EC-MEA September 2021 by GEC Media Group

THE WORLD CIO 200 COMPLETES MIDDLE EAST LEG

PA G E S 6 0 VOLUME O8 | ISSUE 12 SEPTEMBER 2021 WWW.EC-MEA.COM

ARRIVAL OF

CYBERSECURITY 3.0 Protecting application workloads as they run in-memory has become the new differentiator as critical enterprises, telecom service providers, MSSPs add to their solution stacks.

Dell EMC VxRail Turnkey HCI platform proven to accelerate data center modernization, drive IT transformation, and simplify the path to the hybrid cloud Unlock �innovation Foster operational freedom Evolve predictably For details, contact your authorized distributor Mindware at delluae@mindware.net | www.mindware.net

MANAGING DIRECTOR TUSHAR SAHOO TUSHAR@GECMEDIAGROUP.COM

Back to in-person business ARUN SHANKAR, EDITOR A R U N @ G E C M E D I A G R O U P. C O M

The UAE’s pace of reform to get back to the workplace is short of breathtaking. The first week of October will see all students going back to school in Dubai. Dubai Expo 2020 opens for visitors at the same time. And Gitex 2021 rolls out at Dubai World Trade Centre in the middle of the month. Industry events are being announced both at Gitex and at Expo 2020 as in-person and not virtual. Business is being invited to begin and accelerate their pace of recovery. Global CIO Forum’s annual road show, The World CIO 200 Summit has completed the Middle East leg of this year. Carrying forward its legacy of the past five years, the roadshow is covering 36+ countries and providing a platform for 200+ exhibitors with 300+ engaging sessions. Over 4,000 C-Level executives are participating in the 2021 edition. The World CIO 200 Awards recognises various categories of executives including Legend CIO- Lifetime achievement awards; Master CIO- Experience of more than 15-20 years; Leader CIO- Experience of 10-15 years and multiple domain expertise; and Next generation CIO- Experience of 5-10 years and undertaken projects in this span of time. Moving forward, our lead feature of this month looks at the challenges posed from traditional cyber security solutions and the arrival of cyber security 3.0. Most security solutions are chasing yesterday’s threats. The first wave of security focused on network-based tools, like firewalls, IPS, or WAFs. These only protect at the perimeter and are increasingly porous because they lack context or visibility into the attack targets – enterprise applications. The next wave of security tools focused on the endpoint – trying to keep our devices and workstations free of malware. These tools depend on past knowledge of what’s been seen before, compiling endless lists of signatures, and policies to stay up to date. This blacklisting model is cumbersome and proven to be ineffective at protecting server workloads. Today’s security battleground has shifted to the application workload, where code is running. Advanced attackers know how to bypass perimeter tools and corrupt applications as they execute in runtime. Modern security needs to start from the inside – with the application itself. An application-centric approach focuses on understanding what apps are supposed to do, monitoring them as they execute and making sure they never get derailed – regardless of external threats, vulnerabilities, or zero-day attacks. Also packed in this edition are short features on AI and cloud-based collaboration as well as our regular expert columns and news round up. Best of business results and networking at Gitex 2021 and Expo 2020. ë

EDITOR ARUN SHANKAR ARUN@GECMEDIAGROUP.COM CEO RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM GLOBAL HEAD, CONTENT AND STRATEGIC ALLIANCES ANUSHREE DIXIT ANUSHREE@GECMEDIAGROUP.COM GROUP SALES HEAD RICHA S RICHA@GECMEDIAGROUP.COM EVENTS EXECUTIVE GURLEEN ROOPRAI GURLEEN@GECMDIAGROUP.COM RONIT GHOSH RONIT@GECMDIAGROUP.COM JENNEFER LORRAINE MENDOZA JENNEFER@GECMDIAGROUP.COM SALES AND ADVERTISING RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM PH: + 971 555 120 490 PRODUCTION, CIRCULATION, SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM DESIGNER AJAY ARYA ASSISTANT DESIGNER RAHUL ARYA DESIGNED BY

SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM SOCIAL MARKETING & DIGITAL COMMUNICATION YASOBANT MISHRA YASOBANT@GECMEDIAGROUP.COM PRINTED BY Al Ghurair Printing & Publishing LLC. Masafi Compound, Satwa, P.O.Box: 5613, Dubai, UAE # 203 , 2nd Floor G2 Circular Building , Dubai Production City (IMPZ) Phone : +971 4 564 8684 31 FOXTAIL LAN, MONMOUTH JUNCTION, NJ - 08852 UNITED STATES OF AMERICA PHONE NO: + 1 732 794 5918 A PUBLICATION LICENSED BY International Media Production Zone, Dubai, UAE @copyright 2013 Accent Infomedia. All rights reserved. while the publishers have made every effort to ensure the accuracyof all information in this magazine, they will not be held responsible for any errors therein.

CONTENTS SEPTEMBER 2021

VOLUME 08

ISSUE 12

EDITOR’S PAGE 21-23

EVENTS 24-28

CHANNEL 45-48

REAL LIFE 49-50

PRODUCTS 51-53

ANALYSTS CORNER 54-57

GUEST COLUMN 58

PEOPLE 36-39 \ COVER STORY

SECURING AND PROTECTING APPLICATION WORKLOADS AND RUN-TIME MEMORY

14-20 EVENTS The World CIO 200 Summit completes Middle East edition 40-43 INNOVATION Cautious steps into usage and applications of AI

07 VIEWPOINT Forum Building a control room for security operations

09 VIEWPOINT Legacy solutions ineffective against RCE attacks

11 VIEWPOINT Has the novelty of work from home worn off?

Challenges and best practices of enterprise AI AI boosting automation, delivery, productivity dominate flash memory

S E P T E M B E R 2 0 21

MEA

VIEWPOINT

BUILDING A CONTROL ROOM FOR SECURITY OPERATIONS A cybersecurity situation room, fuses together threat data, evidence, and users, helping all team members involved in the investigation process to collaborate.

new SANS report analyses the need for organisations to invest in improving their security operations and identifies the skills analysts must master to support this initiative. Characterising an analyst as essentially an investigator, the SANS report breaks the investigative process down into two primary areas: l Investigative Tasks l Investigative Thinking One of the most important sources of intelligence to also bring into the process is human intelligence that comes from critical thinking. After all, what better way is there for organisations to validate data and findings and then determine the right action to take within their own environment than through their own people As the SANS report points out, empowering humans so they have more time to engage in investigative or critical thinking is vital to effective and efficient detection and response. According to SANS, best practices for critical thinking include: l Asking questions to gather additional context and scope when facing a situation of uncertainty during an investigation. l Reasoning backward by using tools like MITRE ATT&CK to hypothesise what must have happened to arrive at the alert that is displaying on a security console. l Considering multiple plausible pathways instead of thinking linearly to detect and respond to new threats. l Remaining curious, flexible, and agile within a highly dynamic environment such as a security operations centre. This is where collaboration comes in, both passive and active collaboration. A security operation platform serves as a central repository that includes internal threat and event data, augmented, and enriched with global threat data. This central repository is at the heart of passive collaboration, or information sharing. When individual team members and different security teams can access the central repository for the intelligence, they need to do their jobs as part of their workflow, passive collaboration just happens. As they use the repository and update it with observations, learnings, and documentation of investigations, they get consistent threat intelligence. The repository can serve as a centralised memory to facilitate future investigations. Everyone can operate from a single source of truth, instantaneously sharing knowledge and using their tools of choice to improve

ANTHONY PERRIDGE, VP International, ThreatQuotient.

Most security operations or investigations are rife with chaos as teams act independently

security posture and the investigation process. Active collaboration involves engaging with another person to accomplish a shared goal through tasking and coordination. It is what typically comes to mind when we think of collaboration, but traditional, siloed environments have made this extremely difficult and time-consuming for security professionals to do. The challenge is that most security operations or investigations are rife with chaos as teams act independently and inefficiently with limited visibility into the tasks other teams or team members are performing. With different people or teams working on independent tasks, key commonalities are missed so investigations take longer, hit a dead-end, or key information just falls through the cracks. Likewise, a cybersecurity situation room, fuses together threat data, evidence, and users to break down these barriers. All team members involved in the investigation process can collaborate. Rather than working in parallel, they can automatically see how the work of others impacts and further benefits their own work, and they can share and benefit from the human intelligence they each bring to the table. Validating data and sharing their collective insights and understanding fosters critical thinking that drives successful investigations. ë

S E P T E M B E R 2 0 21

MEA

AirEngine Wi-Fi 6 All-New Speed for Everything Lightning-Fast Speeds, Always-On Mobility, Continuous Self-Organizing Networking.

Redeﬁne Wi-Fi Industry Benchmark. Contact Us: enterpriseME@huawei.com e.huawei.com/ae Scan here to learn more

VIEWPOINT

LEGACY SOLUTIONS INEFFECTIVE AGAINST RCE ATTACKS From an attacker’s perspective, an RCE vulnerability in a workload, is the gift that keeps on giving countless attacks, in the UAE and across the globe.

heckPoint recently published a new report that chronicled the UAE threat landscape over the past six months. In the report, the company identified that the most common vulnerability exploit type was Remote Code Execution RCE, which impacted 62% of businesses. This finding is not at all surprising. From an attacker’s perspective, an RCE vulnerability in a workload – a workload being the infrastructure on which data center software runs-- is the gift that keeps on giving, in countless attacks, not only in the UAE but across the globe. RCE vulnerabilities were also the root cause of the Hafnium and Kaseya attacks. Very early and automated protection in response to an RCE attack is essential for effective enterprise protection. When a craftily constructed payload is delivered to an application with a lurking RCE vulnerability, the application relinquishes execution control to the attacker. The application is said to have reached the exploitation state in the cyber kill chain. Wresting execution control from an application allows the attacker to not only install more tools required to perpetuate the attack but also establish a two-way communication path back to the attacker’s command control center. At this point, the attacker has achieved full keyboard control on the victim. Now the victim workload is totally at the attacker’s mercy and can perform any malicious action of the attacker’s choosing. These actions could include running ransomware, exfiltrating critical data, scraping user credentials, pivoting to other workloads, perform crypto mining activities, join a botnet. It is often said that adversaries use the same techniques repeatedly. Assuming threat actors will leverage the same techniques continuously is not only naïve but is also a little self-serving for classes of cyber security products that leverage signatures and threat feeds. Most adversaries are well funded, skilled, motivated, and highly effective. All they need is early awareness of an RCE vulnerability and an enterprise that is hosting the vulnerable application. Once they are in the enterprise data center, the attack metastasises in seconds. If the attacker is able to reach the Command-and-Control state in the kill chain, there is going to be no stopping the adversary. RCE Vulnerabilities are particularly potent against conventional endpoint, perimeter, and threat hunting security tools. Even though these

SATYA GUPTA,

Cofounder and Chief Technology Officer, Virsec.

Once they are in the enterprise data center, the attack metastasises in seconds security tools claim they work in the application’s runtime, their runtime clock starts after the attack has reached the Actions on Objectives state in the kill chain; long after the attacker has achieved keyboard control over the victim workload. These security tools work by tracking how many anomalous activities have occurred over a fixed period of time. They declare the victim is under attack if a pre-defined threshold of anomalous activities is exceeded. A skilled attacker can float under the radar and be able to totally bypass protection offered by conventional security tools. At SolarWinds, the attack continued unabated from September 2019 to Dec 2020 15 months before a security vendor published a specific indicator of compromise IOC. To achieve true protection against an attack that leverages an RCE vulnerability, the security control must kickstart protection before the attack reaches the Command Control stage of the kill chain. An attack that has crossed the Command Control C2 stage of the kill chain is unstoppable. Irreparable harm is guaranteed to occur. Conventional security tools do not work against RCEs. True Protection can only be achieved if the security control can detect an attack at the Exploitation stage of the kill chain and launch protection action before the attack reaches the C2 Stage of the kill chain. ë

S E P T E M B E R 2 0 21

MEA

JOIN FUN & THRILL WEEKENDS

BADMINTON CRICKET CYCLING FOOTBALL SWIMMING TENNIS TABLE TENNIS GOLF TEAM BUILDING TASK TUG OF WAR ATHLETIC FITNESS CHALLENGE BOWLING VOLLEY BALL BASKET BALL

O CT 14 - N OV 5, D U B A I

PARTICIPANTS

3000+ SPORTS

GEC

MATCHES

150+

CORPORATE CHAMPIONSHIP

Title Partner

Venue Partner

Healthcare Partner

Refreshment Partner

Supporting partne Official Technology Magazine

Wellness Partner

Community Partners

Official Radio Partner

Official Business Magazine

Refreshment Partner

Event Management

COMPANY OF GEC MEDIA GROUP

ent

VIEWPOINT

HAS THE NOVELTY OF WORK FROM HOME WORN OFF? Here are three common sense best practices to combat anxiety and boost unity and efficiency for hybrid and remote teams as organisations begin recovery.

y 2022, 25% of the global knowledge workforce will choose their home as the primary workplace, and 45% of the workforce will be working from home two to three days per week. Some employees are thrilled at the prospect. Others, not so

much. For many employees, the novelty of working from home has already worn off, and they are anxious about the possibility of a permanent move to a hybrid work environment. You can help reduce their anxiety with some simple ground rules for virtual interactions and other work challenges that are unique to remote and hybrid work teams. Three ways to improve life for hybrid and remote teams You will need to customise your guidelines to ensure a good fit for each team and for your corporate culture, but it helps to focus ground rules on improving three aspects of remote and hybrid teamwork. #1 Team unity and health Encourage your teams’ interpersonal unity, which can be especially difficult to maintain in a remote environment but is critical to collective team engagement and inclusion. Managers need to be empathetic and approachable; it can make the difference between a great employee experience and a not-so-great one. Team members often get their primary work cues from manager behavior, so make sure that managers model productive behavior. For example, explicitly call out and illustrate the ability to time-shift, to accommodate a doctor visit, consult with a carpenter or care for a sick child, to reinforce the idea that we are all in this together. #2 Time management and team coordination Promote transparency around how teams use their time and be flexible in coordinating how work gets done, focusing on outcomes more than inputs. For example, agree on work outcomes and outputs but be flexible over how, where and when the team delivers those objectives. This strategy reinforces that team member participation is judged by their contribution, not their location. The idea of collaboration equity is critical to remove concerns, now and going forward, that in-office participants may be favored due to their physical presence in a companysupplied workspace. #3 Tools and equipment Provide clear guidance on what technology and tools are available, and when to use them for what. Ensure that all equipment works properly and

MATTHEW CAIN,

Vice President and Distinguished Analyst, Gartner.

By 2022,

45%

of the workforce will be working from home two to three days per week

provide opportunities for team members to improve their digital dexterity, but also make clear that employees must take ownership of their own digital proficiency as an essential ingredient in effective remote and hybrid work. Virtual meetings are a good example. The IT organisation is in charge of seamless provisioning of equipment and providing effective support services, but your ground rules should place responsibility on team members to know how to use all the relevant features and observe meeting best practices. ë

IA GROUP

S E P T E M B E R 2 0 21

MEA

VIEWPOINT

BUILDING THE CYBER SECURITY WAR ROOM IN A PROACTIVE WAY Proactive organisations should have periodic assessments with IT security, while engaging key stakeholders simply and regularly can make all the difference.

ybersecurity emergencies seem to happen when an organisation feels it is least prepared. And that call for weekend war room is an experience that no CISO and their team want. While it might appear to be a bolt out of the blue, in my experience, it is more like a slow rolling thunder that builds into a loud clap that you can never properly anticipate. The first way to take control is to ensure that the business has visibility. There is no doubting that gaining visibility of threats and vulnerabilities is not easy, but it is fundamental. Can you see everything in the environment? Do not mistake visibility to be simply about logging. All organisations accumulate logs of one sort or another from any number of different systems. This can be useful, but what is essential is to have context. This gives you the powerful capability to correlate log activity from the different domains and enclaves you have within an environment. From this, the challenge is for a human to sit in the middle, correlate the information, put context around it, and then be in a position to respond. Integrating different logs and visibility tools takes you so far on adopting a more proactive approach. The next step is how the best security operations centers that confront security incidents often make use of a standardised framework that helps to define what security responses are needed. The weekend war room is a product of reactive management. Yet that does not mean that there should not be a weekday war room. Proactive organisations should have periodic assessments with IT security staff and management. Engaging key stakeholders simply and regularly can make all the difference. For a successful war room, the dashboard and any associated reports should show the relative level of risk associated with vulnerabilities in the organisation and a timeline of when they will be fixed. Some other facets of the dashboard help reduce the pain of tackling with a security incident. It is important for the organisation to know and show what is connected to a network. Trying to figure that out after an incident has occurred is never a pleasant task. The dashboard and associated reports should also provide context around security alerts in a way that’s easily understandable to help determine impact. Organisations should actively track incidents so that executives can easily see if there have been any attempts to detonate malicious software

MK PALMORE,

VP Field CSO Americas, Palo Alto Networks.

