THE WORLD CIO 200 ROADSHOW OVERVIEW
PA G E S 1 0 4 VOLUME O8 | ISSUE 06 JANUARY 2021 WWW.EC-MEA.COM
SPECIAL ISSUE
WORLD’s BIGGEST
CIO LEADERSHIP
EXCELLENCE AWARDS
26
COUNTRIES
3000+
CIO PARTICIPATIONS
2148
NOMINATIONS
1578 WINNERS
There's one thing even a billion-dollar company can't afford:
a security breach
Safeguard your IT with
Security Information & Event Management | Identity & Access Management Network Security Management | Unified Endpoint Security & Management Privileged Identity Management | Firewall Security Audit & Log Management
www.manageengine.com
EDITORIAL MANAGING DIRECTOR TUSHAR SAHOO TUSHAR@GECMEDIAGROUP.COM
WILL 2021 BE THE YEAR OF RECOVERY?
I
EDITOR ARUN SHANKAR ARUN@GECMEDIAGROUP.COM CEO RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM GLOBAL HEAD, CONTENT AND STRATEGIC ALLIANCES ANUSHREE DIXIT ANUSHREE@GECMEDIAGROUP.COM GROUP SALES HEAD RICHA S RICHA@GECMEDIAGROUP.COM
ARUN SHANKAR, EDITOR A R U N @ G E C M E D I A G R O U P. C O M
EVENTS EXECUTIVE SHRIYA NAIR SHRIYA@GECMDIAGROUP.COM
f 2020 was the year of disruption and transformation, 2021 is expected to be the year of repair and recovery. While the expectations for quick returns are high, yet it is quite clear that this year of claw-back, is going to be as challenging as the previous one, albeit in different ways. Remarks Sandrine El Khodry at Alcatel-Lucent Enterprise, that the year of preparedness lies ahead. Learning from the previous year, organisations must focus on business continuity and how to maintain it with end-to-end solutions built around resilience and efficiency platforms. 2021 will be the year of observability, adds Ty Amell at AppDynamics. Using observability will enable developers to cut through the noise and focus on the performance issues that have the biggest impact on the business. Organisations will need to view maintaining applications and technology stack as not just one-off projects. In 2021, Middle East will continue its digital shift, with adoption of hybrid cloud, data storage, artificial intelligence. As organisations digitise they will need to ensure networks are secure from growing cyber-threats, points out Savitha Bhaskar at Condo Protego. Businesses will continue to transform and address overdue issues. Says George Brough at Evolvant, in 2021, advantages of cloud will begin to outweigh migration efforts. This means not only a shift towards IaaS, PaaS, but also the wider adoption of SaaS ERP offerings, such as those from Oracle, SAP and others. Amongst the fastest growing technologies by adoption, hyper scalars and cloud service providers will continue their leading role across the industry. ManageEngine’s Rajesh Ganesan, points to the increasing influence from this part of the industry: will the power of the cloud supersede that of the nation? Q3 and Q4 were come-back quarters for the global IT industry. Hidetoshi Kaneko from Panasonic Marketing points out that IT industry equipment and software investment surged to an annualised rate of 47% in Q3. The pandemic is also driving technologies from concept to reality. Trend Micro’s Majd Sinan, points out that securing digital transformation is a primary pain point for enterprises. Many industries and companies have seen an increased demand in cybersecurity solutions for working from home. And even in the post-pandemic world, remote working is likely to continue. 2021 will see the CIOs relooking at hardware infrastructure purchases that were shelved in 2020. Says Veeam’s Danny Allan, recurring IT purchases including hardware will be priority. Hardware should be refreshed every three years, and if the pandemic halted attention to hardware, it is fair to say that will make its way to the top. Finally, in this issue, over twenty plus top IT executives dwell further on the possible dynamics and outcomes in the months ahead. Wherever we reach at the end of these twelve months in 2021, every single industry player and every single enterprise and every single business, would have played their best cards in innovation, technology grit, business acumen, amongst others, to rise above the upheavals of 2020. Wishing you the best for the months of recovery ahead. ë
SALES AND ADVERTISING RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM PH: + 971 555 120 490 PRODUCTION, CIRCULATION, SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM DESIGNER AJAY ARYA ASSISTANT DESIGNER RAHUL ARYA DESIGNED BY
SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM SOCIAL MARKETING & DIGITAL COMMUNICATION YASOBANT MISHRA YASOBANT@GECMEDIAGROUP.COM PRINTED BY AL GHURAIR PRINTING & PUBLISHING LLC. MASAFI COMPOUND, SATWA, P.O.BOX: 5613, DUBAI, UAE
COMPANY OF ACCENT INFOMEDIA MEA FZ LLC
# 203 , 2ND FLOOR G2 CIRCULAR BUILDING , DUBAI PRODUCTION CITY (IMPZ) PHONE : +971 4 564 8684 31 FOXTAIL LAN, MONMOUTH JUNCTION, NJ - 08852 UNITED STATES OF AMERICA PHONE NO: + 1 732 794 5918 A PUBLICATION LICENSED BY International Media Production Zone, Dubai, UAE @copyright 2013 Accent Infomedia. All rights reserved. while the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.
JA N U A R Y 2 0 21
MEA
3
Contents COVER STORY / 33-72
The World CIO 200 Roadshow Overview SPECIAL REPORT / 73
2021: Will this be the year of recovery? Alcatel-Lucent Enterprise: The year of preparedness lies ahead AppDynamics:2021 will be the year of observability Beyond Trust: New threats to use AI, ML, deepfakes, social media Callsign: Threat actors to exploit an omni-channel approach Condo Protego: Businesses will transform and address overdue issues Cybereason: Will enterprises pay to protect remote workers? Evolvant: Advantages of cloud begin to outweigh migration efforts F5: Click farms, 5G architecture, open banking, key trends
Infor:Infor predicts cloud, AI, supply chain trends ahead Kaspersky: Cybersecurity remains investment priority despite budget cuts ManageEngine: Will power of cloud supersede that of the nation? Palo Alto: Home, Brexit, 5G, cloud, contactless, see more threats Panasonic: Pandemic driving technologies from concept to reality Proofpoint: Unprecedented levels of people-centric global cyberattacks Pure Storage: Expect intolerance to downtime from customers, employees Secureworks: Secureworks takes on channel and security trends
Schneider Electric: Increased spending in datacentres, edge computing, DX Siemon: Remote work driving investment into datacentre services Sophos: Cyberattacks influencing IT security spending trends Tenable: Pandemic triggers review of global cybersecurity laws ThreatQuotient: Remote work, ransomware, create lessons for security ops Trend Micro: Securing digital transformation is primary pain point Veeam: Recurring IT purchases including hardware to be priority 08
EDITOR’S PAGE
06-09 VIEW POINT 11-15 EVENT NEWS 17-27 GITEX 2020 28-31 GEC AWARDS
VIEWPOINT
Six trends that will change the way things get done Covid-19 has forced businesses to prioritise employee safety, and IoT technologies and robots will be put in play, predicts Meerah Rajavel at Citrix.
T
o say 2020 has been an incredible year for technology is an understatement. When the global pandemic rocked the world of work by pushing employees from the office to their homes, technology took centrestage as IT quickly mobilised to keep people engaged and productive. Trends aimed at feeling digital transformation that were already in play accelerated at warp speed and kept business moving. And the stage is set for more radical change in the way work gets done in the year ahead. What can we expect? As consumers, we can do everything from shopping, banking, and socialising with greater speed and efficiency than ever before. But when it comes to work, things are more complicated than ever. During a typical day, the average employee touches more than a dozen apps. This will change in 2021 as savvy companies adopt digital workspace technology and replace a user experience filled with distractions, context switches, and complexity with a simpler way to work that unlocks innovation, engages employees, and drives better business results. Micro app technology, for instance, will be used to consolidate access to all of the tools, activities, and tasks employees need to get work done in a simple, unified work feed. Faced with shelter in place and work from home mandates, many organisations rushed to arm employees with Virtual Private Network solutions that allowed them to quickly connect to corporate systems. But they are now realising the limitations of such offerings. In 2021, organisations will move away from VPN technology and leverage a Virtual Desktop Infrastructure, which offers a more secure and reliable alternative and enables them to deliver a familiar desktop and high-performance experience that empowers employees to access all the apps, information and resources they need to perform at their best while working remote. Robots won’t replace humans, but they will
06
MEA
JA N U A R Y 2 0 21
MEERAH RAJAVEL,
Chief Information Officer, Citrix.
When it comes to work, things are more complicated than ever make us smarter and more efficient. And IT will set the wheels in motion, leveraging digital workspaces infused with such technologies to organise, guide, and automate work in an intelligent and personal way that enables employees to focus on and do what they do best. Covid-19 has forced businesses to prioritise
Savvy companies adopt digital workspace technology and replace a user experience filled with distractions employee safety, and IoT technologies and robots will be put in play to keep people safe. Robots will take over dangerous tasks, and remote-hand technologies will enhance human-machine interactions even further. And IoT will power things like touchless offices and smart social distancing, allowing employees to, among other things, access maps and occupancy information for different parts of a building and confirm that shared spaces have been cleaned and reserve conference rooms and hot desks right from their own devices. Technology has become a critical driver of business outcomes and the expectation is that it is always on. With cyberattacks up more than 400% this year, protecting employees and company assets will become even more critical in 2021. Security and experience are not mutually exclusive. They are two sides of the same coin. And in the year ahead, they will align closely to deliver an intelligent approach to workspace security that protects employees, following the Zero Trust model, without getting in the way of their experience. And security will be baked into everything IT does. The pandemic has driven change that no one could have imagined. While it’s impossible to predict exactly what the future holds, one thing is certain: the world will continue to change and change fast. And companies that harness the power of technology can make it a better place. Í
VIEWPOINT
Cybersecurity skills and role played by certifications The role played by certification institutions in raising the bar on standards and driving positive impact, says Ned Baltagi at SANS Institute.
T
he cybersecurity industry today is being challenged by the speed of business transformation, the range of technologies and solutions being used, and the skills necessary to master the usage of cybersecurity. The pandemic has disrupted the legacy way of working as well as the traditional investments into conventional IT technologies. In 2019, the (ISC)2 Cybersecurity Workforce Study, concluded 4.07 million workers would now need to be added to the 2.8 million currently in the field globally to fully close the gap. The pandemic is only adding to those numbers. The skills gap impacts all organisations, but while the larger enterprises can attract the top practitioners, other businesses continue to be operationally and financially impacted. The Fortinet Survey on Cybersecurity Skills Shortage, released in May 2020, finds that 73% of organisations in the survey had at least one intrusion or breach over the past year that can be partially attributed to a gap in cybersecurity skills. And 47% had as many as three such intrusions in the past 12 months. Other than the imbalance between supply and demand of cybersecurity skills, another dynamic in the industry is the role played by certification institutions for testing and qualifying practitioners. The May 2020 survey by Fortinet found that 94% respondent practitioners believe certifications have prepared them better for their role. More than half of the respondents experienced certifications to have increased awareness of cybersecurity and helped them perform their duties more effectively. 39% believe certifications have accelerated their career growth. On the recruitment side, 82% of organisations prefer to hire candidates with certifications. Employers believe that certifications are a validation of a candidate’s cybersecurity awareness and knowledge. This increases their confidence that they will perform their duties well.
NED BALTAGI,
Managing Director, Middle East and Africa, SANS Institute.
The pandemic has disrupted the traditional investments into conventional IT technologies So, while certifications are increasingly going to become a key part of the skills dynamics, the areas of certification and the prevailing standards are of importance as well. Certifications are usually built around focus subjects. In the area of cybersecurity, this can include subjects such as offensive security,
While there are many certifying institutions for cybersecurity, it is the ones with higher rigour that are going to provide better returns cyber defence, cloud security, DFIR, management, and ICS. Institutions providing certifications can choose to skim the subject matter on the top and hence achieve only a broad perspective. Or they can focus on a deep dive approach, with multiple certifications in the same subject area ensuring that any practitioner qualifying for the certification is really specialised and qualified in that area. For the professional specialist and the future potential employer, clearly the second approach is a healthier and more productive one for both sides. Leading certification institutions also require the professional to qualify through a hands-on session that simulates situations experienced in real life. Practical virtual machine exams in a lab environment require takers to perform hands-on tasks mimicking what they might find in daily work. Getting certified in the hands-on area ensures that the professional is actually ready to go from day one, hour one. Another important area for selection of a certification institution is to ascertain whether they offer courses that are in demand across the cybersecurity industry. While there are many certifying institutions for cybersecurity with varying levels of qualifications, selecting the ones with low entry barriers may allow a quick start. But it is the ones with higher rigour that are going to provide better returns and support in the longer term. ĂŤ
JA N U A R Y 2 0 21
MEA
07
VIEWPOINT
Building flexibility into your network concept Evolving business requirements and new technologies mean the way in which a building is used is likely to change over time, says Arafat Yousef at Nexans.
U
ntil recently, designers and installers would create an ideal cabling installation in the very first stages of cabling projects. The idea would be to come up with the most efficient solution for a specified network. However, today’s infrastructure calls for a new approach with the adoption of new technologies that are driving a continuous need for more bandwidth, such as IoT. On unprepared networks, this may lead to slowing down at certain times, or certain functions becoming unavailable. An inflexible cabling system can actually lead to huge costs and extra effort further down the road. How can you ensure your structured cabling and network architecture will meet unpredictable future demands, without over-specifying and investing too much? The enterprise landscape is changing rapidly, driven by increased traffic and divers ways of working. Infrastructure design needs to accommodate the complex requirements of more and more converged environments in which previously separate systems are merging fast. An explosive growth in bandwidth demand as people are transmitting more and more voice, data, and video files. The evolution in wireless technology is inevitable, with 24 billion web-connected devices, of which more than half are connected wirelessly and can transmit HD content. And further, a threefold increase in the amount of power transmitted over IP networks will significantly increase heat build-up inside cable bundles, which in turn may disrupt network IP traffic. What’s more, evolving business requirements and new technologies mean that the way in which a building is used is likely to change over time. The number of people and devices may increase or decrease and new applications can be introduced. Nobody can predict the future, but by asking several questions, you can at least be as future-ready as possible. Which level of performance do your organisation’s users and devices require not only right now, but also in
08
MEA
JA N U A R Y 2 0 21
ARAFAT YOUSEF,
Managing Director, Middle East and Africa, Nexans Data Network Solutions.
Fibre to the Office infrastructures will outlast several generations of active equipment the future? Which specific conditions exist in your building or buildings and which distances need to be bridged? Are there specific requirements with regard to functionality or uptime? How flexible does your network need to be to accommodate probable - or more unlikely future requirements?
Today’s infrastructure calls for a new approach with technologies that are driving a continuous need for more bandwidth Fibre To The Office, a centralised LAN cabling technology; It combines passive fibre cabling with active switches and requires no floor distributors or additional technical rooms. Combining fibre and copper means ample redundancy and power provision can be offered to each end-user and that networks can be fully reconfigured quickly and easily. FTTO infrastructures will outlast several generations of active equipment. There are also considerable benefits in terms of energy consumption, security, network administration, maintenance, rollout and associated costs. TCO can be 40% lower and OPEX 35%. FTTO combines the advantages of highly scalable fibre with fast-changing requirements for flexibility, costefficiency and interoperability. In addition, another approach can be added to the FTTO solution. A digital ceiling concept- essentially a network of smart digital products and applications installed in the ceiling - enables the creation of distributed data and power consolidation points. Utilising a zone cabling architecture results in a cabling density that is designed to support different systems and devices that can be optimally positioned according to the function they serve. By making smart choices at the outset, you can ensure your network will be able to handle requirements for years to come. Of course, every network has its own unique requirements. Our experts will gladly discuss your specific situation and any requirements you may have. ë
VIEWPOINT
How to deal with ransomware attacks Covid is putting a financial strain on people and ransomware attacks are largely financially motivating, asserts Ryan Trost at ThreatQuotient.
W
e all have heard or read the analysis that the attack would have been milder if highly secure cloud services had been used. Especially when an organisation has been hit by ransomware recently, has probably suffered data loss and downtime and wants to get back to business as soon as possible. What does it mean exactly? The answer to the problem typically isn’t onpremise or cloud infrastructure but rather lack of security hygiene and a failure in defences. More often than not it’s the inability for organisations to maintain security fundamentals like patch management, technology stack configuration, and security coding practices, that provide a foothold for the adversary. Whether a technology is on-premise or somewhere in the cloud has no bearing on the adversary’s ability to execute a ransomware attack. The two are not mutually exclusive. In actuality, organisations hastily moving data into the cloud actually increases the likelihood of future intrusions because it introduces another attack landscape to the organisation - one that is massive. Cloud architectures and configurations are complex and are prone to mis-configurations and human error. Also, many cloud providers have their list of defences and won’t deviate from it, so it forces organisations to comply or go elsewhere. The change of security technologies introduces new issues to organisations to consider. It’s even harder to properly assess and resolve if a company’s management team is pressuring them for overnight transitioning from on-prem to cloud. Teams moving into the cloud need to: l Truly assess the pros and cons l Evaluate the various cloud providers and hosting companies over several months rather than days l Assess the cloud providers policies and procedures; especially when it comes to backups, configuration changes, and security procedures
RYAN TROST,
CTO and Co-Founder, ThreatQuotient.
Any attack would have been milder if highly secure systems had been used
Cloud architectures and configurations are complex and are prone to misconfigurations when their internal employees leave the cloud provider l Implement an agile transition; meaning it should be a slow and multiple release transition instead of a flip of the switch...lights on transition I think it’s pretty easy to say that any attack would have been milder if highly secure systems had been used. Security hygiene just references and security basics, maturing technology stack, maintain patch management efforts, keep rules and signatures updated, encrypt the necessary data, test backup procedures quarterly, etc. Defending against ransomware which is one form of adversary objective and regardless the adversary needs to tunnel their way into the organisation. Companies need to stay vigilant; especially during the pandemic. Covid is putting a financial strain on people and ransomware attacks are largely financially motivating attacks with quick and relatively easy to orchestrate. Sophisticated cyber criminals will target larger companies with a larger buyout, whereas, less sophisticated cyber criminals can just as easily target residential users in order to syphon +$100s of dollars depending on the value of the files encrypted. From a TQ perspective, companies need to stay updated on threat intelligence and streamline those IOCs and signatures into their defensive technology stack as quickly as possible to try and block or detect malicious activity before the adversary has time to ransom their files. ë
JA N U A R Y 2 0 21
MEA
09
Huawei IdeaHub New Style Smart OOce 3-in-1
Whiteboard 丨 Projector丨Online Meeting
Scan QR code to Learn More
EVENT NEWS
Global CIO Forum, F5, Exclusive Networks host roundtable on app security On December 22, Global CIO Forum in association with F5 and Exclusive Networks successfully hosted the App Security: Why Advanced Threats Require Advanced Application Defense virtual roundtable. Apps enable the business to capture opportunities and customers, but attackers can disrupt strategic outcomes for financial gain. It is critical to protect apps and APIs across architectures, clouds, and third-party integrations to reduce risks and speed up digital transformation. Increasing application development velocity improves time to market and reduces friction. Protecting critical assets with the highest real-world security efficacy is of paramount importance.
TOPICS COVERED l l l
Why apps drive a business Application layer security Defeating application fraud
THE SPEAKERS
The keynote speakers for the App Security: Why Advanced Threats Require Advanced Application Defense virtual roundtable were Yasser El Mashad, Cyber Security Specialist at F5 and Fouad Tawk, Regional Sales Manager, Shape Security at F5. Their presentations were followed by a panel discussion.
JA N U A R Y 2 0 21
MEA
11
EVENT NEWS
Global CIO Forum, F5, Exclusive Networks host roundtable on zero trust security On December 21, Global CIO Forum in association with F5 and Exclusive Networks successfully hosted the Zero Trust Security Architectures for the Modern Application World virtual roundtable. Airlines and airports are running 24 by 7 and their IT infrastructure and services need to be available at all times. However, the aviation industry is being impacted by the move to digitalisation. And the installed base of legacy technology is becoming a challenge. Currently, the most important needs are availability and security.
TOPICS COVERED l l l l
Application Layer Security Defeating Application Fraud Protecting Applications and APIs Increasing application development velocity
Global CIO Forum, ARCON host virtual summit on Privilege Access Management On December 20, Global CIO Forum in association with ARCON, successfully hosted the Low Friction High Security VirtualSummit. As cyberattacks become increasingly sophisticated and devastating, it is critical that organisations have granular level control over the privilege accounts. Privilege Access Management is, therefore, one of the most critical factors today in building unified access controls and governance framework, thereby making it one of the topmost priorities of CISOs and CIOs today.
