CYBER SENTINELS DAY THREE
BY INSIGHT PA R T N E R
YOUR PREVIEW TO THE GULF INFORMATION SECURITY EXPO & CONFERENCE AND THE FIRST EVER GULF ENTERPRISE MOBILITY EXHIBITION & CONFERENCE
HIGHLIGHTS
TRANSFORMING PARTNERS INTO SECURITY EXPERTS “Changing and putting a goal which is to become the number 1 security vendor in the region requires to have a proper program that offers special advantages for the partners” says Maya Zakhour, Channel Director, ME for Fortinet. Maya highlighted the new changes Fortinet has made to its partner program-“The new program has several levels -platinum, gold, silver and authorised. We have put in place some new requirements to attain these levels of partnerships. Starting from authorised partner, a partner needs to MAYA ZAKHOUR, CHANNEL DIRECTOR, ME, have NSE1 (Network Security Expert Level 1).and go all the way till NSE 8. FORTINET NSE certification gives the partner added value as a network security expert irrespective of any vendor. Partners can progressively do the various certifications from NSE1 onwards to gain more and more advanced understanding of the solutions so that they can really showcase their expertise to the channel. The certifications cater to enablement from both technical as well as sales perspective. In June, we have the expert academy in Canne, France; so we are inviting our partners from the ME to book their seats from now. ”Additionally, Fortinet has introduced the rewards system which is focussed on advanced technologies as well. “It’s really a great incentive for partners to do more and more business with Fortinet”. Fortinet is making sure to engage actively with the partners from a very early stage so as to assist them all along the way to deliver the best solutions as well as best services.
PRADEESH VS, GM, ESET MIDDLE EAST
SECURITY THAT SPEEDS UP YOUR BUSINESS What have been the latest on technology front from ESET ? ESET’s completely re-engineered and redesigned range of IT security products for business are now globally available. At the heart of the upgrades is the new ESET Remote Administrator- that has been rebuilt to enhance usability, improve security and lower the overall cost of implementation and management. Our goal is to exceed our customers’ expectations, offering them first-class security that is unbelievably efficient and effective
to install, configure and run. Could you highlight a major success story of ESET ME in the recent past ? BUiD has significantly strengthened its IT security posture with a campus-wide deployment of ESET Endpoint Security. They had done POCs with all big brands; however ESET top-performed on all levels making it the right choice for them. Perhaps the best testament to the solution’s simplicity and effectiveness is that
in the 6 months since its deployment, BUiD has not registered a single support call with ESET- something that was a fairly regular exercise with the institution’s previous security solution. There have been several other major deployments as well ; including Rivoli , NAFFCO, Sun & Sands Sports etc. What are the major competitive advantages of ESET solutions over the others? Our solutions provide security without slowing the speed of the system ensuring that security is an enabler, not a deterrent of business processes. Moreover, local support is a major point; in most other competitors, one needs to channel through several partners for support hence delaying the process; that’s not so in case of ESET. Any new updates in your partner program that you’d like to highlight? ESET has unveiled its new ESET Retail Partner Program for the Middle East. The scheme recognizes and rewards partners who have a proven track record of promoting and selling the ESET Smart Security and the ESET NOD32 Antivirus products. . ë
QUOTE OF THE DAY FARID FAROUQ VP IT, DWTC
“CIOs have no choice other than to respond to changes. Or else, we will always be playing catch-up!” TODAYS GUESTS
PHILIPPE ROGGEBAND -10.40 AM
BRUCE SCHNEIER 10.10 AM
DR. JASSIM HAJI - 3.30 PM
VISIT US
STAND NUMBER SR-28
PIC OF THE DAY
WINNERS OF IT SECURITY AWARDS AT GISEC 2015
02
CYBER SENTINELS DAY THREE
INTEGRATED SECURITY FOR THE ENTERPRISES
SECURING ENTERPRISES BY PROTECTING PEOPLE
HIGHLIGHT AT GISEC
HIGHLIGHT AT GISEC
COMPETITIVE ADVANTAGE
Identity and access management (IAM) solutions that give customers and employees one-click access to any application from any device
n One password for many apps n Available both on premise and via cloud n Not cumbersome n Agility
A complete range of security solutions including network, endpoint and server security in an integrated manner across the region
STRENGTH n Security and data protection solutions that are simple to manage, deploy and use and that deliver the industry’s lowest total cost of ownership.
n With more than two decades of experience, Sophos is regarded as a leader.