The challenge is for a human to sit in the middle, correlate the information, put context around it, and then be in a position to respond

within the enterprise—and whether or not those attempts were blocked. Having visibility and a clear picture of the health and maturity of security operations underpins a proactive security organisation. Taking a proactive approach to security does not just help save the weekend—it can help solve the difficulties of IT security staffing too. By integrating visibility and automation that enable a proactive approach, an organisation can speed up routine tasks, freeing up sometimes scarce security analyst resource to do more high-level, human-intensive work. No one wants to get that call to join a weekend war room, ruining precious time with family and friends. The key to preventing that outcome is to embrace a proactive strategy that provides visibility and context that help identify risks before they become weekend war room incidents. ë

S E P T E M B E R 2 0 21

MEA

EVENTS

The World CIO 200 Summit completes Middle East edition of the roadshow Global CIO Forum completed the Middle East leg of The World CIO 200 Summit 2021 on 22nd September 2021. Global CIO Forum completed the Middle East leg of The World CIO 200 Summit 2021 on 22nd September 2021 with the theme “#Change”. The event witnessed huge participation and highly interactive sessions with speakers at the GEC Media Virtual Arena. Carrying forward its legacy of the past five years, this year, the roadshow is going to cover 36+ countries and provide a platform for 200+ exhibitors with 300+ engaging sessions. Over 4,000 C-Level executives will be recognised in the 2021 edition. The event partners of The World CIO 200 Summit were Infoblox, F5, Exclusive Networks, BMB, Laserfiche, Veritas, Finesse and Arcon. The World CIO 200 Awards has categories including Legend CIO- Lifetime achievement awards, Master CIO- Experience of more than 15-20 years and unparalleled technological experience in a career life span, Legend CIO- Experience of 10-15 years and multiple domain expertise and Next generation CIO- Experience of 5-10 years or less and undertaken mammoth projects in a less span of time.

The World CIO 200 Summit- Bahrain edition The World CIO 200 Summit- Bahrain edition was opened by CEO Ronak Samantaray, Global Head, Content and Strategic Alliances, Anushree Dixit, and Dr Jassim Haji, President, International Group of Artificial Intelligence - IGOAI. World CIO 200 Summit have four categories legend CIO- lifetime achievement awards, master CIO- Experience of more than 15-20 years and unparalleled technological experience in a career life span, legend CIO- experience of 10-15 years and multiple domain expertise and nextgeneration CIO- Experience of 5-10 years or less and undertaken mammoth projects in a less span of time. During the event, there were four keynote speakers and a panel discussion. The event was followed by The World CIO 200 awards. The event was streamed live from the virtual arena and on Vimeo also.

MEA

S E P T E M B E R 2 0 21

Here are the highlights of the various speaker keynote presentations.

Digital Acceleration In the opening keynote address Ahmed Mohamed Buhazza, Vice Chairman, Bahrain ICT Society talked about digital acceleration and the impact of the COVID pandemic.

Inspire 10 on 10 Speaking at the event, Rajiv Arora, Global CIO, Siemens discussed the future role of CIOs and the upcoming role of IT in the future.

World CIO 200 Country IT Outlook Shibu Abraham, Head of IT and Logistics, Bahrain Duty-Free talked

A U G U ST 2 0 21

MEA

EVENTS

about travel retail and how dynamic it is.

Cross Border panel: Leadership in Post Pandemic cross border view The panel discussion on Leadership in post-pandemic: A cross-border view was moderated by Arun Shankar, Editor, GEC Media Group with panellists including Samuel Amanor, CEO, BlueSPACE, Africa, Khalid Jalal, Senior Group ICT Manager of GARMCO and Munir Ahmad, Executive Director-CIO United Company of Pakistan. Businesses led by their technology heads are revamping their infrastructure and application stack looking at vastly improved customer experience, higher returns from sales, business resilience and business continuity. Failed organisations and industries are experiencing consolidations, shakeouts, and exits for being laggards in technology adoption. l In your opinion, based on your organisation’s experiences and the market sector that you operate in, which specific technologies and appli-

cations have helped your organisation build resilience, agility, and leadership in the last 18 months. l As the head of technology decision making, responsible for pulling your organisation through the challenges of the last 18 months, tell us about your engagement with business and other peers, who worked closely to revamp operations and processes, and facilitate further digitisation and cloud migration. l As we move into the recovery phase of the pandemic and further, many business opportunities are appearing ahead. In your opinion, what technology initiatives should organisations put in place to further build leadership and resilience in their markets and industries.

2021 Outlook Ahmed Farid, Territory Account Manager, Infoblox spoke about digital transformation and said for every organisation this is a need to take it for survival in today’s world.

The announced winners of The World CIO 200 Summit – Bahrain edition include: TITLE SPONSOR CO-SPONSOR

COUNTRY

DATE

BIBF

Education

Legend

GARMCO

Manufacturing

Legend

BIBF

Education

Legend

Khaled, AlKhalifa

Supreme Council of Health

Healthcare

Legend

Fawaz, Shakralla

BIPD

Education

Master

Mohamed, Albenjasim

Bahrain Airport Services

Aerospace or Defense Contractor

Leader

Sayed Ali, Sharaf

Tatweer Petroleum

Oil or Gas

Leader

Mohamed, Niroz

Confidential

Nonprofit

Leader

Hasan, Murad

Royal Humanitarian Foundation

Nonprofit

Master

Ali, Alaradi

Ministry of Foreign affairs

Government

Legend

Kuwait Finance House Bahrain

Financial Services and Banking

Master

Anas, Kamaluddin

YBA Kanoo

Supply Chain & Logistics

Legend

Fru Christian, Bills

Sadad electronic payment system

Financial Services and Banking

Leader

Shibu, Abraham

Bahrain Duty Free

Retail Wholesale or Distribution

Master

AEG Bahrain

Master

Spark Tech Solutions

Master

Shaker, AlOwainati Khalid, Jalal Shaker, AlOwainati

Hasan Isam Naser, Muhi

Mohamed Sanad, Mohamed Sanad Rami, Ayoob

S E P T E M B E R 2 0 21

MEA

EVENTS

The World CIO 200 Summit- Saudi edition Global CIO Forum launched the 2021 edition of The World CIO 200 Summit with a theme “#Change”. The second event of World CIO 200 Summit successfully held the Kingdom to Saudi Arabia edition on 9th September at the GEC Media Virtual Arena. The World CIO 200 Summit- KSA edition was opened by CEO Ronak Samantaray and Global Head, Content and Strategic Alliances, Anushree Dixit. During the event, there were four speaker keynote speakers and one panel discussion. The event was followed by The World CIO 200 awards. The event was streamed live from the virtual arena and on Vimeo also. Here are the highlights of the various speaker keynote presentations.

World CIO 200- Inspire 10 on 10 Session In the opening keynote address Abdullah Al Othman, CIO, Ministry of Investment, KSA highlighted the role and responsibilities of CIOs in these days.

World CIO 200 Country IT Outlook Speaking at the event, Mushtaq Khan, Digital Transformation Manager,

MEA

S E P T E M B E R 2 0 21

Obeikan Investment Group talked about how they have started blockchain technology in the healthcare.

2021 Outlook Nezar Edwan, Territory Manager, Infoblox talked about how digital disruption is changing the world in which we live and work.

2021 Outlook While addressing the session, Yasser El Mashad, Cyber Security Specialist, F5 discussed the latest trends in the market regarding application security. Cross Border panel: Leadership in Post Pandemic - cross-border view The panel discussion was moderated by Arun Shankar, Editor, GEC Media Group with panellists including Anil Menon, Head of Information Technology at Lulu Group India Pvt Ltd, Nitin Bhargava, COO at Emirates Investment Bank PJSC, Sanjeev Madavi, Chief Digital Transformation Officer at Khimji Ramdas, Iftikhar Arif, General Manager Information Technology and E-commerce at Muller and Phipps Pakistan. And they talked about changes happening in the industry post pandemic.

EVENTS

The announced winners of The World CIO 200 Summit – Saudi edition include:

COUNTRY

NAME

ORGANISATION

CATEGORY

Oman

Abdullah Al Raqadi

Ministry of Health

Master

Oman

Omar Al Mazroul

Ministry of Health

Master

Oman

Rashid Al Riyami

Muscat Municipality

Master

Qatar

Mohammed Aslam

Rafeeq

Leader

QATAR

Mohammed Ishtiaq Hussain

UTI Cybersecurity Cloud and IT LLC

Legend

Qatar

Anto Pius

ASTER DM HEALTHCARE

Master

Qatar

Saheem Ibrahim Al Balushi

Doha Bank

Legend

Qatar

Ali Nouman

Doha Bank

Master

Qatar

Faizal Babu Kavungal Thodika

Gulf Drilling International Q.S.C

Legend

Qatar

Mohammed P.A

Transind Holding

Next generation CIO

Qatar

Samir Pawaskar

Q-CERT/Ministry of Transport and Communication

Legend

Qatar

Pasantha Walpola

Four Points by Sheraton Doha

Master

Qatar

Fayez Al Khatib

Al Qamra Holding

Legend

Qatar

Joanes Mulyo

The Ritz-Carlton Doha

Master

Qatar

Rahul Mistry

Kempinski Qatar

Master

Qatar

Mohammed Jaouni

Arab Bank

Master

Qatar

Adiy Adnan Shariff

North Oil Company

Master

Qatar

Adel Al-Malki

Qatar National Bank

Master

Qatar

Mohammed Khalid Abushawish

Commercial Bank of Qatar

Master

Qatar

Ammar Albaik

La Cigale Hotel

Master

Qatar

Hareesh K

Regency Group

Master

Qatar

Adel Al Maraghi

Qatar Customs

Master

Qatar

Joanes Mulyo

The Ritz-Carlton Doha

Master

Qatar

Bassam Alyafei

Ministry of Culture and Sports

Master

Qatar

Aladdin Saqer

Head of Information Technology

Master

MEA

S E P T E M B E R 2 0 21

EVENTS

Microland and ServiceNow host summit on Revamping Digital EcosystemA On September 7, Global CIO Forum in association with Microland Group and ServiceNow successfully hosted a virtual summit on Revamping Digital Ecosystem. The event focussed on how Microland and ServiceNow can help in the digital transformation journey. The digital world is in a constant of growth and flux. Digital transformation has become imperative to business survival in the age of remote work. Moving from a conventional service management ecosystem to digital service management is the new normal and all organisations are moving towards it. The need to harness the power of new technologies such as artificial intelligence and machine learning to proactively support the digital workplace is an emerging field and is the way to be.

ServiceNow

Vivek Radhakrishnan, Senior Vice President, North America, Microland

Srikara CR, Senior Vice President, Consulting and Service Management, Microland

Speaking at the event, Vivek Radhakrishnan, Senior Vice President – North America, Microland addressed the session and highlighted the key role of Microland and said their organisation has been known as a leader in space of IT infrastructure management. Vivek added they have offices across the world, as they deliver services globally and their focus has largely been in leading transformation through operations for our customers and they can witness extensive growth in the market today.

Anto Tossounian, VP Solutions Consulting, Global Alliances and Channel,

Anto Tossounian, VP Solutions Consulting, Global Alliances and Channel, ServiceNow talked about how they are aligning to digital transformation capabilities and helping organisations across various industries to achieve success in response to the latest environment post-pandemic. Tossounian said that the pandemic has forced organisations to deliver IT services internally, the companies were forced to be able to manage how they are going to deliver services to their external organisation and service now finds a unique position to be the digital command standard for the enterprise to be able to deliver the best use cases of the enterprise.

Speaking at the event, Srikara CR, Senior Vice President – Consulting and Service Management, Microland emphasised the digital ear and said, “One of the key things that are happening is we are definitely in the digital world and Covid has suddenly turned things digital and everybody is moving in this direction of the digital ecosystem and adopting workflows to a big extent and as we can see that every single day the workflows are just getting smarter whether it is human resource, procurement, security, IT operations, digital ecosystem, and business application.” The event was concluded with an interactive QandA session and closing remark by Vivek Radhakrishnan, Senior Vice President – North America, Microland.

S E P T E M B E R 2 0 21

MEA

EVENTS

EMT Distribution, Symphony Summit AI host a virtual summit on Modernise Employee Experience On September 7, Global CIO Forum in association with EMT Distribution and Symphony Summit AI successfully hosted a virtual summit on Modernise Employee Experience and Improve Business Outcomes. The event was focused on how your employees are your first customers and the main anchor that takes your business to the next level. Therefore, it becomes critical to keep them empowered and satisfied. Modern employees comprise millennials and generation ‘Z’ who are constantly engaging with technology and expect their organisations to provide them with the best technological solutions that can help optimise their performance. The event was moderated by Nandini Sapru, Vice President of Sales, EMT and keynote speakers were Mohammad Mobasseri – CEO, emt Distribution, Satyen Vyas – President and CEO, Symphony Summit AI and Jay, Senior Solutions Consultant, Symphony Summit AI.

MEA

Mohammad Mobasseri, CEO, emt Distribution

Speaking at the event, Mohammad Mobasseri – CEO, emt Distribution talked about new trends in the industry and said, “Finally, we have introduced market magnitude technology seminars and we have done a lot of these events. The first 2020 and 2021 has been difficult to physical events. But we are more than happy to do these kinds of events in your country, for your employees and customers to basically educate them about the new trends, new technologies and of course challenges that happen for poor technical team from our side.”

Satyen Vyas, President and CEO, Symphony Summit AI

While addressing the session, Satyen Vyas – President and CEO, Symphony SummitAI said emphasised on their focus towards partners

S E P T E M B E R 2 0 21

and customers and said, “We are very focussed on being close to the customers and partners we saw and working with our distribution partners to be give the best value which is the reason not only we are disrupt and fast emerging IT management but over the last three years we are also the most preferred enterprise class IT solution competing against all the leading names such as Service Now or BMC.”

Jay, Senior Solutions Consultant, Symphony Summit AI

Speaking at the event, Jay, Senior Solutions Consultant, Symphony Summit AI highlighted how employees are the biggest strength for every organisation and explained the role of IT services, HR Services and Marketing Services in the Symphony Summit AI group. The event was concluded with an interactive QandA session.

