EC-MEA March 2021 by GEC Media Group

HOW THEY WERE HACKED: MICROSOFT EXCHANGE SERVER, VERKADA

PA G E S 6 8 VOLUME O8 | ISSUE 06 MARCH 2021 WWW.EC-MEA.COM

PUBLIC CLOUD

APPLICATIONS INFRASTRUCTURE SYSTEMS

Digital transformation and pandemic has made vendors realise their products must be A R Ctransition. H 2 0 21 01 cloud ready. The first part of our deep dive intoMthe MEA

www.fitsmea.com

UNVEILING THE FUTURE AT #FITSMEA21

in Association with

March 22, 2021

#StrongerTogether

BROUGHT BY

OFFICIAL MEDIA PARTNERS

EDITORIAL MANAGING DIRECTOR TUSHAR SAHOO TUSHAR@GECMEDIAGROUP.COM EDITOR ARUN SHANKAR ARUN@GECMEDIAGROUP.COM

12MONTHS GONE BY

CEO RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM GLOBAL HEAD, CONTENT AND STRATEGIC ALLIANCES ANUSHREE DIXIT ANUSHREE@GECMEDIAGROUP.COM GROUP SALES HEAD RICHA S RICHA@GECMEDIAGROUP.COM

ARUN SHANKAR, EDITOR A R U N @ G E C M E D I A G R O U P. C O M

year has gone by, since the pandemic jumped the borders and hit countries outside China, with this milestone mostly gone unnoticed. Despite the challenges around distribution and administration of the Covid vaccine, with vaccines withdrawn and then restored, nations seem to be getting along with the job of making it happen. The global net numbers of those getting infected by Covid-19 are definitely on the decline. Airports are opening and closing and then reopening with the anticipation of closing, but the net positive is more planes in the skies and more passengers making bookings. There are reports of the explosion of cross border human movements likely to happen sometime during the second half of this year and definitely by the end of this year. Some estimates say there is close to a trillion dollars of savings pent up ready to be unleashed, as and when all controls are lifted. There are predictions that the latest US stimulus, recovery aid package of more than a trillion dollars, will boost the US GDP ahead of China for the first time in decades. And we all agree, we are now on yet another positive curve of recovery. Probably the strongest one that we have seen since the pandemic first hit us a year ago. The end of 2020 and early part of 2021, saw the announcement of the SolarWinds hack. Initially, interpreted to be targeting US government agencies, but in realty targeting the IT industry’s vendor solution companies and specifically the cyber security ones. Experts label this as one of the most sophisticated cyberattacks ever, because of its flawless stage-wise penetration plan, designed and orchestrated by unknown state actors. Then we saw the Florida water utility hack. A classic, copy book approach for an IT-OT breach, in which luckily the human consequences were avoided in the nick of time. And now we have the all-encompassing Microsoft Exchange compromise that has affected 250,000+ businesses, according to Morey Haber at BeyondTrust. Haber points out that remediation for this hack is complicated. Like any critical patch, downtime is required to be implemented in the form of a reboot. This is not just a simple reboot and for highly regulated organisations, it is unscheduled downtime and the forensics and reporting associated with a breach and clean-up. This adds to security professionals’ already heavy workloads. And if this was not enough, came the announcement that camera manufacturer Verkada has been breached, exposing 150,000 cameras, some in mission critical facilities. While there was no inherent damage or claims from the breaches, Cybereason’s Sam Curry, says even though nation state cyberattacks on SolarWinds and Microsoft Exchange Servers are garnering headlines, hacktivist groups are still players in the global cyber ecosystem. Turn these pages to learn more about these global breaches, ongoing remediation, and the first part of our industry responses on public cloud. Positive reading. ë

EVENTS EXECUTIVE GURLEEN ROOPRAI GURLEEN@GECMDIAGROUP.COM RONIT GHOSH RONIT@GECMDIAGROUP.COM JENNEFER LORRAINE MENDOZA JENNEFER@GECMDIAGROUP.COM SALES AND ADVERTISING RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM PH: + 971 555 120 490 PRODUCTION, CIRCULATION, SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM DESIGNER AJAY ARYA ASSISTANT DESIGNER RAHUL ARYA DESIGNED BY

SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM SOCIAL MARKETING & DIGITAL COMMUNICATION YASOBANT MISHRA YASOBANT@GECMEDIAGROUP.COM PRINTED BY AL GHURAIR PRINTING & PUBLISHING LLC. MASAFI COMPOUND, SATWA, P.O.BOX: 5613, DUBAI, UAE

COMPANY OF ACCENT INFOMEDIA MEA FZ LLC

# 203 , 2ND FLOOR G2 CIRCULAR BUILDING , DUBAI PRODUCTION CITY (IMPZ) PHONE : +971 4 564 8684 31 FOXTAIL LAN, MONMOUTH JUNCTION, NJ - 08852 UNITED STATES OF AMERICA PHONE NO: + 1 732 794 5918 A PUBLICATION LICENSED BY International Media Production Zone, Dubai, UAE @copyright 2013 Accent Infomedia. All rights reserved. while the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.

M A R C H 2 0 21

MEA

Faster, Denser, and More Scalable Than Ever Help your customers discover a better way to scale their enterprises and safeguard critical data with Seagate Systems—now available at an exceptional price. Our innovative and easily integrated platforms create a seamless enterprise storage experience. With maximum capacity and unparalleled performance, this is data done right.

Why Choose Seagate Systems? margins high, we’re offering 30% off the manufacturer’s suggested retail pricing (MSRP) for all our value-added resellers (VAR). Between competitive pricing, high-capacity drives, and end-to-end system integration, Seagate Systems offer best-in-class value for you and your customers.

3005 Controller — Entry

5005 Controller — High

100K IOPS

600K IOPS 1ms latency

3.5GB/s sequential read throughput

7GB/s sequential read throughput

3.5GB/s sequential write throughput

5.5GB/s sequential write throughput

16GB cache per system

32GB cache per system

4 ports per system: iSCI (1Gb/10Gb), Fibre Channel

8 ports per system: SAS, iSCI (1Gb/10Gb), Fiber Channel

HDDs

HDDs and SSDs

Questions? Reach out to your account team.

Bibin George Sales Representative MENA (Enterprise and Systems), Seagate Technology bibin.jacob@seagate.com +971-50-6818529

Najeem Thajudeen Product Line Sales Manager, ASBIS Middle East FZE najeem.thajudeen@asbisme.ae +971 55 311 7020

CONTENTS 37-51/ COVER STORY n

Alibaba Cloud Intelligence: Building an ecosystem for SaaS application providers

Cybereason: Partnering with Oracle hyper scalar to protect cloud

Mambu: Using cloud to build the bank that you want

Proofpoint: Managing security for cloud users and administrators

Qualys: How Qualys is using cloud to scan millions of assets

Red Hat: Building open hybrid cloud platform for developers

Riverbed: Accelerating apps from data centre and hyper scalars

Salesforce: Salesforce is 100% cloud-native and first Saas solution

EDITOR’S PAGE

25-35

SECURITY

06-08

54-55

10-14

56-57

17-21

58-63

VIEWPOINT EVENTS CHANNEL 22

CLOUD

REAL LIFE

25-26

BREAKING

Remediation steps from top industry experts after Exchange hack

PRODUCTS GUEST COLUMN 65-66

PEOPLE

BREAKING

Verkada camera breach highlights weak links in supply chain integration

52-53

INNOVATION Backup, your last line of defense against Ransomware

M A R C H 2 0 21

MEA

VIEWPOINT

INTEGRATION IS IMPERATIVE FOR EFFECTIVE XDR SOLUTION

To help XDR solutions deliver on their promise, what is needed is a platform focused on integration, explains Marc Solomon of ThreatQuotient.

arge security vendors with Extended Detection and Response, XDR offerings position their solution as integrating their own set of products. It may include a couple of third-party products already part of their suite and providing a central screen or single pane of glass to be able to see all the data. But that raises some important points. Data can come from any of the solutions that are part of the XDR offering at any time and, given alert overload, we are probably talking about massive amounts of data. Without context from external intelligence sources, it is impossible to determine relevance and prioritisation. Because the data is not curated for the specific customer environment it could be noise, which lowers users’ confidence in the data and their ability to make the right decisions. Some organisations are starting with a clean slate and have a variety of best-ofbreed solutions across departments and teams. To deal with this, many of these larger vendors are now creating marketplaces, hoping that smaller vendors will use their APIs to build integrations with them. This is starting to happen. But if you have been in the software industry for a while, you understand that this takes a lot of time and is not easy to maintain. And if a smaller vendor has products that compete with the main vendor, the integration may never happen. Even if the XDR solution vendor has great APIs that are easy to write to, getting data from on-premises, legacy applications to a cloud platform is a considerable undertaking. An XDR implementation can quickly turn into a very large consulting project requiring significant time and budget. Alternatively, some organisations may choose to outsource the entire function to a managed detection and response, MDR, service provider that offers XDR as a service. MDR is a growing category in cybersecurity services and is an offshoot of the traditional Managed Security Service Providers, MSSPs. Unlike MSSPs, MDR companies don’t manage traditional security tools and technologies like firewalls but are there to detect, respond and address attacks. To help XDR solutions deliver on their promise, what is needed is a platform

An XDR implementation can quickly turn into a very large consulting project requiring significant time and budget 06

MEA

M A R C H 2 0 21

MARC SOLOMON, Chief Marketing Officer at ThreatQuotient.

With pre-processed, curated data, teams have high confidence that the data is relevant focused on integration, serving as a central repository for data and intelligence from internal and external sources, and as a conduit between existing security technologies and cloudbased XDR offerings. More than a central screen or single pane, the platform delivers a single source of truth for teams and tools, bringing in third-party intelligence to enrich data from internal tools with context and prioritise it for action. This single source of truth can prioritise and filter out noise, share knowledge, serve as organisational memory and become a custom enrichment source for all teams and tools to use to accelerate security operations. With pre-processed, curated data, teams have high confidence that the data is relevant. Confidence in data leads to confidence in decision making which, in turn, leads to confidence in automating those decisions and actions. Because that platform also integrates with third-party security controls, relevant, prioritised threat intelligence can flow through all systems, playbooks and processes. Actions, automated or manual, are based on the right data and can be executed quickly. Clearly, integration is imperative for XDR, enabling effective detection and efficient response. ë

VIEWPOINT

IMPLEMENTATION AND RoI OF LATEST TECHNOLOGIES Successful deployment of new technologies needs to have the required skills, data management and security, explains Dave Russell of Veeam.

ew technologies attract a lot of hype. Descriptions used to describe new technologies such as revolutionary and ground-breaking have lost their impact through their overuse. Furthermore, this culture of over-promising makes technologists and customers cynical when they don’t see immediate or significant impact of new technology deployments. There are many reasons why new technologies can initially flatter to deceive later. It can simply be executed in the wrong way possibly because the skills do not yet exist to design solutions and troubleshoot problems. Digital transformation is one such example, where businesses feel held back by a lack of skills with almost one in three IT decision makers citing this as a concern. It can be that a technology is simply ahead of its time and the complementary technologies that give it a clear place in the world do not exist yet. For example, the early efforts of touchscreen device by Palm and Microsoft to launch personal tablets were flawed by their inability to connect wireless to the Internet or sync with PCs and laptops. It was only when wireless technology and cloud computing reached maturity that smartphones and tablets came of age. Finally, technology can work perfectly well, but not really solve a big enough problem to warrant significant investment. That is why you often hear talk of killer apps or use-cases that will give a new technology purpose and meaning. Experience therefore tells us that just because a new technology might not change the way things are done tomorrow, it doesn’t mean it won’t have a big impact in the long-term. With that said, it is fine to get excited by the potential of a new technology. But as an industry we must learn to temper our expectations, and those of our customers, towards how quickly and how far new technologies will create radical and lasting change. Technologies which solve a real problem are enabled by the right complementary technologies and are generally understood enough to be successfully tested and deployed. But there are other challenges for such technologies. Any enterprise IT deployment requires investment, upskilling and cultural change from business leaders and employees. That means it can take years to build a compelling enough business case to convince budget holders to incorporate new

Technologies which solve a real problem are enabled by the right complementary technologies

DAVE RUSSELL

Vice President-Enterprise Strategy at Veeam.

In 2021, if you cannot confidently protect and manage data within a service or application, you should not deploy it deployments into their strategy. In addition, once a clear business case has been established, there are regulatory, cybersecurity and data protection requirements to throw into the mix. Given the value modern businesses rightly place on their data and the consequences of failing to manage and protect it, is something which must be considered early in the tech lifecycle. In 2021, if you cannot confidently protect and manage data within an IT service or application, you should not deploy it. Taking a strategic view of where technologies have not been successfully deployed before putting in your wider business objectives, is crucial for building the business case for them. Acquiring the necessary buy-in from budget holders to invest complementary solutions and onboard the necessary skills is also essential. For enterprises locked in a race to transform digitally, evolving customer demands along with an increased reliance on cloud and connectivity are forcing their hands. Implementing the latest and greatest technologies to achieve the desired outcomes of digital transformation requires investment in the necessary skills, data management and protection capabilities. ë

M A R C H 2 0 21

MEA

VIEWPOINT

TOP TEN CYBERSECURITY PREDICTIONS FOR THIS YEAR

In 2021, we will begin applying learnings from the 2020 pandemic. Maher Jadallah of Tenable highlights top ten cybersecurity trends for this year.

020 was the survival year of humankind and has left in its wake security battlefields for repair. Businesses need to address mountains of cybersecurity, band aid patchwork and replace them with viable and robust solutions. Another area of innovation that was delayed in 2020, mainstream roll out of 5G, will take place in 2021. Here are the top ten cybersecurity predictions for 2021. Privacy data will be an open field. With so much of daily life happening online, the lines between security and privacy have blurred. If 2020 was a practice run for cybercriminals, 2021 is going to be the professional match. Band aid solutions put in place during 2020 by CISOs, when introducing remote working practices with limited time and resources, will need to be replaced with scalable, long-term solutions. As organisations continue with remote work models in 2021, CISOs will need to rise to the challenge of securing dynamic environments. Convenience will outstrip security. The demands of a remote workforce have included rapid digital modernisation. Against this, the demand for convenience has outweighed the priority for security. Gaining a holistic view of the entire infrastructure must be a priority in 2021. There will be a strong demand for trusted vendors that focus on built-in security. 2021 will see a spike in adoption of SaaS collaboration tools as teams look for convenient ways of bringing together distributed workforces. Many vulnerabilities and cyberattacks are a product of weak secure code. Attacks can be avoided if we invest in teaching secure code in schools and demand the use of secure code in software. The need for increased cybersecurity education in schools is critical. In 2021, our reliance on mission-critical systems will become even greater. Ransom prices will rise as the value and dependence on supply chain increases. In 2020, we have seen critical infrastructure fall victim to cybercriminal activity, particularly ransomware.

2021 will be the era of widespread IT and OT convergence

MEA

MAHER JADALLAH,

Regional Director-Middle East at Tenable.

In 2021, our reliance on mission-critical systems will become even greater 2021 must be the year to start planning for worst case scenarios to ensure security of critical systems now and well into the future. Whether it is ransomware or a rogue USB, the threats to critical systems cannot be understated. In times of crisis, supply chains that underpin modern society go into hyperdrive. 2021 will be the era of widespread IT and OT convergence. There can be no OT without IT and securing converged environments will be critical. IT will be a conduit to compromising sensitive OT environments and vice versa. Organisations will learn the hard way their OT is no longer air gapped. Once 5G is widely available, the floodgates will open, and both white hats and black hats will experience a swift learning curve. The profound speed and reach will connect businesses more than ever before, which translates to dangerous ripple effects of a successful attack. As data flows through vulnerable 5G infrastructure, it will be essential to build security to close the gaps. To combat emerging threats, users and service providers will lock arms to prioritise security measures and build an ecosystem of trusted vendors. The expanded threat landscape of cloud-based assets along with connected operational technology devices is increasing cyber risk exposure. The massive shift to remote work for both the public and private sectors has forced businesses, governments and other organisations to adapt security practices. With many of the challenges of 2020 following us into 2021, it is imperative that security leaders consider not only policy changes but new technology trends. This helps the senior security leader to be proactive with strategy and not reactive. ë

M A R C H 2 0 21

02 – 04 NOVEMBER 2021 DUBAI EXHIBITION CENTRE

Next generation mobility and logistics event 3,000+ VISITORS | 200+ SPEAKERS | 100+ HOURS OF CONTENT

G E T I N V O LV E D T O D AY

hypermotion@uae.messefrankfurt.com www.hypermotiondxb.com

220x310 Advert_Hypermotion_ARTWORK.indd 1

23/02/2021 08:41

EVENTS

Global CIO Forum, Spectrami host summit on predictive cyber defence Global CIO Forum in association with Spectrami hosted a virtual summit titled, When Even Hunters are being Hunted: Predictive Cyber Defense against the Inevitable. The event was supported by Menlo Security, Securonix, Seclytics and CheckPoint. The event was held on 16 February. The event being held for the second year in a row, was opened by Hardeep Singh, Business Unit Lead, Spectrami. The welcome address for the virtual summit was delivered by Anand Choudha, CEO, Spectrami, who thanked all the online attendees across the Gulf region for their participation. As we progress through the post pandemic times, and adapt to the new normal, we are seeing signs that all is not normal as yet. In the past 12 months, the number of cyber security incidents has shot up by 250%, partially due to remote workers exposing vulnerabilities in corporate networks, Singh pointed out. The theme of this virtual summit was therefore to invite industry vendor experts to present their solutions on how to use predictive cyber defence solutions. In the first session, Mohammed Almeshekah, Founder and Managing Partner of Outliers Venture Capital, in conversation with Sarfaraz Kazi, CTO of Spectrami, pointed out,

MEA

M A R C H 2 0 21

there have been successive of waves of cyber security trends starting from 2005 onwards. Across all these years, cyber security solutions have been hampered by a high signal to noise ratio. Despite increasing sophistication in artificial intelligence and machine learning, Almeshekah stressed that cyber security remains partly a science and partly a craft. Managing a security operations centre as well as, zeroday remediation, will always require skilled workers, and their craft skills, and can never be fully automated. A key trend to watch out for in the coming months will be machine language adapted to boost the efficiency of cyberattacks or adversarial machine learning. In the next session, titled Zero Trust Internet, Moving Beyond Almost Safe, Kowsik Guruswamy, CTO of Menlo Security, drilled down into the security challenges associated with digital transformation. Guruswamy pointed out that most organisations are now resigned to the fact that cyberattacks will happen. The source of 90% of all cyberattacks stem from Internet and websites and email. By continuously increasing the security around Internet and websites, a tradeoff is finally reached between declining user access and user experience, and increasing security walls.