COMPETITIVE ADVANTAGE n Integrated n Easy to deploy n Simpler n One point contact
SOPHOS
CEO, COMGUARD
So Comguard seems to be
n Superior IAM solutions n Simplified enterprise grade security n Workforce identity n Single sign on
INDUSTRY SOLUTIONS n Healthcare n Financial Services n Public Sector n MSPs
PING IDENTITY
PROVIDING 360° SECURITY TO ENTERPRISES
AJAY SINGH CHAUHAN
How has GISEC been so far for Comguard? I think it has been good. We have been able to showcase some of the new relationships we had in Q1. It allows us to broaden our horizon on what we are able to offer. We also see a clear shift in terms of how the threats have increased and how complicated the threats have become and how the newer solutions are trying to tackle them.
STRENGTH
onboarding several new vendors, isn’t it? More importantly, if you see they are addressing the new age threats, so that’s been the motto. Because the earlier set of tools or companies can’t address those in the fashion they are meant to be. Has there been any change in the focus of Comguard? No, the focus continues to be security. But there are couple of areas we are trying to get into- these include the emerging
NEXTHINK
technologies like the cloud, virtualization, storage, compute, IoT. We are trying to develop in these domains and by the next GITEX, we shall be able to make announcements of actual brands and what we shall be doing in these areas. Security is very much linked with mobility as well; so are you planning to venture into mobility space too? Yeah. We see lot of shift in security happening to address the security concerns
on cloud, for new age applications, SaaS etc. On boarding new vendors is backed by our efforts to address all the changing needs of security across several domains. Are you targeting SMBs as well? We have always been doing so through couple of brands like Kaspersky and we continue to do that. We are basically consolidating that space; however our heavy focus is on the enterprise clients.
BLUECAT
REAL TIME VISIBILITY FROM END-USER PERSPECTIVE
STAYING ALWAYS ON AND CONNECTED SMARTLY
HIGHLIGHT AT GISEC
HIGHLIGHT AT GISEC
Software provides enterprise wide, real-time analytics covering all endpoints, end users, apps and network connections and visualization of the IT infrastructure and service delivery
STRENGTH n Connect, collaborate andcommunicate to enhance security
n real time analytics n essential visibility
COMPETITIVE ADVANTAGE n Customers benefit from real-time visibility of their infrastructures from the end user perspective n Actionable insight to enhance security n Raise level of threat detection & compliance at end-user level
BlueCat IPAM Solutions provide a smarter way to connect mobile devices, applications, virtual environments and clouds.
STRENGTH n Unified mobile security, address management, automation and self-service
n Rich source of network intelligence
COMPETITIVE ADVANTAGE n Scalability in every direction n Reliable service delivery n Powerful centralized IP address management n Listening to customers and addressing their concerns
CYBER SENTINELS DAY THREE
Qualys CAP for Continuous Asset Inventory, Security and Compliance Qualys has launched the Qualys Cloud Agent Platform (CAP), a new platform that extends Qualys’ industry-leading Cloud Security and Compliance Platform with lightweight agents to continuously assess security and compliance of organizations’ global IT infrastructure and applications. This new platform provides organizations with a flexible solution to assess and address the security and compliance of their IT assets in real time, whether on-premise, cloud-based or mobile endpoints. “The lack of visibility of the risks within an organization’s global IT infrastructure is a deep concern. Periodic vulnerability and configuration scans can provide some visibility but scale creates different problems. For example scanning a 100,000-node network can potentially yield millions of findings, which creates
PHILIPPE COURTOT, CHAIRMAN AND CEO FOR QUALYS
difficulty in prioritizing which vulnerabilities to remediate first. Using a hostbased scanning approach, delivered as a service, brings not only real-time information but also can increase the ability to consume the high levels of data collected,”
said Charles Kolodgy, vice president, for IDC. “Traditional vulnerability scanning methods present a number of challenges for IT security teams who either don’t have the proper credentials, or are scanning assets that aren’t always connected to the local network,” said Philippe Courtot, Chairman and CEO for Qualys . “Qualys Cloud Agent Platform is a game changer and a new paradigm of continuously assessing IT systems. This platform provides our customers with the flexibility and choice they need to conduct real-time vulnerability and compliance management for IT assets whether it’s on-premise, cloud-based or mobile endpoints.” Qualys Cloud Agent Platform is now available for trial on all Windows platforms and will go live on May 15, 2015.
