EC-MEA February Issue 2021 by GEC Media Group

MORO HUB’S CLOUD TRANSFORMATION

ORACLE CLOUD PARTNERS

PA G E S 7 2 VOLUME O8 | ISSUE 06 FEBRUARY 2021 WWW.EC-MEA.COM

WHY IS IT SO

CHALLENGING LEVERAGING THEIR DATA ARE BUSINESSES

While enterprises are increasingly using applications off the cloud, leveraging big data and analytics requires specialised infrastructure and skills to make progress.

F E B R U A R Y 2 0 21

MEA

There's one thing even a billion-dollar company can't afford:

a security breach

Safeguard your IT with

Security Information & Event Management | Identity & Access Management Network Security Management | Unified Endpoint Security & Management Privileged Identity Management | Firewall Security Audit & Log Management

www.manageengine.com 02

MEA

F E B R U A R Y 2 0 21

EDITORIAL MANAGING DIRECTOR TUSHAR SAHOO TUSHAR@GECMEDIAGROUP.COM

BIG DATA SUCCESS STILL ELUSIVE

EDITOR ARUN SHANKAR ARUN@GECMEDIAGROUP.COM CEO RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM GLOBAL HEAD, CONTENT AND STRATEGIC ALLIANCES ANUSHREE DIXIT ANUSHREE@GECMEDIAGROUP.COM GROUP SALES HEAD RICHA S RICHA@GECMEDIAGROUP.COM EVENTS EXECUTIVE GURLEEN ROOPRAI GURLEEN@GECMDIAGROUP.COM

ARUN SHANKAR, EDITOR A R U N @ G E C M E D I A G R O U P. C O M

RONIT GHOSH RONIT@GECMDIAGROUP.COM

e have been reading about mining the new gold for some time, and the arrival of data analytics. Yet organisations continue to sit on historical data, much of which cannot be seamlessly accessed.

According to Alteryx’s Abboud-Ghanem, businesses are sitting on troves of data, yet they tap into very little of it. Part of the challenge is that many companies cannot bridge the data gap. The value of data is lost due to organisational silos, a clumsy patchwork of tools, and a limited number of data owners within the business. So, for most businesses, getting the value out of data can be daunting. End users start their analytic journeys with simple questions, however, are increasingly seeking answers to complex problems, he points out. Despite these challenges, Ahmed Al-Faifi at SAP, points out that, analytics is amongst top three investments in the region. According to a recent survey by Oxford Economics and SAP, the top three technologies attracting investment in UAE are AI 34%, IoT 33%, and analytics 27%. Middle East organisations also face challenges when CIOs are presenting their financial case with a focus on total cost of ownership. Companies often encounter roadblocks when implementing big data projects, adds Ihab Farhoud at VMware. Roadblocks include budget constraints, lack of IT expertise and risk of platform lock-in. Processing big data workloads is different than processing typical enterprise application workloads. Companies may find some skill and knowledge gaps when they embark upon big data projects. Big data workloads are processed in parallel, instead of sequentially. With big data analytics, many use cases must be run in real-time for live analysis and reaction. IT must change datacentre policies and learn new tools to create, manage and monitor these new workloads. Companies also need to choose the right type of infrastructure to run big data applications. Focusing on use cases inside UAE, Injazat has taken the lead to build a Cyber Fusion Center that integrates behavior analytics, machine learning and provides a unified approach to neutralise threats, says Shafiq Ur Rehman. Injazat is formalising partnerships with knowledge networks in academia and venture builders with a goal to accelerate innovation in this area. Due to accelerated shift towards digital driven by pandemic, companies are increasing the amount of customer metadata, points out Schneider Electric’s Ziad Youssef. Big data translates into an enormous number of metadata, so a traditional file system cannot support it. Also, ahead in these pages, multiple thought leadership contributions including how ServiceNow’s cloud solution is helping to manage vaccine distribution. Wishing you success in the short-term challenges ahead of us. ë

JENNEFER LORRAINE MENDOZA JENNEFER@GECMDIAGROUP.COM SALES AND ADVERTISING RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM PH: + 971 555 120 490 PRODUCTION, CIRCULATION, SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM DESIGNER AJAY ARYA ASSISTANT DESIGNER RAHUL ARYA DESIGNED BY

SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM SOCIAL MARKETING & DIGITAL COMMUNICATION YASOBANT MISHRA YASOBANT@GECMEDIAGROUP.COM PRINTED BY AL GHURAIR PRINTING & PUBLISHING LLC. MASAFI COMPOUND, SATWA, P.O.BOX: 5613, DUBAI, UAE

COMPANY OF ACCENT INFOMEDIA MEA FZ LLC

# 203 , 2ND FLOOR G2 CIRCULAR BUILDING , DUBAI PRODUCTION CITY (IMPZ) PHONE : +971 4 564 8684 31 FOXTAIL LAN, MONMOUTH JUNCTION, NJ - 08852 UNITED STATES OF AMERICA PHONE NO: + 1 732 794 5918 A PUBLICATION LICENSED BY International Media Production Zone, Dubai, UAE @copyright 2013 Accent Infomedia. All rights reserved. while the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.

F E B R U A R Y 2 0 21

MEA

INTEL® NUC: SMALL SIZE,

BIG ENTERTAINMENT Featuring Intel® UHD graphics and 4k UHD, the Intel® NUC 10 Performance Mini PC is designed to be your entertainment and gaming center.

INTEL® CORE™ i7 PROCESSOR, 16 GB MEMORY, 256 GB SSD, 1 TB HDD WITH WINDOWS® 10 COPYRIGHT 2019 © INTEL CORPORATION. ALL RIGHTS RESERVED. INTEL, THE INTEL LOGO, INTEL CORE, AND INTEL OPTANE ARE TRADEMARKS OF INTEL CORPORATION OR ITS SUBSIDIARIES IN THE U.S. AND/OR OTHER COUNTRIES. OTHER NAMES AND BRANDS MAY BE CLAIMED AS THE PROPERTY OF OTHERS.

Phone: +971 4 8863850 E-mail: marketing@asbisme.ae www.asbisme.ae

CONTENTS 35-45/ COVER STORY

BIG DATA, BUILDING THE INFRASTRUCTURE AND APPLICATIONS n

Altreyx: Simplifying data analytics with self service solutions SAP: Analytics amongst top three investments in the region VMware: Big data driving change in datacentre policies, workloads Injazat: Combining behavior analytics, machine learning, AI Schneider Electric: Building datacentres to support big data workloads

28-34

69-70

06-09

51-55

46-49

10-16

PRODUCTS

Moro Hub: Moving to digital transformation from energy and sustainability

18-24

58-59

60-67

Why Oracle Cloud ISVs are making best gains on OCI

EDITOR’S PAGE VIEWPOINT EVENTS CHANNEL 26

CLOUD

SECURITY REAL LIFE

TRENDS

PEOPLE INNOVATION

CHANNEL STREET

GUEST COLUMN

F E B R U A R Y 2 0 21

MEA

VIEWPOINT

BEGINNING OF THE FOURTH WAVE OF CLOUD ADOPTION The fourth wave of cloud adoption is coming, driven primarily by an urgent need to get more of the business in the digital realm, explains Lori MacVittie of F5.

he first wave of cloud saw organisations sprint to the cloud, lured by promises of cost savings and business agility. This was followed by the emergence of the multi-cloud and the subsequent significant repatriation of workloads to on-premises, driven by concerns over cost and security. What appears to be happening now is an abrupt shift to the beginning of a fourth wave of cloud adoption. The response to the Covid-19 pandemic changed a lot of enterprise attitudes, one of which was that toward remote working. Another was that toward public cloud and just about every survey out there now says the market is full steam ahead on cloud migration. A recent survey commissioned by DevOps automation specialist Codefresh found that Covid-19 is prompting a reconsideration of on-premises infrastructure strategies. The survey found that 58% of those polled are moving some infrastructure to the cloud in response to the pandemic. Of those, 17% are planning to move their entire software stack to the cloud. Cloud has been and continues to be used as an umbrella term for several different models, and one of those is SaaS. One of the reasons we specifically separate SaaS from other types of cloud, IaaS and PaaS, in our annual research is because SaaS tends to skew the view of the entire market. SaaS migration has accelerated since the outbreak of Covid-19. There is no doubt about that. This includes all the usual suspects of reducing instances of packaged software by adopting a SaaS equivalent as well as a shift toward IT management via SaaS. We, too, are seeing a shift in customer preferences toward SaaS for packaged software that has traditionally been deployed on-premises. There’s also a movement to migrate custom apps for those business functions that now have SaaS equivalents. The driver behind these migrations is two-fold: reducing IT operating costs and freeing up resources to focus on producing value. So, that said, is cloud sans SaaS migration accelerating? I am not convinced. I think cloud adoption is accelerating, not necessarily wholesale migration which

We are seeing a shift in customer preferences toward SaaS for packaged software

MEA

F E B R U A R Y 2 0 21

LORI MACVITTIE,

Principal Technical Evangelist, Office of the CTO, F5.

Fourth wave of cloud adoption is coming, driven primarily by an urgent need to get the business digital is workload migration. The distinction between migration and adoption is important. Migration implies the movement of an existing resource from one location to another. Given the investments and data gravity in existing traditional applications and surveys that make the distinction clear, it is highly unlikely most organisations are moving wholesale to the public cloud. Rather, what these surveys appear to be uncovering is the effects of accelerating digital transformation initiatives. Cloud adoption will necessarily increase, as it is often the best possible location for the applications and APIs needed to modernise applications and fully participate in the soon-to-be dominant digital economy. Remember, app modernisation is not a synonym to rewrite a monolith as microservices. It means modernising access to an application by extending, augmenting, and integrating an existing traditional application with modern components. Are those often microservices? Yes. But core systems, the ones running critical and often unique business functions, are still likely to be on-premises. So, will cloud be getting a boost in the post-Covid world? Yes. Absolutely. Are enterprises migrating en masse to the cloud? I don’t see that happening, at least not yet. What I do see is the fourth wave of cloud adoption coming, driven primarily by an urgent need to get more of the business in the digital realm. ë

VIEWPOINT

UNLOCKING BENEFITS OF PANDEMIC-LED TECH INVESTMENTS Setting up for long-term business continuity comes down to three considerations: people, process and technology, explains Adam Philpott of McAfee.

he last year was tough for us all. With vaccine rollouts in the UAE, the government is focused on getting the economy back on track, but it is clear that the way business is done has changed for good. The Covid19 crisis has forced many industries to adapt quickly, changing attitude to technology and requiring businesses across sectors to scale new initiatives in a matter of days or weeks. Most notable among these shifts has been the acceleration of cloud adoption to support a newly remote workforce. Of course, this was a trend that was in motion before, but many sectors that had little prior exposure to cloud infrastructure have been forced to adopt this model quickly. Organisations that made these decisions for short-term business continuity will no doubt be looking for ways to ensure these purchases can become secure, long-term investments. The reality is this is a pivotal moment for many businesses: they must consider what kind of construct they should return to in future rather than how quickly they can go back to the previous status quo. Key among the considerations for cloud success is security. Our research showed a 630% spike in external attacks on cloud accounts from January to April last year. We have also seen a boom in so-called shadow IT, where employees adopt and use systems and applications without the explicit approval of the IT team. For long-term cloud success, organisations need to decide which applications are best for their own needs, based on not only cost but also risk. Recent events will also have permanent implications for organisations’ physical real estate footprint. The return to the office will undoubtedly be a phased process, and many employees have expressed a reluctance to go back to the old ways of working. This means that businesses now need to have a much more flexible approach. Employees must be empowered to work from home as they require, but this will also necessitate greater flexibility when it comes to commercial real estate environments. Not only will the obligatory safety and social distancing checks

The new approach to office space and work patterns also demands a more flexible IT infrastructure

ADAM PHILPOTT, EMEA President, McAfee.

Everything that we do is people-led, because technology needs to follow the way corporate culture changes need to be in place, but it may be that some organisations don’t actually require physical office space five days a week. The new approach to office space and work patterns also demands a more flexible IT infrastructure. Shared office space will mean that you are unlikely to have high-cost server infrastructure on site. This may further accelerate the shift from on-premises to the cloud, where businesses can easily scale their usage up or down in a cost-effective manner, depending on demand. Overall, setting up for long-term business continuity and resilience comes down to three key considerations: people, process and technology. Everything that we do is people-led, because technology needs to follow the way corporate culture changes. We are seeing that most employees would like to retain some degree of flexibility when we return to offices. When it comes to the technology, it is imperative to have a flexible IT architecture in place. Having a security structure that sits on top of this and flexes as the infrastructure changes is also crucial to ensuring success. With this long-term view in mind, businesses must map and integrate their more recent lockdown-driven emergency technology purchases within their overarching IT architecture to make the most of their investment and drive future business success. ë

F E B R U A R Y 2 0 21

MEA

VIEWPOINT

RELEVANCE OF DIGITAL RISK PROTECTION IN A POST-COVID WORLD With the transformation of businesses, organisations need to ensure that their public attack surface is safeguarded, explains Dave Stuart of ZeroFOX.

ver the last several months, organisations globally have realised the accelerated transformation of work processes, business models and customer relationships as we deal with a global pandemic. How are organisations coping with the dramatically increased public attack surface? Any organisation that conducts business online, promotes products on the web or has customers engaging in its offerings on social media platforms needs to ensure that its public attack surface is safeguarded. If not, organisations are at risk for fraud that targets customers, damages the brand, or even attacks against the company’s assets i.e., its data, executives and IT infrastructure. The bad news for businesses is that these types of threats are only increasing, especially since the start of the pandemic. According to recent ZeroFOX research, between January and April 2020, digital threat activity increased by 9% and fraud and scam incidents online increased by 60%. With companies relying on their digital presence more than ever during the pandemic, it is vital that they implement comprehensive and strategic Digital Risk Protection Services, DRPS. Successful DRPS have three distinct elements, insight, understanding and prevention. The combination of these elements can provide a comprehensive layer of protection for organisations online. As organisations across all industries accelerate digitisation, security teams must invest in the protection of company-owned critical digital assets and channels such as websites, domains, and social media accounts, executive social media accounts and more. But how can you protect what you are not aware of? A crucial first step of DRPS is defining a digital footprint for your organisation that includes both assets that you own and public platforms where you operate. With a clear understanding of which assets are vulnerable across the digital landscape, organisations can leverage automation to easily lift the weight off of security teams’ shoulders to monitor cyber threats permeating their organisation’s digital footprint. Effective DRPS also allows these teams to better manage multiple technologies for different channels at once. Digital risk protection is not only about where to look but also identifying what threats exist. Effective DRPS are capable of providing security teams with the right tools to assess and analyse their entire digital landscape. In general, security teams

Successful DRPS have three distinct elements, insight, understanding and prevention 08

MEA

F E B R U A R Y 2 0 21

DAVE STUART,

Senior Director of Product Marketing, ZeroFOX.

Digital risk protection is not only about where to look but also identifying what threats exist must investigate beyond the channels their organisation owns. With digital risk protection, organisations can do this by detecting all external references related to their brands, customers, products and employees; understanding and analysing whether or not the references are legitimate or signs of impersonation and malicious activity; discovering where the references came from and evaluating threats to prioritise them relative to the risk of what matters most to you. Like all products and services security teams look to invest in, not all DRPS are the same. The most impactful DRP solutions go beyond just being a detection and analysis tool. The true value of these solutions lies in the ability to stop an account hijacker in their tracks or shut down fraudulent behaviour the second it appears within an organisation’s digital footprint, before lasting damage is done. Reliable DRPS is built with advanced artificial intelligence and sync with networks and hosts via API integrations to take down credible threats quickly. Today, attackers are looking to target public-facing channels. With the digitisation of the business world, it has become evident that security teams must turn to DRPS to protect their public attack surface from emerging threats. Using this to guide your DRPS implementation will ensure that your organisation’s digital footprint remains secure from cyber, brand and physical risks. ë

VIEWPOINT

CHALLENGES FOR IT NETWORK IN POST-PANDEMIC ERA

The benefits of a single and agile network to manage everything have been accelerated, explains by Arafat Yousef of Nexans Data Network Solutions.

he pandemic of 2020 has made the concept of remote teams and remote work collaboration a reality. Previously used by digitally mature and advanced organisations, like high-tech companies, the requirement of enabling mobile work triggered by the need for social isolation across much of 2020, has forced all organisations to adapt to this new reality. Transformation of the physical workplace has been a logical consequence, whether at home or at the office. Team members whether they are part of the family working at home, or employees when they are working from the office by rotation, will usually not sit at any one physical location. They need to be able to work equally well from any place in the office work area. Wi-Fi network connectivity and power over the Ethernet networks, PoE, need to be ubiquitously available and scalable across such places of work. Flexibility and scalability of the Wi-Fi network access points, access to the Ethernet, and availability of Power over the Ethernet, are now prerequisites to support teams working in the new normal. While places of work, whether they are supporting the family working and schooling at home, or employees at the office premises, are transforming, on a much wider scale, networks within buildings themselves are also transforming. Just a few years ago, the convergence of voice into IP based, LAN data networks, was a high point of disruption and innovation. Since then, there has been a relentless trend into converging siloed networking systems into IP networks. Today, these include security systems, building management systems, access entry systems, biometric systems, digital signage, low voltage power, LED lighting. This has spawned the term, Everything over IP or an all-IP approach in the convergence of isolated networks. The benefits of this convergence of networks are many, fuelling continuous industry innovation and end user adoption. Such, Everything over IP networks, offer significant benefits ranging from savings in power, cost, time for installation, activation, modifications and upgrades of networks. Such types of networks also reduce the chances of network failures and downtime and because of their ability to rapidly scale up or down, match today’s requirements demanded by agile organisations.