Augusto Barros, Vice President of Solutions at Securonix, presented the next session titled Improving SOC Effectiveness Using Behavior Analytics and Machine Learning Technology. Barros presented the impact of unsupervised and supervised machine learning on the policies of security operation centres. The next session was, You Are Doing Predictive Threat Intelligence Wrong, presented by Saeed Abu-Nimeh, Founder and CEO at Seclytics. Abu-Nimeh pointed out the globally, security operation centres are suffering from alert fatigue and alert overload. There are just not enough resources to go through all the alerts. The recommended approach is to move away from low confidence, high false positives to high confidence, low false positives; and become more proactive instead of defensive in tackling threats. Seclytics is also building profiles of threat actors using indicators of compromise. In the last vendor presentation session, Neatsun Ziv, Vice President Threat Prevention at CheckPoint, stated that across the last few years there have been multiple wake up calls about large-scale vulnerabilities. There have been four generations of attacks and protection. CheckPoint has identified 500+ global

EVENTS

Speakers

Anand Choudha CEO, Spectrami

Augusto Barros VP of Solutions, Securonix

threat actors, out of which 90% of them stage low volume, high impact attacks. Three top CISOs participated in the panel discussion moderated by Sarfaraz Kazi, CTO of Spectrami. These included Saghir Ahmed

Sarfaraz Kazi CTO, Spectrami

Mohammed Almeshekah Founder & Managing Partner of Outliers Venture Capital

Saeed Abu-Nimeh Founder and CEO, Seclytics

Khan, Leader Security Operations Center at SABIC Saudi Arabia; Sameer Shaikh, Managing Director, Middle East and Africa, Galaxkey; and Ahmed Hassan Al Lawati, Section Head, Information Security, Ooredoo Oman.

Kowsik Guruswamy Chief Technology Officer, Menlo Security

Neatsun Ziv VP, Threat Prevention, Check Point

The panel pointed out that the pandemic changed a normal way of life into an abnormal one in literally seconds, and this has finally led to a new normal. Being incharge of cyber security, CISOs were forced to make some relatively scary decisions to adapt to the challenges of the pandemic. Moreover, CISOs see many things, which their colleagues in an organisation do not see. The pandemic has forced many people into joblessness who have either turned to cybercrimes to earn a living or are working out of their homes for a living. CISOs need to revisit and reassess their complete risk landscape and security controls. Control needs to be reshuffled from network centric architecture to remote centric and end point centric architectures. The threat attack landscape is continuously evolving and everything is changing. CISOs cannot follow the new normal, since that means they are not doing anything. In fact, in the new normal, CISOs should prepare the organisation and stakeholders on how to manage a breach, and focus on what to do after the breach.

M A R C H 2 0 21

MEA

EVENTS

GCF and GAVS hold Middle East annual client event, enGAge 2021 On February 25, GAVS Technologies in association with Global CIO Forum held its annual client event, enGAge 2021, the Middle East edition. The VirtualSummit was a platform for clients to come together to discuss trends, technologies and discover rich insights. enGAge 2021 for Middle East lined up speakers and sessions to make it more impactful and relevant based on the theme, From Crisis To Opportunity The Way Forward. enGAge 2021 had an engaging mix of keynote sessions by global thought leaders and panel discussions with CXOs. Jeremy Grigg, President and Founder, Council Vision and Sumit Ganguli, CEO, GAVS Technologies introduced the session. Rhea Seddon, Astronaut, Author and Surgeon delivered a keynote on Creating Opportunities During Crisis And Moving Ahead. Another keynote on Technology As An Enabler For Getting Growth Back was delivered Rajeev Kakar, Board Member, Eurobank; GIB, CIB Bank; UTI AMC; Global Founder Fullerton Financial; Founder Dunia Finance; Ex-CEO-Citi TMEA. Seddon shared reflections on her life’s experiences. She spoke about instances of gender bias in the history and cited that only 5% of women were in a medical university in 1965. She stressed that when you are going to blaze a trail you are going to face opposition and discrimination exists in all types of places for which you need to have a plan B. Seddon highlighted that they produced the first astro-tot. Seddon also spoke about the need for every organisation to have a process for managing failure. Most intelligent people will listen to data if presented properly and adapt data for audiences, Seddon shared. Kakar spoke about how to think big, think fast and think diverse. He shared that it is a good time to make investments and pivot for change and how he hates the term new normal

MEA

M A R C H 2 0 21

as we are always in a new normal. Kakar said that regulation always helps innovation, not over regulation. He highlighted that cryptocurrency would benefit with regulation, the Chinese are ahead over there. enGAge 2021 also hosted an expert panel on Leveraging Technology To Drive Growth In The New Normal. It was moderated by

Jeremy Grigg. The panel included Abdullah Al Barwani, General Manager for Corporate Security, Omantel; George Eapen, Group CIO, Petrofac; Vishal Govil, Head-Planning, Business Demand Management, IAM and Controls-Enterprise Services, Bank Muscat and Dr Nandan Sudarsanam, Associate Professor, IIT Madras.

EVENTS

GCF, NetApp, Cisco host event on datacentre transformation On February 24, Global CIO Forum, NetApp and Cisco held a virtual summit on Ignite The Power Of Your Future Datacentre. As industries and markets evolve in a fast pace, data has become an increasingly important IT business driver. Data is taking a stronger position in the daily business of organisations,

the capabilities of capturing, interpreting, and managing this data becomes key for businesses to thrive. The virtual summit gave deeper insights on how Cisco and NetApp enable their customers to harness the power of their data using specific use cases.

Jeroen Kulderij, Alliance Business Development Manager EMEA, Netapp gave an overview of the Flexpod design architecture. From surveys, Kulderij pointed out 63% of IT leaders have a hybrid cloud infrastructure, while containers are growing at 56%. Flexpod is a pretested, hyper-converged infrastructure, that represents ten years of partnership between Cisco and NetApp. Michael Hommer, Solution Architect Datacentre Solutions, NetApp presented the various application workloads and use cases for which Flexpod configurations have been prebuilt. The key here is not to oversize and not to undersize the Flexpod configurations to meet the demands of application workloads and specific vertical market use cases. Christophe Deschamps, Cloud Infrastructure and Software Group Datacentre Solution Architect, Cisco discussed Cisco’s contribution to datacentre architecture including Cisco Intersight and Systems Management as a Service. The event concluded with an active question and answer session around multiple queries raised by the attendees and was answered by Kulderij and Deschamps.

Top CIOs from UAE attend golf and yoga session organised by GCF Reboot On February 24, the Global CIO Forum held its second Unite CIO Meet, a part of its initiative, Reboot. Leading CIOs from the UAE attended a relaxing golf session. The golf session was followed by corporate Yoga by Arvind Viswanat, GCF Reboot Yoga Ambasaddor. The session 2 of GCF CIO Reboot was attended by over 12 CIOs including George Eapen, Petrofac; Gopi Krish, GEMS Education; Anindo Banerjee, Dubai Holdings; Fahad Deshmukh, Sobha Reality; Fayaz Badubhai, Al Yousef Group; Shrenik Jain, Siemens Group etc. The event was held at Topgolf. Topgolf Entertainment Group is a technology-enabled global sports and entertainment community that connects people in meaningful ways through the experiences we create, the innovation we champion and the good that we do. What started as a simple idea to enhance the game of golf has grown into a movement where people from all walks of life connect at the intersection of technology and sports entertainment. Reboot focuses on striking an equilibrium between four pillars: Wellness, Fitness, Nutrition & Engage. It aims to provide CIO community members an opportunity to interact with the experts from these four pillars which can help them imbibe the benefits of an all-round wellbeing.

M A R C H 2 0 21

MEA

EVENTS

IFS rebrands and launches IFS Cloud, in its most important event ever IFS, the billion-dollar global enterprise applications vendor, unveiled a new brand identity to fuse its evolved market position on March 10, 2021. With more than half of the company’s revenue coming from customers using IFS’s technology in how they serve their customers, IFS is positioned to help customers deliver at the moment when really matters. These are the moments when a company either delights or disappoints; the moments when all the decisions and processes that go into doing what you do need to come together; called the Moments of Service. The launch of IFS Cloud on March 10 will enable more companies to be their best in their Moments of Service. The new platform enables companies to manage the customer, people, and asset elements of their business in a single, integrated solution. Packed with meaningful innovation, IFS Cloud is the most significant launch in the company’s history and sets a new benchmark for the industry. The process behind the brand refresh was both collaborative and scientific, involving input from IFS customers, prospective customers, partners, employees, analysts, and journalists—as well as brand experts. The new IFS branding is currently being deployed across all touchpoints, including digital platforms, print and digital marketing, collaterals, merchandise, and office interiors. The roll-out is being accompanied by out-of-home advertising on some of the world’s most iconic activation sites including Times Square in New York, Burj Khalifa in Dubai, and Shibuya in Japan.

MEA

M A R C H 2 0 21

The roll-out is on iconic activation sites including Times Square in New York, Burj Khalifa in Dubai, Shibuya in Japan

There's one thing even a billion-dollar company can't afford:

a security breach

Safeguard your IT with

Security Information & Event Management | Identity & Access Management Network Security Management | Unified Endpoint Security & Management Privileged Identity Management | Firewall Security Audit & Log Management

www.manageengine.com M A R C H 2 0 21

MEA

Huawei IdeaHub New Style Smart OOce 3-in-1

Whiteboard 丨 Projector丨Online Meeting

M A R C H 2 0 21

Scan QR codeMEA to Learn More

CHANNEL

McAfee and Ingram Micro expand global distribution alliance

KATHLEEN CURRY, Senior VP of Global Enterprise Channels, OEM & Strategic Alliances at McAfee.

McAfee and Ingram Micro have announced an expanded worldwide relationship that builds on the transformation of the McAfee channel programme. The new agreement will provide access to McAfee products and solutions across Ingram Micro’s global distribution network, including its regional Cloud Marketplaces and Centres of Excellence. McAfee launched its SaaS portfolio on the US Ingram Micro Cloud Marketplace in late 2020, and plans to expand its footprint on Ingram Micro’s network of e-commerce platforms throughout 2021. Both companies recognise the opportunity and impact of cloud transformation happening within the channel landscape. Together, the two companies are working to help channel partners embrace these dynamics and enhance their offerings to address customer needs and drive intiatives to accelerate the opportunity by offering McAfee Device to Cloud Suites designed to help organisations accelerate cloud adoption. Additionally, Ingram Micro is expanding its services capabilities with McAfee to provide migration services to move from legacy security technology to

(left to right) Nidal Othman, CEO, StarLink and Patrick Ramseyer, Director of Operations, Central Europe, MENA, Getvisibility.

StarLink signs global distribution agreement with Getvisibility StarLink has announced signing a global distribution agreement with Getvisibility. This comes after a successful US partnership. The two companies have decided to further strengthen their alliance with this expansion. In the post pandemic hybrid work phase, organisations with remote workforce are becoming increasingly vulnerable to threat attacks especially due to unsecure home devices, employee negligence and in some case

malicious workers that is putting corporate information at a huge risk. This calls for security measures and policies that needs to be considered from inside out, beginning with secure users and company data. The best approach would be to automate the classification process so that when workers make an error, sensitive data can still be detected and stays intact. Getvisibility uses state-of-the-art AI to

McAfee MVISION products. As a result, channel partners will benefit from the expanded relationship. McAfee and Ingram Micro will be able to more effectively engage with and strengthen global channel partner relationships. It will now be easier for channel partners to purchase McAfee products and solutions through Ingram Micro. The expanded relationship enables Ingram Micro’s large service organisations with security tools and solutions from McAfee. Partners will be able to see McAfee products in Ingram Micro Centres of Excellence around the world Curry said that at McAfee, they are focused on empowering partners to effectively address dynamic customer needs by providing industry leading security solutions, a strong eco-system, and programmes that enhance profitability. She added that the expanded relationship with Ingram Micro will help build on the transformation that McAfee has been driving and enable organisations to reach a larger set of customers around the world in need of security protection.

classify and secure unstructured information allowing organisations to quickly visualise their data footprint where new and changing data risks have become evident thus allowing for proactive data management and security. Its dual approach provides flexibility to employees to manually classify data whilst they are created with suggestions and automated checking. Getvisibility also provides risk and compliance assessments as well as enforcing protection on sensitive data. To support and reinforce the expansion plans, Getvisibility has positioned Patrick Ramseyer, Director of Operations, Central Europe, MENA who is based out of Dubai to lead the sales operations and to work closely with StarLink to plan Getvisibility’s growth strategy for this region. Nidal Othman, CEO, StarLink commented that organisations are yet to streamline their IT policies, procedures and infrastructure to ensure a seamless adoption of the long-term, remote work norm. Opportunists threat actors are on the lookout for such organisations and moreover disgruntle employees due to the shift in the work patterns can pose a threat to the business operations, he added. Getvisibility brings in the unique AI powered Data Classification process that will assist organisations to secure and transform data security and we are excited to be part of this partnership, Othman concluded.

M A R C H 2 0 21

MEA

CHANNEL

(left to right) Abdullah Al-Kindi, Oman Country Manager at IFS and AbdulHakeem Amur Al Muslahi, CEO of Datamount.

Datamount, IFS sign strategic channel partnership in Middle East IFS, the global enterprise applications company, and datacentre and enterprise cloud service provider Datamount have entered a strategic channel partnership to serve joint customers in Oman and the Middle East. Since 2018, Datamount has been enabling

and guiding customers on their digital transformation journeys. Working with some of the most reputable brands in Oman, Datamount’s extensive market and industry knowledge have allowed them to rapidly grow over the past few years.

(left to right) Rami Kichli VP Gulf and Levant for Software AG and Marwan Bin Haidar, Vice Chairman of Digital DEWA.

DigitalX partners with Software AG to provide latest digital solutions DigitalX, the digital services arm of Digital DEWA, which is fully owned by Dubai Electricity and Water Authority, as part of Dubai 10X, has signed a partnership agreement with Software AG to deliver advanced digital solutions, systems and services for customers. The two companies will collaborate to speed up digital transformation initiatives and keep

MEA

M A R C H 2 0 21

pace with the latest solutions and services in different sectors. Al Tayer, MD & CEO of DEWA highlighted that the partnership will expand on the type of services that DigitalX provides to maintain Dubai’s position as a regional pioneer in this area. Marwan Bin Haidar, Vice Chairman of Digital DEWA, Digital Sector and Rami Kichli,

One of the key factors in the decision to establish the partnership between IFS and Datamount was their shared passion for providing products and services tailored for the specific industry needs of their customers. IFS has a proven track record in its focus sectors, including manufacturing, energy and utilities, and aerospace and defence said Abdul Hakeem Amur Al Muslahi, CEO of Datamount. He added that the depth and breadth of experience in the IFS team means they have a unique understanding of the processes that an organisation relies on to create value. IFS has also been very supportive in further enriching Datamount’s knowledge through their international service and support organisation, he shared. Abdullah Al-Kindi, Oman Country Manager at IFS added that the Omani government has in recent years invested heavily in specific sectors in order to realise its 2040 vision, including food and beverage, energy, manufacturing, and logistics. These industries align very well with IFS’ and Datamount’s expertise and look forward to leveraging combined skills to offer joint customers unparalleled value and service, both in Oman and internationally, he concluded.

Vice President Software AG, Gulf and Levant signed the agreement, during the participation of DEWA and its subsidiaries at Gitex 2020. This new cooperation is part of Software AG’s ongoing pact to support the capabilities of public and private companies said Rami Kichli, VP, Gulf and Levant, Software AG. Software AG is one of the suppliers that provide advanced solutions for companies, to face digital transformation and business transformation challenges and this plays a major role in supporting the directives of the wise leadership to make the UAE a pioneer state worldwide, he added. Kichli said it is their pleasure to cooperate with Digital DEWA, presented by Digital X, to launch a new collection of services for the companies in the region. It helps to make use of the new generation of solutions and encourage companies to explore new ways of innovation to enhance their roles in the UAE’s economic development, he added. Tayer said, through Digital DEWA, the digital arm of DEWA, they strive to reimagine the role of utilities and create a new digital future for Dubai, to become the world’s first digital utility to use autonomous systems for renewable energy, storage, expansion in AI adoption, and providing digital services.

CHANNEL

Khazna datacentres to have 200 megawatts of IT load capacity by 2023

HASSAN AL NAQBI, Chief Executive Officer of Khazna.

SecureLink, BUiD partner to provide cybersecurity training SecureLink and the British University in Dubai, BUiD, have entered into an agreement to empower cyber professionals accelerate their career paths with advanced cybersecurity qualifications. Under this alliance, cyber pros, be it experienced, or freshers can get hands-on experience and can excel in the below-mentioned domains that are prudently mapped and developed to comply with the NIST NICE framework. Thus, enabling candidates enhance their cybersecurity skills across

Khazna, the UAE’s largest supplier of commercial wholesale datacentre services, has announced that it will build multiple new datacentres and increase its capacity five-fold over the next four years to provide vital infrastructure as companies and the government agencies accelerate digitisation. The company today operates two datacentres in Abu Dhabi and one in Dubai with a combined capacity of 40 megawatts; with the new expansion plan, it will have a total of 200 megawatts of IT load capacity by 2023. Multiple new datacentres will be built in locations across the UAE and additional capacity will be increased at its current sites. Khazna, which was established in 2012, has grown rapidly into one of the leading and trusted wholesale datacentre providers in the Middle East and North Africa region. The company provides corporate users with a dedicated, fully built datacentre space that delivers turnkey solutions, and has been an enabler for local and global cloud computing providers. The expansion over the next four years will enhance Khazna’s capability to deliver a wider range of cost-effective solutions and offers clients assurance that digital and data growth plans will be accommodated. With the focus on enabling hyperscalers, Khazna’s new datacentres will ensure that market demands are fully met while maintaining customer satisfaction excellence and trust. Hassan Al Naqbi, Chief Executive Officer of Khazna said that demand for flexible, scalable and secure data storage is increasing rapidly, and this trend will continue as smart city and smart government projects gather momentum, cloud computing adoption grows and 5G networks are rolled out.

multiple spheres as well as provide enterprises with professionals with the right skillset. These certifications are offered by BUiD in collaboration with Phase 2 Advantage and SecureLink: l Certified Cyber Incident Response Manager l Certified Cyber Security Operations Manager l Certified Disaster Response and Recovery Manager l Certified Network Forensic Analysis Manager

Certified Network Infiltration & Assessment Specialist Mahmoud Nimer, President, StarLink Group commented that lack of skilled cybersecurity professional puts an organisation at high risk. He said that most organisations opt for on-the-job cybersecurity work experience which may not be sufficient to keep up with the evolving and complex nature of cyber threats. He added that their association with BUiD is aimed at building a new breed of highly skilled cybersecurity workforce to enable organisations become cyber-resilient. l

M A R C H 2 0 21

MEA

CHANNEL

Atos selects Spire Solutions to distribute cybersecurity products in Middle East

SANJEEV WALIA, Founder and President of Spire Solutions.