TOPICS COVERED l l l l l
12
Manage, monitor and control privileged accounts seamlessly Ensure secure access to target systems and applications Implement deepest levels of granular level control over privileged accounts Strengthen authentication mechanism with multi-factor validation and password vaulting Offer a centralised policy framework
MEA
JA N U A R Y 2 0 21
THE SPEAKERS
The keynote speakers for the Low Friction High Security VirtualSummit were Anil Bhandari, Chief Mentor and Thought Leader at ARCON; and Lalit Popli, Chief Operating Officer at ARCON. Their presentations were followed by a round of Q&A.
EVENT NEWS
GCF, Pure Storage, MDS CS host summit on modernisation of govts and enterprises On December 16, Global CIO Forum in association with Pure Storage and MDS CS, successfully hosted the Modernisation of Governments and Enterprises VirtualSummit. Data is considered to be the new gold. But merely having access to data is not enough for governments or enterprises. Typically, government IT can’t execute on digital transformation without the right infrastructure. Meanwhile, agencies across the public sector have been hit hard with ransomware attacks at an average cost of $760,000. And there’s no end in sight. Also, agencies are experiencing more strain on IT systems than ever before. Unexpected events often require new storage solutions to support mission-critical functions. And that is where Pure Storage can be of invaluable aid.
TOPICS COVERED
The Modernisation of Governments and Enterprises VirtualSummit covered these topics: l Quick overview of Pure Storage l Improved performance and outcomes l Storage as a Service, Rapid solutions l Combating ransomware
Abdullah Albaz Sales Manager, Pure Storage KSA
Mohammad Joudeh Sales Director and Deputy GM, MDS
Haddi Hakim Systems Engineer Manager, Pure Storage MEA
THE SPEAKERS
The keynote speakers for the Modernisation of Governments and Enterprises VirtualSummit were Abdullah Albaz, Sales Manager, Pure Storage KSA; Mohammad Joudeh, Sales Director and Deputy GM, MDS CS; and Haddi Hakim, Systems Engineer Manager, Pure Storage MEA. The presentations were followed by a panel discussion.
GCF, CONTEXT host virtual summit on being reliable, relevant and transparent
The eighth and final virtual summit in the Channel Insights Series took place on December 15. Titled Reliable, Relevant, Transparent: How Channel Should Imbibe These Disciplines, the virtual summit discussed effective channel management. The virtual summit was hosted by Global CIO Forum in association with CONTEXT. Creating a robust plan provides the foundation for success, and has five areas of focus: l Identify which company objectives rely on channel management l Assess your current route-to-market strength l Understand your ability and need to scale across multiple dimensions l Define your growth strategies for each desired business outcome l Cascade accountability throughout your organisation
THE SPEAKERS
To impart insights on imbibing the disciplines of reliability, relevancy and transparency, the virtual summit brought on stage Adam Simon, Global Managing Director and CFO at CONTEXT and Tim Davies, Country Manager, Middle East at CONTEXT. Joining them were Houssam Mobied, CEO at Memory Technology Middle East; Santosh Varghese, Vice President, Toshiba Gulf; and Howard Davies, CEO and Co-Founder at CONTEXT.
Houssam Mobied CEO at Memory Technology Middle East FZCO
Santosh Varghese Vice President, Toshiba Gulf FZE
Adam Simon Global Managing Director & CFO CONTEXT
Howard Davies CEO and Co-Founder Context
Tim Davies Country Manager, Middle East at CONTEXT
JA N U A R Y 2 0 21
MEA
13
EVENT NEWS
GCF, BeyondTrust host roundtable on the UAE Information Assurance Standard
On December 8, Global CIO Forum in association with BeyondTrust, successfully hosted the BeyondTrust and the UAE Information Assurance Standard by NESA virtual roundtable. The gathering discussed how Privileged Access Management, PAM, solutions map into requirements set forth in the UAE Information Assurance Standard, IAS, as defined by the National Electronic Security Authority, NESA. Mitigating cyber threats and ensuring the development of a secure national information and communications infrastructure, and cyberspace, is a strategic priority for the UAE. To this end, NESA developed the UAE IA Standards as a critical element of the National Information Assurance Framework, to provide requirements for elevating the level of IA across all implementing entities in the UAE. All UAE government entities and other entities identified as Critical 1 by NESA are obligated to implement these standards. However, NESA highly recommends all entities in the UAE to adopt these standards on a voluntary basis, as applicable, to participate in raising the nation minimum-security levels. But how does this compliance mandate impact your organisation, and how can you leverage PAM solutions to streamline operations and meet this objective? BeyondTrust capabilities address 25 Technical and Management controls in the UAE information assurance standard.
John Hathaway RVP Middle East and India, BeyondTrust
Michael Byrnes Lead Solution Engineer, BeyondTrust
TOPICS COVERED
The impact that IAS has on your organisations and, in particular, their security l The initiatives that are the most fundamental to engage on this path to compliance l Thoughts on how PAM solutions can help meeting these requirements l The expectations from the market in terms of compliance to these mandates l How BeyondTrust’s Privileged Access Management solutions can map into requirements set forth in the UAE IAS and help in accelerating and simplifying compliance l
GCF, CONTEXT host summit on adjusting to new culture, new teams, new decisions The seventh virtual summit in the Channel Insights Series took place on November 30. Titled New Culture, New Teams, New Decisions, Channel Must Adjust, the virtual summit discussed how organisations can adjust to the new way of conducting business. The virtual summit was hosted by Global CIO Forum in association with CONTEXT. The time is ripe, for organisations to start rethinking business in a new way. Nothing will be the same from now on. Rules have changed, norms have changed, strategies have changed. The game itself has changed. The Middle East channel has been quite optimistic about a high growth tangent in the IT supplies and distribution side and a majority of the survey respondents pointed towards a positive outlook for business in 2021. The channel leaders here will play a pivotal role in writing the new rules of the business. There might be a dire need to bring in people with new skill sets and new directions. Leadership in post-pandemic will change as well and the CXOs will have to adjust. The virtual summit explored in depth the thought processes of the key channel leaders in the region and how they are mapping the year to come.
14
MEA
JA N U A R Y 2 0 21
Dharmendra L. Sawlani Director, Smile Computers LLC, Savvy Impex FZCO & President, Dubai Computer Group (DCG)
Shukri Halima Associate Director Global Credit Solutions
Adam Simon Global Managing Director & CFO CONTEXT
Marissa Safe Vice President & COO, FDC International
Tim Davies Country Manager, Middle East at CONTEXT
EVENT NEWS
GCF, Alcatel-Lucent, SecureNet host summit on communications infrastructure On November 25, Global CIO Forum in association with Alcatel-Lucent and SecureNet, successfully hosted the Accelerate Digital Transformation with Integrated Network & Communications Infrastructure VirtualSummit. Topics covered included digital transformation and its challenges; IoT, analytics, integration and ONE network approach and simplifying management of new digital networks. The virtual summit also discussed new era of communications and the transition of old infrastructure, as well as designing ONE network for future readiness.
THE SPEAKER
The keynote speaker for the Accelerate Digital Transformation with Integrated Network & Communications Infrastructure VirtualSummit was Ashish Saxena. Director Technical Sales and Services, MEA, Alcatel-Lucent Enterprise. His presentation was followed by a Q&A round.
GCF, CONTEXT host summit on the dynamics of post pandemic workplace The sixth virtual summit in the Channel Insights Series unfolded on November 23. Titled Dynamics Of Post Pandemic Workplace, What The Channel Needs To Know, the virtual summit discussed know how key vendor and channel leaderships in the region are gearing up to revisit their workplace and business for a post-pandemic world. The virtual summit was hosted by Global CIO Forum in association with CONTEXT. Organisations across the globe are highly optimistic about the situation and are geared up for any situation, be it considering Covid-19 as the new normal and preparing for it, or planning for a post-pandemic workplace. Key surveys showed that the pandemic has presented many category-neutral challenges for organisations as well. But it has also steered a clear opportunity for organisations to rethink what type of workplace they want to return to. We are already seeing less pushback from C-level executives when it comes to implementing new initiatives so now is the best time for organisations to be looking at what longlasting changes they want to make.
Samer Semaan Channel Manager Middle East at Pure Storage
Mario M. Veljovic General Manager | VAD Technologies
Adam Simon Global Managing Director & CFO CONTEXT
Jithin Varghese Product Manager & Senior Solution Architect VAD Technologies LLC
Tim Davies Country Manager, Middle East at CONTEXT
JA N U A R Y 2 0 21
MEA
15
GITEX 2020
Abu Dhabi Digital Authority, F5 to accelerate digital transformation agenda
Dubai Civil Aviation Authority to migrate data centres to Dubai Pulse Cloud In line with its role as a Strategic Partner for Smart Dubai Office, du has announced a new partnership agreement that will see the UAE telco assume responsibility for migrating the data centres of Dubai Civil Aviation Authority to Dubai Pulse Cloud. DCAA will also join the brand’s blockchain network having selected du Blockchain Edge to host its own node. The two entities announced the partnership during a signing ceremony at GITEX Technology Week 2020, which takes place from 6-10 December at Dubai World Trade Centre. Following integration with Dubai Pulse Cloud, du will manage, monitor, operate, and deliver all infrastructure and production components, supporting critical functions and enabling DCAA services to be operational and accessible 24 hours per day, seven days per week. Business continuity and enhanced security will be guaranteed regardless of any social or environmental challenges, while DCAA will also benefit from significant operational expenditure savings. Investing in new resources and infrastructure planning will no longer be necessary due to cloud migration, and the governing body can instead focus on solutions and applications. In joining the Blockchain network, DCAA will also enjoy Infrastructure as a Service and Blockchain Platform as a Service, with du managing the components and operating model. DCAA will leverage Blockchain Edge capabilities to achieve scalability, provide seamless digital services, and increase efforts centred around business needs and demands. Furthermore, the ability to exchange data digitally with greater security will also be provided through integration with the unified business registry network. As a cloud-based platform, Dubai Pulse offers virtual solutions that cater to web, application, database, and shared services, as well as a highly-secured environment. On the other hand, du Blockchain Edge transforms and empowers organisations, digitalising ecosystems and providing the tools to customise Blockchain networks with easy-to-manage features.
The Department of Government Support, Abu Dhabi, DGS, represented by the Abu Dhabi Digital Authority, ADDA, the government entity leading the digital transformation in the Emirate of Abu Dhabi, announced that it has signed a partnership agreement with F5. This deal will maximise the value of services provided by the company to government entities in Abu Dhabi. The agreement, which was signed during GITEX Technology Week, is part of ADDA’s efforts aimed at leading the digital future
of Abu Dhabi government and supporting digital transformation in the emirate by using the latest technologies, defining strategies, policies and standards, and developing the digital infrastructure in partnership with the private and public sectors to enhance the effectiveness of government performance. The agreement is aimed at facilitating the procurement of advanced solutions provided by F5 to government entities and maximise the value of services provided to these entities. This includes automation, security, performance, and insight solutions that allow organisations to focus on their core business, boost speed to market, improve operations, and build trust with end users and stakeholders. F5 will also provide additional support to Abu Dhabi government entities, including training and awareness.
ITCAN highlights advanced e-commerce and digital marketing solutions ITCAN, an e-commerce technology and digital marketing company focused on e-commerce performance marketing, revealed their successful participation at the pioneering edition of GITEX Marketing Mania, the region’s biggest MarTech event, which ran from December 6 to December 9, 2020 at the Dubai World Trade Centre. The event was held simultaneously with this year’s edition of GITEX Technology Week, the only global tech show in 2020–live in person. During the exciting four-day show, ITCAN threw the spotlight on its diverse portfolio of advanced e-commerce and digital marketing solutions. According to ITCAN senior officials, the company’s presence at the first edition of Marketing Mania show served as a strategic platform to highlight the many distinctive and innovative services that it offers across the MENA region. Backed by product demonstrations, trade experts and highly innovative displays, the ITCAN stand attracted a large number of visitors, decision-makers, industry experts, investors, and the media during the show’s four-day run at the Dubai World Trade Centre. ITCAN is widely recognised as a fast-growing startup and a pioneer in e-commerce performance marketing and technology development. The company ably presents its proficiency and expertise in digital marketing and influencer marketing to businesses operating mainly in the GCC region, with a special focus on Saudi Arabia and the UAE–delivering digital scaling and transformation for e-commerce.
JA N U A R Y 2 0 21
MEA
17
GITEX 2020
HADI JAAFARAWI,
Managing Director Middle East at Qualys.
Qualys launches UAE Cloud for Middle East organisations Qualys has launched the Qualys UAE Cloud, a platform that will allow public and private enterprises across the Middle East to innovate as Qualys brings them unprecedented security and visibility across their hybrid IT environment. The move comes as regional cloud migration reaches fever pitch. Last year, YouGov revealed that 88% of IT stakeholders in the UAE were planning budget increases for cloud computing. Across the GCC, the emergence of the COVID-19 pandemic has acted as an accelerant to digital transformation, with the International Data Corpora-
tion projecting that the Gulf ’s public cloud market alone will more than double over the next four years, from $956 million in 2020 to $2.35 billion in 2024. IDC also predicted that hybrid clouds will grow in popularity. But many organisations in heavily regulated industries such as banking, oil and gas, and government have had to consider issues such as privacy and data residency when planning their migration journeys. The Qualys UAE Cloud platform will eliminate these barriers and will act as the company’s main hub for the Middle East. The Qualys UAE Cloud will offer all the company’s key solutions including VMDR; Multi-Vector EDR; Global IT Asset Inventory; Configuration Management; Certificate Inventory; Threat Protection; Continuous Monitoring; Patch Management; Container Security; Web Application Scanning; and Web Application Firewalls.
Ankabut, Huawei partner on software defined data centre expansion Ankabut, the UAE’s Advanced National Research and Education Network offering academic institutions connectivity to other education networks around the world, will be working with Huawei to expand education clouds in the UAE and the Middle East. The two organisations signed a MoU during GITEX Technology Week 2020 outlining their future cooperation. The partnership confirms Huawei as Ankabut’s long-term cloud solution provider and strategic technology partner, taking full advantage of the company’s end-to-end ICT technology. Earlier last year, Ankabut selected Huawei as a partner to build the new education cloud platform and software defined data centre. With phase one of the cloud established, the two organisations will now work together to expand the existing footprint using Huawei Cloud Stack Solution and software defined data centre, in turn strengthening the UAE’s position as a leader in educational services and accelerating digital transformation. The extended software-defined data centre will enable Ankabut to provide innovative services to educators in the UAE and across the region. Under the slogan of New Value Together, Huawei has strengthened its commitment to the region’s technology ecosystem by confirming its largest ever GITEX Technology Week presence at the 40th anniversary edition of the event. The company is collaborating with partners to showcase how governments and organisations in the Middle East can create new value through synergy across five tech domains.
18
MEA
JA N U A R Y 2 0 21
Huawei demos enhanced traditional education models With many academic models reexamined during 2020, Huawei has previewed a series of digital transformation solutions to support continuous learning and quality education in the Middle East over the coming years. The company’s expanded Smart Education portfolio was unveiled in the Middle East during GITEX Technology Week and has been demonstrated to government and non-governmental organisations throughout the exhibition. According to Huawei, the education of approximately 1.5 billion students worldwide has been disrupted due to the Covid-19 pandemic In response, local authorities have increasingly turned to information and communications technologies in an effort to ensure teaching and learning can continue, and that today’s investments create longterm value. Huawei has focused on five layers of digital transformation in the education sector. These include using ICT solutions to enhance teaching, learning, research, management, and support services. By working across these domains, Huawei is building end-to-end solutions that tap into its expertise across wired and wireless networks, especially 5G, as well as its strengths in connected devices and IoT networks. At the core of its education portfolio is the eClassroom for immersive learning environments in-person or remotely. These technologies enable classrooms to have 4K HD whiteboards, support one-click sharing of coursework, more fluent data interactions and annotations, and seamless video sharing. Huawei’s Online Learning solution then supports the publishing of coursework and other shared resources. It includes tools to rank and recommend courses, along with interactive community statistics and reports about how specific resources are being used. Huawei has also designed a National Research and Education Centre solution that supports collaborative research, especially at the university level, enabling more education resources to be shared on the cloud and accessible through an ultra-broadband backbone network.
GITEX 2020
DVCOM showcases innovative cloud collaboration and UC solutions
RENJAN GEORGE,
Managing Director at DVCOM Technology.
DVCOM Technology is showcasing some unique and innovative cloud collaboration and Unified Communications solutions at GITEX 2020. DVCOM’s booth has been engaging visitors in an interactive experience with their two primary solutions on exhibit, Yealink’s UC solutions and Yeastar’s PBX systems. Yealink is a global leader in providing enterprise communication and collaboration solutions, and Yeastar is a provider of SME PBX systems. DVCOM is showcasing Yealink’s latest UC solutions for businesses that include all-new audio and video solutions for Microsoft Teams which allow users to work seamlessly from anywhere. This includes the MeetingBar A20, an advanced all-in-one video device that integrates everything for orchestrating seamless video collaboration in huddle rooms; and the MVC400, a native and easy-to-use video conferencing solution. Visitors can experience an intelligent USB-wired headset, the UH36, that ensures clarity and convenience in every conversation. DVCOM is also displaying Yealink’s latest all-in-one IP phone solutions including the new-gen T4U series with dual USB ports, Ultra HD sound quality, and faster response speed; the T3 series, an ideal entry-level business IP phone for daily desktop voice communications; and the third generation video conferencing endpoint, the MeetingEye series.
Pandemic or not, GITEX 2020 is a must-attend
JIHAD TAYARA, CEO of Evoteq.
EVOTEQ showcases key projects at unmanned stand during GITEX 2020 EVOTEQ is showcasing key projects at the first unmanned stand in the UAE during its participation at GITEX Technology Week 2020. The move will highlight how digitalisation is enabling us to stay connected and seamlessly interact with each other even when we are physically distant. Apart from highlighting EVOTEQ’s increasing focus on innovation and digital transformation, the company’s unmanned stand at GITEX will draw attention to how these competitive advantages enable it to provide necessary solutions to support businesses and the public sector in limiting the spread of the virus. Thanks to its unparalleled expertise and know-how in the field of digital transformation, EVOTEQ remains equipped to help prospective clients continue operations and thrive despite the economic and market challenges, while also complying with the existing precautionary measures. Ever since its inception, EVOTEQ has been leading the creation of digitally empowered smarter societies by providing innovative and transformative digital solutions and platforms to both public and private sectors. The company’s capabilities extend well beyond technology implementation as the company has further established a strong footprint in the area of consultancy. In addition to providing state-ofthe-art technological solutions, EVOTEQ prepares businesses to be digitally ready to deal with most unexpected circumstances such as Covid-19.
For the past four decades, one of the biggest global and disruptive technology events GITEX, has been a constant in a world where nothing is. It is heartening to see that this has not changed even during a global pandemic. Most of 2020 has passed in a whirlwind of SUNIL PAUL, Managing Director, Finesse. emotions, fighting a pandemic that threw us off track and forced us to re-examine everything we knew about business. However, with GITEX scheduled from 6th to 10th December, there is a new sense of optimism in the air. GITEX, the region’s largest technology event, is expected to be the only global tech and startup show in the world in 2020 to go live and in-person, according to its organisers. There are a couple of reasons behind this decision. The primary one being Dubai was voted the safest city in the world to attend an exhibition, according to a survey conducted by Messe Frankfurt Middle East. The study showed that 77% of respondents viewed Dubai as the safest destination to attend an exhibition post Covid-19, followed by Germany, 41%, Saudi Arabia, 19%, France. 17%, and Italy. 15%. Another factor giving expected attendees further confidence is that the Dubai World Trade Centre, DWTC, venue was recently certified with the Bureau Veritas SafeGuard Label. Not to forget, DWTC has already successfully held Ai Everything x Restart Dubai Summer Conference in a hybrid model a few months ago, which was considered a grand success. Here we saw the event drawing hundreds of attendees, attending physically as well as streaming sessions live remotely. The annual show is not expected to be different from any other year except that we will have to adhere to all the safety precautions in place, don the mask and consider handshakes a relic of the past. In fact, if anything, it could be the biggest edition to date. In its landmark 40th year, the show is expected to explore groundbreaking pre- and post-pandemic technologies, host high-octane tech conferences and showcase futuristic pioneering innovations. Also, the organisers have decided to combine a number of other sister conferences, which usually run as standalone events, so along with the regular GITEX Technology week and GITEX Future Stars, attendees will have access to GISEC, Future Blockchain Summit and Marketing Mania during the five days. making it even bigger and grander than any previous editions. By Sunil Paul, Co-Founder and Managing Director at Finesse.
JA N U A R Y 2 0 21
MEA
19
GITEX 2020
Commvault showcases its Metallic Cloud Storage Service
WAEL MUSTAFA,
Area Vice-President for MESAT at Commvault.