There should be more network points and connectivity, wherever there is more employee activity

ARAFAT YOUSEF,

MD - Middle East & Africa, Nexans Data Network Solutions.

Hot-desking and smart desking are now logical and functional solutions realised in the office workspace However, all these innovations and transformations are also putting pressure on the design and architecture of networks. There should be more network points and connectivity, wherever there is more employee activity. Working areas with a high density of people and devices should also have the provision to provide higher network connectivity and power usage. Creation of consolidation points allow the network to support an unlimited number of devices in theory. In practice, it means it should be possible to create additional network points on demand. Fibre To The Office, FTTO, is a centralised LAN cabling technology that combines passive fibre cabling with active switches and requires no floor distributors or technical rooms. Combining fibre and copper offers the advantages of a fibre infrastructure, while end user devices can be connected with a standard copper connection, guaranteeing no changes in usage and comfort for the end user. The benefits of such, single converged networks, that support the connectivity requirements of agile organisations, are being realised every day. Hot-desking and smart desking are now logical and functional solutions realised in the office workspace. For network administrators, managing a single network for operations, performance and efficiency offers huge time and cost savings. ë

F E B R U A R Y 2 0 21

MEA

EVENTS

GLOBAL CIO FORUM KICKS OFF REBOOT UNITE CIO SERIES The Global CIO Forum launched its first Unite CIO Meet, a part of its new initiative, Reboot. The theme of the first event held at TopGolf in Dubai was work-life balance. 12 CIOs who attended the meet spoke on 12 different topics. Delegates who attended the Unite CIO Meet included Pankaj Bajaj of Capital Health, Mohammad Shahzad of Dubai Developments, Ajay Rathi of DAMAC Group, Vinay Sharma of Gulftainer, Jayakumar Mohanachandran of Easa Saleh Al Gurg, Syed Naqvi of Al Hilal Bank, Shailesh Mani of Flemingo International, Muhamed Noufel of Royal Continental Hotels & Suites, Atul Aggarwal of Ceasers Bluewaters, Nithin Geo Thomas of Amity University, Venkatesh Mahadevan of Dubai Investments and Anshul Srivastav of Emirates Post.

MEA

F E B R U A R Y 2 0 21

EVENTS

F E B R U A R Y 2 0 21

MEA

EVENTS

GCF, Pure Storage, BMB hold summit on modern infrastructure platform On January 20, Global CIO Forum in association with Pure Storage and BMB successfully hosted VirtualSummit on Modern Infrastructure Platform for business-critical applications, DevOps, and analytics. The key parameters of a successful digital business strategy were discussed during the VirtualSummit. Better user experience, reduced resource footprint, optimised resources and higher user satisfaction drive upward revenue streams and improve business outcomes. Digital business analytics, especially DevOps is considered to be pivotal in determining the success of businesses. The session was followed by Q&A.

TOPICS COVERED

Modern Infrastructure platform for business-critical applications l Scaling DevOps agility l

Modernising infrastructure for the Everywhere Data l Highlights Some of the key highlights from the virtual summit were: l Huge data growth and data complexity pose challenges for enterprises l BMB and Pure Storage provide end-to-end datacentre solutions l BMB datacentre solutions offer modernisa tion, automation and security for digital transformation of your enterprise l Pure Storage can help you orchestrate on every cloud platform l On-premise, hybrid cloud and multi-cloud are the deployment options l Pure Storage offers FlashStack solution in partnership with Cisco for hyperconverged infrastructure, converged infrastructure and l

reference infrastructure l With Pure Storage, businesses need to architect only once and they can innovate with non-disruptive upgrades l Pure Storage offers data encryption and protection against ransomware attacks l Pure Storage helps build architecture for the future with focus on Artificial Intelligence

KEYNOTE SPEAKERS

Speakers at the VirtualSummit included Yahya Jaber, KSA Account Manager at Pure Storage and Yousef Mohammad Mhana, Principal Systems Engineer, EMEA Middle East at Pure Storage. From the BMB team, Michel Atallah, Technical Director, Reach – Levant and Rock Sarouphim, Group Marketing Leader were the key speakers.

Speakers Yahya Jaber KSA Account Manager Pure Storage

MEA

Yousef Mohammad Mhana Principal Systems Engineer EMEA Middle East – Pure Storage

F E B R U A R Y 2 0 21

Michel Atallah Technical Director, Reach – Levant, BMB

Rock Sarouphim Group Marketing Leader, BMB

EVENTS

Global CIO Forum announces keynote speaker for FITS 2021

HE HUSSAIN MOHAMMED AL MAHMOUDI, CEO of AUSE and SRTIP.

Global CIO Forum has announced HE Hussain Mohammed Al Mahmoudi as the keynote speaker for Future IT Summit. The event will be held in Dubai on March 22, 2021 in the presence of key government and private sector leaders and the virtual session will be held in real time on the GCF Convention Center platform. HE Hussain serves a dual role as the CEO of the American University of Sharjah Enterprises, AUSE, and as the CEO of the Sharjah Research, Technology and Innovation Park, SRTIP. Both these entities were established through royal decree by the Ruler of Sharjah, who also directly appointed HE Hussain to these responsibilities in order to create collaborative long-term relationships between industry, academia and the public sector, fostering an ecosystem of enterprise and innovation. Previously, HE Hussain served as the Director General of the Sharjah Chamber of Commerce and Industry, a Member of the UAE Chamber Federation, and GCC Chambers for 8 years. He was responsible for the overall management and operations of the Chamber including the provision of services to its members. In this role, he launched several

strategic economic initiatives for Sharjah such as the SME Act, Sharjah Export Centre, Sharjah Commercial Arbitration Centre, and the Sharjah Business Forum. HE Hussain has held leadership roles at leading regional and international companies such as the Royal Dutch Shell Group, Emirates National Oil Company, ENOC, and several Dubai Holding entities. He currently serves as honorary board member of both, the Tatweer Forum and of Maastricht University in the Netherlands, and as Chairman of the Emirates Business Council for Sustainable Development. He also serves as a board member of the Sharjah Entrepreneurship Center, Sheraa. The theme of the seventh edition of FITS is #StrongerTogether. It is in-line with the new normal which emerged in 2020 and saw the convergence of humans and machines in a way which had never happened before. FITS 2021 will showcase leading players in the arena of the digital and hybrid workforce and how their solutions can create a winning business strategy for the end customers. The summit will also have leading CIOs presenting their business outlook for 2021 and beyond and thus setting the stage for the IT vendors and partners.

F E B R U A R Y 2 0 21

MEA

EVENTS

Global CIO Forum, Thales, F5 hold summit on business apps security On January 19, Global CIO Forum in association with Thales and F5 successfully hosted a virtual summit on Extend Strong Authentication to Your Business Apps. Thales’s SafeNet Trusted Access combines easy to deploy access management and strong authentication allowing organisations to balance security with the end-user convenience. SafeNet Trusted Access extends the benefits of F5’s BIG-IP Access Policy Manager, APM, offering a scalable cloud solution that promotes secure access through easy to configure access policies. The session was followed by a Q&A session and quiz.

TOPICS COVERED l l l

Thales overview on Access Management The scalable F5 Big IP solution Integration of Thales Policies with F5 Big IP

HIGHLIGHTS

Here are some of the key highlights from the virtual summit: l F5 Labs found that web attacks are the #1

single point of entry in data breaches Traditional security approaches don’t work in times of multi-clouds and remote access of services l Thales protects the entire digital service cycle: l Access Management, AM, and authentication l Identity verification l Data encryption l Cryptographic account deletion l Thales AM and authentication portfolio includes policy-based access, authentication, Smart Single Sign-on, SSO l Thales also offers FIDO2 solutions l Thales authentication is password less. Push OTP can either be with PIN or combined with biometric, depending on policy l Customisable SaaS service reduces the possibility of phishing attacks l Thales solution addresses security across industry segments like health, finance, utilities, public sector etc. l Thales AM and authentication prevents l

breaches, securely enables cloud transformation and simplifies compliance l F5 application security pillars include app access, infrastructure and app layer l F5 Access Policy Manager, APM, uses a zerotrust model validation for every access request l F5 simplifies application access by using a centralised trusted source of user identity such as IDaaS, leveraging Single Sign-on, federating identity across all apps l Integration of Thales Safenet Trusted Access, STA and F5 BIG-IP APM: l Expands federation and SSO l Modernises on-premise app access l Enhances security l Exclusive Networks provided a demo on integration of Thales STA and F5 BIG-IP APM

KEYNOTE SPEAKERS

Speakers included Yasser El Mashad, Cyber Security Specialist at F5, Danna Bethlehem Coronel, Director, Product Marketing, Identity and Access Management at Thales and Serge Ghanem, Technical Solutions Manager at Exclusive Networks ME.

Speakers Yasser El Mashad Cyber Security Specialist F5

MEA

Danna Bethlehem Coronel Director, Product Marketing, Identity and Access Management (IAM) at Thales

Serge Ghanem Technical Solutions Manager at Exclusive Networks ME

F E B R U A R Y 2 0 21

Huawei IdeaHub New Style Smart OOce 3-in-1

Whiteboard 丨 Projector丨Online Meeting

Scan QR code to Learn More

EVENTS

Global CIO Forum, Aruba host virtual summit on Edge Service Platform On January 14, Global CIO Forum in association with Aruba hosted VirtualSummit on Industrial Facilities Solutions, which focused on the Aruba Edge Service Platform, ESP. With the continuous evolvement of technology, data is also witnessing major transformation. Harnessing data created at the edge i.e. where users and devices come together, opens up new opportunities and challenges. Businesses need to deploy and exploit IIoT solutions with a robust infrastructure.

TOPICS COVERED l l l l l

Operations optimisation Predictive maintenance Inventory optimisation Improved maintenance Health and safety monitoring

HIGHLIGHTS

Key highlights from the Industrial Facilities Solutions From Aruba VirtualSummit were: l Manufacturing and industrial trends 4.0 are 5G, IIoT, AI, robotics, VR and AR l Aruba helps in managing manufacturing challenges of managing data, adoption of automation, flexibility, cybersecurity, maintaining uptime l Aruba ESP automates, protects and connects your network l Authorisation and access control: streamline provisioning and automate segmentation means saved time and money l Aruba offers real-time personnel and asset maintenance and safety monitoring l Aruba has complete solutions for unified

infrastructure, AIops, zero-trust security and XaaS l Redefining IT outcomes by AIops. Features include AI assist, AI insight and AI search l Aruba offers HR and social distancing solutions like face mask detection and face recognition for attendance

KEYNOTE SPEAKERS

Manish Bhardwaj, Global Alliances Manager, Middle East and South Africa, Aruba, Ahmed Fathy, Country Manager Egypt, Aruba and Fehmi Sakkal, SE Manager, Aruba were the speakers for the Industrial Facilities Solutions From Aruba VirtualSummit. This was followed by a Q&A session.

Speakers Manish Bhardwaj Global Alliances Manager, Middle East and South Africa, Aruba

MEA

F E B R U A R Y 2 0 21

Ahmed Fathy Country Manager Egypt, Aruba

Fehmi Sakkal SE Manager, Aruba

CHANNEL

VAD Technologies to distribute Exasol’s analytics database Exasol, a high-performance analytics database, has announced a new strategic partnership with VAD Technologies, an established IT and technology value added distributor, headquartered in Dubai, UAE. Together, Exasol and VAD Technologies will bring Exasol’s powerful analytics database to customers across the Middle East, helping them get faster access to data insights to become more agile in their decision making. Together, Exasol and VAD Technologies will combine the distributor’s expertise and ability to take leading edge technologies to market with Exasol’s high-performance analytics database to bring unprecedented scalability and flexibility to joint customers. VAD Technologies joins Exasol’s world-class network of globally connected partners and alliances.

Matt McCormick, SVP of Corporate and Business Development, ThreatQuotient.

McAfee selects ThreatQuotient as Security Innovation Partner ThreatQuotient, security operations platform innovator, has announced the company was named McAfee’s 2020 Global Security Innovation Alliance, SIA, Partner of the Year for the second year in a row. ThreatQuotient was selected by the SIA partner team for demonstrated technical innovation, market leadership, and strategic value that complements the McAfee solution portfolio. Security operations teams use the ThreatQ platform to prioritise threat intelligence, quickly deploy threat data to existing sensor grids, and focus workflows to reduce time to detection, TTD, and time to response, TTR. ThreatQ supports multiple use cases including incident response, threat hunting, spear phishing, alert triage, vulnerability management and serving as a threat intelligence platform. ThreatQuotient’s partnership with McAfee includes integrations for these use cases, as well as future use cases by adapting to changing business needs.

MEA

F E B R U A R Y 2 0 21

Juniper, Türk Telekom partner for Open RAN development Juniper Networks and Türk Telekom have announced completion of new technology and commercial partnership to accelerate innovation in support of the Open RAN, Radio Access Network, 5G ecosystem. The partnership comprises an exclusive global licensing agreement with Netsia, a subsidiary of Türk Telekom Group company Argela in the US, to transfer its Radio Intelligent Controller, RIC, technology to Juniper. It will also include related source code and patents plus exclusive rights to develop and sell products and solutions that integrate with RIC. The partnership will enable permanent transfer of technical domain experts from Netsia to Juniper in support of RIC’s integration into Juniper’s product portfolio, further strengthening Juniper’s Open RAN and 5G expertise. Committed purchase of Juniper products and solutions by Türk Telekom to support its next generation Open RAN and 5G deployment is also a part of agreement. This will include an initial proof-of-concept project expected in late 2021, which will incorporate RIC technology and Juniper’s broader portfolio. RIC technology helps to operationalise Open RAN by providing intelligent, cloud-based control of disaggregated and virtualised radio functions across the access and edge domains. It is also an important component of end-to-end network slicing, enabling tuning of various radio access resources to reliably deliver against granular Service Level Agreements for specific use cases. In addition, RIC unlocks innovation in the radio domain by leveraging both near-realtime and non-real-time user and network data to create and deploy innovative, AI-driven applications and services. Collectively, the products and solutions resulting from this agreement will enable Türk Telekom and other service providers to deploy open, intelligent 5G radio infrastructure, eventually strengthening the Open RAN and 5G ecosystem.

marketing@asbisme.ae

CHANNEL

Steen Lomholt Thomsen, Chief Revenue Officer, AVEVA.

emt, Hornetsecurity partner on email security solutions

emt Distribution, a specialty IT and IT Security product distributor based around security, IT Management, and analytic solutions, has announced the partnership with Hornetsecurity for email security solutions. Email remains one of the most widely used exploits to conduct cyber social attacks which is exponentially increasing. Hornetsecurity help organisations to effectively protect their users’ emails from targeted cyber-attacks. Spam and malware protection, advanced threat protection, email encryption features available with Hornetsecurity are unique and ensure compliance and complete protection against most sophisticated cyber-attacks originated through email. Email continuity and archiving features available with Hornetsecurity are in demand with customers looking for highly available productivity solutions.

Sitecore, Microsoft to expand digital experience platform

Steve Tzikakis, CEO, Sitecore.

Sitecore has announced the availability of its digital experience solutions via Sitecore Managed Cloud services from the Microsoft Middle East Cloud regions in the UAE. Sitecore customers in the region can now tap into the power of cloud computing and deploy Sitecore Experience Platform and Sitecore Experience Commerce without the complexity of managing infrastructure and application stacks themselves. Public and private-sector organisations across the Middle East are rapidly shifting customer, employee, and citizen services from in-person and manual processes to more flexible and efficient cloud-based platforms. Sitecore’s Managed Cloud offering delivers customers flexibility and helps optimise budgets for businesses, providing access to infrastructure resources whenever and wherever they are needed. Sitecore’s offerings and presence in the UAE include local support for Sitecore Experience Platform, which reduces the complexity of delivering personalised customer experiences across any channel, at every stage of the customer journey. Sitecore XP combines omnichannel content delivery, customer intelligence, AI-driven analytics and personalisation, and marketing automation tools to enable marketers to create highly relevant digital experiences that nurture customers before, during, and after a transaction. These capabilities can also be augmented with Sitecore Experience Commerce.

MEA

F E B R U A R Y 2 0 21

AVEVA achieves various Microsoft competencies AVEVA has announced it has attained a Gold Application Development competency and Silver Cloud Platform, Data Analytics, and Data Centre competencies, demonstrating a best-in-class ability and commitment to meet Microsoft customers’ evolving needs in today’s mobilefirst, cloud-first world and distinguishing itself within a small percentage of the Microsoft partner ecosystem. A portfolio of competencies showcases that AVEVA is committed to focusing on on-demand, business solution areas, along with ensuring it can meet the evolving needs of our mutual customers. To earn a Microsoft competency, partners must successfully complete exams to prove their level of technology expertise and, for Gold competencies, designate these certified professionals uniquely to one Microsoft competency, ensuring a certain level of staffing capacity. Partners must also submit customer references that demonstrate successful projects and pass technology and sales assessments. For gold competencies, partners must also implement a yearly customer satisfaction study and, for many competencies, meet a revenue commitment. All 17 Microsoft technology competencies differentiate a partner’s specific technology capabilities, helping customers find qualified solution providers with expertise in discrete areas quickly and easily. Earning the Application Development competency helps partners differentiate themselves as a trusted expert to their customers through development and deployment of commercial or custom applications built using core Microsoft technologies like Windows Server and Windows 8 operating systems, the Windows Azure platform, Microsoft Visual Studio 2012 development system, Microsoft BizTalk Server and emerging cloud-based and web business models. By gaining access to a comprehensive set of benefits through the Application Development competency, partners can acquire new customers and help them be more productive and profitable through deployment of business applications, advanced web portals or rich client user interfaces that run on premises or in the cloud.