SIEM TO MONITOR AND MITIGATE RISKS IN REAL TIME What are the solutions LogRhythm is showcasing at GISEC 2015? We are showcasing our security intelligence platform that really incorporates SIEM , log management, host forensics, network forensics, advanced analytics, vulnerability intelligence, threat intelligence, incidence management and monitoring the response workflow that surrounds that. What are the competitive advantages of your solutions relative to other vendors? Traditional SIEM tools don’t have the full breadth of coverage across the user, end point, host and the network. Our unified platform offers amazing secu-
rity inteligence unlike the others. How is this technology being received in the ME region? The need for better monitoring and response caapbility, the need to reduce the time for detection and response in this region is one of the highest in the world because of the high level of investment as well as the threat landscape putting the govt agencies, petrochemical industries and financial organizations at risk. Traditional security technologies can’t keep pace. Organizations need to shift their focus from trying to prevent and protect their infrastructure to realizing that they will have problems, they will get compromises that they got to detect those in real time, respond to
ROSS BREWER VICE PRESIDENT AND MANAGING DIRECTOR OF EMEA, LOGRHYTHM
them and mitigate accordingly. So which are your distributors? We have been with Spectrami for sometime; they are a focussed VAD. And on EMEA basis, we have been with Exclusive Networks for many years. ë
SEAMLESS CYBERATTACK MITIGATION
RAKSHA JASORIA, MARKETING MANAGER. EXCLUSIVE NETWORKS MIDDLE EAST
As one of the largest single VAD of IT security solutions across the globe, Exclusive Networks brings in the pioneering CARM platform which is at the forefront of ‘post-breach’ security. CARM, Cyber Attack Remediation and Mitigation is an integrated solution platform that identifies when, how and where the breach took place and prepares a roadmap according to it. “A prime concern for all the CIOs and IT managers across the globe is Cyber Security. We offer a one stop shop solution to the channels and resellers. seamlessly brings together vendor technologies in a complete, fully demonstrable end-to-end solution enabling enterprises to identify, contain, respond, remediate and mitigate the impact of security breaches” says Raksha Jasoria. Marketing Manager, Exclusive Networks ME. Talking about the vulnerabilities of various sectors in the region, she believes that no industry or region is barred from cyber threats or hacktivism but what makes Exclusive networks stand as a class apart is their service expertise and the expert trained team. This year Exclusive network hit revenue market with a whopping €627 million and target to hit 1 billion by 2016. “The market has evolved on the services platform , but still there are many organizations out there who sell you products in the name of solutions. But at Exclusive networks, it’s Services all the way”.
