EC-MEA March 2022

ELEMENTS OF

CYBER WARFARE

Weeks, months, years of offensive cyber activity, fake news, confluence of state and non-state actors, are characteristics we are witnessing today.

REGISTER NOW

A cyber dimension not seen before

Just as the world was settling down to recover from the ravages of the pandemic, half of the European geography has been directly and indirectly thrown into turmoil. No fly zones and the deepest possible economic sanctions have almost permanently rewritten global fundamentals. And we now see cyber warfare to be deeply ingrained as a component of this regional but now fast spilling global conflict.

One of the biggest differences between a cyber war and conventional war is that a cyber war can go on forever. The only cost are the teams involved and their expertise in inflicting damage and not being apprehended by authorities. Low-level information warfare has been ongoing against Ukraine since 2009.

There are also big differences across the rest of cyber warfare fundamentals. The standard playbook according to Chester Wisniewski at Sophos, includes to distract, confuse, deny, divide. Information warfare is how Kremlin can control rest of the world’s response with false flags, misattribution, social media manipulation.

Based on the fundamentals of cyber warfare, David Brown at Axon Technologies points out that national-level cyber warfare onslaughts can last forever. Primary missions can run for years, some might still be running that could have been started decades ago.

Cyberattacks can be launched from a cell phone and could be staffed by proxy groups in dozens of non-aligned countries. The bigger the national budget, the more extended actions on objectives run. A national-level cyber warfare event will include government units, and attribution during cyber warfare will be assumed.

With these fundamentals, the cybersecurity fallout will extend far beyond Ukraine’s borders, says Morey Haber at BeyondTrust. Cyber threat activity is picking up around the world and includes brute-forcing, spear phishing emails with malicious links, using harvested credentials to gain access, maintaining persistent access.

Cybereason’s Lior Div, points out that cyberattacks coming from Russia are state controlled. He says, Russian intelligence agencies enlist cybercrime threat actors as proxies to provide plausible deniability while leveraging cyberattacks as a weapon. This demonstrates the control, that Russian government has over cybercrime groups. And cyber is an integral element of nation-state intelligence and a powerful tool for disrupting enemy’s defences.

Whatever the short-term outcomes, cyber warfare has now become a permanent and heavily embedded and ingrained component of a nation’s warfare arsenal. Turn these pages to read more as well as the latest updates on cyber security solutions.

The upcoming Gisec 2022 would probably be the right forum for cybersecurity vendors to present their learning points. Look forward to meeting you at this face-to-face forum. ë

MANAGING DIRECTOR

TUSHAR SAHOO

TUSHAR@GECMEDIAGROUP.COM

EDITOR ARUN SHANKAR

ARUN@GECMEDIAGROUP.COM

CEO

RONAK SAMANTARAY RONAK@GECMEDIAGROUP.COM

GLOBAL HEAD, CONTENT AND STRATEGIC ALLIANCES

ANUSHREE DIXIT

ANUSHREE@GECMEDIAGROUP.COM

GROUP SALES HEAD

RICHA S

RICHA@GECMEDIAGROUP.COM

EVENTS EXECUTIVE

GURLEEN ROOPRAI

GURLEEN@GECMEDIAGROUP.COM

JENNEFER LORRAINE MENDOZA JENNEFER@GECMEDIAGROUP.COM

SALES AND ADVERTISING

RONAK SAMANTARAY

RONAK@GECMEDIAGROUP.COM

PH: + 971 555 120 490

DIGITAL TEAM

IT MANAGER

VIJAY BAKSHI

DIGITAL CONTENT LEAD

DEEPIKA CHAUHAN

SEO & DIGITAL MARKETING ANALYST HEMANT BISHT

PRODUCTION, CIRCULATION, SUBSCRIPTIONS

INFO@GECMEDIAGROUP.COM

CREATIVE LEAD

AJAY ARYA

GRAPHIC DESIGNER RAHUL ARYA

DESIGNED BY

SUBSCRIPTIONS INFO@GECMEDIAGROUP.COM

PRINTED BY Al Ghurair Printing & Publishing LLC. Masafi Compound, Satwa, P.O.Box: 5613, Dubai, UAE # 203 , 2nd Floor G2 Circular Building , Dubai Production City (IMPZ) Phone : +971 4 564 8684

31 FOXTAIL LAN, MONMOUTH JUNCTION, NJ - 08852 UNITED STATES OF AMERICA PHONE NO: + 1 732 794 5918

A PUBLICATION LICENSED BY International Media Production Zone, Dubai, UAE @copyright 2013 Accent Infomedia. All rights reserved. while the publishers have made every effort to ensure the accuracyof all information in this magazine, they will not be held responsible for any errors therein.

33-43

SPECIAL REPORT

BREAKING AWAY FROM LEGACY PRODUCTS

High usage of APIs and vendor neutral approach

Ammar Enaya, Vectra AI

Releasing latest offering in risk identification and management

Andrew Schumer, Axon Technologies

Connected world complicated due to visibility gaps

Emad Fahmy, NETSCOUT

Data does not lose itself, people lose data

Emile Abou Saleh, Proofpoint

Effective security is based on expertise and intelligence

Gordon Love, Mandiant

Focus on ThreatQ Marketplace, home to integrations

Leon Ward, ThreatQuotient

Integrating 20 trillion aspects of threat, vulnerability, assets

Maher Jadallah, Tenable

Blending machine learning and privileged access

Mark De Simone, Delinea

Offering 24x7 security operations and response services

Martin Tarr, du

Designed to be cloud-scale and cloud-delivered

Raja Ukil, ColorTokens

What is your Breach Likelihood Score?

Saket Modi, Safe Security

Focus on cloud, IoT, XDR

Toni El Inati, Barracuda Networks

POST PANDEMIC, ARE REGIONAL CISOS ON THE RIGHT TRACK?

While most CISOs are ready to road-test new technologies, just 17% believe their organisation grasps the threat landscape and are willing to invest accordingly.

In aiming to understand how and why investments in cybersecurity had grown, a global survey was conducted of more than 900 senior IT decision makers. This Technology Decision Making report shows how pandemic has affected the cybersecurity industry and the priorities of CISOs across nine countries in the Americas, Europe and Asia. Here in the Middle East, as IT stakeholders prepare to make their cases for 2022 budgets, the same challenges are likely to arise.

About 60% of those surveyed expect to see a boost to their security budgets in the next financial year because of the changes in IT environments made necessary by lockdowns. We should make note of two things regarding remote working. The first is that it did not, by itself, create security problems. It merely threw new light on existing issues.

And second, while lockdowns may become a thing of the past at some point, hybrid work is here to stay. So, we cannot merely keep our heads down until the storm has passed, only to sail on as before. We must address our security holes and plug them to prepare for the hybrid reality ahead of us.

A major pain point that has arisen from the complexities of new technology stacks is the difficulty in managing identity security. The discipline known as privileged access management PAM was poorly understood before the pandemic. Back then, the risks of incursion were much lower because endpoints were actively monitored within a well-defined perimeter, and many mistakes in configuration and policy went unpunished.

In the absence of corporate firewalls and other safeguards, it is significantly easier for a malicious party to access privileged accounts. It is therefore vital that privilege models based on zero-trust make their way to the top of the priority list for implementation in 2022.

91% of those surveyed believe their security budget is adequate, a strong indication that line of business is beginning to grasp the scale, intensity, and flexibility of the threat landscape. But the research also shows that most investments are targeted at known problem areas, such as those

found after an attack has already happened. Fear of auditors and regulators – a concern widely reflected in the Middle East – appears to be a further motivator, with one in four citing the threat of fines as a key inspiration for action.

Being confronted with the expense of one’s own cyber incident is an understandable motivator. But Middle East firms looking to compete in 2022 have an opportunity to learn from headlines. The missteps – and horror stories – of others should be enough to illustrate the need for a holistic strategy that closes gaps before they can be exploited. PAM is one of the strongest examples in the industry of proactive strategy being employed to prevent the need for reactive firefighting.

More than a third of our respondents reported having presented investment proposals that were rejected because the threat did not instil the right level of fear, or because the solution had insufficiently clear ROI.

So CISOs are condemned to retreat from long-term strategy in favour of short-term, piecemeal tactics. The study shows that most CISOs are ready to road-test new technologies and approaches, but just 17% believe their organisation’s decision makers grasp the true nature of the threat landscape and are willing to invest accordingly. ë

One in four is citing threat of fines as a key inspiration for action

2022 IS YEAR OF COLLABORATIVE DIGITAL TRANSFORMATION

We will need to team up with partners to execute a comprehensive action plan to bring down global warming levels which no company can achieve on its own.

Working to mitigate the effects of the climate crisis is fast emerging as the biggest KPI ahead of the industrial community for 2022. Approximately 97% of business leaders polled in a recent Deloitte survey say that their companies have already experienced the negative impacts of climate change.

Now we will need to team up with partners and peers to build and execute a comprehensive action plan to tackle these challenges. Bringing global warming levels down to 1.5°C is something no company can achieve on its own.

About 80% of major international companies now report on sustainability, and thousands of enterprises have committed to net-zero emissions by 2050 through initiatives such as the Race to Zero and Business Ambition for 1.5°C.

We see 2022 as year of collaborative digital transformation aimed at achieving our common sustainability goals. Connecting to the connected industrial economy could be the first step. This data-led network links enterprises along a single digital data thread that connects engineering, operations, supply chain, and employees. It uses the power of the cloud and artificial intelligence (AI) to optimise performance and unlock value and sustainability gains for every stakeholder.

Sectoral leaders have already embraced industrial automation as a route to increasing productivity. Industry-specific AI empowers these organisations by providing sector-specific decision support and unified intelligence.

When leveraged over the cloud, these systems are now operable remotely, anytime and anywhere. Because they collect greater amounts of data about operational systems, leveraging this information supports workers in making faster and more effective decisions making.

Gartner has shown that for companies that operate across different geographies, cloud-based data-sharing improves integration of working teams and drives the decision-making that helps minimise carbon use, increase profit, and ensure agility.

Industrial frontrunners are now looking to go one step further, by sharing data securely but agnostically, across the entire industrial ecosystem.

change

Expanding connected networks to suppliers, partners, and even industrial peers can drive exponential, sustainable growth for all players across the value chain – while also realising sustainability gains.

In the wake of the disruption of the past two years, digital technologies underpin the way we operate. As we look to achieve our goals for 2022 and beyond, collaborations will be essential to driving innovative ways of doing business. Digital partnerships are needed to protect the planet for ourselves and for our children. Working together can achieve net-zero more quickly. ë

97% of business polled in a Deloitte survey say their companies already experienced negative impacts of climate

KERRY GRIMES, Head of Global Partners, AVEVA.

Prince Sultan University and VMware sign MoU to launch Innovation Centre in 2022

Prince Sultan University and VMware have signed a Memorandum of Understanding to launch an Innovation Centre equipped with VMware software and resources to give students, researchers, and businesses hands-on experience with transformative digital solutions for app modernization, cloud, networking, security, and digital workspace.

The MoU was signed under the patronage of HE Abdullah Alswaha, Minister of Communications and Information Technology, Saudi Arabia.

The Innovation Centre, which is expected to start operating in the first half of the year, will help foster a culture of learning and build real-world information and communications technology skills, while providing a valuable resource to research projects underway at PSU by expanding access to VMware’s solutions.

The Innovation Centre will also be used to demonstrate the benefits of VMware’s solutions to local customers and partners, with the aim of helping accelerate digital transformation amongst the local business community. The Innovation Centre will enable

students, researchers, and businesses to experience cloud, modern apps, and security solutions, supporting the Kingdom’s digitization agenda

The Innovation Centre will be equipped with the full range of VMware’s solutions and will showcase disruptive technologies like edge computing, artificial intelligence, blockchain, machine learning and Kubernetes. By experiencing these technologies, it will help users to build digital foundations and embrace the next wave of innovation.

Liferay partners with Zain Saudi Arabia to offer its Digital Experience Platform

In an effort that serves to provide a world-class customer experience, Liferay has established a partnership with Zain KSA, offering state-of-the-art digital services through its Digital Experience Platform which utilizes advanced cloud computing solutions.

In line with the Kingdom’s aspirations to achieve complete digital transformation nation-wide, Liferay’s platform contributes to the success of Zain KSA’s comprehensive development strategy which rests on three pillars: making strategic investments to provide the best products and services, paving the way for a digital society and a knowledge economy by supporting the digital transformation targets of Saudi Vision 2030, and elevating the quality of life in the Kingdom by ensuring a

consistent and quality customer experience.

With the boom of the knowledge economy keeping up with the customers’ ever-evolving demands, Zain KSA will make significant progress by leveraging Liferay’s digital solutions and programs, providing its customers with a broader range of services that are interconnected as part of a highly integrated and automated ecosystem serving to enrich their journey. This enhances Zain KSA’s value proposition in addition to its high-level performance and reliability ensured by its ultra-fast 5G network that is available across the Kingdom.

Comparable to strategic partnerships established with globally leading service providers, Zain KSA’s collaboration with Liferay Inc. brings to the foreground its innovative approach in adopting cloud services which have become integral to digitally advanced societies. By offering upgraded end-to-end customer lifecycle experiences and data-driven personalization within a suite of connected applications built with full security on a single platform, Zain KSA will benefit from its partner’s globally renowned expertise and capabilities to take its customer experience to the next level.

Saudisoft will distribute touchless biometrics solutions from Invixium in Saudi Arabia

Invixium, manufacturer of touchless biometrics, announced a distribution partnership with Saudisoft, a provider of integrated hardware and software technology solutions. Saudisoft now offers Invixium’s full portfolio of biometric and card readers, including the company’s flagship IXM TITAN, to its customers in the Saudi Arabia.

Invixium offers an industry-leading range of solutions for modern, adaptive access control, time tracking, and visitor management using biometrics including touchless face recognition. The company is well-known for its exquisite mix of design, ruggedness, and innovation that help businesses meet the needs of today while preparing for the demands of tomorrow. Unique features offered by Invixium solutions include no-mask detection, remote enrolment for face recognition, vital signs screening, and more.

The company recently launched a mobile platform, IXM Mobile, to address the growing demand for contactless access control. The new mobile app provides enterprises large and small with ground-breaking features to enhance convenience, health, safety, security, and productivity for staff and visitors. Designed for use with IXM TITAN, IXM Mobile’s five features include remote enrolment for face recognition, digital card or QR code as credentials, a custom digital attestation questionnaire, and vital signs screening.

UAE based Adfolks delivering differentiation through cloud based smart solutions

Adfolks, a UAE-based engineering services company, announced that it has seen a 300% increase in cloud consumption by companies in the UAE and wider GCC region since 2020. CIOs have started to leverage the power of cloud for better efficiency, security, and faster return on investments. According to the latest forecast by Gartner, Inc., the enduser spending on public cloud services in the Middle East and North Africa MENA region will total US$ 5.7 billion in 2022.

Adfolks, a 5-year-old tech venture supports digitally forward-thinking enterprises including Dubai Airports, DP World, Mashreq, EMAAR, Arab National Bank among several others to deliver market differentiation through smart technology solutions powered by cloud-based technologies.

The company works closely with CIOs to chart their digital transformation journey and focuses on building internal capabilities around upcoming tech trends. These areas are prudently chosen with close collaboration with platform providers in the cloud space.

According to the latest forecast by Gartner, end-user spending on public cloud services in the MENA will total $ 5.7 billion in 2022

Tenable’s technology ecosystem now includes 100 vendors, 200 integrations

Tenable, the Cyber Exposure company, today announced its Technology Ecosystem has reached 100 partners and 200 unique integrations. Available for free with all Tenable products, the expanded Ecosystem streamlines the vulnerability management process for customers by allowing them to integrate Tenable’s visibility and insights with other security applications in their environment.

In turn, they can enjoy enhanced visibility and automated workflows, and are able to manage credentials, correlate threats, remediate issues, enrich systems and more effectively secure the cloud.

Tenable’s Technology Ecosystem includes industry-leading partners in critical areas of cyber, such as Mobile Device Management MDM, public cloud infrastructure, SIEM and IT Service Management solutions. Alongside these partners, Tenable creates the world’s richest set of Cyber Exposure capabilities. Below are a few of the leading organizations Tenable is working with.

Israel based Bezeq International, Arc Solution, partner for connectivity

Arc Solutions, a telecom infrastructure solutions provider across the region based in Dubai, has signed an agreement with Bezeq International, Israel’s leading ISP and IT solutions provider, to deploy its network in Bezeq International’s data centre in Tel Aviv.

Arc and Bezeq International are creating the lowest latency route between regional hubs in Datamena UAE, Global Zone Bahrain, Smarthub UAE and Israel, combining network footprints, enabling partners and customers to access a rich portfolio of destinations and services.

As the country’s Public and Private Sector and foreign investment scale investment in infrastructure to support emerging digital technologies such as cloud, IoT, and AI, strong interconnection with regional and international networks is vital.

Customers of Arc and Bezeq International can connect telecoms networks between Dubai, Tel Aviv and a growing number of hubs across the Middle East

Qatar based TecCentric and SAS partner to offer AI, ML, advanced analytics

TecCentric and SAS announced a new partnership today to speed Qatari organizations’ journey towards discovery with artificial intelligence, machine learning, and advanced analytics.

TecCentric will work with SAS to customize services and solutions for a wide array of industries from the public sector to banking, education, healthcare, and more, granting them access to the full analytics cycle with SAS’s expanded AI solution offering as well as its leading fraud and financial crimes analytics and reporting.

SAS’s AI embedded software supports diverse environments and will provide Qatari organizations with more intelligent and automated solutions empowering them to scale to meet changing business requirements.

Pure Storage partners with AWS to move Portworx Kubernetes workloads

Pure Storage announced a strategic engagement with Amazon Web Services for solution development and enablement programs for Pure’s Portworx solutions to help enterprises move Kubernetes workloads into production.

Gartner predicts that by 2025, more than 85% of global organizations will be running containerized applications in production, up from less than 35% in 2019. Amazon Elastic Kubernetes Service is a managed service to run and scale Kubernetes on AWS without needing to install, operate and maintain a Kubernetes control plane or nodes. As container adoption increases and more applications are being deployed in the enterprise, these organizations want more options to manage stateful and persistent data associated with these modern applications.

Portworx by Pure Storage can bring a fully integrated solution to customers for persistent storage, data protection, disaster recovery, data security, cross-region and hybrid data migrations, and automated capacity management for Kubernetes applications built by developers.