The Workplace of the Future with the WINDOWS COLLABORATION DISPLAY from SHARP Embedded 4K Camera (120 degrees FOV) and Array Microphone X 4

Capacitive Multi-touch Display with Direct Bonding

Built-in IOT sensors for smart space management solutions*

Front control buttons discretely located for easy accessibility.

As businesses reopen, teams today will be ‘working remotely’ and ‘in-office’ and have a higher expectation for better connectivity & collaboration. Joining a meeting in seconds with both video & audio available for in-room & remote attendees is the need of the hour. Sharp understands this need and have launched the world’s first certified Windows collaboration display (PN-CD701) that finds the perfect fit in the workplace of the future. * The availability of cloud service varies by country/region

 IoT connectivity



Advanced specifications



Teamwork centric design

8m High speed, High bandwidth

USB Type C Cable

Features effortless wireless device sharing from major platforms. Touch back available on Windows 10 & Android devices 70" Class (69.5" diagonal) Interactive Display System | 4K Ultra-HD UV2A Edge Lit LCD Screen | Projected Capacitive Touch Screen | 10-Point Multi-Touch Screen | Bundled high performance 8m USB Type C Cable for charging laptops, touch, video, audio and network signals | Modular 4K Camera with Microphone Array x 4 | IoT Sensor Hub with Motion, Light, Temperature/humidity & Air Quality Detection

REQUEST FOR A LIVE DEMO

www.sharpwcd.com

SHARP Middle East FZE P.O.Box 17115 Dubai, Jebel Ali Free Zone, United Arab Emirates, Phone: +971 4 8815311 Fax:+971 4 8816692, e-Mail: bsdmarketing@smef.sharp-world.com

CHANNEL

CyberKnight achieves over $10 million in bookings in 2020

(left to right) Avinash Advani, Founder and CEO at CyberKnight; and Vivek Gupta, Co-Founder and COO at CyberKnight.

CyberKnight, the pioneer of The Art of Cybersecurity Distribution, has announced its financial results for 2020 which ended on December 31st, 2020. The exceptional performance for a new company was observed during one of the most challenging periods in human history. Despite Covid-19’s unprecedented global impact, in its first year of operation, CyberKnight achieved more than $10 Million in revenue bookings, and is on track for exponential growth in 2021. Avinash Advani, Founder and CEO at CyberKnight noted that during Dubai’s real estate boom in the 2000’s there was a billboard which stated: It takes generations to build a world-class city; we did it in less than one. Deriving inspiration from these wise words, while being headquartered in the same city, CyberKnight observed other value-added-distributors take up to ten years to reach $10 Million; it has been able to do it in one. The organisaton went from startup to scale-up in 2020. The credit goes to the high-caliber team, who were emulating market-leading vendors to support the loyal Strategic Partners, as they advised Middle East customers. CyberKnight’s people worked diligently and efficiently over the course of the year, even during the lockdown working from home. The team demonstrated resilience, commitment and passion while wearing multiple hats in our dynamic startup environment.

Mark Thurmond, Chief Operating Officer, Tenable.

Ingram Micro recognises Tenable as Vendor of the Year

Tenable has announced it has been recognised as Vendor of the Year in the Networking and Security Divisional Award from Ingram Micro, the world’s largest wholesale technology distributor. The annual awards recognise dozens of technology providers for their outstanding engagement and work ethic, and unwavering commitment to grow more profitably together. Tenable’s investment in and commitment to the channel community is fundamental to its global go-to-market strategy. The Tenable Assure Partner Programme pairs the company’s risk-based vulnerability management solutions with world-class distributors, resellers and managed security service providers to help joint customers secure their highly dynamic IT and OT environments. As Tenable extends its position as a cybersecurity company, strategic channel partnerships like those with Ingram Micro will remain a top priority. Ingram Micro evaluated vendors across more than two dozen high-profile technology categories including cloud, business and consumer technology, advanced solutions and global markets. The winning partners were chosen based on a variety of criteria and key performance indicators, including collaboration, marketing and sales.

MEA

F E B R U A R Y 2 0 21

Juniper Networks introduces real-time performance tools

Gordon Mackintosh, Vice President of Global Channel and Virtual Sales, Juniper Networks.

Juniper Networks has announced a new global Juniper Partner Advantage Programme that introduces new opportunities for partners to capture business through Juniper’s AI-Driven Enterprise strategy. Most recently, Juniper Networks was named a Leader in the 2020 Gartner Magic Quadrant for Wired and Wireless LAN Infrastructure and positioned the highest for execution. This momentum will help partners achieve greater traction in the marketplace. Juniper is also offering sizeable rewards to Juniper Partners who boldly invest, which will match the significant investments Juniper is making in the Juniper Partner Programme and in Virtual Sales. With Juniper’s deal registration for partner-led sales having grown 65% year over year, Juniper has committed to expanded investments to help ensure this continues into 2021. Juniper investments will focus heavily on the following areas: l Growing profitability via partner-led business with more incentives l Additional Incentive Rewards l Growth and Partner-Led Rewards initiatives Further resources are earmarked to deliver increased levels of business simplicity with tools providing real-time visibility into Partners’ business with Juniper, digital marketing capabilities and a new automated Partner Support Service Programme. The 2021 JPA Programme also combines the Mist Partner Programme with JPA, offering a single programme structure and governance. Finally, new Partner Plus programmes will grant exclusivity, access to field readiness enablement and additional financial incentive including the Enterprise+ Partner Programme developed to accelerate and reward Enterprise sales, as well as several programmes and incentives that focus on growth for partner-led AI sales.

Distance is NO BARRIER

Introducing D-Link Smart Wireless Solution for Point-to-Point Deployment

ESD Surge Protection

DAP-F3711-I Range: Upto 5 Kms Antenna Gain: 15 dBi High-Power Wireless 5Ghz 11ac Bridge

2x2 MIMO

IP 65/66 Complied

Point to Point or Multipoint Application

Centrally Managed

TDMA+Polling Avoiding collision/ Interference between channels

DAP-F3704-I Range: Up to 5 Kms Antenna Gain: 10 dBi High-Power Wireless 5Ghz 11n Bridge

ACK Timeout adjustment Improves long distance Transmission

DAP-F3705-N Range: Up to 10 Kms Antenna Gain: 23 dBi High-Power Wireless 5Ghz 11n Bridge DAP-F3712-N Range: Up to 20 Kms Antenna Gain: 23 dBi High-Power Wireless 5Ghz 11ac Bridge

Intelligent Rate Control Improving stability of Bandwidth

Self Healing Useful in extreme noisy area

Connect to more |

CHANNEL

AVEVA, OEG partner on 3D cloud-based virtual training

Ravi Gopinath, Chief Cloud Officer and Chief Product Officer, AVEVA.

OEG has announced a significant new strategic learning partnership with AVEVA. The partnership will integrate OEG’s 3D advanced, remote learning content into the AVEVA Unified Learning offering to optimise and ensure remote operator safety and efficiency, which has become particularly important for industrial organisations during the current global pandemic. AVEVA Unified Learning delivers engaging off-the-shelf and customer training programmes for industrial operators, bringing together the latest technologies with sound instructional design to deliver competency-based experiential learning, empowering operators to perform better in less time. The OEG content will be used in conjunction with AVEVA’s Learning Management System and high-fidelity Operator Training Simulators to provide a library of on-demand, cloud-based, experiential courses for industrial customers to enhance the training of process operators. Today’s workforce is increasingly preferring to learn in an on-demand, self-paced manner versus a traditional classroom environment. This trend, fuelled by the challenges of the COVID-19 pandemic, is driving a shift in the training strategies of process manufacturing companies as more and more opt for a virtual environment.

Tenable celebrates a year as deepwatch’s partner

MEA

F E B R U A R Y 2 0 21

Tenable is celebrating a successful year as deepwatch’s preferred risk-based vulnerability management partner. The strategic partnership combines Tenable’s vulnerability management solutions with deepwatch’s innovative cloud SecOps platform and managed services to help joint customers see their systems, predict what matters and act to reduce risk, especially as they prioritise cloud computing. As their attack surface expands, organisations are increasingly turning to Tenable and its partners to reduce their cyber exposure. Integrated into deepwatch’s cloud SecOps platform, Tenable.io and Tenable.sc provide a risk-based view of customers’ entire attack surface, enabling deepwatch to quickly identify, investigate and prioritise vulnerabilities. deepwatch leverages Tenable’s Vulnerability Priority Ratings to determine the remediation priority of each flaw based on the risk it poses to the business. From there, customers are provided actionable remediation recommendations to ensure the most business-critical flaws are addressed first.

CLOUD

Lior Div, CEO and Cofounder, Cybereason.

Cybereason chooses Oracle Cloud to power defence platform Oracle has announced that Cybereason has adopted Oracle Cloud Infrastructure as its preferred platform to power the Cybereason Defence Platform and support its global expansion. The companies also entered into a partnership to jointly market and sell solutions. Cybereason’s leading endpoint protection platform is optimised for delivery via Oracle’s second-generation global cloud regions. The solution is available through Cybereason and in the Oracle Cloud Marketplace, where customers can search for available applications and services to find the best business solutions for their organisations. Enterprise customers will benefit from the Cybereason Defence Platform machine learning

prevention, detection and automated remediation capabilities, and the Oracle Cloud Infrastructure will provide global scalability with microsecond latency and lower costs. Key benefits of the partnership include: Improved security and risk posture, reduced operational costs for endpoint and desktop security, and increased productivity of security operations teams. Reduced time to detection and recovery from cyber incidents via architected-in security that reduces overall complexity, reduces the impact from human error, and improves response time with self-securing and adaptive defences. Build in the cloud with confidence leveraging integrated security and essential services to protect paths to data across cloud and on-premises deployments and support compliance and governance.

BIOS launches two new cloud zones in Saudi Arabia BIOS Middle East has established two new cloud footprints in Riyadh and Jeddah to serve customers in Saudi Arabia. These were built out in late 2020 using the VMware cloud stack which has been the core of BIOS’ UAE offerings in Dubai and Abu Dhabi since 2013. Along with the launch of the new zones, BIOS has also confirmed that the first set of customers have already been onboarded, providing it with strong reference accounts in financial services and healthcare sectors. The two new cloud zones allow companies in Saudi Arabia to keep all their data within the borders of the country, which meets with compliance requirements for many business sectors. Customers can now move their production workloads to the managed secure cloud platform with ease or take advantage of Gartner Magic Quadrant-rated disaster recovery services to another city. Following the successful model from the UAE, BIOS aims to help its customers in Saudi Arabia to eliminate their IT capital costs and reduce their operational costs while achieving a better service level. BIOS Middle East brings its ISO-certified cloud to organisations across Saudi Arabia, offering regional expertise in Infrastructure as a service and Disaster Recovery as a service. BIOS Middle East will operate datacentres in the key commercial centres of Riyadh and Jeddah but will continue to service organisations all over the country as they look to streamline operations and launch new digital services.

Dominic Docherty, Managing Director, BIOS Middle East.

MEA

F E B R U A R Y 2 0 21

SECURITY

Barracuda research reveals evolving spear-phishing tactics

Don MacLennan, SVP, Engineering and Product Management, Email Protection, Barracuda.

Barracuda has released a new report with key findings about the ways cybercriminals are adapting quickly to current events and new tactics. The latest report, titled Spear Phishing: Top Threats and Trends Vol. 5, Best practices to defend against evolving attacks, reveals new details about these highly targeted threats, including the latest tactics used by cybercriminals and the steps you can take to defend your business. The report takes an in-depth look at how attackers are quickly adapting to current events and using new tricks to successfully execute attacks: spear phishing, business email compromise, pandemic-related scams, and other types. It also tackles why organisations need to invest in protection against lateral phishing and other internally-launched attacks from compromised accounts, including solutions that use artificial intelligence and machine learning.

ATTACK TRENDS AND BEYOND Barracuda’s research reveals key takeaways about how these targeted attacks are evolving and the approaches cybercriminals are using to maximise their impact. l Business email compromise makes up 12% of the spear-phishing attacks analysed, an increase from just 7% in 2019. l 72% of Covid-19-related attacks are scamming. In comparison, 36% of overall attacks are scamming. Attackers prefer to use Covid-19 in their less targeted scamming attacks that focus on fake cures and donations. l 13% of all spear-phishing attacks come from internally compromised accounts, so organisations need to invest in protecting their internal email traffic as much as they do in protecting from external senders. l 71% of spear-phishing attacks include malicious URLs, but only 30% of BEC attacks included a link. Hackers using BEC want to establish trust with their victim and expect a reply to their email, and the lack of a URL makes it harder to detect the attack.

Palo Alto Networks finds BumbleBee webshell in xHunt In September 2020, Palo Alto Networks began investigating a Microsoft Exchange server at a Kuwaiti organisation that a threat group compromised as part of a continued xHunt campaign. This investigation resulted in the discovery of two new backdoors called TriFive and Snugy as well as a new webshell that we call BumbleBee. This name was used because the colour scheme of the BumbleBee webshell includes white, black and yellow. The actor used the BumbleBee webshell to upload and download files to and from the compromised exchange server, but more importantly, to run commands that the actor used to discover additional systems and to move laterally to other servers on the network. Palo Alto Networks found BumbleBee

MEA

hosted on an internal Internet Information Services, IIS, web server on the same network as the compromised exchange server, as well as on two internal IIS web servers at two other Kuwaiti organisations. There is still no information on the initial infection vector used to compromise the exchange server, as this appears to have occurred prior to the logs being collected. The Palo Alto Networks team observed the actor interacting directly with the BumbleBee webshell on the compromised exchange server of the Kuwaiti organisation, as this server was accessible from the Internet. The actor used Virtual Private Networks, VPNs, provided by Private Internet Access when

F E B R U A R Y 2 0 21

directly accessing BumbleBee on internet-accessible servers. The actor would frequently switch between different VPN servers to change the external IP address of the activity that the server would store in the logs. Specifically, the actor changed the IP address to appear to be from different countries, including Belgium, Germany, Ireland, Italy, Luxembourg, the Netherlands, Poland, Portugal, Sweden and the United Kingdom. The team believes this is an attempt to evade detection and make analysis of the malicious activities more difficult. It also observed the actor switching between different operating systems and browsers, specifically Mozilla Firefox or Google Chrome on Windows 10, Windows 8.1 or Linux systems.

SECURITY

Kaspersky’s cyber threat estimates for 2021 in the META region The world didn’t just change in 2020. It transformed so much so that it’s been hard to keep up. And, as any cybersecurity expert will tell you, when the external world transforms, cyberspace transforms with it. These same experts will also tell you that cyberspace isn’t ubiquitous. Every region must content not only with global trends but also countryspecific developments. In other words, true comprehensive security comes when a global perspective is supplemented with a regional one. That’s why, this year, in addition to the usual global KSB reports, Kaspersky is offering a series of local predictions to ensure that you can bring on a more secure 2021.

and this leads to an increase in traditional crime. The cyber domain has somewhat similar effects, and cybercrime will likely increase as an effect of weak economies. With that said, the increase will vary between a country and another depending on the average wealth, age, country-wide digitisation and so on. an increase in espionage-based cyber offensive. Geopolitics has been historically the primary contributing factor to influence cyber intrusions with an objective to steal sensitive data for national security purposes. Despite the current pandemic situation affecting the globe, geopolitical tension has significantly increased in the Middle East and Turkey at least since January 2020 and likely continued till the end of 2020.

GROWTH OF CYBERCRIME ATTACKS Main driver: economic turbulence and impact of Covid-19. Every country globally has had its own issues with varying impact INCREASE IN ADVANCED since the pandemic started. Economic turbulence stormed many PERSISTENT THREATS countries and had the most affection on countries who had weak Main driver: increasing geopolitical economy prior to the pandemic. Traditionally, weak economies tension across the board influencing lead to unemployment, social inequality, corruption and more,

Timely software updates can cut data breach costs in half According to a recent Kaspersky report, How businesses can minimise the cost of a data breach, enterprises with outdated technology can lose 16% more money in the META region when they suffer a data breach compared to those who update everything in a timely manner. For small and mediumsized businesses, the difference is even starker, up to 54%. The problem of obsolete and unpatched software is quite common and important for businesses to address, since nearly half of organisations use at least some form of out-of-date technology in their infrastructure. While vulnerabilities are inevitable in any software, regular patching and updates can minimise the risk of exploitation. That’s why users are always advised to install the latest software versions as soon as they are available, even if these updates can sometimes be difficult or a time-consuming task for organisations. With many businesses globally having at least some form of outdated technology, Kaspersky’s survey shows that organisations should prioritise renewing software and be prepared to invest because doing so could save them money in the long-term. If a data breach happens, enterprises with any form of outdated technology, including unpatched operating systems, old software and unsupported mobile devices, can suffer an additional $158k in financial damage, taking losses to a total of $1.152m. This is 16% more than the cost for companies with completely updated technologies, $994k. As for small and mediumsized businesses, they can lose an additional $33k. The total cost rises to $122k, 36% more compared to $89k for businesses with all required updates installed.

INCREASE IN DATA BREACHES Main driver: To cope with social distancing and fighting the pandemic, more companies are exposing their systems online with availability in mind to maintain their business as usual status, but without adequate security controls, leaving some type of databases and systems open to intruders. Data breaches occur when computer systems are left unpatched or improperly configured, at a corporate environment or at a cloud hosting provider.

