. A recent study report by MIT Sloan Management Review and Deloitte Digital reveals that “digitally maturing companies, in particular, are developing their digital talent at both leadership and employee levels and creating conditions that will enable the organisation to experiment, learn, and collaborate in the marketplace.” Further, 90% of respondents in this study, revealed that a culture of constant learning was crucial to any successful transformation. It is imperative to provide them with an opportunity to work with new technologies and create an environment, which is creative and inspirational to foster a culture of innovation. As Fred Ludy, Founder of ServiceNow, famously said: “There is no better experience than giving someone a piece of technology that lets them do something they never thought they could do.”
of all industrial organizations experienced a network breach in the last year
of industrial cyber breaches originate at a third party or vendor
of industrial control systems exposed to the internet are vulnerable to cyber attack
But it doesn’t have to be. PREVENT UP TO 98% OF NETWORK SECURITY BREACHES
DATA DIODE CYBERSECURITY From
owlcyberdefense.com/oil