Portworx provides Amazon EKS customers with enterprise storage capabilities that make it easier to run data-rich Kubernetes applications at scale

As part of its work with AWS, Portworx has also announced an Early Access Programme for Portworx Backup as-a-Service BaaS on AWS. Portworx BaaS introduces a modern data protection control plane to accelerate implementation of data and application recovery objectives, delivering speed and simplicity to application owners for safeguarding Kubernetes applications. Portworx BaaS is one of the many as-a-Service offerings the company will deliver to its customers in the future.

This three-year strategic investment is the latest step in expanding the relationship between Pure Storage and AWS and will deliver a comprehensive Kubernetes platform for mutual customers moving applications into production.

Premium supplier option announced with IBM for

RISE with SAP

IBM announced it is teaming with SAP to provide technology and consulting expertise to make it easier for clients to embrace a hybrid cloud approach and move mission-critical workloads from SAP solutions to the cloud for regulated and non-regulated industries.

As clients look to adopt hybrid cloud strategies, moving the workloads and applications that are the backbone of their enterprise operation requires a highly secured and reliable cloud environment. With the launch of the premium supplier option with IBM for RISE with SAP, clients will have the tools to help accelerate the migration of their on-premises SAP software workloads to IBM Cloud, backed by industry-leading security capabilities.

IBM is also unveiling a new programme, BREAKTHROUGH with IBM for RISE with SAP, a portfolio of solutions and consulting services that help accelerate and amplify the journey to SAP S4HANA Cloud. Built on a flexible and scalable platform, the solutions and services use intelligent workflows to streamline operations. They provide an engagement model that helps plan, execute and support holistic business transformation. Clients are

Data and AI vendor Artefact opens new office in Riyadh

also offered the flexibility and choice to migrate SAP solution workloads to the public cloud with the support of deep industry expertise.

IBM’s announcement of becoming a premium supplier makes IBM the first cloud provider to offer infrastructure, business transformation and application management services as part of RISE with SAP. IBM’s premium supplier designation is a continuation of SAP’s long-standing efforts to provide choice and optionality to customers, further supporting IBM customers that have a preference for their RISE with SAP package to run on IBM Cloud.

Global data and digital consulting leader Artefact is strengthening its presence in MENA with a new office in Riyadh, Saudi Arabia. One of the largest and fastest growing economies in the region, the Kingdom of Saudi Arabia has a big data and artificial intelligence market valued at $164.98 million in 2020. This is expected to reach $891.74 million by 2026, registering an annual growth of 32.6% over five years.

Artefact has been operating in the MENA region from its base in Dubai, United Arab Emirates, since 2013, working with private and public sector clients on their data and AI led transformation programs.

The company’s key offerings include data vision and strategy, the AI Factory, big data platform implementation, large scale data governance programs, and data marketing programs. Artefact also has global partnerships with big data infrastructure providers and data platforms, including Google, Microsoft and Amazon.

Artefact’s new office in Saudi Arabia will be an integral part of the company’s global network, which includes operations in Africa, the Americas, Asia, Europe and the Middle East. Artefact will bring its data and AI related practices, innovations, talent pool and partnerships to the Kingdom. It will also invest in local talent to develop the varied skill sets needed for the next-generation AI-driven economies, with roles including consultants, data scientists, big data engineers and machine learning engineers, and data architects.

Raqmiyat partners with Yellow.ai to enable automated customer engagement, conversational commerce

Raqmiyat, is pleased to announce the partnership with Yellow.ai, the world’s leading next-gen Total Experience Automation Platform. This partnership will help support the digital transformation initiatives of enterprises by enabling an elevated and hyper-personalised customer experience through automation.

By leveraging this partnership, Raqmiyat will enable enterprises to automate customer engagement while providing a chance for them to leverage conversational commerce to transform their digital customer experience. This collaboration will be particularly advantageous to brands to help them establish a direct relationship with their customers and manage operations across multiple channels.

Built atop the sturdiest in-house NLP engine, Yellow.ai offers a unique industry and function-agnostic platform with pre-built language models. Its Dynamic AI agents support 100+ languages across 35+ channels for enterprises to deliver human-like interactions that boost customer satisfaction and increase employee engagement at scale. Weaving in the best of AI and human intelligence, Yellow.ai’s platform elevates the business-to-consumer interactions of enterprises to be intuitive, personal, and real-time.

Nexthink partners with solutions by STC to boost digital transformation in Saudi Arabia

Nexthink, the leader in Digital Employee Xperience management announced today that it has partnered with solutions by stc, Saudi’s leading digital enabler to support the government and enterprise customers in their digital transformation journey.

This partnership will empower organisations to accelerate and scale their digital transformation by redefining the future of the workplace experience. This partnership will also help both companies build new customer relationships, increase revenue opportunities and offer value-added services.

Nexthink’s advanced employee experience insights, provides IT admins with a single view, enabling them to resolve issues proactively or even automatically – significantly improving the employee remote work experience. This results in lower IT costs, increases employee productivity, and improves the success of transformation projects.

Bespin Global qualifies as Managed Service Provider in AWS Partner Programme

Bespin Global, announced it has achieved the Amazon Web Services Managed Service Provider Partner Programme designation. By passing the audit with the rigorous requirements the AWS Partner Network consultants must satisfy, the Bespin – Middle East team has once again demonstrated its local expertise in providing full lifecycle solutions to customers and reinforced Bespin Global’s position at the forefront of the Middle East market. The AWS MSP Partner Programme recognizes leading AWS Partner Network APN Consulting Partners highly skilled at providing full lifecycle solutions to customers. Next-generation AWS MSPs enable organizations to invent tomorrow, solve business problems and support initiatives by driving key outcomes.

Their expertise, guidance and services help companies through each stage of the cloud adoption journey. Bespin’s team of professional cloud services experts support clients in executing ambitious initiatives by allowing them to focus on their core business.

The news follows Bespin winning AWS DevOps Partner of the Year in the Middle East and North Africa MENA for the second year in a row, along with other competencies including AWS Public Sector Authorized Solution provider.

Time To Reply enters into a strategic distribution agreement with VAD Technologies

Time To Reply has signed a distribution agreement with VAD Technologies VAD, as the first step in the fast tracking of a strategic partnership to sell timetoreply’s Business Email Analytics products across a select range of countries.

timetoreply is the market leader in Business Email Analytics products for Customer Facing and Sales teams globally.

The purpose of this deal with VAD, one of the largest distributors of IT and technology services in the Middle East, is to drive sales of timetoreply software within Saudi Arabia, United Arab Emirates, Kuwait, Bahrain, Qatar, Oman, Egypt, Lebanon and Jordan.

Email communication continues to grow at extraordinary rates and - despite new technologies entering this space - is here to stay as the preferred method of communication. Businesses in all industry verticals across the Middle East will benefit from timetoreply’s easy-todeploy solutions and can achieve quick Return of Investment.

Over the last 6 months timetoreply has presented its Business Email Analytics products to a number of VAD’s business partners and will be working closely with VAD to open discussions more broadly across the network.

Sitecore signs agreement with solutions by stc to provide marketing technology solutions

In a continuing demonstration of its commitment to the Kingdom’s accelerated digital transformation efforts that are driven by Saudi Vision 2030, Sitecore signed an agreement with solutions by stc, the kingdom’s leading digital enabler, to provide marketing technology solutions and training primarily to the country’s key public and private organizations.

The joint efforts will see an enhancement in the digital experience for customers, who can enjoy a seamless and personalized digital experience. This will be made possible with an integrated CMS powered platform along with various commerce and digital marketing tools.

The new agreement will also see a collaboration between both entities to host Sitecore solutions locally in the solutions by stc Cloud, while Sitecore will provide technical support and expertise in the sales cycle for potential customers who range in size from enterprise to SMEs.

The Sitecore and solutions by stc partnership announcement was made during the inaugural LEAP event in Riyadh, which is a global platform for future technologies and the gathering of the most disruptive technology professionals from around the world. Sitecore plays an active role at LEAP while also being one of the Bronze sponsors of the grand event.

Tech Mahindra partners with Yellow.ai to transform customer experiences with conversational AI

Tech Mahindra announced a collaboration with Yellow.ai, to transform enterprise customer experiences with conversational Artificial Intelligence AI. The partnership is aimed at redefining the way enterprises connect with customers, employees, and vendors.

As part of the partnership, Tech Mahindra and Yellow.ai will work towards developing next-gen conversational-AI solutions to elevate omnichannel capabilities such as Enterprise Resource Planning ERP, Human Resources Management System HRMS, Supply Chain Management SCM, and Customer Relationship Management CRM.

These implementations will help reduce costs, optimize resources, improve response time, and provide intelligent insights to enterprises across the globe, serving key industry verticals such as telecommunications, media and entertainment, energy and utilities, automotive, healthcare, retail, and manufacturing.

This partnership will enable enterprises to provide personalized experiences to customers and employees. The joint offering will support a diverse set of solutions across a variety of platforms including, conversational chatbots and voicebots for live chat, email support, and ticket management. These features will support conversational campaigns and surveys, provide analytical insights, and enable customer experience automation and full-stack experience automation for IT, HR, and P2P.

CommScope announces collaboration with Meta Connectivity to join Evenstar programme

CommScope announced a collaboration with Meta Connectivity to join its Evenstar programme and accelerate the adoption of Open RAN by developing open reference designs. As the demand for internet connectivity expands at a rapid pace, the infrastructure that supports it needs to grow and improve. To address this requirement, CommScope will work with Meta Connectivity, alongside a network of industry ecosystem companies in the Evenstar programme with the intent to design and build flexible, efficient RAN components.

The collaboration will focus on developing a Massive MIMO reference design based on O-RAN Alliance interoperability specifications. Massive MIMO substantially increases spectral efficiency to deliver more network capacity and wider coverage. The two organizations will cooperate on high-level architectural requirements, open standardized antenna and radio interfaces, and best practice calibration designs.

The mMIMO reference design will provide operators with the option to further disaggregate the filter, antenna elements from the

radio unit, supporting flexibility and delivering implementation options to the market. Meta Connectivity is working with control unit and distribution unit software vendors who will manage interoperability testing, while CommScope will support Over-the-Air OTA testing and characterization of the antenna within a laboratory environment.

Companies underscore commitment to promote standard designs and interoperability testing across Open RAN ecosystem

Kodak Alaris announces global strategic alliance with ABBYY

Kodak Alaris has announced a global strategic alliance with digital intelligence company ABBYY. The agreement expands the long-time partnership to now include the integration of Kodak Alaris’ award-winning information capture solutions with ABBYY’s industry-leading low-code, no-code, cloud-based intelligent document processing platform, Vantage, to help organizations successfully transform documents into actionable data.

As part of the expanded alliance, Kodak Alaris and ABBYY will offer a technical integration of the Kodak INfuse Smart Connected Scanning Solution and Vantage. Together, Kodak Alaris and ABBYY will drive automation initiatives on a global level and create opportunities for both companies and their partners to solve a variety of document processing challenges for customers.

The INfuse Solution from Kodak Alaris integrates seamlessly with partner applications to create solutions that make it easy to capture data and deliver it directly into business processes. When integrated with intelligent automation platforms, customers achieve an automated end-to end solution for fast, effortless invoice processing. Kodak Alaris will also offer a connector to Vantage and have access to a library of document skills available from the ABBYY Marketplace this year.

The INfuse Scanner quickly digitizes documents of all types, and the data is delivered directly to the ABBYY Vantage platform. ABBYY Vantage provides pre-trained document skills that make it easy for businesses to read and understand the content and context from documents of any type with a high degree of accuracy. Vantage automatically extracts and classifies incoming documents, routes them to the appropriate business processes, and learns from every document to continuously improve straight-through-processing rates.

solutions by stc, largest provider of private cloud in Saudi, now VMware Sovereign Cloud provider

By becoming a VMware Sovereign Cloud Provider, solutions by stc will drive cloud adoption and digital transformation by giving organizations in the Kingdom full control and visibility of their data

solutions by stc, which is already the largest provider of private cloud services in Saudi Arabia, is playing a major role in enabling the Kingdom’s digital transformation efforts and helping drive growth of the cloud market.

VMware announced that solutions by stc, is now a VMware Sovereign Cloud Provider. As a participant in the VMware Sovereign Cloud initiative, solutions by stc will enable customers to run their sensitive and regulated workloads on a more secure and compliant national cloud that meets Saudi Arabia’s data residency and data sovereignty requirements.

The service will further expand solutions by stc’s offerings to provide their customers various services, including control over the access of their data, transparency, visibility into the provider’s operations. This will empower organizations to move to the cloud, increase their agility, and launch modern applications, accelerating digital transformation across sectors including healthcare and

The VMware Sovereign Cloud initiative helps customers engage with trusted national cloud service providers to meet geo-specific requirements around data sovereignty and jurisdictional control; data access and integrity; data security and compliance; data independence and mobility; and data analytics and innovation.

solutions by stc’s private cloud capabilities are built on VMware Cloud, the industry’s only multi-cloud computing infrastructure that enables customers to modernize apps, infrastructure, and operations with better economics and less risk.

SentinelOne, Mimecast partner to deliver holistic approach with XDR automation

SentinelOne, an autonomous cybersecurity platform company, announced a new integrated solution with Mimecast designed to improve end-to-end threat protection, accelerate incident response, and minimize delays for security teams. With SentinelOne and Mimecast solutions, security teams can leverage cooperative defences and rapidly respond to threats across email and endpoints for a holistic approach to incident response powered by XDR automation.

As tactics change, the sophistication of threat actors increases, and new vulnerabilities are constantly discovered, security operations teams are stretched to the limit investigating and remediating each incident. Email remains one of the most highly leveraged attack vectors.

According to Mimecast’s 2021 State of Email Security report threats have risen 64% over the course of the pandemic, and 70% of companies expect their business to be harmed by an email-borne attack. Organizations today must utilize integrated defences to protect email and improve incident response capabilities, while helping to reduce complexity, minimize risk and decrease the demand on an already over-taxed and under-staffed security team.

stc to establish factory for localising datacentres in Saudi Arabia in partnership with Huawei

stc concluded its participation in the LEAP Conference and showcased several innovative services, technologies and digital solutions that contribute to accelerating the digital transformation of various sectors to provide a safe environment for digital infrastructure that enables connectivity for business sectors by providing the largest advanced 5G network in the Middle East, ensuring advanced transactions for various sectors.

Pure Storage Partner Programme will adhere to fiscal year beginning 7

February 2022

Pure Storage announced a series of new updates and benefits for its robust Partner Programme. These enhancements reflect the ways in which Pure’s services-led strategy and portfolio is enabling new levels of flexibility, agility, transparency, and simplicity for partners.

Pure has been 100% channel led since its founding and providing a world class Partner Programme is critical to its success. To deliver continuous improvements to the Programme, Pure aligns partner feedback, customer needs, and its company strategy to advance its Programme in ways that help partners drive faster, smarter, and more innovative business.

The latest updates to the Partner Programme include the capacity for partners to participate in one-to-many routes to market, differentiated benefits based on tier.

stc has also announced the initiative to establish a MENA Hub for the Middle East and North Africa region, with an investment of $1 Billion. stc also announced its intention to establish a new company specialized in datacentre hosting, international and regional connectivity, with an initial capital will be SAR 100 Million.

It concluded its participation in LEAP after announcing the agreement of the initiative to establish a factory of localizing datacentres in the Kingdom in partnership with Huawei. stc cooperated with Ericsson to support the 5G core network and business support systems as a way to enhance the independent 5G networks, in addition to signing an agreement with Microsoft Arabia to develop areas of innovation, cloud technology strategies and 5G solutions.

stc signed an agreement with the Ministry of Municipal and Rural Affairs and Housing to enhance governance and strategic cooperation in the areas related to information and communication technology, and to develop cooperation in improving the smart city system and digital initiatives.

solutions by stc, largest provider of private cloud in Saudi, now VMware Sovereign Cloud provider

Global technology company SAP last week received Class C certification of SAP Cloud Datacentre from the Communications and Information Technology Commission. SAP also hosted a largescale drone show. The global technology company, whose CEO Christian Klein delivered a keynote, continues to invest in the Kingdom and strengthens its qualifications to work with the public, private, and non-profit sectors to store their public data and restricted data on its datacentre.

AVEVA partners with EDF to boost its 3D nuclear engineering and energy programmes

AVEVA, a global leader in industrial software, driving digital transformation and sustainability, has signed a long-term partnership with EDF, the world leader in power generation, to elevate its 3D nuclear engineering programme and deliver leading-edge energy-efficient performance.

This partnership builds on a long-term relationship between AVEVA and EDF. AVEVA has supported EDF with 3D digital engineering solutions at its N4 nuclear plants since the 1980s. To date, AVEVA’s capabilities have enabled EDF to drive its sustainable nuclear vision by reducing operational workhours and by enhancing data consistency.

AVEVA will help drive EDF’s SWITCH digital transformation programme with its AVEVA E3D Design solution and other components of the AVEVA Unified Engineering solution. EDF will strengthen its engineering design portfolio by way of faster design and delivery of its nuclear plants as well as advanced safety and performance standards.

du first telecom service

provider to receive Stage 2 Gold Star certification from Cloud Security Alliance

du, from Emirates Integrated Telecommunications Company, has reaffirmed its industry-leading status as digital transformation and security enabler, becoming the first telecommunications provider worldwide to receive the prestigious Stage 2 Gold Star recognition from the Cloud Security Alliance CSA. The CSA is the world’s leading organization dedicated to defining and raising awareness of cloud security best practices, ensuring cloud computing environments across verticals are secure in line with the highest possible standards.

du’s New Business Innovation department gained the certification following a stringent validation process conducted by external auditors, with the leading UAE telco provider’s Blockchain edge platform meeting specific CSA requirements across every audit area.

Being the first Blockchain platform provider worldwide to obtain the CSA Stage 2 Gold Star is a testament to du’s hands-on approach to enterprise security, something made possible by its experienced professionals and talented teams who implement proactive and continuous measures to ensure that Blockchain services’ users are able to conduct business and complete transactions seamlessly, securely, and without risk.

du completed the CSA external audit following a week of intensive assessments, all of which validated the cloud security policies, procedures, and protection du implements and upholds to safeguard customer data within its Blockchain service. The Stage 2 Gold Star certification highlights the efficiency, effectiveness, and sustainable nature of du’s Blockchain edge service capabilities, as well as the organisation’s enduring commitment to ensure transparency and harmonization across security, trust, assurance, and risk STAR registry standards. Moreover, this latest announcement has enhanced du’s security and compliance posture, showcasing the emphasis du places on unconditional abidance with essential regulations and frameworks.