Atos has selected Spire Solutions, one of the cybersecurity distributors in the Middle East, to be its strategic partner to introduce its complete range of Data Security, Digital Identity and Identity & Access Management products. This will help regional enterprises to protect their data while they embark on digital transformation and cloud initiatives. This agreement between Atos and Spire is an important step to expand Atos’ global channel strategy and partner ecosystem. All Atos’ cybersecurity products will be distributed through Spire’s network of cybersecurity channel partners across their authorised countries. Atos’ products include Trustway Hardware Security Modules for data encryption, IDnomic PKI solutions for digital identity security and Evidian portfolio for identity and access management. The decision to strategically partner with Atos is in-line with the commitment to introduce highly effective cybersecurity solutions to the Middle Eastern market, said Sanjeev Walia, Founder and President of Spire Solutions. Spire’s distribution approach coupled with Atos’ cybersecurity offerings will deliver ultimate security for governments and enterprises in the region, Walia added.

(left to right) Mark Thurmond, Chief Operating Officer, Tenable and Maher Jadallah, Regional Director, Middle East for Tenable.

Tenable announces enhanced MSSP portal to empower partners Tenable has announced an enhanced Managed Security Service Provider, MSSP, portal to supercharge partners’ cloud-based vulnerability management offerings with Tenable.io. The updated portal will enable MSSPs to selfprovision and self-service their own Tenable. io instances, up to 1,000 assets, empowering partners to build and launch vulnerability management services in the cloud within minutes. This year, there will be an estimated 3.5 million unfilled cybersecurity jobs. This

MEA

M A R C H 2 0 21

widening skills gap comes at a time when organisations are struggling to get their hands around distributed work environments, new technologies and legacy IT. As a result, many are turning to MSSPs as their trusted advisers to secure these increasingly complex and dynamic environments. The portal will be available to Tenable’s more than 350 MSSP partners, including 16 of the top 20 providers according to Gartner market share data, and will include the following key features:

Partners can self-provision and self-service each of their customers’ Tenable.io containers, from managing to monitoring to reporting, within one unified interface. The MSSP onboarding process will also be fully automated with the ability to dynamically assign new Tenable.io containers to partners’ MSSP Portals at the time of provisioning. Partners only have to maintain a single set of user credentials to service all of their Tenable. io customers. After a single authentication, security service analysts will be able to securely access specific customers’ Tenable.io containers with the click of a button. Partners will also have the ability to restrict access to individual customer instances so that security analysts can only view customer environments they are responsible for. The Tenable.io portal is a management layer that works on top of the company’s standard Tenable.io architecture which adheres to stringent security requirements. This means customer data is still 100% contained within their own Tenable.io container, fully encrypted and not accessible by any other parties. The portal will also enable role-based access control to restrict account access to only authorised users. The Tenable.io MSSP portal enhancements are being rolled out in a phased approach. All enhancements will be available by the end of Q1 free of charge to all qualified MSSP partners.

CHANNEL

2CRSi and Dezzex sign MoU to deploy HPC servers for Artificial Intelligence 2CRSi, a French computing hardware manufacturer, has signed an MoU with Dezzex Technologies, an InsurTech startup which automates damage assessment using Artificial Intelligence. The MoU states that the two companies will collaborate to draw up an innovation roadmap for governments and enterprises of the Middle East region to transition from traditional technology platforms to futuristic services. The MoU covers the design of high-performance computing servers for Artificial Intelligence services which requires low latency and high performance, first of its kind HPC devices will be deployed in the region. 2CRSi’s technical solution includes a combination of advanced IT infrastructure which is cooled in an innovative way that fits the unique Dezzex requirement of high compute and storage capacity. For reasons of reliability and preference of Dezzex’s clients, the entire solution will be hosted in a UAE datacentre. Ravi Sudarshan, Regional Manager of 2CRSi Middle East and Mohammed Shahid Khan, CEO of Dezzex Technologies, signed the MoU in AREA 2071 in Emirates Towers.

(left to right) Syed Almas Azam, Territory Manager MEA, Sealpath and Garreth Scott, Managing Director, Credence Security.

Sealpath signs distribution pact with Credence Security Credence Security, a regional distributor of specialised cybersecurity solutions, has signed an agreement with data-protection leader Sealpath to bring its robust privacy and protection solutions to the Middle East, Africa and India, MEAI, region. A recent report by PwC revealed businesses in the Middle East to be more commonly hit by cyberattacks than their global peers, with 85% reporting an attack, compared with the global average of 79%. In light of this trend, and having made significant inroads in European markets, Sealpath decided the time was right for expansion across the MEAI region. In

Dubai-based distributor Credence Security, Sealpath’s strategists found an organisation with the right geography and track record of solutions delivery to further its growth ambitions. As per the new partnership agreement, Credence Security will add Sealpath’s Information Rights Management, IRM, solution to its portfolio. Sealpath projects a CAGR of around 22% for the IRM market, following the escalation of data privacy and security regulations across the Middle East, and is also hoping to explore untapped markets such as India and Pakistan.

Users get access to IRM via standard tools, such as Microsoft Office and AutoCAD, without having to install additional apps. IRM also offers automatic protection for SharePoint libraries, Office 365, Dropbox, and G-Suite, as well as emails and attachments through Outlook and Exchange. It integrates seamlessly with AD, LDAP, SIEM, DLP and data-classification tools. Sealpath estimates that IRM will allow regional customers to halve their OPEX costs, freeing them up to divert that investment to innovative digital transformation projects. Credence and Sealpath both noted the transition in the cybersecurity industry that has accompanied the emergence of the Covid-19 pandemic and the institution of remote-office models around the world. Vulnerable corporate ecosystems are experiencing an increase in cyberattacks, commercial espionage, data breaches, thefts and losses. Sealpath IRM empowers organisations with the ability to see which users are accessing data and when, allowing them to implement effective risk-mitigation practices that revoke access or set expiry dates on files, whether they are at rest, in transit or in use. The partnership will cover the Middle East, Africa except Angola and Mozambique, India and Pakistan. Credence Security will concentrate on bringing Sealpath’s innovative IRM solution to industry verticals such as FSI and healthcare enterprises, which must comply with stringent industry regulations that include GDPR, SAMA, NESA, PCI DSS and HIPPA.

M A R C H 2 0 21

MEA

CLOUD

Cloud based HRMS Darwinbox raises $15M in funding led by Salesforce Ventures Darwinbox, an enterprise HR technology platform has announced the closing of its $15 million funding round, led by Salesforce Ventures, with participation from existing investors, Sequoia and Lightspeed. Darwinbox is the fastest-growing technology platform in Asia, enabling leading brands such as Puma, Nivea, Tata, Mahindra, Adani, Kotak, TVS, Wework, AXA, Tokio, and Dr Reddy’s to

Qualys launches SaaSDR to manage SaaS applications

MEA

M A R C H 2 0 21

digitise their HR processes. The new investment round will fund the expansion of Darwinbox into the Middle East, to bring advanced HR capabilities to large enterprise customers in the region. The company has grown 300% since its last round of funding in 2019, and now has a customer base of over 500 global enterprises, providing HR management for over one million employees working in more than 60 countries. The company has a dominant presence in Financial Services, Retail, Hospitality and Manufacturing sectors. Darwinbox witnessed a massive surge in adoption during the pandemic, because the company’s integrated product suite includes solutions that are critical for new modes of work, such as remote working, including touchless attendance, digital rewards, employee engagement, digital hiring and onboarding. With over 180 implementations done remotely during the lockdown, and a record revenue growth, Darwinbox has cemented its place as one of the most preferred HR technology platforms in the market. Darwinbox’s cloud-based Human Resource Management, HRMS, platform caters to HR needs across the entire employee lifecycle. Deep understanding of the local context, ease of use including strong mobile focus, high level of configurability and faster time-to-value are key reasons why the product has seen immense traction in the enterprise segment, where it competes with SAP, Oracle and other leading solutions. The solution is built to suit the unique needs of enterprise customers in the Middle East and offers Arabic language support and configuration to local HR regulations.

Qualys, a provider of disruptive cloud-based IT, security, and compliance solutions, has introduced Qualys SaaS Detection and Response, SaaSDR, which provides a single console for IT and security teams to gain continuous visibility, security and compliance of critical SaaS apps. Powered by the FedRAMP-authorised Qualys Cloud Platform, Qualys SaaSDR streamlines and automates the process of managing SaaS security, risk and compliance. The result is automated, up-to-date inventory and control over SaaS apps, folders, and documents to prevent malicious or unintended exposure of sensitive information and deliver a deep understanding of the SaaS apps’ compliance posture. The initial release will provide native support for Google Workspace, Microsoft Office 365, Zoom and Salesforce. With Qualys SaaSDR, enterprises have a single solution to manage their SaaS apps. Automatically inventory SaaS application users and user groups along with the files and folders users own and can access. It also gathers detailed information on endpoints, such as an asset’s details, location, running services, installed software and more, all in a single, unified view. Get complete control over users and data access rights to quickly review and granularly assign the proper access levels, all from a single interface. Shine a spotlight on SaaS applications and third-party apps to immediately identify security weaknesses like incorrect permissions, at-risk files, file changes, misconfiguration issues, critical vulnerabilities, and exploits using advanced threat intelligence. Realise continuous and automated security posture and configuration assessments for SaaS applications along with enforcement of compliance aligned with industry benchmarks like O365 via CIS, PCI-DSS, NIST, and CIS. Leverage the Qualys Cloud Platform to correlate SaaS application data insights such as user access rights and data exposure, with additional security telemetry, like user location, time of access, file changes, host vulnerabilities and configurations, advanced threats, and more to manage risk.

INTEL® NUC: SMALL SIZE,

BIG ENTERTAINMENT Featuring Intel® UHD graphics and 4k UHD, the Intel® NUC 10 Performance Mini PC is designed to be your entertainment and gaming center.

INTEL® CORE™ i7 PROCESSOR, 16 GB MEMORY, 256 GB SSD, 1 TB HDD WITH WINDOWS® 10 COPYRIGHT 2019 © INTEL CORPORATION. ALL RIGHTS RESERVED. INTEL, THE INTEL LOGO, INTEL CORE, AND INTEL OPTANE ARE TRADEMARKS OF INTEL CORPORATION OR ITS SUBSIDIARIES IN THE U.S. AND/OR OTHER COUNTRIES. OTHER NAMES AND BRANDS MAY BE CLAIMED AS THE PROPERTY OF OTHERS.

Phone: +971 4 8863850 E-mail: marketing@asbisme.ae www.asbisme.ae MARCH 2 0 21 23 MEA

marketing@asbisme.ae

MEA

M A R C H 2 0 21

SECURITY

Remediation steps from top industry experts after Exchange hack On March 2, the security community became aware of four critical zero-day Microsoft Exchange Server vulnerabilities. These vulnerabilities let adversaries access Exchange Servers and potentially gain long-term access to victims’ environments. While the Microsoft Threat Intelligence Centre, MSTIC, attributes the initial campaign to Hafnium, a group they assess to be state-sponsored and operating out of China, multiple threat intelligence teams are also seeing multiple threat actors now exploiting these zero-day vulnerabilities in the wild. Attackers are now targeting vulnerable Exchange Servers with DearCry ransomware. Phillip Misner of Microsoft’s security team tweeted that Microsoft observed a new family of human operated ransomware attack customers - detected as Ransom:Win32/DoejoCrypt.A. Human operated ransomware attacks are utilising the Microsoft Exchange vulnerabilities to exploit customers. Below are some of the top comments form industry leaders on the breach and some remediation tips.

From an encryption-behaviour view, DearCry is what Sophos ransomware experts call a Copy ransomware. It creates encrypted copies of the attacked files and deletes the originals. This causes the encrypted files to be stored on different logical sectors, allowing victims to potentially recover some data, depending on when Windows reuses the freed logical sectors. More notorious human-operated ransomware like Ryuk, REvil, BitPaymer, Maze and Clop, are In-Place ransomware, where the attack causes the encrypted file to be stored on logically the same sectors, making recovery via undelete tools impossible. DearCry’s encryption is based on a public-key cryptosystem. The public encryption key is embedded in the ransomware binary, meaning it does not need to contact the attacker’s commandand-control server to encrypt your files. Exchange Servers that are setup to only allow internet access for the Exchange services will still become encrypted. Without the decryption key, which is in possession of the attacker, decryption is not possible.

MOREY HABER, CTO & CISO, BeyondTrust.

MARK LOMAN, Director, Engineering Technology Office, Sophos.

The clean-up from this style of massive breach is costly and generally requires the reinstallation of the entire environment. For any organisation continuing to use on-premise Exchange Servers in lieu of services like Office 365, it is time to stop what you are doing and patch those systems immediately. In addition, Microsoft has released tools to identify infected systems to help the clean-up effort. The motives of the threat actors are unclear, but one thing is certain. They are wearing our security professionals down even further and we have yet another massive breach to clean-up. The damage and source of the attack will only become more apparent in the next few days. Welcome to 2021. The year of massive cyberattacks.

The hack involved the combined exploitation of multiple zero-day vulnerabilities, starting with an OWA SSRF vulnerability and then proceeding to the exploitation of other vulnerability to burrow deeper into the inner workings of the server. Remediation will not be simple, it will effectively require backing up data, re-imaging the Exchange Server, scrubbing the backup of any accounts which should not be present, resetting all passwords and secrets and restoring the remaining backup data. Complex software that has been around for a long time will almost invariably contain flaws which given sufficient motivation, resources and skill will be discovered and exploited. The key to resilience in these cases is to have the capability to detect downstream activity necessary to capitalise on the foothold gained. The good news is that this activity almost always follows more standard tradecraft which can be detected by Network Detection and Response products.

OLIVER TAVAKOLI, CTO, Vectra AI.

M A R C H 2 0 21

MEA

SECURITY

Threat Intelligence Team at Palo Alto Networks #1 Locate all Exchange Servers and determine whether they need to be patched. Exchange Online is not affected. Vulnerable Exchange Server versions include 2013, 2016, and 2019. While Exchange 2010 is not vulnerable to the same attack chain as Exchange 2013, 2016, 2019, Microsoft has

released a patch for CVE-2021-26857 for this version of the software. #2 Patch and secure all Exchange Servers. Install the out-of-band security updates for your version of Exchange Server. #3 Determine whether an Exchange Server has already been compromised. These vulnerabilities have been in the wild and actively exploited for over a month, with the earliest indications of exploitation leading back to January 3. Any organisation running the vulnerable software must evaluate if their server has been compromised. #4 Engage an Incident Response team if you think you have been compromised. If, at any point, you think your Exchange Server has been compromised, you should still take action to secure it against the vulnerabilities as described above.

SolarWinds and now Hafnium show the importance of arming networking and security teams with defence in-depth tools to spot threats sooner. This is crucial in the age of the persistent breach where nation state actors are using cyber as a soft power alternative to diplomacy and military strikes, and where companies are getting hit as collateral damage. That the White House has formed a task force for Hafnium victims underscores the high stakes of preventing further fallout. A helping hand for US federal network and security teams is on the way in the form of the approximately $14 Billion earmark in the newest stimulus bill for agencies to modernise core technologies. That funding will provide a boost for these organisations who face constant cyberattack from some of the world’s most elite hackers. Meanwhile, security practitioners in the public and private sectors continue to pivot to a zero-trust strategy to better detect these well-cloaked intrusions.

ED HUNTER, CISO, Infoblox.

We are anticipating more exploitation of the exchange vulnerabilities by ransomware actors in the near term. Though many of the still unpatched organisations may have been exploited by cyber espionage actors, criminal ransomware operations may pose a greater risk as they disrupt organisations and even extort victims by releasing stolen emails. Ransomware operators can monetise their access by encrypting emails or threatening to leak them, a tactic they have recently adopted. This attack vector may be particularly attractive to ransomware operators because it is an especially efficient means of gaining domain admin access. That access enables them to deploy encryption across the enterprise. In cases where organisations are unpatched, these vulnerabilities will provide criminals a faster path to success. JOHN HULTQUIST, VP of Analysis, Mandiant Threat Intelligence.

In the bigger picture, when Microsoft is in trouble, the global economy and our wellbeing is in trouble. They are #21 on the Fortune 500 and their products are used in every corner of the world. Immediately, the US and other countries at the state and national level need to be threat hunting round the clock in their networks. Sharing intelligence, sharing the locations of where the cyber criminals are located and putting their names on the front pages of every news outlet in the world is a start to putting defenders on higher ground than threat actors. In addition, an operation centric approach to fight cybercrime is needed so that defenders see every aspect of the threat actors’ malicious operation to better digest disparate pieces of information, pinpoint the malicious behaviour and stop it before it has material impact.

MEA

M A R C H 2 0 21

LIOR DIV, CEO and Co-founder, Cybereason.

SECURITY

Florida water supply attack stresses the need to harden remote tools Recently, unidentified cyber actors obtained unauthorised access, on two separate occasions, approximately five hours apart, to the supervisory control and data acquisition, SCADA, system used at a local municipality’s water treatment plant in Florida. The unidentified actors accessed the SCADA system’s software and altered the amount of sodium hydroxide, a caustic chemical, used as part of the water treatment process. Water treatment plant personnel immediately noticed the change in dosing amounts and corrected the issue before the SCADA system’s software detected the manipulation and alarmed due to the unauthorised change. As a result, the water treatment process remained unaffected and continued to operate as normal.