EVENTS

Top UAE CIOs meet for golf and nutrition session at GCF Reboot Global CIO Forum successfully organised the 7th edition of GCF CIO Reboot on 31st August 2021. Top CIOs from the United Arab Emirates attended a calming golf session along with a very interactive session on balanced diet and stress given by Wellness Partner Eupepsia. Dietitian and certified weight management counsellor from Wellness Partner Eupepsia, Layan guided CIOs on meal plans tailored to each person’s body type and provides Theo’s point, a leading bio-individual meal provider, with guidance on building menus and recipes tailored to good nutrition and well-being. GCF Reboot focuses on striking an equilibrium between four pillars: Wellness, Fitness, Nutrition and Engage. It aims to provide CIO community members an opportunity to

interact with the experts from these four pillars which can help them imbibe the benefits of an all-round wellbeing. The following CIOs attended the meet: l Jayesh Maganlal, Group CIO, DAMAC l Sreejit Chakrabarty, Director of Robotics and Artificial Intelligence, GEMS Education l Sulaiman Abideen, IT Manager, Arabia Holdings l Shanaka Perera, IT Director, Kisawa Sanctuary l Hariprasad Chede, CISO, National Bank of Fujairah l Jacob Mathew, IT Head, Government of Abu Dhabi l Qusai Almaqdadi, Senior Manager - Digital and Emerging Technologies, EY

Global CIO Forum, Atos, AMD, hold virtual event on Advances in High-Performance Computing On August 25, Global CIO Forum in association with Atos and AMD successfully hosted a virtual session on Advances in High-Performance Computing- Tackling the world’s largest problems. The event was focused on how advances in high-performance computing can help to tackle the world’s biggest problems, whether it is weather forecasts, cleaner aircraft engines, genomics for personalised medicine, all these use cases require the computing power of supercomputers. During the event, Atos addressed all the highperformance computing needs with a wide range of complementary services and solution which completes the entire high performance computing stack for its partners. Advances in High Performance Computing- Tackling the world’s largest problems” virtual submitted was moderated by Arun Shankar,

Senior Editor of GEC Media Group. Highlights of Advances in High-Performance Computing event: l High-performance computing l HPC is fundamental for governments l Vision in HPC l Atos international presence l Atos HPC, artificial intelligence, and quantum

Andy Grant, Global VP, Strategic HPC Projects, Atos

Andy Grant talked about their product and services, some recent case studies and their impacts, and why they feel it is critical HTC supercomputers are such fundamental technologies for governmental industries and other organisations.

Damian O Gara, CIO, Kentech Group Mossad Mahmoud Mossad, Eltohami, System and Network Engineer, Al Aan TV l Samit Jha, Director of IT, Laticrete The event was held at Topgolf. Topgolf Entertainment Group is a technology-enabled global sports and entertainment community that connects people in meaningful ways through the experiences we create, the innovation we champion and the good that we do. What started as a simple idea to enhance the game of golf has grown into a movement where people from all walks of life connect at the intersection of technology and sports entertainment. The session was concluded by a relaxing evening where CIOs could unwind by playing golf. l l

He said, “Climate is warming and there are extreme weather events happing all the time. Being able to understand and predict ahead of time when this extreme weather event is going to happen is critical, whether its raising temperature, raising sea level and ice changes. Now, climate and weather have always been use cases of supercomputing and there is a need to examine these phenomena at much higher level of detail than is currently happening today.”

Michael Klemm, Principal Member of Technical Staff and Senior Field Application Engineer, AMD Michael Klemm highlighted the AMD EPYC Processor, AMD Instinct Accelerators and AMD Software stack and said, “EPYC processors drive application performance via the architectural innovation that AMD did in the past 10 years. So, we greatly improved compute performance, we have an outstanding memory performance and very capable input-output systems attached to the epic processors, so that you can efficiently talk to the fabric of the cluster or input-output sub-system.” The event was concluded with questions and answer session and key takeaways by Andy Grant, Michael Klemm, and Keyur Joshi, Head of Big Data, HPC and Cyber Products at Atos.

S E P T E M B E R 2 0 21

MEA

CHANNEL

AVEVA’s Operations Control available through AVEVA Flex as single subscription AVEVA, a global industrial software, driving digital transformation and sustainability, has announced that it will be making its Operations Control solutions available as a single subscription for the first time. This redefines the industrial software experience, going beyond Human Machine Interface, HMI, and Supervisory Control and Data Acquisition, SCADA, enabling industrial organisations of all sizes to develop collaborative workforces, scale effectively, and optimise operations for agility and efficiency. From Industrial Internet of Things, IIoT, architectures and cloud-driven remote edge management to multi-site supervisory control, AVEVA Operations Control software will be available via a flexible user-centric model, through the AVEVA Flex subscription programme in three core packages: Edge, Supervisory and Enterprise. These core solutions provide all the necessary tools for plant, field, control room, and enterprise teams to drive actionable information, collaborate effectively, and accelerate operational excellence.

The programme also offers access to add-on functionality with AVEVA Manufacturing Execution, and AVEVA Insight for advanced Artificial Intelligence, AI, and workflow management. AVEVA’s new Operations Control software subscriptions now allow end customers to use all of its products, the way they want to use them. AVEVA Operations Control offers an infinite range of possibilities for companies to connect operations and workers via the cloud, web and mobile to drive efficiency through collaboration and standardisation. It delivers supervisory, visualisation, collaboration, and analytics software in a single combined subscription providing unlimited access to actionable information. Every team, whether on the plant floor, in the control room, or operating across the enterprise, is empowered to do more, in collaborative alignment. Customers can build a reliable foundation towards operational excellence with AVEVA Operations Control. AVEVA offers the first single subscrip-

KERRY GRIMES, Head of Global Partners, AVEVA.

tion programme on that market that spans edge-to-cloud solutions for plant operations. The AVEVA Flex subscription programme is designed to provide access to the entire AVEVA portfolio, enabling customers to flexibly drive sustainable growth. It allows companies to achieve a faster return-on-investment, removing traditional barriers to software adoption and revolutionising the purchase and consumption of industrial software.

Zero Trust vendor ColorTokens partners with Finesse providing visualisation of IT infrastructure In a move to empower Middle East businesses with a fresh approach to coping with the escalating number of cyberthreats, ColorTokens, an innovator in Zero Trust-based cybersecurity solutions, has partnered with Finesse, a Dubai-based Information Technology, IT, system integrator. The Covid-19 pandemic has driven organisations to fast-track their digital transformation initiatives and embrace cloud solutions to adapt to the new normal. However, the digital shift has given rise to the proliferation of data breaches and ransomware attacks in 2020. The UAE alone saw a 250% increase in cyberattacks, targeting businesses across multiple sectors. This sharp increase in cyber incidents has prompted customer demands for a fresh approach to security.

MEA

(Left to right) Moe Bux, Sales Director, Credence Security, and Adhish Pillai, Practice Lead Cybersecurity, Finesse Direct, and Marie Ah-Choon, Channel Executive, Credence Security, and Garreth Scott, Managing Director, Credence Security.

ColorTokens offers an integrated approach to understanding and mitigating cyberthreats across networks, endpoints and applications through its award-winning Xtended ZeroTrust Platform, which comprises Xshield, Xprotect, and Xaccess. ColorTokens enables organisations to accurately assess and drastically improve their security postures, ensuring cyber-resiliency across cloud and hybrid environments. Xaccess, the newest addition to the Xtended

S E P T E M B E R 2 0 21

ZeroTrust Platform, is ColorTokens’ solution for Zero Trust secure access for remote employees, third parties, or contractors from distributed locations as they connect with their cloud or datacentre-based applications or data. Like Xshield and Xprotect, Xaccess is infrastructure-agnostic and clouddelivered to support unlimited, scalable access control regardless of resource and end-user location.

CHANNEL

With new office in Riyadh, Nexans positioned to provide on-ground support to Saudi customers ARAFAT YOUSEF, Managing Director, Middle East and Africa, Nexans Data Network Solutions.

Nexans Telecom and Data division, a supplier of end- to-end network infrastructure solutions, announced the opening of its office at Al Muruj in Riyadh, Saudi Arabia. In addition to Nexans Middle East hub in Dubai, this move increases Nexans presence in the Middle East, while bringing it closer to its customers and channel partners. The expansion, a natural evolution of Nexans growth strategy, will enable it to provide better, more tailored services to clients in Saudi Arabia and wider region, which includes its latest fiber and copper structured cabling solutions, data center solutions and Fibre to The Office FTTO concept. While there is increasing demand for flexible and scalable networking solutions inside commercial office buildings, Healthcare and Airport infrastructures, but also data centers, now enterprises are also looking at future sustainability and carbon footprint. Nexans will continue looking for opportunities for further growth in the Middle East region, while strengthening its position as a reliable partner for LAN and Data Center projects throughout the region. From its new office in Riyadh, Nexans is well positioned to deliver the latest in technology, including flexible and scalable LAN and data center solutions, while providing local on-ground support to customers in Saudi Arabia.

CyberKnight signs distribution agreement with Illumio for Zero Trust Segmentation Segmentation is a core pillar of a Zero Trust cybersecurity strategy, which assumes that breaches are inevitable and relies on a ‘never trust, always verify’ philosophy. According to ESG, Modern host-based micro-segmentation tools offer central management, distributed enforcement, tamper-proofing, and strong security that aligns well with the requirements for large distributed hybrid cloud environments. By implementing segmentation solutions, organisations can ensure that ransomware and other attacks infiltrating IT do not spread and become cyber disasters. To help enterprise and government customers stop the lateral movement of cyberattack, CyberKnight has signed a distribution partnership with Illumio, the pioneer and leader of Zero Trust Segmentation. Illumio is recognised as a Leader in Zero Trust platforms by Forrester Research in The Forrester Wave: Zero Trust eXtended Ecosystem Platform

WAEL JABER, VP Technology and Services at CyberKnight.

Providers, 2020 report. The company is also recognised by Deloitte Fast 500 and Forbes Cloud 100. Illumio stops attacks like ransomware and contains them to their initial point of entry, which dramatically reduces risk and keeps data, organisations, and people safe. In any cloud, container and data center environment, Illumio Core accelerates the time to achieve Zero Trust Segmentation with real-time application visibility and insights, and reduces the time to enforcement by automating policy generation. Additionally, Illumio Edge, Illumio’s endpoint segmentation solution, drastically reduces the risk of ransomware and malware propagating laterally throughout an organisation by containing attacks by default. This solution blocks all unnecessary inbound network communications to significantly reduce the risk of malware spreading peer to peer without the fear of false positives.

S E P T E M B E R 2 0 21

MEA

CHANNEL

Nozomi Networks launches new ADVantage Partner Programme with incentives for high performers

IVAN FOREMAN, Senior Director of Global Channel Sales at Nozomi Networks.

Nozomi Networks, announced it has enhanced its channel programme to fully mobilise its global network of partners for aggressive growth and success. The new Nozomi Networks ADVantage partner programme rewards top partners that commit to building successful business with Nozomi Networks with unparalleled margins, go-to-market tools and programmes, and certifications. In addition to supporting high performing partners with generous profit margins, Nozomi Networks’ new ADVantage partner programme includes increased presales support, streamlined processes for deal registration and protection, advanced training and certification, and partner-exclusive demo accounts of Nozomi Networks’ flagship SaaS product Vantage. Nozomi Networks responded early with AI-powered network visibility and security solutions that integrate and work across IT, OT, edge, and cloud environments. Vantage, and subscription pricing options across the company’s entire product portfolio, make it possible for partners to leverage cloud-based industrial cybersecurity for their customers that enables them to scale quickly while minimising complexity and cost.

Security VAD CyberKnight signs with Checkmarx application security testing vendor According to Gartner, by 2023, 90% of web-enabled applications will have more surface area for attack in the form of exposed APIs rather than the user interface UI, up from 50% in 2020. By 2022, API abuses will move from an infrequent to the most frequent attack vector, resulting in data breaches for enterprise web applications. Nowadays, organisations require application security technologies that are easy to deploy and provide high assurance, protection, high-value findings, without slowing down operations and overall performance. To address customer challenges related to application security: source code scanning, software composition analysis, application security testing and DevSecOps, CyberKnight has signed a distribution partnership with Checkmarx, a global leader in application security testing solutions for modern enterprise software development. For four consecutive years, Checkmarx has been named a leader in the Gartner Magic Quadrant for AST.

VIVEK GUPTA, Co-Founder and COO at CyberKnight.

MEA

S E P T E M B E R 2 0 21

CHANNEL

Trend Micro partners with Oregon systems to boost its operational security solutions

(Left to right) Toni Azzi, General Manager, Qatar, North Africa and Levant at Mindware; and Chris Ross, SVP Sales, International at Barracuda.

Trend Micro, a global vendor in cybersecurity solutions, through its association with TXOne Networks, a specialist in operational technology OT security, partnered with Oregon systems, a regional leader and distributor of security solutions, for the distribution of its OT security solutions in the region. The agreement was signed between both organisations in the presence of Mohamed Mrad, Channel Director MENA, Trend Micro, and Ali Mohammed, CEO, Oregon systems. This partnership will strengthen Trend Micro’s alliance and footprint whilst facilitating seamless distribution of an array of Trend Micro OT security solutions in the region. A collaboration of this nature is of great significance at a time when digital transformation continues to soar across the region, as enterprises continue to strengthen their position in response to the global pandemic. Partnership covers distribution and implementation of Trend Micro OT security solutions in Saudi Arabia, UAE, Qatar, Bahrain, Oman, Kuwait and Iraq.

Specialised system integrator EIS joins Extreme Networks partner programme in UAE Recognising the growing need for UAE organisations to establish robust network connectivity that supports the accelerated digitalisation of services for both customers and employees, EIS, a specialised system integrator for ICT, ELV and Audio-Visual solutions and services, has signed a partnership agreement with Extreme Networks, a cloud-driven networking company. The agreement, which focuses on the United Arab Emirates, will see the systems integrator offering specialised design, deployment, and end-to-end management services for Extreme’s portfolio of networking solutions. EIS is also a member of the Extreme Partner Programme, having achieve Authorised Partner status. In line with the networking needs and ambitions of these market segments, EIS will focus on the range of Extreme solutions that address network automation, insight, and assurance; agile, scalable, secure, and resilient connectivity; and robust, high-performance Wi-Fi.

(Left to right) Maan Al-Shakarchi, Regional Director, META at Extreme Networks at Extreme Networks; Zia Ul Mazafary, General Manager at EIS.

Among these offerings is ExtremeCloud IQ, a machine learning and AI- driven cloud management solution, built on a 4th generation cloud platform. Integrated with Extreme’s end-to-end enterprise networking technology, it assists in collecting data to build, secure, and maintain agile and distributed work environments. As a channel driven organisation, Extreme

sees the partnership with EIS as fundamental to its go-to-market strategy in the UAE. While EIS has a proven track record in effectively serving the IT needs of organisations across a broad range of sectors, through the initial phase for its partnership with Extreme, the systems integrator will focus on the UAE’s Real Estate, Healthcare, Hospitality and Education verticals.

S E P T E M B E R 2 0 21

MEA

CHANNEL

Trend Micro launches Partner Demand Programme WeDiscover across MENA Trend Micro has launched its Channel Partner Demand Generation Programme, WeDiscover with a focus to strengthen its market presence across the Middle East and North Africa, MENA, region. The programme is designed to help partners leverage Trend Micro solutions while helping them differentiate their services, build new security expertise, and grow profitable businesses as they meet customers’ needs in a dynamic security market. The evolved demand generation initiative provides a well-designed framework for channel partners to identify unexplored markets, investigate newer revenue streams and accelerate sales. We Discover Programme highlights: l Robust commitment from Trend Micro: Seamless collaboration among Business Management, Sales, Marketing, and technical teams with the committed partners. In addition to the flexibility to choose from a range of Trend Micro solution portfolios to effectively generate opportunities. l Maximise partner opportunities: WeDiscover programme helps partners to identify opportunities and close the deal within a period of 180 days. l Empower partner success: Comprehensive marketing tools, co-branded collaterals, and digital marketing support for the partner to assist end-toend customer journey effectively. l Earn Rewards and incentives: Motivate partner’s team members with exciting merchandise via TrendSetter partner incentive programme, WeDiscover Tools, Online rewards payouts, enablement programmes and Solution Offering Packages.