Siemon partners with NETGEAR across SDVoE, AV over IP, PoE

Siemon announced its partnership with NETGEAR, provider of networking products that power businesses both large and small. Both Siemon and NETGEAR have been instrumental in supporting and advancing internet protocol IP-based Ethernet technologies such as software-defined video over IP SDVoE, AV over IP, power over Ethernet PoE, and high-throughput Wi-Fi via interoperable, open solutions that simplify digital transformation for a wide range of customers and vertical markets.

With NETGEAR’s complete line of wireless access points, switches, routers, and AV over IP solutions connecting via high-performance copper and optical fibre cabling systems like those manufactured by Siemon, this partnership will deliver increased customer value and expand opportunities in the ever-evolving market.

Vectra AI recognises Help

Vectra AI, a leader in threat detection and response, announced winners of its first regional Partner Awards. Celebrating the dedication of outstanding partners across the Middle East, Turkey, and North Africa, the ceremony was held during Saudi Arabia’s LEAP conference, a platform for future technologies and disruptive innovators from around the world.

Winners in disciplines from value-added distribution to systems integration were awarded for their commitment to Vectra’s regional vision, their contributions to the company’s growth, and the parts they have played in the stability and security of end customers’ digital estates.

The winners were:

l Biztek – Public Partner of the Year 2021 Turkey

l NSC – Focused Partner of the Year 2021 Turkey

l Infosec – Growth Partner of the Year 2021 Turkey

l Barikat – Impact partner of the Year 2021 Turkey

l HELP AG – Partner of the Year 2021 Middle East

l Ernst and Young Oman – SI, SP Partner of the Year 2021 Middle East

l IT Security Consulting and Training – Technical Partner of the Year 2021 Jordan

l Mannai Corporation – Public Partner of the Year 2021 Qatar

l MDS Saudi – Business Development Partner of the Year 2021 Saudi Arabia

l Hilal Computers – Technical Partner of the Year 2021 Saudi Arabia and Bahrain

l Al-Jeraisy – Public Partner of the Year 2021 Saudi Arabia

l Advanced Systems and Technologies atm – Business Development Partner of the Year 2021 Saudi Arabia

l AIK Security – Technical Partner of the Year 2021 Saudi Arabia

l IT Vikings – Committed Partner of the Year 2021 Egypt

l Naizak Global Engineering Systems – VAD of the Year 2021 GCC and Egypt

l Exclusive Networks TR – VAD of the Year 2021 Turkey

l 20Tech VAD – VAD of the Year 2021 Saudi Arabia

l Exclusive Networks ME – Growth VAD of the Year 2021 Middle East Vectra’s channel enablement programs — which are announced periodically through its dedicated partner portal — expanded throughout 2021 to include several new incentive schemes. Vectra also enhanced its innovative online demo system, which helps partners quickly familiarize themselves with new platform functions and features, thereby enhancing their presales capabilities. Additionally, Vectra recruited key personnel in METNA throughout the year, in the sales, engineering, marketing, and channel functions.

Vectra saw 40% year-on-year sales growth through its regional channel in 2021 and its METNA partners enjoyed growth of 90% over the same period, with deal registration rates rising by 300%. The awards recognized the commitment, innovation, and achievements of 18 partners operating across METNA.

AG, MDS, Manai, Exclusive Networks, and others as top channels companies

TRANSFORMATION IN SECURITY

TRANSFORMATION IN NETWORKING

TRANSFORMATION IN BUSINESS APPLICATIONS

TRANSFORMATION IN IT & COMPUTING

ELEMENTS OF CYBER WARFARE

Weeks, months, years of continuous, offensive, targeted cyber activity, obfuscation, fake news, confluence of state and non-state actors, are some of the characteristics that we are witnessing today.

NATIONAL-LEVEL CYBER WARFARE CAN LAST FOREVER

A national-level cyber warfare onslaught can last forever, primary missions can run for years, some might still be running that could have been started decades ago.

Country vs country cyberwarfare requires significant planning, years if not decades of active espionage by government agencies and government-financed proxy groups, domestic and foreign. Some unplanned actions are operational or secondary targets of opportunity that present themselves during the planned activities. No country does or should not engage without significant pre-planning.

A national-level cyber warfare onslaught can last forever, primary missions can run for years, and some might still be running that could have been started decades ago. Espionage missions require operational funding, these are budgeted at a national level, and funding is pre-allocated for the planned length of the assignment plus some.

As for energy needs, cyberattacks can be launched from a cell phone and could be staffed by proxy groups in dozens of non-aligned counties or run through your local cloud service like AWS and Google, all of which require no energy from the aggressor nation. The bigger the national budget, the more extended actions on objectives run.

A national-level cyber warfare event will include government units, attribution during cyber warfare will be assumed, and proxy groups for distributed workloads. There will also be nonaligned opportunistic groups seeking financial gain from the chaos or creating more confusion because they can.

As for the national apparatus, attacks will be launched from systems sponsored by the aggressor nation, but they seldom are hosted in that nation; they are nearly always distributed throughout non-aligned counties.

More advanced nations deploy a national cyber protection grid, sometimes called a sovereign internet, cutting off all outside and foreign access to a now local domestic only Internet. This level of protection means that any offensive cyber-attack must come from within the isolated local domestic internet.

Human assets must be pre-deployed and are at significant risk to life with limited to no support or additional resources. Most nations will rely on private organisations to protect themselves with little to no government support. In contrast, government assets are protected by local network segmentation and, in many countries, cybersecurity contractors and vendors.

In some countries, the government has no power over local service providers to enlist their support. From the point of global providers choosing a side puts them in the fight; this is not worth the risk; it is better if they remain neutral as it protects their self-interest.

In nations with oversight of local service providers, they can enlist them to perform mitigation actions such as traffic dropping and geo-fencing. Geo-fencing will have little effect as a more mature and highly budgeted nation does not attack from their country; they attack from yours.

The technological elements change from country to country based on maturity and budget. There is no default tooling that everyone uses, like battle rifles and tanks. Some will have global deploy action stations and proxies in dozens of non-aligned counties with line signal interception, decryption, and payload injection financed via shell

More advanced nations deploy a national cyber protection grid, sometimes called a sovereign Internet

companies. Others might have a shed outback with two guys and an old TI-99.

Because attribution during cyber warfare will be assumed as the offending nation, attacks will not be as advanced or cutting edge nor as stealthily as during espionage missions. They tend to be more direct and overwhelming in noise and volume. The use of distributed denial of service DDoS to crush whole netblock ranges and the use of wiper-style attacks deployed to already breached networks are the most likely. ë

Opinions and comments are of the authors mentioned.

CYBERSECURITY FALLOUT EXTENDS FAR BEYOND UKRAINE’S BORDERS

Geopolitical events underscore importance of maturing zero trust security controls across all organisations, from small businesses to critical infrastructure.

The invasion of Ukraine is a harrowing ordeal for anyone impacted by the conflict. It is a time of heightened risk and uncertainty, with implications that are rippling across the world.

One area of increasing concern is the elevated risk of cyberattacks. As part of the greater cybersecurity community, we aim to share information that is helpful to those who are dealing with, or having to respond to, questions about increased cyberthreats.

Over the course of at least months, cyber strikes on Ukraine have escalated. Attacks in recent days have knocked government and corporate systems and websites offline, and defaced Ukrainian websites. A new data wiping malware, dubbed HermeticWiper AKA KillDisk.NCV, has also been leveraged to infect hundreds of machines across Ukraine, Latvia, and Lithuania.

Security researchers have reported that HermeticWiper corrupts the Master Boot Record, resulting in failure to boot. This new malware family comes close on the heels of the discovery of WhisperGate malware, which was used to attack Ukrainian systems in early January.

As with NotPetya, these new malware families seem intended to incapacitate the assets they infect. The rapid emergence of these debilitating, novel malware families also reinforces the need for proactive, preventative security that goes beyond signature-based recognition.

However, the cybersecurity fallout of the geopolitical conflict extends far beyond Ukraine’s borders. Cyber threat activity is picking up around the world. A joint advisory, by CISA, the FBI and the National Security Agency, outlined activities and tactics used by state-sponsored cybercriminals. These activities include brute-forcing, spear phishing emails with malicious links, using harvested credentials to gain access, and maintaining persistent access.

CISA also issued a SHIELDS UP advisory. In the advisory, CISA recommends all organisations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets. The advisory also provides steps organisations should take to help prevent or mitigate a cyber intrusion.

MOREY HABER

Chief Security Officer, BeyondTrust.

While nation-state threat actors may be increasing activity to disrupt the operations and supply chains of adversaries, and to increase their spheres of power, the usual cast of non-affiliated, opportunistic threat actors, such as ransomware operators and phishing scammers, could also be looking to cash in on global instability, like they did during the early stages of the coronavirus pandemic.

Over the last year, nations across the world, including the US with its issuance of the Executive Order EO 14028 on Improving the Nation’s Cybersecurity, have made strides in ramping up their cyber defences and in fostering better crosscountry collaboration. Recent geopolitical events underscore the importance of maturing zero trust security controls across all organisations—from small businesses to critical infrastructure and operational technology.

Right now, it is important for everyone to reassess their cyber risk and look closely at where they can mature their security controls. The specific security priorities—whether it be accelerating the patching of vulnerabilities, vaulting and automating management of credentials, applying least privilege, or better securing remote access pathways—should be directed by the findings of their assessment. ë

Opinions and comments are of the authors mentioned.

Activities include brute forcing, spear phishing emails with malicious links, using harvested credentials to gain access, maintaining persistent access

CYBERATTACKS COMING FROM RUSSIA ARE STATE CONTROLLED

Putin and Russian intelligence agencies enlist cybercrime threat actors as proxies to provide plausible deniability while leveraging cyberattacks as a weapon.

Iam watching the ongoing tragedy in Ukraine with the rest of the world. It is heart-breaking and my thoughts are with the people of Ukraine. I had hoped that diplomatic efforts would work, and that Putin would pull his troops back, but I would be lying if I said I was completely surprised that Russia launched a full-scale invasion of Ukraine.

Aside from displaying Putin’s imperialist aspirations, this conflict has also revealed the extent to which Russia has integrated cyber into its military strategy and how much control Russia has over allegedly independent cybercrime gangs.

Cyber is an integral element of nation-state intelligence and a powerful tool for disrupting communications and impeding the enemy’s defences in a military conflict. Russia and threat actors aligned with Russia have a history of employing cyberattacks against Ukraine.

In the weeks and days leading up to the Russian invasion, Ukrainian government websites and banks, along with the websites of nations allied with Ukraine were defaced. Researchers also discovered multiple malicious wiper programmes deployed on Ukrainian systems.

The threat is still high, and it is not only specific to Ukraine. Nations and businesses around the world need to be on high alert for cyberattacks. As the United States and NATO allies support Ukraine with military equipment and medical supplies and increase pressure on Russia through sanctions and other means, I expect Russia and aligned threat actors to escalate cyberattacks in an effort to impact critical infrastructure, cripple the global economy, and weaken our collective resolve to stand united against them.

The rhetoric around potential cyberattacks is intensifying. There are reports that the Biden administration and other nations are considering options for offensive cyber operations against Russia. The hacktivist collective Anonymous claims to have knocked Russian websites offline. Meanwhile, various ransomware gangs have issued threatening statements warning that they will strike back against any nations or groups that attack Russia.

While those attacks may be primarily aimed at government and military assets, there is no way to predict the scope or resulting impact given that the majority of critical infrastructure security rests with the private sector. Nationstate cyberattacks often bleed beyond the intended target and result in collateral damage for unrelated businesses around the world—like the NotPetya attack by Russia against Ukraine in 2017.

The Cybereason Threat Intelligence team has been carefully monitoring the situation in Ukraine as tensions have escalated. There was a dramatic drop-in ransomware attack activity following the public and performative arrest of members of the REvil ransomware gang in January. Ransomware attacks originating from Russia have effectively all but ceased since mid-January.

That actually tells me two things. First, it demonstrates the influence—control, actually, that Putin and the Russian government have over these cybercrime groups. It shows that the cyberattacks coming out of Russia are not really state-ignored or state-sponsored, but actually state-controlled.

It confirms what we have long suspected, that Putin and Russian intelligence agencies enlist

The rhetoric around potential cyberattacks is intensifying

cybercrime threat actors as proxies to provide a buffer of plausible deniability while effectively leveraging cyberattacks as a weapon.

The drop-in Russian ransomware activity over the last six weeks also suggests that those cybercrime groups were given a new mission. They were most likely conscripted to help the Russian government in its efforts to hack and disable critical infrastructure and defence systems in Ukraine in preparation for launching the invasion.

We now know that Russia has far more power and control over cybercrime groups and ransomware gangs than they have admitted to.

Opinions and comments are of the authors mentioned.

REAL OR FAKE UKRAINIAN DOMAINS

Cyber criminals have seized on the opportunity and created many sites to spoof genuine support efforts and distinguishing between these two can be difficult.

Since the Russian invasion of Ukraine on 24 February, the Infoblox Threat Intelligence Group has observed a marked increase in the number of new Ukraine-related domain names on our recursive DNS resolvers. Much of this activity is part of a global response to the humanitarian crisis happening in Eastern Europe, and some of this activity consists of new efforts led by previously uncoordinated groups.

However, cyber criminals have also seized on the opportunity and created many sites to spoof or imitate genuine support efforts. Distinguishing between these two scenarios can be difficult even for the most cautious of individuals.

Analysis of the DNS traffic over our recursive resolvers since 24 February has shown a dramatic increase in Ukraine-related domains: from 24 to 28 February, over twice as many domains have been seen for the first time than in the week prior to the Russian offensive.

In response, Infoblox has developed multiple analytics and is actively assessing the threat level of newly observed domains. We have found indicators related to activities ranging from malware campaigns to individuals making new efforts to coordinate the delivery of medical supplies to Ukraine. Among the most prevalent threats in this environment are scams to collect cryptocurrency.

One of the developments that hinders analy-

sis is that many efforts, both legitimate and fraudulent, are being established as Decentralised Anonymous Organisations DAOs. A typical DAO is focused on a specific issue, such as the war in Ukraine, and is a member-owned organisation without central leadership.

These organisations rely on financial transaction records and rules established in a blockchain. In fact, on 26 February a Twitter account identifiable with the Ukrainian government requested cryptocurrency donations, which could have contributed to the flurry of emerging sites offering donations via virtual currency.

In the hours after Russian troops crossed the border with Ukraine, a number of legitimate DAOs were established to protest Russia’s actions and create financial support for Ukraine.

Perhaps most notable of these is Ukraine DAO, hosted on ukrainedao[.]love and established by Pussy Riot founder Nadya Tolokonnikova and other activists.

Due to this DAO’s new registration and use of cryptocurrency, many security vendors have falsely concluded that its hosting domain is malicious. The website for Ukraine DAO offers two methods for donating to the cause: individuals can donate cryptocurrency directly to the Ethereum wallet ukrainedao[.]eth, and individuals with an on-chain wallet can donate and receive a love token that has no monetary value but does have social impact.

Although hosted on a newly registered domain and utilising cryptocurrency, Ukraine DAO is publicly claimed by the founders and recognised in verified Twitter accounts. We have concluded that this domain is not hosting malware or fraudulent content.

In contrast, a number of other DAOs are more suspicious and lack credible ties to established personalities in the region. A screen capture from the domain saveukraine[.]xyz. at first glance, shows the content is similar to that of Ukraine DAO; however, based on several factors, we assess that this website is a cryptocurrency scam.

Comparing Ukraine DAO to saveukraine[.] xyz demonstrates how difficult it can be for the average consumer to distinguish between valid and nefarious activity. In addition to falsely receiving money, cyber criminals can use this interaction to steal personal information and credit cards and to deliver malware. ë

Opinions and comments are of the authors mentioned.

THESE THREATS REPRESENT AN INTENT TO DESTROY

Wiper malware is activated to render the system inoperable, and attackers enact this final stage once they have maximised their reach or if they are alerted.

As Russian activity in Ukraine has moved past heightened tension into a full invasion, the battlefield has been conducted in both physical and cyber arenas. To that end, novel wiper malware attributed to Russian State Actors has been deployed to destroy and degrade Ukrainian assets and infrastructure, but the blast radius almost certainly will not be limited to these targets.

This wiper malware is closely related to the Ransomware we have all become familiar with over the past few years. The only real difference is in the end goal – to irreversibly destroy data and accessibility to systems. As a result, we should lean on the hard learned lessons from Ransomware attacks in recent years - particularly those attributed to or closely related to Russian groups.

Like Ransomware attacks, the wiper malware campaign tends to leverage exploits against externally accessible services to gain a foothold within an organisation’s network. From there, C2 channels are established including web shells in the DMZ to ensure on-going control. Once this foothold is established, attackers dump credentials and use them to expand their access within the environment with the intent of maximising their ability to inflict damage.

In the attack’s final stage, wiper malware is activated to render the system inoperable. Attackers enact this final stage once they have maximised their reach or if they are alerted that they have been discovered and are at risk of losing control.

Each step along the way from one compromised system to an entire network of compromised systems is about maximising that final

impact. Attackers are only able to do this by using their initial point of compromise to move through the network and expand their access as broadly as possible.

As with Ransomware, we expect the disclosed IOCs and the malware used will change over time. It is easy for attackers to make those changes rapidly. Conversely, the techniques attackers use to implant malware and gain maximum impact within an environment are unlikely to change.

Ultimately, these threats represent an intent to destroy, and organisations will do well to improve their resilience and put plans into place to ensure rapid recovery. There are practical steps to take, many of which are not new recommendations but may be somewhere in your organisation’s backlog. Given the changes in the threat landscape, we suggest that organisations re-run their risk calculus and make some or all of the following changes.

Remove the low-hanging fruit. Patch and protect publicly accessible assets. Public-facing assets with known exploitable vulnerabilities are easy targets and patching these assets must be a top priority. CISA maintains a good list of these. In a similar vein, accounts for VPN access and public logon portals or SaaS services must be protected by multifactor authentication.

Control the DMZ. Authorised outbound traffic from the network DMZ needs to be explicitly whitelisted to increase the difficulty of an adversary establishing a useful foothold there. Such a whitelist can be worked to maintain, but it materially complicates an adversary’s ability to effectively run command-and-control from your DMZ.

Trust and Least Privilege. We often relate this to administrative credentials but in this case, view it through the lens of your publicly accessible systems and the rest of the network. The accumulated risk related to all the times when systems and accounts were overprivileged to ease deployment and operation is often a key factor that enables the attack.

Opinions and comments are of the authors mentioned.