What is surprising about the manipulation of chemical levels in Florida’s water supply is the bad actors tipped their hand without first doing proofs of concept or stockpiling attacks for later use. What we do not know is if any successful attacks have taken place over the past few months and possibly not reported. Acts of War are determined by the State and among states. If the US can point to a culprit and say it is, then that is what matters. The details thus far are scant, but we will all be listening to the post-mortem and hope the current administration provides a deeper response and holds the adversaries responsible for this act. To be clear, the investigation is what matters. Where it leads, who it involves and how we interpret that are all to be determined.

There is a spectrum of critical infrastructure, from nuclear power plants on one end to relatively small water treatment facilities at the other end, and IT spend, and the maturity of security practices employed reflect that spectrum. The attack on the Oldsmar water treatment plant leveraged a remote control application that did not appear to have been deployed in the most secure manner and had been superseded by a newer tool several months before the attack. Leaving mothballed access methods in place after they have reached end-of-life certainly speaks to a lack of mature security practices. But the bigger question comes down to how much we are willing to budget, in this case, in the form of higher water rates, for smaller organisations to keep themselves reasonably secure. Or should smaller organisations look to form regional groups to handle IT and security as the scale required to achieve reasonable operational agility and security becomes too costly at such a small scale?

The increasing connectivity of industrial control systems, ICS, and the convergence of OT and IT networks expands the attack surface of industrial manufacturing and critical infrastructure facilities. Here are our top three guidelines for protecting an ICS environment from cyberthreats: Monitor systems: If you don’t monitor your control systems, you are vulnerable to attack. The best way to monitor your ICS is with SCADA. Proper segmentation: Make sure your cybersecurity solution enables clear segmentation between OT and IT or Internet, to stop Internet threats from crossing to OT environments and disrupting processes or causing damage. With access control, restrict access to resources in OT environment and all networks. Utilise threat intelligence: Stay ahead of new threats with threat intelligence solutions that aggregate intelligence from 100 million endpoints, gateways, and IoT devices worldwide.

SAM CURRY, Chief Security Officer, Cybereason.

OLIVER TAVAKOLI, CTO at Vectra AI.

RAM NARAYANAN, Country Manager, Check Point Software Technologies Middle East.

M A R C H 2 0 21

MEA

SECURITY

In the case of Oldsmar, once the attack was launched, there were other systems in place that provided feedback that could alert staff in time to scuttle the attack. That is the good news. The bad news would be that they might have been under silent attack for weeks or months prior to the actual poisoning attempt and did not know it. What can small towns do? They should take the time to understand and implement the guidance available, which may be as simple as adding or enforcing 2FA, patching systems, implementing good change control processes and training staff on cyberhygiene. Also, do a practice drill assuming a breach and think like a hacker to stop them from getting in. It is a good idea as well to have a plan in place in case a ransomware attack happens; that way, small towns won’t be faced with the untenable prospect of explaining to the citizens why they just spent public money to stop an attack that shouldn’t have happened in the first place.

A key takeaway for many organisations is to ensure that their remote access solution is configured correctly as this is a key tactic used by hackers to gain access. Given that this method of remote access is very popular, many other companies in the utilities area and in other verticals are at risk of becoming victims of the same kind of attack. It also demonstrates just how significant the impact of such an attack could be, as a serious threat to people and the environment is possible. In this case, fortunately the attacker was not very cautious, and a diligent employee was able to stop him. Traffic from remote devices should be inspected to ensure there is no malicious software entering the OT infrastructure. Have a granular firewall rule set in place to allow what is necessary only, and use antivirus, IPS systems and Advanced Threat Protection for analysis.

With OT systems, such as SCADA systems and ICS, increasingly exposed to the Internet and often easily discoverable by tools like Shodan, it is imperative that the pathways into the environment be properly locked down. Time and time again, exploits such as this one demonstrate that basic or unsecured remote access tools absolutely do not cut it in any environment where security is an important consideration. Government agencies and enterprises throughout the world have an immense responsibility to keep citizens and customers safe, and their data secure at all times. Unfortunately, the use of consumer-grade remote access tools is rampant, and frequently inadequate, inappropriate, and out of compliance, for the use cases to which it is applied. As federal and state agencies continue to be the target for threat actors, it’s incumbent upon IT and security teams to harden remote access to protect critical infrastructure and sensitive data to the level it demands and the public expects.

MEA

M A R C H 2 0 21

CAMERON CAMP, Security Researcher at ESET.

STEFAN SCHACHINGER, Product Manager, Network Security - IoT, OT, ICS at Barracuda.

JULISSA CARABALLO, Product Marketing Manager at BeyondTrust.

www.fitsasia.com

UNVEILING THE FUTURE AT #FITSASIA.COM

Customer Experience in a New Light

April 7, 2021

4:00-6:00PM (SGT) BROUGHT BY

OFFICIAL MEDIA PARTNERS

MEA

M A R C H 2 0 21

SECURITY

Verkada camera breach highlights weak links in supply chain integration A group of hackers have breached a massive trove of security camera data collected by Silicon Valley start-up Verkada, gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons, and schools. Companies whose footage was exposed include carmaker Tesla and software provider Cloudflare. The hackers say they also have access to the full video archive of all Verkada customers. Here is commentary from a few leading cybersecurity vendors:

LOTEM FINKELSTEEN, Director of Threat Intelligence, Check Point. The Verkada hack is another example of a supply chain attack where a single point of failure at the vendor’s network impacts its customers and offering an unlimited access to customers’ data. Supply chain attacks come in different forms, but always expose the weakest links. To gain a strong security posture, companies also need to make sure their vendors also secure their assets properly, so such cases will not replicate themselves.

JOHN SHIER, Senior Security Advisor, Sophos. While the details of the alleged intrusion into Verkada are still unclear, one thing is clear, supply chain integrity is everyone’s responsibility, and no organisation is too small to be impacted. Cloud service providers need to ensure that access to private data is limited and strictly controlled. Consumers of the services must have access to the data and understand how the data will be transmitted and stored, how much data will be collected, how it will be used, and who else has access to it. Multi-factor authentication and detailed monitoring must be enabled to prevent and detect even accidental access, let alone criminal abuse. The victims in this breach range from small public institutions to large multi-national corporations, all of whom are custodians of sensitive information, from corporate secrets to private data belonging to their employees and the people they serve.

SAM CURRY, Chief Security Officer, Cybereason. This is not a one-time breach as this international group of hacktivists have claimed responsibility for other breaches in the past. It makes no difference if the motives of any threat actor are social, political, or financial in nature, when crimes are committed, and laws broken. It is also a reminder how vast the threat landscape is. This breach appears to have been preventable if the administrator’s username and password were not exposed on the Internet. Preventive medicine starts when user credentials are frequently updated, and security awareness training is regularly offered. Today, there are more than 1 billion surveillance cameras in use around the world and security is an afterthought in many of them, resulting in spying and unlawful monitoring of unsuspecting victims.

MOREY HABER, CTO and CISO, BeyondTrust. If you are an IoT vendor you have some fundamental responsibilities to protect your company, infrastructure, and the security and privacy of your clients. With that in mind you would want these basic security controls like segregation of access to the IoT devices you service, two factor authentication enabled for all clients, multi-factor authentication, MFA, enabled for all employees, vendors, and contracts, restricted access to all sensitive accounts from only approved zones, privileged access management to rotate, manage, secure, and provide certification for all administrative accounts and an established workflow to allow access to the most sensitive accounts.

AMMAR ENAYA, Regional Director – METNA, Vectra AI. Organisations have to start thinking of cyber breaches as inevitable, not extraordinary. Cybersecurity thinking today is evolving. We see less preoccupation with endpoint defence, which fails regularly, and more emphasis on fast detection of enemy malware inside the perimeter, followed by rapid neutralisation and recovery. But we have to evolve faster. Lingering faith in faulty perimeter-protection solutions has cost too many organisations dearly. The best response to these attacks is to adopt better protective measures.

M A R C H 2 0 21

MEA

SECURITY

Cyber threats in online learning jump 60% in second half of 2020 Last spring, more than 1 billion school children around the globe were affected by school closures as countries attempted to slow rising infection rates. For many, that meant a switch to emergency remote learning, a transition that, unfortunately, left many students and educators vulnerable to cyber risks. Now, schools around the globe, from England and Germany to Malaysia and the US, are

once again closing as countries fight resurgence in infections, and, not surprisingly, this has led to some undesirable consequences. From January to June 2020, the total number of users that encountered various threats distributed under the guise of popular online learning platforms, video conferencing applications was 168,550, a 20,455% increase when compared to the same period for 2019.

This number has only continued to grow from July to December, as discovered by Kaspersky experts. As January 2021, the number of users encountering various threats using popular online learning platforms as a lure reached 270,171, a 60% increase when compared to the first half of 2020. The most popular lure was, by far, Zoom. This is not surprising given that Zoom is the most popular platform for virtual meetings, with more than 300 million daily meeting participants. The second most popular was Moodle, followed by Google Meet. The number of users that encountered threats disguised as popular online learning, video conference platforms increased for all but one platform, Google Classroom. About 98% of the threats encountered were not a virus, which is divided into riskware and adware. Adware bombards users with unwanted ads, while riskware consists of various files, from browser bars and download managers to remote administration tools, that may carry out various actions on your computer without your consent. Trojans made up roughly 1% of the threats encountered.

50% of Middle East oil and gas firms lack email validation protocol Proofpoint, a leading cybersecurity and compliance company, has released research identifying that only 50% of the top 50 Oil & Gas companies that have operations in the Middle East have a Domain-based Message Authentication, Reporting and Conformance, DMARC, record in place. This means that half of them are leaving customers at heightened risk of email fraud. The lack of a DMARC record makes companies potentially more susceptible to cybercriminals spoofing their identity and increasing the risk of email fraud targeting their customers. Perhaps more worryingly, only 5 out of 50 oil and gas companies have reject in place, which means a whopping 90% are not proactively blocking fraudulent emails from reaching customers. Reject is the strictest and recommended level of DMARC protection, a setting and policy that actually blocks fraudulent emails from reaching their intended target. While the region’s oil and gas industry is navigating challenging times caused by sluggish prices and the coronavirus pandemic, it is also fending off surging cyber threats. The Covid-19 pandemic has seen a spike in highly targeted attacks against the energy industry, deployed through email. A spear-phishing campaign incorporating the malware Agent Tesla took place between March 31 and April 12, 2020. The supposed sender invited recipients to submit bid proposals for equipment and materials as part of an actual gas venture project half-owned by an Egyptian state oil company. The email was sent to more than 150 gas and oil companies, mostly located in Malaysia, the United States, South Africa and Iran. DMARC, which is an email validation protocol designed to protect domain names from being misused by cybercriminals, authenticates the sender’s identity before allowing the message to reach its intended designation. It verifies that the purported domain of the sender has not been impersonated and relies on the established DKIM, DomainKeys Identified Mail, and SPF, Sender Policy Framework, standards to ensure the email is not spoofing the trusted domain.

MEA

M A R C H 2 0 21

EMILE ABOU SALEH, Regional Director, Middle East and Africa at Proofpoint.

SECURITY

Ponemon Institute, FireEye report reveals worsening RoI of SOC investments FireEye has released the Second Annual Study on the Economics of Security Operations Centres: What is the True Cost for Effective Results? report from Ponemon Institute. The report finds that organisations are spending more to account for widespread security operation center, SOC, challenges including growing security management complexity, increasing analyst salaries, security engineering and management outsourcing costs, yet are still dissatisfied with the outcomes. However, companies are also boosting investments in new SOC tools like Extended Detection and Response, XDR, and security automation to help solve these issues. The RoI of SOC investments have been worsening, due to increasing complexity and rising security engineering and management outsourcing costs. More than 51% of respondents say the RoI of the SOC is getting worse, compared to 44% in 2019. More than 80% rate their SOC’s complexity as very high, rising from 74% in 2019. The cost to pay MSSPs for security monitoring also increased and may impact RoI. The average cost for respondents is $5,307,250 annually, an increase from $4,441,500 in 2019 i.e., approximately 20%

CHRIS TRIOLO, Vice President of Customer Success, FireEye.

year over year. Organisations surveyed are spending an average of $2,716,514 per year on security engineering. However, only 51% of respondents rate their security engineering efforts as effective or very effective. 85% of respondents say working in the SOC is painful or very painful, with this sentiment growing from 72% in 2019. Increasing workloads and being on call are overwhelming security analysts, with 75% saying that these factors cause burnout, rising from 70% in 2019.

Despite organisations surveyed expecting to hire an average of five analysts in 2021, three will resign or be fired in one year. Organisations are increasing security analyst salaries, with the average rising from $102,000 in 2019 to $111,000 in 2020. However, only 38% still believe they can hire the right talent. However, increasing investments in new XDR and security automation tools show promise to reduce security engineering costs, boost SOC performance and employee morale. Organisations are investing in XDR as an emerging category to improve SOC performance. Organisations surveyed intended to spend an average of $333,150 for XDR; $345,150 for SOAR; $285,150 for MDR; and $183,150 for SIEMs. Despite current RoI perception, respondents noted that the SOC is more important than ever to having a strong security posture. The number of respondents who said their SOC is essential or very important increased from 73% last year to 80% now. Meanwhile, the most important SOC activities are: Minimising false positives reporting, 88%; having agile DevOps functions, increasing from 73 to 85% percent; and automating machine learning tools, increasing from 72 to 80%.

CyberKnight partners with RedSeal to help companies reduce cyber risk According to Gartner’s Top 10 IT Security Projects for 2021, CARTA, Continuous Adaptive Risk and Trust Assessment, risk-based vulnerability management shall be a key priority for CIOs and CISOs. To address challenges related to resilience management and to accelerate incident response at enterprise and government entities in the region, CyberKnight has partnered with a leading provider in the space, RedSeal. The RedSeal platform gives security and management teams the most holistic understanding of their organisation’s cyber risks, across physical, cloud and virtual networks, including remote endpoints. RedSeal verifies that network devices are securely configured, validates network segmentation policies, and continuously monitors compliance with policies and regulations. It also prioritises mitigation based on each vulnerability’s associated risk.

EHAB DERBAS, VP of Sales at CyberKnight.

M A R C H 2 0 21

MEA

SECURITY

CYBERSECURITY IN TIMES OF RISING RANSOMWARE ATTACKS The UAE is witnessing an increasing number of ransomware attacks and this scenario calls for robust cybersecurity.

JOANNE WENG,

ccording to a Kaspersky Security report, more than 2.57 million phishing attacks were detected across the Middle East, from Egypt to the UAE, Saudi Arabia, Qatar, Kuwait, Bahrain, and Oman in 2020.

A cyber pandemic phenomenon in Middle East Remote work and increasingly sophisticated hacking tools are contributing to the surging number of ransomware attacks. Traditional forms of ransomware simply encrypt files, while more modern variants go one step further by also transferring potentially sensitive data to the attackers, who then threaten to release them. Preventing ransomware attacks is also no longer as simple as avoiding suspicious email attachments and installing an antivirus. Threat actors have been increasingly successful at exploiting organisations through phishing, social engineering, and exploiting unpatched or zero-day software vulnerabilities. In 2020, the UAE has seen a 250% increase in cyberattacks with the rising tide of phishing and ransomware incidents. The UAE government’s top cybersecurity chief warns that the region is facing a cyber pandemic as hackers take advantage of Covid-related digital adoption.

MEA

M A R C H 2 0 21

Senior Sales Manager, Synology.

Employee education and IT teams can mitigate ransomware attacks to a large extent but not

100%

SECURITY

Preventing ransomware attacks is no longer as simple as avoiding suspicious email attachments and installing an antivirus

Unfortunately, driven by the unceasing increase in remote work, cyberattacks are going to continue to be an ongoing threat for businesses in 2021. Though ransomware attacks pose an existential threat to businesses, more often than not, little is done to protect against them. Fortunately, there are some easy ways to mitigate risks. IT teams are the first line of defence against ransomware and can block many attacks before they reach end-users or critical systems. Modern security practices leverage multiple layers of protection. Starting at the outermost layer, using a well-configured firewall and Intrusion Detection, Protection System, IDS and IPS, can help block out large portions of low-level attacks. Additional network monitoring and analysis tools can then be set up to check for unusual and suspicious traffic patterns, with containment plans in place should the need arise. On endpoints and servers, IT should ensure

that deployed software, operating systems, and anti-malware solutions are up to date. Additionally, user accounts should be well thought out, with each account configured to only allow access to what they need and nothing more. The same concept applies to system administrator accounts, avoiding using a single account that has access to everything. Partitioning access to different systems and minimising access to only what is needed can help drastically reduce the damage inflicted when credentials are leaked. Maintaining good security also requires all end-users to be well-educated on potential threats, as many breaches have been caused by users falling prey to phishing and social engineering tactics. Training programmes should be in place to provide examples of modern phishing attacks and how social engineering can happen. Additional best-practice knowledge should be shared on handling suspicious e-mails, identifying spoofed websites, and most importantly, how to report a security incident.

The only fail-safe way to protect digital assets is to have a comprehensive backup strategy

Crisis management plans should be well documented and rehearsed. For example, who should handle communications, internally and externally? What processes will be used to conduct auditing, damage analysis, and customer and authority notification, should the need arise? Internally, IT should always maintain up to date deployment maps of which systems are doing what, which are dependent on oneanother. Contingency plans should be in place should a total site shutdown be required to contain or remove the malware. While employee education and IT teams can mitigate ransomware attacks to a large extent, due to the unpredictable nature of attacks, systems can never be 100% protected. The only fail-safe way to completely protect digital assets is to have a comprehensive backup strategy in place from the start. This will ensure that if systems are compromised, there will always be a clean version of data to recover from. One popular backup methodology is the 3-2-1 backup strategy. Simply put, this is 3 copies of your data, across 2 different mediums, with 1 copy offsite. An example of this could be storing your data on an on-premise server, with two backups, one on-site and another located on the cloud or at a remote site. Take a real-world case as an example, Synology successfully helped a government entity to streamline, and backup large-scale content creation projects produced by its subsidiary render farm. With 300 virtual machine running multiple tasks, the render farm ultimately leverages Synology’s Active Backup for business to back up its running VMs onto another onsite Synology NAS, while utilising Snapshot Replication and Hyper Backup to automate additional on-site and remote backup tasks. With such structure in place, the rendering farm can preserve multiple data backup at both onsite and offsite locations, drastically mitigating risk of data loss. There are many more success stories where clients utilise Synology solutions to form their information security and backup strategies. After all, to preserve digital assets in an era of ever-evolving ransomware, Synology believes that proactively backing up files regularly is a necessary step to protect important data. ë By Joanne Weng, Senior Sales Manager, Synology. This content has been partially sponsored by the vendor.

