Unleash potential to create, make and do. The MX Master Series for Business.
Chatbots have been pervasive in recent times. NLP AI services are useful across enabling support agent chatbots to live, multilingual transcription, serving use cases of customer support, helpdesk, monetary transactions, sales lead generation and several other inter Aactions.growing number of career opportunities will come up around AI related roles in en terprises. This will also correspond with a growing number of CIOs looking to deploy AI across an increasing but relevant use case scenarios in their organizations. Google’s recent report ‘ The Future of AI in the MENA region’, says that the potential economic impact of AI on the region’s economic growth is significant, with the MENA region estimated to accrue US$320bn by 2030 from value added by AI. Looking ahead, AI will continue to help Businesses unlock more value for themselves and their customers. Office 10, Sharjah www.cxodx.com
PUBLISHED BY - Leap Media Solutions LLC REGISTERED OFFICE:
AI’S EXPANSIVE OUTLOOK
Media City |
RAMAN NARAYAN Co-Founder & Editor in Chief Mob:narayan@leapmediallc.com+971-55-7802403 Sunil Kumar Designer Nihal Shetty Webmaster MALLIKA REGO Co-Founder & Director Client Solutions Mob:mallika@leapmediallc.com+971-50-2489676 SAUMYADEEP HALDER Co-Founder & MD Mob:saumyadeep@leapmediallc.com+971-54-4458401 ......................
3AUGUST 2022 / CXO DX » EDITORIAL
R. Narayan Editor in Chief, CXO DX AI is being increasingly deployed in Business processes for enhanced outcomes inclu sive of better service, better customer profiling, efficiencies in supply chain, manufac turing, operations etc. Companies are increasingly looking at AI deployments through containers to be most effective in flexibility, portability, and reliability for the AI and machine learning lifecycle. Containers allow the AI applications to run on any server, with any cloud provider, on any operating system. AI deployment through containers is more effective in collecting, organising, and processing data for analytics, ML and deep learning models. Data protection, customer service and process automation are some of the most common areas of AI deployments but not restricted to these as use cases multiply. In healthcare for instance, AI is helping better diagnosis through better understanding of patient data and enabling individualized treatment plans. According to Gartner in a survey done in 2021, the top five use case categories for AI software spending in 2022 are likely to be around knowledge management, virtual as sistants, autonomous vehicles, digital workplace and crowdsourced data. These invest ments will drive an expected growth of artificial intelligence (AI) software revenue to $62.5 billion in 2022, an increase of 21.3% from 2021.
Lori MacVittie from F5 writes that the shift in security toward identity is just beginning 34 VR IN HEALTHCARE VR in Healthcare Continues to Offer varied solutions in 2022 writes Dr. Alexander Morozov, Medical Officer at Proven Reality 28 » GETTING THE BEST OF AI AND ML IN MANUFACTURING Khaled AlShami, VP, MEA at Infor discusses six tips to help manufacturers leverage AI and Machine Learning SERVICES POPULAR WITH ATTACKERS – 3
»
4 CXO DX / AUGUST 2022 14 » REIMAGINING DATA MANAGEMENT Data Management in a multi cloud environment needs to be addressed strategically by organizations that makes data access secure as well seamless. 18 » THE NEED FOR MANAGED SECURITY SERVICES
32 » CLOUD
IDENTITY
Jishant Karunakaran, Founder, 36 38 TO
Thierry Nicault, Area VP at Salesforce writes that Businesses that want to remain future-proof should strive to implement ethi cal and sustainable practices 20 » A B2B MARKETPLACE FOR THE FUTURE Suchit Kumar, CEO of TEXUB and Niranjan Gidwani, former CEO of EROS Group and Consultant Di rector at TEXUB spoke about the platform's roadmap ahead 22 » BENEFITS OF AI AND ML IN CYBERSECURITY Derek Mank and Jonas Walker from Fortinet discuss the role AI and ML can play in protection their infrastructure comprehensively by utilizing the services of a capable MSSP
TIPS TO IMPROVE SECURITY Roland Daccache, Systems Engineering Manager, CrowdStrike writes that real time visibility, updated threat intelligence and cloud specific security solutions are key to secure cloud services PREPARING FOR THE NEXT WAVE OF TRANSFORMATIONDIGITAL