Use of credentials on compromised systems to gain access to new systems

DISTRACT, CONFUSE, DENY, DIVIDE IS NOW STANDARD WAR PLAYBOOK

Information warfare is how Kremlin can control rest of the world’s response with false flags, misattribution, social media manipulation components of Russia’s playbook.

With Russian troops amassing on the border with Ukraine and distributed denial of service DDoS attacks sporadically disrupting Ukrainian government websites and financial service providers, there is much talk about being prepared for cyber conflict, whether an actual war ensues or not.

While all organisations should always be prepared for an attack from any direction, it can be helpful to know what to look for when the risk of attack increases.

In 2022 the cyberpolitical tensions are rising again and near breaking point. On January 13 and 14, 2022, numerous Ukrainian government websites were defaced, and systems were infected with malware disguised as a ransomware attack.

Multiple components of these attacks echo the past. The malware was not actually ransomware, it was simply a sophisticated wiper, as was seen in the NotPetya attacks. Additionally, there were many false flags left behind implying it might be the work of Ukrainian dissidents or Polish partisans.

Distract, confuse, deny and attempt to divide seems to be the standard playbook now.

On Tuesday February 15, 2022, a series of debilitating DDoS attacks were unleashed against Ukrainian government and military websites, as well as against three of Ukraine’s largest banks. In an unprecedented move the White House has already declassified some intelligence and pinned the attacks on the Russian GRU.

What now? Regardless of whether things continue to escalate, cyberoperations are sure to continue. Ukraine has been under a constant barrage of attacks with varying degrees of peaks and troughs since Viktor Yanukovych was deposed in 2014.

Information warfare is how the Kremlin can try to control the rest of the world’s response to actions in Ukraine or any other target of attack. False flags, misattribution, disrupted communications, and social media manipulation are all key components of Russia’s information warfare playbook. They don’t need to create a permanent cover for activities on the ground and elsewhere, they simply need to cause enough delay, confusion and contradiction to enable other simultaneous operations to accomplish their objectives.

DESTABILISING DENIAL OF SERVICE ATTACKS

The earliest known activity dates to April 26, 2007, when the Estonian government moved a statue commemorating the Soviet Union’s liberation of Estonia from the Nazis to a less prominent location. This action infuriated Estonia’s Russian speaking population and destabilised relations with Moscow. Soon after there were riots in the streets, protests outside of the Estonian embassy in Moscow and a wave of debilitating DDoS attacks on Estonian government and financial services websites.

Fully prepared tools and instructions on how to participate in DDoS attacks appeared on Russian forums almost immediately after the moving of the statue. These attacks targeted websites belonging to the President, Parliament, police, political parties, and major media outlets.

Low-level information warfare has been ongoing against Ukraine since

defend and govern itself and to prevent the government from effectively communicating with its citizens and the outside world.

Less than a year later, a further series of DDoS attacks began in Kyrgyzstan in January 2009. This happened to coincide with a decisionmaking process the Kyrgyzstani government was entering into to decide whether to renew a lease on an air base in their territory. Coincidence? It appeared to be conducted by the RBN once again, but this time no ruse of patriots expressing their digital opinions.

This brings us to the most recent kinetic conflict, the invasion of Crimea in 2014.

DISINFORMATION AND ISOLATION

Low-level information warfare has been ongoing against Ukraine since 2009, with many attacks coinciding with events that could be interpreted as threatening to Russian interests such as a NATO summit and negotiations between Ukraine and the EU for an Association Agreement.

In March 2014, the New York Times reported that Snake malware had infiltrated the Ukraine Prime Minister’s Office and several remote embassies at the same time as anti-government protests began in Ukraine. Near the end of 2013 and into 2014, ESET also published research documenting attacks against military targets and media outlets dubbed Operation Potao Express.

As before a homegrown cyber group known as Cyber Berkut executed DDoS attacks and web defacements, without causing much actual harm. It did, however, create a lot of confusion and that alone has an impact during times of conflict.

While calling on fellow Russian patriots to help punish Estonia, this was unlikely to have been a grassroots movement that sprung from zero with tools and a list of targets at the ready. The same tactics were later deployed by Anonymous in defence of Wikileaks, using a tool called the low orbit ion canon LOIC.

On May 4, 2007, the attacks intensified and additionally began targeting banks. Exactly seven days later the attacks ceased at midnight, as abruptly as they had begun.

Everyone immediately implicated Russia but attributing distributed denial of service attacks is near impossible, by design. It is now widely believed these DDoS attacks were the work of the Russian Business Network RBN, a notorious organised crime group in Russia with ties to spamming, botnets and pharmaceutical affiliate schemes. Their services appear to have been procured for precisely a week to conduct these attacks.

On July 19, 2008, a new wave of DDoS attacks began targeting news and government websites in Georgia. These attacks mysteriously intensified dramatically on August 8, 2008, as Russian troops invaded the separatist province of South Ossetia. Initially they targeted Georgian news and government sites before moving on to include financial institutions, businesses, education, Western media, and a Georgian hacker website.

Like the earlier attacks on Estonia, a website appeared featuring a list of targets as well as a set of tools with instructions for using them. This ruse also attempted to attribute the attacks to patriots defending against Georgian aggression, yet most of the actual attack traffic originated from a known large botnet believed to be controlled by RBN.

DIGITAL DEFACEMENT AND SPAM

The attacks on Georgia also included website defacements and massive spam campaigns designed to clog Georgian’s inboxes. All of this appeared to be designed to inspire a lack of confidence in the ability of Georgia to

Early in the conflict soldiers without insignias seized control of Crimea’s telecommunications networks and the only internet exchange in the region, causing an information blackout. The attackers abused their access to the mobile phone network to identify anti-Russian protesters and send them SMS messages saying, Dear subscriber, you are registered as a participant in a mass disturbance.

After isolating Crimea’s ability to communicate, the attackers also tampered with the mobile phones of members of the Ukrainian Parliament, preventing them from effectively reacting to the invasion. As noted in Military Cyber Affairs, disinformation campaigns kicked into full swing.

PARALYSING POWER SUPPLIES

On December 23, 2015, the power was abruptly turned off for about half of the residents of Ivano-Frankivsk, Ukraine. This is widely believed to have been the work of state-sponsored Russian hackers. The initial attacks began more than 6 months before the power blinked out when employees at three power distribution centres opened a malicious Microsoft Office document with a macro designed to install malware called BlackEnergy.

The attackers were able to acquire remote access credentials to the Supervisory Control and Data Acquisition SCADA network and take control of the substation controls to begin opening circuit breakers. The attackers then proceeded to brick those remote controls to prevent the breakers from being closed remotely to restore power.

Additionally, the attackers deployed a wiper to brick the computers used to control the grid and simultaneously conducted a telephone denial of service TDoS attack by clogging the customer service numbers, frustrating customers trying to report the outages.

Nearly one year later, on December 17, 2016, the lights blinked out once again in Kyiv. This time the malware responsible was called Industroyer, CrashOverride and it was immensely more sophisticated. The

malware was designed with modular components that could scan the network to find SCADA controllers and it also spoke their language. It also had a wiper component to erase the system. The attack didn’t appear related to BlackEnergy or the known wiper tool, KillDisk, but there was no doubt who was behind it.

EMAIL EXPOSURE

In June 2016, during a close Presidential election campaign between Hillary Clinton and Donald Trump, a new character named Guccifer 2.0 appeared on the scene claiming to have hacked the Democratic National Committee and proceeded to hand over their emails to Wikileaks. While not officially attributed to Russia, this appeared alongside other disinformation campaigns during the 2016 election and is widely believed to be the work of the Kremlin.

SUPPLY CHAIN ATTACKS: NOTPETYA

Russia’s persistent attacks against Ukraine weren’t over and they turned up the heat on June 27, 2017, when they unleashed a new piece of malware now dubbed NotPetya.

NotPetya was disguised as a new strain of ransomware and deployed through a hacked supply chain of a Ukrainian accounting software provider. In fact, it was not really ransomware at all. Although it would encrypt a computer, it was impossible to decrypt, effectively wiping the device and making it useless.

The victims were not limited to Ukrainian companies. The malware spread around the world within hours, mostly impacting organisations that had operations in Ukraine where the booby-trapped accounting software was used. NotPetya is estimated to have caused at least $10 billion in damage worldwide.

FALSE FLAGS

As the Winter Olympic games opened in PyeongChang on February 9, 2018, another attack was about to be unleashed on the world. The malware attack disabled every domain controller across the entire Olympic network, preventing everything from Wi-Fi to ticket gates from working properly. Miraculously, the IT team was able to isolate the network, rebuild and

remove the malware from the systems and have everything up and running for the next morning, barely skipping a beat.

Then it was time to conduct the malware analysis to attempt to determine who would want to attack and disable the entire Olympic network? Malware attribution is hard, but there were some clues left behind that might help, or they could be false flags trying to point the finger at an uninvolved third party.

The evidence appeared to point at North Korea and China, yet it was almost too obvious to attempt to blame North Korea. In the end, some brilliant detective work by Igor Soumenkov of Kaspersky Lab found a smoking gun that pointed directly at Moscow.

A few years later, just before the festive holidays in late 2020, word spread of a supply chain attack targeting the SolarWinds Orion software used to manage networking infrastructure for large and mid-size organisations around the globe, including many Federal Government agencies. The software update mechanisms had been hijacked and used to deploy a backdoor.

The high-profile nature of the victims, combined with the access afforded through the stealthily deployed backdoor may make this attack one of the largest and most damaging cyberespionage attacks in modern history.

From a global perspective, we should expect a range of patriotic freelancers in Russia, by which I mean ransomware criminals, phish writers and botnet operators, to lash out with even more fervour than normal at targets perceived to be against the Motherland.

It is unlikely Russia would directly attack NATO members and risk invocation of Article V. However, its recent gestures toward reining in criminals operating from the Russian Federation and their Commonwealth of Independent States CIS partners will probably come to an end, and instead we will see the threats multiply. ë

Opinions and comments are of the authors mentioned.

NotPetya is estimated to have caused at least $10 Bn in damage worldwide

CYBER SECURITY

BREAKING LEGACY AWAY FROM PRODUCTS

Top vendor executives share their latest innovations across XDR, API integration, algorithmic modeling, dashboarding, scoring, amongst others.

HIGH USAGE OF APIS AND VENDOR NEUTRAL APPROACH

Vectra allows detections, host, account scores, metadata to be accessed via APIs, striving to be vendor neutral enabling practitioners to build enterprise scale.

Hidden within the high volume of network communications from remote workers, corporate networks, and cloud instances there are small yet rich security insights available if security teams know how and where to find them. With Vectra, security teams can reduce the workload associated with such detections and analysis to increase their efficiency and effectiveness.

Using Lucene searches, organisations can quickly and easily explore the full-fidelity network security metadata, and even turn those searches into custom detections.

The same source security metadata is also analysed by Vectra’s automated attacker detection capability to surface indicators of hidden attacks in real-time that are active inside the organisations’ perimeter defences.

The Vectra platform is an AI-driven threat detection and response solution providing the fastest and most efficient way to see and stop cyberattacks. It is used by customers around the globe to see and stop attacks across hybrid and cloud-native apps, AWS and Azure environments, software-as-a-service SaaS applications such as Microsoft 365 using Identity as well as on Azure AD, in datacentre workloads, IoT, and everywhere expanding across enterprise networks.

Vectra prioritises threat behaviours that pose the highest risk to organisations, providing actionable data and automated response so security teams are always certain where to start hunting and investigating.

Vectra also allows all detections, host, account scores and metadata to be accessed via APIs and strives to be a partner while being vendor neutral. This enables security practitio-

ners to leverage best-in-class solutions to build world-class security infrastructures at true enterprise scale.

Vectra can detect this malicious intent by analysing how hosts, accounts, roles, and workloads are being accessed and how they interact in an organisations’ Microsoft 365 environment as well as any federated SaaS application using Azure AD.

Analysing data from both identity provider IdP services and cloud applications, custom machine learning models detect tell-tale attacker behaviours earlier in the kill chain. This gives security analysts a complete picture of their entire network and allows them to monitor accounts for compromise and insider threats.

Vectra seamlessly integrates with SaaS applications including Microsoft 365, SharePoint, OneDrive, Teams, and Exchange, as well as

attacks, regardless of if they target the resources individually or the instance itself.

By combining industry-best data science with security research to detect, prioritise, and stop attack campaigns, security teams get only the critical security events that matter and detailed help with how to fix them, and DevOps can deploy applications with speed and confidence knowing their environment is protected.

The Vectra Cognito platform enriches both cloud logs and network metadata with usable information like hostnames, so security teams can keep track of hosts as their IPs change, in addition to users as they authenticate between cloud and on prem workloads.

cloud Identity Providers, like Microsoft Azure AD, giving complete visibility into who is accessing them, regardless of how and from where.

By integrating with public cloud providers including Amazon Web Services AWS, and private cloud virtualisation platforms, and focusing on the control plane, Vectra detects

Patented machine learning models focusing on privileged access keep track of accounts, roles, and identities and how they normally behave, which translates to detection of account takeovers, privilege escalations, and credential abuse. This allows Vectra to give security professionals a complete view of attackers, and how attacks progress, regardless of where it starts, moves, and stops.

As a consequence of these investments in the channel, Vectra saw 40% year-on-year sales growth through its regional channel in 2021 and our METNA partners enjoyed growth of 90% over the same period, with deal registration rates rising by 300%.

Vectra prioritises threat behaviours that pose the highest risk to organisations

ANDREW SCHUMER Technical Director, Axon Technologies. Axon Technologies works with leading global ICS solution providers to deliver a complete, integrated service to the customer

AXON TECHNOLOGIES

RELEASING LATEST OFFERING IN RISK IDENTIFICATION AND MANAGEMENT

Axon Resolve, uses analytics to identify risks in a customer organisation but targets customers’ specific risk surface and connects to security services.

Axon Technologies is releasing its latest offering in Risk Identification and Management. The platform, known as Axon Resolve, uses analytics to identify risks in a customer organisation but targets the customers’ specific risk surface and connects to security services. These specific organisational identifiers are unique to each customer, offering higher fidelity than other risk identifying services in the market.

Axon Technologies helps customers with their cloud journey by delivering a robust attack surface management service. This service allows the customers to identify their managed and potentially unmanaged assets in the cloud and hybrid cloud environments, enabling complete understanding and visualisation of their collaborative environments.

Axon Technologies ensures that the remote workforce meets the highest standard of cyber hygiene. This service includes defence-in-depth monitoring and security control technologies at endpoints, mobile and corporate connection points.

Axon Technologies works with leading global ICS solution providers to deliver a complete, integrated service to the customer. Axon also provides worldclass ICS network awareness and monitoring with these solutions.

Axon Technologies’ consultancy service helps customers identify where supply chain disruptions can impact their business. Axon’s consultants help customers define a resilient strategy that builds upon disaster recovery and operational integrity. Axon customers are now provided with a strategic, operating business model that considers supply chain vulnerabilities and supply chain attacks.

CONNECTED WORLD COMPLICATED DUE TO VISIBILITY GAPS

Regional CISOs need capacity to track performance, availability, security risk levels in real-time, everywhere, for any application, on any infrastructure.

The connected world has become more complicated due to digital transformations, cloud migration, and the hybrid workforce, and visibility gaps have hampered problem resolution.

NETSCOUT Visibility Without Borders provides visibility across hybrid cloud and co-location environments. It will give regional CISOs the capacity to track and link their performance, availability, and security risk levels in real-time, everywhere, for

any application, on any infrastructure.

NETSCOUT Smart Edge Monitoring provides insight across ever-changing, multi-cloud environments, allowing you to resolve performance issues affecting digital services across technological and organisational boundaries.

People are doing their jobs everywhere. Some people work from home, others from corporate headquarters, while others split their time between the two.

Digital transformations and hybrid cloud make it more difficult to deliver consistently high-quality results, and the changing workforce dynamic adds another layer of complexity to IT’s job.

NETSCOUT Smart Edge Monitoring is more important than ever before for providing unrivalled visibility into performance and security issues that affect any user, wherever they are. Smart Edge Monitoring ensures a high-quality end-user experience for anyone, regardless of their workplace, in any network, location, or service.

Internal web properties are used by the supply chain and other business partners in industries such as manufacturing, pharmaceuticals, and healthcare. Today’s sophisticated cyber attackers are after all of these sectors.

With the advent of its revolutionary, scalable network security software solution, Omnis Cyber Intelligence, NETSCOUT has made use of ISO certification standards OCI. OCI is based on the industry’s most widely used network monitoring and packet recording and analysis technology. It monitors and examines unusual activity in real-time, preventing dangers from spreading throughout the supply chain.

Today’s sophisticated cyber attackers are after all of these sectors

DATA DOES NOT LOSE ITSELF, PEOPLE LOSE DATA

Legacy solutions fall far short in actually preventing, detecting, and investigating data loss incidents in real time or immediately after they occur.

Data doesn’t lose itself. People lose data, and organisations are increasingly adopting data loss prevention strategies to manage that risk. Unfortunately, legacy products fall far short in actually preventing, detecting, and investigating data loss incidents in real time or immediately after they occur.

Proofpoint has firmly established itself as a DLP leader and just last month, we invested in our Information and Cloud Security platform by acquiring Dathena, an innovator in artificial intelligence-powered data protection.

By integrating Dathena’s multi-patented, next-gen AI and ML engine into our peoplecentric DLP solutions will provide our customers with unparalleled data protection and help them meet their challenging internal and regulatory compliance requirements.

The global shift to hybrid working models has increased organisations’ reliance on collaboration platforms and cloud technologies to maintain business continuity while employees are working from anywhere. In addition, organisations are creating and moving more data than ever, with significant amounts of this data being stored in the cloud.

This in turn creates increased security risks for organisations, the more cloud-based platforms they are using, the greater their attack surface.

Proofpoint data shows that 66% of CISOs in the UAE agree that remote working has made their organisation more vulnerable to targeted cyberattacks, with 76% revealing they had seen an increase in targeted attacks in the last 12 months.

Proofpoint’s cloud security solutions provide

people-centric visibility of email and cloud threats which helps organisations identify at-risk users and protect their accounts and data. Based on risk factors, powerful analytics and adaptive controls grant the right levels of access.

In 2021, Proofpoint announced the industry’s first cloud-native information protection and cloud security platform, combining the power of Proofpoint CASB with our remote browser isolation and Zero Trust Network access solutions to couple access control with threat and data protection for applications, which is crucial in the current cloud-based work-from-anywhere world.

Over 90% of targeted attacks start with email, including phishing, multi-stage attacks, cloudbased threats, BEC and EAC – this includes

supply chain attacks, such as invoicing fraud.