M A R C H 2 0 21

MEA

Modernizes your approach to secure access RSA SecurID Suite enables organizations of all sizes to mitigate identity risk and maintain compliance without impeding user productivity. It ensures users have appropriate access and conﬁrms they are who they say they are with a modern, convenient user experience. In addition, RSA SecurID Suite provides uniﬁed visibility and control across organizations' many islands of identity.

For more info, contact your authorized distributor, Mindware FZ LLC at rsa@mindware.net | www.mindware.net | www.rsa.com 36

MEA

M A R C H 2 0 21

COVER STORY

PUBLIC CLOUD

APPLICATIONS INFRASTRUCTURE SYSTEMS Digital transformation and pandemic has made vendors realise their products must be cloud ready. The first part of our deep dive into the transition.

nd -

l Philip Liu, Alibaba Cloud Intelligence l Shai Horovitz, Tarek Kuzbari, Cybereason l Miljan Stamenkovic, Mambu l Emile Abou Saleh, Proofpoint l Hadi Jaafarawi, Qualys l Ayman Al Shaikh, Red Hat l Mena Migally, Riverbed l Jules De Meester, Salesforce (Left to right, top to bottom)

M A R C H 2 0 21

MEA

COVER STORY

BUILDING AN ECOSYSTEM FOR SAAS APPLICATION PROVIDERS The accelerator helps SaaS customers test their applications on the cloud, shorten implementation lifecycle, and go live in as little as five days.

s the digital technology and intelligence backbone of Alibaba Group, Alibaba Cloud provides a highly compatible and standards-based open platform that allows SaaS partners to onboard easily and thrive. As such, the company is a SaaS enabler and an ecosystem builder. From a business perspective, SaaS reduces application or software delivery time as it eliminates the need for architecture planning, software implementation and application customisation, among other needs. It also frees up human resources to let consumer focus on core businesses and content delivery rather than underlying technologies. SaaS offers high availability and scalability. Traditionally, implementing enterprise software takes months – from inception to launch. SaaS shortens the delivery time drastically – patch management of an application and its underlying stack are always pain points for businesses, especially if they need to comply with policies or standards such as PCI DSS. For companies and customers, Alibaba Cloud offers rich, highly compatible tools and IT support to facilitate smooth migration. In 2019, the company released its SaaS Accelerator – a highly efficient and agile platform to enable ecosystem partners to easily build and launch SaaS applications and leverage Alibaba’s proven business and technology know-how. The accelerator helps SaaS customers deploy and test their applications on the cloud, shorten the implementation lifecycle, and go live in as little as five days. Alibaba Cloud is primarily a cloud provider – in addition to this core service, the company also offers SaaS application services.

MEA

M A R C H 2 0 21

PHILIP LIU,

General Manager of the Middle East and Africa, Alibaba Cloud Intelligence.

Alibaba Cloud offers rich, compatible tools and IT support to facilitate migration With regard to security management, the privacy and security of users is always a top priority for the company. Alibaba Cloud complies with local laws and regulations in the markets it is present in, and holds more than 80 security and compliance accreditations worldwide - enabling it to better serve the needs of its customers. Alibaba Cloud does not typically provide migration from on-premises application to SaaS application, as the company is both a cloud service provider and a SaaS application provider. ë

COVER STORY

PARTNERING WITH ORACLE TO PROTECT CLOUD Cybereason has partnered with second generation OCI to deliver security services globally, regionally, assuring its customers of data sovereignty.

racle announced that Cybereason has adopted Oracle Cloud Infrastructure as its preferred platform to power the Cybereason Defense Platform and support its global expansion. The companies also entered into a partnership to jointly market and sell solutions. Cybereason’s endpoint protection platform is optimised for delivery via Oracle’s second-generation global cloud regions. The solution is available through Cybereason and in the Oracle Cloud Marketplace. Cybereason joins a growing roster of companies adopting Oracle Cloud Infrastructure for security and price performance advantages delivered across its global cloud footprint. Adopting Oracle Cloud Infrastructure will enhance Cybereason’s ability to deliver insights into threats across thousands of endpoints. Oracle Cloud global footprint will enable Cybereason to offer in-country hosting in more locations for meeting regulatory data sovereignty requirements. Enterprise customers will benefit from the Cybereason Defense Platform machine learning prevention, detection and automated remediation capabilities. The Cybereason Defense Platform combines the industry’s detection and response, next-gen anti-virus, and proactive threat hunting to deliver context-rich analysis of every element of a malicious operation. The result: defenders can end cyber-attacks from endpoints to everywhere. According to Shai Horovitz, Chief Revenue Officer at Cybereason, the vendor is planning for exponential growth in the next few years. The vendor relies on a lot of big data collected from endpoints in the enterprise. The analysis is done using an artificial intelligence engine hosted in the cloud. Hence it was important for Cybereason to align with one or two players in the cloud to jointly invest in infrastructure and compute. Another requirement was to have a cloud provider that has both a global and regional view of markets and understands the complexity of data governance. The discussion with Oracle started a year ago and has resulted in the current day partnership. Horovitz believes that cloud providers have significant access to the market.

SHAI HOROVITZ,

Chief Revenue Officer, Cybereason.

TAREK KUZBARI, Regional Director, Middle East and Turkey, Cybereason.

While selecting the cloud provider, Cybereason put a lot of emphasis on technical due diligence And Oracle’s focus is around moving mission critical workloads into their second-generation Oracle Cloud Infrastructure and that includes the Cybereason product portfolio. According to Tarek Kuzbari, Regional Director, Middle East and Turkey, at Cybereason, this has been a tremendous year, with the Covid crises leading to an acceleration of digital transformation. Kuzbari points out, according to IDC, 55% of regional CIOs are accelerating their digital transformation efforts. The growth of public cloud in the region, growing at about 25% CAGR from 2020, into the next four or five years, is also a strong driver for Cybereason solutions in the Middle East. Cybereason understands the customer’s digital transformation journey and is committed to protecting them at every stage. Many enterprises are in a transition to move to the cloud and require both an on-premises and a cloud offering. Large enterprises, governments, and public sector organisations are in different stages of using the cloud and require cybersecurity solutions to be available in a similar fashion. Since Oracle Cloud Infrastructure reflects a similar approach towards understanding its customers, this was another reason to partner with them according to Horovitz. While selecting the cloud provider, Cybereason put a lot of emphasis on technical due diligence, since all cloud providers have strengths and weaknesses. Since there is a lot of technology being developed, customers should test the solutions for themselves and use third party validation, as well. Cybereason’s decisions were also influenced by the cost of operating in the cloud and the emphasis on data sovereignty and data security from its customers. According to Horovitz, enterprises are demanding higher accountability from cloud providers around data sovereignty, where they want to own their data. ë

M A R C H 2 0 21

MEA

COVER STORY

USING CLOUD TO BUILD THE BANK THAT YOU WANT The migration strategies vary, but the underlying principle is for the banking end customer to be truly cloud-native and follow a composable approach.

ambu is a cloud agnostic platform that supports the main hyperscale cloud providers. Mambu offers a cloud-native, SaaS core banking engine for both conventional and Sharia compliant personal finance, deposits and lending products. In addition, Mambu offers a process orchestrator that acts as a middle-ware that manages business workflow logic to facilitate seamless integration within the banking ecosystem through our open API composable banking architecture. Along with this product factory, Mambu also offers a transactional sub-ledger

MEA

M A R C H 2 0 21

and a customer repository. A SaaS platform is quick to implement. Most projects reach Minimum Viable Product in under 3 months and are live in 6-9 months compared to typical projects on traditional onpremise solutions which have a 12-24 months plus timeline. In fact, SaaS applications are agile and have a rapid pace of change without vendor lock-in. It provides an open ecosystem with all functionality exposed via APIs. Costs involved are predictable and can be aligned to business values and objectives versus having unforeseen extra cost due to consul-

Mambu supports brand new greenfield digital neobank implementations

COVER STORY

Most projects reach Minimum Viable Product in under 3 months and are live in 6-9 months

MILJAN STAMENKOVIC,

General Manager Middle East, Mambu.

tants, customisation and integration. Last but not least, SaaS enables its users to be a market leader due its agile nature. Mambu supports brand new greenfield digital neobank implementations or where an existing incumbent bank would like to launch an independent digital attacker via a speedboat launch and maintain its existing core bank. Mambu also supports a phased-wise lift and shift approach where some banks may want to replace their legacy core altogether. Mambu’s motto is build the bank you want to be. The migration strategies for all these approaches may vary, however the underlying principle of being truly cloud-native and following a composable approach separates Mambu from the competition. Mambu is cloud agnostic and supports the three main hyperscale public cloud providers: Amazon Web Services, Google Cloud Platform and Microsoft’s Azure. New cloud service providers in the GCC are coming soon. In addition, Mambu also offers solutions where some regulators have strict data residency requirements. Most of the public cloud providers have local operating zones within countries and this presence also helps to address requirements around data residency. One of Mambu’s core company values is evolution. Constant improvement is deeply embedded in every team, especially our Information Security Management System, and demanded in Mambu’s Information Security Policy. Concrete examples for continuous improvement are: regular continuous improvement sessions, iteration retrospectives and post mortems after incidents. These instruments help to evolve Mambu’s processes, procedures, team skills, ways of working, tools and technical stack. Mambu has implemented an Information Security Management System, ISMS according

to the ISO, IEC 27001 international standard, which is certified by an independent certification body. The purpose and the goal of Mambu’s ISMS is to ensure prevention of data loss or quality- integrity, prevention of data leakage confidentiality, and prevention of loss of access to data - availability. Mambu is aware of the importance of its provided services to customers. This entails the confidentiality, integrity and availability of the services, including its systems and managed data. Mambu protects end client data, as we would expect our personal banks should treat it. Mambu’s SaaS solution is hosted in cloud service providers’ data centers, which have strong physical security measures, against fire via fire detection and prevention equipment, physical theft or unauthorised access. Mambu is designed for high availability, performance and scalability. As such, Mambu is not relying on single points of failure and leverages horizontal as well as vertical scalability. All critical components are kept redundantly; load balancers and application servers are available in two availability zones and service requests in an active fashion. The driving force behind data residency from some regulators revolves mainly around the requirement of critical customer personally identifiable information to stay within country boundaries. To address this requirement, Mambu is actively working with public cloud service providers that host availability zones within national boundaries. Alternatively, Mambu is able to offer solutions where the customer data resides and is stored only within the country, and that pseudo, anonymous data identifiers are passed to the public cloud for further processing. This way sensitive customer data never goes to the public cloud and data residency requirements from the regulators are met. Mambu is making banking better. Mambu believes that modern and innovative experiences cannot be built on top of legacy core infrastructure and that competitive pressure will bring new entrants into the market and force existing banks to evolve to be more tech-driven. To support this, Mambu will focus on having the best modern cloud banking platform and build a strong, well-enabled ecosystem of partnerships consulting, integration and technical in the belief that customers want open, flexible solutions that are proven to work together without being dependent on one single tech provider. ë

M A R C H 2 0 21

MEA

COVER STORY

MANAGING SECURITY FOR CLOUD USERS AND ADMINISTRATORS Proofpoint’s SaaS Protection solutions secure data in SaaS apps and combine threat detection, data-loss prevention, third-party app control, access control.

roofpoint has recently become the first SaaS-based cybersecurity company to surpass $1B and this is a reflection of the company’s commitment towards security. As remote working is set to continue in most countries and organisations, Proofpoint offers a number of solutions to ensure people and organisations are secured wherever they work, through whatever platforms they are using. Proofpoint’s SaaS Protection solutions secure data in SaaS apps and combine threat detection, data-loss prevention DLP, thirdparty app control, access control, and analytics to help organisations protect Microsoft Office 365, Google’s G Suite, and more. The main benefit is the fact that these solutions are threat protection for SaaS apps. Proofpoint’s SaaS Protection solutions provide proven protection from advanced threats and risk-aware data protection. Additionally, thanks to their integrated approach, this also covers third-party apps. Furthermore, SaaS application security offers deep forensics and threat intelligence that also provides data at the organisational, threat, and user-levels. With Proofpoint Cloud App Security Broker CASB, organisations can secure all cloud-based applications due to the solution’s people-centric approach that enables visibility and control over the enterprise’s cloud apps, so they can deploy cloud services with confidence. Additionally, Proofpoint’s CASB solution help enterprises to discover and control third-party add-ons, including malicious ones. Thanks to its analytics, organisations are able to grant the right levels of access to third-party add-on apps based on the risk factors that matter. What distinguishes this solution is that Proofpoint CASB is an integrated enterprise solution that consists of Proofpoint Cloud App Security Broker, Proofpoint SaaS Isolation, and Proofpoint Meta.

MEA

M A R C H 2 0 21

EMILE ABOU SALEH,

Regional Director, Middle East and Africa at Proofpoint.

Proofpoint’s CASB solution help enterprises to discover and control third-party add-ons Proofpoint provides CASB to meet the needs of security professionals around cloud threats, data loss, and time-to-value. Proofpoint CASB protects organisations from account takeover, oversharing of data, and compliance risks in the cloud. The solution is underpinned by a people-centric approach along with a high-efficacy security analytics that excels at protecting users from account compromise, malicious files and apps, and data loss. Its people-centric visibility into email and cloud threats supports organisations in identifying at-risk users and protects their accounts and data. Its powerful analytics and adaptive controls also help customers grant the right levels of access to users and third-party apps based on the risk factors that matter to them. ë

Distance is NO BARRIER

COVER STORY

Introducing D-Link Smart Wireless Solution for Point-to-Point Deployment

ESD Surge Protection

DAP-F3711-I Range: Upto 5 Kms Antenna Gain: 15 dBi High-Power Wireless 5Ghz 11ac Bridge

2x2 MIMO

IP 65/66 Complied

Point to Point or Multipoint Application

Centrally Managed

TDMA+Polling Avoiding collision/ Interference between channels

DAP-F3704-I Range: Up to 5 Kms Antenna Gain: 10 dBi High-Power Wireless 5Ghz 11n Bridge

ACK Timeout adjustment Improves long distance Transmission

DAP-F3705-N Range: Up to 10 Kms Antenna Gain: 23 dBi High-Power Wireless 5Ghz 11n Bridge DAP-F3712-N Range: Up to 20 Kms Antenna Gain: 23 dBi High-Power Wireless 5Ghz 11ac Bridge

Intelligent Rate Control Improving stability of Bandwidth

Self Healing Useful in extreme noisy area

Connect to more | M A R C H 2 0 21

MEA

Why is Data Recovery Important? Protect your CCTV video recording with SkyHawk’s included rescue plan

3-year Rescue Data Recovery Services. Under the protective wing of Skyhawk, losing key evidence or video due to vandalism, viruses, accidents and natural disaster are no longer the

For SkyHawk products

Surveillance Rescue DriveCare

end of the world.

MARKET LEADER IN SURVEILLANCE STORAGE Seagate has dominated the data storage industry for 40 years, because we understand your unique data storage challenges.

LEARN MORE seagate.com/gb/en/internal-hard-drives/hdd/skyhawk 44

MEA

M A R C H 2 0 21

marketing@asbisme.ae

COVER STORY

ACCELERATING APPS FROM DATACENTRE, HYPER SCALARS Riverbed eliminates network inhibitors that impact user experience of O365, Microsoft Teams, Salesforce, Box, ServiceNow and is available on Azure.

ow the network delivers and handles applications has changed, and Riverbed was an early mover in approaching application acceleration from both the datacentre side and the client side; neither of which is a simple proposition. Riverbed has worked to ensure that the acceleration technologies that Riverbed developed for the datacentre and the branch can also be implemented on AWS or Azure, accelerating the cloud, or placed in front of a SaaS application like Office365 or Salesforce. This bookends performance with acceleration in a real client-tocloud approach. Riverbed SaaS Accelerator eliminates network inhibitors that impact the user experience of key SaaS apps such as Office 365 and Microsoft Teams Live Events and Stream Video, Salesforce, Box, ServiceNow and more. Riverbed SaaS Accelerator is available on the Microsoft Azure Marketplace. Riverbed’s SaaS acceleration solutions are purpose-built to facilitate fast, agile, secure delivery of SaaS applications to any user, anywhere, ensuring even the most far-flung and mobile employees stay productive and business continues. As an example, a large enterprise customer in North Africa realised that despite migrating to Office 365, issues with latency, congestion, and last-mile delays were restricting their ability to realise the full potential of their investment. To overcome this, the company deployed the Riverbed Accelerator for O365 which has optimised data transfer costs and speed across the enterprise. Riverbed acceleration solutions also improved performance across the company’s email, CRM, and SAP applications which has resulted in a direct and positive influence on its operations. The Middle East Network Transformation Survey, commis-

MENA MIGALLY,

Regional Vice President, Middle East, Turkey and Africa, Riverbed.