Mimecast report shows steady increase in malicious files in GCC Mimecast has released a report from its Threat Intelligence Centre titled Arabian Peninsula as a Cyber Innovator and Associated Cyber Risk to Resilience in the Region. Jonathan Miles, Researchers have observed a month on Head of Strategic Intelligence at Mimecast. month increase in malicious files detected in the region over the course of 2020. The report highlights how between March and April, when Covid-19 first began spreading in the region and countries went into lockdown, there was a 93% increase in malicious files detected. There has been a steady increase in malicious files every month since then. The report provides a detailed overview of threats seen in the region over the course of this year, highlighting some of the technologies and regional dynamics driving increased cyber threats. It draws on data from organisations in Bahrain, Saudi Arabia, Kuwait, Oman, Qatar, and the UAE. The report finds that spam remains the most prominent vector across all sectors throughout the region. Malware-centric campaigns have been observed to continue quarter-over-quarter. And as observed in previous threat research by Mimecast, these campaigns are increasingly sophisticated and continue to use a diverse range of malware during the different phases of an attack. In terms of most targeted verticals in the GCC, between February and August, Mimecast researchers found that the most targeted sectors were professional services; transport, storage and delivery; and retail and wholesale.

F E B R U A R Y 2 0 21

MEA

SECURITY

Kaspersky finds 28% of UAE gamers hide from their parents that they game According to global research, Generation Game, commissioned by Kaspersky and conducted by Savanta in November, 28% of gamers in UAE are ashamed of how much they game and hide it from their parents. The research looks at gaming in 2020 across 17 countries and 5,031 respondents. It considers what dynamics between gamers and their parents have changed and what can be done to break down barriers and stigmas. According to the gamers surveyed, this gaming shame is due to stigmas that remain around it, such as bad for health or rotting your brain. The biggest disappointment for gamers globally is that while parents appreciate many of the positives like creativity, 44%, social skills, 52%, problem solving, 45%, they are not able to engage with them about their passion. In fact, 53% believe that if their parents got gaming, their overall relationship would be better. Respondents of Generation Game research were under 35, spread evenly across gender, age and socioeconomics within that, consider themselves gamers, and game at least 5-10 hours per week on a PC. The countries are Russia, USA, UK, Argentina, Brazil, Chile, China, Colombia, Germany, Italy, Mexico, Peru, Saudi Arabia, South Africa, Spain, Turkey and UAE.

Why you may not be ready for next SolarWinds type of attack

Nikesh Arora, Chief Executive Officer of Palo Alto Networks.

Instead of winding down at the end of the year, already strapped security teams were scrambling over the last week to ensure their organisations are safe in the wake of the SolarWinds disclosure. Attackers got in via a compromise of the Orion software build system, up to 18,000 customers of SolarWinds then unknowingly let them in. As the world focuses on the growing list of organisations that have been compromised, there’s also a growing list of those that believe they’re ok. Many have taken the approach that if they are not running SolarWinds, or a particular version of it, then they can go back to business as usual. I saw a security researcher post a picture of a whisky glass with ice and a cigar recommending other security folks to take a break, because he was fearful this could be a long winter. There is something wrong with this picture. Cyber activity is going to go up, not down. If we all thought cybersecurity was important before, 2020 made it more so. Your brick and mortar store is closed, your employees are all connecting from home, your entire business just went digital. Against this backdrop, SolarWinds has exposed infrastructure weaknesses in organisations. It’s amazing how many were struggling this week to figure out where they were running related products, and how many, and which were affected. Next time it shouldn’t take us so long.

MEA

F E B R U A R Y 2 0 21

Cyber insurer Marsh recognises Aruba security innovations

Tom Reagan, US Cyber Practice leader at Marsh.

Aruba, a Hewlett Packard Enterprise company, has announced that its ClearPass family of identity-based access control security solutions has been recognised for its ability to reduce risk by insurers in the Cyber Catalyst programme created by Marsh, an insurance broking and risk management. Cyber Catalyst by Marsh is a cybersecurity evaluation programme in which participating insurers independently evaluate cybersecurity products and solutions to identify those that they believe have the ability to reduce cyber risk. Developed with the goal of helping organisations make informed decisions about cybersecurity products, the Cyber Catalyst programme enables customers that adopt designated technologies to be considered for enhanced terms and conditions on cyber insurance policies from participating insurers. Aruba ClearPass joins Aruba Policy Enforcement Firewall, PEF, which received the designation in 2019, marking the second time in a row that Aruba security solutions have been recognised. Now, with both ClearPass and PEF having received the Cyber Catalyst designation, customers have an integrated identity-based network access control solution that is the foundation for both Zero Trust and Security Access Service Edge, SASE, frameworks.

SECURITY

MCAFEE EXPERTS CHALK OUT THREAT

PREDICTIONS

FOR 2021

SUPPLY CHAIN ATTACKS TO INCREASE

SolarWinds-Sunburst campaign is the first major supply chain attack of its kind and has been referred to by many as the Cyber Pearl Harbor that US cybersecurity experts have been predicting for a decade and a half. While some may argue that government agencies are legitimate targets for nation-state spy craft, the campaign also impacted private companies. Exactly what intellectual property or private data on employees has been stolen will be difficult to determine, and the full extent of the theft may never be known. What makes this type of attack so dangerous is that it uses trusted software to bypass cyber defenses, infiltrate victim organisations with the backdoor and allow the attacker to take any number of secondary steps. This could involve stealing data, destroying data, holding critical systems for ransom, orchestrating system malfunctions that result in kinetic damage, or simply implanting additional malicious content throughout the organisation to stay in control even after the initial threat appears to have passed. McAfee believes the discovery of the SolarWinds-Sunburst campaign will expose attack techniques that other malicious actors around the world will seek to duplicate in 2021 and beyond.

RISE IN CONNECTED HOME’S ATTACK SURFACE The year 2020 saw the global pandemic shift employees from office to home, making the home environment a work environment. Mil-

lions of individual employees have become responsible for their employer’s IT security in a home office filled with soft targets, unprotected devices from the kitchen, to the family room, to the bedroom. Many of these home devices are orphaned in that their manufacturers fail to properly support them with security updates addressing new threats or vulnerabilities. This contrasts with a corporate office environment filled with devices hardened by enterprise-grade security measures. We now work with consumer-grade networking equipment configured by us and lacking the central management, regular software updates and security monitoring of the enterprise. Because of this, we believe cybercriminals will advance the home as an attack surface for campaigns targeting not only our families but also corporations. The hackers will take advantage of the home’s lack of regular firmware updates, lack of security mitigation features, weak privacy policies, vulnerability exploits, and user susceptibility to social engineering. By compromising the home environment, these malicious actors will launch a variety of attacks on corporate as well as consumer devices in 2021.

from PC browsers and credit cards to mobile payments. According to research by RSA’s Fraud and Risk Intelligence team, 72% of cyber fraud activity involved the mobile channel in the fourth quarter of 2019. The researchers observed that this represented the highest percentage of fraud involving mobile apps in nearly two years and underscores a broader shift away from fraud involving web browsers on PCs. McAfee predicts there will be an increase in receive-based mobile payment exploits, since they provide a quick mechanism for fraudsters that combines phishing or smsishing messages with payment URLs. This could take shape in schemes where fraudsters set up a fake call center using a product return and servicing scam, where the actors send a link via email or SMS, offering a refund via a mobile payment app, but the user is unaware that they are agreeing to pay versus receiving a refund. In the same way that mobile apps have simplified the ability to conduct transactions, McAfee predicts the technology is making it easier to take advantage of the convenience for fraudulent purposes.

MOBILE PAYMENTS TO BE EXPLOITED

Mobile devices continue to be preferred devices for communication, messaging, entertainment, and quick transactions, and QR codes have emerged as a convenient input mechanism to make mobile transactions more efficient. The lack of user knowledge on how QR codes work makes them a useful tool for cybercriminals. They have been used in the past in phishing schemes to avoid anti-phishing solutions’ attempts to identify malicious URLs within

Mobile payments have become more and more popular as a convenient mechanism to conduct transactions. Additionally, the Covid-19 pandemic has driven the adoption of mobile payment methods higher as consumers have sought to avoid contact-based payments such as cash or physical credit cards. But fraudsters have followed the money to mobile, pivoting

QR CODE ABUSE

F E B R U A R Y 2 0 21

MEA

SECURITY

SUHAIL ANSARI,

DATTATRAYA KULKARNI,

Consumer Chief Technologist, McAfee.

STEVE GROBMAN, RAJ SAMANI,

CTO, McAfee.

Chief Scientist and McAfee Fellow, Advanced Threat Research.

email messages. They can also be used on webpages or social media. In such schemes, victims scan fraudulent QRs and find themselves taken to malicious websites where they are asked to provide login, personal info, usernames and passwords, and payment information, which criminals then steal. The sites could also be used to simply download malicious programs onto a user’s device. McAfee predicts that hackers will increasingly use these QR code schemes and also broaden them using social engineering techniques. For instance, knowing that business owners are looking to download apps that generate QR codes, bad actors will entice consumers into downloading malicious apps that pretend to do the same. But instead of generating a code, the app will steal the owner’s data, which scammers could then use for a variety of

MEA

SVP of Engineering and Operations, Consumer McAfee.

STEVE POVOLNY,

fraudulent purposes. Although the QR codes themselves are a secure mechanism, we expect them to be misused by bad actors in 2021 and beyond.

SOCIAL NETWORKS AS CORPORATE ATTACK VECTORS Cyber adversaries have traditionally relied heavily on phishing emails as an attack vector for compromising organisations through individual employees. However, McAfee has observed more sophisticated threat actors increasingly using social networks such as LinkedIn, WhatsApp, Facebook and Twitter to engage, develop relationships with and then compromise corporate employees. Through these victims, they compromise the broader enterprises that employ them. McAfee predicts that such actors will seek to broaden

F E B R U A R Y 2 0 21

Head of McAfee Advanced Threat Research.

the use of this attack vector in 2021 and beyond for a variety of reasons. Additionally, individual employees engage with social networks in a capacity that straddles both their professional and personal lives. While enterprises assert security controls over corporate-issued devices and place restrictions on how consumer devices access corporate IT assets, user activity on social network platforms is not monitored or controlled in the same way. As attack vectors go, for instance, LinkedIn messaging is not the first cyberattack vector of concern for the corporate security operations center, SOC. While it is unlikely that email will ever be replaced as an attack vector, McAfee foresees this social network platform vector becoming more common in 2021 and beyond, particularly among the most advanced actors. ë

SECURITY

CHECK POINT FINDS CYBER CRIMINALS LEAVING STOLEN PHISHING CREDENTIALS ONLINE

I, LOTEM FINKELSTEEN, Head of Threat Intelligence, Check Point Software.

ybercrime is a complex landscape, but when it comes to actually launching cyberattacks, there are three main techniques that criminals have relied on for decades to help them get around organisations’ defences and into their networks: phishing, credentials theft and business email compromise. According to Verizon’s Data Breach Investigation Report, these big three are the cause 67% of all successful data breaches globally. Check Point Research recently joined forces with Otorio to analyse and take a deep dive into a large-scale phishing campaign that targeted thousands of global organisations, revealing the campaign’s overall infection chain, infrastructure and how the emails were distributed. In August, attackers initiated a phishing campaign with emails that masqueraded as Xerox scan notifications, prompting users to open a malicious HTML attachment. While this infection chain may sound simple, it success-

fully bypassed Microsoft Office 365 Advanced Threat Protection, ATP, filtering and stole over a thousand corporate employees’ credentials. Interestingly, due to a simple mistake in their attack chain, the attackers behind the phishing campaign exposed the credentials they had stolen to the public Internet, across dozens of drop-zone servers used by the attackers. With a simple Google search, anyone could have found the password to one of the compromised, stolen email addresses: a gift to every opportunistic attacker.

INFECTION CHAIN The initial attack started with one of several phishing email templates. The attacker would send an email imitating a Xerox or Xeros scan notification with the target’s first name or company title in the subject line. Once the victim double-clicked the attached HTML file, the default system browser displayed a blurred image with a pre-configured email within the

F E B R U A R Y 2 0 21

MEA

SECURITY

document. Throughout the campaign several other phishing page variants were used, but the blurred background image remained the same. After the HTML file was launched, a JavaScript code would then run in the background of the document. The code was responsible for simple password checks, sending the data to the attackers’ drop-zone server, and redirecting the user to a legitimate Office 365 login page. Throughout the campaign, the code was continuously polished and refined, with the attackers creating a more realistic experience so the victims were less likely to have their suspicions aroused, and more likely to provide their login credentials. By using simple techniques, the attackers were also successful in evading detection by most Anti-Virus vendors, as can be seen from the following detection rates from the latest iteration of the campaign.

INFRASTRUCTURE This campaign utilised both unique infrastructure, and compromised WordPress websites that were used as drop-zone servers by the attackers. While using a specialised infrastructure, the server would run for roughly two months with dozens of XYZ domains. These registered domains were used in the Phishing attacks. We discovered dozens of compromised WordPress servers that hosted the malicious PHP page named go.php, post.php, gate.php, rent.php or rest.php and processed all incoming credentials from victims of the phishing attacks. Attackers usually prefer to use compromised servers instead of their own infrastructure because of the existing websites’ well-known reputations. The more widely recognised a reputation is, the chances are higher that the email will not be blocked by security vendors.

EMAIL DISTRIBUTION Analysing the different email headers used in this campaign allowed us to draw several conclusions regarding the Tactics Techniques & Procedures, TTPs, used by the attackers: The emails are sent from a Linux server hosted on Microsoft’s Azure The emails are often sent by using PHP Mailer 6.1.5, latest version from Mar 19 to May 27 The emails are delivered using 1&1 email servers Attackers used compromised email accounts to distribute spam through high-reputation phishing campaigns because the emails are harder to block. In one specific campaign, we

MEA

F E B R U A R Y 2 0 21

found a phishing page impersonating IONOS by 1&1, a German web hosting company. It is highly likely that the compromised IONOS account credentials were used by the attackers to send the rest of the Office 365 themed spam.

TARGETED ORGANISATIONS We found that once the users’ information was sent to the drop-zone servers, the data was saved in a publicly visible file that was index-

able by Google. This allowed anyone access to the stolen email address credentials with a simple Google search. The public availability of this data allowed us to create a breakdown of the victims according to their industry, based on a subset of approx. 500 stolen credentials.

DISTRIBUTION OF TARGETS Although there was a wide distribution of targeted industries, there appears to be a special interest in Energy and Construction companies. ë

COVER COVER STORY STORY

BIG DATA

BUILDING THE INFRASTRUCTURE AND APPLICATIONS Industries top executives present the specialised infrastructure, applications and skills to get returns from big data, data lakes, and analytics.

AHMED AL-FAIFI,

ABBOUD-GHANEM, Alteryx

SAP

IHAB FARHOUD, VMware,

ZIAD YOUSSEF, Schneider Electric

SHAFIQ UR REHMAN, Injazat

F E B R U A R Y 2 0 21

MEA

COVER STORY

ALTERYX

SIMPLIFYING DATA ANALYTICS WITH SELF SERVICE SOLUTIONS Alteryx democratises data through self-service, code-free predictive analytics, empowering employees to automate processes and eliminating manual work.

Pix for illustrative purpose only.

MEA

F E B R U A R Y 2 0 21

COVER STORY

ABBOUD GHANEM,

Regional Vice-President Middle East.

Alteryx has more than

6,955

customers around the world, and tens of thousands of users of the platform.

ompanies are sitting on troves of data, yet they tap into very little of it. Part of the challenge is that many companies cannot bridge the data gap. Too often the value of data is lost due to organisational silos, a clumsy patchwork of tools, and a limited number of data owners within the business. The Alteryx APA Platform provides a codefree, code-friendly self-service point of entry so that insight can be converted to action in the shortest possible time by getting the right data into the hands of the right people. And it also helps narrow the data skills gap by allowing companies to hire more broadly. For most businesses, getting the value out of data can be daunting. It is not always organised, accessible, or even usable - masking a wealth of transformational business insights needed to drive forward strategically. Empowering the workforce with the right tools is vital to beating the skills gap building this analytic divide. The Alteryx APA Platform democratises data through self-service, code-free predictive analytics and model scenarios. Empowering employees to automate analytic processes, enabling them to eliminate the manual work that slows down problem solving. Those in possession of these advanced analytic capabilities are beginning to stand head and shoulders above those who lack the capacity to interpret, embrace and strategically utilise data and analytics. All while facilitating the cultural and technological changes needed to upskill workers in data science disciplines. Alteryx has more than 6,955 customers around the world, tens of thousands of users of our platform, across every industry and every vertical, and every functional use case. The power of the Alteryx Platform is that it does not do one thing, it does many things. With over 260 building blocks in the platform, there are billions of problems you could solve. Our customers represent every department and every virtually every industry across the globe. In addition to the horizontal platform, Alteryx have solutions that support specific vertical applications in Public Sector, Financial Services, Healthcare and Retail. End users often start their analytic journeys with simple questions, however, are increasingly seeking answers to complex problems and looking to leverage the full range of advanced

analytic capabilities in our platform, including data science and machine learning to help them make better data-driven decisions that lead to top or bottom-line improvements, efficiency gains and perpetual upskilling. Businesses in the UAE are gaining knowledge from data by enabling data producers to analyse it for insights and make data-driven decisions. Alteryx is seeing a surge of interest in advanced data analytics within the UAE and has a proven track record of working with brands, including the Abu Dhabi Islamic Bank and Al Futtaim Private Company. Government-backed programmes, such as Smart Dubai will play a key role in accelerating digital transformation across the Emirate and helping further drive momentum of the market. The Alteryx Analytic Process Automation, APA Platform delivers end-to-end automation of analytics, machine learning, and data science processes; enabling the agility needed to accelerate digital transformation. With more than 260 automation building blocks, the Alteryx APA Platform provides businesses with an integrated solution that unifies the full analytic continuum, enabling self-service insights and automated actions. The code-free, code-friendly platform is designed to put automation in the hands of all data workers; it can automate analytics and data science pipelines, manage complex data-centric business processes and deliver actionable insights for stakeholders in every line of business. The Alteryx Partner Programme is separated into multiple channels: Value Added Resellers, Technology and Strategic Alliances. Resellers are further split into program tiers: Associate, Preferred and Premier. Alteryx strategic alliance partnerships include global system integrators, strategic consulting and advisory firms, independent software vendors, cloud and data platforms, and solution and augmented technology offerings that extend the platform and solutions. Alteryx works with over 20 partners for optimised integrations and solutions for a variety of independent software vendor solutions, data platforms and software-as-aservice, or SaaS, offerings, including Microsoft Azure Services, Amazon Web Services, Google, IBM, Oracle Salesforce, SAP and Snowflake. ë

F E B R U A R Y 2 0 21

MEA

COVER STORY

SAP

ANALYTICS AMONGST

TOP THREE INVESTMENTS IN THE REGION

According to a recent survey by Oxford Economics and SAP, the top three technologies seeing investment in UAE are AI 34%, IoT 33%, and analytics 27%.