Proofpoint’s Targeted Attack Protection TAP detection analyses and learns from potential threats to provide the most comprehensive protection against the ever-changing threat landscape.

The solution enables customers to detect and stop more threats, faster and improve operational effectiveness. It provides every single customer the same protection through community-shared intelligence. Everything we learn from the threats we see is correlated into the solution to provide the best security and visibility for our customers to stay ahead of the threat landscape.

EMILE ABOU SALEH

Senior Regional Leader META, Proofpoint.

66% of CISOs in UAE agree that remote working has made their organisation more vulnerable to targeted cyberattacks

MANDIANT

EFFECTIVE SECURITY IS BASED ON EXPERTISE AND INTELLIGENCE

The decision and machine learning models in Mandiant Advantage that automate processes have been trained by-and-based-on how Mandiant experts respond to threats.

Mandiant helps CISOs protect their organisations against advanced and emerging threats including supply chain vulnerabilities. Mandiant’s managed detection and response, MDR service defends businesses across endpoint, network, cloud, email and operational technology to surface impactful events and leverage proven response tactics. Managed Defense integrates frontline knowledge and attacker research to protect customers at speed and scale.

Mandiant’s MDR experts can help organisations stop attacks and resolve incidents without impact or the need for a formal Incident Response engagement. It also proactively hunts for hidden malicious activity and cyber-attacks and provides a portal where security teams can see hunting activities in real-time.

The Mandiant Advantage platform is built on the belief that effective security is not based on controls alone, but on the expertise and intelligence behind them. The decision and machine learning models in Mandiant Advantage that automate processes have been trained by-and-based-on how Mandiant experts respond to threats.

They continuously adapt to the new threat intelligence and information from within the customer’s environment. Automated Défense, one of four modules within Mandiant Advantage, leverages this insight to detect and respond to incidents at machine speed, delivering Mandiant expertise at scale to the SOC.

For a while now, we have monitored the increase in financially motivated threat activity that directly impacts operational technology, OT networks. Most of the players behind these types of activities are unlikely to distinguish between IT and OT or have a special interest in OT assets.

Their goal is to make money and have demonstrated the skills needed to operate in these networks. We can provide products and services that will tackle breaches confidently Mandiant’s Incident Response, increase resilience to risk Mandiant’s Strategic Readiness and test how well your security programme performs Mandiant’s Technical Assurance.

Emerging Region, Mandiant. Their goal is to make money and have demonstrated the skills needed to operate in these networks

LEON

VP of Product Management, ThreatQuotient.

ThreatQ provides aggregated views and automated analysis of threats

The objective of Extended Detection and Response is exactly what ThreatQuotient has been building towards since the very first days of the ThreatQ platform; this all took place before the term XDR was adopted by the industry.

The ThreatQ DataLinq engine imports and aggregates external and internal data; curates and analyses data for decision-making, automates action; and exports a prioritised data flow across the infrastructure for additional prevention, and accelerated detection and response.

A key capability to enable this is the ThreatQ Marketplace, home to integrations with hundreds of different products and datasets.

Over the past year, ThreatQuotient has made investments such as additional headcounts for partner marketing, improved their reporting on the channel’s impact to their revenue vs MSSPs or SIs, and implemented referral agreements for partners going through distribution.

THREATQUOTIENT

FOCUS ON THREATQ MARKETPLACE, HOME TO INTEGRATIONS

ThreatQuotient has invested in headcounts for partner marketing, improved reporting on channel’s impact on revenue, implemented referral agreements for partners.

Aregional CISO needs to know what threats are most relevant to their extended business operations, including critical elements identified within their supply chain. ThreatQ provides aggregated views and automated analysis of these threats. This enables the SOC to identify and respond to the most meaningful, and possibly impactful vulnerabilities, campaigns, adversary TTPs, faster, and with greater efficiency through automation and coordination of people, systems, and tools.

ThreatQuotient is also taking the initiative to formalise their onboarding and training process and plan to have a self-service partner portal with a library of sales and technical information to better inform and benefit their partners.

Moreover, the company signed on distributor partners to help broaden ThreatQuotient’s reach, especially for emerging markets, simultaneously meeting the requirements of end customers while also leveraging local partners those customers are familiar and prefer doing business with.

Considering the pandemic, ThreatQuotient had to adapt their channel strategy to make the most of the situation. The lack of in-person meetings and events contributed to better email communications, more materials to support the upcoming partner portal launch, and time spent training their partners over Zoom.

By extension, ThreatQuotient’s channel goals for 2022 include improving partner technical skills, encouraging partners to sell a broader part of their portfolio and boosting partner sales of newly launched products and services.

INTEGRATING 20 TRILLION ASPECTS OF THREAT, VULNERABILITY, ASSETS

Tenable’s predictive technologies are based on trillion aspects of threat, vulnerability, with machine learning algorithms to predict exposure points.

Tenable’s vision is to help its customers calculate, communicate and compare their cyber risk. Tenable’s predictive technologies are based on 20 trillion aspects of threat, vulnerability and asset information with machine learning algorithms to predict critical exposure points before they can be leveraged in an attack. This feeds into Tenable’s Vulnerability Priority Rating, VPR capability, which is 22x more efficient than CVSSv3 in predicting vulnerabilities in indicators of compromise IoC over the next 28 days.

Cloud adoption has exploded, particularly to accommodate a hybrid workforce. However, discovering and prioritising vulnerabilities in a cloud environment is only half the battle. Organisations need to shift left with cloud security to find and remediate vulnerabilities before they reach production.

Tenable.cs is its developer-friendly, cloudnative application platform that enables organisations to secure cloud resources, container images and cloud assets, providing end-toend security from code to cloud to workload. Organisations can also secure Infrastructure as Code IaC before deployment, maintain a secure posture in runtime and control drift by synchronising configuration between runtime and IaC.

Organisations have shifted from being largely office-bound to nearly entirely remote. Unfortunately, in tandem, cyberattacks proliferate as organisations’ attack surfaces expand. When looking at how these attacks play out, in the vast majority of cases, bad actors typically go after known but unpatched vulnerabilities to gain a toehold into the organisation, then pivot focus to Active Directory and the identity infrastructure to escalate privileges and move

laterally.

Managed in the cloud and powered by Nessus technology, Tenable.io provides the industry’s most comprehensive vulnerability coverage. Combined with Tenable.ad’s proactive, risk-based approach to AD security enables organisations to see all their vulnerabilities, predict which pathways attackers may target, and act to detect, shut down and prevent attacks.

At the heart of every industrial facility is a network of industrial control systems comprised of purpose-built controllers. Without complete visibility, security and control across the converged IT and OT, the likelihood of getting attacked is not a matter of if; it’s a matter of when.

Tenable.ot protects industrial networks from cyber threats, malicious insiders, and human error. From complete visibility across the entire

JADALLAH, Senior Director Middle East and North Africa, Tenable.

across all sites and their respective IT and OT environments.

The SolarWinds and Kaseya attacks have heightened concerns about the integrity of the software supply chain. The ramification is that, if a supplier is breached, an attacker will look to traverse across to other connected networks and systems.

By combining Risk-Based Vulnerability Management Tenable.io or Tenable.cs with Active Directory security Tenble.ad, these attack paths can be disrupted. This powerful combination affords CISOs visibility into all connected devices from IT and cloud devices to remote worker endpoints and OT devices allowing continuous, dynamic assessment of all assets and vulnerabilities.

Dynamic monitoring of Active Directory user databases identifies misconfigurations to address and can detect any attempts for lateral movement.

attack surface to threat detection and asset tracking, vulnerability management, and configuration control, Tenable’s Industrial Control System ICS security capabilities maximise the safety and reliability of OT environments. The solution delivers deep situational awareness

At Tenable, we understand that aligning ourselves with the right partners is critical to our mission of empowering organisations to manage and measure their modern attack surface. Tenable’s channel strategy is tailored for each country to address the market dynamics and provide the needed support for local partners. We recently confirmed that our technology ecosystem globally has reached 100 partners and 200 unique integrations.

Dynamic monitoring of Active Directory can detect any attempts for lateral movement

BLENDING MACHINE LEARNING AND PRIVILEGED ACCESS

Delinea’s privileged access management solutions use machine learning algorithms to observe how privileged users behaves to create individual user baselines.

As organisations continue their cloud transformations, they are faced with increasingly complex environments and more challenging privileged access requirements for securing an expanded threatscape. Delinea is a leading provider of PAM solutions that empower seamless security for the modern, hybrid enterprise.

Delinea’s cloud-ready solutions put privileged access at the centre of cybersecurity strat-

Delinea’s solutions are complimentary with XDR solutions

egies by managing access to critical infrastructure and sensitive data using streamlined, easy-to-use secrets management tools. Delinea’s products control and elevate privileges by authenticating and authorising centralised identities for least privileged access. Users get access when and where they need it, only for as long as needed.

Delinea believes every user should be treated like a privileged user and provided seamless secure access. No matter who is using it, they want it to be invisible and to work seamlessly. Delinea’s on-premises and cloud-delivered solutions are designed to empower seamless privileged access no matter what the user’s role is, where they are, or on what device.

And, Delinea’s solutions do not require a VPN, which can open up unnecessary access to the entire network and increase risk. Whether in the cloud or onpremises, Delinea’s solutions are readily customisable, scalable for growth, and powerful enough to secure any hybrid organisation.

Privileged access controls need to be adaptive to the risk context. Delinea’s privileged access management, PAM solutions including Privileged Behaviour Analytics, PBA use machine learning ML algorithms to carefully observe and analyse how every privileged user accessing Secret Server behaves, using key data points to create individual user baselines, including User activity, Secret Access, Secret Sensitivity, Similar User Behaviour, and Time of Access.

Once baselines are established, PBA can automatically alert administrators when users are acting outside of their normal behaviour patterns, an early sign of account compromise or insider threats. Additionally, Delinea’s solutions are complimentary with XDR solutions.

OFFERING 24X7 SECURITY OPERATIONS AND RESPONSE SERVICES

du’s security solutions are managed by in-country cybersecurity defence centre keeping pace with technologies, compliance, trends that impact enterprise security.

As remote work, learning came into effect due to pandemic, du observed a significant increase 300% across telework, collaboration tools as well as e-learning tools. In a very short time, the telco was able to manage to expand its network in order to absorb the traffic surge. It also increased uplink capacity and doubled all customers’ speed to 500Mbps and 1Gbps.

du’s cybersecurity solutions enable organisations to manage risk, take a proactive approach to security, and adopt digital solutions with confidence. Its security experts design, build and manage solutions covering Network Security, Workload Security Applications Data Security and Access Management.

The telco’s cyber security solutions are managed by in-country cybersecurity defence centre to keep pace with the latest security technologies, compliance requirements and trends that impact enterprise security. Companies gain instant access to the expertise, technology and scale you need to protect your digital enterprise and accelerate growth.

du’s Cybersecurity Defence Centre brings together 24x7 security operations centre and response services. It uses an integrated approach, encompassing people, process and technology to address cybersecurity risks in even the most complex environments. du offers 24x7x365 security monitoring that enables early, effective detection with integrated intelligence services.

du’s mission is to deliver security capabilities, enabling clients to improve and scale the protection of public, hybrid and private cloud infrastructure. Clients benefit from its integrated, multi-layered security platform

purposely built for the cloud and delivered as a service ensuring highest level of security for their most critical assets.

The telco offer 24x7 security monitoring and management and its cloud security services are PCI DSS-ISO 27001:2005, powered by leading global technology partners.

du’s AI solutions help to future-proof operating models and support business challenges, ensuring maximum value generation in clients’ AI adoption journey. In a world that is constantly changing, du’s product portfolio enables clients to digitise customer journeys, make rapid and precise decisions with artificial intelligence, and automate more of their internal processes.

du’s local experts in multi-cloud and hybrid cloud environments help CISOs to develop and execute on their cloud strategy and maximise the value of digital transformation in their organisations.

The telco provides cloud management,

datacentre solutions, enhanced enterprise connectivity and infrastructure as a service that increases agility, reduces risk and simplifies a complex ICT ecosystem. The clients can then reduce their cost base while scaling up to serve new demand with a secure and consistent experience, du helps them migrate to cloud and manage their digital infrastructure with a purpose-built model designed to be seamless and secure.

Through e-Procurement, du is connected with suppliers and business partners electronically on 24x7 basis. du’s specialised teams for Network, IT, Commercial Sourcing and Procurement Operations are at the forefront of building solid vendor partnerships.

du has designated employees to offer coordination and support on du processes and procedures as well as provide du Sourcing System training and support to SME suppliers whilst working closely with the government procurement team to identify the best SME partners.

As remote work, learning came into effect due to pandemic, du observed a significant increase 300% across telework

DESIGNED TO BE CLOUD-SCALE AND CLOUD-DELIVERED

ColorTokens’ Xacces enables secure access for remote employees, from distributed locations as they connect with their cloud or datacentre-based applications.

Digital transformation has led to applications, services, and data distributed across datacentres and the cloud. Traditional security approaches like VPNs no longer work as they cannot enforce granular, identity-based access, thereby exposing large attack surfaces to malicious actors.

ColorTokens’ Xacces enables secure access for remote employees, third parties, and contractors from distributed locations as they connect with their cloud or datacentre-based applications without exposing the application or workload to the internet. As a result, the enterprise attack surface is drastically reduced, preventing lateral movement and minimising breach risk.

Our product is designed to be cloud-scale and cloud-delivered with no hardware or architecture constraints.

To be competitive in today’s world, organisations need to be able to ship software faster. To accelerate application development, organisations are increasingly relying on integrating with open sources software, cloud PaaS services, and 3rd party libraries. This approach requires organisations to not only validate home-grown software but the entire software supply chain.

ColorTokens provides application supply chain vulnerability scanning to ensure all the libraries are thoroughly inspected. ColorTokens also scans all container images for vulnerabilities and malware to ensure early detection of supply chain risks.

At runtime, ColorTokens platform blocks all unauthorised communications, between applications and any external systems, or between systems.

Organisations adopting the cloud can be in either one or both of these categories.

Lift-and-shift: When applications hosted in the datacentre are migrated to the cloud, organisations should ensure that security moves with them. ColorTokens’ policy engine ensures complete policy portability from the datacentre to the public cloud with zero business disruption

ReBorn in the cloud: Organisations are also re-architecting legacy applications using container and micro-services as part of the cloud journey. ColorTokens delivers comprehensive protection that’s custom-made for those born in the cloud application with capabilities such as deep OS and application vulnerability scan-

The ColorTokens partner programme gives resellers, GSI’s, and MSP’s an opportunity to offer their customers a market-leading solution in order to achieve a Zero Trust posture whilst also assisting them to stay relevant in a fast moving market.

The fully cloud-based offering allows a partner to deliver value at speed and scale whilst supporting and guiding customers through a major transition point in their business and their need to remain secure regardless of where the data resides.

ning, cloud misconfiguration detection, and risk prioritisation.

ColorTokens Xtended ZeroTrust Platform is a cloud-delivered solution that secures critical assets, including applications, endpoints, workloads, and user access with 4 key modules.

Many partners are seeing a transition away from hardware and capital purchases storage, server, networking to SaaS and with the cloudbased model, we increase recurring revenues to allow a smooth migration from their traditional sources of income. We have various subscription license discounts and additional business-aligned discounts for our partners.

Partner onboarding happens through a sophisticated partner portal that seamlessly facilitates training and provides access to all key resources.

ColorTokens provides application supply chain vulnerability scaning to ensure libraries are thoroughly inspected

WHAT IS YOUR BREACH LIKELIHOOD SCORE?

SAFE provides enterprises visibility on their breach likelihood, based on the risk faced through their cloud infrastructure with individualised scores.

SAFE is a SaaS cybersecurity and cyber risk quantification platform. It uses a Supervised Machine Learning engine to give an output in the form of a Breach Likelihood Score between 0-5 and the potential financial risk an organisation faces within the next twelve months.

With one of the world’s largest API repositories, SAFE takes input from signals across people, processes, technology, cybersecurity products such as XDR, EDR, CASB solutions, UEBA, and third parties. SAFE also provides prioritised actionable insights and enables businesses to measure, manage, and mitigate enterprise-wide cyber risk.

SAFE provides enterprises with visibility on their breach likelihood, based on the risk faced through their cloud infrastructure with individualised scores across the hybrid or allon-cloud environments.

This score is an output of all the cybersecurity feeds, external threat intelligence and Frequency-based EC2, S3, and IAM Rules Assessments, Cloud Security Configuration Assessments, and many more - SAFE integrates with popular SaaS tools such as AWS, Azure, O365, and GCP, through API hooks.

With SAFE, regional CISOs get integrated, proactive visibility of their cloud risk posture along with the potential financial impact of a data breach.

Employee risk can arise as a result of who they are, their history and status of employment, what devices they own, how they access critical information, what level of access they have, and why. Most organisations deploy mul-

tiple products and cyber-awareness initiatives to secure their workforce. These work in silos and don’t provide comprehensive visibility into the overall and per employee risk.

What is required is to aggregate all signals from cybersecurity services such as UEBA, company policies, operating system updates, and more, to curate an employee risk score, enabling CISOs to proactively secure workforce cybersecurity risk.

Safe Security is the only solution that provides a comprehensive breach likelihood score for an enterprise across their third, fourth, and nth parties.

SAKET MODI Co-Founder and CEO, Safe Security.

With SAFE, CISOs can perform true, deployment-less 360o third-party risk management and automate their third-party risk monitoring. With seamless API integrations, SAFE’s repository of 110+ controls helps CISOs evaluate both, endpoints and infrastructure

of their vendors and provides insight into the financial impact of potential data breaches. In addition, SAFE’s recommendation engine provides prioritised actionable insights to help CISOs proactively manage supply chain vulnerabilities.

One of our key pillars of growth has been our customer-first strategy and approach. When we partner with global SIs and regional partners, it provides an end-to-end cyber risk management solution for customers, and this is why we have a partner-led approach. Partners include SAFE within their Managed Security Service offering, or SAFE is layered over the licenses they are selling to customers to ensure seamless deployment, onboarding, and maintenance. Our internal team works cohesively with MSSPs to ensure businesses get the best that is available.

This opens up the opportunity for partners to be more relevant and meshes well with their own services. We have a very aggressive partner strategy to drive our global expansion.

SAFE integrates with popular SaaS tools such as AWS, Azure, O365, and GCP, through API hooks

FOCUS ON CLOUD, IOT, XDR

The company announced it has added a new regional data centre in the UAE to deliver its Cloud-to-Cloud Backup from within the country.