71%

of organisations believe cloud is crucial for their digital transformation sioned by Riverbed and conducted by IDC in 2020 highlighted that 71% of organisations believe cloud is crucial for their digital transformation. This study also revealed that 29% of organisations in the UAE and Saudi Arabia have already completed migration of workloads to the cloud. This process is currently ongoing for a further 31% while an additional 20% of organisations will execute such migrations within the next two years. It is clear then that migration and adoption of mission-critical cloudbased applications will be a key IT objective for businesses through 2021. And with business-critical services being delivered via the cloud, it is no surprise that 77% of respondents stated that it is very important for them to optimise connections to SaaS applications such as Microsoft 365 to ensure consistently good performance at all times. ë

M A R C H 2 0 21

MEA

COVER STORY

HOW QUALYS IS USING CLOUD TO SCAN MILLIONS OF ASSETS The Qualys Cloud Agent enables visibility of IT assets, through a low footprint agent, into connected mobile and virtual devices, for security and compliance.

ualys, a provider of cloud-based security and compliance solutions, has launched the Qualys UAE Cloud. This platform will allow public and private enterprises across the Middle East to innovate as Qualys brings them security and visibility across their hybrid IT environment. The move comes as regional cloud migration reaches fever pitch. Last year, YouGov revealed that 88% of IT stakeholders in the UAE were planning budget increases for cloud computing. Qualys UAE Cloud allows organisations to automatically build a comprehensive global IT

MEA

M A R C H 2 0 21

asset inventory, identify in real-time devices that connect to the network, identify and prioritise vulnerabilities and misconfigurations, identify malware and respond, with deployment of a light weight agent, network sensors and cloud connectors. Across the GCC, the emergence of the pandemic has acted as an accelerant to digital transformation, with IDC projecting the Gulf ’s public cloud market will more than double over the next four years, from $956 million in 2020 to $2.35 billion in 2024. IDC has also predicted that hybrid clouds, known for complexity and compliance issues, will grow in popularity.

Qualys UAE Cloud allows organisations to automatically build a comprehensive global IT asset inventory

COVER STORY

The Qualys Cloud Platform will support local compliance requirements

Qualys UAE Cloud platform will eliminate barriers and act as the company’s main hub for Middle East

HADI JAAFARAWI,

Managing Director Middle East, Qualys.

But many organisations in heavily regulated industries such as banking, oil and gas, and government have had to consider issues such as privacy and data residency when planning their migration journeys. The Qualys UAE Cloud platform will eliminate these barriers and will act as the company’s main hub for the Middle East. The Qualys UAE Cloud will offer all the company’s key solutions including Vulnerability Management, Detection and Response; Multi-Vector EDR; Global IT Asset Inventory; Configuration Management; Certificate Inventory; Threat Protection; Continuous Monitoring; Patch Management; Container Security; Web Application Scanning; and Web Application Firewalls. The Qualys Cloud Platform, will support local compliance requirements, such as the Abu Dhabi Systems and Information Centre’s Information Security Policy and the UAE Information Assurance Regulation. It will also allow Qualys’ partners, such as managed service providers, the opportunity to offer cloud services to sectors that are highly regulated. The UAE’s cloud-first strategy, as set out in the Telecommunication Regulatory Authority’s guidelines of 2018, calls for the establishment of a regional data hub. However, progress does not happen in a bubble. Attention must be paid to the security and privacy of individuals and organisations. Economies rise and fall on the building or degradation of trust. The Qualys UAE cloud has been available since December 2020 The lack of visibility into risks affecting global enterprise IT assets is a major challenge for securing organisations of any size. Scanning performance is a big factor, especially when scanning hundreds of thousands of assets, and results in the identification of millions of potential issues that each require prioritisation and remediation. The biggest challenge with occasionally connected devices, however, is that traditional scanning solutions require systems to be accessible when the scan is executed. Otherwise, they’re invisible and no relevant data about

those assets can be collected. The Qualys Cloud Agent solves these problems. The Qualys Cloud Agent can be installed anywhere, including laptops, desktops, servers or virtual machines, and can be deployed via an installer. The agent is designed to have minimal impact on the system and the network, normally consuming less than 2% of CPU resources with peaks in the range of 5% during normal operation. Once installed, the agent will take a full configuration assessment of its host while running in the background and uploading that snapshot to the Qualys Cloud Platform. All the data collected by the Qualys Cloud Agent installed in an IT environment resides within the Qualys Cloud Platform. Cloud Agent simplifies asset discovery, tracking, security and compliance monitoring in dynamic cloud environments like Amazon EC2 and Microsoft Azure. Visibility is enabled by embedding the agent into master images in cloud servers. When a new instance is created from the master image, it automatically activates the agent, which instantly registers and tracks the security and compliance of every instance. This functionality eliminates the need to implement a separate discovery mechanism or to build automation around spawning new scanners to scan the new instances. Additionally, the information is always up to date, even when your virtual workloads are offline to free up computing resources. When an image is brought back online, it updates the snapshot, keeping information current. The agent is self-updating, keeping itself up to date with no need to reboot. Agents check in with the Cloud Platform and update the snapshot with new information as changes occur, removing the need to poll the system to update asset inventory data. Having a current picture of the system configuration allows inquiries even when the endpoint is offline. The Qualys Integrated Solutions Suite is supported by the Qualys Cloud Platform and Qualys Cloud Agent. The integrated suite of IT security and compliance solutions includes: Asset Management, Dynamic Tagging, Cloud Agent for Vulnerability Management, Cloud Agent for Policy Compliance, Cloud Agent for Policy Compliance, Cloud Agent for Elastic Virtual Cloud Environments. The UAE has been a clear leader in cloudfirst technology strategy, as it has moved forward boldly with its ambition to become a regional data hub. The Qualys UAE Cloud will help further this goal. ë

M A R C H 2 0 21

MEA

COVER STORY

BUILDING OPEN HYBRID CLOUD PLATFORM FOR DEVELOPERS Red Hat products run across any application, anywhere, anytime, whether on bare metal, virtual private clouds, multiple public clouds into the edge.

oftware-as-a-service, SaaS is a form of cloud computing that delivers many benefits, such applications are increasing in demand. Red Hat provides and manages several SaaS applications, including Red Hat Insights, Red Hat OpenShift Cluster Manager, Red Hat Ansible Automation Platform, Cost Management, Migration Services, and Subscription Watch. In terms of hyper scale platforms, Red Hat Enterprise Linux has been the most prominent host for years, supporting and powering software and technologies for automation, cloud, application development, and more. The Red

MEA

M A R C H 2 0 21

Hat OpenShift Kubernetes container platform will follow suit, carrying out similar application provision and management duties. At Red Hat, the aim has always been to be open. And to be open, managing hybrid environments is essential. As such, the company has had a vision of Open Hybrid Cloud for nearly 10 years and this is the direction where the industry is moving today. All Red Hat products run across any application, anywhere and anytime – whether they are running on bare metal, virtual private clouds, multiple public clouds and all the way into the edge. These are accessible for developers, opera-

Implementation, scalability, data security, cost savings, and access without spatial restrictions are benefits

COVER STORY

OpenShift provides a single and consistent development model across build, test, deploy, monitor, review lifecycle

AYMAN AL SHAIKH,

Senior Manager and Solution Architect, Middle East and Africa, Red Hat.

tions teams, and security people, with management automation products and developer tools across a spectrum of platforms. As an ideal solution for large enterprises, small businesses, or individuals that favor software subscription models, have challenges that require minimal customisation to solve, or do not want to maintain infrastructure, platforms, and software, SaaS continues to grow in popularity. Simple implementation, scalability, data security, cost savings, and access without spatial restrictions are all benefits there be utilised. Furthermore, maintenance and operational responsibilities lie with the supplier, data and analytics are easily available, business continuity is supported in times of crisis, and applications are environmentally sustainable. Migration is not bound by a particular method and transitions usually fall into one of four categories. #1 Firstly, there’s Rehost, where an application is moved from one platform to another – in this case an on-premises server to a virtual machine - without making significant changes. #2 Second is Refactor, where significant application changes are made so it can run in a new environment. #3 Another method is Replatform, which is a new environment migration requiring some changes to the application, but less involved than a complete rearchitecting. #4 Finally, there’s Retire, where an application is abandoned in favor of a SaaS solution. Going beyond the migration journey to the grand scheme of things, Red Hat also has a clear viewpoint when it comes to cloud native. No matter the architecture chosen for applications, what programming language the developers find most useful and what services are desired to be used as building blocks, OpenShift provides a single and consistent development model across the build, test, deploy, monitor, and review lifecycle of the application. In addition to self-service infrastructure, consistent environments, and automated build and deployment, this model also consists of continuous delivery pipelines, configuration management, and application logs and metrics. As an enterprise-ready Kubernetes container platform with full-stack automated operations, Red Hat OpenShift help users orchestrate and manage hybrid cloud and multi-cloud deployments, offering the simplicity and automation of the public cloud. It includes an enterprise-grade Linux operating system, container runtime, networking, monitoring, registry, and authentication and

authorisation solutions to support every phase of the deployment process. Open hybrid cloud is particularly relevant when helping users manage or orchestrate application deployment. As a solution that combines a private cloud with public cloud services, greater flexibility is afforded in every instance as application workloads are moved between cloud solutions in line with particular requirements. From a business standpoint, no vendor lock-in is another advantage here. Because end users will not be dependent on a single provider, it will be easier to innovate, far simpler to attain organisational needs, and businesses can ultimately reap the rewards that accompany the cloud. Red Hat also offers many tools to help end users build hybrid cloud and multi-cloud applications to run in containers, including Red Hat CodeReady Workspaces, Red Hat Application Migration Toolkit, Red Hat OpenShift Application Runtimes, and Red Hat Container Catalog. Red Hat Product Security provides the guidance, stability, and security that endusers need to confidently deploy enterprise solutions. Red Hat collaborates with communities of customers, contributors, and partners to protect against privacy and security risks; helps end-users keep their system updated to minimise the risk of security issues and provide automated analysis of security practices; and investigates, tracks, and explains security issues that may affect end-users. Furthermore, Red Hat ensures timely security fixes, enables customers can obtain and understand security advisories, and works with other vendors to reduce the risk of security issues. It is important to note that building a cloud strategy using the Open Hybrid Cloud approach enables faster delivery, reduced development time, and quick and effective responses to customers and clients. Based on Red Hat’s market experience and work with analysts like IDC, similar trends have become apparent and the company is addressing common challenges with three focus areas, namely management and automation, hybrid cloud infrastructure, and application development. Neither cloud or simply improving existing infrastructure can solve every challenge. However, these needs must be balanced nonetheless and this is why the world is increasingly hybrid. ë

M A R C H 2 0 21

MEA

COVER STORY

SALESFORCE IS 100% CLOUDNATIVE AND FIRST SAAS SOLUTION Organisations can scale on subscription as they grow, gain user-friendly experience, optimise costs, remove on-premise installation and maintenance.

igital transformation can be a difficult shift. Data silos and legacy systems and insufficient technical capabilities often feel like an anchor that is preventing organisations from moving forward and getting to where they want to go. Supporting digital transformation, Salesforce solutions are completely modular, and its systems our fully open and extensible. Middle East organisations can choose the migration journey that best suits their business needs. Across the region, Salesforce and its partners offer a number of patterns, accelerators, and

MEA

M A R C H 2 0 21

predefined projects that can help to reduce the risk in project deployment. As part of the Salesforce Ignite journey, the company works with customers to develop their end-to-end digital transformation strategy; facilitating a deep dive into their aspirations and business results in a plan of action and execution. Salesforce is a 100% cloud-native solution, and was the first enterprise application provider to create SaaS applications. Using SaaS, organisations can scale up on the subscriptionbased model as they grow, gain a user-friendly browser experience, optimise costs on the

cloud, and remove the challenges of on-premise installation, maintenance, and upgrades. With MuleSoft, Salesforce is accelerating customers’ digital transformation, and unlocking data-driven insights across legacy systems, cloud apps, and devices. MuleSoft’s Anypoint Platform allows customers to integrate their Salesforce SaaS applications with on-premise applications in a hybrid cloud environment. Salesforce offers many ways of supporting customers’ hybrid cloud ecosystems via integration, process automation, and advanced data management tooling.

COVER STORY

JULES DE MEESTER,

Senior Director Solution Engineering, Middle East, Africa, Central Europe, Salesforce.

In the UAE,

79% of sales reps

say their digital transformation has accelerated since 2019

In digital transformation journeys, Chief Digital Transformation Officers should drive five pillars: strengthening the business and IT alignment, creating data-driven architecture and integrating all relevant data sources, developing the right skills and change, achieving KPIs and success metrics, and optimising the commercial framework. In line with the brand value of Trust, Salesforce builds security into everything the company does as a defense-in-depth approach, so businesses can focus on growing and innovating. With its customers and partners, Salesforce

invests in the tools, training, and support for everyone. The majority of Salesforce’s programs, measures, and controls focus on fundamental security practices, such as patching and the adoption of multi-factor authentication through its ecosystem of employees, partners, and customers. Security requirements are embedded in all stages of the software development lifecycle, allowing customers to innovate and scale. Salesforce continues to invest in AI and machine learning to expand its common set of security controls. On the Salesforce side, one of the company’s core values is Trust, with a wide range of security systems and processes in place to ensure customer data is safe and secure. As a cloud-native enterprise applications provider, Salesforce also leverages the highavailability and low-latency capabilities of the industry-leading hyper-scaler cloud providers. Data availability, security, and business continuity are vital for mission-critical industries such as government and public sector, banking and finance, and healthcare. On the customer side, increasingly, Middle East organisations are appointing Chief Digital Information Officers CDIO, who can lead business strategy and design, technological architecture, and implementation and operations. Salesforce is helping CDIOs to strengthen their business and IT alignment, create datadriven architecture and integrate all relevant

data sources, develop the right skills and culture, achieve shared KPIs and success metrics, and optimise their commercial framework. As the Middle East emerges from the pandemic in 2021, the future is all-digital and work from anywhere, which will be powered by a major evolution of the cloud. Digital transformation is now an imperative that will continue its rapid pace. In the UAE, for example, 79% of sales reps say their digital transformation has accelerated since 2019, according to the State of Sales Report. And with increased digital transformation, Middle East organisations will need cloudbased solutions to support mission-critical applications across government and public sector, banking and finance, healthcare, and education. At Salesforce, the company has been transforming its Customer 360 into the operating system for Cloud 3.0, an end-to-end operating system that enables sales teams to sell from anywhere, service customers from anywhere, and market and do commerce from anywhere. Salesforce delivers a customer relationship management CRM platform to more than 150,000 customers worldwide, based on five pillars: innovation, platform, productivity, mobility, and community. Salesforce solutions are available across all major hyper-scaler cloud platforms, including Amazon Web Services AWS, Google Cloud, and Microsoft Azure. Middle East organisations that run on Salesforce can adopt the full suite of customer experience SaaS solutions across sales, service, marketing, commerce, and analytics. The latest solution is Salesforce Hyperforce, which is a reimagination of the company’s platform architecture built to securely and reliably deliver Salesforce Customer 360 on major public cloud platforms. Using Salesforce, Middle East organisations can build their business on a single, secure, scalable platform that is easy to customise and upgrade. Salesforce solutions are faster, more agile, have less overhead, and larger ROI compared to competitors. Salesforce solutions include artificial intelligence built right into the CRM, a mobile-first CRM that allows executives to run their whole business from their phone, powerful analytics that give every employee data-driven insight, and top performance ranked by IDC. Salesforce customers have reported a 39% increase in sales productivity, and a 40% increase in productivity with mobile. ë

M A R C H 2 0 21

MEA

INNOVATION

MIKE CHEN,

SYNOLOGY MANAGER.

BACKUP, YOUR LAST LINE OF DEFENSE AGAINST RANSOMWARE Synology’s all-in-one backup solution is the last line of defense in data protection.

[EC] Please describe Synology’s role in protecting against ransomware. Synology is known as a leading global brand of network-attached (NAS) storage that enables both businesses and individuals to organise, share, and protect their data. To date, there are over eight million Synology deployments worldwide. Synology has helped numerous SMEs simplifying their IT infrastructure by offering a comprehensive data management solution. Meanwhile, as the world began to adapt to the New Normal, we also observe a cyber pandemic phenomenon surging globally. The world itself has changed in year 2020, speeding up the shifts from offline to online. This trend is not slowing down and we can expect more people and devices connecting to the Internet. If you are connected to the Internet, regardless it’s from home or from work, you are putting yourself at risk with cyberattacks. My years with our Technical Support team we have received several reports of attacks worldwide. Just this year, In UAE alone, we have seen a 250% increase in cyberattacks with the rising tide of phishing and ransomware incidents. This is the exact reason why we encourage people to protect their data, not just from device failures but more importantly, the

MEA

M A R C H 2 0 21

unexpected visits of ransomware. When it comes to data protection, this is where Synology has a profoundly important role to play. Synology’s backup solutions help keep business’ data safe and secure across multiple platforms in the company’s IT infrastructure. So don’t wait, start making your backups today, multiple backups. With the cost per TB coming down plus our rich backup solutions, you can have peace of mind knowing your precious data is well protected. If you are interested to learn more about Synology’s total backup solution, we welcome everyone to join the “Backup, Your Last Line of Defense Against Ransomware” on March 24 to learn more about how Synology helps protect your business against EncryptionBased ransomware.

[EC] What are the essentials that make up a good backup strategy according to Synology? Synology has spent years surveying the industry to find out all the challenges for data backup in business environments. I believe you would agree with me when I say there are always multiple devices running with different OS and software applications in a company,

INNOVATION

and how to centralised their backup it’s always a massive challenge. We attack this challenge with 3 simple, but yet careful, steps, The first step is to re-examine the environment. With more and more organisations going cloud or virtual, business workloads are distributed and it becomes troublesome for IT to manage backup. Therefore, before drawing up a backup strategy, it is important to take inventory of the workload that needs backup and identify the environment it lies in. Server, PC, and laptop are the most commonly seen entities from the physical environment; Whereas, SaaS platforms, virtual machines are from the virtual environments. Most importantly, it is critical to accurately record the quantity of these entities. The next step is to prioritise. Prioritise the data that are needed most to maintain business operation, and pinpoint which data are key entities that come first. For example, the file servers used for core business operation, ERP system, HR system, and PCs of high-level managers are commonly seen as key entities that needed to prioritise. Once identified, build a Disaster Recovery plan with corresponding RTO, Recovery Time Objective, and RPO, Recovery Point Objective, according to your priorities. Finally, categorise the workload to “hot” or “cold” data which is defined by whether or not the data is frequently accessed. For example, ERP systems, mail servers, and file servers are commonly defined as “hot data” because they are accessed daily and the content changes constantly. Whereas, security footages are seen as “cold data” because they are backed up daily yet accessed rarely unless a unique event occurs. Once you complete the data inventory by identifying the source platforms, key entities, and level of importance, you can easily customise your backup strategy based on the backup frequency, the number of copies, and backup destinations. Prevent Ransomware with Synology’s All-inone backup solution.