T AHMED AL-FAIFI, Senior Vice President and Managing Director, Middle East North.

Using SAP S4HANA, organisations can find a

reduction in their data footprint, 100 times faster reporting 38

MEA

F E B R U A R Y 2 0 21

he coronavirus pandemic has accelerated the digital transformation of Middle East organisations to optimise costs, enhance employee and customer experiences, and drive busines competitiveness. While the Middle East C-suite understands the importance of Big Data in line with digital transformation, they need to work with knowledgeable and experienced technology vendors to identify the business cases, the right solutions that meet these business needs, and develop an iterative process that measures and adjusts the KPIs. Middle East organisations also face challenges in the CIOs presenting the financial case with a focus on total cost of ownership, and skills development. Not every employee needs to be a data scientist, but analytics are increasingly part of every employee’s job role. Using SAP S4HANA, organisations can find a 50% reduction in their data footprint, 100 times faster reporting, embedded AI technology for improved insight and performance, real-time advanced analytics for faster decisions, streamlined data display and consumergrade UX across devices, and ultimately a competitive edge. SAP SuccessFactors enables data-driven insights to make smarter talent management decisions faster – including listening to employees’ feedback, optimising benefits, and maintaining engagement. SuccessFactors supports core human resources, payroll, time tracking, benefits admin, and human resources service delivery. Organisations can adapt recruitment, onboarding, performance, compensation, succession, and development. SAP Customer Experience solutions can provide a superior and personalised omnichan-

nel commerce experience, allow organisations to know who their customers are and how they want to be treated, improve sales with better selling experiences, make service the heart of their customers, and treat marketing as a trusted source of business. Supporting Middle East organisations to run their Big Data and analytics solutions on the cloud, SAP has been the first multi-national enterprise application solutions provider to launch public cloud data centers in Saudi Arabia and the UAE. SAP also offers secure and privately managed cloud solutions via partners through the SAP HANA Enterprise Cloud platform, helping to accelerate growth through innovation. On a global level, SAP and Microsoft have announced an expanded partnership to enable customers to design and operate intelligent digital supply chain and Industry 4.0 solutions in the cloud and at the edge. The partnership, which includes a collaborative approach to standards, consortia, and open source, will shape the future of supply chain and manufacturing. SAP S4HANA Intelligent ERP system with embedded AI and machine learning is available on premise, in a public or private cloud, or in a hybrid environment. SAP Customer Experience solutions can deliver personal, trusted, and connected customer experiences. SAP SuccessFactors Human Capital Management Suite can enable your small business or midsize company to create a more flexible and engaged workforce that drives innovation, growth and a more resilient business. The SAP Business Network encompasses the SAP Ariba e-procurement and supply chain cloud solutions, the SAP Concur solution for travel and expense management, and SAP Fieldglass a cloud-based open Vendor Management System for the external workforce. ë

COVER STORY

32%

SURVEY BY OXFORD ECONOMICS AND SAP

are extending data governance policies across the business ecosystem.

A recent survey by Oxford Economics and SAP shows that since the start of the coronavirus pandemic, organisations are incorporating holistic management into everyday business strategy and operations.

27%

of organisations are investing in new technologies to analyse data.

34%

Top three technologies seeing investment are AI 34%, IoT 33%, and analytics 27%.

are retraining employees to work with data.

SAP QUALITY AWARDS FOR DIGITAL TRANSFORMATION n

The Gulf Cooperation Council Interconnection Authority used SAP S4HANA and SuccessFactors to maintain the GCC’s grid assets.

Saudi Ground Services deployed S4HANA and SuccessFactors to operate in real-time flight schedules, invoices, and sales, and experiences for more than 12,000 employees.

Saudi Industrial Development Fund replaced 70 legacy applications with real-time dashboards.

At the SAP Blue Ribbon event, Almarai, Maadaniyah, NEOM, and Olayan Group shared best practices in digital transformation.

Almarai deployed SAP S4 HANA to maintain the region’s food supply chain.

Maadaniyah deployed SAP S4 HANA to accelerate industrial production.

NEOM deployed SAP S4 HANA, SAP SuccessFactors, and SAP Ariba to enhance employee experiences.

Olayan Group adopted SAP SuccessFactors to integrate employee data from 40 companies.

Mobily using SAP customer experience solutions to energise its sales force automation.

Saudi Aramco announced a strategic alliance with SAP to expand the digitalisation of its ERP systems.

F E B R U A R Y 2 0 21

MEA

COVER STORY

IHAB FARHOUD, Director, Solutions Engineering, Middle East, Turkey and North Africa.

VMWARE

BIG DATA DRIVING CHANGE IN DATACENTRE POLICIES, WORKLOADS

With big data analytics, many use cases must be run in real-time for live analysis and this drives IT to change datacentre policies and learn new tools.

he rise in volume of big data is huge, inexorable, and is coming from everywhere, every second of the day. Just about every online service, from social networking sites to video streaming services, use big data and analytics to tailor and improve their services. All industries, from oil and gas, to medicine and education, are tapping the power of big

MEA

data and analytics to learn more about their operations, improve services and boost their business performance. Moreover, the continued growth in the number of connected devices, from smartphones and laptops, to IoT devices that live at the Edge, all feed demand growth of big data and analytics. Companies often encounter roadblocks

F E B R U A R Y 2 0 21

when implementing big data projects. These can include budget constraints, lack of IT expertise and risk of platform lock-in. Budget constraints and cost are the top reasons why many companies are shying away from deploying big data, according to a study performed by Deloitte. It can be hard to justify investing in new IT infrastructure to process large amounts of data, especially if the business

COVER STORY

Pix for illustrative purpose only.

IT must change datacentre policies and learn new tools to create, manage and monitor these new workloads

does not yet have an immediate business case. Processing big data workloads is different than processing typical enterprise application workloads, which means companies may find some skill and knowledge gaps when they embark upon big data projects. Indeed, big data workloads are processed in parallel, instead of sequentially. IT typically prioritises business critical workloads and schedules lower priority jobs in batches at night or when there is excess capacity. With big data analytics, many use cases must be run in real-time for live analysis and reaction. This forces IT to change datacentre policies and learn new tools to create, manage and monitor these new workloads. There’s also the issue of performance lockin: companies need to choose the right type of infrastructure to run their applications and data. Data Analytics offers insights into changes, new issues and situations, and their impact on everything around us, especially in cases like the pandemic. It will help organisations change the way they do things in preparation to deal and adapt to the new conditions successfully. Organisations in the public and private sector – from government departments and major utilities, to healthcare providers, retailers and financial institutions – increasingly rely on their ability to gather and analyse data effectively. Today, with advances in cloud and AI, organisations can adopt data analytics more easily and thus gain immense value from data. For example, healthcare providers can spot

trends in infection and recovery rates, which can help with establishing more effective policies and procedures at the government level, while retailers can analyse data regarding footfall and buying habits to cater to customers more effectively and increase sales. In the current scenario, data analytics can benefit most organisations by helping them gain a more complete understanding of the current situation. This in turn gives greater resilience – and the resiliency of services such as electricity and water, networks, finance, healthcare and security, and the distribution of government services, will be testament to solid insights supported by Data Analytics, good decisionmaking and technology. As enterprises embrace a multi-cloud strategy and data analytics, cloud service provider business has the opportunity to play a key role in helping simplify the complexity of today’s distributed, cloud-based world. To take advantage of that opportunity, cloud providers need to be able to focus more on high-value cloud services, and less on the complexities of managing infrastructure and custom tools. VMware is delivering innovations on the Cloud Provider Platform to help Cloud providers improve time to market, decrease cost of operations, and deliver differentiated services— from DRaaS to a developer-ready cloud. As a result of our partnership, access solutions are delivered as a service by AWS VMware’s preferred public cloud partner for all vSpherebased workloads, Azure, Google Cloud, IBM Cloud, Oracle Cloud and over 170 other VMware Cloud Verified partners around the world. VMware vSphere Big Data Extensions, or BDE, is a feature within vSphere to support Big Data and Apache Hadoop workloads, which enable huge amounts of data to be processed in parallel. BDE provides an integrated set of management tools to help enterprises deploy, run and manage Hadoop on a common virtual infrastructure. VMware has built BDE to support all major Hadoop distributions including Apache Hadoop, Cloudera, Pivotal, Hortonworks and MapR. Associated Apache Hadoop projects such as Pig, Hive and HBase are also supported. Customers can easily upload supported distributions of their choice and configure Big Data Extensions to deploy their preferred distributions and versions. Big Data Extensions provides differing levels of feature support depending on the Hadoop distribution and version you configure for use. ë

F E B R U A R Y 2 0 21

MEA

COVER STORY

INJAZAT

COMBINING BEHAVIOUR ANALYTICS, MACHINE LEARNING, AI Injazat has launched Cyber Fusion Center that integrates behaviour analytics, machine learning and provides a unified approach to neutralise threats.

toring, analysing, and utilising big data to drive efficiencies for customers continues to remain central to Injazat delivery model. Injazat’s traditional InCloud offering, for example, which is unique in the region with colocation Tier 4, multi-cloud capability and accommodating legacy infrastructure, remains a core business. But we are changing and using data in ever

MEA

new ways, catering to the digital platform economy by introducing new services and products including emerging technologies such as AI, IoT, and Big Data. Supplementing this, Injazat is co-creating new digital ventures with partners through Injazat Digital Business X DBX Division by utilising a unique methodology which combines design thinking, lean start-up and agile principles.

F E B R U A R Y 2 0 21

The team brings together Injazat’s product experts with a global ecosystem of partners to lead innovations and create digital platforms across key industries including Healthcare, Finance, Education, Smart Cities, Energy and Utilities. With a lot more people spending time online and working remotely, we have seen a clear increase in migration to the Cloud. According to a report by Deloitte, it is predicted that rev-

COVER STORY

Injazat is formalising partnerships with knowledge networks in academia and venture builders with a goal to accelerate innovation

Pix for illustrative purpose only.

SHAFIQ UR REHMAN,

Acting SVP Products.

enue growth in the cloud market will remain at or above 2019 levels that is, greater than 30% for 2021 through 2025 as companies move to cloud to save money, become more agile, and drive innovation. As a result, in particular Injazat traditional services - Injazat InCloud, Data storage, and Apps and Emerging Technologies have seen a surge in demand. Additionally, as users are accessing more end-devices and connecting from different networks often unsecure through remote work, Injazat clients are also presented with new threats. Enterprises are realising the need to ramp up their security infrastructure and are therefore on the lookout for cyber security tools and solutions that oversee every component of enterprise architecture as a whole. Security, particularly protecting information from cyberattacks and having a strong IT infrastructure that thwarts data breaches is a key parameter for CIOs and CISOs when choosing a technology partner. This also becomes a challenge if they are unable to find a solution that gives a holistic overview of cybersecurity processes.

To tackle these challenges, Injazat has launched the GCC’s first-of-its-kind Cyber Fusion Center that integrates behavior analytics and machine learning and provides a proactive and unified approach to neutralise potential threats. The platform leverages an artificial intelligence-based recommendation engine, which suggests remediation actions based on previous behavior patterns to reduce response times. Accelerated by Covid-19 and the UAE Government’s vision to become a leader in the digital economy, Injazat sees a lot of positive developments in sectors like Healthcare, Education, Smart Cities, and Energy and Utilities. Injazat has been driving the development of these sectors - through the launch of successful projects, such as Malaffi and Hassantuk, Injazat has been able to create digital platforms that create lasting value for the communities they serve. Yet another example is a recent partnership with the Department of Health – Abu Dhabi, DoH. Through the collaboration, they have jointly developed a Remote Care Platform that, amongst other functions, helps the DoH track Covid-19 cases and offer remote advice to Abu Dhabi’s more than three million residents. In December 2020, Injazat announced a strategic partnership with LTI, a global technology consulting and digital solutions company, to implement its new best-shore service delivery model. The model will provide Injazat’s customers with a hybrid of delivery approaches including onshore, best-shore, and cloud, and will further advance Injazat’s wider digital delivery ecosystem. Partnerships in Injazat ecosystem are diverse and global, ranging from technology partners like LTI to start-up hubs such as Hub71, Abu Dhabi’s Tech Startup ecosystem, and Born2Global Centre, a South Korean start-up hub. Injazat is also formalising partnerships with knowledge networks in academia and venture builders all with a singular goal to accelerate our clients’ innovation by orchestrating end-toend digital solutions. ë

F E B R U A R Y 2 0 21

MEA

COVER STORY

SCHNEIDER ELECTRIC

BUILDING DATACENTRES TO SUPPORT BIG DATA WORKLOADS

Organisations that will thrive in the future have a clear understanding of technology innovation, an ability to develop a single, integrated strategy.

B ZIAD YOUSSEF,

VP SECURE POWER MEA.

Big Data, artificial intelligence and machine learning are helping companies reduce risk and fraud

MEA

F E B R U A R Y 2 0 21

ig Data is driving the development of storage hardware, network infrastructure and new ways of handling ever-increasing computing needs. The most important infrastructure aspect of Big Data analytics is storage. Hence, datacentres have become an indispensable part of modern computing infrastructures. Today, datacentres need to be reliable, efficient and sustainable. Schneider Electric’s technologies focus on how datacentres can be built rapidly, whilst reducing energy consumption. These technologies also allow for remote monitoring and management of datacentres. And they also support up-and-coming innovations in Edge Computing, which is fundamental to rapid analytics for big data. Due to the accelerated shift towards digital driven by the Covid-19 pandemic, companies are increasing the amount of customer metadata and data collected and processed from multiple sources. Big data translates into an enormous number of metadata, so a traditional file system cannot support it. The amount of data increases rapidly, thus the storage must be highly scalable as well as flexible. Governments are accelerating the development of new infrastructure, such as 5G networks, datacentres, the Industrial Internet of Things and Edge Computing as part of twin strategies to ensure business continuity whilst planning for future rapid growth. According to the latest predictions from IDC, manufacturing will invest $6 billion in digital transformation by 2023. Government enterprise IT spending will top $8 billion in 2021, and annual security spending will top $3.6 billion by 2023 as digital trust becomes a priority. IT spending is forecast to increase,

and investments in digital transformation and innovation are estimated to account for 30% of all IT spending in the Middle East, Turkey, and Africa by 2024. Companies face a range of challenges whilst establishing or implementing network infrastructure: l Operating data retention and data analytics across multiple data center sites l Ingesting customer metadata and data from multiple data sources and processing it l Migrating to a software-defined network and virtual network functions with end-to-end automation l Meeting regulatory and legal requirements for data retention on a tight timeframe l Implementing application-driven policies across site deployments When it comes to handling big data, speed is important. How fast can you access and analyse your data? And that’s where Edge Computing comes into play. Edge Computing offers the promise of real-time analytics. And this can transform any organisation for the better. Globally and across the region telecommunications firms are ramping up 5G investments to bolster broadband capacity, which in turn is fueling the growth of new industries such as telemedicine and remote learning. There is an increase in businesses that are looking to fully automate their plants and warehouses, and consumers are increasingly accepting of innovations such as augmented and virtual reality as their ability to interact and travel changes. Big Data, artificial intelligence and machine learning are helping companies reduce risk and fraud, upgrade services and improve operations. In addition, technology is underpinning

COVER STORY

Pix for illustrative purpose only.

Due to accelerated shift towards digital driven by pandemic, companies are increasing the amount of customer metadata

Middle East countries’ vision to be able to offer smart classrooms and online learning that’s accessible 24 hours a day, seven days a week. Today, Ankabut, the United Arab Emirates’ Advanced National Research and Education Network, offers 16 services online for students and teachers in tertiary learning. Schneider Electric brings big data and IoT to datacentres with EcoStruxure IT, the next generation cloud-based Datacentre Infrastructure Management, which helps customers optimise infrastructure performance and mitigate risk by: l Providing visibility across the entire data center ecosystem, in the cloud and at the edge l Delivering insights with data-driven recommendations to improve availability l Enabling third party integrations in an IoT-enabled open architecture and platform Any best-of-breed technology concept is a mixture of hardware, software and services. And this requires partnerships, with global vendors, the best system integrators, and the best consultants. Schneider Electric works with

companies including Microsoft, Cisco, Intel and Accenture to complement its own technology to create solutions that solve specific market challenges, enabling customers to scale and accelerate their digital transformation. As a result of cross-referencing data at a new level to yield a bigger picture, new considerations for data level security might be required over existing IT scenarios. Storage should be able to handle these kinds of data level security requirements, without sacrificing scalability or latency. Schneider Electric works on datacentres across the world. An example in this region is Dataxion in Tunisia, North Africa’s largest data center. Another example is ADNOC’s Panorama Command Center, which houses the data from the Group’s operations and represents a single source of accurate and timely data from across the company’s entire value chain to help the organisation optimise its assets and infrastructure, as well as facilitate faster and moreinformed decision-making. The company’s data center technologies can be found in every industry and in every country. ë

F E B R U A R Y 2 0 21

MEA

INNOVATION

MOHAMMAD BIN SULAIMAN, CEO.