MEA

S E P T E M B E R 2 0 21

SECURITY

Bad Bots account for staggering 40% of Internet traffic according to Barracuda Once used primarily by search engines, automated bots now account for nearly two-thirds of all Internet traffic. This is according to new research by Barracuda, which found that bad bots, which carry out a range of malicious activities including web and price scraping, inventory hoarding, account takeover attacks, Distributed Denial of Service, DDoS, attacks, and more, now account for a staggering 40% of all Internet traffic. Over the last year, owing to lockdowns and a growing emphasis by organisations on offering digital services, consumer’s utilisation of online shopping and other online services has skyrocketed. Attackers have been quick to attempt to exploit this popularity and Barracuda’s researcher found that eCommerce applications and login portals are now most targeted by advanced persistent bots.

While the Internet activity of bad bots now exceeds that of humans, attackers have been developing these automated programmes in a manner that mimics human activity. Most notably, Barracuda’s research found that bad bot behaviour peaks during work hours, closely mirroring trends in human Internet utilisation. This is in

sharp contrast to good bots are not trying to circumvent security defences and therefore maintain traffic rates that are fairly constant through the day. Though the rise of public cloud has had an undeniably positive impact, it has also empowered cybercriminals. Barracuda’s research shows that most bot traffics now

Kaspersky detects 1,500+ fraudulent resources aimed at crypto investors, crypto mining Since the beginning of the year, Kaspersky has detected more than 1,500 fraudulent global resources aimed at potential crypto investors or users who are interested in cryptocurrency mining. During this period, the company also prevented more than 70,000 user attempts to visit such sites. The most common schemes used by cybercriminals included: l Creating fake cryptocurrency exchange websites: in this case, the user is allegedly given a coupon for replenishing an account on a crypto exchange. However, to use it they must carry out a verification payment of usually no more than 0.005 bitcoin about 200 US dollars, which becomes the cybercriminals’ profit l Sending messages about fake sales of video cards and other equipment for mining: to purchase equipment, the user needs to make an advance payment. After providing it, the author of the ads stops communicating l Creating phishing pages with various content to steal private keys, which allow cybercriminals to gain access to all digital

assets associated with a crypto wallet. Typically, cybercriminals locate sites in popular domain zones: .com, .net, .org, .info, as well as in zones where domain acquisition is cheap: .site, .xyz, .online, .top, .club, .live. A distinctive feature of phishing and other types of cryptocurrency fraud is the high level of

detail on phishing websites. For example, on fake crypto exchanges, real data, such as bitcoin rates, is often loaded from existing exchanges. Attackers understand that people who are investing or are interested in this area are often more tech-savvy than the average user. Therefore, the cyber crooks make their

S E P T E M B E R 2 0 21

MEA

SECURITY

ThreatQuotient wins Frost and Sullivan’s Best Practices Strategy Leadership Award ThreatQuotient, announced that Frost and Sullivan has presented ThreatQuotient with the 2021 Best Practices Competitive Strategy Leadership Award for excelling in Extended Detection and Response. Frost and Sullivan strictly reserves this recognition for companies at the forefront of innovation and growth in their respective industries, and believes that ThreatQuotient will emerge as a transparent and reliable vendor that supports security operations aligned with XDR’s vision. ThreatQuotient’s security operations platform, ThreatQ, takes a data-driven approach to simplifying detection and response through high fidelity data management capabilities and near endless integration options and capabilities. ThreatQ’s open integration architecture empowers customers to embrace XDR by fusing together disparate data sources, systems and teams through its innovative DataLinq Engine. This adaptive engine imports and correlates external and internal data; curates and analyses data for decision making and action; and exports a prioritised data flow across the

JOHN CZUPAK, President and CEO, ThreatQuotient.

infrastructure for accelerated detection and response. Frost and Sullivan’s extensive and ongoing analysis on the XDR space, coupled with stringent award criteria, identified ThreatQuotient as a leading vendor-agnostic solution that aggregates data from a wide range of security controls e.g., endpoint, cloud, network,

enabling security teams to detect, investigate, and respond to threats in a faster and more holistic manner. ThreatQuotient earned the 2021 Frost and Sullivan Global Competitive Strategy Leadership Award in XDR for strong overall performance in all categories: strategy effectiveness and execution, competitive differentiation, executive team alignment, stakeholder integration, price and performance value, customer purchase and ownership experience, and customer service experience. According to the Frost and Sullivan award write-up, ThreatQuotient’s security operations platform already outperforms most early XDR offerings by enabling the correlation of threat data, integrating with a wide range of third-party solutions, and taking a data-driven approach to automation. Positioned as a company that will power the industry evolution towards the XDR vision, this recognition comes on the heels of two major product updates announced in 2021: ThreatQ TDR Orchestrator and ThreatQ Data Exchange.

Mindware, EC-Council sign agreement to launch Certified Ethical Hacker programme With digital threats on the rise, Mindware, one of the leading Value-Added Distributors in the Middle East and Africa, announced that it had signed a partnership with the International Council of E-Commerce Consultants EC-Council. EC-Council is the owner and developer of the world-renowned Certified Ethical Hacker CEH programme as well as multiple other cybersecurity programmes. The institution has trained and certified over 200,000 information security professionals globally, that have influenced the cyber security mindset of countless organisations worldwide. As per the agreement, Mindware will leverage the presence of EC-Council to offer cybersecurity certification, education, training, and services in various cybersecurity skills to partners and customers across the Middle East and North Africa

MEA

(Left to right) Jay Bavisi, CEO and President of EC-Council Group L and Philippe Jarre, CEO at Mindware.

MENA region. The courses are intended to prepare employees, contractors, temporary workers, and any additional representatives who perform authorised functions online, by offering the necessary information to defend themselves and secure their organisation’s assets from damage or loss. The latest partnership further strengthens Mindware’s security portfolio and enables the VAD to position itself as a one-stop-shop

AU S EP GT UEST MB 2E 0 21 R 2 0 21

for security solutions and services. With the specific needs for the region in mind, Mindware and EC-Council will focus on the following training courses: l Certified Ethical Hacker CEH l Certified Network Defender CND l Computer Hacking Forensic Investigator CHFI l EC-Council’s Certified Incident Handler ECIH

SECURITY

Develop a New Mindset

Over the years, the security industry has pushed a mantra – ‘it’s not if you have been hacked, but when you have been hacked’. That might in fact be true. But why do we always stop there? Isn’t that statement a bit defeatist by nature? Let’s overcome this reactive way of thinking about cybersecurity and invest in technologies that deterministically prevent 100% of cyberattacks. Secure Software

Start implementing security controls in the ideas phase. For software already in production, don’t settle for anything less than zero adversary dwell time. The goal is 100% efficacy and it’s the difference between the exhaustive list of recent cyber headliners and total protection across all of our software. Optimise Current Workforce

The government needs to hire hundreds of thousands more cyber security practitioners. Don’t stop there. On the other side of this coin lies the need to automate complex and archaic cyber practices, drive out unnecessary human intervention and create an environment of prosiliency. Focusing on optimising what resources we already have will greatly impact the effectiveness of current government security professionals by reducing complexity and streamlining processes.

KEVIN JONES, VP Public Sector Corporate Development at Virsec.

White House cybersecurity summit is just the start of overdue industry wide initiatives The White House hosted a cybersecurity summit to address the rolling headline-making cyberattacks. According to news reports, the federal government and several major technology companies announced numerous important initiatives including better integrating cybersecurity into their products, Microsoft and Google; improving cybersecurity training IBM, and developing a new framework for improving cybersecurity for technology supply chains, NIST. While there has already been some criticism that the event was more symbolic than policydriven, all of these measures are important

Invest in Innovation

The federal government must invest in new, innovative solutions and approaches that challenge today’s cybersecurity paradigm. We’d be hard-pressed to deny the fact that the vast majority of innovation comes from start-ups, not big tech.

steps towards solving the cyber crisis in which we find ourselves. Now, let’s push this conversation to the next level. We still have a $10.5 trillion problem to solve and need to share our collective industry insights and innovation. As former Cisco Chairman and CEO John Chambers remarked in his interview with Yahoo! Finance today, “The startups are where the innovation happens.” Public and private enterprise have an obligation to think bigger, innovate faster and ultimately evolve our collective cyber experience. A few thoughts…

Protect Legacy Systems

We still have to protect the base while we innovate in new and exciting ways. Billions of dollars continue to be spent on keeping legacy software systems alive. They’re still a prime target for today’s cybercriminals and that won’t change for some time, so let’s fully protect them—bugs and outdated versions included—while we change our paradigm. In the meantime, we will continue to follow the expected outcomes of today’s meetings and welcome the opportunity to share our unique perspective in future private-public collaborative endeavors.

S E P T E M B E R 2 0 21

MEA

SECURITY

Mimecast joins XDR alliance of 60 vendors to define inclusive and open framework The goal of the XDR Alliance is to foster an open approach to XDR which is essential to enable organisations everywhere to protect themselves against the growing number of cyberattacks, breaches, and intrusions. Collaboration is at the core of Mimecast’s industry leading cyber resilience ecosystem, which includes Exabeam plus 60 other partners, and supports the open framework that are engineered to underpin threat sharing, control points and remediation capabilities which are fundamental to the modern enterprise. The integration among the XDR members is designed to allow organisations to gain greater insights into their threat landscape, reduce complexity, minimise risk and improve threat detection and response times. The charter of the XDR Alliance is to define an inclusive and open XDR framework and architecture that enables SecOps teams to improve their SOC and their threat detection, investigation, and response TDIR by better integrating their current, evolving, and new

tools and applications. The open framework will help ensure better interoperability across XDR security technologies resulting in shorter time to value and greater ease of use for security teams. The alliance will also foster collaboration on XDR market education and awareness. XDR Alliance members represent the subcategories of SecOps including security analytics, security information and event management SIEM, data lake, endpoint, identity management, email security and archive, cloud, network, OT, IoT as well as managed security service providers MSSPs, Managed Detection and Response Services MDRs and Systems Integrators SIs. The founding members of the XDR Alliance encourage security vendors to participate in the alliance for the continuous improvement of threat detection, investigation, and response TDIR outcomes. If your organisation would like to apply, please visit the XDR Alliance member application page.

Chinese threat actors compromising SE Asiatelecoms for corporate access claims Cybereason

several prominent Advanced Persistent Threat APT groups aligned with the interests of the Chinese government. Cybereason observed a significant overlap in tactics, techniques and procedures across the three operations and assessed that the attackers were likely tasked with parallel objectives under the direction of a centralised coordinating body aligned with Chinese state interests. Key findings include: • Adaptive, Persistent and Evasive: The highly adaptive attackers worked diligently to obscure their activity and maintain persistence on the infected systems, dynamically responding to mitigation attempts after having evaded security efforts since at least 2017, an indication that the targets are of great value to the attackers. • Compromise of Third-Parties to Reach Specific Targets: Similar to the recent SolarWinds and Kaseya attacks, the threat actors first compromised third-party service providers — but in this case instead of using them to deliver malware through a supply chain attack, the intent was to leverage them to conduct surveillance of their customers’ confidential communications.

JULES MARTIN, Vice President Ecosystem and Alliances at Mimecast.

Mimecast announced it has joined Exabeam’s XDR Alliance as a founding member. The alliance is a partnership of leading cybersecurity industry innovators committed to an inclusive and collaborative extended detection and response XDR framework and architecture.

Cybereason, announced the discovery of several previously unidentified cyberattack campaigns infiltrating major telecommunications providers across Southeast Asia. Similar to the recent SolarWinds and Kaseya attacks, the threat actors first compromised third-party service providers — but in this case instead of using them to deliver malware through a supply chain attack, the intent was to leverage them to conduct surveillance of their customers’ confidential communications. The report comes on the heels of the Biden administration’s public rebuke of China’s Ministry of State Security for the recent HAFNIUM attacks that exploited vulnerabilities in unpatched Microsoft Exchange Servers and put thousands of organisations worldwide at risk. Exploitation of these same vulnerabilities were central to the success of the attacks detailed in this research. In the report, titled DeadRinger: Expos-

MEA

LIOR DIV, Cybereason CEO and Co-Founder

ing Chinese Threat Actors Targeting Major Telcos, multiple clusters of attack activity were identified that have evaded detection since at least 2017 and are assessed to be the work of

S E P T E M B E R 2 0 21

SECURITY

5.4 million DDOS attacks recorded in 1H 2021 according to NETSCOUT’s ATLAS Response Team According to research from NETSCOUT’s ATLAS Security Engineering and Response Team, threat actors launched approximately 5.4 million Distributed Denial-of-Service attacks in the first half of 2021, an 11% increase from the same time period in 2020, putting the world on track to hit close to 11 million DDoS attacks in 2021. But Q2’s numbers do show some signs of abatement: l ASERT observed 2,488,048 attacks in the second quarter, a 13% decrease compared with the first quarter’s extraordinary number of 2,863,882. l The second quarter 2021 numbers also decreased by 6.5% compared with the same period in 2020. l In June, monthly DDoS attack numbers dropped below 800,000 for the first time since March 2020, to 761,914. Second Quarter 2021 Total attacks: 2.48 million Max size: 530 Gbps Max throughput: 391 Mpps Average duration: 59 minutes

But although attack frequency has dropped, we are nowhere near the attack numbers that were considered normal prior to the onset of the COVID-19 pandemic. To put things in perspective, we pulled data from before the pandemic: 2019. In comparison, the second quarter numbers from 2021 showed a continued high level of activity:

13% more attacks in 2021 than 2019 The lowest monthly number of attacks for Q2 21 came in June, with 761,914 attacks. That low number nonetheless topped the highwater mark of Q2 2019: April’s 755,748 attacks. l Several other things jumped out from our review of both quarterly and first-half statistics for 2021. l l

From Mar 2020-Jul 2021 Kaspersky prevented million+ visits to 5,000 pandemic-phishing sites From March 2020 to July 2021, the global cybersecurity company prevented over a million user attempts to visit these sites. To better understand how scammers exploit the epidemiological challenge, Kaspersky experts analysed pandemic-related spam emails and phishing pages designed to steal users’ credentials. Various fake payment offers and discounted COVID-19 tests are among the most common schemes used by cybercriminals. Recently, phishing ads for fake QR codes and vaccination certificates for restaurants and public events have become popular. Pandemic-related scamming activity peaked in March 2021. Kaspersky researchers observed a slight decline in June, before cybercriminals intensified their efforts. During this month, Kaspersky products detected and blocked 14% more pandemic-related phishing websites than they did in May. “In most pandemic-related fraud, cybercriminals aim to obtain user data. Phishing is often used for this: a user follows a link from an ad or email and gets to a page where they are asked to enter personal information and bank card details. Once they have this information, attackers can use it to steal money from a target’s accounts. If you see a message about the pandemic, we recommend you always doublecheck the information is from an official source and never give your personal data to suspicious sites,” comments Alexey Marchenko,

S E P T E M B E R 2 0 21

MEA

SECURITY

Tenable embeds foundational checks within solutions to detect weaknesses in Active Directory In the wake of a growing number of both ransomware and sophisticated attacks, Tenable, the Cyber Exposure company, has developed 10 foundational configuration checks for its solutions, including Tenable.io, Tenable.sc and both Nessus Professional and Nessus Essentials, that assess Microsoft Active Directory security readiness and align remediation efforts based on the threat landscape. These checks leverage Tenable’s expertise in securing Active Directory environments through Tenable. ad and are available immediately for existing customers at no extra charge. Bad actors have set their sights on the one system that connects everything on the corporate network-- from cloud, web apps, traditional IT and operational technology OT: Active Directory. According to Frost and Sullivan, 90% of the Fortune 1000 use Active Directory as their primary method for authentication and authorisation. Active Directory is almost always the first

target for bad actors once they gain a foothold in the enterprise. The Solarwinds hack and a string of high-profile ransomware attacks that crippled critical infrastructure have highlighted the critical role that Active Directory plays in enterprise security and the problems which can occur if not expertly configured, audited and monitored for high-risk activities. In response to this growing crisis, Tenable has launched 10 foundational checks within its solutions to help customers detect commonly exploited weaknesses in Active Directory, protecting credentials and preventing privilege escalation. Organisations can immediately use the checks to assess their exposure to a range of risks, including Kerberoasting attacks, poorly configured or managed passwords and vulnerable encryption protocols. From there, security teams can take remedial action to close these potential attack paths before they are used against them. The Active Directory Security Readiness

RENAUD DERAISON, Co-Founder and CTO, Tenable.