24 »
Jacob Chacko, Regional Director at Aruba, discusses how new experiences are being enabled by edge technologies for cus tomers, employees, students etc 26 » WHY BUSINESSSCIOUSNESSECO-CONISASMARTSTRATEGY
» TRENDS & STATS » CONTENTS COVER NEWSINTERVIEWSTORYINSIGHT COLUMN REGULARS 14 14 30 » SECURITY SHIFTS
efittechnologiesinsecuring
» TECHSHOW
Mindfire Technologies speaks about how enterprises can ben 12 » INABILITY TO USE DATA TIMEBREACH13IMPACTINGEFFECTIVELYINNOVATION»IBMREPORT:DATACOSTSREACHALL-HIGH 06 » NEWS
This partnership will enable undergraduates to transform their ideas into deployable, real-life solutions using Zoho’s latest low-code application development platform, Creator ACRONIS PARTNERS WITH MINDWARE
Mindware will offer the Ac ronis’ innovative cloud solutions ranging from cyber security to data protection, to Zoho and School of Engineering & IT, Manipal Academy of Higher Education (MAHE), Dubai have signed a Memoran dum of Understanding (MoU) to facilitate hands-on training and knowledge-transfer to the institute’s developer community.
The MoU was signed by Ali Shabdar, Regional Director, Middle East and Africa at Zoho and Dr. S. K. Pandey, Dean – STEM Programs and Chairperson, School of Engineering & IT, MAHE Dubai. The agreement aims to empower the next generation of developers and IT professionals in Dubai by integrating academic learning with professional experience. Through this partnership, Zoho will enable undergraduates to transform their ideas into de ployable, real-life solutions using its latest low-code application development platform, Creator.
Commenting on the partnership, Ali Shabdar said, “We are pleased to partner with School of Engineering & IT, MAHE Dubai to promote industry-academia collaboration, innovation, and knowledge-sharing as part of our ‘transnational localism’ strategy, which is anchored in working with local communities. By forging this partnership, we strive to contribute to building the future IT leaders and developers in Dubai and empower them to enterprises in Lebanon, Jordan, Iraq, Pal estine, Saudi Arabia, Kuwait, Bahrain, Qatar, Oman, UAE, and Pakistan. The partnership will further Mindware’s ambi tions as a ‘Cloud Distributor’ with Acro nis’ strong value proposition in the Cloud protection space. Acronis offers antivirus, backup, disaster recovery, endpoint protection manage ment solutions, and award-winning AIbased anti-malware and blockchain based data authentication technologies through service provider and IT professional de ployment models. These solutions protect data, applications, and systems in any environment. Acronis Cyber Protect, the company’s flagship product, is the first cyber protection solution that integrates backup, disaster recovery, next-generation anti-malware, antivirus, vulnerability as sessment, patch management and remote management tools into a single console. It addresses all Five Vectors of Cyber Pro Ziad Nasr General Manager ME, Acronis tection — ensuring the Safety, Accessi bility, Privacy, Authenticity, and Security of data (SAPAS) in the data centre, cloud, and edge devices.
“Cyber protection is vital. Acronis is the only vendor offering a one stop solution that helps all audiences, from the SME to the enterprise and also the individual, with this critical need. By adding Mindware as our newest cloud distributor, we aim to continue offering the right solutions everywhere in the Middle East region, increasing our global-local approach and market share” concluded Ziad Nasr, Gen eral Manager Middle East at Acronis.
6 CXO DX / AUGUST 2022
Mindware will offer the Acronis’ cloud solutions ranging from cyber security to data protection, to enterprises Acronis announced its partnership with Mindware, one of the leading Value-Add ed Distributors (VADs) in the Middle East and Africa.
ZOHO SIGNS MOU WITH MANIPAL ACADEMY OF HIGHER EDUCATION, DUBAI
» NEWS
hone their creative and problem-solving skills through technolo gy. In learning low-code technology, students can get first-hand experience in application development from Zoho’s experts and gain a competitive edge when entering the job market.”