All entities, whether in the private or government, will focus on being

100

digital ready

MOVING TO DIGITAL TRANSFORMATION FROM ENERGY AND SUSTAINABILITY With competency in energy and utilities, DEWA’s Moro Hub is engaging with government, public, private sector enterprise offering DX solutions. A conversation with CEO Mohammad bin Sulaiman.

oro Hub is a tier one platform created to serve the digital transformation of DEWA and to enable the digital transformation of government and enterprises in the country. Moro Hub is not only for DEWA, not only for

MEA

the government, but we also speak to clients from the private sector, the banking sector and other conglomerates. The focus in not only on utility, not just government, but across all sectors. The vision of Moro Hub is to be the digital transformation

F E B R U A R Y 2 0 21

hub of choice. This is what Moro Hub is aiming to achieve through the enhancements it has put for both private and public sectors. For consulting, we do use specialists, but we also have in-house resources. We have people who have joined us from different companies

INNOVATION

All images for illustration only.

We are also a certified cloud service provider for Microsoft, Alibaba, Amazon

like Alibaba, GE and others. Whatever skillset is not available in the country, we leverage on partnerships with leading technology companies. Market disruptions Covid-19 has affected different sectors of the market, not only in the UAE, but across the world. Post Covid-19, the area will be different. We are lucky in the UAE and Dubai that the government has created initiatives and mandates, a long time back, to digitise the opera-

tions for businesses here in the country. So, when the lockdown started here in the country and globally, UAE and Dubai specifically, we were one of the readiest cities in the world. This journey is going to continue and will be accelerated. All entities, whether in the private or the government sector will focus on being 100% digital ready. Smart city solutions driven by IoT, are the most exciting behind IoT. After capturing the data from the sensors that you install every

F E B R U A R Y 2 0 21

MEA

INNOVATION

All images for illustration only.

2021 we aim to offer a second layer, which is solutions on top of cloud

MEA

F E B R U A R Y 2 0 21

where, based on the data you analyse behaviour and give the right consultation and advise to the decision makers. DEWA has been launching initiatives and encouraging people to adopt the renewable energy. When we talk about storage of energy, it is new and evolving, so it is expensive. In October 2020, Moro Hub integrated the first data center in the region that is powered by solar energy. The understanding is there, it just requires that people adopt these renewable initiatives and technologies. We have initiatives today, in water and electricity, to reduce the loss of power and water. DEWA has started for a number of years, in the implementation of their digital grid. All the water meters that are installed in Dubai are smart and by the end of this year all the electric meters will also be smart. So, meters are a good start to give some intelligence to the users and also to the service providers to reduce the consumption of electricity. This also gives the intelligence and information to DEWA to build its smart network. It is still too early to talk about autonomous driving on the main roads in the country, because it is still under trial in many other countries. However, with 5G in the country this is going to enable and accelerate autonomous

driving and of course legislations need to be put in place, as this is something new and the system and processes should also be relooked. Once the legislation is relooked this will be fast track and going to be implemented soon. Datacentres and cloud Moro Hub started with infrastructure so we do have the market in cloud. Besides that, we are also adopting the hybrid cloud strategy. This means if there are some services that cannot be made available on the local cloud, because of cost mainly, we do offer it to our clients through the hyperscale model with partners like Alibaba, Microsoft, Amazon and Google. In terms of infrastructure cloud, we are ready. In terms of processes and all these areas, we do have partnerships with top tier technology companies to offer Internet solutions to our clients. For the launch of the green data center, we have moved ours and our client’s infrastructure to the green data center. We can claim that a number of our clients are now using green energy and achieving their sustainability objectives. We are focusing on next year and this year we have established an infrastructure with multiple cloud offering for our clients In 2021, we aim to offer a second layer, which is basically solutions on top of cloud. These

INNOVATION

We are offering VMware Cloud, Huawei Enterprise Cloud, IBM Power Series, Google Anthos Cloud

would be all types of solutions, including smart city and cyber security solutions. Cyber threats are increasing and it is very important that we protect customers, and offer the capability and technology that we have to accelerate their performance. We are offering VMware Cloud, Huawei Enterprise Cloud, IBM Power Series, Google Anthos Cloud, running out of Moro Hub data center. There are definitely some solutions that run on one cloud and cannot run over other cloud. It is an enterprise multi-tenant cloud and it is not a public cloud. As a cloud service provider, we have also been certified by Dubai Electronic Security

Center, which looks after the cyber security here in Dubai. We are certified by them as a cloud service provider. At Moro Hub we have several partners to be a single-stop-shop for our clients, and for all kinds of digital transformation solutions There are certain modules or certain applications where the customer has no concerns to run it over public cloud, and certain applications that are available only to run on public cloud like cognitive services. We are also a certified cloud service provider for Microsoft, Alibaba and Amazon. We do have some entities in the government sector that are using certain applications from the public and we are running it and managing it on Alibaba. ë

F E B R U A R Y 2 0 21

MEA

REAL LIFE

Dubai’s RTA, Huawei launch digital nol cards and mobile app Dubai’s Roads and Transport Authority, RTA, and Huawei Consumer Business Group have announced the exclusive launch of the GCC’s first digital nol cards and nol Pay mobile app on HUAWEI AppGallery. This collaboration is in line with the RTA’s plan to adopt advanced and innovative technologies into Dubai’s transport sector as part of the UAE Strategy for the Fourth Industrial Revolution. Huawei is supporting RTA’s initiative and wider UAE strategy by leveraging its knowledge and experience as one of the world’s leading innovation and technology companies. This was announced during a ceremony attended by Pablo Ning, President of Huawei Consumer Business Group in the Middle East and Africa, and Jerry Liu, CEO of Huawei in the UAE. Huawei smartphone users in Dubai can now access the region’s first digital nol card through HUAWEI AppGallery. The new app allows users to buy tickets for Dubai Metro, water buses, trams and more through nol Pay app and HUAWEI Wallet. They can also recharge their digital nol cards through the app directly. Customer payments are safe with HUAWEI AppGallery’s stringent full-cycle security and protection system that meets the highest international standards to ensure the privacy of consumers. Users can download the app directly from HUAWEI AppGallery then log-in with their Huawei ID using the HUAWEI Wallet to top up their digital nol cards and pay on-the-go through their phones. The nol Pay app adds to HUAWEI AppGallery’s portfolio of transportation apps and provides consumers with ample choice to help them get to their destination.

Iberia Maintenance selects Ramco Aviation to unify operations Global Aviation software specialist Ramco Systems has announced that it will implement its flagship aviation software, Ramco Aviation M&E MRO Suite for Iberia Maintenance, one of Europe’s MRO service providers in IAG Group. Ramco Aviation Software will replace multiple systems to unify operations across airframe maintenance, engine shops, component shops Andy Best, Virender Aggarwal, and supply chain. In addition, CEO, Ramco Systems. Chief Technical Officer, Iberia Maintenance. Iberia Maintenance would also benefit from digital enablers such as mobility via AnywhereApps, The technology transformation programme will enable Iberia HUBs, Artificial Intelligence, Maintenance to future-proof its business growth while offering dashboards and integration to simplified user experience driving better user adoption, increase ecosystem offerings powered by process automation and self-service, among others. Ramco. Implementing this new ERP brings four important advantages

for Iberia MRO: first, maximum mobility in accessing documentation and assigning maintenance tasks online, among others; second, information and real-time update of the work carried out on the aircraft; third, the reliability and agility of having a single source of information for Iberia MRO production management system and, finally, a much more sustainable and efficient paperless solution, as Ramco Aviation ERP eliminates printing and scanning for tasks to be performed. This new ERP developed by Ramco will be used by more than 3,000 Iberia maintenance personnel. A 50 people team will work in its implementation project.

F E B R U A R Y 2 0 21

MEA

REAL LIFE

Indra Zulardi, Infrastructure Network, System and Virtualisation specialist, Royal Court, Bahrain.

Royal Court in Bahrain implements Nutanix hybrid cloud solution Nutanix has announced today that the Royal Court in Bahrain has implemented Nutanix Clusters that provide a highly available hybrid cloud Infrastructure for Virtual Desktop Infrastructure and critical end-user applications. The solution has increased uptime, simplified operations with an integrated management platform, increased security of the infrastructure and substantially lowered operating expenses. After much market research that helped Indra Zulardi, Infrastructure Network, System and Virtualisation specialist, Royal Court Bahrain, and his team better understand HCI technology

providers and how they performed relative to their stated visions, the decision was taken to sign up for a 100-user trial of VMware Virtual Desktop Infrastructure that ran on the Nutanix Clusters. Nutanix has accelerated and improved the end-user experience. Nutanix also made it easier to scale the IT infrastructure as needed because it allowed the roll-out of new virtual machines and capacity to existing VDIs as needed. Still, there was one more factor to consider: cost. With traditional desktops, the budget for operating expenses had to keep increasing every year to purchase new hardware. Switching to Nutanix eliminated this expense, thus substantially lowering annual costs. Buoyed by the success of the initial trial, a decision was taken to increase the VDI user base to 500 employees and subsequently the project was further expanded with the objective that everyone at the Royal Court will be moved to VDI by the beginning of 2023. The IT infrastructure is more secure because all the VDIs, the applications and data they contain reside in the data centre. Indra Zulardi and his team can manage updates and upgrades from a central location and spin up more capacity whenever users need it. Files no longer go missing because they are centrally stored, automatically backed up, and retrievable from any computer with access to the network. The application base has also been standardised. Royal Court users are restricted to Microsoft 365, Microsoft Exchange, SAP, and a handful of apps required by some specialists.

EGS selects Huawei to build digital command and control centre Huawei has signed a strategic MoU with Emirates Group Security, EGS, to build a digitally-driven Command and Control Centre, incorporating cutting-edge technologies and video cloud solutions to amplify its surveillance and security capabilities. Emirates Group Security is the industry leader in aviation security and is solely responsible for handling the security services and implementation across the entire Group. Emirates Group Security has been a leader in its application of cutting-edge technologies and has been continuously improving systems to improve the industry’s response to different safety and security issues. Huawei’s partnership with EGS will enhance its existing infrastructure by extending EGS’s Solution Architecture and Design, ensuring that the Video Surveillance Solution and Command and Control Centre platform will form a reliable security model in the UAE aviation sector. The collaboration between the companies will also promote an exchange programme that covers security, technology, training, education, and other relevant topics. The exchange programme will mutually focus and aim to heighten security talent development and foster innovation. EGS’s and Huawei’s shared values of striving for business excellence and continual improvement in every aspect of security operations led to the joint-venture. The holistic approach in the advancement of video cloud solutions and enhanced surveillance systems will strengthen security screening and equip the staff to operate at a higher level of precision. The two companies will also work together to represent the realm of general and aviation security technology during local and global events, such as GITEX, AVSEC Global Symposium, Huawei Global Connect, amongst other upcoming events.

MEA

F E B R U A R Y 2 0 21

REAL LIFE

Amman Stock Exchange deploys Nutanix cloud platform BNP Paribas deploys Orange’s SD-WAN solution in 1,800 branches

BNP Paribas has chosen Orange Business Services to deploy an SD-WAN solution in more than 1,800 bank branches across France. By integrating Flexible SD-WAN from Orange Business Services, BNP Paribas benefits from a modern and agile technological platform to accelerate its digital transformation. This enables quick and easy deployment of multiple services, such as dynamic routing and path selection, with scalability and flexibility. It also empowers administrators to monitor infrastructure performance and resolve potential network congestion through simple software modifications, thereby optimising application performance. By deploying SD-WAN, BNP Paribas can take advantage of a fully secure hybrid network that is natively multi-cloud, multi-access and multi-application. The bank will also benefit from optimised and centralised management and intelligent routing for its new infrastructure. From the start of the project, experts from Orange Business Services and BNP Paribas built the solution design together and prioritised the features to be deployed. More than 3,600 access lines two per branch, including one Internet access line are currently being rolled out with a focus on maintaining business continuity for each site during the migration. In addition to the SD-WAN overlay, firewalls for enhanced security are also part of this deployment.

Eng Fadi Sodah, Director, Information and Communications Technology, Amman Stock Exchange.

Nutanix, a player in enterprise cloud computing, has announced that Amman Stock Exchange Company, ASE, has successfully deployed its hyperconverged infrastructure-based cloud platform. The solution, which was expertly implemented by PROTECH, has eliminated hardware maintenance fees of over $35,000 annually and significantly reduced operating expenses due to lower data centre energy consumption and space requirements. It has also enhanced the performance of mission-critical applications such as ASE’s website, resulting in improvements in end-user satisfaction and reduction in IT helpdesk complaints. It also delivers high availability and makes zero recovery time objectives and recovery point objectives possible as Virtual Machines, VMs, can be effortlessly migrated between primary and disaster recovery sites. Nutanix has enabled ASE to consolidate its compute, storage, and networking into an all-in-one platform that is easily controlled and monitored via a single dashboard. Eng Fadi Sodah, Director, Information and Communications Technology at Amman Stock Exchange highlighted that the solution’s self-healing, patching, data protection, replication, policy enforcement, and event logging features have been especially beneficial to his organisation.

The Knowledge Hub implements wireless solutions from Aruba The Knowledge Hub Universities, TKH, a multidisciplinary educational hub has deployed wired and wireless networking technology from Aruba, a Hewlett Packard Enterprise company. The solution enables utilisation of the latest digital learning tools and connected campus security systems. It offers a convenient Guest Portal for rapid, secure and controlled internet access and enables users with seamless roaming across the campus. Network performance issues or negative feedback from staff and students have been eliminated and the system enables seamless centralised management of networks across the entire campus. Starting with the first phase con-

to facilitate bring your own device, BYOD, for students in a controlled and uncompromisingly secure manner, the University implemented Aruba ClearPass. TKH also decided to leverage Airwave Network Management to centrally monitor and manage the entire network so that the quality and integrity of services could be maintained at consistently high levels. To deliver its digitally oriented curriculum, TKH makes use of several digital tools including a Learning sisting of different buildings with more than 60 classrooms, 20 lecture Management System, LMS. TKH is halls & workshops and 250 staff offices as well as recreational facilities already in discussion with Aruba to extend the network for the upcomand common areas, TKH worked closely with Aruba to implement ing phase of the project which will Layer 3 switching and wireless Access Points, APs. involve expansion into a further five To deliver secure access for professors and admin staff while providing convenient wireless connectivity for visitors and guests, and buildings.

F E B R U A R Y 2 0 21

MEA

REAL LIFE

NHS SCOTLAND USES SERVICENOW TO MANAGE VACCINATIONS IN RACE AGAINST TIME

erviceNow announced that NHS Scotland is using ServiceNow’s Now Platform as the digital backbone of its programme to rapidly roll out the vaccine to protect citizen health in the fight against Covid-19. NHS Scotland’s vaccine management system, developed on the Now Platform, integrates and digitizes the entire vaccine administration process. Launched nationwide on January 20, the system enabled NHS Scotland to hit the ground running, scheduling 220,000 vaccination appointments in the first 12 hours. Developed in partnership with ServiceNow, NHS Scotland’s vaccine management system represents a seismic shift in the response to Covid-19 as it assists with allowing the entire vulnerable population of Scotland to be protected quickly and efficiently, leading to an anticipated easing of lockdown. The vaccine management tools provided by ServiceNow have been vital to expediting Scotland’s vaccine efforts as we enter what we hope will be the final stages of the fight against Covid-19. To meet the demand for vaccinations in a timely and safe manner, NHS Scotland required an extensive system to drive the Scottish Government’s ambition to vaccinate 5.5 million citizens in just three months. Built on the ServiceNow Now Platform, in just six weeks, NHS Scotland’s vaccine management system enables the scheduling and recording of vaccinations for all 5.5 million citizens and allows the general population to book their own appointments through a Citizen Portal.

The system enabled NHS Scotland to schedule

220,000 vaccination appointments in the first 12 hours

MEA

F E B R U A R Y 2 0 21

Scotland’s response to Covid-19 has been supported by ServiceNow’s platform at every stage of the pandemic. NHS Scotland used ServiceNow Safe Workplace suite of apps to quickly develop effective national contact tracing systems, manage PPE inventory throughout the country, and keep track of Scotland’s testing data. In this next phase, it is using the Now Platform to roll out its Vaccine Management programme, to manage its country wide vaccination programme. ServiceNow has been a strategic partner in helping NHS Scotland respond to each phase of the Covid-19 pandemic, from monitoring our PPE levels to managing contact tracing challenges. With more than 15 billion Covid-19 vaccines required worldwide, managing the vaccine process is one of the most significant workflow challenges of our lifetime. Because of the agility of the Now Platform, NHS Scotland was able to develop and deploy its vaccine management solution in just six weeks. ServiceNow will continue to introduce new solutions to support organisations’ vaccination efforts. ë

Built on the ServiceNow Now Platform, NHS Scotland’s vaccine management system enables scheduling and allows population to book appointments.

REAL LIFE

PAUL SMITH,

EMEA President, ServiceNow.