Checks are now generally available in Tenable. sc, Tenable.io, Tenable.ep, Nessus Professional and Nessus Essentials. Customers interested in a complete Active Directory security solution are encouraged to learn more about Tenable. ad, which offers these foundational checks along with more comprehensive assessment capabilities.

Cost of data breach in Middle East $6.74M versus $4.24M globally finds IBM Security IBM Security announced the results of a global study, based on in-depth analysis of over 500 real-world data breaches occurring over the past year across 17 countries, including the Middle East region, and among 17 different industries. According to the study, the Middle East region is the second highest average breach cost amongst the 17 regions studied. The study on organisations surveyed in the Kingdom of Saudi Arabia KSA and the United Arab Emirates UAE suggests that security incidents became more costly and harder to contain due to drastic operational shifts during the pandemic. The financial impact of these security incidents in the Middle East has risen by 6% over the past year and has reached the highest cost in the report’s 8-year history in the region. These data breaches cost companies studied in the region $6.93 million per breach on average, which is higher than the global average of $4.24 million per incident. Businesses were forced to quickly adapt their technology approaches last year, with

MEA

many companies encouraging or requiring employees to work from home, and 60% of organisations moving further into cloud-based activities during the pandemic. The new findings released today suggest that security may have lagged behind these rapid IT changes, hindering organisations’ ability to respond to data breaches. The annual Cost of a Data Breach Report, conducted by Ponemon Institute and sponsored and analysed by IBM Security, identified the energy sector, financial services, and healthcare as the top three industries per record cost of a data breach in the Middle East region. The study also found that breaches cost companies surveyed in Saudi Arabia and the UAE $194 per lost or stolen record on average. While phishing attacks were the most common root cause of breaches that target organisations in the region, followed by stolen user credentials such name, email and password. While certain IT shifts during the pandemic increased data breach costs, organisations

S E P T E M B E R 2 0 21

HOSSAM SEIF EL DIN, General Manager IBM in the Middle East and Pakistan.

surveyed in Saudi Arabia and the UAE who said they did not implement any digital transformation projects to modernise their business operations during the pandemic actually incurred higher data breach costs. The cost of a breach was 10% higher than average at organisations that had not undergone any digital transformation due to COVID-19.

Your Surveillance Partner

NOW MOBILE. SKYHAWK APP

for Security Professionals and Surveillance Installers Stay connected on the go, easily build estimates, quickly calculate storage, and locate your nearest reseller.

Download the SkyHawk App today

Now available on:

marketing@asbisme.ae

COVER STORY

Virsec delivers visibility across the entire workload and detects, and blocks known and unknown threats BOBBY GUPTA,

Senior Vice President, International and Corporate Development, Virsec.

MEA

S E P T E M B E R 2 0 21

COVER STORY

SECURING AND PROTECTING

APPLICATION WORKLOADS AND RUN-TIME MEMORY

By monitoring and protecting how application workloads are executed in-memory, Virsec has established for itself a unique position in the cyber security solutions space.

he world runs on software, and with the onslaught of damaging attacks to it, the world is also in a cyber crisis. Clearly, cyber security products are not working well enough.

Traditional and legacy security solutions are simply not enough to protect organisations from the extremely advanced attacks we are seeing today. The future of cybersecurity resilience for all enterprises includes fully protecting software. “We call it, Cybersecurity 3.0. So, Cybersecurity 1.0 was the firewall, which started in the 90s. Then Cybersecurity 2.0 came, and it was all about AI, machine language, learning patterns and more probabilistic. It started around four or five years back, as was very probabilistic. We said, if the cybersecurity companies in the world right now are doing their

A problem for large enterprises is, no single vendor is giving them the complete one stop shop, one suite

job, you will not see attacks like supply chain attacks,” explains Bobby Gupta, Senior Vice President, International and Corporate Development, Virsec. Cyber security 3.0, is therefore an integrated approach, which fully protects from the inside and is deterministic. “If you look at hackers, they are very smart, and are two years ahead of anyone else. If I am hacker, I can go into the source code and the applications,” adds Gupta. Using the example of Google Maps, if you want to go from point A to point B on Google Maps, and you take a small path deviation, the map puts you back on the right track. In a similar way, the way source code of software has been written, if a hacker is trying to tweak the source code, Virsec can figure it out in milliseconds and protect it. It is near impossible to keep up with repeated patching schedules, especially with Zero Day and Minus Today attacks, where the patches do not even exist. Another problem is the lag in response time since perimeter defences are permeable. Gupta points out, “We are deterministic and not probabilistic. We stop attacks in milliseconds at the source code.”

HOW IT WORKS Virsec Security Platform stops sophisticated attacks at the first point of insurgence, so an adversary does not have the dwell time in software to orchestrate and execute their malicious plans. Virsec eradicates threats to software workload at runtime, in real-time, while reducing the cost of security operations. Virsec protects software as it is executing. With more than 50 patents, Virsec provides application-aware workload protection platform that incorporates system integrity assurance, application control and memory protection into a single solution. Virsec delivers visibility across the entire workload and detects, and blocks known and unknown threats that remain concealed by endpoint security solutions.

S E P T E M B E R 2 0 21

MEA

COVER STORY

It is near impossible to keep up with repeated patching schedules, especially with Zero Day and Minus Today attacks, where the patches do not even exist

The Virsec solution maps the expected performance of each application on a workload and protects the memory those applications use to execute. Virsec ensures that the components of those applications are correct and unmodified before they are allowed to execute, and any deviation from the norm is treated as a threat. Virsec protects software in the workload in an automated and enterprise-friendly way. A primary problem for large enterprises is – no single vendor is giving them the complete one stop shop, one suite - who can do the web production, the memory, and the application production. Normally, most large enterprises typically have 20-25 products, doing the endpoint detection response and other solutions. But no single vendor is giving them the full protection at the application level, according to Gupta. Another benefit is the savings from the cost of people you need to add at the SecOps level. By utilising Virsec, enterprises do not need all those tools and resources. What Virsec provides is protection as well as 83% reduction in the Opex model. It is a quick way to protect against full stack, and you need fewer human resources to manage the cyber security infrastructure. “At the end people see our value, because there is a huge gap at the level of memory protection, which we fulfil,” continues Gupta.

CHANNEL GOTO MARKET Virsec protects any container, any workload, and provides runtime, application aware protection. Virsec provides server, workload, container protection, whether it is on premises or in cloud data. “We fully protect the applications from any environment and focus on large enterprises,” says Gupta. A lot of Virsec’s traction in the US, Middle East, India, Australia, is in the government sector, military, and critical infrastructure. Virsec stops and protects attacks happening at critical infrastructure, government, banking, and oil and gas. Virsec has been operating in the Middle East for the last two years and many of its contracts have been from the regional defense industry. Vir-

MEA

S E P T E M B E R 2 0 21

sec’s first contract when it entered the region was through global player Raytheon Technologies and was in Jordan. Raytheon remains a key regional and global partner in Virsec’s goto market. “Raytheon is a global defence supplier, and we work with them in US and in other markets,” explains Gupta. Virsec has 50+ patents globally and on the basis of that players like Raytheon Technologies have formed partnerships, because they could see real value in that. And depending on this value, investors such as John Chambers have also said, “Yes, I can bank on this one.” Other than Raytheon, and other global players like Tech Mahindra and Schneider Electric, Virsec also has value added cybersecurity channel partners including FVC, Catalyst Business Solutions, MetaBytes, Paramount Qatar, and Mannai Qatar. “Our biggest asset is local channel partnerships,” says Gupta. “We will be announcing partnerships with more channel partners in the region.” Across the Middle East, UAE, Saudi Arabia, and Qatar are the primary markets for Virsec. Through its channel partners, Virsec has a customer in every vertical.

TELECOM PLAYERS AND MSSPS Inside the US, Virsec has good traction with large enterprises, especially government and banking. Outside the US, Virsec is seeing demand from telecom service providers, mnaged security service providers, and datacentres with security operation centres. Every global systems integrator has a security operations centre and are trying to build their managed security services. “Datacentres and telecom service providers need someone like Virsec to fulfil the gap. We are also seeing a big uptake of managed security services. The fastest growing business model for us is the managed services model,” says Gupta. Virsec is engaging with large telecom service providers in the APAC region, including Australia, Singapore, and Japan. “It is a quick run rate, and they bring partners on board, they see value, and that is a great model.” Partners like India’s Yotta Data Centre, FVC and Catalyst come into the picture because they have their own installed base as well. Virsec also has a strong partner training programme and supports the initial end customer installations. In July this year, Virsec received $100 million Series-C investment. Virsec’s Series C investors range from the former Chairman and CEO of Cisco, John Chambers, to the former Chairman and CEO of EMC, Mike Ruettgers, to a number of former high-ranking government and intelligence officials. The completion of the round brings total funding in the company to $137 million. Virsec has a global advisory board and regional advisory board, with regional directors for every region. John Chambers is a key investor and advisor to the Virsec Board. As we move into the post pandemic recovery phase, both enterprises and global security vendor Virsec will be repositioning themselves to take advantage of a transformed approach to global and regional business dynamics.

COVER STORY

FAILURE OF LEGACY AND PRESENT-DAY CYBER SECURITY SOLUTIONS The software that drives modern business and infrastructure is increasingly complex, distributed, and interconnected. At the same time, we are seeing cyberattacks on critical applications skyrocket, as the attackable surface area of our systems has greatly expanded. Unfortunately, conventional security hasn’t kept up. There are several converging factors that have caused a cybersecurity perfect storm that threatens the integrity of our applications and the businesses that depend on them. These include explosion of applications, dramatic increase in attack types, expanded attack surface. Most experts agree that the precursors to the next damaging attack are already inside your network. This has effectively moved the battleground from the perimeter to inside the application workload. The goal of modern hackers is to enter innocuously and corrupt applications as they execute during runtime. These attacks increasingly occur in process memory where they can act undetected, derail applications, expose sensitive data, and leave few clues behind. Most security is chasing yesterday’s threats. The first wave of security focused on networkbased tools, like firewalls, IPS, or WAFs. These only protect at the perimeter and are increasingly porous because they lack context or visibility into the attack targets – enterprise applications. The next wave of security tools focused on the endpoint – trying to keep our devices and workstations free of malware. These tools depend on past knowledge of what’s been seen before, compiling endless lists of signatures, and policies to stay up to date. This blacklisting model is cumbersome and proven to be ineffective at protecting server workloads. According to the Verizon Data Breach Investigation Report, 70% of breaches target servers – not endpoints. To effectively protect these application workloads, we need to rethink our approach, focusing on protecting these critical assets from the inside. We also need to look at the problem comprehensively and avoid adding more point products with only partial solutions. Most security tools are trying to accomplish a hopeless task – prevent anything suspicious from getting past the perimeter, with little insight into what is good or bad. Today’s security battleground has shifted to the application workload, where code is running. Advanced attackers know how to bypass perimeter tools and corrupt applications as they execute in runtime. Modern security needs to start from the inside – with the application itself. An application-centric approach focuses on understanding what apps are supposed to do, monitoring them as they execute and making sure they never get derailed – regardless of external threats, vulnerabilities, or zero-day attacks. Stopping attacks before they happen requires either prior knowledge or lucky guesswork. This process is inherently backwards looking. If you’ve seen a threat before and have a signature or a detailed rule to identify it, then you can stop it – assuming it has not changed since the last time you saw it. Attackers, of course, know this and are very adept at obfuscating attacks, or using new techniques that have not been seen before. They are also increasingly adept at using fileless and memory-based techniques that have no discernable footprint from the outside and only weaponise as code executes. This is compounded by the use of in-memory attacks that are transient, only existing when code executes, leaving few clues behind.

Excerpted from The Need for Application-Aware Workload Protection, Five Key Steps for More Effective Cybersecurity, by Virsec.

S E P T E M B E R 2 0 21

MEA

INNOVATION

CAUTIOUS STEPS INTO USAGE AND APPLICATIONS OF AI

It is simply too early to tell what kinds of impact artificial intelligence will have on society, while existing laws apply to very specific areas.

rtificial intelligence ethics is a system of moral principles and techniques intended to inform the development and responsible use of artificial intelligence technology. As artificial intelligence has become integral to products and services, organisations are starting to develop artificial intelligence codes of ethics. An artificial intelligence code of ethics, also called an artificial intelligence value platform, is a policy statement that formally defines the role of artificial intelligence as it applies to the continued development of the human race. The purpose of an artificial intelligence code of ethics is to provide stakeholders with guidance when faced with an ethical decision regarding the use of artificial intelligence. The rapid advancement of artificial intelligence in the past five to ten years has spurred groups of experts to develop safeguards for protecting against the risk of artificial intelligence to humans. However artificial intelligence code of ethics is very much dependent on the cultures and for instance European code of ethics is not necessarily applicable to the Middle East or vice versa. Modern machine learning systems are so complex, and consume such an incredible amount of data, that explaining how they make decisions to lawmakers let alone regulating it is a tall order. Also consider the fact that artificial intelligence has numerous applications across many different fields and industries healthcare, financial services, criminal justice, education, insurance, just to name a few. A traditional regulatory approach would likely be ineffective and incredibly hard to enact. That is why, for the time being, many governments are taking a tentative approach to artificial intelligence laws. In many cases, it is simply too early to tell what kinds of wide-ranging impacts artificial intelligence will have on society. Existing laws and regulations apply to very specific areas of artificial intelligence application. The team leader is an artificial intelligence architect who knows how to put analytics in action by operationalising for outcomes. The value of a diverse team ranges far and wide. It can help organisations better combat against artificial intelligence bias. It is also important to solving business problems including the largest and toughest problems which is the reason the organisation is developing an artificial intelligence strategy in the first place.

MEA

S E P T E M B E R 2 0 21

DR JASSIM HAJI,

President Artificial Intelligence Society and President International Group of Artificial Intelligence.

TOOLS BEING USED FOR AI l l l l l l l l l l l

Scikit Learn TensorFlow Theano Caffe MxNet Keras PyTorch CNTK Auto ML OpenNN H20: Open-Source AI Platform Google ML Kit

The team leader is an AI architect who knows how to put analytics in action by operationalising for outcomes The ideal team driving the artificial intelligence initiative in an organisation should be a led by a leader with the following attributes: l Must understand business processes critical to establishing real-world scenarios and valuable outcomes l Must understands analytics, machine learning, statistics, forecasting and optimisation, leading to the right techniques l Must understands data, where does it come from, what is the quality, how it should be handled to preserve security and trust

INNOVATION

CHALLENGES AND BEST PRACTICES OF ENTERPRISE AI Enterprise AI is ability to embed AI methodology into the core of the organisation and into data governance strategy, which means augmenting the work of people.

oday, several large enterprises are handling increasingly more data, which will require more complex algorithms. More complex algorithms are able to learn hidden patterns from the data, by themselves, which is why they are useful — they can deal with problems that a human brain could not understand. And that’s where Enterprise AI brings an edge. Enterprise AI is the ability to embed AI methodology into the very core of the organisation and into the data governance strategy. This means augmenting the work of people across all teams and disciplines with AI for more innovative operations, processes, products, and more. The following are the challenges for teams that do not have a collaborative data science platform.

ACCESS TO SYSTEMS Whether accessing the various data sources or the computational capabilities, doing so in a remote setting can be challenging.