According to Gartner, by 2024, applications developed using low-code application development tools will account for more than 65% of application development activity.
Acronis understands the challenges ser vice providers are facing to provide a se cure collaboration environment for remote workers outside of corporate networks, and offers ‘Acronis Cyber Protect Cloud’ – a solution that can be implemented during the outbreak at no cost.
“Tenable is proud to be an APN Partner to achieve the Application Security distinction in the AWS Security Competency,” said Ray Komar, vice president of technology and cloud alliances, Tenable. “Our team is ded icated to helping companies achieve their security goals by combining our vulnerabil ity management expertise with the range of powerful security tools AWS provides.”
NEWS BIOS ACHIEVES CERTIFICATION FROM CLOUD
SECURITY ALLIANCE
STATUS
To receive the designation, APN Partners must possess deep AWS expertise and de liver solutions seamlessly on AWS.
Adam Wolf, Technical Director, BIOS said, “We use industry-leading products and services to offer layered security on our cloud. Protecting customer data is of utmost importance and we monitor all traffic in and out of our cloud through a state-of-art Security Operations Centre BIOS(SOC).”certification is available for download from the CSA STAR Registry. In addition, BIOS’s CSA STAR Level 1 Self-Assess ment and the completed Consensus Assess ments Initiative Questionnaire (CAIQ) are also available on the registry.
BIOS owns, operates and manages its own cloud called CloudHPT, with datacentres in Dubai, Abu Dhabi, Riyadh, Jeddah and Muscat BIOS Middle East (BIOS), the GCC’s lo cal cloud and managed services provider, has achieved the Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) Level 2 certification, a stringent third-party assessment of the security of a cloud service provider.
AWS is enabling scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seam less integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify AWS Partners with deep industry experience and expertise.
Dominic Docherty, Managing Director, BIOS said, “Achieving CSA certification is a testament to BIOS’s continuous in vestment and improvement in security practices, services and products. We are always ensuring the highest levels of se curity for our customers.” This certification demonstrates that a cloud service provider conforms to the applicable requirements of the ISO/IEC 27001:2013 management system standard and has ad dressed requirements critical to cloud secu rity as outlined in the CSA Cloud Controls Matrix criteria. BIOS is also certified for ISO-IEC 27001, ISO-IEC 27017, ISO-IEC 27018 and ISO 9001.
Dominic Docherty Managing Director, BIOS
Tenable has achieved the Application Security distinction in the Amazon Web Services (AWS) Security Competency for its cloud-native vulnerability management solution. This designation recognizes that Tenable has demonstrated and success fully met AWS’s technical and quality re quirements for providing customers with a deep level of software expertise in Appli cation Security to help them achieve their cloud security goals.
7AUGUST 2022 / CXO DX
TENABLE ACHIEVES AWS SECURITY COMPETENCY
Achieving the Application Security dis tinction in the AWS Security Competency differentiates Tenable as an AWS Partner Network (APN) member that provides specialized software designed to help companies – from startups and mid-sized businesses to the largest global organiza tions– to adopt, develop and deploy secu rity into their AWS environments, increas ing their overall security posture on AWS.
BIOS owns, operates and manages its own cloud called CloudHPT, with da tacentres in Dubai, Abu Dhabi, Riyadh, Jeddah and Muscat. It offers fully man aged IaaS and Gartner-recognized DRaaS for over 500 customers in the GCC and beyond.
Ray Komar VP, Technology and Cloud Alliances, Tenable
»
Provides a deep level of software expertise in Application Security to help customers achieve their cloud security goals
Vendor focuses on delivering cost savings and predictable scalability Nutanix, a leader in hybrid multicloud computing, is heavily focused on sup porting educational institutions in Saudi Arabia, as they look to modernize their IT infrastructures and accelerate digital trans formation initiatives. Tareq Hassan, Senior Enterprise Sales Manager – Saudi Arabia says, “Education al institutions in the Kingdom are eager to embrace improved learning pathways which can present significant challenges for legacy IT infrastructure. New trends such as distance learning, educational por tals, BYOD, virtualization, learning appli cations and instructional videos are creat ing new models of teaching and learning, and require requisite support by campus IT systems. IT infrastructure needs to be more adaptable than ever to address these trends under tighter budgets and with limited IT resources. Nutanix understands these im peratives and provides a simple solution for a future-proof IT infrastructure for modern educational institutions.”