[EC] What happens if the on-premises data backup fails? And what is the recommended recovery strategy? This is a good question as it leads us to the golden rule of backup, the Backup 3-2-1 rule. Simply put, this is 3 copies of your data, across 2 different mediums, with 1 copy offsite. An example of this could be storing your data on an on-premise server, with two backups, one on-site and another located on the cloud or at

a remote site. For protecting against ransomware, I personally would like to recommend to take advantage of multi-version backup - a robust backup solution allowing you to restore previous versions of the infected files. Create a multi-version backup and store in an offsite location adds another layer of protection. Other than having a multi-version backup in different locations, it is important to run regular upfront disaster recovery practices and conduct staff training to validate your business can recover quickly. For instance, in the event of malware attack and all the key data are deleted, which is your go-to destination to retrieve your backup copies? Are these copies safely intact? If you cannot answer these questions on top of your head, it is highly recommended to do regular disaster recovery trainings to make sure that all your digital assets are safely protected in an unfortunate event. In conclusion, to ensure business continuity, businesses must remain agile to prevent the ever-evolving malware threats. I hope my messages in the above has reached you in several ways, and if I may, let me quickly summarise it again for you. First, make sure that you take a full data inventory and get the priorities straight. Next, make sure you follow the Backup 3-2-1 rule to customise a backup and recovery strategy for your business. Lastly, validate your backup strategy by taking regular disaster recovery training to make sure that your business is fully prepared in an event of ransomware attacks. If you have any question please feel free to submit your inquiry via this form, one of the Synology experts will get back to you.

[EC] Please describe Synology’s, regional go to market strategy to take this ransomware solution to the channel partners and end customers? Synology offers ‘one solution for all your backup needs’. Recapping from my message earlier, there is no solution in the market today that can backup multiple OS and cloud services (SaaS). We can! And not to mention our backup solutions come without additional license fee. At the same time, I also would like to share the news that we now have our own hard drives, greatly enhancing our system reliability and stability. Allow me to go in a little more detail on our all-in-one backup solution. The integrated solution allows businesses to protect the physi-

cal server, virtual machines, and personal PC devices all at once. The comprehensive total solution comes with easy centralised management, maximised efficiency, fast recovery, and no additional license fees needed. Different from Purpose-Built Backup Appliance (PBBA) vendors which come with limited product offerings, Active Backup for Business is supported by more than 86 Synology NAS models. We understand businesses from different industries have different requirements in terms of hardware performance and data storage needs. Our portfolio of NAS enables anyone to organise, share, and protect their data as they see fit, regardless of scale, infrastructure, or expertise. Going forward, Synology will continue to offer cutting-edge and innovative solutions with one core philosophy “Transforming the way businesses manage their data, elegantly simple, secure, and reliable”. So that you as our precious users will always have a peace of mind over your data.

[EC] The industry is increasingly seeing storage vendors building in solutions to prevent ransomware attacks into their portfolio. Does this not overlap with the efforts by cybersecurity vendors? How do two solutions coexist, from storage vendors such as Synology and cyber security vendors? This is a very good question, and no, I personally don’t see any overlapping. More layer of protection is always good setup against attack. We could further elaborate this question with the Cybersecurity Framework proposed by The National Institute of Standards and Technology of the United States. The framework is widely recognised by the information security community. It defines the cybersecurity into five steps: Identify, Protect, Detect, Respond, and Recover. Information security vendors’ solutions can cover many aspects, from identifying potential risks before an incident occurs, protect and block external threats, or to detect the abnormal conditions on the internal network, etc. On the other hand, what Synology offers, backup, is more about the “recover” step, which is also the most basic and last line of defence to ensure the data is safe when the enterprise is really attacked. From our point of view, these two should be highly complementary and indispensable. ë This content has been sponsored by the vendor.

M A R C H 2 0 21

MEA

REAL LIFE

Digital Ajman partners with IBM to accelerate paperless strategy Department of Digital Ajman, announced its collaboration with IBM to accelerate its digital transformation and paperless strategy, using IBM Cloud Pak for Integration. The move was designed to simplify and enhance citizen experiences in Ajman, UAE through the integration of services across

different government entities. To date, Digital Ajman’s paperless strategy has brought savings of approximately $ 816,726 and helped reduce paper usage, saving nearly 200 trees. Using IBM Cloud Pak for Integration, Digital Ajman was able to create a centralised hub, based on a hybrid cloud environment,

(left to right) Mohammed Alhashmi, CTO at Expo 2020 Dubai and Shukri Eid, MD of Cisco Gulf Region.

Cisco selected as IT network operator for Expo 2020 Dubai Cisco has been appointed to manage, operate and maintain Expo 2020 Dubai’s entire IT network, representing one of the most advanced operations of its kind in the region. As Expo 2020 Dubai’s Official Premier Digital Network Partner, Cisco has already deployed its cutting-edge, intent-based network across the site, supporting the automation of IoT end points and contributing towards making Expo 2020 one of the smartest and most advanced World Expos in history. In its new capacity as network operator, Cisco will now assume the critical responsibility of managing Expo 2020’s entire IP networking infrastructure, leading end-to-end

MEA

M A R C H 2 0 21

Network Services Delivery across all Thematic Districts and pavilions, parks and arrival plazas, in addition to Dubai Exhibition Centre, DEC, which will be co-located at the Expo site. The company’s appointment as network operator signifies a relationship of ongoing trust and alignment to ensure Expo 2020 Dubai sets the benchmark for all future events, both regionally and around the world. Committed to meticulously defining and integrating processes, Cisco is adopting a forward-thinking approach to design, in order to develop a state-of-the-art Network Monitoring and Management Centre that will seamlessly manage and maintain intelligent

which supports integrations between various private and public entities and their data sources. To date, Digital Ajman connected around 200 integration points, enabling them to bring about financial savings and reduce the amount of paperwork required for government services. Hossam Seif El-Din, General Manager, IBM Middle East and Pakistan said that Digital Ajman has been leading efforts to encourage digital transformation across the public and private sectors, using the latest of what technology has to offer. He added that over the years, it has been evident that citizen experience is at the heart of every transformation project Digital Ajman spearheads. Through their selection of IBM Cloud Pak

network operations. To ensure seamless and streamlined connectivity at the site, Cisco is managing a large-scale, fully integrated end-to-end Network Operating Centre, NOC, for Expo 2020. The NOC will be handled by an extensive dedicated team, joining Cisco’s current workforce at the site, deploying and overseeing the management of state-of-the-art technology. Through the management of the intuitive network and a variety of automation processes, Cisco will illustrate its capacity and expertise in creating seamless collaboration and connectivity at large-scale events, powered by next-generation infrastructure. Advanced IT service management tools will also enable complete monitoring of the smart network in real-time, including alerts integrated with Cisco’s portfolio of technology on-site. These alerts will empower the operating team to monitor and optimize network performance, as well as identify potential incidents and security threats ahead of time. Cisco’s advanced infrastructure and real-time reporting will enable the NOC staff to swiftly evaluate and optimise services, evolving the network to support business systems more easily and efficiently. Through collaboration with other Expo operation centres, Cisco will increase engagement with visitors and partners, creating unique journeys and experiences throughout the event. Preparations are already well under way and Cisco’s dedicated workforce looks forward to collaborating with the Expo 2020 as one team to deliver an event of unprecedented scale and impact.

REAL LIFE

Emirates NBD launches UAE-wide anti-phishing campaign

ABDULLA QASSEM, Group Chief Operating Officer, Emirates NBD.

Emirates NBD in partnership with Dubai Police has joined hands with Leo Burnett, Dubai to launch a UAE-wide anti-phishing awareness campaign to educate the public on how to identify and protect themselves against highly deceptive tactics fraudsters employ. The public service campaign is part of Emirates NBD’s ongoing initiatives to remind customers although fraudsters might be sitting miles away, the Internet brings them dangerously closer to us. It urges people to never share their password or CVV, never trust unverified vaccine registrations links, and never wire money or make a donation without proper verification. Because when they do not verify the source, they make a fraudster’s job easy. The heart of the campaign is a shareable, social satire comedy film How To Grow Rich During The Pandemic, showcasing the lavish lifestyle of a fictional fraudster named James Jefferson playing different roles as he impersonates legitimate organisations via various means in order to steal sensitive information, with the serious message Don’t Make the Fraudster’s Job Easy. The film was accompanied by a stealth social media campaign following the outrageous life of James Jefferson via his Instagram handle @jjj_jefferson who was finally revealed as a fraudster. Emirates NBD has committed a major portion of its AED 1 Billion digital transformation investment towards continuing to strengthen the bank’s robust infrastructure, digital processes, and analytics, along with creating programmes, products and solutions that provide customers with increased protection as they carry out digital banking transactions.

Thales deploys smart security solutions at Bahrain airport Thales has successfully delivered the phase 1 of the new Bahrain International Airport as part of modernisation project. Built in two phases, the Bahrain International Airport expansion covers 210,000 square meters, quadrupling the size of the existing terminal and increasing its capacity to 14 million passengers a year. Thales was subcontracted for the supply of an integrated solution covering security, safety, airport operation, as well as communication

and infrastructure for the Bahrain International Airport terminal building, car parks and Central Utility Complex. These technologies focus on smart security, including advanced modular solutions such as video analytics, abnormal behaviours or conditions detection, smart incident management and resource management tools. Thanks to its long-standing experience in the air mobility industry, airport security and

identity management, Thales provides a full-integrated offer to secure and optimise every operation in the airport. Through centralising the management of Airport operations, Bahrain International Airport is guaranteed a high level of business continuity and traffic flow within the airport. This will also lead to reduced waiting times while ensuring the best possible safety conditions, improving passenger experience and increasing infrastructure performance. Thales solutions also enable the production of relevant performance indicators, KPIs, to inform decision-makers in real time and make the organization more efficient. With more than 30-years presence in Bahrain, Thales has built strong partnerships with public sector organisations including the Ministry of Transportation & Communication. Thales is one of the main local partners embedded in the ecosystem of Bahrain promoting localisation in order to develop sovereign capabilities in line with the Economic Vision 2030. Through its local company, it intends to foster its contribution to the Bahrain’s ambitions to develop a knowledge-based economy with outstanding civil infrastructure and security, underpinned by a strong local industrial technology base to support growth, localisation and industrialisation strategies.

M A R C H 2 0 21

MEA

PRODUCTS

VEEAM ANNOUNCES NEW V11 BRINGING IN CONTINUOUS DATA PROTECTION, COLD CLOUD, RANSOMWARE PROTECTION

eeam Software, announced availability of Veeam Backup and Replication v11, with more than 200 new features and enhancements. New Veeam Availability Suite v11 combines the backup and recovery features of Veeam Backup and Replication v11 with the monitoring, reporting and analytics capabilities of Veeam ONE v11. Veeam released V10 with more than 150 new enhancements just 12 months ago, and now has more than 700,000 downloads. Being able to launch the next version with new backup, cloud, DR, security and automation enhancements speaks volumes to Veeam’s speed of innovation. 451 Research reports that 69% of enterprises indicate at least 75% of their workforce can now effectively work remotely.

DISASTER RECOVERY, CONTINUOUS DATA PROTECTION Eliminate downtime and minimise data loss for Tier-1 VMware workloads with built-in CDP and achieve immediate recoveries to a latest

MEA

M A R C H 2 0 21

state or desired point in time providing the best recovery point objectives RPOs.

RANSOMWARE PROTECTION Keep backups safe with immutable, hardened Linux repositories compliant with SEC 17a-4f, FINRA 4511c and CFTC 1.31c-d regulations, preventing encryption by ransomware, accidental or malicious deletions; based on generalpurpose servers, without any hardware lock-in.

COLD CLOUD ARCHIVE Reduce the costs of long-term data archival and retention by up to 20 times and replace manual tape management with new native support for Amazon S3 Glacier including Glacier Deep Archive and Microsoft Azure Archive Storage through end-to-end backup life cycle management with Veeam Scale-out Backup Repository Archive Tier.

GOOGLE CLOUD STORAGE New support for Google Cloud Storage for

Veeam Scale-out Backup Repository Capacity Tier, providing greater choice of hot cloud object storage targets.

EXPANDED INSTANT RECOVERY Achieve the lowest recovery time objectives with instant recovery for Microsoft SQL, Oracle databases and NAS file shares from the pioneer of Instant VM Recovery.

VEEAM AGENT FOR MAC Delivers end-user data backup for any macOS device, joining existing Veeam Agents for Microsoft Windows, Linux, IBM AIX and Oracle Solaris.

BAAS AND DRAAS To ensure these services are seamlessly integrated into V11, NEW Veeam Service Provider Console v5 offers service providers a web-based platform for centralised management, monitoring and customer self-service access of data protection operations. ë

PRODUCTS

M A R C H 2 0 21

MEA

GUEST COLUMN

THREE IMPORTANT FOCUS AREAS FOR SUPPLY CHAIN SECURITY There is scope for MSPs and MSSPs to improve supply chain security and they can tackle by focusing on three areas, writes Chester Wisniewski of Sophos.

upply chain cybersecurity attacks have been in the news lately, but they are nothing new. In fact, nation state adversaries have been targeting and abusing supply chain vulnerabilities for years. These vulnerabilities are an easy in, giving attackers an open door to more lucrative targets. Managed service providers, MSPs, and managed security service providers, MSSPs, are particularly attractive targets because they hold the keys to many different customer organisations. Look at what happened when hundreds of dental office customers were hit by ransomware after their shared MSP was compromised. “I didn’t think we would be a target” are words spoken by compromised organisations all too often. Yet the truth is we are all targets. We are all links in someone’s supply chain, and that makes us susceptible if we are not protected. It is easy to imagine how one might be a backdoor into a military contractor if they supply them with services or tools, but would you consider your local nail salon to be a supply chain risk? Well, you should. In fact, an attack against a large company began by compromising a local salon and using their billing system to send malicious PDFs to executives at the company who used their services. There is tremendous opportunity for MSPs and MSSPs alike to improve supply chain security defences both internally and for the customers that they serve. This might seem like a daunting task, but you can tackle it often with immediate and measurable results by focusing on three important areas:

1. AUTHENTICATION Service providers need to stop sharing passwords. It

MEA

M A R C H 2 0 21

Service providers need to stop sharing passwords, it is an ongoing problem. sounds like common sense, but it is an ongoing problem. As someone who has investigated credit card fraud, I have seen firsthand the risks of payment terminal providers using remote access software like TeamViewer or VNC with a single, shared password to manage thousands of customer accounts. Earlier this week, law enforcement officials in Florida announced that an attacker used TeamViewer to successfully gain access to a password protected control panel and attempted to poison a critical infrastructure water supply. The attack was fortunately stopped but could have been deadly. This lack of security is no longer acceptable. Phishing one member of your support staff is enough in many cases to destroy your reputation and potentially your business in one incident. No different than in traditional IT departments, accounts that possess privilege should only be used when needed, and they should always require multi-factor authentication. All usage should also be logged and reviewed frequently.

2. ACCESS RIGHTS Should every technician be allowed access to every client? Perhaps, but probably not. Often, groups of clients, especially key customers, have a dedicated support person or team. No different than how we segment networks to provide audit points and to contain risk, privileges require bounds. Logging is critical in recognising unusual access like off hours use or access to an account assigned to a different team, which can

GUEST COLUMN

CHESTER WISNIEWSKI,

Principal Research Scientist, Sophos.

Prioritising supply chain security defences can be a significant competitive advantage for service providers be signs of insider fraud or an external threat actor preparing to launch a ransomware attack.

3. MONITORING FOR COMPROMISE Monitoring is often under resourced as opposed to prevention. The problem is, we know that prevention is not always 100% achievable, yet when it comes to detection and

monitoring for the failure of our preventative controls, we are being too reactive. Once an attack becomes obvious it is often too late. By the time a criminal pulls out the ransomware, they have already stolen critical data and, more often than not, have had access to your network for 30 days or more. During investigations conducted by the Sophos Managed Threat Response team, two things stand out as early indicators of compromise. One is the use of credentials for remote access and administrative purposes during off hours; the other is the abuse of system administration tools in order to conduct surveillance and steal data from the network. The use of legitimate accounts and your own tools is often referred to as Living Off the Land, LotL. Detecting this requires vigilance and skill. To a trained security operations centre

analyst, these things stand out clearly and can tip you off to thwart the attack before the bulk of the damage has been done. You either need to invest in training your staff to monitor these behaviours or engage with outside experts to monitor it on your behalf. Improving on these three important areas will significantly reduce cybersecurity risk, putting MSPs and MSSPs ahead of their competition when it comes to protecting customers. Prioritising supply chain security defences can be a significant competitive advantage for service providers in acquiring new customers and perhaps most importantly, retaining the ones they already serve. These are simply starting points where we have identified common points of failure. Security is a journey and securing the supply chain is just one piece of the bigger puzzle. ë

M A R C H 2 0 21

MEA

GUEST COLUMN

KEY INVESTMENTS DRIVING THE CHANNEL RECOVERY Sherifa Hady of Aruba lists out key findings of a survey that have relevance for channel partners as they look to evolve their ongoing services.

s customers across EMEA continue to grapple with today’s ever-evolving pandemic landscape and their investments shift to support new infrastructure needs for a digitalfirst world, business recovery in the channel is proving a varied and staggered journey. For some channel businesses, activity has slowed right down, while for others it has to accelerate to keep pace with the need to consolidate, restructure or expand existing assets for services such as retail and education. Yet despite the varied impact on their businesses, the desire for growth within the channel remains strong. Aruba recently surveyed 2,400 IT decision makers, ITDMs, in over 20 countries to find out how they have adapted to new IT and business demands in the wake of Covid-19, what investment decisions they are making as a result, and what consumption models are now being considered, all against the backdrop of navigating the new data era. Several key findings will have significant relevance to channel partners as they look to evolve their ongoing services and return to growth, so I have outlined three of the most useful ones. ITDM’s who have reported the most significant impact from the pandemic are not just the most likely to be investing more in new technologies, they are also more minded to pursue models of consumption that give them greater financial control. When asked what IT consumption models they were most likely to explore in light of Covid-19, just 8% of respondents said they planned to continue with capex investments only. By contrast, 55% said they would explore a SaaS model for either hardware or software. The study also found that the average proportion of IT services consumed via subscription will accelerate by 41% in the next two years, from 29% of the total today to 41% in 2022.