COLLABORATION WITHIN TEAMS Without the physical in-office proximity, individuals can become siloed in the execution of their data projects.

COLLABORATION ACROSS TEAMS Data projects require buy-in and validation from business teams and also require data engineering and other teams to help with operationalisation.

REUSE OVER TIME Capitalising on past projects is key to maintaining productivity and reducing duplicate work. The lack of in-person discussions can limit this ability. More and more organisations see the need to provide a centralised, controlled, and elastic environment to support the exponential

will sustain the business in the future. Dataiku provides a simple UI for data wrangling, mining, visualisation, machine learning, and deployment based on a collaborative and team-based user interface, accessible to anyone on a data team — from data scientist to beginner analyst — and therefore appeals to all organisations across a myriad of industries. Dataiku allows enterprises to create value with their data in a human-centered way while breaking down silos and encouraging collaboration. One of the most unique characteristics of Data Science Studio is the breadth of its scope and the fact that it caters both to technical and non-technical users. Through DSS, we aim democratise data science and empower people through data. Here are some of the best practices around AI that will shape the future of the industry.

COLLABORATION Collaboration is about making AI more widespread and relevant through access to a wider population within the organisation. Part of the reason that collaboration is used a lot is because it actually has two distinct parts: Horizontal collaboration refers to people working together with others who have roughly the same skills, toolsets, training, and day-to-day responsibilities. For example, data scientists with other data scientists or analysts with other analysts. Vertical collaboration refers to people from across teams working together who might have vastly different responsibilities, viewpoints, and who — importantly — use very different tools, usually.

SID BHATIA,

Regional Director, Middle East and Turkey, Dataiku.

A lot of businesses struggle to get started on their Enterprise AI journey over the years and some have thrived.

growth in the amount of data, the number of AI projects, and the number of people contributing to such projects. A lot of businesses struggle to get started on their Enterprise AI journey over the years and some have thrived. The companies that succeed are the ones that go beyond leveraging Enterprise AI for one particular project or use case and instead focus on scaling it out to a level that

RESPONSIBLE AI

Accountability Ensuring that models are designed and behave in ways aligned with their purpose. Sustainability Establishing the continued reliability of AIaugmented processes in their operation as well as execution. Governability Centrally controlling, managing, and auditing the Enterprise AI effort. Elasticity There is no question that elasticity or ondemand compute resource management and flexibility, is the future of Enterprise AI. Organisations need the ability to scale resources up and down depending on their needs. ë

S E P T E M B E R 2 0 21

MEA

INNOVATION

du’s portfolio considers organisations of all maturity levels across the artificial intelligence spectrum

ANDREW WARD,

Head of NBI Products and Solutions, du

MEA

S E P T E M B E R 2 0 21

INNOVATION

AI BOOSTING AUTOMATION, DELIVERY, PRODUCTIVITY Enterprise AI is ability to embed AI methodology into the core of the organisation and into data governance strategy, which means augmenting the work of people.

ith digital transformation accelerating rapidly, du supports clients by helping them to build and manage digital platforms that bridge technology innovation boundaries and scale up their respective transformations. These platforms support artificial intelligence and machine learning applications and use cases, enabling organisations to adopt these technologies, integrate them with internal processes, and benefit from their capabilities. Additionally, du’s digital infrastructure solutions also support clients where artificial intelligence is concerned. With a portfolio including infrastructure services, cloud management, and connectivity solutions, clients harness artificial intelligence capabilities to realise their development objectives. du’s product portfolio also considers organisations of all maturity levels across the artificial intelligence spectrum. For organisations beginning their digital transformation journeys, du provides demystified services that comprise data insights, offer digital assistance and computer vision capabilities, and can be easily embedded into their current application stack. In terms of companies already artificial intelligence native, du facilitates their respective infrastructure needs, providing the necessary platforms that manage full artificial intelligence model development and delivery workflows. Several vertical markets are well-suited for early artificial intelligence adoption and ROI. Government, finance, transportation,

While artificial intelligence is accompanied by enormous potential, there also several challenges

and education are all markets to which this applies, as are the manufacturing and technology, media, and communication fields. du’s solutions and platforms for supporting artificial intelligence applications and use cases were previously mentioned – and these are available to partners in these sectors. From a telecommunications standpoint, network optimisation, preventative maintenance, virtual assistants, and robotic process automation are among the AI use cases that have already solidified sector suitability, with ML also supporting anomaly detection, managed services delivery, and root cause analysis. As enterprises place a greater emphasis on utilising artificial intelligence to their advantage, their success in implementing applications and delivering use cases has facilitated innovation and digital transformation in several ways. Expanded organisational market presence and greater profitability are being made possible through artificial intelligence. While artificial intelligence is accompanied by enormous potential, there also several challenges that have recently arisen when implementing these technologies. In terms of datacenters, successfully meeting evolving performance requirements is not without its difficulties, especially as demands for calculating real-time data for artificial intelligence applications increase. Moreover, another pressing datacenter challenge is effectively implementing new applications or solutions into existing environments. Regarding the obstacles that enterprises must overcome, they are required to boast the necessary computing power, remain compliant with data privacy and security regulations, and consolidate data that is often located across several different databases. As businesses implement artificial intelligence solutions, they should do so in accordance with several best practices. Business objectives should be clearly defined, backed by a comprehensive roadmap for delivering on these objectives, as should the roles and responsibilities of individuals and teams. The necessary data should also be gathered for the project in question, while the implementation of solutions should be continuously monitored to measure success and identify areas where further progress in required. As for verifying returns on investment, companies can measure the total project costs, refer to pre-project objectives, and evaluate outcomes through data and analytics. ë

S E P T E M B E R 2 0 21

MEA

COVER STORY

“A New Normal of Technology, Business & Networking Events ”

TECHNOLOGY

LEADERSHIP BUSINESS

INNER-SELF CULTURE

90 DAYS MILESTONES VIRTUALSUMMITS

118

ENGAGED OVER

VENDORS AND PARTNERS

CONNECTED OVER

SPAN ACROSS

END CUSTOMERS

COUNTRIES

5500

TECH LEADERS

CIOS

VENDORS

IT DIRECTORS

INNOVATORS

EDUCATORS

ACADEMICIANS AND INVESTORS

BROUGHT TO YOU BY

ORGANIZED BY

MEA

A U G U ST 2 0 21

Global CIO Forum

www.globalcioforum.com/unitewebsummit/

REAL LIFE

Taeknizon to resell cloud based WallPost ERP for UAE and support partner activation With higher penetration of Cloud based software solutions the new partnership between Taeknizon, a fast-growing Private Cloud provider in the Middle East and Asia, and US based WallPost, a cloud-based ERP solution provider is timely. Especially designed for SMEs, Taeknizon will serve as resellers for the solution in the UAE and centralised activation partners for the ME region excluding Qatar. Easy to install and supported by free implementation service and 24x7 technical support, the WallPost solution offers a suite of integrated mobile friendly applications which captures, manages and interprets data from across business operations. By integrating all departments and functions on a single system, users of WallPost can maintain complete control and transparency. This is strengthened by customers receiving the highest level of data security, where Taeknizon will host customer data within its TAEKNI Cloud infrastructure in its TIER 3 datacenter within UAE. While the partners are currently set to work in the UAE, plans are underway to extend the

(left to right) Andrew Doxsey, CEO of WallPost; Anithan Chandran, CEO, Taeknizon.

relationship in the Middle East and Asia. Taeknizon is the only private cloud service provider in UAE with ISO 27001 and ISO

27017 certification and ensures Data Sovereignty and high-level data security hosted within the TAEKNI Cloud.

Vodacom, GCB Bank opt for Avaya’s OneCloud delivered by Ghana partner RayCom Technologies Raycom Technologies, has launched Everything as a Service, a transformational offering that delivers cloud-based Unified Communications and Contact Center services supported by Avaya across Ghana. The offering, which equips Ghanaian businesses to contend with fast-moving digital transformation requirements, is already providing value for leading organisations in the country, including Vodafone Ghana and GCB. Everything as a Service leverages Avaya OneCloud, an AI-powered experience platform that includes CCaaS, UCaaS and CPaaS, and which completely redefines how organisations empower an on-demand workforce to deliver optimal experiences for today’s everything customer. Avaya is applying AI in new ways across its

OneCloud communications and collaboration solutions to create more personalised, in-the-moment engagements. Through the partnership, Raycom will host Avaya OneCloud CCaaS and Avaya OneCloud UCaaS solutions in its locally operated, secure data center, and make them available through a cloud-based subscription model, enabling organisations to purchase the capacity and services they require, as and when needed, without large upfront costs. This will enable Ghana businesses to respond quickly to changing business demands and manage costs more effectively. Locally hosted cloud-based communications technologies enable Ghana businesses to scale as they need and pay on a per-user, per-month basis GCB Bank, meanwhile, is leveraging

FADI HANI, Vice President, Middle East, Africa and Turkey, Avaya.

Everything as a Service to create a unified communications environment, which standardises the customer and employee experience and puts subject-matter experts at the heart of the customer experience.

S E P T E M B E R 2 0 21

MEA

REAL LIFE

Arab National Bank automates 35 processes using Automation 360 saving 40,000 hours of manual work Automation Anywhere, a global vendor in Robotic Process Automation, has announced a collaboration with Arab National Bank to automate back-office processes. Established in 1979, Arab National Bank is a Saudi-listed joint stock company that ranks among the 15 largest banks in the Middle East. Headquartered in Riyadh. With support from Automation Anywhere partner, Orion Valley, ANB has automated 35 manual repetitive business processes within the bank using Automation 360, a cloud native, AI-powered RPA platform. More than 100 software bots now perform tasks within the bank’s operations, compliance, HR, and other

AIEDH AL ZAHRANI, COO, Arab National Bank.

departments. Arab National Bank successfully migrated more than 100 bots onto the Automation 360 platform, with almost zero downtime, thus saving an estimated 40,000 hours of manual work. Deploying intelligent automation offers a way to meet these objectives. The automation of banking processes has reduced operating costs for one of the largest banks in the Middle East ANB plans to continue implementing additional software bots to further streamline Bank processes in order to take advantage of the resulting additional cost efficiencies.

UAE insurance player Watania signs BIOS for cloud-based disaster recovery services

DOMINIC DOCHERTY, MD, BIOSME.

BIOS Middle East, a specialist in disaster recovery services, has been appointed Disaster Recovery Service DraaS provider by National Takaful Company, as part of a proactive strategy on the part of the Abu Dhabi-based insurance company to ensure business continuity and embed resilience across its operations. BIOSME was appointed after an exhaustive search for local DRaaS providers. Watania sent out a detailed request for proposals to several potential partners and evaluated their expressions of interest against a specific set of criteria

MEA

and BIOSME was determined as the overall best performer with respect to the financial institution’s specific requirements, Watania officials confirmed. BIOSME specialises in taking a bespoke, solutions-driven approach that focuses on each client’s unique business requirements. As such, multiple tools were used to replicate critical databases and virtual machines to CloudHPT, the GCC’s local cloud, in Dubai. BIOSME delivered a blended service-level agreement SLA with a recovery point objective

S E P T E M B E R 2 0 21

RPO of less than 10 minutes and a recovery time objective RTO of less than one hour. BIOSME is the company in the Middle East to be recognised by Gartner as a “niche player” for DRaaS. A significant requirement for Watania has been to ensure that DR is effective and responsive. As such, Watania tested the failover of its critical applications to CloudHPT in Dubai. Watania’s applications ran on the cloud for eight days without a hitch over this period. BIOS managed the full switchover and switchback outside working hours, ensuring that the business was never disrupted, and that the entire operation was conducted with zero loss of data. BIOSME has delivered over 60 successful DR projects to customers across the GCC and continues to support public and private sector organisations across a range of industries. DR enables organisations in the GCC and elsewhere to continue functioning in the event of a catastrophic event. A strong DR solution can make or break an organisation’s ability to recover natural or manmade setbacks. When every second of downtime means lost revenue, disaster mitigation demands quick thinking and immediate action.

REAL LIFE

Proven Consult and United Warehouse Company sign MoU for digital transformation solutions Proven Consult, an automation technology firm in the GCC region, announced the signing of a Memorandum of Understanding with United Warehouse, a warehousing logistics service provider in Saudi Arabia, to help accelerate digital transformation in the logistics industry. Under the terms of agreement, both companies will collaborate in advancing technological transformation through the deployment of latest technologies. Committed to creating smarter businesses with its team of experts, Proven Consult, in partnership with UWC, will work to create value (Left to right) Fathi Abdullah Ba-Isa, Managing Director of UWC and Anas Abdul-Haiy, CEO through implementation of digital technoloand Deputy Director at Proven Consult. gies. The company aims to enhance business performance and implement Intelligent Business digitisation, and improve functionality across the combined goal of promoting technological various verticals within the organisation. advancement in the Kingdom, while at the Automation as a core functional area within This joint venture between two industry same time placing Saudi Arabia on the world UWC in order to further enable technological pioneers aims to realise Saudi Vision 2030 with map in terms of technological advancement. efficiencies and achieve uniformity, integrate

Nutanix implements three cluster Nutanix HCI for IMI, MENA’s largest maritime yard in Saudi ENGINEER, EMAD AL-HUMAM, Senior Vice President of Corporate Services at IMI.

Nutanix, announced that International Maritime Industries IMI has adopted its Nutanix Hyperconverged Infrastructure HCI and Nutanix Prism Pro management solution. Nutanix’s technology will provide IMI with a robust platform to host its mission-critical applications and reduce its IT footprint by around 25%, freeing up time to focus on innovation and increased cost efficiencies.

IMI will be the largest maritime yard in the MENA region offering advanced, sustainable services and driving the development of Saudi Arabia’s maritime industry. The company’s full-service yard provides new build and maintenance, repair, and overhaul MRO services for commercial vessels and offshore jackup rigs. State-of-the-art technologies including artificial intelligence, biometrics and the Industrial

Internet of Things are embedded into the yard’s infrastructure, offering customers a cuttingedge advantage in an era of digitalisation. IMI also provides customers and business partners with innovative lifecycle management offerings, high-quality products, efficient schedules, and internationally competitive prices. It is currently beginning to transition into its operational phase, a major milestone in IMI’s journey to support Saudi Arabia’s vision of building a thriving logistics sector with a technologically advanced and sustainable maritime industry at its center. Besides its technology leadership position, Nutanix has a very attractive value proposition from a cost perspective – not just the acquisition cost of the solution but also the total cost of ownership TCO. IMI’s Nutanix implementation, which was completed in just under three weeks, spans three clusters – a production cluster, database cluster and a backup cluster. Once the engineering department is up and running, the production and database clusters are expected to scale rapidly which is something that the Nutanix solution offers with its simple ‘one-click’ feature.

S E P T E M B E R 2 0 21

MEA

REAL LIFE

Kuwait National Petroleum deploys private cloud in twin datacentres using VMware Kuwait National Petroleum Company has taken its digital transformation to the next level with VMware. This agility means that KNPC will be able to deliver new mega-projects in the country and support the goals of Kuwait Vision 2035 to further support economic growth. With Kuwait increasing productivity across sectors as part of its national Vision 2035, it is critical that the oil sector, the traditional mainstay of the economy for several decades, also modernises, allowing it to achieve maximum efficiency to support diversification efforts. To support these ambitious plans, KNPC deployed its own private cloud in two datacentres in Kuwait, with a Software Defined Datacentre, approach, built on VMware solutions, virtualising compute, storage, network and security layers for maximum agility, in addition to reduced cost and complexity. KNPC’s IT team is operating both sites in Active-Active configuration, allowing them to provide high resiliency and Service Level

AHED AL-KHURAYIF, Deputy CEO, Admin and Commercial Affairs, KNPC spokesperson.