Commvault is showcasing its recently launched Metallic Cloud Storage Service at GITEX 2020. Commvault is demonstrating the benefits of its new solutions as part of the GITEX Future Stars element of the event. The Metallic Cloud Storage Service is a fully integrated cloud storage target for Commvault Backup and Recovery software and HyperScale X appliance. Metallic Cloud Storage Service brings together technology from Commvault and Microsoft Azure for security and scale, with single pane of glass management through the Commvault Command Centre. Commvault also recently announced new offerings that provide customers enterprise-grade data protection for Kubernetes, in a consumption model that best meets their needs. The new Metallic VM and Kubernetes Backup solution joins Commvault’s Hedvig Distributed Storage Platform and Commvault Complete Data Protection to store, protect, and migrate containers in hybrid and multi-cloud environments. Metallic Cloud Storage Service with Commvault data management software goes beyond simplified cloud data management and reduced overhead to provide critical layered data security and resiliency against an ever-growing number of threats and vulnerabilities in hybrid cloud environments. For example, the FBI’s Cyber Division states the number of complaints about cyberattacks is as many as 4,000 a day, a 400% increase from what they were seeing pre-coronavirus.
THOMAS DIERINGER,
President for Europe Middle East and Africa, JAGGAER.
JAGGAER showcases latest tech for procurement teams JAGGAER recently celebrated 25 years of business with a newly refreshed brand, an upgraded website, is showcasing its latest technological developments and software launches to support procurement teams throughout the UAE and the wider Middle East region. JAGGAER is participating at the event under the Smart Dubai umbrella after their long-standing partnership with the Dubai Government Procurement Portal eSupply. The portal has subsequently provided suppliers with the opportunity to participate in transparent online bidding activities for contracts and tenders published by over 40 major Dubai Government entities. The implementation of the platform has reduced the processes required, increased engagement, and resulted in several best practices being adopted during the procurement process. As a result of introducing the platform, Government suppliers have increased, and created ease of communication. The system also promoted sustainability through the implementation of paperless tendering processes and contracts. The security credentials, processing power, connectivity, and time efficiencies within the evaluation process have all subsequently improved. JAGGAER now has over 70 customers in the Middle East connected to a global network of 4 million suppliers in 70 countries around the world. The company has experienced tremendous growth in the region and now has plans to expand its location and headcount.
20
MEA
JA N U A R Y 2 0 21
LG and Etisalat showcase AI-powered smart home For GITEX Technology Week 2020, LG Electronics has partnered with Etisalat to showcase the latest innovations in smart home technology which can create a seamless experience. At the LG ThinQ Smart Home within Etisalat’s booth, attendees are witnessing firsthand how a seamless, connected smart home can be achieved, harnessing the power of Etisalat’s Wi-Fi technology. LG’s experts are on hand to provide product demonstrations and show the technology in action, as it works to not only solve common challenges, but also anticipate and evolve in line with the user’s habits. Within its continuous R&D efforts, LG has identified an integral need to create products which deliver meaningful intelligence. Consumer research has shown that key purchasing influences typically include a desire to save, on energy consumption and cost, as well as demand for greater convenience. Common concerns around smart home technology include fear of investment due to products potentially becoming obsolete, as well as concerns around maintenance. Addressing these aspects head-on, LG’s smart home technology consists of an ever-growing portfolio of products, with seamless connectivity via multiple access points, as well as promoting an open platform and ongoing collaborations with fellow industry leaders to strengthen its offerings. LG ThinQ also evolves in accordance with user needs and provides recommendations for a more personalised experience. On showcase at GITEX is LG’s sleek 77-inch GX OLED TV, with a built-in α9 Gen3 AI Processor that leverages deep learning algorithms to recognise content type and optimise both audio and picture quality. The television’s interface also provides a Home Dashboard through which users can operate their smart home appliances using just their voice. For audio enthusiasts, the LG SN11R sound bar demonstrates AI Room Calibration –harnessing spatial awareness technology to measure the room’s unique characteristics and balance audio to suit the environment.
GITEX 2020
Epson showcases sustainable solutions that promote social distancing The Middle East market is now looking for technology that helps remote workers and students stay connected, observes Jason McMillan from Epson Middle East. Key products and solutions being presented on the stand or virtually.
Epson is showcasing its range of sustainable solutions for businesses and education that also support the current need for social distancing. Epson has seen a strong demand for its technology to help support new hybrid work and learning environments. The Middle East market is now looking for technology that helps remote workers and students stay connected, as well as being flexible, cost-effective, and eco-friendly. This year’s demonstration areas, Sustainable Solutions for Business and Smart Solutions for Education, will give a flavour for how technology can deliver both efficiency and cost savings, as well as support the growing demand for sustainability. This year’s demonstration area will highlight the benefits of Epson’s Heat-free business inkjet technology which enables its printer range to reduce energy consumption by up 95% compared to laser printers, reducing both cost and CO2 emissions. The lack of heat also means there is no warmup time needed, ensuring fast first page-out speeds and improving productivity. And fewer consumable parts mean less user intervention and fewer used consumables to store and dispose of. Key activities planned on the stand.
GITEX visitors, and businesses in the UAE and Middle East, must adapt to ensure they’re ready for the next wave of the sustainability revolution; this is the biggest opportunity for forward-thinking organisations, looking to make simple but high-impact changes. Among the solutions that are on display are workForce Enterprise and RIPS business inkjet printers; SureColor Large Format Printers for textile printing; EcoTank ink tank printers for consumer printing all equipped with a refillable ink tank; Moverio Smart Glasses, which allow for real-time collaboration between remote experts and onsite personnel; Interactive display solutions, which are designed to reduce an organisation’s environmental footprint and minimise power consumption, thanks to an energy-efficient basic design and power saving modes, leading to lower intervention; and Mobile Point of Sale solutions, which can save on energy costs. In education, Epson’s interactive display solutions for example, such as the Epson EB-1400 series, are smart solutions that can help bring a class together. To help teachers engage remote students in a lesson, Epson’s visualisers allow for the live projection of 3D objects. Schools and universities can also benefit from efficient, secure and sustainable printing with the WorkForce Enterprise and WorkForce Pro RIPS business inkjet printers. JASON MCMILLAN,
Sales Director, Epson Middle East.
ALAA BAWAB,
VP of Enterprise Networking, Huawei Middle East.
Huawei highlights synergy across connectivity, cloud, AI and computing Huawei has strengthened its commitment to the region’s technology ecosystem through GITEX 2020, says Alaa Bawab from Huawei Middle East. Key products and solutions being presented on the stand or virtually.
At GITEX Technology Week 2020, Huawei is collaborating with partners from around the world to showcase how governments and organisations in the Middle East can create new value through synergy across five tech domains. As this year’s 5G Innovation Partner, Huawei has strengthened its commitment to the region’s technology ecosystem by confirming its largest ever GITEX Technology Week presence at the 40th anniversary edition of the event. As 5G has been rolled out at scale in the region and worldwide, Huawei believes that connectivity, cloud, AI, computing, and industry applications are now truly coming together to create unprecedented opportunities for society. Huawei is thus focusing on applying ICT technologies to more industries through scenario-specific solutions that help enterprises to enhance their business, and governments to achieve strategic goals related to domestic productivity and improving overall governance. Huawei will be demonstrating these new technologies, along with its current and future-oriented applications that the company has developed with its global partners for customers in government, energy, transportation, finance, and more. Participating channel partners on the stand.
Under the slogan of New Value Together, Huawei’s GITEX exhibition is proudly supported by Enterprise Systems, Gulf Applications, Redington, Al Rostamani Communications, Foresight Technology, SecureTech and Reviei Technologies. Key activities planned on the stand.
At GITEX this year, Huawei is highlighting how the synergy across connectivity, cloud, AI, computing, and industry applications will create unprecedented opportunities for organisations in the Middle East. Huawei’s regional leadership team is also participating in multiple GITEX conference tracks. During these sessions, the company will share best practices in helping to build smart enterprises, campuses, and cities, leveraging its depth of industry know-how and experience in more than 170 countries worldwide.
JA N U A R Y 2 0 21
MEA
21
GITEX 2020
Crown Prince of Dubai greeted through Avaya Spaces at GITEX 2020 His Highness Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum, Crown Prince of Dubai, was greeted by participants from 150 cities through the Avaya Spaces workstream collaboration at GITEX Technology Week 2020. At the 40th edition of GITEX Technology Week, Avaya is focused on communication technologies that address the needs of the new world of work. Avaya is using its presence to host businesses from 150 countries
through a series of virtual conference sessions hosted from its stand. The sessions will demonstrate a range of new technologies that infuse AI and big data into digital-first customer and employee experiences. At the heart of Avaya’s presence at GITEX is Avaya OneCloud, a unique hybrid delivery architecture that protects investments, prevents disruption, and ensures multi-experience continuity across each phase of a personalised cloud journey.
Kramer Electronics debuts in the UAE, launches AV solutions
Kramer is launching its innovative solutions for the first time in the GCC countries. Headquartered in Israel, the technology giant specialises in Pro AV solutions with offices in more than 30 countries that are currently serving more than 100 countries. Kramer has entered into a landmark distribution agreement with Abcom Distribution, a provider of customised business technology distribution specialised in the field of Audio-Visuals who will represent Kramer exclusively in the UAE. This deal follows the Israel-United Arab Emirates normalisation agreement, which was signed in September 2020. Prior to this, all trade, travel and even telephone communication between the two countries was restricted. UAE’s openness to Israeli trade and technology innovation is a historical breakthrough and Kramer is proud to be at its forefront. Kramer has found a robust partner in Abcom, who has embraced their vision to become a major player in the booming technology industry of the UAE. Visitors to GITEX Technology Week will be amongst the first to be able to experience Kramer’s extensive range of business continuity solutions for the corporate and education markets and mission critical infrastructure for command and control environments. Kramer has been the pioneer and leader of the Pro AV industry for four decades, creating solutions that blend cutting-edge cloud technologies, advanced software, and time-tested hardware. Most recently this innovation has included pioneering methods of delivering AV over IP, simplified scaling, and extension solutions with products such as the KIT-400 and wireless presentation and collaboration advances through the VIA range.
22
MEA
JA N U A R Y 2 0 21
The solutions are being demonstrated as the outstanding city of Dubai continues its march towards becoming the world’s remote work capital. Supporting this march, and enabling international talent to thrive across the city, Avaya is showcasing the capabilities of Avaya Spaces, an all-in-one workstream collaboration platform for the digital workplace that changes the way work gets done in nearly 100 countries. Avaya is also working with Dubai World Trade Centre, the organiser of GITEX Technology Week, to enable live online conferences through Avaya Spaces.
marketing@asbisme.ae
GITEX 2020
Snapshots from GITEX 2020
The 40th GITEX Technology Week successfully united international technology visionaries, industry innovators and global investors as the tech world finally resumed in-person interaction at Dubai World Trade. The event showcased the diversity of the global technology industry with participation from over 60 countries, while hosting pavilions from some of the world’s most innovative technological nations. Here is a random sampling of what went on at GITEX 2020.
GITEX 2020
GITEX 2020
GITEX 2020
GEC AWARDS
GEC Media pays tribute to frontline w On December 6, at the V Hotel in Habtoor City, GEC Media Group paid homage to our unsung heroes. Frontline workers are a key reason why the wheels of global economy are continuing to spin, despite the pandemic. These are the people who are making things happen, across industries and sectors. GEC Media Group proudly honoured them and highlighted their contribution over an evening filled with awards and entertainment. This was also GEC’s first hybrid event, held in-person as well as streamed online and made available all over the world. Currently in its 7th edition, the GEC Awards 2020 recognised over 42 regional technology channel players who have brought innovative solutions to the table and helped customers sail through this pandemic. The compere was the evening was Karan. The event started with welcome notes by Ronak Samantaray, CEO, GEC Media Group; Anushree Dixit, Global Head Content and Strategic Alliance, GEC Media Group; and Arun Shankar, Editor, GEC Media Group. This gave way to the first set of awards, for Top Distributor. And the winners were… AWARD CATEGORY
SUB CATEGORY
ORGANISATION
TOP DISTRIBUTOR
Data Center Solutions
Malco Technologies
TOP DISTRIBUTOR
Infrastructure
Ingram Micro
TOP DISTRIBUTOR
Specialized Cyber Security Solutions
EMT Distribution
TOP DISTRIBUTOR
Network Security
Spectrami
TOP DISTRIBUTOR
Channel Enablement
VAD Technologies
TOP DISTRIBUTOR
Daa Management
StorIT Distribution
TOP DISTRIBUTOR
PC & Compute
Asbis Middle East
TOP DISTRIBUTOR
Cloud
Redington Value
TOP PARTNER
Workforce Reskilling
Spectrum Networks
TOP DISTRIBUTOR
Unified Storage
Data care LLC
TOP DISTRIBUTOR
Security
StarLink
TOP DISTRIBUTOR
Enterprise Security
Spire Solutions
TOP DISTRIBUTOR
Network Optmization
SECURENET
TOP DISTRIBUTOR
VAD of the Year
Mindware
The first set of awards were followed by an entertaining game of acting out the word, an inspiring video compilation highlighting the critical role frontline workers are playing, followed by an enthralling dance session.
GEC AWARDS
e workers at dazzling awards ceremony Next up, was the second set of awards, given in the Top Reseller category. The winners were… AWARD CATEGORY
SUB CATEGORY
ORGANISATION
TOP RESELLER
Security
RNS Technologies
TOP RESELLER
Digital Forensics
DIFOSE LLC
TOP SI
MANAGED SERVICES
MIDIS SI
TOP SI
IT Infrastructure
BITS Secure IT Infrastructure
Top BT Solution
Storage
Synology Inc.
Top Business Transformation Initiative
Healthcare
Zulekha Hospitals
Top Business Transformation Initiative
Green Data Center
Moro Hub
The awards evening was interspersed with video compilations of frontline workers and the role they are playing in helping organisations survive this pandemic. CxOs from various organisations thanked them ardently, and highlighted the human, and humane, aspect of their contribution.
The third set of awards were in the Top Vendor category. AWARD CATEGORY
SUB CATEGORY
ORGANISATION
TOP VENDOR
Networking
Aruba, a Hewlett Packard Enterprise company
TOP VENDOR
Enterprise Solutions
Zebra Technologies
TOP VENDOR
Endpoint Security
Cybereason
TOP VENDOR
Email Security
Keepnet Labs LTD
TOP VENDOR
Flash Storage
Pure Storage
TOP VENDOR
Enterprise Communications
TalariaX Pte Ltd
TOP VENDOR
SD-WAN
Riverbed
TOP VENDOR
Data Management Solutions
Commvault
TOP VENDOR
DNS Security
Infoblox
TOP VENDOR
Hyper Converged Infrastructure
Nutanix
TOP VENDOR
Secure Identity Solutions
ARCON Techsolutions Pvt Ltd.
TOP VENDOR
Enterprise Solutions
Veeam Software
TOP VENDOR -AI
Multi-Cloud
Juniper Networks
TOP VENDOR
Hybrid Cloud
Netapp
TOP VENDOR
Cyber Security
SonicWall
The break after these awards was literally full of laugher. The compere called on stage four participants who had to mimic the laugher of a character from a popular Bollywood film. This gave way to dancers from the USA, which also happened to be the last dance of the evening.
Next up, was the second set of awards, given in the Top Reseller category. The winners were… AWARD CATEGORY
SUB CATEGORY
ORGANISATION
TOP VENDOR
Network Security
Sophos
TOP VENDOR
Enterprise Security
Pulse Secure
TOP VENDOR
Privileged Access Management
BeyondTrust
TOP VENDOR
Data Protection
Veritas
Top Vendor
Memory Solutions
Toshiba
TOP VENDOR
Digital Transformation
Dell Technologies
The evening wrapped up with an award for the best dressed lady and gentleman, a group picture, followed by dinner and networking.
GEC AWARDS
GEC AWARDS
The Workplace of the Future with the WINDOWS COLLABORATION DISPLAY from SHARP Embedded 4K Camera (120 degrees FOV) and Array Microphone X 4
Capacitive Multi-touch Display with Direct Bonding
Built-in IOT sensors for smart space management solutions*
Front control buttons discretely located for easy accessibility.
As businesses reopen, teams today will be ‘working remotely’ and ‘in-office’ and have a higher expectation for better connectivity & collaboration. Joining a meeting in seconds with both video & audio available for in-room & remote attendees is the need of the hour. Sharp understands this need and have launched the world’s first certified Windows collaboration display (PN-CD701) that finds the perfect fit in the workplace of the future. * The availability of cloud service varies by country/region
IoT connectivity
Advanced specifications
Teamwork centric design
8m High speed, High bandwidth
USB Type C Cable
Features effortless wireless device sharing from major platforms. Touch back available on Windows 10 & Android devices 70" Class (69.5" diagonal) Interactive Display System | 4K Ultra-HD UV2A Edge Lit LCD Screen | Projected Capacitive Touch Screen | 10-Point Multi-Touch Screen | Bundled high performance 8m USB Type C Cable for charging laptops, touch, video, audio and network signals | Modular 4K Camera with Microphone Array x 4 | IoT Sensor Hub with Motion, Light, Temperature/humidity & Air Quality Detection
REQUEST FOR A LIVE DEMO
www.sharpwcd.com
SHARP Middle East FZE P.O.Box 17115 Dubai, Jebel Ali Free Zone, United Arab Emirates, Phone: +971 4 8815311 Fax:+971 4 8816692, e-Mail: bsdmarketing@smef.sharp-world.com
COVER STORY
THE WORLD CIO 200 ROADSHOW
CIO LEADERSHIP WORLD’s BIGGEST
EXCELLENCE AWARDS
COVER STORY
DR ERDAL OZKAYA,
Standard Chartered Bank
MOHAMMED TAMIMI, Rubrik
SAMIR CHOPRA,
RNS Technology Services
SOURAV SINHA, Indigo Airlines
RAJESH CHANDRAMOHAN,
YOUSEF MOHAMMAD MHANA,
EKTAA SIBAL,
ALIASGAR BOHARI,
Tamimi Markets
Inner Transformation Expert
MANOJ SAXENA,
RosettaNet Singapore
DR SEKAR JAGANATHAN, Kenanga Investment Bank
34
Pure Storage
Zulekha Hospitals
LOH SIN YONG, IMDA.
ASHOKRAJ VADIVELU, Intelizest Consulting
MEA
NIKHIL NIGAM,
Amity Education Group
SAIFUL BAKHTIAR OSMAN,
Malaysian Aviation Commission
ABDUL REHMAN TARIQ BUTT, Pulse Secure
ASHISH KHANNA,
Oberoi Hotels and Resorts
BHASKAR VETRIMANI, Lingaro
MATTHEW BURNS, Seeburger
JA N U A R Y 2 0 21
SADIQ ROWTHER, Levi Strauss
ABDUL RAHIM AHMAD, SECP
DR JASSIM HAJI,
AI Society Bahrain
ADAM LALANI,
Westminster City Council
DR SANJAY TYAGI, MeitY, Govt of India
NISHCHAY CHADHA, Ace Recycling
UJJAL KUMAR,
ALADDIN SAQER,
AG&P Manila
McDonald’s
VENKATESH MAHADEVAN, Dubai Investments
HORST W GONSKA,
Evidence-Based Interaction
KHALID JALAL, GARMCO
SAKET SARDA, C2FO
NITHYANANDAN Anthony, SealNet
MOHAMMED MAHNASHI, ICT Consultant
DR ZAHRA RASHID AL RAWAHI,
ABDULLAH ALBAZ, Pure Storage
ABDELMAJED FADOL,
NE
DR EMMANUEL GOFFI,
AR
Medgulf Saudi
Ministry of Higher Education, Oman
Observatory of Ethics and AI
PIYUSH CHOWHAN,
IFTIKHAR ARIF,
Lulu Group
Muller and Phillips
MANJU JALALI,
WINNIE REBANCOS,
THIRUMAL RAJ,
NG CHEE KEONG,
GLOBALFOUNDRIES
Elite Digital Logistics
Coca-Cola
GeTS Asia
In
Emira
DR
OL,
COVER STORY
VINAY SHARMA,
JULIANA CHUA,
Gulftainer
NELSON DA SEGLAH, Halges
Essilor
Liberty Insurance
RAMESH MUNAMARTY, NTUC Enterprise
ETHEL COFIE,
EDEL Technology Consulting
OSMAN NASIR,
SAHIBZADA ALI MAHMUD,
International Economics Consulting
SHAH-EROOM KHAN,
Emirates College of Technology
DR MOHAMMED KHALED,
Pakistan Software Export Board
ANDREWBRYANT,
Self Leadership International
AMJAD BOKA, Pure Storage
ABUBAKAR ARSHAD, BNET
Khyber Pakhtunkhwa Information Technology Board
WILL ALEXANDER, Benevis
SUNANDO CHAUDHURI, ADNEC
ROGER LEE,
Singapore Institute of Materials Management
FAISAL ANWAR,
SAMER SEMAAN, Pure Storage
FAISIL SYED, SEHA
SANTOSH NAIR, Siemens
Pulse Secure
Tata Starbucks
Marketing and Fintech Professional
United Bank Limited
MOHAMMAD AMIN SOODY,
ANIL MENON,
MARIAM A-BUAHIN,
Ghana Deposit Protection Corporation
ARVIND KUREEMAN,
Abu Dhabi Government
DR SAMUEL SENYO OKAE,
NIRUPAM DAS,
WISSAM AL ADANY, Ghabbour Auto
MUBASHIR AMJAD HUSSAIN,
Toyota Indus Motor
Himalayan Institute of Alternatives
THARWAT SOLIMAN, Audio Technology
RICHARD FARMER, MitchelLake Group
OCS Group India
FAIZAN ALI MUSTAFA,
IBL Group
GITANJALI JP,
ANAND SINHA,
DR DEEP BALI, Boma India
LT COLONEL DR HAMAD KHALIFA AL NUEIMI, Abu Dhabi Police GHQ
OTEMA YIRENKYI, PMI Africa
SYED ABU TUFAIL,
Habib Metropolitan Bank
SYED ASIF SHAH,
Central Depository Company of Pakistan
FABIA TETTEROO-BUENO, Philips Latin America
KHUONG TRAN, TTC Sugar
SAKET GORE,
The Himalaya Drug Company
JA N U A R Y 2 0 21
MEA
35
COVER STORY
The World CIO 200 2020 Roadshow
sweeps through APAC region
After touring Qatar, Saudi Arabia, Bahrain and Kuwait, the World CIO 200 Roadshow 2020 moved to the APAC region. This edition of the roadshow unfolded on December 3 in a virtual convention and brought together digital leaders in the region. It was organised by the Global CIO Forum and supported by IMDA and Rosettanet Singapore GS1 digital standard consortium. Event partners were Lingaro, C2FO and Techneplus. Also supporting the event were SealNet, Global eTrade Services, Seeburger, OpenText and Intelizest.