Most recently, the company announced it has added a new regional data centre in the UAE to deliver its Cloud-to-Cloud Backup from within the country. The solution offers ease of use for Office 365 data, giving organisations the flexibility to restore Teams, Exchange, SharePoint, and OneDrive data either fully or with highly granular detail.

Barracuda CloudGen Access, a Zero Trust Network Access solution, provides secure access to applications and workloads on any device, from any location, on any infrastructure. With it, remote teams get fast, seamless access to corporate assets while keeping risk low.

Barracuda CloudGen Access continuously verifies that only the right person, with the right device, and the right permissions can access company data or apps. The solution enables secure access to SaaS and legacy applications for employees and 3rd parties, simplified DevOps access in multi-cloud environments, and granular BYOD access policies and identity-driven device security.

Barracuda has a dedicated product line for IoT use cases, built on integrated security technologies that the company has been using in its IT security solutions for decades. The company’s offer Barracuda IoT Connect which automates industry best practices and lets its customers manage everything from a single, easy-to-use cloud portal, thereby dramatically reducing resource requirements while at the same time accelerating deployment.

Barracuda entered the XDR market in the second half of 2021 through its acquisition of Skout Cybersecurity. By adopting Skout’s XDR platform, along with the company’s security team, Barracuda is able to offer real-time continuous security monitoring to managed service providers, or MSPs, enabling them to address threats more efficiently.

With Barracuda Sentinel, the company offers AI-based Office 365 protection. The solution combines artificial intelligence, deep integration with Microsoft Office 365, and brand

protection into a comprehensive cloud-based solution that guards against business email compromise, account takeover, spear phishing and other cyber fraud.

Barracuda enables organisations to automate security policy compliance in the cloud. With its Cloud Security Guardian solution, the company enables continuous scanning of its customers’ public-cloud infrastructure to detect misconfigurations, actively enforce security best practices, and remediate violations automatically before they become risks.

The solution offers ease of use for Office 365 data, giving organisations the flexibility to restore Teams, Exchange, SharePoint, OneDrive

Synology announces Beta release of DiskStation Manager

7.1 with storage, system enhancement

Synology announced the Beta release of DiskStation Manager 7.1, giving system admins a chance to test out the expanded functionality. DSM 7.1 builds further on the massive platform upgrade introduced with DSM 7.0 and introduces many innovative enhancements designed to address IT challenges.

DSM 7.1 brings key improvements to the storage management experience. Starting with the introduction of file aggregation portals, it adds SMB DFS capability to enable administrators to link together multiple Synology systems, providing more convenient file access for end users by removing the need to remember separate addresses.

The new user interface introduced in 7.0 has been further optimised by consolidating background tasks into an administrator-friendly overview that provides greater transparency into what is happening on the system, even across different user accounts. For Synology High Availability clusters, users can now view and manage drives on both systems from a single instance of Storage Manager for easier

maintenance and management.

On the performance side, DSM has long supported flash caching to boost random IO performance cost-effectively. This new version will further economise SSD caching with the ability to speed up multiple storage volumes at the same time.

DSM 7.1 introduces complete, bare-metal level backups of the entire system. Powered by Synology Active Backup for Business, the ability to clone and replicate the entire Synology system greatly accelerates recovery time objectives RTO in the event of a total site failure. Full system restoration capability also introduces a quick and convenient way to deploy identically configured systems.

In tandem with DSM 7.1, Synology is launching several major enhancements to applications and services.

l Active Backup for Business: bandwidth control, expanded monitoring and reporting capabilities, and support for DSM backups

l Active Insight: centralised login activ-

ity monitoring and Hyper Backup task statuses

l Synology C2 Hybrid Share: server-side snapshots for better file protection

l Directory Server: support for read-only domain controllers to improve deployment security and flexibility

l Synology Drive: revamped mobile user experience and improved monitoring auditing capabilities

l MailPlus: Virtual DSM support, expanded management options, importing and migration improvements

l Virtual Machine Manager: storage IO performance improvements and QoS capabilities

DSM 7.1 Beta and companion applications and services will be available starting today as part of Synology’s pre-release program. Interested users are invited to install the pre-release software on non-production or virtualised systems.

Salesforce releases Global Net Zero Cloud 2.0 to cut emissions using what-if scenarios

To help organisations accelerate their own journeys to net zero emissions, Salesforce is making Net Zero Cloud 2.0 — a solution that tracks greenhouse gas emissions — available globally. Net Zero Cloud 2.0 has been completely rebuilt to offer trusted reporting, deeper insights, and supplier management so that organisations can go net zero now.

With Net Zero Cloud 2.0, organisations can get sustainability insights with powerful Tableau CRM dashboards to achieve their climate goals and act with:

l Carbon Footprint Forecast: Organisations can find the fastest path to net zero with ‘what-if’ analysis to visualise progress and alignment to their climate action commitments.

l Science-Based Targets: Setting goals in line with sciencebased targets and measuring progress.

l Supplier Management: Track scope 3 emissions across the entire value chain and help suppliers and distributors reduce emissions.

l Waste Data Management: Organisations can upload and track hazardous and non-hazardous waste management data and treatment methods like landfilled, composted, or combusted — all in one place.

MMD launches B Line LCD SmoothTouch monitors from Philips in Middle East

MMD, brand license partner for Philips monitors, announced the launch of the new B Line LCD SmoothTouch monitors in the Middle East. The Philips 162B9T monitor comes with a 16” panel , 1366 x 768-pixel resolution, and Philips 242B9T 24” panel, 1920 x 1080-pixel resolution offering a brilliant interactive display.

The Philips New B Line SmoothTouch is sturdier compared to other monitors thanks to the water and dust resistant touch screen. Along with that, the monitor is for flexible enough to be used anywhere and comes with an articulating stand to fit angle that suits you. These features offer simple and intuitive use across applications and greatly boosts up productivity.

The new Philips B Line LCD SmoothTouch monitors 162B9T and 242B9T uses projected capacitive 10-point touch technology for a fluid response. You can fully utilise the new capabilities of touch-based applications and even bring your older applications to life from touch-type with 10 fingers or play exciting interactive

Regulatory change may soon require organisations to report on ESG matters, and many countries are already disclosing their climate-related financial risks and opportunities. Legislatures and regulatory agencies in the United States are also considering disclosure rules. A bill that would require companies to disclose all greenhouse gas emissions is moving through the California legislature; and the U.S. SEC has solicited public input on voluntary climate change disclosures.

In this new era of climate accountability, organisations’ carbon data will need to be as trusted as their financial data. Organisations will also need to know how to reduce emissions in a credible and meaningful way.

games with your friends. You can also collaborate with colleagues interactively at a work or school environment to increase your productivity and efficiency.

For less than perfect environments, you need a monitor meets the international IP rating for water and dust resistance that is designed to hold up to the splashes of water and dust. Ingress Protection IP ratings defined in international standard IECEN 60529 and are used to define levels of sealing effectiveness of electrical enclosures against intrusion from foreign bodies and moisture which both Philips 162B9T and 242B9T fully supports.

Cybereason announced availability of AI-driven, Petabyte scale, XDR for Cloud Workloads

Cybereason, announced availability of its next-generation Cybereason XDR for Cloud Workloads, leveraging AI-driven behavioural analysis to deliver runtime protection, detection and response to protect cloud workloads and containers across both native and hybrid cloud environments at petabyte scale.

Comprehensive visibility across an organisation’s entire network infrastructure is the key to detecting malicious activity targeting cloud workloads and containers. Competing offerings are forced to filter crucial threat telemetry, where the Cybereason MalOp Detection Engine is capable of processing all relevant telemetry at petabyte scale, enabling security analysts to understand the full scope of cyberattacks in real time.

Key components of the solution include:

l Protecting Workloads Everywhere with Minimal Impact: Organisations today operate in a complex world with data and workloads on-premises, in the public cloud at the edge and in hybrid configurations. Cybereason XDR

for Cloud Workloads is designed to protect workloads and containers wherever they reside or move across infrastructure. The offering extends Kubernetes integration and powerful sensors across the environment, providing effective threat detection and prevention with minimal performance impact and workflow disruption.

l Delivering Visibility that Bridges DevOps and SecOps: Cybereason XDR for Cloud Workloads provides SecOps and DevOps teams with visibility, automation and customisation capabilities in an intuitive platform. Breaking down silos between SecOps and DevOps teams increases operational efficiency and decreases response times. Built from the ground up to bridge the gap between DevOps and SecOps teams, Cybereason XDR for Cloud Workloads delivers frictionless operations scale, and improves understanding of an organisation’s security posture with minimal operational costs.

l Providing Correlated Detections and Auto-

mated Response at Petabyte Scale: Cybereason XDR for Cloud Workloads leverages the proprietary MalOp Detection Engine to transform petabytes of data from the public cloud, on-premises data centres and hybrid environments into a single attack story for a comprehensive view of threats across the network, cloud workloads and the Kubernetes control plane for a comprehensive threat profile.

Azure Marketplace

Microsoft Azure Marketplace users can now use committed Azure spend to streamline the purchase of SolarWinds database products

SolarWinds announced its database performance monitoring products are now available as fully-transactable solutions in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. Organisations can now fulfil their license subscriptions for SolarWinds database performance management products with their Azure

consumption commitment benefit under their Microsoft Azure Consumption Commitment. Organisations that take advantage of the

offer can simplify the purchase, deployment, management, and renewal of SolarWinds database products to receive the in-depth performance and environmental data teams need to optimise the performance of Microsoft SQL Server and other leading database platforms running on-premises, in the cloud, or in hybrid environments.

SolarWinds database performance management solutions provide intelligent recommendations based on best practices for faster troubleshooting to help accelerate data delivery while controlling costs. The cross-platform solutions help data pros manage complexities and provide them with the visibility needed to proactively optimise the performance of databases—to mitigate the risk of business interruptions, regardless of where the databases run.

The Azure Marketplace is an online market for buying and selling cloud solutions certified to run on Azure. The Azure Marketplace helps connect companies seeking innovative, cloud-based solutions with partners who have developed solutions that are ready to use.

SolarWinds announces its database monitoring products now available in Microsoft

Red Hat OpenShift Data Foundation is

included

Red Hat OpenShift Platform Plus

Red Hat, announced that Red Hat OpenShift Data Foundation is now included in Red Hat OpenShift Platform Plus, bringing data services, including software-defined storage, to the industry’s leading enterprise Kubernetes platform in a single holistic solution. Red Hat OpenShift Platform Plus provides a complete, multicloud Kubernetes stack out of the box, addressing crucial needs of DevSecOps and application development professionals.

The addition of Red Hat OpenShift Data Foundation gives developers a consistent data platform with persistent storage that can span clouds and infrastructure, combined with data management capabilities for IT operations teams.

Kubernetes is the de facto standard in container orchestration and provides the powerful engine to bring about orchestration at scale, but it requires additional components to truly match enterprise needs for building and running modern applications. Red Hat

BeyondTrust

announces IT-OT remote privileged access for employees, contractors, vendors

BeyondTrust, announced the release of BeyondTrust Privileged Remote Access 22.1, which empowers IT OT teams to control, manage, and audit remote privileged access by authorised employees, contractors, and vendors — without compromising security. Organisations can enforce least privilege, exert granular control and visibility, and layer on advanced credential security over remote access for employees and third parties.

Allowing third-party remote access comes with many potential security risks. Vendors authorised to access the network and applications might not adhere to the organisation’s same level of security protocols. They might use weak or default passwords or share a single

set of credentials among multiple individuals. VPN is another risky practice for extending access to third parties, as they are a target for hackers to compromise the supply chain.

To reduce these attack surfaces, BeyondTrust Privileged Remote Access provides greater control over remote vendor access by eliminating all or nothing access. All connections are brokered through a single access pathway, with granular, role-based access to specific systems and defined session parameters.

BeyondTrust Privileged Remote Access enforces least privilege, granular control and visibility, and layered credential security over remote access for employees and third parties

providing flexibility and efficiency for IT operations teams.

l Red Hat Advanced Cluster Security for Kubernetes, to help secure software supply chains, infrastructure and workloads.

l Red Hat Advanced Cluster Management for Kubernetes, for end-to-end visibility, management and control of Kubernetes clusters across a hybrid and multicloud environment.

l Red Hat Quay, to provide a global and scalable container registry for a consistent build pipeline that spans infrastructures with images analysed for security vulnerabilities, identifying potential issues that can help mitigate security risks.

OpenShift Platform Plus brings together the necessary capabilities that provide a consistent way to secure, protect and manage applications throughout the software lifecycle across Kubernetes clusters -- even across different cloud infrastructures.

Red Hat OpenShift Platform Plus includes:

l Red Hat OpenShift Container Platform, a consistent hybrid cloud foundation built on Kubernetes that helps developers code and deliver applications with speed while

l Red Hat OpenShift Data Foundation Essentials, to provide built-in cluster data management for containerised workloads, uniformly across hybrid and multicloud environments.

With Red Hat OpenShift Platform Plus, organisations have a single solution with the tools and functionality to accelerate cloudnative initiatives and adopt DevSecOps across the entirety of the hybrid cloud including at the edge.

Red Hat OpenShift Platform Plus adds Red Hat OpenShift Data Foundation, building a full-featured, complete hybrid cloud platform to address cloud-native computing requirements

now

in

Acer announces i7 based Predator Triton 500 SE, Helios 300 Notebooks in UAE

Acer has announced the arrival of its all-new Predator Triton 500 SE and the Predator Helios 300 Notebooks in the UAE. Both Notebooks offer advanced specifications for gamers, from professionals to beginner levels, in two impressive machines powered by the 11th Intel Core i7 Processor.

The all-powerful gaming machines are supported by Acer’s 5th Gen AeroBlade 3D Fan, a custom engineered fan with eighty-nine 0.8 mm 0.003 in metal blades that generate 55% more airflow than a plastic fan. The devices use Acer’s Vortex Flow Design concept, a strategically organised cooling layout designed to generate aerodynamic flows to enhance cooling on the CPU and GPU, and additionally lower the chassis’ skin temperature ensuring that everything runs cool.

Both Notebooks are also offered with the latest Windows 11 Home update, for a beyond efficient performance.

Qualys launches industry’s first context aware XDR supported by Qualys Cloud

Qualys unveiled Qualys Context XDR, the industry’s first context-aware XDR. Powered by the highly scalable Qualys Cloud Platform, the solution combines rich asset inventory and vulnerability context, network and endpoint telemetry from Qualys sensors, along with high-quality threat intelligence and third-party log data to identify threats quickly and reduce alert fatigue.

Protecting environments against an overwhelming and constantly evolving threat landscape is frustrating when detecting and

responding to cybersecurity threats using siloed products that provide a narrow view of the attack. Current SIEM and XDR solutions passively and reactively collect disparate, unrelated logs creating an avalanche of notifications that place the burden of correlation and prioritisation on the analyst. Incident response and threat hunting teams need an accurate, comprehensive picture of their attack surface to maintain an effective security, risk, and compliance program.

New XDR solution built on the scalable

Qualys Cloud Platform combines native asset and vulnerability risk context with endpoint telemetry and third-party logs for effective threat detection and response

Qualys Context XDR provides the security context that operations teams need to eliminate false positives and noise by triangulating risk posture, asset criticality, and threat intelligence. Together, this provides visibility, contextual priority, and meaningful insights about the assets that allow teams to quickly make the most impactful decisions for enhanced protection. For example, a vulnerability that is being actively exploited by malware on an executive’s computer or a highly sensitive server introduces a higher level of risk to the business than a system in a test environment and requires an immediate response.

The Qualys Cloud Platform, which processes more than 10 trillion data points, seamlessly collects IT, security and compliance telemetry using its multiple native sensors along with third-party logs to provide a broader view across organisations’ global networks.

Qualys Context XDR leverages this intelligence and the platform’s cloud agent response capabilities - like patching, fixing misconfigurations, killing processes and network connections, and quarantining hosts – to comprehensively remediate the threats identified, and increase the productivity of timestarved security analysts.

Zoom announces language interpretation, video in meeting room, reset backgrounds, watermarks

Zoom Video Communications announced their latest updates and the tools needed to take communication and collaboration to the next level. This update includes new features and functionality such as the ability to enable language interpretation by default, Zoom Events Expo, and more!

ZOOM MEETINGS

To streamline the setup of meetings and create an equitable meeting experience for everyone.

ENABLE LANGUAGE INTERPRETATION BY DEFAULT

Account owners and admins that would like to include interpreters in their meetings or webinars can enable the language interpretation feature by default when scheduling Zoom meetings to create a frictionless experience for all attendees, regardless of their native language.

AUTOMATED LANGUAGE SUPPORT IN THE WEB CLIENT

The in-meeting user interface will display in the same language the web browser is set to streamline the meeting experience and reduce friction in the process of starting a meeting.

ADD VIDEO TO THE WAITING ROOM

Meeting hosts can add a video when setting up the meeting Waiting Room in the web portal. Participants in the Waiting Room are able to view the video while they wait for the host to allow them into the meeting, providing a seamless method for distributing

Mandiant Advantage XDR to integrate with SentinelOne’s Singularity XDR platform

Mandiant and SentinelOne, an autonomous cybersecurity platform company, announced a new strategic alliance to help organisations reduce the risk of data breaches and strengthen their ability to mitigate cyber threats. The alliance enables Mandiant’s renowned incident responders’ use of SentinelOne’s Singularity XDR platform to investigate and remediate breaches.

The Mandiant Advantage XDR platform empowers organisations to strengthen security controls and remain ahead of threats through intelligence-led technologies. The integration of SentinelOne’s Singularity XDR platform into Mandiant Advantage enables joint customers to diagnose and remediate threats faster and more accurately through enhanced visibility, automation, and alert prioritisation. Further, Mandiant’s industry leading consulting

important information before the meeting begins. This feature requires client version 5.7.3 or higher and is available for all paid accounts.

RESET VIRTUAL BACKGROUNDS TO DEFAULT AFTER EACH MEETING

To automate the way users, change virtual backgrounds and prevent sensitive information from being shared on them, admins can set a default virtual background that will automatically reset at the beginning of each meeting.

ENABLE OR DISABLE VISUAL WATERMARK DURING A MEETING

To provide greater flexibility in managing recordings, meeting hosts have the ability to enable or disable the visual Watermark feature during a meeting. All meeting participants are required to be on the latest version of the Zoom desktop client before joining a meeting.

service has now added the Singularity platform to its elite third-party toolset used in the delivery of Incident Response and

Through the strategic alliance, Mandiant will provide consulting engagements that span the Mandiant Advantage and Singularity XDR platforms. In addition, the Mandiant Managed Defense practice plans to introduce managed detection and response for SentinelOne customers in the second half of 2022.