Agreements to the business units. With cybersecurity a growing concern in the energy sector, VMware’s solutions, including NSX, has helped boost KNPC’s security by providing intrinsic security throughout the network. VMware Cloud Foundation also helps boost KNPC’s security by automating the lifecycle management of all software components across the organisation’s infrastructure, which means security updates occur automatically, as and when required

Accely implements SAP Business Suite, SAP SuccessFactors at Ajmal Perfumes Ajmal Perfumes, one of the Middle East’s largest perfume manufacturers, is driving the Middle East’s $4.4 Billion fragrances market, by announcing a digital transformation partnership with global technology company SAP. Middle East consumers are rapidly shifting from mass-market fragrances to upmarket, home-grown brands. Founded in 1951, Ajmal Perfumes hosts a 150,000 square foot state-of-the-art factory that manufactures 100,000 bottles of perfume per day. Worldwide, Ajmal Perfumes counts more than 1,000 dealerships and distributors, 240 retail stores in 45 countries, and 30 DutyFree locations and international airlines. Supporting innovation in the perfume market, Ajmal Perfumes is working with the channel partner Accely to digitally transform its operations. Ajmal Perfumes will run on the SAP Business Suite 4 SAP HANA, SAP S 4HANA, real-time business suite on the RISE

MEA

ABDULLA AJMAL, Deputy Chief Operating Officer, Ajmal Perfumes.

with SAP platform, and enhance employee experiences with the SAP SuccessFactors human experience management suite. In its digital transformation roadmap,

S E P T E M B E R 2 0 21

Ajmal Perfumes is also exploring SAP’s innovative solutions to further integrate digital marketing, customer experiences, and loyalty programmes.

PRODUCTS

Auto provisioning predicts the number of HeatWave nodes required for running a workload by adaptive sampling of table data on which analytics is required. This means that customers no longer need to manually estimate the optimal size of their cluster. No other database service provides this capability. l Auto parallel load can optimise the load time and memory usage by predicting the optimal degree of parallelism for each table being loaded into HeatWave. No other cloud vendor offers this capability. l Auto data placement predicts the column on which tables should be partitioned inmemory to help achieve the best performance for queries. It also predicts the expected gain in query performance with the new column recommendation. This minimises data movement across nodes due to suboptimal choices that can be made by operators when manually selecting the column. No other database service provides this capability. l Auto encoding can determine the optimal representation of columns being loaded into HeatWave, taking the queries into consideration. This optimal representation provides the best query performance and minimises the size of the cluster to minimise costs. l Auto query plan improvement learns various statistics from the execution of queries and can improve the execution plan of future queries. This improves the performance of the system as more queries are run. No other database service provides this capability. l Auto query time estimation can estimate the execution time of a query prior to executing the query. This provides a prediction of how long a query will take, enabling customers to decide if the duration of the query is too long and instead run a different query. l Auto change propagation intelligently determines the optimal time when changes in MySQL Database should be propagated to the HeatWave Scale-out Data Management layer. This helps ensure that changes are being propagated at the right optimal cadence. No other cloud vendor offers this capability. l Auto scheduling can determine which queries in the queue are short running and prioritise them over long running queries in an intelligent way to reduce overall wait time. Most other databases use the First In, First Out FIFO mechanism for scheduling. l Auto error recovery provisions new nodes and reloads necessary data if one or more HeatWave nodes is unresponsive due to software or hardware failure. l

EDWARD SCREVEN,

Chief Corporate Architect, Oracle.

Oracle adds machine learning to in-memory engine for MySQL Database Service Oracle announced availability of MySQL Autopilot, a new component of MySQL HeatWave service, the in-memory query acceleration engine for MySQL Database Service in Oracle Cloud Infrastructure. MySQL Autopilot uses advanced machine learning techniques to automate HeatWave which make it easier to use and further improves performance and scalability. No other cloud vendor provides such advanced automation capabilities for their database offerings. Autopilot is available at no additional charge for MySQL HeatWave customers. MySQL Autopilot automates many of the most important and often challenging aspects of achieving high query performance at scale—including provisioning, data loading, query execution and failure handling. It uses advanced techniques to sample data, collect statistics on data and queries, and build machine learning models using Oracle

AutoML to model memory usage, network load and execution time. These machine learning models are then used by MySQL Autopilot to execute its core capabilities. MySQL Autopilot makes the HeatWave query optimiser increasingly intelligent as more queries are executed, resulting in continually improving system performance over time—a capability not available on Amazon Aurora, Amazon Redshift, Snowflake, or other MySQL-based database services. No other cloud vendor provides advanced automation capabilities for database offerings Autopilot is available at no additional charge for MySQL HeatWave customers MySQL Autopilot delivers nine new machine learning-powered automation capabilities MySQL Autopilot includes the following capabilities:

S E P T E M B E R 2 0 21

MEA

PRODUCTS

Synology announces availability of cloud C2 Transfer to securely transfer files Synology has announced the availability of C2 Transfer, a new cloud solution designed to securely transfer files between businesses and their clients, partners, and other external parties. Synology’s on-premises storage solutions already empower businesses and home users to solve their data management challenges, such as connecting remote teams and enabling file sharing and collaboration between people. C2 Transfer is instead designed to solve the last mile problem, when teams send out important and potentially sensitive files to clients. Most file collaboration solutions, cloud or on-premises ones, protect data through permission management and audits of individual account activity. However, deliverables still have to be sent to external parties that do not have accounts. C2 Transfer keeps things simple for both parties while ensuring that files are always delivered to the right person, even if a link is accidentally published or shared with the wrong person. C2 Transfer verifies identities by sending a One-Time Password, OTP to a sender-specified email address or phone number to ensure that only the intended

recipient can access the files. C2 Transfer keeps data private with end-toend encryption, making files unreadable from before they are uploaded by the client until after they are safely downloaded onto a device by the intended recipient. C2 Transfer is designed to make sending files

to external partners and clients easy, especially for human resources, legal, manufacturing, finance, and marketing departments. C2 Transfer has built-in support for image watermarks, download expiration dates, single-use downloads, and file requests to receive files securely.

AVEVA recognised Best Global Industrial Software Provider with Neste, Saudi Aramco end customers AVEVA, a global vendor in industrial software, driving digital transformation and sustainability, has been awarded the ‘Best Global Industrial Software Solutions Provider – 2021’ accolade voted by Corporate Vision Magazine CV Magazine. AVEVA was recognised for its excellence in developing state-of-the-art industrial software solutions, which are enabling customers across many industrial sectors to meet their sustainability goals, as well as for achieving continued, outstanding growth over the past 12 months. While digital transformation remains at the core of customers’ decisions to adopt AVEVA’s solutions, the company is also making a strong contribution to sustainability through its products. For example, the remote deployment of AVEVA Unified Operations Centre has enabled Saudi Aramco to monitor emissions and optimise energy usage; while Neste, the world’s leading producer of renewable diesel and sustainable aviation fuel, is using AVEVA’s Unified Supply Chain to drive collaboration between its remote teams, boosting efficiency. Similarly, several of AVEVA’s EPC customers are using AVEVA Unified

MEA

S E P T E M B E R 2 0 21

PETER HERWECK CEO, AVEVA.

Engineering to help pioneer hydrogen production designs while other engineering companies use the software for onshore windfarms. AVEVA has also seen increased demand in the Food and Beverage sector for its Manufacturing Execution software.

ANALYST’S CORNER

AMIR SOHRABI,

Area Vice President for Emerging Markets, Citrix.

86% believe IT security in UAE has skills necessary to handle challenges, Citrix survey 82% of Information Technology, IT, decision makers working in banks and financial service institutions, FSIs, in the UAE are under pressure to level up their security protocols, according to new research from Citrix. This comes as 72% see IT security risks in the industry increasing since the start of the COVID-19 pandemic. Employees are most likely to be pressurising their organisation to increase security, with 67% of IT pros reporting pressure from this group, followed by customers, 48%, then

government 45%, and shareholders, 31%. Perhaps in response to these demands, 66% of respondents report that security has become a priority in their organisation over the past 18 months. They join the further 31% who report that it has been a priority for years. However, despite the increase in cyberattacks and the changing demands and pressures upon them; 95% of IT decision makers claim they are comfortable with their IT security provisions, with 25% of those saying they are very comfortable. 86% also believe that the IT

security teams in their organisations have all the skills necessary to handle challenges. This confidence may come, at least in part, from the fact that many organisations are replacing their traditional Virtual Private Network, VPN, solutions with Zero Trust, cloud-based services. 46% of respondents have already implemented this, with another 49% planning to do so in the next 12 months. A further 6% plan to follow suit in the longer term. The biggest drivers behind this decision are improving end user experience, 42%, having an agile and secure remote work strategy, 39%, consolidating multiple point products, 36%, and more on-premises solution to the cloud, 35%. In addition, 90% of IT decision makers report that they are satisfied with the digital workspace solutions their organisation has used to support remote work, over the past 18 months. 54% of respondents implemented these digital workspace solutions in response to the mandate to work from home in March 2020, while a further 42% already had them in place prior to the pandemic. The remaining 4% plan to provide their teams with digital workspace solutions in the future. Of the other technologies that organisations have in place to support remote working, the popular are virtual desktops and apps, 67%, video conferencing, streaming, 62%, and emails, 57%. Whilst the majority of IT decision makers feel they have the right teams in place to support their organisations’ current security posture, there may be challenges on the horizon. 87% of respondents admit that they will need to hire externally to get the right skills in the future, and 87% feel that at some point, IT security teams in their organisation will need to be entirely reskilled. Additionally, the research uncovers some gaps in wider security training for employees of banks and FSIs. 31% of respondents say that security training for all employees at their organisation is provided less than once a year, with 1% admitting it is provided every six years or less. Amir Sohrabi, Area Vice President for Emerging Markets, Citrix, said, “It is no surprise that security has become an even greater priority since the pandemic began. As remote work became ubiquitous overnight, and employees were more likely to be distracted by personal and professional stressors, cyberattacks have increased across the globe.”

S E P T E M B E R 2 0 21

MEA

ANALYST’S CORNER

73% executives say CRM fragmented in their organisations, Forrester and Salesforce survey New research released by Forrester Consulting, and commissioned by Salesforce, surveyed nearly 800 executives and nearly 1,500 Customer Relationship Management, CRM, users across 15 countries to understand the trends driving CRM technology success and innovation. The research shows that, to meet ever-evolving customer expectations and more flexible workplace environments, companies are tapping into a new generation of CRM use and strategy that connects data across departments to automate processes, drive personalisation, and support productivity from anywhere. Business leaders and employees alike look to technology, including their CRM systems, to drive customer growth, business productivity and resiliency, and market differentiation. Despite massive market disruption, however, Forrester found that CRM system usage over the past couple years has remained largely flat, and frankly, is not delivering on expectations: l Less than half of executives noted that their CRM system supports the entire customer lifecycle, from discovery to engagement and retention, but nearly 80% believe it should.

MEA

73% of executives say CRM use is fragmented at their organisation, with some or all departments each using their own CRM system. 50% of employees agree that since not all departments use the same CRM system, they cannot share information easily across teams. Organisations who are doing it right are leveraging the following approaches for their CRM technology use and strategy: Cross-team adoption and use: There are tangible business benefits when CRM systems are used across teams to support the entire customer lifecycle, versus siloed by department. Zoom out: CRM is increasingly being seen by companies as an engine for growth across the entire customer lifecycle, and they are adapting their strategy accordingly. Work-from-anywhere flexibility to support more resilient teams: 57% of executives report struggling to maintain good Customer Experience, CX, with the shift to remote work because their CRM systems were not well-integrated and accessible. Employees and executives alike note their challenges are productivity, information access, and communication and l

S E P T E M B E R 2 0 21

coordination challenges caused by the shift to remote work. When unified, accessible CRM systems are the central tool in an employee’s toolkit, they are better able to navigate a remote or flexible workplace while continuing to create great CX for customers. And executives can more easily adapt go-to-market strategies to pivot during times of change or uncertainty. A Single Source of Truth that powers better CX and helps employees to be more productive: A little over a third of executives think their CRM provides a complete single source of truth about their customers, but 90% think this would be of value. Without this complete picture of a customer, across all departments and inputs, creating exceptional CX is challenging. Grounded in Trust and Security: Trust and security are now the criteria for executives when evaluating CRM systems. And for good reason: customers expect a trusted relationship with privacy and consent. Artificial Intelligence-Powered Process Automation: By 2023, 79% of organisations will be using Artificial Intelligence to enable customer, prospect outreach automation and 78% will be using Artificial Intelligencepowered automation to relieve employees of day-to-day processes. Supported by better training for all employees: 53% of employees say they need better onboarding and training for how to use their CRM system, in order to create more value for their organisations.

ANALYST’S CORNER

25% IT hospitality leaders feel there is too much data to handle finds Aruba survey As hospitality’s doors finally reopen, the sector is quickly getting a sense of the evolved digital-first world in which it’s now operating. The past year has seen a significant step change in the adoption of technology and digital services, but while some hospitality businesses were able to welcome online models, huge swathes of the industry were forced to remain dormant, leaving many digital advancements relatively untested or stagnating. Now, the whole sector must quickly accelerate its digital transformation to fuel long-term recovery, or risk customer abandonment and falling further behind. According to research by Aruba, a HPE company, as of last year the hospitality sector was in a healthy – but not leading – place in its adoption of advanced technologies and moving computing to the Edge. Over half of hospitality IT leaders had started to implement trials or applications in areas such as artificial intelligence AI 55%, Internet of Things IoT 70% and machine learning 57%. However, that compares to figures of up to 75% for AI in the financial services industry, or 77% for IoT in

retail, distribution, and transport. But it was also already struggling significantly with the data these new technologies produce. A quarter 25% of IT leaders in hospitality said there was too much data for their systems to handle, and that they could not process the data they collected quickly enough to act 25%. With data levels increasing exponentially over the past year, thanks to the Covid-induced rise of smart technologies, IoT sensors, and connected devices the depth of data sprawl will only be greater. STEP 1: PROCESS DATA EFFICIENCY

Organisations must follow data to the Edge of the network to process it more efficiently, capturing it in real-time at its source versus transferring it back to a centralised hub. Aruba’s research showed that 54% of hospitality IT leaders were already using or trialing Edge technologies pre-pandemic, and a further 16% were already computing at the Edge. While this shows a smaller proportion of hospitality businesses are operating at the Edge

MORTEN ILLUM, VP EMEA of Aruba.

compared to other industries 28% across all sectors, these pioneers are successfully delivering new outcomes, such as utilising facial recognition technology 49%, experimenting with live, real-time, multi-language translation 45%, and creating enhanced augmented and virtual reality experiences 43% as a result.

MuleSoft survey shows IT and business alignment has improved over last 12 months MuleSoft, provider of the world’s #1 integration and API platform, today reported that 70% of automation initiatives are being hindered by security concerns and data silos, as organisations increasingly look to automation to improve efficiency and productivity. However, MuleSoft’s IT and Business Alignment Barometer also revealed opportunities for companies to overcome these challenges and enable faster innovation across their organisations. ??IT and business teams working closely together can shrink or even eliminate organisation silos, significantly reducing time to market. The report shows that almost 9 in 10 87% say IT and business alignment has improved over the last 12 months leading to a number of benefits, including improved collaboration 64%, operational efficiency 58%, and better customer experience 54%. Based on a global study of 2,400 IT decision

makers ITDMs and business decision makers BDMs, the MuleSoft IT and Business Alignment Barometer also highlights organisations’ business priorities and challenges over the next 12 months. DIGITAL IMPERATIVES INCREASE AUTOMATION ADOPTION

In an all-digital, work-from-anywhere world, it’s never been more important to sense and respond to changing market dynamics — and the needs of customers and employees — with speed, agility, and efficiency. Automation has become a rising focus for many organisations to drive convenience, speed, and cost reductions. Organisations report that: l Operational efficiency is top of mind for businesses: Improving operational efficiency 54%, creating better connected customer experiences 50%, improving productivity 49%,

BRENT HAYWARD, CEO, MuleSoft.

becoming more agile for change 48%, and becoming more data-driven 45% are organisations’ top five business priorities.