ABOUT THE APAC EDITION
The opening note was by Malavika Shanker, President GEC Media Group, who welcomed the CIO community across the APAC region. She handed the stage over to Manoj Saxena, Chairman, RosettaNet Singapore GS1 digital standards consortium. He is also a member of the Global Advisory Board, Global CIO Forum. Saxena presented the CIO Research Insights 2020, which is a part of Global CIO Forum’s continued efforts to reinforce the vision of One industry, One Voice. This research has a technology 360-degree approach. Outcomes are key as they will bring leaders together to create industry framework. The research will help the industry and technology leaders to assess the level of maturity and readiness on where they stand, the risks of being left behind and guide them build a customer centric roadmap specific to their industry and geography to stay competitive. The research outcomes will be used to deliver actionable programs by technology thought-leaders and consortiums globally through webinars, round-table discussions, training programs, etc. Next up was Loh Sin Yong, Director, Trade Sectoral Transformation Group Infocomm Media Development Authority. He talked on the topic of Trade – Adapting to Present and Future Challenges, by IMDA. He discussed cross border issues, digital standards, new technologies that are prevailing, blockchain as a trusted service, and how governments are playing part in creating standards. The next presentation was by Bhaskar Vetrimani, Head, Business Development, APAC, Lingaro, a disruptive innovator in data and analytics, and a professional services company helping clients succeed in the data-driven world. Dr Sanjay Tyagi, Ministry of Electronics and Information Technology, Government Of India then delivered a keynote on Startup Ecosystem and STPI Focus in India; contribution to India’s digital push in terms of supporting startup ecosystem and establishing centre of excellence in fintech in a collaborative environment at Chennai. Up next was Saket Sarda, Head Enterprise Sales, C2FO, who took up the topic of Digital Working Capital Transformation: Unlocking value and insights of your Supply Chain. C2FO is the world’s largest marketplace for working capital and works with more than 250 enterprise corporates worldwide. The presentations gave way to an engrossing panel discussion on the topic of Digital Trends in Trade and Sustainability Financing. It was moderated by Manoj Saxena, Chairman, RosettaNet Singapore GS1 digital standards consortium. Panellists included Dr Sekar Jaganathan, Director, Digital Strategy, Kenanga Investment Bank; Ashokraj Vadivelu, CEO, Intelizest Consulting; Matthew Burns, Senior Business Development Manager, Seeburger; and Nishchay Chadha, CEO, Ace Recycling. After the panel discussion, Manju Jalali, VP and CIO IMIT, GLOBALFOUNDRIES presented a case study on digital twins, a success story. How planning and adaptability helps in managing crisis like Covid pandemic and safeguard business processes. This was followed by a panel discussion on Cross Border Supply Chain, Logistics and Digital Standards. It was moderated by Manoj Saxena. Panellists included Nithyanandan Anthony, Chief Solutions Officer, SealNet; Thirumal Raj, Group IT Director, Elite Digital Logistics; NG Chee Keong, Vice President, GeTS Asia; and Vinay Sharma, Group IT Director, Gulftainer. After the panel discussion, Winnie Rebancos, Chief Information Officer, Coca-Cola Beverages Philippines, presented her case study on success story of employee engagement and a culture of empathy and well- being. This way gave to an engaging panel discussion on Leadership, Culture and New Ways of Working. It was moderated by Malavika Shanker and panellists included Juliana Chua, Regional Director and Head, Digital Transformation, Essilor; Nirupam Das, Director Global Digital Transformation, Liberty Insurance; Ramesh Munamarty, Group CIO, NTUC Enterprise; and Anil Menon, General Manager IT Innovation, Tata Starbucks. The panel discussion concluded with a rapid fire round.
STOPOVER IN PAKISTAN
The penultimate leg of the CIO 200 2020 Roadshow unfolded in Pakistan. Loco Services was the Country Partner and this was the second year the roadshow toured Pakistan. Pakistan is emerging as a significant force in the technology space. The global share of Pakistan´s IT industry is estimated at $2.8 billion, including global sales revenue of $1.6 billion. According to ITCN Asia, Pakistan is rapidly becoming the destination of choice for a significant number of international IT and ITeS companies looking to relocate their operations offshore. The ready availability of skilled professionals, an appropriate IT infrastructure, and affordable rates for connectivity result in considerable time and cost-savings for entrepreneurs. Loco Services took the initiative for the encouragement and recognition of Pakistan’s Chief Information Officers at an international level. Bringing the World CIO 200 Summit to the country was a great opportunity to promote the tech side of Pakistan and provide CIOs the platform to showcase their achievements.
36
MEA
JA N U A R Y 2 0 21
COVER STORY
The World CIO 200 2020 Roadshow Goes On An African Tour
After touring the Middle East and APAC regions, the World CIO 200 Roadshow 2020 reached Africa on December 4. This edition of the roadshow unfolded in a virtual convention and brought together digital leaders in the region.
KEY TAKEAWAYS FROM THE AFRICA EDITION
The Africa edition included presentations by regional experts as well as an engaging panel discussion. The sessions resulted in some interesting insights and takeaways. l People and their knowledge are an organisation’s most valuable assets. To transform human leadership, the leader must possess skills such as innovative mindset, creativity, humility and authenticity, be strategic and purposeful, to mention a few. Investing in upskilling of people is a key component of digital transformation for any organisation. Making your leaders agile is the way to human leadership transformation. l Technology transformation requires strong leadership to drive change. But it also requires a vision for what parts of the company you want to transform. Companies in all industries and regions are experimenting with — and benefiting from — technology transformation. Whether it is in the way individuals work and collaborate, the way business processes are executed within and across organisational boundaries, or in the way a company understands and serves customers, digital technology provides a wealth of opportunities. l Essentially preparing the leadership mindset to embrace digital transformation will be a determining factor in the pace at which organizations will transform. We are in the age of technology, AI, crypto currency, blockchain, automation and a lot will be expected in these area for transformation in 2021 post pandemic.
THE AGENDA AND SPEAKERS
The opening keynote was delivered by Kwaku A Ofosuhene, Head of Operation, GEC Media Group (West Africa). He handed the stage over to Mohammad Amin Soody, Territory Sales Manager, MEA, Pulse Secure who talked about secure access solutions and business continuities. Next, Otema Yirenkyi – Vice President, Global Engagement PMI Africa region delivered a presentation titled, 2021 – Outlook on Human Leadership Transformation; followed by the 2021, Outlook on Technology Transformation presentation by Dr Samuel Senyo Okae, Head of IT, The Ghana Deposit Protection Corporation. It was then time for a cross-border panel on the topic, Leadership in the post-pandemic world: the outlook of technology in Africa. The panelists were Mariam A-Buahin, Brand, Marketing and Fintech Professional from Ghana; Wissam Al Adany, Chief Information Officer, Ghabbour Auto from Egypt; Anand Sinha, CIO & Director IT – OCS Group from India; and Arvind Kureeman, Senior Analytics Manager – International Economics Consulting from Mauritius. After an engaging panel discussion, it was time for 2021- Outlook on Business Transformation talk, presented by Nelson Da Seglah – Chief Enabling Officer, Halges; followed by 2021 – Outlook on Human Leadership and Technology Transformation presentation by Ethel Cofie – CEO and Founder of EDEL Technology Consulting. The Africa session concluded with the CIO 200 Country Awards.
JA N U A R Y 2 0 21
MEA
37
COVER STORY
The World CIO 200 2020 Roadshow concludes with a power-packed finale
Over a month and 26 countries later, the World CIO 200 2020 Roadshow culminated in a grand finale on December 14. It brought together some of the biggest names in technology, and included a series of insightful presentations and incisive panel discussions. Organised by the Global CIO Forum, GCF, the event engaged 2000+ CIOs and over 3200 C-level execs, while bringing in audiences from all over the world, and reflected the global reach of GCF. It also highlighted the fact that the global community of CIOs stands united in dealing with the Covid-crisis that is impacting everyone. The roadshow was flagged off on November 23, in Qatar, and made its way around the world in the following weeks, with stopover in Saudi Arabia, Kuwait, the APAC region and Pakistan.
CONCLUDES WITH A POWER-PACKED FINALE In keeping with the new normal, the presentations and panel discussions unfolded in a virtual convention centre that simulated features you would expect from a real convention centre. Participants could browse through sponsor booths, expo halls, networking lounges, hall of fame, visit the main auditorium where live sessions were hosted, or indulge in fun activities such as embarking on a treasure hunt or getting their images clicked at a photo booth. Another refreshing feature, which was also critically praised, were the cross-border panels that brought together panelists from four different countries, including one from the host country. This ensured that a diverse range of perspectives were available for audiences to absorb and learn from.
BOTS 3.0
The World CIO 200 roadshow finale is also marked by the release of BOTS, the Book of Titans, that features CIOs who have executed exemplary projects during the year. This year, BOTS 3.0 features projects that fulfilled the demands of the pandemic-driven workforce, enabled remotely working employees, access to data anywhere, and much more. The handbook features 200 CIOs whose projects stood out from over 2000 nominations from 26 countries for the sheer sense of urgency that they showed in bringing in the right solutions at the right time. In short, BOTS is not only about the highest-valued projects or projects that involved complex decision making and multiple stakeholders. This year’s BOTS is all about the simplest of the projects that made a difference to the organisation during this tough time.
THE AWARDS
CIOs from organisations in the UAE, who have been the catalyst in bringing about change in this challenging year, were honoured with CIO 200 Country Awards. The winners also received blockchain certificates. Similarly, the #DXInspire 2020 Awards recognised 20 path-breaking organisations that have redefined digital transformation to its core.
38
MEA
JA N U A R Y 2 0 21
14 DECEMBER, 2020
WORLD’s BIGGEST CIO LEADERSHIP EXCELLENCE AWARDS
GRAND FINALE SPEAKERS
MANOJ SAXENA
Chairman, RosettaNet Singapore GS1, Global Advisory Board, Global CIO Forum
DR. DEEP BALI
Chairman & Co-founder Recalibrate | CEO & Co-founder Boma India
EKTAA SIBAL
International Speaker & Counselor Inner - Self Transformation Specialist
KHUONG TRAN
FABIA TETTEROO-BUENO
Senior Vice President and General Manager Philips Latin America
SAMER SEMAAN
CIO, Benevis
ANDREW BRYANT
Channel Manager Middle East, Pure Storage
Founder of Self Leadership International.
DR. MOHAMMED KHALED
THARWAT SOLIMAN
Abu Dhabi Government
ABUBAKAR ARSHAD
CIO, TTC sugar
Director of Cybersecurity, BNET
VENKATESH MAHADEVAN
MALAVIKA SHANKER
CIO, Dubai Investment & Founder of ZENPod
WILL ALEXANDER
President GEC Media Group
SUNANDO CHAUDHURI Senior Information Technology Advisor ADNEC
IT Manager, Audio Technology
SANTOSH NAIR
Regional Head of IT User Engagement & Partner Management, (Asia Pacific, Middle East & Africa), Siemens
SAMIR CHOPRA
CEO & Founder RNS Technology Services
FAISAL SYED
Digital Transformation Project Manager SEHA
ROGER LEE
GITANJALI JP
Director of the Singapore Institute of Materials Management and the Vice Chairman of the Asia Pacific Logistics Federation
Founding CEO, Himalayan Institute of Alternatives
ANUSHREE DIXIT
DR ERDAL OZKAYA
Global Head - Content and strategic Alliances
Regional CISO, Standard Chartered Bank UAE
RONAK SAMANTARAY
LT.COLONEL. DR.HAMAD KHALIFA AL NUEIMI,
CO-FOUNDER, GLOBAL CIO FORUM CEO, GEC MEDIA GROUP
RICHARD FARMER
“Partner, The MitchelLake Group”
ABDUL REHMAN TARIQ BUTT, Regional Sales Director Pulse Secure
ARUN SHANKAR Moderator, Editor GEC Media Group
“Head of Telecom Division, Infrastructure Dept.ICT Center, Abu Dhabi Police GHQ”
SAKET GORE
CEO, APAC, The Himalaya Drug Company
AMJAD BOKA
Senior Systems Engineer Pure Storage
COVER STORY
THE PARTNERS Apart from a global community of CIOs, the roadshow was supported by a roster of partners that included Dell Technologies, Mindware, Pure Storage, Juniper Networks, Finesse, Rubrik, Rittal ME, Exclusive Networks, RNS Technology Services, Malco Technologies, F5, Pulse Secure, Veritas, MDS, Infocomm Media Development Authority, Rosettanet Singapore, Bahrain Shura Council, Strategic Plus, AI Society Bahrain, Ghana Chamber of Technology, Women in Tech Africa, Seaburger Business Integration, SealNet, GETS, Techneplus, Ministry of Higher Education Research and Innovation, GEO News, Intellizest, Open Text, Singapore Indian Chamber of Commerce and Industry, Lingaro, C2F0, Pakistan Software Export Board, Ministry of Information Technology and Telecommunication Pakistan.
COMING UP IN 2021
Global CIO Forum also announced a slew of exciting initiatives for 2021. Some of the upcoming offerings are: l GCF Recognition & Reward Programme: GCF members now can commemorate and celebrate notable events and outstanding achievements with custom awards, badges and certificates with each other. Each badge even includes a printable certificate along with globally redeemable points. l Impact Awards Programme: The GCF Impact Awards recognise the outstanding contributions of GCF members. l Thought Leadership Councils: Bringing together global leadership coaches & leaders to do “brain trust” to problem-solve the challenges we all share in our roles every day & prepare ourself for future business leaders. l Mentorship Programme: The Mentorship Programme, free to all Global CIO Forum members and their direct reports, continues to demonstrate our dedication to growing and supporting current and emerging IT leaders. l GCF VirtualSummit: CIO Connect is a virtual roundtable exchange of ideas that promotes learning as well as networking. l Events: GCF continues to serve members with virtual education and networking opportunities, until it is safe to meet in person. l Local Chapters: Chapters continue to offer both education and networking opportunities during this challenging time. Connect with your local leadership team. l CISO Division: The CISO Division is a forum where CISO’s can network, share ideas, offer CISO support and learn from each other.
40
MEA
JA N U A R Y 2 0 21
COVER STORY
Winners of the CIO 200 2020 Country Awards
In December, the World CIO 200 2020 Roadshow toured APAC, Africa and Pakistan. It then concluded on December 14, with a grand finale in the UAE. At the end of each event, the CIO 200 2020 Country Awards were announced. These were given to CIOs who have been the catalyst in bringing about change in this challenging year. The winners also received blockchain certificates. They were divided into four categories.
Legend CIO: Lifetime achievement awards. Master CIO: Experience of more than 15-20 years and unparalleled technological experience in a career life span. Leader CIO: Experience of 10-15 years and multiple domain expertise. Next-gen CIO: Experience of 5-10 years or less and undertaken mammoth projects in a less span of time.
JA N U A R Y 2 0 21
MEA
41
COVER STORY
42
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
43
COVER STORY
44
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
45
COVER STORY
46
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
47
COVER STORY
48
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
49
COVER STORY
50
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
51
ADVERTORIAL
IS YOUR ORGANISATION READY FOR POST-COVID DATA PROTECTION?
R
ecent research has shown that 97% of decision-makers have claimed that the Covid-19 crisis has accelerated their digital transformation. Stores have shifted to online ordering and delivery as their primary business. Schools have completely pivoted to digital classrooms and distance learning. All of these initiatives resulted in a common ground, producing a lot of digital data. Meanwhile, there’s evidence showing that remote working increases the risk of ransomware attacks significantly. In the MENA region, for example, the notorious Thanos Ransomware has been targeting state-run organisations in the Middle East and North Africa, the ransom requests the victim to transfer $20,000 into a specified Bitcoin wallet to restore the files on the system. However, paying the ransom does not guarantee the data is as intact as before. The best precaution is to essentially have a cohesive backup strategy in place to ensure your business can return to normal should a ransomware
52
MEA
JA N U A R Y 2 0 21
attack or a data loss disaster occur. However, according to Bitglass Report, 41% of the organisations confessed that they do not have a functioning IT infrastructure ready for the post-Covid workplace, and 50% admitted that finding the proper equipment and solution are their biggest obstacles. Decision-makers often face a dilemma on making choices with the pressure of proving ROI as companies are often constrained by limited resources. Manpower and subscription costs are considered as the two biggest pain points when it comes to implementing a backup practice. Studies found that organisations use an average of 4.1 backup solutions, meaning IT admins need to spend excessive time and effort to accommodate different solutions provided by different vendors. Furthermore, the recurring subscription cost and maintenance fee accumulated by separate providers could result in a considerable expense. Synology Active Backup Suite is a solution that could best optimise companies’ investment
by resolving the mentioned pain points. In the following section, we take a closer look at the key components that make Active Backup Suite an ideal backup solution for businesses.
CENTRALISED MANAGEMENT MADE DEPLOYMENT EASY Synology Active Backup solution is perfectly built for the existing business IT environment by integrating seamlessly into mainstream vendor systems and networking architectures. It supports and consolidates backup tasks for most commonly used protocols and platforms such as SMB and Rsync server, Windows endpoints, VM on vSphere and Hyper-V, to SaaS applications – Microsoft 365, and G Suite. With this simple and centralised management system, IT admins no longer have to worry about failing to take care of any latest updates, nor do they have to constantly juggle between different windows when monitoring backup tasks. Take UNESCO for an example,
ADVERTORIAL
it is an international organisation with 70 field offices spanning around the world. The organisation was challenged to standardise its IT solutions and was seeking a reliable, secure, and easy-to-deploy solution that can work seamlessly with its existing infrastructure. After learning Synology could suits their multiple needs and are much more cost-effective compared to other competitors, UNESCO uses a Synology NAS to back up 50 PCs and servers. With Active Backup for Business, they can now centralise and manage all their backup tasks from one simple console. The organisation is now powered with a reliable and secure solution to manage their data all over the world.
MAXIMISE STORAGE EFFICIENCY While more backups might lead to challenges with storage capacity as data continues to increase. What we are offering with our backup solution is Global deduplication technology
that can help reduce storage consumption. For instance, SHISEIDO Taiwan has implemented the Active Backup for business to backup 500 employees’ desktop and up to 600GB daily changed data. Our global deduplication technology has helped effectively delete duplicate data and efficiently save 52% storage space by only taking up 28TB out of the total 58TB on the server. Synology Active Backup for Business enables you to greatly reduce backup time and enhance storage usage efficiency while achieving full data protection.