New features in Tenable.cs secure cloud resources, container images, cloud assets

Tenable, the cyber exposure company, announced new capabilities for Tenable.cs, its cloudnative application security platform. Tenable.cs delivers full lifecycle cloud-native security to address cyber risks from build to runtime. With the new features, organisations can secure cloud resources, container images and cloud assets to provide end-to-end security from code to cloud to workload.

Tenable.cs enables organisations to programmatically detect and fix cloud infrastructure misconfigurations in the design, build and runtime phases of the Software Development Lifecycle SDLC to prevent unresolved insecure configuration or exploitable vulnerabilities from reaching production. Tenable.cs secures infrastructure as code IaC before deployment, maintains a secure posture in runtime, and controls drift by synchronising configuration between runtime and IaC.

The IaC remains the single source of truth, eliminating the need for complex and manual processes. The solution also includes Frictionless Assessment and Nessus Vulnerability Assessment for cloud workloads as well as Container Security to assess cloud hosts and container images for vulnerabilities without the need to manage scan schedules, credentials or agents.

Tenable.cs is fully integrated into Tenable.ep, the company’s comprehensive Cyber Exposure platform. With this addition, Tenable delivers an integrated, end-to-end security solution and a complete picture of cyber risks across the modern attack surface with unified visibility into code, configurations, assets and workloads.

Organisations can determine the cyber risk of their cloud resources alongside other assets, such as IT assets, web apps and containers. Tenable.ep helps organisations understand cyber risk in the broader context of their business, with holistic visibility and reporting, unified workflow and advanced analytics to help users assess and prioritise what matters most to their organisation.

Goldman Sachs, Zodius Capital, Z3Partners funded CYFIRMA launches DeFNCE mobile security app

CYFIRMA, an external threat landscape platform management company funded by Goldman Sachs, Zodius Capital and Z3Partners, announced the launch of DeFNCE, a mobile app to help users acquire cyber safe habits such as knowing how to set a secure password, learn about emerging cyber threats like phishing campaigns and other social engineering lures, and be aware of cyber criminals targeting apps they have installed.

According to App Annie Mobile App Landscape Report, there were 218 billion app downloads in 2020, time spent in finance apps was up

45% worldwide, and m-commerce experienced a massive growth. Similarly, social networking apps, video streaming apps, and gaming apps

have all experienced a surge in recent times as the world’s population migrated to mobile and digital formats for work and play.

In CYFIRMA’s research, threat actors and cybercriminals are increasingly viewing mobile devices as attack surfaces to carry out not just scams but also cyber espionage. The company predicts in 2022, cybercriminals will mount attacks to take over mobile devices and demand ransom knowing that many will succumb to the extortion tactics.

DeFNCE redefines mobile security as the only app with the capability to provide a safe browsing experience by using advanced algorithms to discover the user’s digital risk profile and alert him or her to spying, phishing, ransomware, malware and other cyber threats.

The app contains over a million data sources to bring to the user’s attention on emails and passwords which have been stolen or leaked into underground marketplaces, specific hacking campaigns planned by cybercriminals to compromise banking and other sensitive apps, and help the user ensure the device settings adhere to cyber safe security standards.

Juniper Networks announces Juniper Secure Edge as next step in SASE Journey

Juniper Networks announced the newest addition to its Secure Access Service Edge SASE architecture, Juniper Secure Edge. This new solution delivers Firewall-as-a-Service FWaaS as a single-stack software architecture, managed by Security Director Cloud, to empower organisations to secure workforces, wherever they are.

With the rise of distributed workforces, organisations are experiencing a paradigm shift in the way the network edge is secured, paving the path to brand-new, cloud-based architectures at accelerated rates. Extending security to every point of connection is crucial as these new architectures emerge and the transition begins.

Juniper Secure Edge provides users with fast, reliable and secure access to the applications and resources they need, ensuring a seamless end-user experience that encompasses the following key benefits:

l Unified policy management from a single UI for all security use cases. Create policies once and apply them anywhere and everywhere with unified policy management, including user- and application-based access, IPS, anti-malware and secure web access within a single policy. Unified policy from the edge through the data centre means fewer policy gaps, elimination of human error and a consistently secure environment.

l Secure user access from anywhere. Secure Edge supports the remote workforce whether employees are in the office, at home or on the road with secure user access to the applications and resources needed to do their job effectively. Security policies follow the user wherever they go, pro-

tecting the user, device and applications without having to copy over or recreate rule sets.

l Dynamic Zero Trust segmentation. Maintain the security of data around identity- and risk-driven policies. Secure Edge delivers consistent security policy framework with policies that automatically adapt based on new risk and attack vectors and follow the user wherever they go, providing automated access controls to employees and third-party contractors through granular policy control.

l Investment Protection. Secure Edge allows organisations to leverage existing investments and seamlessly transition to a full SASE architecture at a chosen pace and provides a simpler operational experience.

Juniper customers can use the physical, virtual, containerised – and now cloud-delivered – SRX firewall, completely managed by Security Director Cloud with a single-policy framework, allowing for full visibility and consistent security across both the edge and the data centre from one UI.

l Integration with any identity provider. Secure Edge allows customers to use the identity provider that works for them by integrating with leading identity providers, such as Azure AD, Okta and others, through SAML 2.0 support.

l Validated security effectiveness. Juniper provides cyberattack protection that has been validated by objective, third-party testing to be highly effective against client- and server-side exploits, malware and C2 traffic, regardless of where the users and applications are located. This includes achieving the highest security efficacy rating at 99.5% compared to leading security vendors for Enterprise Firewall, and 100% effectiveness with zero false positives in ICSA Labs’ Advanced Threat Defense test in Q4 of 2021. Secure Edge delivers policies from the cloud, as a service, empowered with these proven threat prevention technologies, ensuring consistent security enforcement.

Moving to a SASE architecture is a journey and requires every organisation to take a thoughtful approach to this transition to remain secure. Juniper provides the “and” strategy that meets customers on their SASE journey and enables a seamless and secure transition to a SASE architecture. Secure Edge builds upon Juniper’s Connected Security strategy while successfully converging networking and security, effectively enabling a threat-aware network from client to application both on-premises and in the cloud.

Acer

Acer announced four new Chromebooks with the latest technologies, durable designs and a collection of features that optimise them for the education environment.

With Chrome Education upgrade, teachers and administrators can leverage the full capabilities of the Chromebook and Chrome OS to ensure students can focus on learning with a robust, secure device. In addition, IT departments can easily manage them with Zero-touch enrolment — to drop ship new Acer Chromebooks to their school sites that will automatically enrol as soon as the end user connects to the internet.

All of the four new Chromebooks were built to withstand the challenges of a busy school environment, featuring impact-resistant chassis that meet MIL-STD 810H standards. A shock-absorbent bumper and reinforced design protects them from drops as high 122 cm 48 ft and withstands up to 60 kg 132.3 lbs of pressure.

The Chromebooks’ displays can also be opened a full 180 degrees 360 degrees for the Spin models, helping protect the devices when the screen is being handled, and a unique drainage system built into their keyboards helps protect internal components from accidental water spills.

The Acer Chromebook Spin 311, Acer Chromebook 512 and Acer Chromebook 511 also have mechanically anchored keys that are difficult for inquisitive students to remove, but at the same time, simple for IT personnel to repair or replace. Widened brackets and reinforced IO ports further protect them from the wear and tear of frequent use.

A testament to Acer’s commitment to sustainability, all four of the new Chromebooks feature a unique environmentally friendly OceanGlas touchpad made entirely of abandoned ocean-bound plastic waste. Not only does the use of this waste contribute to the reduction of plastics adrift in the ocean, but it also gives the touchpad a glass-like texture and responsive tactile feedback.

Additionally, three of the Chromebooks—the Acer Chromebook Spin 311, Acer Chromebook 512 and Acer Chromebook 511—integrate post-consumer recycled plastics into their chassis design to further exemplify Acer’s commitment to sustainability.

announces new Chromebooks for education with added durability, taller display, battery life

Qualys adds advanced remediation to Qualys Cloud facilitating asset misconfigurations, patch OS

Qualys announced it is adding advanced remediation to the Qualys Cloud Platform. The new update enables organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software. The result is improved efficiency by eliminating the

need to use multiple products and agents and a more comprehensive approach to remediation.

Timely and comprehensive remediation of vulnerabilities is critical for maintaining good security hygiene and proactive risk management. Yet, organisations struggle to remedi-

Microsoft releases Windows 11 based Surface Laptop Studio, Surface Pro 8 in UAE

Microsoft announced general availability of Microsoft Surface Laptop Studio and Surface Pro 8 for organisations across industries in the UAE. Built to be modern and essential devices for today’s hybrid workforce, the new Surface products protect productivity, promote innovation, and prioritise accessibility, while ensuring the safety and security of all users.

Designed in concert with Windows 11, the new devices reflect Microsoft’s commitment towards designing technology that fosters productivity and creativity, while also bringing inclusion and accessibility to the fore. Each new version of Windows unlocks the next generation of hardware innovation.

ate quickly due to multiple factors including ambiguity between IT and Security on process ownership, especially when the action requires sophistication beyond the deployment of a simple patch. For example, to remediate the Spectre Meltdown vulnerability, a configuration change is required in addition to deploying the patch.

Further, some vulnerabilities need a registry key change without a patch, while others need a proprietary patch or an update to custom software to remediate. The lack of clarity between vulnerability detection logic and potential remediation complexity due to the need for multiple tools increases the struggle IT and security teams face.

Qualys Patch Management seamlessly integrates with Qualys Vulnerability Management, Detection and Response to remediate vulnerabilities by deploying patches or applying configuration changes on any device regardless of its location. The new remediation feature allows teams to use one application to detect, prioritise and fix vulnerabilities regardless of the remediation method required.

Update to Qualys Cloud Platform enables organisations to fix asset misconfigurations in addition to patching to achieve comprehensive remediation

And for the last decade, Surface has been at the forefront – challenging convention, pioneering new experiences and creating entirely new categories of devices. “Windows 11 is built on the familiar Windows foundation but reimagined to boost employee productivity and enhance collaboration on the most secure version of Windows yet,” added McDonald.

In addition to ensuring productivity and innovation in the modern workplace, Microsoft is launching the Microsoft Ocean Plastic Mouse as a step forward in Microsoft’s larger sustainability journey. In keeping with the organisation’s goal to have 100 percent recyclable devices and packages by 2030, the new mouse is made with 20 percent recycled ocean plastic and its packaging is 100 percent recyclable.

Injazat to develop automated fleet management and transportation system for Easy Lease

further enhance customer experience through a unified, and automated leasing and booking platform.

Furthermore, this portal can be adapted to have additional intelligent modules such as smart dispatch and billing, preventive and breakdown maintenance, driver’s identification, and remote immobilizers. With a growing IoT solutions portfolio, the partnership with Easy Lease is set to help Injazat expand the company’s regional footprint in the transportation industry.

Easy Lease announced a partnership with Injazat to develop and operate a next generation Automated Fleet Management and Intelligent Transportation System to help the company manage their fleet of over 25,000 bikes. Using the latest Artificial Intelligence technologies and Internet of Things solutions, the newly deployed platform will help Easy Lease’s customers to smartly track and monitor

Middle East’s AMANA Group to implement Oracle Fusion Cloud HCM and EPM

Oracle has announced that AMANA Group, one of the Middle East’s largest multinational construction conglomerates, will implement Oracle Fusion Cloud Applications Suite to modernize its business operations and support the company’s expansion. With Oracle, AMANA will be able to optimize finance and HR processes to reduce costs, rapidly respond to changing market demands, and support its growing workforce.

AMANA Group is a leading commercial and industrial design-build contractor with a portfolio spanning aviation, automotive, agriculture, manufacturing, retail, energy, logistics and other major industries. The company’s ongoing expansion in its home region as well as

their leased-out motorbikes and obtain accurate information and real time actionable data that improve the efficiency, safety, and quality of their fleet.

The long-term agreement was signed by Ussama Dahabiyeh, CEO of Injazat, and Ahmad Al Sadah, CEO of Easy Lease, at Injazat’s InGenius Innovation Lab in Abu Dhabi and will allow the motorcycle rental company to

Easy Lease provides turnkey, ready-to-go leasing solutions for motorcycle fleet needs, with an all-in lease offering. Also provides one stop solution for motorcycle mobility segment which includes 360-degree solution such as registration, comprehensive insurance, 24x7 roadside assistance, registration and fines management, accessories, with additions of valueadded services on regular basis.

Siloed finance and HR systems cannot give a clear picture of the company’s performance. AMANA’s leadership focused on the integration of finance and human resource function to secure an integrated view of all modules including budgets, revenue, salaries, bonuses, commissions and benefits.

Middle East construction giant automates finance and HR with Oracle Fusion Cloud Applications to enhance operational efficiency and support growing workforce

in Africa and South East Asia, combined with the operational and staffing disruption brought on by the pandemic, required it to reassess how it manages its financial and HR processes.

It needed a solution that would help the company quickly embrace new operational models, flexibly scale services, and support its growing workforce. AMANA selected Oracle Fusion Cloud Human Capital Management HCM and Oracle Fusion Cloud Enterprise Performance Management EPM.

With Oracle Cloud HCM, AMANA will be able to adapt its people strategy to the everincreasing pace of change with an integrated HR platform that provides one source of truth for HR data and unifies every process across the employee lifecycle. At the same time, with integrated artificial intelligence AI, digital assistants, and thousands of new capabilities each quarter, Oracle Cloud HCM will help AMANA stay ahead of the game with smart HR workflows. With Oracle Cloud EPM, AMANA’s finance teams will be able to speed up decisionmaking and adapt quickly to changing business conditions with simple, insightful and highly automated business analytics and reporting.

Saudi based Red Sea Development appoints Accenture to run Smart Destination Programme

The Red Sea Development Company, TRSDC has appointed Accenture to set up its Enterprise Architecture Office to run the Smart Destination Programme for a seamless connection and visitor experience at The Red Sea Project. The destination is setting new standards in

sustainable development and luxury tourism, strategically positioning the Kingdom on the international eco-tourism map. TRSP has been designed to be smart, employing frictionless and invisible technology from the outset of planning stages.

Accenture will support TRSDC in governing and managing the Smart Destination Programme in the areas of Enterprise Architecture Design and Technology to integrate partners and systems in bringing the platform online, while ensuring quality and timely delivery of the complex visitor-driven program planned to be launched by the end of 2022.

TRSP is one of the world’s most ambitious regenerative projects, covering 28,000 km2 on Saudi’s west coast, and offering a new type of barefoot luxury experience for visitors from around the world. The destination will be developed to the highest standards of sustainability and includes an archipelago of more than 90 untouched natural islands, as well as dormant volcanoes, desert, mountains and cultural sites.

As a leading global professional services company specializing in IT services and consulting, Accenture is committed to creating a significant positive impact in the Kingdom, where digital acceleration and architecture empower the industry with smarter ways of doing business and delivering immense value and impact.

RouteQ, a subsidiary of Yandex and a provider of cloud-based delivery management software solutions, announced an expansion of its operation to the Middle East, to plug the critical gaps in the region’s delivery fleet operations, by providing comprehensive route planning and delivery tracking capabilities for today’s competitive retail, e-commerce, delivery providers, and fast-moving consumer goods businesses.

Couriers are facing increased demand in the wake of the pandemic and e-commerce volume is expected to remain high for some time. Some project that the e-commerce market in the UAE will reach $8 billion by 2025. RouteQ believes that digital transformation will play a significant role in determining the shape of the

region’s logistics market in the coming years.

RouteQ already powers over a million deliveries around the world daily in the peak seasons

The technology provider is poised to deliver valuable assistance in addressing key delivery challenges in the Middle Eastern region, such as inaccurate addressing and package tracking Yandex’s experience in mapping exceeds 15 years, and the company has built on past innovations particularly in the field of complex algorithms to leverage modern maps and traffic data to enable the most precise delivery in the industry.

More than 200 parameters let enterprises optimize their routing to meet modern logistics challenges — like delivery time windows and

customer self-tracking — and dramatically reduce workloads for call centres at the same time. An advanced module, built specifically for the Middle East, lets customers and delivery managers collaborate to fine-tune target locations where a more precise address is not available. These factors play a vital role in significantly reducing delivery truck mileage. Organizations can use RouteQ technology to reduce the number of vehicles used for delivery routes by 30%, which further reduces the carbon footprint and makes operations more sustainable.

RouteQ recently opened operations in Dubai to expand its presence in the Middle East and help regional businesses address their delivery challenges. Leaning on its strong track record with globally recognized brands, including X5 Group, Unilever, Coca-Cola HBC, Carlsberg Group, and Russian Post, the company has already started piloting projects for customers in the region’s retail, e-commerce, and courier sectors. In the coming year, Nesterov plans to expand the company’s regional sales and marketing team, as well as its implementation and support units.

Yandex subsidiary

RouteQ expands regional operations to improve peak delivery times

Al Khayyat invests in Dell solutions including EMC VxRail, Data Protection Appliances, Dell Boomi

Al Khayyat Investments, a UAE-based conglomerate, has selected Dell Technologies to support its ambitious growth vision and boost its digital transformation drive.

A family-owned business, founded in 1982, AKI today has earnings of over $1 billion and 5,000 employees. With close to 40 years of regional expertise, AKI’s eight autonomous business operations cover pharmaceuticals,

consumer, retail, hospitality, fitness, landscaping, environmental services, automotive and strategic investments.

In today’s hyper-connected retail space, as customers look to brands to deliver exceptional service, AKI’s customer-focused offerings continue to make a mark in the region’s retail sector. The company has plans to build on this success by incorporating digital-led solutions to

Saudi Arabia based TASNEE to implement SAP S4 HANA Cloud, SAP Enterprise, S4 RISE

TASNEE, the first Saudi joint stock company wholly owned by the private sector, has inked an agreement with global technology company SAP, to implement SAP S4HANA Cloud, the core offering of RISE with SAP, to power its business growth strategy.

The milestone transformation tackles various challenges faced by TASNEE which include a greater need for business agility, operational efficiency, and compliance as well as growing demand for visibility on real time financial performance. By moving to S4 RISE, TASNEE will

transform customer experience across all retail touch points.

This offering has become increasingly crucial as customers now expect a second-to-none, seamless experience between a brand’s instore and online retail channels. Additionally, while customer data can help brands create an omnichannel experience that allows consumers to interact across all channels and devices, it also means that the amount of data gathered by businesses keeps growing at an alarming rate. It is therefore important to make sure all the data is being used efficiently and not contributing towards a data silo problem.