UAE
3
CONTINENT
7
COUNTRIES
700
TOP IT EXECUTIVES
SEP-OCT 2015 B ROU G HT BY
GLOBAL ENTERPRISE CONNECT ORGAN ISE D BY
www.gecopen.com
03
04
CYBER SENTINELS DAY THREE
PALO ALTO NETWORKS AGAIN A LEADER FOR ENTERPRISE NETWORK FIREWALLS Palo Alto Networks has been positioned by Gartner in the “leaders” quadrant of the April 22, 2015 “Magic Quadrant for Enterprise Network Firewalls.” According to Saeed Agha, General Manager, Palo Alto Networks Middle East, this marks the fourth year that Palo Alto Networks has been recognized as a leader in the Magic Quadrant for Enterprise Firewalls1, which evaluates vendors’ “ability to respond to changes in the threat environment, and to present solutions that meet customer protection needs rather than packaging up fear, uncertainty and doubt.” According to the report, “Vendors in this quadrant lead the market in offer-
JOSE THOMAS, CEO OF BULWARK
ing new safeguarding features, providing expert capability rather than treating the firewall as a commodity.” “It’s an honor to be recognized for our ability to execute and completeness of vision in Gartner’s Magic Quadrant for Enterprise Network Firewalls, and we’re thrilled to achieve this position for the fourth time. We are proud to see that our next-generation firewall continues to set the bar in the industry. It is the cornerstone of our unique enterprise security platform that combines network, cloud and endpoint security capabilities to safely enable applications and deliver automated prevention against cyber attacks – known and unknown.” René Bonvanie, CMO, Palo Alto Networks.
Seal Security Loopholes with ManageEngine ManageEngine has revealed its latest Firewall Analyzer add-on for EventLog Analyzer, the company’s log analysis solution at GISEC 2015. The new add-on enhances EventLog Analyzer with multi-vendor security device and configuration management features to help IT security administrators monitor and analyze security incidents better. Admins can now seal security loopholes due to firewall misconfigurations, monitor network traffic and bandwidth usage, and propagate and analyze security incidents from log sources across the network — all from a single, central console. Pravin Kumar, product manager at ManageEngine said, “In most cases, as a complement to log analysis, constant monitoring of security devices’ configuration changes helps contain attacks at the earliest stages. Our new add-on provides instant access to firewall device configuration details, network traffic and bandwidth usage details, and log data from sources across the network by collating them in one central location.” The other highlights of the EventLog Analyzer Firewall Analyzer Add-On include better combat of external security threats, unmasking of shadow IT operations, meeting of compliance requirements for security device configuration management, provision of contextual information to track down real security attack attempts,, and clear visibility into network bandwidth and traffic usage.
SPECTRAMI UNVEILS CUSTOMER EXPERIENCE CENTER FOR LOGRHYTHM Spectrami has entered into a strategic alliance with LoRhythm to offer an Customer Experience Center (CEC) facility for LogRhythm’s pioneering the Security Intelligence in Dubai, UAE. The facility will help Spectrami’s channel partners and end-users in the Middle East region. The new advanced facility will work as a point of reference for companies that would like to understand the potential of Security Intelligence technology, which will enable users to experience the unique simplicity of LogRhythm managing Intelligence Platform, unifying SIEM, log management, network forensics, host
forensics and advanced security analytics, empowers organizations. Expressing his happiness on the launch of new facility of CEC, Anand Choudha, Managing Director, Spectrami, stated, “This facility demonstrates our commitment to providing LogRhythm channel partners with the tools and resources they need to increase sales opportunities. This
will also provide a platform to customers who want to have a real time experience with Security Intelligence platform. It reflects the strength of our relationship and the confidence LogRhythm has in us to drive market expansion in the region.” Mazen Dohaji, Regional Director – Middle EastLogRhythm, Inc., said, “We have seen a huge momentum for Security Intelligence platform in the Middle East region. We have chosen Spectrami as our strategic partner to establish LogRhythm Customer Experience Center due to their excellent capabilities, execution and expertise.”
GCC EXECUTIVES ARE AT HIGH RISK OF PRIVACY BREACHES
HANI NOFAL, VICE PRESIDENT, INTELLIGENT NETWORK SOLUTIONS, GBM.