LOW TCO BY STREAMLINING ACQUISITION AND TECHNICAL SUPPORT Many companies nowadays are still inclined to purchase their storage servers and backup software separately when setting up their IT infrastructure. Apart from the separate hardware and software purchase, long-term main-
tenance costs and recurring license fees may result in high TCO (total cost of ownership). With Synology NAS and the Active Backup Suite, it seamlessly complements hardware with software by providing an integrated backup and recovery appliance-without any occurring license fees. This turnkey solution centralises your data administration and streamlines acquisition, deployment, and technical support. To sum up, an all-in-one consolidated backup solution that meets the above demands and essentials is highly recommended for business continuity in the post-Covid world. Active Backup Suite is an integrated and modernised backup solution that will benefit budget-constrained businesses with just a oneoff hardware cost. With the one-time purchase and one-stop support, Active Backup solution not only decreases the time and expense of procurement, but it also allows end-users to have lower management effort and learning curve of the deployment. ĂŤ
JA N U A R Y 2 0 21
MEA
53
COVER STORY
54
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
55
COVER STORY
56
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
57
COVER STORY
58
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
59
COVER STORY
60
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
61
COVER STORY
62
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
63
COVER STORY
64
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
65
COVER STORY
68
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
69
COVER STORY
20 organisations honoured with
2020 Awards
Digital transformation does not mean only the technological transformation that an organisation embarks upon. When an organisation, including all its departments, walks towards a single goal by unifying all its people and processes, that is when it truly realises the potential of a digital organisations. During the grand finale of the World CIO 200 Roadshow, organised by Global CIO Forum on December 14, the #DXInspire 2020 Awards recognised 20 path-breaking organisations that have redefined digital transformation to its core.
70
MEA
JA N U A R Y 2 0 21
COVER STORY
JA N U A R Y 2 0 21
MEA
71
SPECIAL REPORT
WILL THIS BE THE YEAR OF RECOVERY? With the regional IT industry transforming to stabilize disrupted markets and economies, twenty plus executives share their vision for the year ahead.
l Abboud Ghanem, Alteryx l Ty Amell, AppDynamics l Morey Haber, Beyond Trust l Brian Chappell, Beyond Trust l Karl Lankford, Beyond Trust l Sarah Whipp, Callsign l Savitha Bhaskar, Condo Protego l Yonatan Striem-Amit, Israel Barak, Cybereason l George Brough, Evolvant l Mohammed AbuKhater, F5 l Soma Somasundaram, Infor l Alexander Moiseev, Kaspersky l Rajesh Ganesan, ManageEngine l Haider Pasha, Palo Alto Networks l Hidetoshi Kaneko, Panasonic Marketing l Emile Abou Saleh, Proofpoint l Patrick Smith, Pure Storage l Matthieu Brignone, Pure Storage l James Petter, Pure Storage l Ziad Youssef, Schneider Electric l Stuart Schielack, Ed Martin, Secureworks l Prem Rodrigues, Siemon l Chester Wisniewski, Sophos l Jamie Brown, Adam Palmer, Tenable l onathan Couch, ThreatQuotient l Majd Sinan, Trend Micro l Danny Allan, Veeam
SPECIAL REPORT
ALCATEL-LUCENT ENTERPRISE
The year of preparedness lies ahead Organisations must focus on business continuity and how to maintain it with solid end to end solutions built around resilience and efficiency platforms.
2
020 has been a very challenging year with the pandemic causing huge impact on businesses and the economy alike. But it has also given rise to a new era of business as companies have adapted to new ways of conducting
business. A key takeaway from 2020 is preparedness - many businesses were not ready for the scale of uncertainty that COVID-19 brought. Organisations must focus on the business continuity and how to maintain it with solid end to end solutions with resilience and efficiency. They must anticipate and work in advance with a 5 to 10 years strategy for the next technology phase. 2020 has been a very challenging year for businesses across the globe as the pandemic forced economies to a grinding halt amidst a global lockdown. This has created a new era of business operations as companies and people continue working remotely to maintain business continuity. As remote working has become the norm, cloud solutions and infrastructure has become a must for businesses to enable its workforce. A high point during this year was that businesses accelerated the pace of their digital transformation efforts to allow business continuity. The key drivers for this were secure connectivity, unified communication and cloud solutions which allows people secure access to the infrastructure of their companies as well as to maintain the contact with colleagues, customers and business stakeholders. As the world has changed during the pandemic and a new era of doing business has been established, there is an urgent need for agility and reliability to help businesses adapt to changes rapidly. Businesses need to anticipate and work in advance with a 5 to 10 years strategy the next technology phase. Businesses have been quick to deploy collaboration and networking solution to enable a remote workforce. As a result, there has been a significant uptake in ALE’s secure communication, connectivity and cloud solutions. Customer implementations have been supported by ALE’s end to end solution through the business continuity programme which includes the best-in-class
74
MEA
JA N U A R Y 2 0 21
SANDRINE EL KHODRY, Vice President MEA
Businesses have been quick to deploy collaboration and networking solution to enable a remote workforce. technology to support Customers and Partners business from anywhere. ALE has been supporting customers and partners with end-to-end connectivity, communication and cloud solutions during the last few months, with a real time, reliable and efficient remote working solution to enable a business continuity program. ALE is proud to announce that despite the difficulties and challenges, the company succeeded in acquiring new customers. As a digitally transformed company, ALE understands what businesses need to drive their own DX journey. ALE was prepared to tackle the challenges in enabling a remote workforce and provide operational support to our customers and employees at a rapid pace. ALE in collaboration with our partners have supported customers throughout the pandemic to help them continue being productive and work from anywhere in the globe. ĂŤ
SPECIAL REPORT
APPDYNAMICS
2021 will be the year of observability Using observability will enable developers to cut through the noise and focus on the performance issues that have the biggest impact on the business.
2
020 was a year that will go down in history as one of the most challenging, tragic and complex years of our lives. Technologists have never been more critical to the success of the businesses they support, and 2021 is the year they have the biggest opportunity to elevate their careers and truly change the perception of the IT industry and its impact on meaningful business outcomes. As more organisations have shifted to accommodate our new digital lives, observability connected to business outcomes is now a necessity. 2021 will be the year of observability as companies continue to develop more complex IT systems and expand their technology infrastructures. Using observability solutions will enable developers to cut through the noise and focus on the performance issues that have the biggest impact on the business. Part of the reason it is important to keep technology solutions operating at their highest level is to maintain a consistent digital user experience. In 2021, user experience will matter more than ever before as workers and consumers become more accustomed to digital solutions across their day-to-day lives and their expectations for flawless engagement increase significantly. To successfully navigate this need for a seamless digital user experience, organisations will need to view maintaining their applications and technology stack as not just one-off projects, but as business-critical solutions that serve as the backbone to providing the ideal experience for end users. Another element of this renewed emphasis on user experience in 2021 will include an elevated focus on observability not just at the application level, but beyond. For businesses that want to thrive in 2021, incorporating network visibility into existing monitoring efforts can ensure that nothing impedes the user experience, whether it is an anomaly in an application or an issue that stems from the Internet. This enables end-users to have the best possible experience as
TY AMELL, CTO
85%
of UAE technologists said rapid response of IT teams to the pandemic changed the perception of IT within their organisation IT teams are able to spot and address issues efficiently. This year has put a spotlight on IT teams and demonstrated just how importat technologists are to the success of any organisation. In particular, the Agents of Transformation, those elite technologists driving successful digital transformation within a company. The AppDynamics Agents of Transformation Report 2020: Covid-19 Special Edition showed 85% of UAE technologists said the rapid response of their IT team to the pandemic positively changed the perception of IT within their organisation and 86% said digital transformation projects that would have taken years for sign off were now being approved in a matter of weeks. 2021 will be the year that positive perception will kick into overdrive and technologists will have the opportunity to impact business critical outcomes more than ever before. The emphasis that the Covid-19 pandemic has had on the need for flawless digital experiences will have lasting impacts in 2021. Organisations are already seeing the benefits of enabling their IT teams to take calculated risks and drive a faster, more innovative approach and will continue to invest in those teams and solutions in the new year. ĂŤ
JA N U A R Y 2 0 21
MEA
75
SPECIAL REPORT
BEYOND TRUST
New threats to use AI, ML, deepfakes, social media Sometimes the most impactful trends materialise completely out of the left field and we have all been reminded and humbled by this in 2020.
B
eyondTrusts’ annual cybersecurity predictions are projections of possibilities we see emerging based on shifts in technology, threat actor habits, and culture. However, sometimes the most impactful trends materialise completely out of left field. We have all been reminded and humbled by this in 2020. As machine learning becomes more widespread within enterprises for making automated decisions, attackers have a new vector to consider. After a threat actor steals a copy of the original training data, they will begin to manipulate the models generated by injecting poisoned data into the training pool, creating a system that has learned something it should not. This manipulation will have a multiplying effect due to the automatic processing by downstream applications, destroying the integrity of any legitimately processed data. Accompanying this devious attack will be a ransom note to be paid to restore the original data models. This new form of ransomware will be notoriously difficult to detect, and almost insurmountable to recover from, which makes paying the ransom seem like an enticing option for the victim. In 2021, threat actors will leverage machine learning ML to accelerate attacks on networks and systems. ML engines will be trained with data from successful attacks. This will allow the ML to identify patterns in the defenses to quickly pinpoint vulnerabilities that have been found in similar systems, environments. Data from all subsequent attacks will be used to continue to train the cyberattack engine. This approach will allow attackers to zero in on entry points in environments far more quickly and stealthily as they will be targeting fewer vulnerabilities with each attack, evading tools that need a volume of activity to identify wrongdoing. While deepfake videos, photos, and audio have entered public consciousness over the past few years, 2020 saw a drastic improvement in their quality and realism. There are now commercial products that leverage deepfake technology for everything from artificial intelligence-based voiceovers to enabling people actors, political figures, etc. to appear in new videos and movies. Deepfakes are already convincing to most humans. However, in 2021, researchers, companies, and threat actors are not stopping with deepfaked videos, photos, and audio. Expect to encounter a new wave of deepfakes that challenges us to believe whether the entity on the other side of an interactive chat window or video call is human or not. For instance, you could soon have interactive sessions with past presidents, or even deceased love ones. Deepfakes will creep into our daily lives. We will increasingly be in situations, unbeknownst to us, where we are engaged in communication with deepfake technology rather than with a real person.
76
MEA
JA N U A R Y 2 0 21
KARL LANKFORD,
Director, Solutions Engineering
Cybercriminals will target large brands with insurance policies that will pay out to release stolen data In 2020, we have witnessed the explosive expansion of the network edge and continued decentralisation. The seismic shift to remote working spurred by COVID-19 was a key driver of this trend. Remote workers are clearly more relaxed operating in the comfort of home. However, this casualness can leave them more prone to letting their cybersecurity guard down. This laxness in security could not come at a worse time as cybercriminals have ramped up social engineering and ransomware attacks.
SPECIAL REPORT
Home-based employees are also more likely to use personal devices and home networks that are not hardened to the same degree as corporate devices and networks. We now have systems behind consumer network infrastructure that is, in many cases, not even being configured away from defaults. In 2021, new attack vectors will target remote workers and remote access pathways. In 2020, we learned that not even the era of social physical distancing can slow down social engineering threats. Cybercriminals will continue to wage social engineering attacks and also try to exploit common home devices that can be used to compromise an individual and allow for lateral movement into a business. Social engineering attacks will primarily involve various forms of phishing, including by email, voice, text, instant messaging, and even third-party applications. Organisations should also not overlook the threat of disgruntled insiders who feel less observed in their own homes. The increase in drive-by and opportunist attacks seeking to exploit home networks will necessitate heightened attention to securing systems independently, away from continuous corporate connectivity. With all that said, we foresee remote workers to reign as the number one attack vector for exploitation in 2021. In 2020, the European Union, EU court system overturned the governance for protection provided by the EU-US, United States Privacy Shield. Prior to the court ruling, the agreement had allowed for the transfer of data containing personally identifiable information between EU and US organisations. The 2020 ruling essentially eroded the agreement for businesses to operate in either region and share relevant information. This regulatory implosion will impact data privacy based on region, country, and state. Throughout 2021, businesses will scramble to adapt to this expansion of data privacy regulations and the potential implosion of established policies based on challenges in the court systems. International businesses will have to adapt quickly to reengineer how they process client data. Businesses that operate in multiple states must consider how they manage data per state, process it in a centralised location, and codify how they develop procedures around data deletion and breach notification. Social media has proven to be a medium of choice for election tampering, fake news, and other attacks. In 2021, expect attackers to move beyond just tar-
BRIAN CHAPPELL,
Director, Product Management
MOREY HABER,
CTO and CISO
geting individuals to targeting businesses as well. Poor authentication and verification practices will allow social media-based attacks to be successful. For example, a threat actor’s post about hosting a webinar or announcing a new product may mimic that of a legitimate business. However, the illicit registration URL may instead lead to a malicious website to perform a drive by attack, collect personally identifiable information, or even request credentials in an attempt to compromise multifactor authentication solutions. Malicious QR codes or abbreviated URL’s could also be employed to obfuscate the malicious website These attacks could either occur on the legitimate page of the business itself, or via rogue accounts using similar names. Since the social media controls around posting, verification, and URL redirection are so poorly managed, expect new attacks to flourish. As the volume and cost of breaches increase, organisations processing data on behalf of their customers will be forced to carry comprehensive cyber insurance to reduce any contractual risks. Naturally, this will come with a cost to the organisation, but it also will provide attackers a new stream of income. Cybercriminals will target large brands with insurance policies that will pay out to release stolen data rather than face paying out on the policy to cover any remedial action. The majority of successful attacks still hinge on exploiting wellknown and entirely preventable vulnerabilities. While some of the vulnerabilities may be relatively new, there is usually plenty of time to address them before compromise occurs. If you cannot get on top of your vulnerabilities, layer your security so that attackers find themselves without access to privilege when they do infiltrate your network. An exploitable vulnerability is a problem, but considerably less so when it does not lead to privileged access. Every year we say it, but every year it is worth saying again: being prepared for what is ahead makes all the difference between being proactive and reactive. There is copious data showing that those enterprises with more proactive IT security postures prevent more threats, identify potential security issues faster, incur fewer breaches, and minimise damage from attacks more effectively than less prepared organisations. Í
JA N U A R Y 2 0 21
MEA
77
SPECIAL REPORT
Technologies that are as sophisticated as humans in identifying people accurately and quickly will be in demand SARAH WHIPP,
CMO, Head Go to Market Strategy, Callsign.
ED MARTIN,
Director of Product Management, Secureworks.
STUART SCHIELACK,
Director, Worldwide Channel Sales and Strategy, Secureworks.
Threat actors to exploit an omni-channel approach
Secureworks’ take on channel and security trends
Callsign expects to see bad actors and fraudsters go omni-channel looking for security gaps in customer journeys and seeking to exploit them.
Secureworks’ Stuart Schielack and Ed Martin talks about channel and Extended Detection and Response trends coming up in 2021.
As individuals around the globe start to balance their lives with more physical interactions compared to the previous year, as well as maintain the convenience of using digital services, Callsign expects to see bad actors and fraudsters go omni-channel; they will look for security gaps in customer journeys and seek to exploit them. Gaps often occur when changes are made, and so at Callsign, the plan is to provide a single point of orchestration for positive identification and authentication to ensure there is a little friction as possible for genuine users, while maintaining the highest level of protection against fraud and theft. 2020 was marked by the Covid-19 pandemic, and people worldwide were taught valuable lessons when it comes to identification and fraud. In our industry, technologies that are as sophisticated as humans in identifying people seamlessly, accurately, and quickly will be in demand in the coming year. Once such technologies are implemented, users can get on with their digital lives whilst businesses improve customer engagement, increase productivity, and reduce the risk of fraud. Such technologies are the lynchpin to successful digital transformation for companies across all sectors. Callsign is already seeing increased fraud via ChatBots and social engineering technologies in particular, highlighting the increased demand for solutions.
78
MEA
JA N U A R Y 2 0 21
The Covid-19 pandemic has had a global impact on our lives and businesses. As such, we’ve seen the need for the As-a-Service model increase exponentially from both a consumer and business perspective. We expect we’ll see an influx of vendors leveraging MSP’s to augment their solutions by adding services to scale in this subscription model era early in 2021 and throughout the new year. With the shift in consumer spending to marketplaces, like Amazon, we will see a shift in the business buying cycle in 2021 that mimics these advantages. Economies of scale, right solution at the right time and easy-of-use are paramount to businesses. The acquisition of new customers will see a dramatic change in 2021 because of the pandemic’s global effect on people and markets. The increased demand for cyber security solutions coupled with the limited ability to meet face-to-face to build relationships, vendors will lean on VAR’s more than ever to leverage existing relationships to get solutions to the market. Extended Detection and Response, or XDR, is going to accelerate in 2021 as a breakthrough solution. Organisations of all sizes will count on it to simplify and unify their infrastructures and data into one security solution. As cyber threats evolve, the combination of technology integration and advanced analytics is required to enable security analysts to gain contextual visibility across the ecosystem for a more complete understanding of complex threats. Not only does this mean faster detection and response rates, but also more precision and accuracy when investigating known and unknown threats.
SPECIAL REPORT
CONDO PROTEGO
Businesses will transform and address overdue issues Offices are supporting remote working, governments and banks are offering more e-services, and educational institutions are enabling remote and hybrid learning.
E
very Middle East organisation faces the same business challenges and market uncertainty due to coronavirus, and are turning to digital solutions to weather the storm. The pandemic has also brought the technology ecosystem together to find technology solutions for short-term and long-term business challenges. Middle East organisations are fixing overdue issues, accelerating their digital transformation, and developing innovative new business models. For example: offices are supporting remote working, governments and banks are offering more e-services, and educational institutions are enabling remote and hybrid learning. In 2021, Condo Protego expects the Middle East to continue its digital shift, with continued adoption of solutions across hybrid cloud, data storage, information management, artificial intelligence and machine learning, and cybersecurity. As more organisations digitise on the cloud, they will also need to ensure that their networks are secure from rapidly evolving and growing cyber-threats, particularly ransomware. Thanks to government-led digital transformation agendas, such as UAE Vision 2021, the government and public sector will continue to drive regional IT spending in 2021. Government and public sector organisations are continuing to modernise their IT infrastructure to support new and innovative citizen services. In 2021, as hybrid work and education environments are expected to continue, the UAE and Middle East’s banking and finance and education sectors are set to continue their digital transformation and IT spend. E-commerce is likely to continue to remain steady, driving further IT investment from the retail sector. As the Middle East’s businesses begin to emerge from the pandemic, the retail, tourism, and hospitality sectors could also see increased investment in digital transformation and related projects. Despite the challenges of 2020, Condo Protego continues to
SAVITHA BHASKAR, COO
As organisations digitise they will need to ensure networks are secure from growing cyber-threats post growth and gain business competitiveness. Over the past year, Condo Protego has joined Secureworks’ Global Partner Programme, aligning with one of the leading cybersecurity vendors. Already in 2021, Condo Protego has expanded its team, especially in growing the number of experienced and certified VMware consultants. Condo Protego is continuing to help organisations to modernise future-ready digital infrastructure across cloud, security, and the distributed workforce. In 2021, Condo Protego aims to continue to grow our business, weather the pandemic and emerge stronger from it, and further support Middle East market needs in enabling an organisation’s digital transformation. The Middle East market saw major disruption in 2020, and in 2021 Condo Protego aims to remain agile to weather any changes that may occur at short notice. Condo Protego is continuing to align with industry-leading technology vendors that are driving digital innovation, including Dell Technologies, VMware, Veritas, along with Secureworks, RSA, Symantec, Quantum, and Forcepoint. As part of Condo Protego’s professional development, the company is continuing to train its staff on the latest digital solutions. ë
JA N U A R Y 2 0 21
MEA
79
SPECIAL REPORT
CYBEREASON
WILL ENTERPRISES
PAY TO PROTECT REMOTE WORKERS? 2021 will be about work from anywhere and is a moving target for security professionals as the adversary is moving into a new normal as well.
I
n 2020, Cybereason continued to see fewer strains of ransomware in total across networks, yet the existing strains raked in more gains. Hackers do this by better targeting and making more money from each target. In 2021, we can expect to see an increase in multistage ransomware embedded into hacking operations. Hospitals, banks and critical infrastructure providers were at higher risk but many industries faced this threat. Only after hackers’ place ransomware on every computer in the network and then complete other stages of the attack, including data theft, user password stealing and propagation across the network, will they detonate the ransomware across all compromised endpoints. The good news, however, is that defenders with a rapid detection and response process to detect the attack at its early stages, can respond effectively before ransomware is able to impact the environment. To do this, first and foremost, enterprises need to minimise the amount of time it takes to respond to threats. This is best achieved by deploying threat hunting services around the clock.
80
MEA
JA N U A R Y 2 0 21
In addition, resilience and security can no longer be an afterthought. It is very important for next-generation networks to be built with resiliency and security in mind. The design and ongoing operation of the system must take into consideration what security threats will become commonplace in the months and years ahead. In addition, enterprises should partner with the experts that have vast knowledge of cyber threats with the public and private sectors working closely together to protect the networks of our banks, hospitals, oil and gas companies, aviation industry and other critical infrastructure. And finally, test, test, test. Tabletop exercises that enable a red and blue team to role play different scenarios and the real time response to those scenarios is critical for enterprises when having to actually have to deal with a threat in real time. Never underestimate the value of tabletop exercises in shoring up weakened defenses and helping executives understand the importance of security. We are in a new world where recent surveys estimate that in 2021 nearly half of employers intend to allow employees to remotely work from home on a permanent basis. This means
employees need anywhere, anytime access while at the same time the quantity and complexity of the cyber-attacks we face have ramped up. Does your enterprise deploy the technologies to stop correlated attacks across all users, devices and endpoints in your network? If you answered no, 2021 could be a rough and tumble year. Cross-layered detection and response, XDR should allow organisations to be able to readily detect, correlate, and end sophisticated attacks wherever they start on the network. By fusing together endpoint telemetry with behavioral analytics for XDR, security teams can protect users and assets wherever they are in the world. Finding the right XDR solution does not have to be a painful process if you understand what the solution should look like. First, security begins with knowing what to protect. An XDR solution should empower analysts of all skill levels to quickly dig into the details of an attack without the need to craft complicated queries. XDR is intended to extend traditional detection and response capabilities from the endpoint out to critical SaaS services, email, and cloud infrastructure.