S E P T E M B E R 2 0 21

MEA

GUEST COLUMN

USING A FRAMEWORK TO FUTURE PROOF IT RESOURCES Traditional approaches to tackling talent issues are no longer sufficient for digital business and CIOs must rethink how they can future proof the workforce.

ince 2017, the number of skills required for a single job have increased by 10% every year, as a result of constant digital disruptions. However, Gartner surveys of CIOs and CEOs suggest there is not enough digital talent to support the increase in need. The post pandemic shift toward remote hybrid working has further increased the competition for scarce IT talent across industries and geographies. CIOs focused on digital acceleration should adopt a modern IT talent management framework to identify, hire and develop high-potential talent. The Gartner Digital Talent Management Framework focuses on key areas such as recruitment, renewal, retention, and release of talent. CIOs and IT leaders can use the framework to first identify and prioritise digital skills and talent needs, then devise strategies for these areas to evolve and develop the workforce in line with changing business priorities.

RECRUIT To identify, attract and hire high-potential talent, CIOs and IT leaders can focus on these four aspects: #1 JOBS AND TALENT PROFILES

Job descriptions often focus only on technical skills and educational qualifications and do not emphasise the broader significance of profiles — their societal impact and alignment with the organisation’s strategic objectives. A well-thought-out job description is outcome-based, competency-centric, and helps candidates visualise their personal and professional growth with the company. It generates a much larger talent pool, attracting candidates with diverse backgrounds and potential to apply. For recruiting high-potential IT talent internally and externally, CIOs can team up with HR leaders to regularly revisit their job descriptions

MEA

to ensure the language appropriately values core competencies and is not biased toward specific technical skills, credentials, or work experience. #2 EMPLOYER BRANDING

IT job seekers often create false perceptions of a company based on the characteristics of the industry it represents. For example, they may wrongly associate stability and predictability with an insurance company that is actually aggressively striving for IT innovation. To avoid such misconceptions, CIOs can create an employment value proposition EVP tailored to attract and retain top IT talent. They should ensure that job postings clearly articulate attributes that differentiate their IT organisation’s brand values from those of their competitors. #3 SELECTION

To support fast expansion in digital business and hire a high volume of candidates for IT roles, organisations need a tech-enabled recruitment process that is unbiased and promotes diversity, equity, and inclusion. CIOs, IT leaders and hiring managers can leverage data and artificial intelligence tools to screen, assess and identify high-potential talent in a time-effective manner. These technologies can help in delivering more engaged and personalised experiences to candidates. #4 ONBOARDING

An effective onboarding experience can ensure a long-term and mutually satisfying relationship between employees and organisations. A process that goes beyond a few weeks of orientation and lasts up to six months or even a year can ensure that employees organically connect with the company’s culture. It offers enough time and space to evaluate and enhance employees’ skills and competencies to meet organisation’s performance expectations. In a remote hybrid working environment, a structured and systematic onboarding process

S E P T E M B E R 2 0 21

becomes even more critical for IT talent management. CIOs and IT leaders can collaborate with HR to reimagine onboarding programs for a virtual workplace. The remote working environment can make it harder for new hires to connect with organisational culture. The redesigned programs should aim at encouraging cross-functional networking, learning and collaborative working.

RENEW To ensure continuous renewal of workforce capabilities that support the changing needs of digital business, the leadership should focus on: #1 CAREER PLANNING WITH SKILLS DEVELOPMENT

Top IT talent seeks diverse opportunities and personalised learning paths to become a versatile, high-value contributor for the company, which a systematic IT talent management process can facilitate. CIOs and IT leaders can recognise and enhance the skills of their existing workforce instead of hiring new talents for evolving digital business needs, thus promoting a culture of upskilling and reskilling. Encourage IT talent to regularly take skill assessment tests so that customised learning paths can be designed for each employee. Institute Connector managers who can better understand the motivations of employees and coach them accordingly. #2 SUCCESSION PLANNING AND MANAGEMENT

In an increasingly competitive talent market CIOs face disruptions like impending retirements of key leaders or the loss of talent having scarce skill sets. Embracing succession planning and management as an ongoing process can enable organisations to bounce back from disruptions, seize new opportunities, feel confident that they have capable IT talent to fill the void in pivotal roles.

GUEST COLUMN

RETAIN CIOs and IT leaders should discern factors that impact employee engagement and develop a total rewards strategy to motivate and retain employees for the long term. #1 EMPLOYEE ENGAGEMENT AND EXPERIENCE

Research has consistently shown that organisations with better employee engagement scores surpass competition in business performance. There are professional companies such as Gallup that help organisations benchmark their employee engagement scores to identify areas of improvement. The global shift toward a remote IT workforce has changed how work environments, productivity and responsibility affect one another. CIOs should adopt more intuitive and empathetic leadership styles to keep employees healthy, motivated, and efficient in a virtual setup. Conduct pulse surveys to collect and assess feedback from employees. The results will demonstrate the effectiveness of hybrid remote workplace designs to enhance employee experience. #2 TOTAL REWARDS STRATEGY

Compensation is essential to attract top IT talent, but it is not the only factor that drives employee engagement, motivation, and retention. A total rewards strategy is a more comprehensive way to deliver the organisation’s employment value proposition through five elements — compensation, benefits, career management, performance recognition and work-life balance. As the significance of each element varies with targeted talent’s wants and needs, CIOs can collaborate with total rewards leaders to create personalised and relevant humanised employment deals. For example, in the public sector, the compensation element is not as lucrative as in other industries, but that can be balanced by highlighting other attributes like sense of purpose, shared mission, stability and work-life balance.

RELEASE Former employees may rejoin the company in the future or become valuable customers, partners, and brand advocates. Therefore, transition planning and offboarding become as

LILY MOK,

VP Analyst, Gartner.

To support fast expansion in digital business, organisations need a tech-enabled recruitment process essential as the onboarding of a new hire.

for high-potential IT talent, mentoring or buddy systems can make such transitions smoother.

#1 TRANSITION PLANNING

Different circumstances lead to different kinds of transitions in companies. There can be job transfers promotions, mergers and acquisitions, lay-offs, etc. Transition planning considers all such circumstances to create robust processes like the onboarding process for hiring new employees to handle transitions across the organisation. Without a well-structured process in place, familiarising a leader with the new role or promoting an employee to a leadership position may become challenging. Development plans

#2 OFFBOARDING

It should go hand in hand with succession planning and allow enough time for the departing employee to transfer the knowledge. If done well, there will always be internal candidates especially for leadership and critical roles to fill the void and take on the new role. The exit interview should create a secure and amicable environment for the employee to be candid and provide well-thought-out feedback. The feedback can be used to improve employee engagement and retention practices. ë

S E P T E M B E R 2 0 21

MEA

GUEST COLUMN

IMPROVING THE VISIBILITY OF ENTERPRISE ASSETS FOR CISOs By profiling every element of the network and applying basic automation, threat hunters can compile a manageable to-do list, one that ensures clarity and purpose.

AAs pressure builds on the region’s security operations centers to decipher telemetry and chase down threats in increasingly complex environments, it is worth noting that much of their difficulty lies in visibility. Even the most dedicated CISO cannot protect what they cannot see. Digital assets, therefore, must be properly catalogued so that cybersecurity teams can get accurate views of devices, applications, and network topologies. Such views will differ from those of the IT team, which has its own priorities. For security professionals, asset inventory will be less about software support and licenses and more about potential entry points and vulnerabilities. Therefore, security teams should not be left to rely on secondhand asset inventory data from IT. The main underlying security benefit of accurate asset management is the ability to triage threat data. Now that multi-cloud and hybrid workplaces are adding multiple layers of complexity to technology stacks, security teams can be overwhelmed with alerts. By thoroughly profiling every element of the network and applying some basic automation, threat hunters can compile a more manageable to-do list – one that ensures clarity and purpose. Some items may be quick wins, such as simple software patching or reconfiguration. Others may be more complex but require immediate action because of the

MEA

S E P T E M B E R 2 0 21

potential harm they could cause. And others may be trivial and can be ignored. Under the right policies, automated processes can watch for new risky assets or existing ones that cross a threat threshold when they undergo changes. Once asset inventories are compiled, organisations can deploy vulnerability management, detection, and response, VMDR systems to police them. But policies, inventories and the automation that governs them must be tightly integrated as a single solution. As sound as software policies are, if the automated tool is a bolt-on, telemetry may not flow to the tool in a reliable format. And automation is vital to achieve the reduction of alert fatigue that security teams seek. So, when we combine comprehensive views with global inventories into a unified platform, we start to see an ideal environment take shape. Arduous and routine tasks are automated while highly trained professionals are routed to where their talents can add the most value. The rich views delivered by this ideal setup empower security teams with contextual information that allows them to make better decisions and take more effective action in real time. According to the top cybersecurity official in the UAE government, the country was hit by a 250% increase in cybercrime in 2020, compared with the previous year. New environments are encouraging bad

actors to act badly, and the region’s security teams need to be adequately armed to defend their digital perimeters. Being able to detect the big threats in real time requires the dialing down of white noise that results from complexity, and VMDR is a great tool with which to accomplish this. It is time to reimagine our security postures with security teams in mind. The right VMDR platform will support both agent-based and agentless data collection, automatically profiling known assets, and initiating background processes to scan for unknown assets. Ideally, no asset should escape its gaze, whether that element is on premises, in the cloud, part of a software container, an element of operational technology, or integrated into an Internet of Things ecosystem. Following the formulation of an asset inventory, teams will have access to normalised, categorised, information, allowing contextual views of each asset. Are they routers, printers, PCs, or mobile devices? Do they use databases? On what hardware are they running? Synchronise this information with a configuration management database, CMDB and teams will get access to another layer of context – owner, location, and status, such as whether the asset is live or part of a staging environment. All of this allows proper correlation, leading to more accurate tracking of the health of each digital asset.

GUEST COLUMN

Region’s security teams need to be adequately armed to defend their digital perimeters

Get asset management right and rich information will flow to where it can be leveraged to the greatest benefit. Security teams will be able to use white- and blacklisting to get a view of policy compliance across the enterprise and quickly identify unauthorised processes and applications. They will also be able to automate the detection of end-of-service applications and make informed decisions about their future. Additionally, the ideal asset platform will give a view of which active assets can be seen by the public Internet, and automatically assign risk metrics to components based on attribute profiles. This greatly oils the gears of compliance, because rich, visual reports on risk factors can be obtained on demand. And it increases the quality of response, allowing beleaguered teams room to breathe and work. Being able to control the workflow and frequency of your alerting system means organisations can design threat postures that are relevant to their operating models. And response itself can be automated. When the alerting system has been optimised to the satisfaction of security leaders, they can automate actions such as reconfiguring or unin-

HADI JAAFARAWI,

Managing Director Middle East, Qualys.

Automated processes can watch for new risky assets that cross a threat threshold when they undergo changes

stalling applications or tagging new assets for vulnerability profiling. Once the optimised asset-management platform is built, that is when residing in the cloud becomes an advantage. Information can be

shared across devices and locations in real time, allowing always-on detection and response. And with the pressure of alert fatigue lifted, the talents of human security specialists can finally be leveraged to optimal effect. ë

S E P T E M B E R 2 0 21

MEA

INNOVATION

EXECUTIVE MOVEMENTS

Google Cloud appoints Niral Patel as Regional Director Sub-Saharan Africa

In an announcement by the company, Niral Patel has been appointed as the Regional Director of Google Cloud Sub-Saharan Africa. Patel will be responsible for spearheading Google Cloud’s business across the Sub-Saharan region as he brings over 20 years of experience with him.

Brian Hamel joins Veritas as Executive Vice President Worldwide Field Operations

Veritas Technologies has announced that Brian Hamel has joined the company as Executive Vice President of Worldwide Field Operations. Brian started his career at IBM as an enterprise account manager and over a 30-year career held Infrastructure leadership positions in the US, Asia, and Europe. More recently, Brian spent approximately five years at Oracle as Senior Vice President, Cloud Business Group.

Epson appoints Natalie Harrison as Head of Marketing, Middle East and Africa

Epson has appointed Natalie Harrison as head of marketing services for the Middle East and Africa region. In this role, she will be responsible for the strategic planning, implementation, and forecasting of regional and local marketing initiatives that align with Epson’s business objectives. Harrison joined Epson in October 2018 as the marketing services manager for Epson UK Limited and managed a team specialising in channel marketing, PR and social media, events and digital marketing.

MEA

S E P T E M B E R 2 0 21

BeyondTrust announces Marc Maiffret as CTO, Morey Haber as CSO

BeyondTrust, announced the hire of Marc Maiffret as Chief Technology Officer and appointment of Morey Haber as Chief Security Officer, further expanding and strengthening the company’s security leadership. Marc Maiffret brings 20+ years of executive security leadership to BeyondTrust, as a founder at eEye Digital Security, and executive leadership positions at FireEye, BeyondTrust, and SpaceX. An early pioneer in vulnerability and security research, Marc discovered and named the first Microsoft computer worm, CodeRed. Marc has testified before Congress on multiple occasions on matters of national security and has appeared on most major TV news stations, newspapers, and security industry publications.

Cohesity appoints Gregg Petersen as Director for Middle East and Africa

Cohesity has appointed Gregg Petersen as regional director for its operations in the Middle East and Africa region. Petersen will focus on empowering regional businesses in UAE, Saudi Arabia, Qatar, Egypt, and South Africa to easily and effectively back up, manage, protect, and derive value from their data through Cohesity’s next-gen data management solutions. Petersen, a prominent figure in the MEA IT industry, brings 14 years of relevant experience to Cohesity, including his most recent role at Rackspace. He will work closely with channel and ecosystem partners as customers in the MEA region embrace modern, cloud-native data management solutions.

Swisslog appoints David Dronfield as General Manager for Middle East operations

HPE appoints Mohamed Wasfy as Country Manager for Egypt

Swisslog announced the appointment of David Dronfield as the new General Manager for its Middle Eastern operations. David brings more than 35 years of professional experience in the warehouse automation sector with expertise across sales, marketing, business development, project management and in managing senior leadership roles. Prior to joining Swisslog Middle East, David has served as Founder and Managing Director of Intralogistic Solution, a company providing intralogistic design, supply chain consulting and turnkey equipment solutions. Additionally, he has worked as the Regional General Manager for Al Futtaim Auto and Machinery Company

Hewlett Packard Enterprise, announced that Mohamed Wasfy has been appointed as the Country Manager of HPE in Egypt. Under the leadership of Mohamed, HPE aims to strengthen its presence in the country and will continue to work closely with Egyptian authorities to achieve its long-term strategic plans and national goals under the Egypt Vision 2030 programme. An accomplished senior leader, Mohamed brings over 20 years of experience working in Egypt’s technology industry. In his previous roles with Intercom Enterprise Oracle and IBM, he has led several

THEME OF UNITE

BOTS TEAM BUILDING

BODY

SOUL

OPPORTUNITIES AND OBSTACLES MONTHLY ALL-ROUND WELLNESS AND COMMUNITY BUILDING INITIATIVE FOR THE CIOS. STATE-OF-THE-ART LOCATIONS| ULTRA-MODERN ACTIVITIES| HANDS-ON EXPERIENCES | LIFE-CHANGING TAKEAWAYS

FITNESS

WELLNESS

NUTRITION

ENGAGE

2021 ROADSHOW Date: 29 Oct, 2021 Venue: The Leela Palace, New Delhi 36+ COUNTRIES 4000 C-LEVEL EXECS 300+ SESSIONS 200+ EXHIBITORS

JOIN US IN-PERSON

#ChangeX

B R O U G H T TO BY