Gulf Business Machines (GBM) has revealed based on its recent market survey that the increasing use of mobile devices for work is continuing to rise. According to the survey results, 80 per cent of executives use their personal mobile devices for work purposes but only 10 per cent adopt appropriate security measures to protect the corporate data stored there. The annual GBM Security Study, now in its fourth year, has shown that security breaches in the GCC are on the rise, with one in five participants being aware of a privacy violation in the past 12 months. Increasing threats of cyber-attacks, coupled with the rise of cloud adoption, mobility and social media, led companies to implement more flexible technologies in the workplace, whilst not necessarily investing enough to mitigate against potential risks associated. “Security has become a boardroom discussion within an organization and in our fourth edition of GBM Annual Security Study, we are focusing on the regional executives’ awareness and readiness to address the security challenges” said Hani Nofal, vice president, Intelligent Network Solutions, GBM. As services are continually being brought online and the region’s growing focus on smart services, GBM’s survey has shown that cyber security continues to cause concern for organisations and individuals. “The future is digital,” concluded Nofal. “And we must ensure that the correct security measures are in place in order for organisations, and the general public to feel safe in the technologies that can provide added value to their working and personal lives.”
CYBER SENTINELS DAY THREE
ADVANCED SECURITY VAD IN THE MARKET
Mobility Management Made Easier for Enterprises
HISHAMUL HASHEEL A, GM –SOFTWARE & SECURITY, REDINGTON VALUE
What is your agenda for Gisec? This is our first year in GISEC. For the past several years, we have been building our security solutions and are gradually moving on to the services zone. We have completely migrated from the product-centric phase and GISEC is an excellent platform for us to position ourselves in the market as an advanced security VAD and we are establishing a new partnership venture with Fidelis for cyber security. What is the prime reason for security breach? One of the predominant reason for Middle East being targeted by the cyber criminals is because of the fact that security is not a ‘Boardroom Discussion’. Consumerization of IT is one of the legacy systems that enterprises must transcend. What is the biggest challenge that the region is facing? I believe, the market is still very product-centric and it is looking at security from a product perspective. It has to come above it and we as a VAD are trying our best to educate our channel partners and twist that around. As a VAD, what does value mean to you? As a VAD, our value lies in how much value we can create in the channels. We believe in decentralizing value to our entire channel and partner ecosystem. ë
05
BLACKBERRY COMES UP WITH AN ADVANCED SOLUTION BES12; SUCCESSFUL DEPLOYMENT BY ESSAR GROUP AND TARPON ENERGY SERVICES
BlackBerry has launched BES12 Cloud, a cloud-based enterprise mobility management solution that will offer easy management of iOS, Android, Windows Phone, BlackBerry 10 smartphones and tablets, as well as a wide range of Samsung KNOX and Android for Work smartphones and
tablets. “BlackBerry always commits to deliver secure and innovative products to help our customers drive productivity and efficiency in their organizations, while reducing costs,” said Billy Ho, Executive Vice President, Enterprise Products
and Value Added Solutions, BlackBerry. “Close relationships with our customers and partners is why we have announced our commitment to delivering a new BES12 Cloud solution later this month and delivered enhancements to BES12 and BBM Meetings today, continuing the expansion and evolution of our offering.” “We have implemented BES12 in our organization to cater to the needs of EMM in our environment and are planning to trial the new BES12 Cloud solution,” said Jayantha Prabhu, Chief Technology Officer, Essar Group. “Our BYOD policy allows employees to have a choice. For example, some of our users have opted to upgrade to the BlackBerry 10 platform, especially those who want the QWERTY keyboard experience and have chosen a device like the BlackBerry Classic, while others are using Android, iOS or Windows devices. BES12 helps us manage all of this, with the peace of mind that our corporate data remains secure.”
PIONEERS IN SECURE ENTERPRISE MOBILITY ‘sendQuick’ from TalariaX, the singapore based brand has been at the forefront of Enterprise Mobility and IT Security. Facilitating a whole slew of niche applications such as Alert Notifications, Enterprise Messaging, Third Party Application Integration, 2 Factor Authentication and Network Monitoring, ‘sendQuick’ appliances are plug and play and yet Enterprise class to meet with demanding needs such as security, scaleability and redundancy. Talking about the evolution of SendQuick, Ashok Kumar, Chief of Business Development, Talariax said ‘sendQuick is one brand that fits whether you are talking about a Product, Solution or Service as it depends upon how it is sold and implemented by our partners’. TalariaX is well supported by a multi-tier ecosystem of channel partners some of whom ASHOK KUMAR, CHIEF OF BUSINESS have vertical expertise in selling solutions and services to end-users. TalariaX and their dis- DEVELOPMENT - EMEA & SAARC, TALARIAX tributors recently signed up reputed downstream resellers and systems integrators to help further reach in the market. TalariaX views GISEC 2015 as an important event since it is focused on IT security.