SPECIAL REPORT
XDR solutions should also deliver superior visibility and enhanced correlations across both Indicators of Compromise IOCs and key Indicators of Behavior IOBs, the more subtle signs of network compromise. XDR detections also need to identify suspicious user access and insider threats. And last but not least, XDR solutions should make it simple for analysts to understand the full attack story immediately, and remediation actions such as kill process, quarantine asset and remote shell should be automated or accomplished remotely with a simple click. A solution should also offer automation options for immediate remediation of threats and continuous threat hunting. XDR is a promising approach that can reverse the attacker advantage and return the high ground to the defenders by extending detection and response capabilities across the broader IT ecosystem that makes up modern enterprise environments. This unified detection and response capability can automatically surface Malops across the entire IT stack including endpoint, network and cloud deployments. We banned IoT from the Enterprise. Who knew that the Enterprise would come to IoT! The new Enterprise address space is consumer ISPs, and the bad guys know it. 2021 will contain a resurfacing of old exploits that target out of data printers and routers, repurposing of DLP techniques for the dark purpose of exploring the world around compromised endpoints and bots. Worst of all, the ubiquity of IoT, starting with poorly protected home automation will begin. The dark side has not been idle and can use commodity voice-to-text capacity to compromise IP stacks in homes to mine for intelligence and spy with the very best cameras, microphones, storage and access. The time is now for someone to create a new business to bring IT-level support, maintenance, security and maybe even privacy services to the home.
Resilience and security can no longer be an afterthought
YONATAN STRIEM-AMIT,
CTO and Co-Founder If Enterprises will pay 10s of thousands for employees to sit in an office, will they perhaps subsidise and protect employee homes one day through outsource contracts at a fraction of the cost to keep us all safe and productive? 2021 will be about work from anywhere and it is very much a moving target for security and privacy professionals. We must understand the adversary is moving into a new normal as well. They may not yet have found ways to exploit all weaknesses or even any given weakness. They too are pursuing the lowest hanging fruit while investing in some longer-term R&D as they continue to develop new attacks specifically for the home environment. Threat actors may be purchasing tools from cybercriminals, mining existing botnets to see what IP is on those already-compromised machines or targeting home automation, printers and routers after triangulating IP addresses and digital locations for targets. In the year ahead, targeting new dimensions of technical diversity and innovating to develop new attack vectors will be the name of the game for the bad guys. Once upon a time, hackers fell in neat behavioral buckets that made their motivations and goals discernible. Or at least they appeared to
It is important for next-generation networks to be built with resiliency in mind
ISRAEL BARAK,
CISO
do and for the most conformed cleanly. However, over time they have become less clear: nation states like North Korea hack for profit to deal with economic sanctions, cybercrime rent out their services to any and all takers, and ransomware has become a tool of the state too. To further complicate matters, nation states publish tools to seed back doors in the criminal world and to provide healthy background noise, and government employees for offensive agencies from China to Russia moonlight or go private, without even taking into account the possibility of false flag operations. While clear modus operandi is still possible to help guide investigations and make them more efficient, the net result is that neat categorisation schema generally and attribution specifically serve less and less use. This trend will continue, so it is important to prepare for all potential attackers and to some extent to avoid blind spots produced by a false sense of certainty in who the enemy is. ĂŤ
JA N U A R Y 2 0 21
MEA
81
SPECIAL REPORT
EVOLVANT
Advantages of cloud begin to outweigh migration efforts This means not only a shift towards IaaS, PaaS, but also the wider adoption of SaaS ERP offerings, such as those from Oracle, SAP and others.
2
020 saw a sudden halt to many nice-to-have IT projects. While the immediate focus turned to networking and infrastructure projects that enabled remote working and communication, we are now seeing organisations begin to look at solutions that can increase productivity and drive efficiency, such as automation. 2021 is going to be all about operational resiliency, businesses are evaluating how IT can be used to ensure continuation of business-critical functions by leveraging secure, cloud-hosted, accessible-anywhere, information management systems. Furthermore, they are also looking at how automation can be leveraged to facilitate a low-cost return to pre-Covid productivity levels. Industry 4.0 and accelerating digital transformation look like hot topics for 2021 and beyond. Companies such as UiPath are now setting objectives for helping to create the world’s first fully automated enterprise using Robotic Process Automation alongside digitisation, Machine Learning and Artificial Intelligence. In particular, we should look out for a push towards the cloud as the advantages begin to far outweigh the migration effort and service providers continue working towards dispelling security concerns. This means not only a shift towards IaaS, PaaS, but also the wider adoption of SaaS ERP offerings, such as those from Oracle, SAP and others. The pandemic hit the hospitality and entertainment sectors the hardest, and the government sector faced an incredibly challenging situation. Spending is likely to be limited in these sectors over the next year. The industries more likely to spend, are perhaps those who have either had a key role to play or have been fortunate enough to have a seat on the side-lines. Healthcare, supply chain, logistics, online retail and pharmaceutical manufacturing sectors all need to ensure that they can best utilise technology to accurately anticipate and cope with the rising demand in the most efficient way possible throughout 2021. Evolvant’s mission remains the same – to use technology to
82
MEA
JA N U A R Y 2 0 21
GEORGE BROUGH, COO and Co-Founder
Industries more likely to spend are those who have either had a key role to play or have been fortunate enough help drive customers towards a better future, faster. It is something we all need as we close out this incredibly challenging year. Looking ahead we will continue to act as trusted advisors and apply our specialist knowledge and experience in intelligent automation wherever it can create the most value for our clients. We will be expanding our footprint across at least two more countries during the first half of 2021 as well bringing some innovative, unique, combined product, service offerings to the market. We have an overwhelmingly positive outlook for 2021, and accelerated growth is certainly an aspect that our 2020 plans did not consider. In terms of our other differentiators, we are innovating rapidly in the automation space, but this is something the market will just need to wait and see. ë
SPECIAL REPORT
Infor’s top cloud, AI and supply chain trends As a direct result of Covid-19, we are going to see the acceleration of digital supply chains and cloud.
A
fter the US Open tennis tournament successfully pivoted to cloud and AI this year to enhance the virtual experience for fans who could not attend the physical event, we will see an uptick in physical events leveraging cloud technology to give viewers tailored experiences. With 2021 primed to grip the world’s attention with several major events, such as the Summer Olympics in Tokyo and the Wimbledon Championship, cloud technology is poised to completely reinvent what we know about fan experiences today. The potential for using cloud technology to transform events is enormous, think real-time crowd excitement analysis to optimise highlights and advertisements, extremely low-latency live feeds, and moderated crowd interaction, all hosted on robust cloud platforms. Using multi-tenant cloud solutions means companies are automatically kept up-to-date with the most cutting-edge technology, without having to worry about manual updates or replacing hardware. As we move into a new year that likely will bring more uncertainty, multi-tenant cloud solutions will become critical technology differentiators, helping businesses remain agile and innovative, while also reducing their e-waste footprints and helping them move closer to their sustainability targets. In the unpredictable job market of 2021, it will be critical for organisations to leverage AI to ensure they find the right candidate for the job. AI will enable HR departments to become more proactive in their hiring and help them determine a candidate’s cultural fit by using data to measure the quality of a hire. Innovations such as intelligent screening software that automates resume screening, recruiter chatbots that engage candidates in real-time, and digitised interviews that help assess a candidate’s fit, will start becoming commonplace in HR departments. AI also holds great promise for creating more diverse and inclusive workplaces, given its ability to reduce biases and add objectivity into employment decision-making through AI-powered algorithms that will identify the unique qualities of candidates. Over the next year, we will see the accelerated adoption of AI
SOMA SOMASUNDARAM,
Chief Technology Officer and President of Products at Infor.
Cloud technology is poised to completely reinvent what we know about fan experiences today. across many areas of healthcare. By applying machine learning to real-time global data sets, healthcare professionals can more accurately track contact between staff and infected patients, enable accurate diagnoses, utilise predictive analytics to track personal protective equipment, optimise workforce allocations, and develop more effective and lasting vaccinations. As a direct result of Covid-19, we are going to see the acceleration of digital supply chains in 2021. While supply chain leaders have traditionally viewed digital transformation in the context of efficiency and cost, the focus will now be on agility and resiliency. That’s where digital technology comes in. A multienterprise, digital supply chain enables better end-to-end visibility, better predictive analytics, and better and smarter automation. Leaders will be able to customise and flex their supply chains based on market demand and make better use of ecosystem partners. These digital tools are as far ranging as artificial intelligence, augmented reality, and robotic process automation and are expected to shift early promises to impactful value propositions. As the incredible supply chain disruptions of 2020 unfolded, it became clear that managing real-time supply and demand matching and forecasting were no longer tasks humans can take on alone. It’s no longer reasonable to expect a supply chain leader to predict when one country’s market will suddenly close and another’s will open, or account for ever-shifting materials and costs, especially as government restrictions on transportation and travel change rapidly. In 2021, we will see supply chain managers accelerating their adoption of AI to augment workers’ instincts and experiences and provide them with intelligent insights into changing market conditions, letting them accurately forecast supply and demand in real-time. ë
JA N U A R Y 2 0 21
MEA
83
SPECIAL REPORT
F5
5G ARCHITECTURE CLICK FARMS
OPEN BANKING, KEY TRENDS Attackers embracing click farms, deploying a horizontal 5G architecture with layers, and open banking to share customer data, are key trends ahead.
H
ow do you make sense of 2020? Suffice to say, it has been an incredible twelve months of transition, adaptation, and challenge. From mindsets and behaviours to the deployment of technology, Covid-19 has both flipped our perceptions and accelerated innovation. Organisations around the world are increasingly migrating from monolithic to microservices based apps. And there’s an associated increase in use of these technologies in production environments. Clearly, there is growing confidence that microservices based apps can improve what people care about the most: customer experience. As a case in point, NGINX’s annual customer survey found that the proportion of businesses building apps with microservices jumped from 40% to 60% this year. More than half of respondents are also using microservices in some or all of their apps. Looking ahead, we anticipate more investment in commercial and open-source container orchestrators, as well as API management. At the same time, public cloud usage will continue to increase, along with the ongoing migration to software load balancers. Use of related technologies like WAF and Service Discovery are also on the rise. As mobile operators in the region prepare to either roll out or expand their 5G core networks, they are faced with a conundrum. Do they stick with the traditional approach and deploy a vertically integrated core network stack from a single vendor? Or should they implement a horizontal architecture composed of distinct layers? To unlock the benefits of 5G and an open architecture, we believe many telcos will start exploring the latter with more purpose in 2021. A horizontal telco stack involves a complete decoupling of the server and network infrastructure, as well
84
MEA
JA N U A R Y 2 0 21
Open banking enables banks to securely share customer data with third-party providers in various verticals as the functions that run on top of it. This kind of layered architecture is the norm among web-scale companies. But for telcos, it requires a change of mindset: they need to regard 5G as a use case that runs on top of a common telco cloud platform, rather than a vertical stack in its own right. It is important to note that the 5G standard has been developed in a way that encourages operators to employ a horizontal architecture. This new generation of cellular technology has been designed to harness the service-based architecture that now permeates the IT sphere. Applications are composed of microservices that perform specific functions and exchange information using the HTTP protocol and open application programming interfaces. Over time, this architecture will enable operators to take advantage of open-source software. HTTP is the default protocol for open-source systems today, while the open API standard is commonly used by DevOps to develop API-based applications. According to the 2020 F5 Labs Phishing and Fraud Report there are two major phishing trends on the horizon. As a result of improved bot traffic botnet security controls and solutions, attackers are starting to embrace click farms. This entails dozens of remote workers systematically attempting to log onto a target website using recently harvested credentials. The connection comes from a human using a standard web browser, which makes fraudulent activity harder to detect.
SPECIAL REPORT
MOHAMMED ABUKHATER,
Vice President Sales, Middle East, Turkey and Africa
Telcos need to regard 5G as a use case that runs on top of a common telco cloud platform
Even a relatively low volume of attacks has an impact. As an example, Shape Security analysed 14 million monthly logins at a financial services organisation and recorded a manual fraud rate of 0,4%. That is the equivalent of 56,000 fraudulent logon attempts, and the numbers associated with this type of activity are set to rise. Shape Security researchers also recorded an increase in the volume of real-time phishing proxies, RTPP that can capture and use multi-factor authentication codes. The RTPP acts as a personin-the-middle and intercepts a victim’s transactions with a real website. Since the attack occurs in real time, the malicious website can automate the process of capturing and replaying time-based authentication such as MFA codes. It can even steal and reuse session cookies. No educational institution can effectively cover everything, and the needs of a given organisation will also be determined by its strategy, security architecture, and the hiring manager’s perspective. This means that even experienced specialists need to be willing to humble themselves and constantly gain new skills. The most important attribute of any candidate is a fundamental interest in the idea of security. That means that, rather than just looking for turnkey candidates, it is often better to put more focus on cultivating practical skill sets among people that self-select as being interested. For cybersecurity professionals, continual learning is always part of the job. Open banking enables banks to securely share customer data with third-party providers in various verticals, as well as with other banks, via application programming interfaces. If done well, it can spark innovative data-driven financial products and services around a centralised platform. According to F5-comissioned research from Twimbit, nearly six in ten consumers would be willing to share significant personal information with their bank and insurer in exchange for lower pricing on products and services. However, an increased use of APIs in all industries has not gone unnoticed by cybercriminals. Gartner predicts that by 2022 API abuses will be the most frequent attack vector against enterprise web applications that lead to data breaches. Is 2021 the year open banking really takes off on a global scale? If so, it will require vigilance. Expect a clamour for API-first designed tech. Solutions that maximise performance by reducing the average response time to serve an API call and minimising the footprint and complexity of the API gateway, will certainly be in high demand. However, progress will be stymied if consumer fears about the risk of fraud or data breaches are not adequately addressed. To build trust, it is crucial to embrace strategies to modernise apps by implementing a 360° protection strategy that goes beyond just testing for software vulnerabilities. In the age of microservices and distributed computing, it is not possible to stay on top of an expanding growing app portfolio without increasingly sophisticated automation. A key element of that shift is the ability to make our apps more adaptable. In other words, the ability to shrink, defend, and heal based on the environment they are in and how they are being used. We are already seeing examples of how a powerful combination of application services, telemetry and automation can be gamechanging in terms of delivering extraordinary digital experiences. Definitely watch this space in 2021! ë
JA N U A R Y 2 0 21
MEA
85
SPECIAL REPORT
Cybersecurity remains investment priority despite budget cuts The share of IT budget dedicated to IT security continues to grow year-onyear, even though the overall IT budget has fallen among SMBs.
ALEXANDER MOISEEV,
A
ccording to the new Kaspersky report, Investment adjustment: aligning IT budgets with changing security priorities, cybersecurity remains a priority for investment among businesses. Its share of IT spending has grown from 23% in 2019 to 26% in 2020 for SMBs, and from 26% to 29% for enterprises. 71% of organisations also expect their cybersecurity budget to grow further in the next three years. This is despite overall IT budgets decreasing in both segments amid the Covid-19 pandemic, and cybersecurity cuts affecting the most economically hit SMBs. External conditions and events can influence IT priorities for businesses. As a result of the Covid-19 lockdown, organisations have had to adjust plans to meet changing business needs, from emergency digitalisation to cost optimisation. The Kaspersky report, based on a survey of more than 5,000 IT and cybersecurity practitioners, observes recent IT security economics trends and how they correlate with the year’s events. The share of IT budget dedicated to IT security continues to grow year-on-year, even though the overall IT budget has fallen from $1.2m in 2019 to $1.1m in 2020 among SMBs, and from $74.1m to $54.3m for enterprises. This decrease may be due to the consequences of the global coronavirus pandemic, according to Gartner, whose experts also predicted that budgets would decrease earlier this year. As a result, in monetary terms, small and medium businesses allocated $275k to cybersecurity while enterprises invested $14m. The majority of companies are expecting these figures to grow in the next three years by 11% in enterprises and 12% in SMBs, on average. 17% believe it will remain at least the same as this year. However, 10% organisations said they are going to spend less on IT security. Interestingly, the main reason for this across enterprises is the deliberate decision of top management, who sees no point in investing so much money in cybersecurity in the future, 32%. Among SMBs, the reason to reduce spend in this area is primarily dictated by the need to cut overall company expenses and optimise budgets, 29%. Small and medium organisations were hit hardest by the lockdown: more than half of small companies globally reported a decline in sales or experienced cash flow con-
86
MEA
JA N U A R Y 2 0 21
Chief Business Officer at Kaspersky
Use proven cloud services and platforms when transferring business data. straints. It is clear that those affected have needed to optimise their expenses to survive. But while this impacts cyber-protection, it’s important for businesses to find a way to keep safe from cyber-risks in such a challenging time. Kaspersky suggests small and medium organisations take the following advice, to maintain their cybersecurity posture even with low security investments: l Always keep your team aware of IT security risks such as phishing, web threats, banking malware and others that can target employees in their daily working routine. There are dedicated training courses which teach security practices, such as the ones provided in the Kaspersky Automated Security Awareness Platform. Use formats that help employees remember the cybersecurity rules, such as posters or cards in the workspace. l Ensure timely updates of all systems, software and devices. This will help you to avoid situations where malware infiltrates a corporate system through, for example, an unpatched operating system. l Establish the practice of using strong passwords to access corporate services. Use multi-factor authentication for access to remote services. l Make sure all corporate devices are protected with strong passwords which are changed regularly. l Use proven cloud services and platforms when transferring business data. Make sure you protect all your shared files with passwords, for example in Google Docs, or make them available to a limited circle within a working group. l Use a free endpoint security tool, such as Kaspersky Anti-Ransomware Tool for Business, which provides protection for both PCs and servers from a wide range of threats including ransomware, cryptominers, adware, pornware, exploits and more. l There are also some useful tools that could help ad-hoc cybersecurity needs, such as checking suspicious files, IP addresses, domains and URLs. This can be done for free on the Kaspersky Threat Intelligence Portal.
SPECIAL REPORT
MANAGEENGINE
Will power of cloud supersede that of the nation? Due to increasing power of hyper scalars, states within big countries could have their own regulations, and hence businesses should be aware of this.
W
ith the accelerated cloud adoption, it is inevitable that governments across the world will bring in region-specific regulations to uphold aspects of sovereignty, user privacy, security, culture, policies, and other issues; and this will call for cloud infrastructure to be hosted in every such region to comply with those regulations. Also, specific states within big countries could have their own regulations, and hence businesses should be aware of this factor while choosing cloud providers. When it comes to their data as well as their customers’ data, it is imperative for businesses to operate with clarity of regulations and how they apply. A seamless digital experience will be an important differentiator for businesses, especially in the post-pandemic era. Hence, they will increasingly invest in digital experience monitoring to relieve bottlenecks, such as the inability to track employee devices, besides issues in their home network and other cloud-based productivity tools. Organisations will also strive towards effectively engineering AIOps to contextually monitor and remediate their IT and business logic in order to provide an intuitive user experience. Furthermore, AI-powered and data-informed monitoring tools will be sought out to analyze security risks and increase operational efficiency. Before, Zero Trust was being driven by a need to modernize the information security stack. With the shift to remote work, the traditional perimeter-based security model was rendered obsolete. Digital identity is now a single control point across users, devices, and networks. Zero Trust security models, however, operate with the principle that all network users—internal or external—are considered hostile until proven otherwise. Trust is established through strong
RAJESH GANESAN, Vice President
A seamless digital experience will be an important differentiator for businesses authentication to users upon verifying who is requesting access, the context of the request, and sensitivity of the access environment; and each user’s behavior is continuously assessed for risk. It addresses the agile needs of modern organizations and eventually it will become the way any security framework is architected. From a business option to a business imperative, every one of us is on a Zero Trust journey— whether we know it, or not Having a strong IT framework is a critical factor for businesses to achieve infrastructure efficiency. Hyper converged infrastructure consolidates traditional hardware-based infrastructure, compute servers, networking and storage, into virtualised, software-defined environments. This approach is not only a cost-efficient option but also helps simplify the management of these virtualised resources from a single, unified interface. Considering the impact of the pandemic, many organisations are looking to adopt technologies that can support their digital workspace. Keeping in mind the cost and security related issues associated with public cloud, it may not be the immediate choice for most businesses, making 2021 the year for HCI. And due to its simplified and flexible framework, HCI is ideal for the cloud-era. Now that organisations realize the effectiveness of analytics platforms, their usage is expected to penetrate not just IT but other departments that have traditionally not relied on analytics applications. For example, data from HR applications combined with employee performance metrics can be used to measure the influence of employee welfare initiatives on employee productivity. This focus on analytics brings an interesting dynamic to the way organisations work and also introduces a set of challenges in data governance and maintenance. IT will play a pivotal role in facilitating fine-grained access levels before moving to a higher trust model where individual teams have complete access to all relevant data that is necessary for their efficient functioning. ë
JA N U A R Y 2 0 21
MEA
87
SPECIAL REPORT
PALO ALTO NETWORKS
HOME, BREXIT, 5G, CLOUD
CONTACTLESS, SEE MORE THREATS In 2021, growth of 5G networks, cloud, edge computing and touchless interfaces will give rise to new types of security vulnerabilities and threats.