For AKI, this meant finding a technology solution that could handle the huge amount of data and ensured it benefitted rather than overwhelmed the business. With Dell Technologies’ hyperconverged best-of-breed solutions such as Dell EMC VxRail, Integrated Data Protection Appliances and integrated software applications from Dell Boomi, AKI has been able to address their growing retail business needs while ensuring their operations remained highly available, reliable, and agile.

AKI also leveraged Dell’s ‘PC as a service’ solution for configured laptops and desktops and now stands to benefit from having a modernized employee experience while relying on a single provider to take care of all their IT needs.

benefit from the resilience of S4 on the Cloud while also solving complex business process with a highly customized ECC system.

As part of this digital transformation, SAP will deliver to TASNEE a range of solutions, including a variety of SAP S4 HANA Cloud and SAP Enterprise Testing solutions among other SAP products.

In addition to the transformation initiative, FAHSS an integral subsidiary of TASNEE also signed an education reseller agreement with SAP. As part of the agreement, FAHSS shall offer a combination of instructor-led and selfpaced training solutions developed by SAP Training and Adoption unit. FAHSS will also offer access to the SAP Learning Hub with participants able to earn an industry-recognized SAP Professional Certification.

This is in alignment with SAP’s commitment towards upskilling and improving employability of jobseekers with critical digital-ready skills, to meet the emerging demand for skilled talent as the Kingdom strengthens its digital economy and future.

Oracle and Red Bull Racing have enhanced their partnership and are introducing a new Team name, Oracle Red Bull Racing, as well as the Team’s new car for the upcoming season, the RB18. Building on the success of last year’s F1 Drivers’ Championship, the Team’s 2022 season will feature expanded use of Oracle Cloud across its most significant areas of operation including analytics-based race strategy, optimized engine development, AI and machine learning-powered driver training and a tailored fan experience.

Taking advantage of Oracle Cloud Infrastructure OCI during last season’s championship run, the Team increased the number of simulations they ran by 1,000x to improve the accuracy of their predictions and sharpen their decision-making. In addition, they accelerated simulation speed by 10x, which gave race strategists more time to make the right call.

Equally important, OCI significantly reduced the cost of billions of simulations, allowing the Team to cost-effectively improve perfor-

mance on the track, which is critical for success under F1’s stringent spending regulations.

This season, OCI will enable the Oracle Red Bull Racing Team to expand the volume and variety of data they analyse and increase the speed at which simulations run in order to better predict tactics that will lead to the podium.

Along with its innovative on-track initiatives, Oracle Red Bull Racing will continue to deliver an exceptional experience to its global fan base. Last season, Oracle and Red Bull Racing launched a first-of-its-kind fan loyalty platform powered by OCI – The Red Bull Racing Paddock – to bring the excitement of F1 to fans all over the world. Since The Paddock’s inception, Red Bull Racing has seen a more than 9x increase in member sign-ups.

The new, direct line of communication between fans and the team has created outstanding engagement, with registered fans submitting thousands of questions to the team and redeeming 35,000 digital rewards. In 2022, Oracle Red Bull Racing will incorporate new features and capabilities, including the ability to create user-generated content, to bring an even deeper layer of personalization to fans.

Oracle is working with Red Bull Powertrains to develop the next generation of F1 engines set to debut in 2026 as Red Bull Racing becomes one of only four current manufacturers supplying engines for F1. Red Bull Powertrains will use OCI to optimize modelling of its new engine combustion chamber to reduce costs while improving results.

Red Bull Advanced Technologies and Oracle are also partnering to help develop the next generation of world-class drivers. Through projects applying AI and machine learning, Red Bull‘s junior drivers will better understand how data can inform and fine tune their driving style to reduce their lap times.

Oracle Red Bull Racing Esports marks the evolution of a partnership in one of the world’s fastest growing sporting industries, esports. Taking a cue from its real-world counterpart, the Team will use OCI-powered analytics to optimize car set up, improve race strategy, and provide its drivers with training that can help them consistently post ideal lap times on any virtual track, in any simulated weather.

The Formula 1 2022 season begins March 18-20 with the Gulf Air Bahrain Grand Prix in Bahrain.

Oracle Cloud Infrastructure increased simulations 1,000x for newly named Oracle Red Bull Racing team

CHALLENGES OF DATA COMPLIANCE IN BANKING, FINANCE

With a single lapse potentially attracting hefty financial penalties and tarnishing customer trust, it is no surprise businesses are taking this seriously.

IIn the data-driven economy, the value of clear, accurate, and complete data cannot be understated. It drives insight that leads to informed decision making, which in turn serves to address key business objectives such as streamlining operations, enhancing customer services, and improving the bottom line.

In dealing with ever growing volumes of data, organisations must now carefully navigate a slew of security, regulatory and compliance challenges. With a single lapse potentially attracting hefty financial penalties and tarnishing customer trust, it is no surprise that businesses are taking this requirement seriously and prioritising compliance.

A recent McKinsey and Company study found that on average, companies invest between 2.5% and 7.5% of their IT spend on data governance. Moreover, with data an organisation’s most valuable and vulnerable asset, if they can’t secure it and inspire stakeholder trust to give it to them, they risk being left behind and losing the competitive advantage that data insights provide.

Companies have access to a range of tools –from data management technologies through to artificial intelligence-led algorithms – that could make it much easier to pan their databases of information, improve data classification and find the gold that makes it possible to create personalised services and products for customers.

What’s more, data-led decision making is not just about delivering benefits to customers or boosting operational efficiency. While those concerns are critical to long-term success, they are also dependent on a range of rules and regulations that must be adhered to if companies want to make the most of the treasure troves of information they hold.

It’s a tough balancing act – while organisations are keen to collect as much information as they can about their customers, they must also ensure that they respect their right to privacy. Failure to do so could lead to serious ramifications.

In the finance industry, Know Your Customer KYC standards ensure investment advisors know detailed information about their clients’ risk tolerance, investment knowledge, and financial position. KYC is enshrined in a series of laws and guidelines in different countries that work to protect the people that buy finance products and the firms that sell them.

In fact, financial services organisations in

the UAE face a raft of regulations, such as the AML-CFT Law and obligations relating to the new Personal Data Protection Law. These regulations mean finance firms must ensure they collect and then process data in a carefully managed manner.

The AML-CFT Law requires the collection and retention of a large volume of client information which must be made available to regulators on request. Conversely, the Personal Data Protection Law introduces subject rights around the erasure of data.

These regulatory requirements create significant pressures for the managers who are expected to deal with compliance. Add in the obligation to both know your customer and protect their rights, plus the ever-growing mountain of information that firms continue to collect, and organisations face a complex data management conundrum.

At the same time as the amount of data that businesses collect continues to increase inexorably, so does the capability of technology to analyse and investigate trends in this information.

However, while key technology trends during the past few years have created the need for a major shift in data management, Deloitte says many businesses remain slow on the uptake. The consultant says organisations continue to use traditional approaches to data governance focused largely on processes, policies, and individual transactional data domains.

One alternative might be to turn to artificial intelligence AI and machine learning ML. AI and ML models can be trained to find patterns

and anomalies in big data sets. When used effectively, these models can enhance data classification techniques and make it possible for data governance teams to automatically identify processes and issues that might otherwise have remained uncovered.

That all sounds like a shortcut to more effective data governance – but business leaders should be aware of a significant catch. While emerging technology can help solve some data management challenges, firms that increasingly rely on algorithms must be aware of ethical

HANDS-ON TIPS

l Your first step should be to deal with data fragmentation. Rather than having data held in disparate locations, look for a software-defined next-gen data management platform. Your data governance process should be an inherent element of your security solution.

l As well as keeping data secure, your organisation should implement a data management approach that creates auditable operations logs for data protection, helps ensure any personally identifiable information is minimised and stored safely, and that your platform automatically notifies you when something is awry.

l Effective data management is crucial to business success. However, automation doesn’t mean hands-off decision-making processes. Make data governance part of your security solution by implementing a platform that helps your business create policy-based automation that makes it easier to comply rules and regulations

concerns. Deloitte says enterprises that use AI will need governance procedures that ensure automated outcomes are fair, reliable, safe, and responsible.

Technology that helps to automate processes associated to KYC and other regulatory concerns can create big operational benefits for businesses. But the decisions that these algorithms make must be explainable. If these decisions are made secretly by black boxes whose inner workings are unexplainable, then customer trust is likely to suffer.

As an added complication, systems that automatically verify KYC could leave businesses exposed to the wrath of regulators. For example, being able to explain automated decision-making is a legal requirement under GDPR. Given that the UAE’s Personal Data Protection Law closely mirrors this European Union regulation, it makes sense for BFSIs in the UAE to keep this requirement in mind from the onset. If you’re thinking of automating KYC processes, then you’ll need to show how your technology is making decisions.

LACK OF VISIBILITY, CONTROL INHIBITING SECURITY AUTOMATION

Heads of IT security architecture rated automation important, however CISOs placed less importance on automation, with a low 28% rating it as very important.

As the technology skills crisis continues, and the post-pandemic ‘great resignation’ prompts burnt out IT professionals to consider career alternatives, it is clear that if people are not available to plug the gaps, automation must be at least part of the solution.

Cybersecurity automation will be critical to lift the burden of high volume mundane, repetitive tasks from skilled employees creating more secure companies and attractive employment for cybersecurity professionals. In the current environment, automation is fundamental to strengthening an organisation’s security posture, but there are challenges to effective implementation.

We recently polled senior cybersecurity leaders to learn more about how they view automation, the challenges faced and their plans to implement it in the coming year. We found a need for better understanding of the potential of automation at C-suite level.

The study found widespread recognition of the value of IT security automation and highlighted differences in opinion depending on what role the respondent had. 94% of Heads of IT Security Solutions Architecture

rated security automation, important to their organisation, with 33% rating, very important. Heads of Incident Response were more likely to say automation was very important 37.5% with a further 50% saying it is somewhat important.

CISOs, however, placed less importance on automation, with a comparatively low 28% rating it very important.

These discrepancies indicate differing awareness around both the current situation within security teams and the role automation plays in driving efficiency. Incident responders are on the ground at the forefront of defence and naturally prioritise tools that ease workload, while security solutions architects are looking for tools that reduce pressure on teams while also increasing coverage.

While these are undoubtedly key factors for CISOs, there is perhaps less awareness of how security automation can deliver improvements fast.

DRIVERS

In terms of the top three drivers for adopting security automation, the three roles agreed that increasing productivity was the most important benefit. This reflects the heavy workloads inherent in security departments and the everpresent need to do more with less by making team members more productive.

Solutions architect respondents pointed to skills shortage as a key automation driver, but respondents in all three roles also acknowl-

edged that lack of skills has proved a barrier when implementing security automation creating a familiar chicken-and-egg scenario where organisations want to automate to solve the skills shortage but cannot because they lack required skills.

For automation solution providers, this underlines the need to ensure solutions are easy-to-deploy, draw together tools and data that the organisation is already using, and deliver fast ROI.

Regarding specific automation features leaders are seeking in a security product, a split was evident. More heads of incident response IR rated having atomic actions that take place inside one system, such as automatically creating a ticket, as critically important than did their CISO counterparts. This underlines the reactive, time-critical and high-profile nature of IR – tools must not only discover threats, but also set out the path to remediation as quickly as possible.

IR leads are not quite ready to take their hands off the tiller entirely. On the value of partially automated workflow automation that updates multiple systems and products but involves human intervention to either initiate or approve the actions taken, more than one quarter of IR heads thought this was critically important, compared to just 13% of CISOs and 20% of security solutions architects. Clearly IR teams want to have visibility into automated processes and control over actions, while CISOs and solutions architects are less concerned about being hands-on.

INHIBITORS

For CISOs the most important requirement for success when rolling out security automation is having well-defined manual processes. This is not too surprising – CISOs are looking at the current situation and projecting forward, therefore having a good understanding of the process they are aiming to automate is important.

However, CISOs should not limit their automation ambition to basic direct replication of a step-by-step manual process. A security automation project offers a great opportunity to

integrate other intelligence sources that can give greater context to the data and alerts received, transforming the original manual process into something far more effective. IR leads understand this; for them integration between vendor technologies was the most important requirement for success.

Looking at the blockers to implementing security automation, CISOs found management understanding, buy-in to be the biggest problem, suggesting that they need to better communicate the strategic benefits to the

C-Suite in order to gain sign-off on projects.

IR leads acknowledge the skills shortage, with more than half saying a lack of relevant skills is stopping them from applying IT security automation. However, skills shortages are also driving the need for automation - 43% of solutions architects say it is the reason more automation is needed.

TRUST

Interestingly, the study also found that, despite the general agreement that IT security automation is important, there is a lack of trust in the outcomes delivered by automated processes. All three roles polled raised this as a problem they’ve encountered when implementing automation. This is akin to the black box problem suffered in AI, where a lack of visibility into the process makes humans less likely to trust recommendations.

Security automation vendors need to consider this and ensure their solutions provide the right degree of transparency and control over alerts and policy application to engender trust. Beyond this, it is undoubtedly the case that as solutions prove themselves over time, greater trust will be built.

At C-level there is a need for greater recognition of the accelerative impact security automation can have on corporate security posture. Additionally, there must be a shift in mindset away from thinking of automation projects as simply replicating existing processes, toward recognising the transformative possibilities that adding contextual information and remediation pathways can deliver.

43% of solutions architects say it is reasoning more automation is needed

Konica Khandelwal moves from Kore.ai to join Yellow.ai as GM Banking Vertical and VP Sales ME

Yellow.ai, announced it has appointed Konica Khandelwal in a dual role, GM Banking Vertical and VP Sales, Middle East. The announcement follows the company’s business growth in the last 12 months in the region, to be further bolstered by two new offices in the UAE.

Konica joins Yellow.ai with over 15 years of experience in sales and a strong track record in helping enterprises adopt digital transformation through AI, Cloud, SaaS PaaS and Enterprise Mobility Platforms. In her previous roles at Kore.ai, Temenos and Al Ghurair Group, she has influenced large deals and successfully implemented strategies to facilitate win-win growth.

US security vendor ColorTokens appoints Nader Baghdadi as Senior Regional Director MEA

ColorTokens, US-based Zero Trust cybersecurity platform company, announced its long-term commitment to scaling across the Middle East. The company has appointed Nader Baghdadi, a seasoned industry leader to head the business in the Middle East. Nader comes with over 20 years of experience in driving organisational growth in the region.

Nader will be instrumental in regional presence, go-to-market and channel strategy in the region, and giving our customers the confidence that their business is secure, from endpoint to cloud.

ColorToken’s growth in EMEA over the last 12 months, and the COVID-19 driven security initiatives to protect employees and clients, highlights the opportunities for them in the Middle East. This year, with the growth predictions in cybersecurity technology on the rise in the region, ColorTokens is scaling its network to build a strong partner base.

Willem Hendrickx moves from SVP International to Chief Revenue Officer at Vectra

Vectra AI announced the appointment of Willem Hendrickx as Chief Revenue Officer. As CRO, Willem will play a pivotal role in leading Vectra’s global expansion initiatives, while also overseeing the entire customer and partner life cycle. This appointment follows a year of exceptional company growth as demand accelerates for Vectra’s portfolio of threat detection and response solutions.

Prior to becoming CRO, Willem served as SVP, International at Vectra. In this capacity, he helped fundamentally transform and expand business operations in EMEA and in the APJ region. With more than 25 years of experience in global software sales, Willem has previously held various leadership positions at EMC Dell, Nokia, Alcatel-Lucent, and Riverbed Technology.

After leading Vectra AI through a period of high growth over the last 20 months, Willem’s predecessor, Marc Gemassmer, has taken on a new role as General Manager of Vectra’s identity and software as a service posture management business. He will lead Vectra’s drive into this new market in partnership with Aaron Turner, the founder and CEO of Siriux Security Technologies. Vectra acquired Siriux in January 2022, positioning the company as the only vendor that enables customers to securely configure and detect active threats in cloud identity and SaaS applications.

Javeria Aijaz to head Farnek’s smart technology spin off HITEK as Managing Director

UAE-based smart and green facilities management company Farnek has launched a new smart FM technology solutions company, HITEK, under the leadership of Managing Director, Javeria Aijaz, who was previously Senior Director – Technology and Innovations at Farnek.

Developed in-house, the HITEK solution 4.0, was originally launched in Q3 last year, connecting people, assets and spaces from multiple remote sites, using intelligent analytical platforms, for cleaning, security and maintenance, so they could be smartly centrally managed and monitored by utilising the Internet of Things, Building Management Systems, Cloud, Machine Learning and Artificial Intelligence-based technologies.

Under Aijaz’s direction, Farnek’s award-winning in-house technology team has developed a range of cutting-edge technologies and initiatives such as a CAFM, BMS, IoT Remote monitoring, smart washroom, wearable technology, HSEQ App, eProcurement, telematics solutions, facial recognition, and benchmarking and forecasting software to make buildings more efficient and ultimately more sustainable.

Axon expands executive team with Shyju Veedu, Sandra Hattab, Andrea Di Bari

Axon Technologies, the UAE-headquartered leading information security solutions provider, has announced the expansion of its executive team with three key appointments. Andrea Di Bari has joined as the company’s Head of SecOps Architecture and Engineering, Shyju Mannian Veedu as its Financial Controller, and Sandra Hattab as its Cybersecurity Consultant.

Andrea Di Bari brings more than 20 years of experience supporting organisations across Europe design, build and operate their SOCs. With significant experience in Telecoms, Financial Services, and Critical Infrastructure industries and as a proven cybersecurity leader, he will be responsible for steering the vision of Axon’s SecOps division.

With over 16 years of experience, Shyju Mannian Veedu will play a critical role in Axon’s financial strategy and opportunity forecasting. He brings his dedicated experience in management accounting, group reporting, consolidation, budgeting, strategic planning, process improvement, and automation to the table. Prior to joining Axon Technologies, Shyju was working as a Management Accountant with Emirates Flight Catering Company.

Hailing from a telecommunications and computer engineering background, Sandra Hattab is CISSP certified and offers deep knowledge of security best practices, which will be vital to her new role at Axon Technologies. She will spearhead the company’s cybersecurity transformation programs for Axon’s customers, which often begins with consulting. Her experience also includes successfully advising and delivering on cybersecurity strategies, objectives, and roadmaps with hands-on experience in implementing remediation plans for matrix organisations.

2022 ROADSHOW

JULY-NOVEMBER 2022

WHERE TECHNOLOGY IS BORDERLESS, AMBITIONS ARE FEARLESS, AND LEADERSHIP IS LIMITLESS