THREAT EXTRACTION FOR ZERO MALWARE IN ZERO SECONDS Check Point Software Technologies have recently introduced Check Point Threat Extraction, a radical new security approach that proactively ensures documents are delivered to a network with zero malware in zero seconds. Attacks are evolving and increasing every day, however documents still pose one of the highest risks of infection for organizations. According to the Check Point 2014 Security Report, 84% of companies downloaded an infected document in 2013. Companies need to implement
stronger defenses against these attacks. The only way to ensure complete protection is to preemptively remove threats by reconstructing documents with known safe elements. With Check Point Threat Extraction, organizations can protect themselves against both known and unknown threats. “Because the traditional approach of protecting against infected documents by looking for malware and blocking it does not provide absolute protection, organizations need a way to preemptively remove
the threat of malware altogether,” said Dorit Dor, vice president of products at Check Point Software Technologies. “With Check Point Threat Extraction, organizations can now defend their networks against threats with a radical new technology that delivers 100% safe documents immediately.” Check Point Threat Emulation, AntiBot, Intrusion Prevention and Antivirus complement Threat Extraction by detecting malware and providing full visibility and event information to any attack attempts.
06
CYBER SENTINELS DAY THREE
Today’s Conference Agenda DAY THREE, TUESDAY 28 APRIL 2015 10.00
Chairman’s welcome address
SCHNEIER ON SECURITY 10.10 - 10.40
TRAILBLAZER Reactions and learnings from the Sony Hack Bruce Schneier, Fellow, Berkman Center for Internet and Society, Harvard Law School, US
INTELLIGENCE DRIVEN SECURITY AND RISK MANAGEMENT 10.40 - 11.10
KEYNOTE ADDRESS What do we need to make IoT security a reality? Phillipe Roggeband, Business Development Manager, Cisco Security Architecture
11.10 - 11.40
KEYNOTE ADDRESS The Defenders Advantage Peter Clay, CISO, Invotas
11.40 - 12.10
KEYNOTE ADDRESS Revealing the quiet intruder – understanding techniques used in modern cyber attacks Brian Tokuyoshi, Senior Solutions Analyst, Palo Alto Networks
12.10 - 12.40
MORNING COFFEE
NEXT GEN THREATS AND VULNERABILITIES 12.40 - 13.05
KEYNOTE ADDRESS The enterprise impact of cyber risk through the shareholder lens Kamran Ahsan, Senior Director of Security Services, Digital Services Business, Etisalat, UAE
13.10 - 13.40
KEYNOTE ADDRESS Intelligent Security Operations Centre (I-SOC) - Framework Firosh Ummer, MD EMEA, Paladion
13.40 - 14.30
Networking Lunch
INCIDENT RESPONSE 14.30 - 15.00
IDEA SWAP The future of authentication amongst web services Brett McDowell, Executive Director, FIDO Alliance Mayank Upadhyay, Director of Engineering, Google Dhruv Soi, Chair, OWASP India
15.00 - 15.30
IDEA SWAP Protect, detect, respond: anatomy of an effective incident response plan Mohammed Darwish Azad, Head of Group Information Security, Group IT - Emirates NBD Roshdi A. Osman, Deputy CISO, Banque Saudi Fransi Mayank Upadhyay, Director of Engineering, Google
15.30 - 16.00
IDEA SWAP Active defence: how can data-centric protection increase security in cloud computing and virtualisation? Dr. Jassim Haji, Director Information Technology, Gulf Air George Yacoub, Acting Group CIO, SEHA
16.00
CLOSING REMARKS from the chair and close of the conference