W
ith so many working from home, the weak point becomes what else could act as a bridge to the secured business device. Many homes may have between 20 and 50 things connecting to home Wi-Fi hubs, with the increase in smart home devices, including doorbells, TVs, digital assistants, as well as a plethora of family phones, tablets, wearables, and computers. Our recent IoT security research report found more nonbusiness devices are coming onto networks, with everything from connected teddy bears to medical devices and electric vehicles now needing to be secured alongside business IoT. We have also seen security policies being relaxed with the
need to allow staff to use their devices at home, for example, enabling USB ports to allow home screens and printers, or other requirements. All of this means the end device and those things around it become bigger risks of access into a business’s critical systems and information. As we are looking to reduce our risk of infection in every aspect of life, we are seeing increases in contactless payment limits, but also other methods, such as QR codes, being used to reduce points of touch. Our Unit 42 threat intelligence team has uncovered examples of QR codes being exploited, and seen increasing discussions and tutorials on how to abuse QR codes in underground forums. We should expect to see criminals continue to focus on immature contactless processes or changes to mature trusted ones where criminals can either intercept financial transactions or compromise systems to gain identity or other personal information. Working from home means many of us are now living online for between 10 and 12 hours a day, getting very little respite with no gaps between meetings and no longer having a commute. We will see more human errors causing cybersecurity issues purely driven by employee fatigue or complacency. This means businesses need to think about a whole new level of IT security education programme. This includes ensuring people step away and take a break, with training to recognise signs of fatigue. When you make a cybersecurity mistake at the office, it is easy to go down and speak to a friendly member of your IT security team. This is so much harder to do at home now without direct access to your usual go-to person, and it requires far more confidence to confess. Businesses need to take this human error factor into consid-
We should expect to see criminals continue to focus on immature contactless processes HAIDER PASHA,
Chief Security Officer, Middle East and Africa
88
MEA
JA N U A R Y 2 0 21
SPECIAL REPORT
eration and ensure consistent edge security no matter what the connection. You can no longer just assume that because core business apps are routing back through the corporate VPN that all is as it should be. With the debates on which hardware can be used where, and of course, all the other challenges we have faced in 2020, 5G, edge computing and, to some degree, IoT have not been at the forefront of businesses’ minds. Yet in the background, huge investments are being made for 5G’s deployment, and due to the delays, when it happens, expect the ramp-up to be faster. 2021 will be the year we see cybercriminals really probe these spaces to see the art of the possible, as by 2022, more than a third of operators will have 5G networks in place in Europe. What is more, with the changing working environment, expect to see private 5G networks springing up to enable collaboration spots for staff in redesigned office working spaces. Most companies in Europe had plans to move key business processes to the cloud over the next few years, but with the onset of the pandemic, this became the next few months. Rather than taking the time to recodify processes, an intermediary lift and shift step was added: the quick move. While the process may still be the same, the environment and security changes. Businesses, in 2021, are already planning stage two: recodifying to gain the real advantages of agility from the cloud, while security teams are still fixing the issues from the intermediary shift. This continuing migration at
pace will lead to security gaps, and we are likely to see more cloud security incidents until the shifts are completed and stability resumes, at least for a while. As many businesses look to reduce costs, one natural solution is to accelerate the digitisation of processes. This means evermore cybersecurity telemetry coming back to the security operations centre. Add to this the shift we have already seen in telemetry as employees work remotely and an increase from more new collaboration tools and cloud processes. Many SOC teams had also been used to using multiple screens for big data analytics, and regular team huddles to discuss complex issues; so, the shift to work from home, often with one screen, has been tough for some. The teams keeping up will be the ones taking a data-driven ML, AI-based platform approach, helping them to be proactive against attackers trying to out-innovate them. Cybercriminals will always flock to exploit the latest global trend or news item. We have seen this throughout 2020 around the pandemic with widespread use of virus-related themes, such as Covid-19-themed business email compromise campaigns, and on average 1,767 high-risk or malicious Covid-19 themed domain names being created every day. With the Brexit transition period ending December 31, there will be a flurry of news as well as a desire for information on how it impacts both our personal and business lives. From December into 2021, we have to expect to see scams, misinformation, and attacks leveraging what is such a significant change
not just for UK residents but many across the EU too. We might see fake websites springing up around the forms that businesses will need to complete to hire employees from the EU, for example. Brexit will also mean that so many business processes will have to change. There will be a big rush to do this, and we are likely to see mistakes along the way, which could open up unnecessary risks and further opportunities for cybercriminals. The year 2020 coupled with the global pandemic altered many aspects of life for organisations and individuals in unprecedented ways, including the way we work, live, and do business in the Middle East. In the upcoming year, technological advances including the growth of 5G networks, cloud, edge computing and touchless interfaces will give rise to new types of security vulnerabilities and threats. However, with the right cybersecurity strategies in place, IT heads in the Middle East are well equipped to cover all the bases and overcome the next set of challenges in 2021. Be it small business or consumers, so many are finding times incredibly tough financially during the COVID-19 crisis. Cybercriminals sadly prey on such circumstances, and in times of desperate need, people are more susceptible to click on scams in the hope that the offer of loans, payment holidays, and other financial opportunities that we would, in hindsight, recognise as too good to be true. So much of cybercrime succeeds through psychology; where there is an emotional need, cybercriminals will exploit it. ĂŤ
JA N U A R Y 2 0 21
MEA
89
SPECIAL REPORT
PANASONIC MARKETING
Pandemic driving technologies from concept to reality Most businesses trying to recuperate from slowdown and as risks persist, more businesses are investing into contactless technologies and automation.
T
he IT and innovative technology sector might be the only industries that recovered considerably from the uncertainties brought in by the pandemic in early 2020. According to industry reports, IT industry equipment and software investment surged to an annualised rate of 47% in Q3. The growth would remain robust and may strengthen further in the year 2021. However, the demand will come from various sectors, and businesses will be investing in improving their IT infrastructure with more and more automation, AI and contactless communication technologies. IT leaders are looking to integrate artificial intelligence with other technologies such as automation and robotics. The industry will see widespread implementation of 5G. Taking into account industry dynamics, economic stimulus, and remote access demand, IoT is expected to see large-scale adoption across certain major verticals, namely, smart manufacturing and smart healthcare. Covid-19 has driven a lot of technologies from concept to reality. In addition to assistive robotics and automated mobility, Panasonic expects to see increased demand for IoT-enabled products for residential platforms, video intercoms to create contactless environment and imaging, video products that detect mask and social distancing exceptions and that enables online classrooms as studying from home has become part of the new normal. Most businesses are currently trying to recuperate from the slowdown brought by Covid pandemic, and as the virus, and as the safety measures and risk persists, more and more businesses are investing into contactless technologies and automation. As for Panasonic, it is focusing on B2B sector to provide our customers with products and solutions that help them in digitisation and automation. The surge in remote work and remote class-
90
MEA
JA N U A R Y 2 0 21
HIDETOSHI KANEKO,
Director and Division Head, System Solutions and Communications Division, Middle East and Africa
IT industry equipment and software investment surged to an annualised rate of
47% in Q3
room will further accelerate digital infrastructure adoption. Panasonic is strengthening marketing strategies in the coming business year. The Middle East region has witnessed a sustained growth across industries and a solution provider we offer the widest portfolio for both larger businesses and SMBs alike. The brand is planning to deepen its reach in the regional market with an increased focus on B2B sectors including homes and living, business tech and industrial solutions. ĂŤ
SPECIAL REPORT
PROOFPOINT
Unprecedented levels of peoplecentric global cyberattacks 2020 has seen global peoplecentric cyberattacks, including the capitalisation of the pandemic, fraud, ransomware and credential phishing.
A
ccording to Gartner, the IT spending in the EMEA region is forecasted to grow 2.8% in 2021. Additionally, the outlook is also positive for the Middle East Cybersecurity market which is forecasted to grow from USD $15.6 billion in 2020 to $29.9 billion by 2025. In the UAE, the government’s vision of creating a smart society powered by smart IT infrastructure has driven significant investment across leading technologies. According to Proofpoint’s CISO Report, organisations in the UAE believe cyber security will become more of a business priority, with 69% expecting their cybersecurity budget to rise by 11% or more over the next two years. In 2021, security professionals can expect to see ransomware increasingly target cloud storage to maximise impact and increase leverage to boost profits. While business email compromise attacks growth will be slow, this will still be the largest source of cybercrime losses. CISOs must embrace a security awareness approach that includes the employees in their cyber threat mitigation plans. Automation will become part of more security tools, rather than a bolt-on, as a result of the shortage of security talent. Lastly, given the increase in video conferencing company-themed attacks seeking to steal credentials and distribute malware, we believe that in 2021 there will be a strong demand in delivering technologies to support remote workers. We predict that business email compromise scams will continue to be a global issue as more than 99% of cyberattacks need humans to click and act. Therefore, in 2021 we will continue to enhance our offer as a cloud-based platform to protect our cus-
EMILE ABOU SALEH,
Regional Director, Middle East and Africa
69%
expect cybersecurity budget to rise by 11% or more over the next two years in UAE tomers against the number one threat vector - email - as well as emerging vectors such as social media and cloud apps. Additionally, we will continue to look at all the cybersecurity risks with a people-centric view and foster the implementation of ongoing and effective security awareness trainings to build a strong security culture. 2020 has seen unprecedented levels of people-centric global cyberattacks, including the capitalisation of the global pandemic, fraud, ransomware and sophisticated credential phishing. Any major organisation would do well to closely examine their current approaches to cyber defense, and consider additional appropriate investment in that area. As we will see the modern threat landscape increasingly becoming more people-centric and attacks focusing on people, in 2021 we will continue to support our partners and customers in identifying which users in an organisation represent the greatest sources of risk while ensuring the ongoing and effective education of employees about cybersecurity best practices. ë
JA N U A R Y 2 0 21
MEA
91
SPECIAL REPORT
Ability to manage costs over time without a longterm contract will be vital MATTHIEU BRIGNONE,
VP Global Partner Organisation, EMEA and LatAm
PURE STORAGE
EXPECT INTOLERANCE TO DOWNTIME FROM CUSTOMERS, EMPLOYEES In the rush to digitise, organisations might not have given much thought to complexity resulting in costly downtime, damaging to reputation and bottom line.
2
021 is likely to be a year of picking up the pieces and adapting. Business operations have changed significantly, and organisations will be tasked with rebalancing and reassessing their systems for a working world that looks drastically different from a year ago. We will see greater pressure on organisations to officially commit to decarbonisation goals in the year ahead. 2021 will be the year in which it will not only be socially unacceptable to have a heavy carbon footprint, but companies will also be judged on how they reduce their environmental impact. To do this, organisations will need to abandon expensive and carbon-heavy equipment refreshes, like the old way of procuring technology hardware. Instead, they will turn to smarter software solutions that can perform and scale as needed, without having the planetary impact of rip and replace upgrades. Much like this year, 2021 will likely see local lockdowns implemented at short notice, affecting the delivery of goods and services almost instantly. Successful businesses will be those which can pivot quickly and efficiently to the changing environment without affecting the customer experience. As consumers, our patience when engaging with slow technology has reached a new low — we demand instant access and service. This attitude is now mirrored in our professional lives, and the lines have blurred between how B2C and B2B companies deliver goods and services, with speed being key. Organisations need to ask themselves some tough questions around how
92
MEA
JA N U A R Y 2 0 21
With downtime being almost as expensive as paying ransom, speed at which systems can be restored is important legacy infrastructure is holding them back, and whether they can afford to lose customers if they cannot deliver at the speed needed. 2020 has shown that many businesses did not have their house in order. Leaders were caught off-guard by the digital transformation requirements of the pandemic, and many over-invested in shortterm solutions. Organisations will need a holistic view of where the pressure points in their organisation are, so they can adapt supply chains to ensure minimal disruption. For those businesses that had not already embarked on a digital transformation journey, the pandemic forced them to overhaul their IT, and at speed. In the process, many companies over rotated in their technology choices, opting for infrastructure beyond their
SPECIAL REPORT
needs and choosing expensive solutions with vast capacity. In the long term, these choices may prove unsustainable, and in 2021 businesses will need to refocus on the medium-term, rebalance and opt for the solutions that fit their needs whilst remaining agile. In 2021 the CTO’s role will need to adapt to being the renegotiator — finding the best tuned systems for streamlined budgets. Whilst in many cases the pandemic has brought out the best in people, it has also brought out the worst in some. Hackers have taken advantage of the remote working phenomenon to catch users when they are vulnerable, leading to a number of unscrupulous attacks. As such, in 2021 we will see a continued rise in devastating ransomware attacks, which will lead to organisations turning to backup technologies and services as their last line of defence. With sustained downtime being almost as expensive as paying the ransom, the speed at which systems can be restored is becoming increasingly important. As such, winning organisations will look to adopt backup solutions that ensure systems are back online within minutes or hours rather than days. With so much uncertainty still upon us, it is unlikely we will see majority of organisations relaxing their purse strings anytime soon. Next year we will see businesses keeping a closer eye on their spending and reducing overall costs. A key way to do so is by opting for flexible consumption models for their IT infrastructure. Having the ability to manage costs over time without a long-term contract will be vital, and being able to avoid large and risky capex infrastructure investments will help organisations to keep themselves in the black. In the rush to digitise, organisations might not have given much thought to the complexity they were creating in their systems, resulting in costly periods of potential downtime. This problem has become increasingly unacceptable, and sustained periods offline are just as damaging to reputations as they are to bottom lines. Despite the complexity organisations may have added to their own systems, in 2021, expect total intolerance to downtime and security issues from customers, partners and employees. As businesses were forced to switch their employees to remote working, there was understandably an immediate appetite for core IT commodities — demand for VPNs, monitors and other peripherals sky-rocketed. But as we move into the
PATRICK SMITH,
CTO EMEA
year ahead, businesses will inevitably turn their attention towards technologies that will not just help them stay afloat, but build a competitive edge. The channel has already proved its worth in the short-term, but will now have to resume its role as a long-term strategic consultative partner — helping customers modernise their IT environment as the world adapts to new realities that are here to stay. The Zoom model has exposed where vendors have lacked creativity in maintaining their relationships with partners during 2020. Amongst the various lockdowns, the channel has looked for its vendors to be energised, and traditional one-size-fits-all calls and video conversations simply do not fit the bill. Instead, creativity and motivation emerge through bespoke approaches to each individual relationship. Be it the gamification of sales targets, or home-delivering branded goodies, partners need to feel valued, incentivised and supported to grow and exceed sales expectations in 2021. For several years, containers have featured in our predictions, whether it be containers going mainstream or the rise of stateful container workloads. As this space further matures, we see container granular solutions becoming important and application centricity becoming essential. It is all about the business application; consistent and reliable day to day operation, encrypting its data, backing up the whole application, not just its data, and being able to freely move the application from environment to environment, datacenter to datacenter or cloud to cloud based on changing circumstance. Whether it is home grown or off-the-shelf, the focus is on the application. For several years, containers have featured in our predictions, whether it be containers going mainstream or the rise of stateful container workloads. As this space further matures, we see container granular solutions becoming important and application centricity becoming essential. It is all about the business application; consistent and reliable day to day operation, encrypting its data, backing up the whole application, not just its data, and being able to freely move the application from environment to environment, datacenter to datacenter or cloud to cloud based on changing circumstance. Whether it is home grown or off-the-shelf, the focus is on the application. ë
JAMES PETTER,
VP International
JA N U A R Y 2 0 21
MEA
93
SPECIAL REPORT
SCHNEIDER ELECTRIC
Increased spending in datacentres, edge computing, DX Enterprises are undertaking initiatives to modernise infrastructure, productivity, energy, sustainability, protect people, physical assets, data.
T
echnology was the business enabler of 2020, be it e-commerce, remote working, or solutions such as cloud-based technologies. We are going to see increased spending on hardware, software and services that help organisations manage and optimise performance. Spending will grow the fastest in the software and services space, in areas such as remote monitoring and analysis, as we see a shift to the fourth industrial revolution. And let us not forget cybersecurity. Digital transformation is impacting every industry; organisations are using technology to drive new innovation, improve business agility, and streamline their operations, to reduce costs and become more agile. New business opportunities and capabilities are being unlocked as organisations digitise their operational models. Enterprises are striving to undertake the critical initiatives required to modernise their facilities and infrastructure: specifically, improving productivity, reducing waste, improving energy resiliency, achieving sustainability goals, and, most importantly, protecting people, physical assets, and data. From Dubai’s Smart City initiatives to smart airports and trains regionally, Middle East countries and organisations are accelerating investment in IoT to drive sustainable performance, optimise costs and operations, and enhance safety and security. Middle East and Africa IoT spend is set to grow by 80% from $7 billion in 2018 to $12.6 billion by 2021, according to IDC. Another area of growth is data centers, which should see additional investments in 2021 as organisations focus on areas such as e-commerce. And Edge Computing will prove to be an up-and-coming area, as enterprises leverage 5G speeds for faster data processing. By 2025 there will be over 80 billion connected devices, generating 180 trillion of data Gigabytes. Over the coming decade, companies will spend 232 billion dollars on artificial intelligence to manage and use this data.
94
MEA
JA N U A R Y 2 0 21
ZIAD YOUSSEF,
VP Secure Power, Middle East and Africa
Spending will grow fastest in software and services and remote monitoring and analysis We are seeing budgets shift to emerging technologies such as AI that will help them make the best of these increasing data sets, and a key part of that is Edge Computing. We expect more enterprises will be using technologies such as machine learning and robotic process automation over the coming five years, thanks to the roll-out of enabler technologies such as 5G. Our focus is on helping our customers with their digital transformations and their sustainability goals. Digital transformation has the capacity to accelerate global, regional and national economic growth, promote job creation, and lead to the creation of new industries and technologies that will promote efficiency, agility and sustainability. We are bringing our global know-how and our on-the-ground expertise to bear to help customers in the region effectively transform their infrastructure through EcoStruxure, our IoT-enabled, plug-and-play, open, interoperable architecture and platform. Open standards and interoperability are key for future-proofing any organisations’ enterprise technology. Í
SPECIAL REPORT
SIEMON
Remote work driving investment into datacentre services
Siemon expects demand for infrastructure that enable scalability and migration to higher Ethernet speeds without disturbing installed infrastructure.
PREM RODRIGUES,
U
ndoubtedly, the global Covid-19 pandemic had and continues to have a major impact on every facette of daily life and the day-to-day business in many frontline industries. The IT industry however has seen strong growth in certain sectors with Siemon having experienced tremendous growth in the datacentre market throughout Q3 and Q4. Here, the change from office-based to remote working has hugely accelerated digitalisation and data traffic, which in turn has initiated stronger demand in datacentre services and this will continue into 2021. Although investment into LAN infrastructures, like new offices has declined, Siemon still expects this market to grow in 2021 in various other verticals, albeit at a much slower scale but driven by a hybrid working model partly office-based and partly remote working. In the datacentre space, Siemon expects greater demand for infrastructure solutions that enable scalability and easy migration to higher Ethernet speeds without disturbing the installed infrastructure and risking downtime. With speeds swiftly moving from 10 to 40 and 100Gbs, migration must be well panned and well-designed and requires a much more consultative approach tailored to individual customer needs. In addition, Siemon expects higher demand in solutions that maximise available datacentre space for example, in colocation facilities. These can include high density cabling and connectivity, for example, enclosures holding larger amounts of fibres, smaller diameter cables, and connector designs that allow for easy access
Director for Middle East, Africa, India and SAARC
Investment into LAN infrastructures has declined, but Siemon still expects this market to grow in 2021 in the tightest of datacentre spaces. Datacentres will see accelerated growth across the Middle East driven by a growing trend in greener, more energy efficient datacentres and a rise in edge datacentres which are required to support smart cities developments across the region. Almost every business is now adopting a cloud strategy which in turn accelerates datacentre requirements. Looking at vertical markets, Siemon sees increased government spending and governmental support to further drive digitalisation. Other verticals include the healthcare and pharmaceutical sectors where IT investment aims at improving the quality and capability of healthcare facilities. The education sector is also likely to experience further growth due to continued remote online learning audio video streaming, which will require higher IT infrastructure and datacentre spending. Siemon will continue to work alongside its complementary manufacturers eco system to meet customers’ growing demands for high performance datacentres as well as helping them achieve intelligent smart building solutions. Siemon has always been very dedicated to sharing its technical expertise and to helping infrastructure managers understand how the latest technology can future-proof their networks and will continue to provide technology and services that optimise datacentre and intelligent building infrastructures. Í
JA N U A R Y 2 0 21
MEA
95
SPECIAL REPORT
Cyberattack trends shaping IT security in 2021 Sophos forecasts that ransomware and fast-changing attacker behaviours, from advanced to entry level, will shape the threat landscape.