MEA

M A R C H 2 0 21

Data is shifting from the datacentre to the Edge, and customers are looking for solutions on emerging trends As the pandemic forces organisations to evolve their business models to be more agile, adaptable and fit for purpose, as a service is here to stay. It is therefore critical that partners develop a robust as a service model while keeping their options open for more traditional ways of doing business. When asked about where they were looking to spend their money, 83% of respondents globally said that they were likely to increase their investments in cloud-based networking over the next year, underscoring the importance of cloud for remote management at scale. The increase in cloud-based networking comes with its own set of challenges, however, as companies battle to respond to the needs of a distributed workforce as well as how to seamlessly enable social distancing and contactless interfaces, all while maintaining a secure perimeter. To tap into this increased investment, partners must decide on a clear cloud-based strategy to make sure that they have the right tools and management software available to help customers through this transition. The need to offer on-premise, off-premise and hybrid solutions to scale for a wide range of customer requirements will also mean that they have to select vendors that offer a certain level of flexibility and choice when it comes to hardware, software and licencing. Driven by the relentless growth in data from connected devices, in the coming years the generation, transmission, processing and storage of data at the Edge will become pervasive, and organisa-

GUEST COLUMN

SHERIFA HADY,

92%

of IT decision makers felt their organisation is missing the skills needed to unlock the power of data tions are already recognising this. In fact, our findings showed that 82% of IT leaders identified implementing integrated systems to handle data at the Edge as an urgent requirement. And encouragingly, 72% of global IT leaders are actively using Edge technologies to deliver new outcomes, while another 16% are planning to do so in the next year. Though still largely regarded as a nascent

EMEA Channel Sales Director, Aruba. trend, those already using the technology have identified the greatest benefits as improving operational efficiencies and costs, 53%, greater agility and increased security, 44%, and the ability to create new products, services and revenue streams, 40%. But to realise these benefits there are a number of pressing issues to deal with. For example, 92% of IT decision makers felt their organisation is missing the skills needed to unlock the power of data, citing machine learning and artificial intelligence as areas of particular worry. As well as contending with these skills gaps organisations also have concerns around security vulnerabilities when connecting IoT devices at the Edge, with 33% highlighting this as a top barrier to implementation. To prepare for what lies ahead, partners need to have a deep understanding of customer needs in order to provide them with the solutions to effectively deploy and access networks

remotely, seamlessly and securely. Data is shifting from the datacentre to the Edge, and customers are looking for insights and solutions on emerging trends. There is a need to lead, to step in and provide these insights and take on a role to share learnings and offer key skills that may be missing. With no end in sight to today’s turbulent times, channel organisations should be advising their clients on products and services that support lower cost models, set them up for anticipated future technologies and support them to enable things like seamless remote work. As we embrace a new reality where IT infrastructure is critical for recovery and resilience, our channel partners face a delicate balancing act: to put in place the new infrastructure and tools needed to support clients in the new normal at a time where investments are under intense scrutiny. But those who manage to do so will reap the rewards. ë

M A R C H 2 0 21

MEA

GUEST COLUMN

OPPORTUNITY FOR CHANNEL PARTNERS IN RESHAPING BUSINESSES Ossama Eldeeb of VMware writes how channel partners can play the role of strategic IT advisors and help their customer to be future-ready.

020 has shown us that now more than ever, we must design and implement technology solutions with the expectation of change as a key design principle. We are now seeing organisations being driven and defined by applications and the way users interact with them, as operations pivot towards anywhere workforces. This can be challenging and confusing; yet it also offers immense opportunities for those businesses with the expertise, knowledge and competencies of what is required from a technology perspective to enable this transition. But what is required to drive the change, and how can partners support customers while growing their own businesses? Fundamentally, there are three core areas shaping the world: applications, people and infrastructure. Firstly, this is about future ready applications. It is no overstatement to say that applications have become the lifeblood of business innovation and differentiation. During a crisis, demand for modern apps can grow at exceptional speed. It is quite simple, businesses need to be in the driving seat of being able to build, run, manage, secure and deliver new apps and services fast if they are to meet the needs of their employees and customers both in today’s turbulent times but also as a way of future-readying their business. This puts immense pressure on stretched IT teams, but it is work that has to be undertaken. But apps are only useful to the future of work if they are being used. They need to meet the needs of a user base that has undergone one the greatest displacements in living memory. Technology, not location, is now the glue holding today’s organisations together. The pandemic, while disastrous, has offered the greatest petri dish environment imaginable to stress test what many people already believed: work no longer equals the office.

MEA

M A R C H 2 0 21

It takes a connected, collaborative ecosystem and clear communication, to build the solutions enterprises are seeking New research from VMware has revealed a 41% increase in the proportion of employees across EMEA who now see remote working as a prerequisite rather than a perk. Again, here lies a major role for partners, enabling the delivery of a digital workspace platform that enables remote work by providing critical and secure access to the critical apps and data employees need to do their jobs, from the device of their choice, no matter where they are. It is the combination of security and agility that partners should prioritise, corporate IT does not have to sacrifice control, but workers should neither have to fit within rigid frameworks, restricted by what they can and cannot do by inflexible governance. For several years now, we have been talking about the new opportunities that cloud computing offers. It used to be a simple choice between public and private; now we are in a mix-andmatch era of multiple kinds of cloud, private, public, hybrid, edge and different combinations of them all. Today, enterprises are operating in a multi-cloud era and have the power to call upon whatever environment they need, from whichever cloud hyperscaler fits their needs: Alibaba Cloud, AWS, Azure, Google Cloud, IBM Cloud, Oracle Cloud, or a local specialist cloud provider, a real possibility now with the underpinning of a cloud foundation, where the focus is on what suits the app, not the vendor. Yet the ability to run workloads across different clouds needs to

GUEST COLUMN

OSSAMA ELDEEB, Director, Partner Organisation, VMware, Middle East, Turkey and North Africa.

New ways of working, powered by new apps and new approaches, demand new partnerships to deliver them be simplified, and IT needs to be afforded the tools to manage apps irrespective of the cloud in which they reside. That means being able to establish consistent operations across clouds and leverage a consistent architectural model that extends from data centre to public clouds and edge environments. It means reducing the complexity and costs of multi-cloud management. It means having the flexibility to deliver apps across any cloud. Again, only one underpinning cloud foundation can deliver this, thus enabling developers to get apps into production faster and deliver that code to any cloud; and for ops teams, providing a developer-ready infrastructure.

So, what does this all mean for the channel? It means that, despite whatever enterprises are wrestling with, they are all updating strategies and reprioritising investments, and they need strategic IT advisors alongside them. They need partner organisations that get what is needed to deliver future-ready applications, workspaces or the infrastructure to support it all. Technical competency is vital but so too is the ability to be a credible authority and independent sounding board, to offer objective, informed advice on where efforts and investments need to be focused in order to achieve business objectives. And with the increase in the amount of technology enterprises are consuming, no single business, whether vendor, integrator, provider, reseller or any other supplier can do it all. It takes a connected, collaborative ecosystem, with profitable margins and clear communication, to build the solutions enterprises are seeking. Here is where regular events and partner interaction are more important than ever, virtual sessions that can boost skills with breakout sessions, deliver first access to training

on new technologies and connect likeminded individuals to drive competitiveness. New ways of working, powered by new apps and new approaches, demand new partnerships to deliver them. The future of work is a misnomer because it is not happening next year or next decade; it is happening now, and the decisions taken to enable it will need to last for some time to come. Enterprises are crying out for the right partners to support and guide them as they navigate the complexity of an app-driven world. They know they can only fulfil the potential of these powerful services with the right infrastructure in place. The opportunity for partners is to be that strategic IT advisor, that can identify what customers truly need, and deliver the solutions to meet their requirements. So, we are working with our partners to help their customers become future-ready: more resilient, more able to innovate and differentiate, better able to retain and attract customers, better able to empower engaged anywhere workforces; and better placed to manage and exploit change. ë

M A R C H 2 0 21

MEA

TRENDS

Europe and Middle East lag in zero trust policies, Okta report

JUSTIN DOO, Regional Manager MEA, Okta.

According to Okta’s research, 40% of global organisations are working on zero trust projects that centre around the principle of never trust, always verify. Rather than taking for granted the fact that a site, application, or platform is safe to work on, employees maintain a healthy level of cynicism about the IT resources that they are using. North America leads the pack with 60% of respondents embarking on zero trust initiatives, both Europe and the Middle East are lagging, with just under 18% onboard. With nearly 80% of companies in some parts of the world expecting to keep their remote work arrangements in place for up to one year after Covid-19 substantially subsides, Middle East organisations need zero trust policies and robust tools to help them operate more safely, securely, and confidently. Professional services firm KPMG in Saudi Arabia has warned of an increase in malicious cyber activity, as online criminals seek to exploit the global coronavirus pandemic. With a worldwide pandemic underway and companies round the globe are predicted to face a loss of $3.5 billion a year to cyber-

SELINA BIEBER, Senior Regional Director for Turkey and MENA at GoDaddy.

36% UAE entrepreneurs increased digital marketing activities, GoDaddy GoDaddy has released the results of its 2020 Entrepreneur Survey, which revealed that small businesses in the UAE are quite agile in adapting to the trying times of 2020. 36% of UAE entrepreneurs have increased their digital marketing activities to attract more customers. Nearly a third use their current online presence to sell goods or services. 68% are sure that their

MEA

M A R C H 2 0 21

business could survive a second wave of Covid19 as big as the first one. The quantitative survey report studied the effects the global pandemic has had on entrepreneurs and small business owners in the UAE and stated that most respondents intend to sell their products and services through social media platforms in 2021. A third of the

crime. More Middle East companies need to strengthen their cybersecurity solutions for their remote workforces. Working remotely was the obvious choice for many companies, but while in-office workers offered organisations easier cyber protection with traditional technology such as firewalls, remote working has forced these same companies to loosen protocols to allow for remote access. Workers need the right level of access, to the right resources, in the right context, but the 2020 Verizon Data Breach Report demonstrates that cybercriminals are moving away from the traditional technology attack and moving their focus towards the people and their identities. In short, workers are the number one cause of cybersecurity breaches, a risk that increases exponentially for remote workforces. Before the onset of Covid-19, organisations across the Middle East kicked off their journeys to zero trust security by starting with identity, adopting tools and best practices like single sign-on and multi-factor authentication for internal and external users, as well as for API access.

respondents said that they plan to set up an official website for their business. The survey highlights that 21% of respondents said that, pre-pandemic, they managed the technology needs of their business themselves. 28% said they had a friend or family member do it for them, while only less than a fifth had a web developer or professional manage their technology needs. Findings from the survey indicate that 4 in 5 entrepreneurs feel that there is a good mix of online tools and resources available for small businesses which allows them to easily digitise their business. Three out of 4 entrepreneurs and small businesses agree that the UAE is a good hub for small businesses. Finally, the survey concludes that nearly a half of the respondents agree that practicing business ethics and values is a major contributor to a business’ success in the long term, with 94% believing that business ethics and values are very or relatively important to their company or brand, in regard to how they operate internally and while working with customers and vendors. 86% of entrepreneurs consider workforce diversity to be very or relatively important for their company.

PEOPLE

EXECUTIVE MOVEMENTS FireEye elevates Luca Brandi to EMEA Channel Director FireEye has appointed Luca Brandi as EMEA Channel Director. Luca brings over 30 years of experience gained in channel sales, including the last six of them at FireEye. After consistently demonstrating enablement of the channel, Luca’s expanded role within FireEye now includes managing the entire EMEA area. Based in Milan, Luca began establishing his track record of success with FireEye in 2015 as Distribution Manager for the Emerging markets, with the aim to plan an efficient business chain and coordinate all the channel partners. Since 2018, Luca has been managing the channel activities for Southern Europe as Channel & Territory Manager.

Pilkku Aasma joins Citrix as VP for Partner Sales in EMEA Citrix has announced the appointment of Pilkku Aasma to the position of Vice President, Partner Sales EMEA. She becomes responsible for strengthening the company’s commitment to its EMEA partners ecosystem and their long-term success and profitability and prioritises expanding the digital workspace skills and capabilities of partners to support remote work and an engaging employee experience. Pilkku joins Citrix after two decades in a wide range of multiple markets and leadership positions at Microsoft. Most recently she led the Small, Medium & Corporate Segment sales and marketing in Germany. Prior to that she had direct responsibility for Microsoft’s 40,000 partners in Germany and held various sales and operations leadership roles in Western Europe, and Central & Eastern Europe.

Jian Wang is the new CEO of Huawei Jordan and Lebanon

Cloud Box appoints Sajith Kumar as Enterprise General Manager MEA

Infovista appoints Kristian Thyregod as President Global Enterprise

Huawei has announced the appointment of Jian Wang, Ethan, as the new CEO of its Huawei Jordan and Lebanon operations, thus continuing Huawei’s legacy of supporting both countries’ digital economies to drive Huawei’s growth in Jordan and Lebanon alike. In his role, Wang will be responsible of expanding Huawei’s position as a leading ICT solutions provider, propelling the comprehensive strategy to provide industryleading solutions to telecommunications carriers and enterprises, and contribute to the development of the country’s ICT industry. Wang will also manage strategic partnerships with public and private entities to support the governments’ vision of moving towards a diversified, knowledge-based economy.

Cloud Box Technologies has appointed Sajith Kumar as General Manager – Enterprise, Middle East & Africa to meet customer’s digital transformation goals. Kumar will drive the software business including data management and data protection and security. A seasoned professional Kumar brings in a wide range of experience with a deep understanding of MEA region, proficient in his dealings across industry verticals and public and private sectors. Cloud Box Technologies has recently added the security practice to its offerings. The company has also been actively involved with customers in the last year to help them build traction in digital transformation especially at a time when the Work From Home environment was gaining momentum.

Infovista has announced the appointment of Kristian Thyregod as President Global Enterprise. Kristian will be reporting directly to José Duarte, CEO, as a member of the Executive Leadership team. Kristian will help drive the company’s enterprise business through accelerated expansion and customer acquisition towards sustainable growth. As part of his role, Kristian will provide executive leadership across product management, sales, go-to-market and channel strategies. Infovista Ipanema SD-WAN solutions are currently deployed at more than 100,000 sites, mainly in Europe, serving more than 400 customers. In a career spanning 30 years, most recently, Kristian was Vice President for the Europe, Middle East and Africa region at Silver Peak helping to grow its business significantly during his tenure.

M A R C H 2 0 21

MEA

PEOPLE

EXECUTIVE MOVEMENTS Riverbed promotes Brecht Seurinck to VP Channel Sales, EMEA Riverbed has announced the promotion of Brecht Seurinck to Vice President Channel Sales for Europe, Middle East and Africa, EMEA. In his new and expanded role, Seurinck will oversee Riverbed’s channel strategy across the region to maximise customer value and strengthen relationships with strategic partners. He will lead a channel sales team to drive growth and revenue through Riverbed’s channel ecosystem in 2021. Seurinck will report to Elie Dib, SVP, EMEA. Seurinck is a channel and sales executive with more than 20 years of experience in leading direct sales teams across many geographical markets in the EMEA region. He joined Riverbed in 2014 in a senior channel management position spearheading one of Riverbed’s largest strategic partners globally, until transitioning into this new role.

Teradata appoints Barry Russell as SVP and GM of cloud Teradata, a multi-cloud data warehouse platform provider, has appointed Barry Russell as Senior Vice President, Business Development and General Manager of Cloud, effective immediately. In this newly created position, Russell is responsible for accelerating Teradata’s cloud and SaaS growth strategy. Russell, who has joined the company’s executive leadership team, reports directly to Steve McMillan, President and CEO. Russell is a skilled and recognised technology leader with an extensive background driving cloud transformations. Prior to joining Teradata, he led Qumulo’s cloud business unit, and before that, he held senior leadership positions at F5 and Amazon Web Services. At Teradata, Russell will be leading the development and execution of Teradata’s cloud programs, as well as advancing collaboration with leading cloud service providers, including Amazon Web Services, Google Cloud, and Microsoft Azure.

Nicole Torraco, Naresh Shanker, Louie Pastor to lead Xerox’s new businesses Xerox has announced organisational changes to support plans to create three new businesses, Software, Financing and Innovation, aimed at delivering long-term growth in 2021 and beyond. Nicole Torraco has been promoted to Senior Vice President, Xerox Financial Services, XFS, to lead Xerox’s financing business, reporting directly to CEO John Visentin. XFS will become a global payment solutions business, aimed at expanding its customer base, creating potential cross-selling opportunities, and helping to support small and medium-sized businesses. Torraco previously served as Chief Strategy and M&A officer. Naresh Shanker, Senior Vice President and Chief Technology Officer, will lead the PARC Innovation business. Xerox has made progress advancing new technology in recent years with products including 3D liquid metal and industrial IoT products, cleantech technology, signing clients and generating strong commercial interest. Executive Vice President Louie Pastor has been appointed Chief Corporate Development Officer and Chief Legal Officer. In addition to overseeing Xerox’s legal organisation.

MEA

M A R C H 2 0 21

“A New Normal of Technology, Business & Networking Events ”

TECHNOLOGY

LEADERSHIP BUSINESS

INNER-SELF CULTURE

90 DAYS MILESTONES VIRTUALSUMMITS

118

ENGAGED OVER

VENDORS AND PARTNERS

CONNECTED OVER

SPAN ACROSS

END CUSTOMERS

COUNTRIES

5500

TECH LEADERS

CIOS

VENDORS

IT DIRECTORS

INNOVATORS

EDUCATORS

ACADEMICIANS AND INVESTORS

BROUGHT TO YOU BY

ORGANIZED BY

Global CIO Forum

www.globalcioforum.com/unitewebsummit/

M A R C H 2 0 21

MEA

THEME OF UNITE

BOTS TEAM BUILDING

BODY

SOUL

OPPORTUNITIES AND OBSTACLES MONTHLY ALL-ROUND WELLNESS AND COMMUNITY BUILDING INITIATIVE FOR THE CIOS. STATE-OF-THE-ART LOCATIONS| ULTRA-MODERN ACTIVITIES| HANDS-ON EXPERIENCES | LIFE-CHANGING TAKEAWAYS

FITNESS 68

MEA

WELLNESS M A R C H 2 0 21

NUTRITION

ENGAGE