NHS Scotland required an extensive system to drive vaccinations of

5.5mn citizens in three months

F E B R U A R Y 2 0 21

MEA

CHANNEL STREET

ORACLE

WHY ORACLE CLOUD ISVs MAKE THE BEST GAINS ON OCI Graphic for illustrative purpose only

Oracle ISVs may find the best gains by hosting their cloud solutions or second-generation Oracle Cloud Infrastructure, explains Oracle’s Ahmed Adly.

AHMED ADLY,

Technology Solutions and Cloud Engineering Senior Director, Middle East Africa.

ecently, we have seen accelerated momentum in ISVs opting to move their application to Oracle Cloud Infrastructure. Globally, big names went into this direction and in the region, we see the same trend specially with the expansion in launching Oracle cloud regions. This gives the ISVs the regional reach they are looking for. The ISVs are doing this to open new market

MEA

F E B R U A R Y 2 0 21

opportunities by using cloud as agile go to market approach rather than continue trying to deploy on customer data centers or dedicated hardware. ISVs moving to Oracle Cloud Infrastructure take one of two approaches; they either offer their applications as SaaS running on top of Oracle PaaS and IaaS or they enroll their application in Oracle Cloud marketplace which is a curated catalog of click-to-deploy ISV solutions available to be deployed on customers’ tenancies. ISVs deploying their applications on Oracle Cloud Infrastructure enjoy a significant price advantage in the market as they do achieve superior economics generated from the priceperformance gains. This is due to the advantage of being able to get higher performance with lower costs. The second critical benefit they enjoy is cost predictability to plan their budgets and run their business. Running workloads in the cloud can make it extremely difficult to forecast cost over time accurately. Oracle ISV programme secured for them a simple rate structures that eliminates cost surprises associated with hardto-estimate usage elements like data egress and storage performance. The orchestration of updates and patches is

handled as part of the overall enterprise SLA that Oracle provides to ISVs to ensure they benefit from unmatched availability, manageability, and performance. These SLAs work in back-to-back agreements between ISVs and Oracle. They leverage this from day one when going to the market and show to their customers superior benefits that they automatically inherit when running on Oracle Cloud Infrastructure. This assures their customers that the ISV application are in continual operation with Oracle’s commitments to uptime and connectivity. Mission-critical workloads also require consistent performance, and the ability to manage, monitor, and modify resources running in the cloud at any time. Only Oracle offers ISVs an end-to-end SLAs covering performance, availability, manageability of services. Benefits of Oracle Cloud Infrastructure to partners is not limited to price advantage or superior technical solution but also extends to full essence of partnership by running joint marketing and sales go to market programmes with Oracle to create brand awareness, campaigns and product momentum. We also offer lead sharing, which allows ISVs to nurture prospects and create an ideal buying experience for their customers. ë

Why is Data Recovery Important? Protect your CCTV video recording with SkyHawk’s included rescue plan

3-year Rescue Data Recovery Services. Under the protective wing of Skyhawk, losing key evidence or video due to vandalism, viruses, For SkyHawk products

Surveillance Rescue DriveCare

accidents and natural disaster are no longer the end of the world.

MARKET LEADER IN SURVEILLANCE STORAGE Seagate has dominated the data storage industry for 40 years, because we understand your unique data storage challenges.

LEARN MORE seagate.com/gb/en/internal-hard-drives/hdd/skyhawk

marketing@asbisme.ae

TRENDS

Dor Zakai, EMEA Senior Director for Solutions Engineering, NGINX at F5.

Libby Meren, NGINX OSS Evangelist.

Apps built with microservices increased by 20% in 2020, NGINX The push towards modern application environment is gaining strong momentum, according to new research by open-source pioneers NGINX. The sixth annual survey of NGINX’s extensive open-source user community found that the proportion of applications being built with microservices jumped from 40% to 60% in the past year. At the same time, more than 50% of the 600 respondents indicated that they were using microservices in some or all apps The survey also revealed that containers are twice as popular as other modern application technologies. Moreover, 34% of respondents said that they were using containers in their production environment, compared to serverless, 15%, and service discovery, 7%. NGINX’s research resonates with Gartner’s recent

MEA

prediction that 75% of global organisations will be running containerised applications in production environments by 2022, up from less than 30% today. A further indication of this shift is that 14% of respondents plan to embrace service meshes in the next year, a 50% jump from the number currently doing so. As it stands, public cloud remains the most popular infrastructure option for modern app tools, 55%, followed by Infrastructure-as-a-Service, 23%, serverless computing, 13%, and private Platform-as-aService, 11%. Organisations are also steadily moving away from on-premises load balancers, with 24% now using software-based load balancers and 19% sticking with hardware. NGINX’s community survey responses

F E B R U A R Y 2 0 21

indicate that the latter is set to drop to 15% in the next year. While microservices adoption is clearly on the rise, so too are the challenges. Key concerns include security, 50%, reliability and availability, 39%, system failure, 39%, and performance, 34%. Half of respondents also noted that application development challenges keep them up at night, particularly in terms of scale, speed, quality, tooling, and language selection. Against this backdrop, API gateway management is likely to grow the most in the coming year, almost doubling from being used by 14% of organisations today, to a predicted 22% by next year. Organisations are also starting to invest more in solutions such as WAF, 7% and service delivery 11%.

TRENDS

MarketsandMarkets says ME cybersecurity market worth $29.9B by 2025 According to the new market research report Middle East Cybersecurity Market published by MarketsandMarkets, the Middle East cybersecurity pre-Covid-19 market size is projected to grow from $16.1 billion in 2020 to $28.7 billion by 2025, at a CAGR of 12.2%, whereas the post-Covid-19 market size is projected to grow from $15.6 billion in 2020 to $29.9 billion by 2025, at a CAGR of 13.8% during the forecast period. The cybersecurity solutions and services help companies to protect their endpoints, network, ICS, and cloud environment from advanced threats such as malware, ransomware, DDoS attacks, and Advanced Persistent Threats. Moreover, increasing demand from SMEs operating across diverse industry verticals and countries is expected to drive the market growth during the forecast period. The network security segment is estimated to have the largest market size during the forecast period in the Post-Covid scenario. With the growth of Covid-19-related adaption in remote working practices, the network of enterprises in the Middle East

has been jeopardised. Organisations are adopting measures to combat the situation and are collaborating with security vendors to manage the situation effectively. Increasing vulnerability on the network in the energy and utilities, BFSI, and IT and ITeS industry verticals are triggering the growth of the Middle East cybersecurity market. The healthcare industry vertical is expected to contribute the largest market share and expected to grow at the highest CAGR from 2019 to 2025 in the Middle East cybersecurity market due to the technological proliferation

of healthcare applications and increased instances of data thefts in the sector. The government and defence sector is expected to grow at the second-highest CAGR from 2019 to 2025 in the Middle East cybersecurity market, due to increasing instances of cyberattacks on the government sector and the government-regulated oil and gas companies. The demand for cybersecurity solutions is rising, as the adoption of these solutions provides advanced protection from cyber threats without affecting the operational efficiency.

Rise in remote work opens up security holes, BeyondTrust report BeyondTrust, a player in Privileged Access Management, PAM, has released the results of a commissioned study conducted by Forrester Consulting. The study was titled as Evolving Privileged Identity Management, PIM, In the Next Normal, November 2020. The study was commissioned by BeyondTrust to evaluate PIM challenges in the new normal created by the Covid-19 pandemic. The Covid-19 pandemic imposed an immediate and massive shift to a remote workforce. This created new vulnerabilities by expanding organisations’ attack surfaces. The pandemic has created a situation where virtually all remote employees need privileged access to perform their jobs and has hastened the identity as the new perimeter paradigm. This survey uncovers the requirements for cre-

ating a secure remote workforce that protects the business with PIM in the post-Covid era. Key findings include: The impact of Covid-19 on the acceleration of the remote workforce l 91% forecasted increase in size of remote workforce, versus 45% before the pandemic l 53% of US workers reported willing to work from home more, even after the pandemic is over The inadequacy of perimeter-based network security and legacy remote access technologies, like VPN, in securing remote workers l 83% believe the increase in remote workers increases the risk of a security incident l 47% rank Preparing for an Increasingly Remote Workforce as a Top 5 security priority for 2021

Morey Haber, CTO and CISO, BeyondTrust. A comprehensive PIM solution mitigates threats by protecting privileges across accounts, endpoints, and access pathways l 91% of respondents agree that PIM plays a crucial role in securing remote workers l 86% of respondents say their organisations will invest more in PIM over the next two years to address the risks related to remote working l 56% report that improved IT administration efficiencies are the top benefit of PIM

F E B R U A R Y 2 0 21

MEA

GUEST COLUMN

FIVE NEW TRENDS IN TRAVEL AND HOSPITALITY

Changing nature of travel means that organisations will need to look differently at customers and their organisational structure, writes by Paul Armstrong of AWS

rganisations are looking at global trends and early indicators of the nature and scale of recovery, and what form this could take. It is a reality that the nature of travel will change, with simplified passenger experiences, fewer flight options, less choice for customers and increased costs, with less available income. This level of change will mean that organisations will need to look differently at customers and their organisational structure. However, technology will have a critical part to play in transforming the end-to-end customer experience, with new enforced business processes and enhanced data to drive customer confidence. These are five trends to consider in the new normal in travel and hospitality:

TOUCHLESS OR VOICE Re-envisaging the end-to-end customer experience with increased biometric controls may become the norm. Use of voice and video to drive a contactless experience along with contact tracing may become more prominent. Voice will be used more extensively for information exchange and controls, with image recognition being adopted more widely to automate registration, check-in and moving through security areas. The active use of this technology is important as organisations establish new working practices and interactions with customers by identifying every touch point of the journey and looking at how security and access controls can be contactless and provide a rich interactive customer experience. For example, when checking in to a hotel, a customer would receive a notification alert of the deep cleaning of a room. They can confirm and check in on a mobile device, identifying luggage and arrival method, which then provides the virtual room key. Once activated, any access to the room is notified to the customer. This is a very simple scenario, but identifying every touch point of the journey and looking at how security and access controls can be contactless to provide a rich interactive customer experience. This will be similar when considering the arrival at an airport, from parking through check-in, border controls through to boarding. How will airlines and airports collaborate to provide a

MEA

F E B R U A R Y 2 0 21

Having capable secure, scalable solutions will be key in providing low-cost secure home working environments rich, integrated contactless experience? Elenium, built on AWS, has developed contactless check in and health screening kiosks at airports leveraging several AWS services including Amazon Rekognition. We expect to see measures such as this gain interest across travel, hospitality and beyond.

REMOTE FLEXIBLE WORKING Working remotely and flexibly for extended periods is, in some cases, demonstrating increased productivity and improved worklife balance. Swapping the daily commute for home working will be accelerated, with other areas of growth such as fitness activities and integrated online or offline experiences. It is expected that where possible, all roles will support some form of flexible working, from a few days a week to full time. This will see the need for more flexible, integrated communication solutions for voice and video with increased use of remote workstations. Managing federated teams requires different techniques to ensure inclusion, motivation, managing isolation and a balanced work schedule to prevent burn out. This requires different collaboration and management best practices. Having capable secure, scalable solutions that need minimal bandwidth and simple low maintenance hardware will be key in providing low-cost secure home working environments.

SOCIAL DISTANCING As organisations focus on recovery, balancing customer and employee confidence, regulatory controls and government tracking and management of future outbreaks will have to be navigated. There will be a demand to implement capable social distancing and safe working practices. This will put an emphasis

GUEST COLUMN

on not only implementing new best practices but also demonstrating the actual adherence and management of non-compliance. All of these processes will drive requirements to store even more large quantities of data, such as video and compliance reports. Securely ingesting, storing, analysing and visualising this data at scale will require aggregation of disparate data sources in data lakes with mechanisms for securely exchanging information.

DELIVERY AND PICKUP During recent times, new business models have evolved rapidly, with organisations creating new takeaway, pickup and delivery models overnight. Having flexible, scalable, low-cost solutions enable these business models to grow quickly and service demand. Organisations will need to spin up and run secure, scalable services and mobile applications. Interest in delivery is likely to spill over into the hotel space as customers become more accustomed to online ordering and comfortable with the safety of these services. The new normal may accelerate the shift from room service to each individual guest getting food delivered. Hotels may need to start planning for their lobbies to be filled with 5-10 delivery companies at a time dropping off food. How does the front desk handle the security and process of coordinating the delivery of all these orders? For larger hotels, managing this via their operational systems may become a job in itself, as they may rely on data-driven business analytics insights to determine if they should be offering food options themselves and if so when and what kind.

PREDICTING DEMAND

PAUL ARMSTRONG,

Principal Solutions Architect, AWS.

A key area of focus will be really leveraging insights from disparate data sources

A key area of focus will be really leveraging insights from disparate data sources. Many organisations have excellent historical data and patterns and behaviours of customers. Although still useful data sources, organisations will have to look at more advanced analytical solutions to understand future changes in customer behaviour. Analytical skills will need to be more sophisticated and dynamic to determine new trends and behaviours. This is where solutions using machine learning techniques such as reinforcement learning to build more sophisticated complex models to learn against market factors and to react in real time will be future differentiators. ë

F E B R U A R Y 2 0 21

MEA

GUEST COLUMN

TOP NETWORKING TRENDS FOR THIS YEAR

2021 will see rapid evolution for networking that has become fundamental for new ways of working, writes Moueen Zahreddine of Riverbed.

he rapid and dramatic transition to remote working in 2020 forced organisations to rethink how they plan and manage their networks. Timelines for digital initiatives were drastically shortened to a matter of weeks. Organisations overhauled their business processes and transformed services to deliver value to their customers and employees. Through 2021, organisations will pivot further towards supporting remote workforces and embracing the shift toward work-from-anywhere models and hybrid work environments. As a result, network technology will play a critical role in connecting every individual, device and organisational structure that together form the digital enterprise. Here are Riverbed’s five networking predictions for 2021. SD-WAN has transformed from an emerging trend to a must have technology for regional businesses. As this market enters maturity, it can become increasingly difficult for smaller players to compete as larger entities begin to invest more fully. As Covid-19 has elevated the importance of how we manage and operate networks for remote work, many smaller SD-WAN players now face increasing market pressures to enter acquisition deals with larger enterprises. A prime example of this is Juniper’s acquisition of SD-WAN vendor 128 Technology. Larger vendors see significant potential for incremental business growth, in particular with big existing customers, and see acquisitions as a way to expand their roster of SD-WAN features and capabilities which they can use to expand existing service subscriptions. In 2021, the consolidation of SD-WAN vendors will continue as larger players such as Juniper, Cisco and HPE continue to buy up smaller players in the SD-WAN space that no longer have the resources to compete. AI and ML have played an increasingly important role in network monitoring as IT teams look for solutions that enable them to shift focus from administration and management to high-value tasks that drive business outcomes. We expect to see the value of analytics and number of real-world implementations continue to grow, especially in the context of security where the technol-

MEA

F E B R U A R Y 2 0 21

We expect to see more and more companies developing solutions that offer visibility into other vendors’ solutions in 2021 ogy is proving highly effective in identifying active and potential threats. But the predictive power of AI and ML is a powerful tool not only for threats, but for operational purposes as well. Taken together, AI-enhanced security and operational capabilities can give us the ability to both recognise existing breaches and predict faults and threats before they happen, determining how they are likely to evolve over time. Significantly, this may open the door to predictive security suites within network performance management. Taking this concept of predictive operations a step further, we even see predictive analysis and rank analysis coming together, allowing us to rank predictions based on their likelihood. 2021 will be the year businesses accept that it isn’t just the branch or client that IT needs to focus on. We expect to see developers grasp that delivering apps and data anywhere is the new reality, and consequently, they will begin to leave static development behind. In doing so, they will need to consider the proliferation of entry points and end points and are likely to make notable advances in securing the anywhere. In a sense, developers will adapt their thinking to accommodate the reality that every end point has become a microbranch. Developers will see the client as the new branch, finding new scenarios that optimise the capabilities of the client while also ensuring that new applications and services can be managed by IT from a single point of control. Because apps and data are now accessed from anywhere, and from any device, visibility across the entire hybrid network is essential for the new way of working. Being able to monitor and manage everything that happens on the network will continue to be a business-critical capability in the work-from-anywhere world. Providing comprehensive visibility will rapidly become a priority in the coming year, which will push a number of vendors to reach beyond the purview of their own solutions. We expect to see more and more companies developing solutions that offer

GUEST COLUMN

MOUEEN ZAHREDDINE,

Regional Sales Director, Saudi Arabia, Riverbed.

Developers will adapt their thinking to accommodate the reality that every end point has become a microbranch visibility into other vendors’ solutions in 2021. Application performance in the work-fromanywhere environment will continue to be a priority for businesses moving forward. A number of vendors have taken runs at accelerating applications in the past, from one end

or the other, but with limited success. But the power to accelerate applications is a claim we will see re-emerge in 2021, likely rolled into SDN offers. How the network delivers and handles applications has changed. Luckily, Riverbed was a very early mover in approaching application acceleration from both the data centre side and the client side; neither of which is a simple proposition. The acceleration technologies developed for the data centre and the branch can also be implemented on AWS or Azure, accelerating the cloud, or placed in front of a SaaS application like Office365 or Salesforce. This bookends performance with acceleration in a real client-to-cloud approach. Client to cloud acceleration is a capability that many vendors will promote in 2021, but few will be able to deliver it in a masterful way.