CHESTER WISNIEWSKI,
S
ophos has published the Sophos 2021 Threat Report, which flags how ransomware and fast-changing attacker behaviours, from advanced to entry level, will shape the threat landscape and IT security in 2021. The report, written by SophosLabs security researchers, as well as Sophos’ threat hunters, rapid responders, and cloud security and AI experts, provides a three-dimensional perspective on security threats and trends, from their inception to real-world impact. Three key trends analysed in the Sophos 2021 Threat Report include: The gap between ransomware operators at different ends of the skills and resource spectrum will increase. At the high end, the big-game hunting ransomware families will continue to refine and change their tactics, techniques and procedures to become more evasive and nation-state-like in sophistication, targeting larger organisations with multimillion-dollar ransom demands. In 2020, such families included Ryuk and RagnarLocker. At the other end of the spectrum, Sophos anticipates an increase in the number of entry level, apprentice-type attackers looking for menu-driven, ransomware-for-rent, such as Dharma, that allows them to target high volumes of smaller prey. Another ransomware trend is secondary extortion, where alongside the data encryption the attackers steal and threaten to publish sensitive or confidential information, if their demands are not met. In 2020, Sophos reported on Maze, RagnarLocker, Netwalker, REvil, and others using this approach. Everyday threats such as commodity malware, including loaders and botnets, or human-operated Initial Access Brokers, will demand serious security attention. Such threats can seem like low level malware noise, but they are designed to secure a foothold in a target, gather essential data and share data back to a command-and-control network that will provide further instructions. If human operators are behind these types of threats, they’ll review every compromised machine for its geolocation and other signs of high value, and then sell access to the most lucrative targets to the highest bidder, such as a major ransomware operation. For instance, in 2020, Ryuk used Buer Loader to deliver its ransomware. All ranks of adversaries will increasingly abuse legitimate tools, well known utilities and common network destinations to
96
MEA
JA N U A R Y 2 0 21
Principal Research Scientist, Sophos.
Everyday threats such as commodity malware, will demand serious security attention. evade detection and security measures and thwart analysis and attribution. The abuse of legitimate tools enables adversaries to stay under the radar while they move around the network until they are ready to launch the main part of the attack, such as ransomware. For nation-state-sponsored attackers, there is the additional benefit that using common tools makes attribution harder. In 2020, Sophos reported on the wide range of standard attack tools now being used by adversaries. Additional trends analysed in the Sophos 2021 Threat Report include: Attacks on servers: adversaries have targeted server platforms running both Windows and Linux, and leveraged these platforms to attack organisations from within l The impact of the Covid 19 pandemic on IT security, such as the security challenges of working from home using personal networks protected by widely varying levels of security l The security challenges facing cloud environments: cloud computing has successfully borne the brunt of a lot of the enterprise needs for secure computing environments, but faces challenges different to those of a traditional enterprise network l Common services like RDP and VPN concentrators, which remain a focus for attacks on the network perimeter. Attackers also use RDP to move laterally within breached networks l Software applications traditionally flagged as potentially unwanted because they delivered a plethora of advertisements, but engaged in tactics that are increasingly indistinguishable from overt malware l The surprising reappearance of an old bug, VelvetSweatshop, a default password feature for earlier versions of Microsoft Excel, used to conceal macros or other malicious content in documents and evade advanced threat detection l The need to apply approaches from epidemiology to quantify unseen, undetected and unknown cyberthreats in order to better bridge gaps in detection, assess risk and define priorities
SPECIAL REPORT
TREND MICRO
Securing digital transformation is primary pain point In a survey, 79% wanted to learn about digital transformation and cloud security, threat and vulnerability research 62%, and risk and compliance 49%.
I
n 2021, as many enterprises will still work remotely or in hybrid models, they will further adopt cloud and videoconferencing solutions – driving demand for cybersecurity solutions for these platforms. Many industries and companies have seen an increased demand in cybersecurity solutions for working from home. In the GCC, Trend Micro detected a combined 56,873,271 email, URL, malware, and banking malware attacks during the first half of 2020, according to the Midyear Security Report. Worldwide, Covid-19 related threats have been the single largest type of threat. In the H1 2020, Trend Micro blocked 8.8 million Covid-19 related threats, nearly 92% of which were spam delivered via emails. In the GCC, Trend Micro blocked 163,774 Covid-19 threats in attacks via URL, email spam, and malware. Trend Micro is seeing strong demand for its cybersecurity solutions in the hybrid cloud, user protection for endpoints, threat detection and response across email, endpoints, sectors, cloud workloads, and networks, and network protection from known, unknown, and undisclosed threats. Threats against OT networks – the operational and industrial infrastructure – will be a major challenge. These kinds of threats can be mitigated with solutions such as Trend Micro’s TXOne Networks, which is helping to secure customers’ OT or IoT with their IT infrastructure seamlessly. Trend Micro’s focus industries will continue to include government and public sector; energy, oil, and gas; banking, financial services, and insurance BFSI; healthcare; education; and telecommunications. Many industries that are very important to the Middle East’s diversified economy – such as travel, tourism, entertainment, hospitality, and retail – will continue to come back on track, which means more demand in the market, more growth, and more need
MAJD SINAN,
Country Director UAE
Even in the post-pandemic world, remote working is likely to continue to secure IT infrastructure. Secure digital transformation is a major trend. In a recent Trend Micro survey of 2,064 business and IT decision-makers, 79% wanted to learn more about digital transformation and cloud security, followed by threat and vulnerability research 62%, and risk and compliance 49%. Trend Micro’s customer satisfaction and success have actually increased over the past year, as Trend Micro has helped organizations to deliver a sustainable recovery. Trend Micro has also seen strong success in the expansion and enhancements to its AMEA channel program. Home networks, remote working software, and cloud systems will be at the center of a new wave of attacks in 2021, according to Trend Micro’s 2021 predictions report Turning the Tide. Even in the post-pandemic world, remote working is likely to continue. Trend Micro will help to secure home networks, remote working software, and cloud systems, which will be at the center of a new wave of attacks. The most at-risk employees will be the end-users who regularly access sensitive data, such as human resources, sales, or corporate financial data. Trend Micro’s Turing the Tide report says organizations should follow a 4-step process to mitigate threats: l Foster user education and training to extend corporate security best practices to the home, including advice against the use of personal devices. l Maintain strict access controls for corporate networks and the home office, including zero trust. l Double down on best practice security and patch management programs. l Augment threat detection with security expertise to protect cloud workloads, emails, endpoints, networks, and servers round-the-clock.
JA N U A R Y 2 0 21
MEA
97
SPECIAL REPORT
Since the current NIS Directive entered into force in 2016, the cyber-threat landscape has been evolving JAMIE BROWN,
Senior Director of Global Government Affairs
TENABLE
PANDEMIC TRIGGERS REVIEW OF GLOBAL CYBERSECURITY LAWS
Certifications under consideration in 2021 include EU Common Criteria for critical infrastructure, cloud services, artificial intelligence, and 5G.
T
he expanded threat landscape of cloud-based assets along with connected operational technology devices is increasing cyber risk exposure. The pandemic and economic downturn have also created new challenges for government security leaders. Indeed, the massive shift to remote work for both the public and private sectors has forced businesses, governments and other organisations to adapt security practices, processes and policies to account for the significant range of new devices and assets which are now connected to enterprise networks. Both governments and enterprises have seen increases in Covid-19 related phishing and other cyberattacks against employees during the pandemic. Unpatched hardware, software and configuration vulnerabilities in home devices can now be exploited and leveraged to attack enterprise networks. For many global policy makers, the transformative impact of the pandemic has reinforced the need to adopt new cybersecurity and privacy policies, many of which were under consideration before the pandemic, in order to strengthen trust in the digital economy. These include efforts to promote data privacy and protection, raise baseline security standards of care, and implement cybersecurity certification regimes. Since the current NIS Directive entered into force in 2016, the
98
MEA
JA N U A R Y 2 0 21
cyber-threat landscape has been evolving. The EU Commission has launched a public consultation on a proposed revision of the Directive. This will be an opportunity to clarify minimum cyber hygiene standards, consider the expanded threat landscape of cloud computing and operation technology risks, and harmonise security standards across the EU. Much of this harmonisation will likely come through implementation of the cybersecurity certification schemes under the EU Cybersecurity Act. While the member state cybersecurity authorities will play the lead role in driving these certifications in their respective countries, we also expect them to work closely with the European Commission and the European Agency for Network and Information Security in order to drive towards greater convergence. Certifications under consideration in 2021 include new Union-wide certification standards for EU Common Criteria for critical infrastructure, as well as certification regimes for cloud services, artificial intelligence, and 5G. It has been more than two years since the European General Data Protection Regulation, GDPR came into effect and changed the landscape of global data security. The data protection by default approach of the GDPR is now being mirrored in Brazil with the Lei Geral de Proteção de Dados Pessoais, LGPD, with some key differences. The LGPD, which went into effect in August 2020, has a broad scope and applies to any organisation that processes Brazilian citizen data.
SPECIAL REPORT
As many organisations processing Brazilian citizens’ data undergo digital transformation, it will be critical to understand these new requirements and to avoid penalties. The Brazilian government is expected to clarify some of the provisions of this law in 2021. Brazil is influential across the Americas and their minimum-security standards will be impactful for data security practices. Japan, Brazil, Canada, India and New Zealand all made updates in 2020 on regulations impacting data security standards. All of these countries moved closer to the EU model of minimum cybersecurity standards and substantial fines for non-compliance. This trend is likely to continue with governments reviewing their basic cybersecurity standards in light of the changing threat landscape and concerns for data privacy. Expect to see more extraterritorial reach for these laws as governments mandate basic cybersecurity requirements and leverage fines to organisations who ignore security. ë Because there is a wide range of maturity for OT security policy across APAC, there is a need for developing and harmonising security best practices. Regional industry groups are likely to drive alignment with international, consensus driven, standards. As an example, the ASEAN Ministerial Conference on Cybersecurity AMCC, agreed in 2018 to subscribe in-principle to 11 voluntary, non-binding norms as well as to focus on regional capacitybuilding in implementing these norms. These norms include Critical Infrastructure Protection and OT protection. In 2018 Singapore published its Master Plan for Operational Technology standards. These efforts are likely to grow across APAC in 2021 as 5G technology is adopted and the OT threat landscape risk grows. Earlier this year, Australia launched a consultation on a proposed enhancedregulatory framework for operators of critical infrastructure and systems of national significance. This focus on critical infrastructure stems from Australia’s Cyber Security Strategy 2020, where the government noted that highly sophisticated nation states and state-sponsored actors continue to target governments and critical infrastructure providers. In response, the Strategy calls for critical infrastructure businesses to improve baseline security, and states that the government will invest funds in cyber situational awareness, research on cyber threats, and vulnerability assessment.
2020 saw further progress in the US on the harmonisation of regulatory requirements for cybersecurity Government leaders in India have also been increasingly focused on the security of their industrial technology infrastructure against cyberattacks. Critical infrastructure cybersecurity will therefore likely be a major focus area in India’s National Cyber Security Strategy 2020, and early implementation of the Strategy is expected in 2021. Japan continues to implement provisions of the Cyber Physical Security Framework, released by the Ministry of Economy, Trade and Industry METI in 2019 and focused on security for consumer and industrial IoT. As part of this implementation, METI released a draft IoT Security Safety Framework earlier this year, focusing on security for the layer of mutual connections between physical devices and cyberspace. METI will likely develop further guidance on Cyber Physical Security in 2021, especially as the Tokyo Summer Olympics, which constitute a prime target for cyber attackers, have been rescheduled for next summer. 2020 saw further progress in the US on the harmonisation of regulatory requirements for cybersecurity and the growing acceptance of a risk profile model that could be examined across multiple regulatory agencies, largely based on the NIST Framework for Improving Critical Infrastructure Cybersecurity. There is also continued discussion of harmonisation in both Europe and APAC. 2021 is likely to see additional review of these requirements in Europe as banks seek to reduce duplication across national agencies and limit burdensome regulatory requirements. This is hopefully an opportunity to focus on critical risks and maintaining harmonised standards for cybersecurity. Energy and critical infrastructure security have received renewed attention in recent months as the Covid-19 pandemic has put into focus how much we rely on the electric grid, supply chains, manufacturing and pharmaceuticals. Over the last year, Congress has worked on the American Energy Innovation Act, which contains numerous cybersecurity provisions to strengthen US energy infrastructure cybersecurity through publicprivate partnerships, rate incentives for cybersecurity investments, and advanced cybersecurity technology and application research and development. While this bill is unlikely to pass before the end of this Congress, we expect to see similar legislative efforts on strengthening energy sector cybersecurity in 2021. The US Departments of Energy and Homeland Security will also continue to prioritise energy grid and industrial cybersecurity through policy guidance and updated standards. Questions regarding whether these approaches will take a more voluntary or regulatory approach in 2021 may depend on presidential and congressional election outcomes. Congress is also expected to consider a major transportation and infrastructure package in 2021. This legislation is expected to include provisions on smart, digital infrastructure. Therefore, critical infrastructure and OT cybersecurity considerations will need to be addressed as well. ë
ADAM PALMER,
Chief Cybersecurity Strategist
JA N U A R Y 2 0 21
MEA
99
SPECIAL REPORT
THREATQUOTIENT
REMOTE WORK, RANSOMWARE CREATE LESSONS FOR SECURITY OPS Organisations were immediately forced to implement infrastructure and technologies to allow users to work from home yet still access shared resources.
I
n 2020, remote work and ransomware produced the greatest lessons learned for security operations. Organisations were suddenly and immediately forced to implement new infrastructure and technologies to allow users to work from home yet still access shared corporate resources. Security teams had to quickly adapt and learn how to protect remote workers along with traditional infrastructure. With the additional infrastructure and attack surface everyone’s home is now a potential access point, evolving threats like ransomware become even more of a risk to organisations. Many companies have purchased cyber insurance and started to create offline encrypted backups in case they are targeted, but there is still a lot to learn. Ransomware, nothing new here but adversaries always go for what is easy, why change if it is working? I anticipate some advancement in their tactics as organisations change their response. We saw this happen over the past year as ransomware can now exfiltrate data so if you have backups that they did not encrypt, they will threaten to release all of your data publicly. I expect further improvements to adapt to network segmentation and other security practices put into place to limit the effectiveness of ransomware. Modular malware is not specific to 2021, but malware itself is becoming more specialised and modular. BlackEnergy and Emotet are two great examples. Both started as banking malware and both have evolved into more modular malware where the code has one or two basic functions usually initial infection and then propagation to other users hosts. The malware can then be instructed to download other modules depending on the target and the end goals of the adversary. If you want to deploy ransomware, download that module; if you want to search for and exfiltrate data,
100
MEA
JA N U A R Y 2 0 21
With additional infrastructure and attack surface, everyone’s home is now a potential access point download a different module. It is plug and play hacking at its best. Experts have discussed about how security operations teams need to be more proactive and less reactive and improve agility. SecOps needs to adapt faster than the threats they are facing. This is one of those things that just may never happen. But teams can make improvements in 2021 by understanding the threats that are out there and defining how they conduct operations to offer flexibility to adapt better. You have to know the threat, know what you are trying to fight, and you have to be able to adapt. Even if it is slower than the adversary, any improvement helps. An alternative approach to people, process, and technology is to look at SecOps as data, systems, and people. Two system markets that can help SecOps teams with their agility are SOAR and XDR. Both of these markets are still being defined but at their core they bring in automation SOAR so organisations can adapt quicker and they talk about systems and data awareness XDR so everyone knows what threats you are trying to fight. I see SOAR and XDR technologies evolving and maturing in 2021 so that teams of all maturity levels can make sure that their data, systems, and people are aligned and gain agility. ë
SPECIAL REPORT
JONATHAN COUCH,
SVP, Strategy
An alternative approach to people, process, technology is to look at SecOps as data, systems, people
JA N U A R Y 2 0 21
MEA
101
SPECIAL REPORT
VEEAM
Recurring IT purchases including hardware to be priority Hardware should be refreshed every three years, and if the pandemic halted attention to hardware, it is fair to say that will make its way to the top.
D
espite the economic turbulence brought on by the pandemic in 2020, we will see a 5% to 10% increase in general IT spend in 2021. Allocations will likely focus most on security, general system modernisations, backup, applications, cloud migrations, and refreshing hardware. In addition, organisations will take a look at what was on hold in 2020 to address IT spend that happens on an annual recurring basis. For example, hardware should be refreshed every three years, and if the pandemic halted an organisation’s attention to hardware, it is fair to say that will make its way to the top of the list in 2021. We will see an aggressive shift to the left across all industries, where CIO’s will depend more on their development teams to guide the technical direction of the company. Historically, development teams have taken a top-down approach to move their data to the cloud, but – as have many things in the world – this changed with the pandemic with the reinforcement of cloudbased environments. In 2021, we will see DevOps teams continuing to have far more say in the data strategy process, and as a result we will see a greater increase in the mobility of workloads, correlating with an increase in cloud data management techniques. Distributed workforces were already on an upward trajectory but have been completely kicked into overdrive with the Covid19 pandemic. With many companies extending work-at-home opportunities through mid-next year, reliance on cloud-based collaboration platforms such as Microsoft Teams and Slack, will only increase. This means even more teams will be looking to harness the power of the cloud to store an influx of data from collaboration platforms. In 2021, this will create more focus, awareness and need for data protection and management for collaboration software. Appliances will diminish in their attractiveness as we shift towards software-defined models. Ten years ago, appliances were these shiny new toys that everyone wanted to get their hands on,
102
MEA
JA N U A R Y 2 0 21
DANNY ALLAN,
CTO and SVP Product Strategy
Remote work in the pandemic had a real impact on how we dealt with hardware in 2020 that will continue into 2021 however they have not had the staying power we predicted they would. In fact, we have seen a shift towards backup-as-a-service and away from appliances. Remote work in the pandemic had a real impact on how we dealt with hardware in 2020 that will continue into 2021 as software-defined models take center stage. Already, we are seeing organisations recognise the unlimited opportunities available to them through data they have already collected. Data re-use will be a big trend we see organisations shifting to 2021, with many leveraging the power of machine learning to help them do this. This is still in the emerging stages; however, its adoption will increase as organisations recognise how it can help them analyse and re-use data that they already have. By leveraging machine learning in the cloud, organisations will ultimately become smarter. Data privacy and privacy regulations will continue to gain traction in 2021. In particular, I predict we will see the first proposed federal regulations around privacy in the New Year. However, compliance fines will continue on the downward trend we saw in 2020. We saw a massive jump in compliance fines in 2019, which solidified how seriously GDPR, CCPA and others needed to be taken. Now that this attention has been received and the awareness is there, the shift will be more towards more consistency of privacy regulations at the federal level. ë
Modernizes your approach to secure access RSA SecurID Suite enables organizations of all sizes to mitigate identity risk and maintain compliance without impeding user productivity. It ensures users have appropriate access and conďŹ rms they are who they say they are with a modern, convenient user experience. In addition, RSA SecurID Suite provides uniďŹ ed visibility and control across organizations' many islands of identity.
For more info, contact your authorized distributor, Mindware FZ LLC at rsa@mindware.net | www.mindware.net | www.rsa.com
“A New Normal of Technology, Business & Networking Events ”
TECHNOLOGY
LEADERSHIP BUSINESS
INNER-SELF CULTURE
90 DAYS MILESTONES
62 +
SESSIONS
6000 +
100 +
C-SUITE ATTENDEES FROM 32 COUNTRIES
PARTICIPATION OF OVER
INTERNATIONAL AND TOP INDUSTRY LEADERS.
89%
31
+
OVER
ENGAGED AUDIENCE
COUNTRIES
TECH LEADERS
CIOS
VENDORS
IT DIRECTORS
55
SATISFIED PARTNERS AND SPONSORS
INNOVATORS
EDUCATORS
ACADEMICIANS AND INVESTORS
BROUGHT TO YOU BY
ORGANIZED BY
FOLLOW US:
Global CIO Forum
Global CIO Forum
www.globalcioforum.com/unitewebsummit/