Through 2021, we can also expect to see enterprise mobilising the resources needed to build Centres of Excellence for their IT operations. With their focus on user experience rather than IT infrastructure and technical KPIs, these dedicated Digital Performance Command Centres will bridge the gap between IT and management by bringing IT visibility to C-level executives. By providing end- to-end visibility into IT performance from the context of business outcomes, these Centres will enable decision makers leaders to map and plan technology investments in line with business strategies. As it becomes apparent that new ways of working are here to stay, seeing end-to-end, accelerating end-to-end, developing for endto-end and innovating end-to-end will dominate network decision-making in 2021. ë

F E B R U A R Y 2 0 21

MEA

GUEST COLUMN

CYBERSECURITY PREDICTIONS FOR 2021

In 2021, cybercriminals are going to be infiltrating people’s endpoints, and the attacks are going to be at the data level, explains Fleming Shi of Barracuda.

aze ransomware is retiring, but that doesn’t mean there won’t be new ransomware strains. Going into 2021, there are a few elements that I think will continue to be the main drivers for cybersecurity. Part of it is Secure Access Service Edge, SASE, is definitely here to stay. In 2021, the focus will on securing devices and edges on very distributed environments. So, if you think about that, threats are no longer something that you can block based on IP addresses based on domains. Cybercriminals are going to be infiltrating people’s endpoints, and the attacks are usually going to be at the data level and then move laterally along the whatever axis it has available. For example, file sync and share, that’s a SaaS solution, so you cannot block that by IP address. So, from a security perspective, it will be important to focus on what we called micro-segmentation, working away from the network, IPv4 stack or infrastructure stack to get closer to the endpoint and the data. One of the things that I see is the need to figure out where attacks are coming from, which can be much more challenging as attacks get more sophisticated. In today’s world, the bad guys are building all kinds of botnets, whether it is TrickBot or InterPlanetary Storm. And because of that, anyone’s computer or even cloud infrastructure could be infiltrated and weaponised. That solutions focused on protecting people from IP address sending too many spam emails or phishing attacks can’t stop these threats. Viewing IP reputation as the key to stopping an attack, doesn’t work anymore. You have to really understand what is in your inbox? What are the normal communication patterns? In 2021, I believe that pattern is going to continue, in the sense that more infrastructure will be weaponised by the bad guys. It could be a university or a hospital or any company that has a substantial number of resources in the cloud. From that perspective, you end up with compute power being stolen and utilised in phishing attacks, which usually can steal more credentials and continue to drive, for example, ransomware attacks, monetising it all for the attackers. And the worst of all, it will ruin the reputation of trusted brands. There is a whole economy to what the attackers are doing: supply chain, delivery, weaponisation, and then a finance component. So, in

MEA

F E B R U A R Y 2 0 21

In 2021, the focus will on securing devices and edges on very distributed environments 2021 it is going to be very important for IT security professionals to pay attention to their cloud infrastructure, their edge devices, and their remote workers’ tools. Having those all under some level of Zero Trust-based security strategy is the only way that you can succeed. Beyond email, the collaboration space is opening up as a threat vector, and IT executives need to be aware of that. Slack is trying to take down email, and that opens up a whole new platform for attackers to take advantage of. So, understanding other collaboration platforms and being ready to secure those platforms is going to be a key area for IT executives to focus on in 2021. Healthcare will be the most targeted industry for the next five years. For example, at the beginning of the pandemic, we were short on PPE, so the bad guys weaponised against that, tricking people into clicking on malicious links by promising updates on PPE shipments or availability. Next, the attackers are going to apply the same tactics to vaccines because there is going to be a huge line of governments looking to get their hands on the vaccines. The logistics involved in delivery of vaccines will also be weaponised. The economic recovery will make small businesses another primary target for attacks in 2021, as we face the possibility of additional waves of shutdowns and various economic rescue plans are rolled out, which could all potentially turn into an opportunity for attackers. Even, the travel industry, which has suffered a lot, attackers will take advantage as travel starts to come back, and they will start using fake offers to steal credentials. 5G will drive another wave of upgrades to mobile networking, from Base Station Subsystems and overall application infrastructure. Cybersecurity strategy will need to quickly shift toward the edge to perform policy enforcements. Any security solution that has to backhaul traffic via proxy or network routes will suffer from performance degradation and potential reduced efficacy. There

GUEST COLUMN

FLEMING SHI, CTO, Barracuda.

Cyber security strategy will need to quickly shift toward the edge to perform policy enforcements

will also be optimisation efforts to transform applications to perform well in a 5G environment. This could reduce the window of opportunity to respond to attacks. At the device level, regardless of BYOD or sanctioned devices, a heightened security posture with a trustbased security strategy will help reduce attack surfaces. I think that people still are not well prepared for spear-phishing attacks, which don’t necessarily always include links and attachments, and attackers are using the pandemic to exploit that. The pandemic creates an immediate urgency on everything it touches, whether that protection gear or vaccines or treatments, and this urgency can be weaponised through business email compromise. In 2021, instead of focusing on masks and equipment, these

attacks will focus on vaccines and treatments. In the coming year, people will come to the realisation that what they have for email security today is probably not well equipped enough to defend against something like spear phishing or BEC and impersonation attacks. Encryption is going to make a huge comeback in 2021 because of data privacy, as well as how ransomware attacks are extending to use extortion. Protecting your data and using encryption is the only way out of those situations. CASB is another technology that is not brand new, but I think it is going to make a comeback in 2021 because it is access control and a way to apply different policies on who and when they can see the content or the data. And, of course, Zero-Trust, access micro-segmentation, reducing the surface and exposure are going to be very important. ë

F E B R U A R Y 2 0 21

MEA

GUEST COLUMN

XDR IS GAINING

BY EXPANDING ITS APPROACH Marc Solomon of ThreatQuotient explains why he refers to Extended Detection and Response, XDR, as a movement.

n some of the largest cybersecurity companies in the world, most industry analysts and other security experts are talking about the emergence of Extended Detection and Response, XDR, solutions. Gartner defines XDR as solutions that automatically collect and correlate data from multiple security products to improve threat detection and provide an incident response capability. If this were possible today, imagine the gains in Mean Time to Detection, MTTD, and Mean Time to Respond, MTTR, to an attack or active threat in your environment. I refer to XDR as a movement because it is gaining traction by expanding its approach to achieve its goal. For instance, in March, Gartner talked about XDR as a vendor-locked, cloud-based offering. But at the virtual Gartner Security and Risk Management Summit 2020 in September, VP Analyst Peter Firstbrook discussed an alternative approach which broadens the category to include a best-of-breed XDR strategy. Further fuelling momentum, Gartner called XDR the number one trend CISOs should understand to strengthen security initiatives. We have the definition of XDR by Gartner above, but what does it really mean from a practical standpoint? Let me start with a simple and important statement: XDR = EDR + NDR. Unfortunately, this is how some have viewed the development of XDR, bridging the gap between endpoint, EDR, and network detection and response, NDR. However, XDR has a broader, more complicated reality which is XDR = EDR + NDR + CDR + the dozens of existing security tools. This reality forces the need for a best-of-breed strategy, at a minimum from a transition standpoint, but more likely for an ongoing basis. Organisations often protect themselves by using many

MEA

F E B R U A R Y 2 0 21

I refer to XDR as a movement because it is gaining traction by expanding its approach to achieve its goal different technologies, including firewalls, IPS or IDS, routers, web and email security, and endpoint detection and response solutions. They also have SIEMs and other tools that house internal threat and event data, ticketing systems, log management repositories, case management systems. They may rely on one or two large vendors to handle the bulk of their security tasks, but typically they use at least a few best-of-breed vendors for controls, which the larger vendors do not have or do not excel in. Many studies, going back years, find that some Global 2000 enterprises have as many as 80 different security vendors in their environment. This happens naturally over time with different teams, budgets and departments making independent decisions. Vendors also must be able to accommodate the reality that not every organisation will have all their tools from a single provider out of the gate, and the appetite to rip and replace is low. Not to mention the fact that new vendors and solutions will continue to emerge given the ongoing innovation required to keep up with new use cases, threats and threat vectors. Whichever path to XDR is selected, integration with existing tools in the security infrastructure is essential for XDR solutions to merit and capitalise on all the attention. The reasons are obvious for a best-of-breed approach, but even single-source XDR requires integrations to deliver on the promise. There are two key types of integrations that are needed: Integration with third-party data and intelligence feeds, companies use an average of five external feeds within their environ-

GUEST COLUMN

MARC SOLOMON,

Chief Marketing Officer, ThreatQuotient.

New vendors and solutions will continue to emerge given the ongoing innovation required to keep up with threats ment. These can include commercial sources, open source, government, industry, existing security vendors, as well as frameworks like MITRE ATT&CK. Having the ability to utilise this data as part of your detection and response strategy is critical. It improves the breadth,

speed and relevance of detections, rather than just relying on a vendor’s intelligence. Integration with third party systems is important for multiple reasons. First, additional telemetry, context and events from internal systems is key to putting the pieces together for detection. This data from internal systems is often overlooked but is one of the best sources of intelligence, and when combined with external data will improve detection. Second, integrating with the internal systems will allow for faster response and the right mix of automation and manual actions. Systems become more effective and people more efficient. To really recognise the benefits, there are several paths, but the most common is starting with a company’s EDR implementation and then adding capabilities. One is the endpoint detection and response from a single vendor,

using that vendor’s detection content. Second is EDR+ which is a vendor’s EDR solution plus integration with third-party data and intelligence for faster, more effective detection. The third is EDR++ which is a vendor’s EDR solution plus integration with third-party data and intelligence for faster, more effective detection, plus integration with the other tools in your infrastructure for more efficient response. To truly become a movement that more organisations can get behind, what’s needed is a conduit between an XDR solution and the data sources and security tools it needs to interoperate with. A centralised platform that bridges these gaps can provide the integrations and intelligence for all teams and tools to use which helps with detection, understanding and response and unleashes the full potential for XDR. ë

F E B R U A R Y 2 0 21

MEA

Modernizes your approach to secure access RSA SecurID Suite enables organizations of all sizes to mitigate identity risk and maintain compliance without impeding user productivity. It ensures users have appropriate access and conﬁrms they are who they say they are with a modern, convenient user experience. In addition, RSA SecurID Suite provides uniﬁed visibility and control across organizations' many islands of identity.

For more info, contact your authorized distributor, Mindware FZ LLC at rsa@mindware.net | www.mindware.net | www.rsa.com

PEOPLE

EXECUTIVE MOVEMENTS Francisco Partners names Manny Rivelo as new CEO of Forcepoint Francisco Partners has announced it has closed on the previously announced acquisition of Forcepoint from Raytheon Technologies. Forcepoint is a provider of cybersecurity solutions that protects the critical data and networks of thousands of customers throughout the world. Coinciding with the transaction close, the company’s board of directors has appointed Manny Rivelo as Chief Executive Officer effective immediately. As CEO, Rivelo will focus the company’s strategy on accelerating enterprise and government agency adoption of a modern approach to security that embraces the emerging Secure Access Service Edge architecture.

A10 Networks appoints Amr Alashaal as Regional VP, Middle East

A10 Networks has announced Amr Alashaal as the Regional Vice President of Middle East. Alashaal started his journey at A10 over four years ago. He has been instrumental in growing the company’s presence in the Middle East region. Alashaal and his team have grown A10’s business in major Service Providers coupled with key strategic enterprise customers in the energy and utilities sector. Prior to joining A10, Alashaal worked with Fortinet where he developed the company’s revenue streams in large infrastructure, cyber security and managed services. Alashaal was born and raised in the United Kingdom. He graduated from Brunel University with a Bachelor’s degree in Business Management.

Nutanix promotes Rob Tribe to VP, Systems Engineering, EMEA

Siemon elevates Henry Siemon to President and CEO

Commvault appoints John Tavares as Vice President, Global Channel and Alliances

Nutanix has announced the appointment of Rob Tribe as Vice President, Systems Engineering, for the Europe, Middle East and Africa region. Promoted from his previous position as Senior Director, Systems Engineering, Rob Tribe has been appointed at Nutanix’s VP, Systems Engineering, EMEA. In his new position, he will play a strategic role in supporting Nutanix’s expansion in EMEA, whilst assuming overall responsibility for the company’s growing team of systems engineers in the region. Within this remit, Rob will oversee the teams that provide pre-sales consulting, technical guidance, and assistance to customers and channel partners. With over 25 years’ experience in enterprise technology, Rob Tribe was one of the first two EMEA Nutanix employees, joining in 2012.

Siemon has announced Henry Siemon as the company’s new President and CEO. Carl Siemon, who has served as President and CEO since 1982, will continue to serve on the board of directors and will work with Henry and the leadership team as a strategic advisor. Henry becomes the fifth CEO in Siemon’s 118-year history and establishes a fifth generation of stable family leadership. Since joining Siemon in 2017, Henry has served as Global Director of supply chain focused on initiatives to improve the company’s operational capabilities across the 150 countries Siemon serves today. Henry earned his Bachelor’s degree with a focus on Economics from the University of Richmond and later earned his MBA from MIT Sloan School of Management.

Commvault, a recognised global enterprise software leader in the management of data across cloud and on-premises environments, announced the appointment of John Tavares as Vice President, Global Channel and Alliances. In his new role, Tavares will be responsible for overseeing the growth of Commvault’s Global Partner Organisation and strengthening the company’s relationships with partners worldwide. Tavares joins Commvault from Dell EMC, where he worked in a variety of sales leadership roles, first for EMC and continuing through the merger with Dell, for the last 25 years. During his tenure with Dell EMC, Tavares grew the company’s datacentre business encompassing software, hardware, and services, built a world-class sales team, and increased revenue year-over-year.

F E B R U A R Y 2 0 21

MEA

PEOPLE

EXECUTIVE MOVEMENTS Lulu Group India appoints Anil Menon as Head of Information Technology

Anil Menon has been appointed as Head of IT at Lulu Group India. Menon is an IT professional with 18 plus years of experience across Information Technology and retail organisations. In his previous capacity as General Manager, IT Innovation at Tata Starbucks & Head, IT, Trent Hypermarket, he has worked extensively on the company’s digital transformational projects, cloud and mobility platforms, retail analytics, enterprise systems and security and information management systems. Prior to Trent Hypermarket, Menon has worked with Cybage Software as a Solution Architect in the retail CoE.

Amel Gardner to lead Infor’s business and customer growth in MEA

Infor has appointed Amel Gardner as Vice President and General Manager for the Middle East and Africa region. Gardner will drive Infor’s business growth and strategy in the region and ensure agile project deliveries and customer success. Gardner is an accomplished executive with broad IT skills and 20 years of experience spanning end-to-end enterprise solutions that empower customers to digitally transform and modernise their businesses. She has a proven track record of developing and implementing customer-centric growth strategies, as well as leading teams to accomplish sustainable growth.

Mohammed Al-Moneer appointed as Regional Director, META at Infoblox

Capco appoints James Arnett as Head of APAC

Azul appoints Peter Maloney as CFO and COO

Mohammed Al-Moneer is an IT industry veteran with over 20 years of experience. Prior to his current role at Infoblox, he was Regional Director MENA for A10 Networks. He has held various sales leadership positions at networking and other high-tech companies, including being Territory Sales Manager for Enterprise Servers, Storage and Networking at Hewlett-Packard. In his new role at Infoblox, he will be responsible for the overall direction and management of all sales and business development operations in the META region.

Capco, a global management and technology consultancy, has named James Arnett as Managing Partner for the APAC region with responsibility for managing the firm’s business across Hong Kong, Singapore, Thailand and Malaysia. James has over 20 years’ international experience in consulting, banking and technology, working with some of the world’s largest financial institutions and a number of the UK’s pioneer Internet banks. He led and built out Capco’s UK Finance, Risk and Compliance practice and most recently was Head of the UK Capital Markets practice. He joined Capco in 2011 having held roles at IBM Global Business Services, Capita, Hewlett Packard Enterprise and The Co-operative Bank.

Azul, provider of an open-source Java platform, has announced that it has appointed Peter Maloney as Chief Financial Officer and Chief Operating Officer. As Azul’s new CFO and COO, Maloney is responsible for financial strategy and management, planning and analysis, accounting, tax and treasury, investor relations, legal, human resources, business systems, DevOps, and M&A. Maloney has more than 25 years of strategic financial management and business operations leadership experience including 19 years of executive leadership for SaaS companies. Previously, Maloney was with Jobvite, the leading recruiting software company, where he was CFO. Prior to that, he served as CFO of E2open, where he led a successful IPO, follow-on offering and sale of the company. He has also served as CFO of SNOCAP. and CFO and VP of Finance of Keynote Systems.

MEA

F E B R U A R Y 2 0 21

“A New Normal of Technology, Business & Networking Events ”

TECHNOLOGY

LEADERSHIP BUSINESS

INNER-SELF CULTURE

90 DAYS MILESTONES

62 +

SESSIONS

6000 +

100 +

C-SUITE ATTENDEES FROM 32 COUNTRIES

PARTICIPATION OF OVER

INTERNATIONAL AND TOP INDUSTRY LEADERS.

89%

OVER

ENGAGED AUDIENCE

COUNTRIES

TECH LEADERS

CIOS

VENDORS

IT DIRECTORS

SATISFIED PARTNERS AND SPONSORS

INNOVATORS

EDUCATORS

ACADEMICIANS AND INVESTORS

BROUGHT TO YOU BY

ORGANIZED BY

Global CIO Forum

www.globalcioforum.com/unitewebsummit/

THEME OF UNITE

BOTS TEAM BUILDING

BODY

SOUL

OPPORTUNITIES AND OBSTACLES MONTHLY ALL-ROUND WELLNESS AND COMMUNITY BUILDING INITIATIVE FOR THE CIOS. STATE-OF-THE-ART LOCATIONS| ULTRA-MODERN ACTIVITIES| HANDS-ON EXPERIENCES | LIFE-CHANGING TAKEAWAYS

FITNESS

WELLNESS

NUTRITION

ENGAGE