STRATEGIC PARTNERSHIP WITH RAQMIYAT FOR MENA
Nutanix Enterprise Cloud Platform is a hy perconverged infrastructure solution that natively converges compute, virtualization and storage into a resilient, software-de fined solution with rich machine intelli gence. Nutanix delivers cost savings and predictable scalability for intensive work loads with a simple scale-out architecture that enables educational institutions to start with small deployments and grow incre mentally into very large installations. From VDI and Desktop-as-a-Service (DaaS) workloads to Exchange Mailboxes to administrative tools like Infinite Campus and Pearson Education products, Nutanix provides the flexibility to run multiple ap plications on a single infrastructure.
Raqmiyat’s core areas of expertise include Digital Banking, AI Chatbot, Digital Workforce, Automation & Analytics, Integration
Nutanix Prism is an ideal end-to-end con sumer-grade management solution for the educational institutions bringing unprec & Data management, IT Technology Staffing, Microsoft Ser vices, Business Applications & Mobility, and Cybersecurity & Infrastructure.
Commenting on this partnership, Abhijeet Sanyal, Vice President – Technology Support Services at Raqmiyat said, “Our partner ship with XOPA AI will empower our customers to experience the AI powered human resource management platform that will help them source and hire the best candidates in a scientific way X0PA AI offers AI-enabled, Software as a Service (SaaS) solu tions that aims to save significant time and cost in hiring while ensuring accuracy of choices. X0PA uses AI and Machine Learn ing to score and rank talent to identify the best-fit candidates for each company and role. X0PA also enhances efficiencies in hiring by automating the entire hiring process, bringing it together with a consolidated, easy-to-use platform for all hiring needs. edented simplicity by combining various aspects of administration and reporting. Nutanix supports all popular hypervisors, so that IT teams can manage the datacenter with the tools of their choice.
X0PA AI announces the strategic partnership with Raqmiyat, a leading system integrator and Digital Transformation provider in the UAE & KSA Region. With this partnership, X0PA will help differentiate the recruitment process for joint end customers by providing hiring solutions that leverage ethical and explainable AI for more accurate, efficient, and objective hiring.
8 CXO DX / AUGUST 2022 » NEWS X0PA AI ANNOUNCES
Tareq Hassan Senior Enterprise Sales Manager –Saudi Arabia, Nutanix
“We are excited to be a strategic GTM partner to X0PA AI. We believe that this partnership will benefit enterprises in streamline their hiring process using data-driven insights,” said Bahaa Eddine Al Indary, Acting General Manager & VP of Sales at Raqmiyat.
NUTANIX TO SUPPORT KSA EDUCATIONAL INSTITUTIONS WITH TRANSFORMATIVE SOLUTIONS
X0PA AI offers AI-enabled, Software as a Service (SaaS) solutions that aims to save significant time and cost in hiring
Boasting more than 40 world-class cy bersecurity vendors, Redington Value launched DigiGlass by Redington to cater to the rising digital economy’s evolving cybersecurity needs. The services include monitoring networks to help detect, iden tify, and respond to a multitude of known and unknown threats, enabling tech teams to prevent attacks from succeeding. Orga nizations can leverage a host of offerings ises and Cloud, Vulnerability and Penetra tion Testing and so on.
The Securonix Next-Gen SIEM platform takes an analytics-driven approach to SIEM, helping organizations to automate security operations, collect data at scale and more effectively detect and respond to advanced threats with a cloud-native solution. As Securonix’ MSSP partner, companies can rely on DigiGlass by Red ington’s expertise to manage their end-toend cybersecurity environment, allowing them to prioritize their core business.
DELINEA AND AUTHOMIZE PARTNER TO CO-SELL THEIR PRODUCTS
The combined zero-trust authorization approach to security improves customers’ identity security posture for privileged identities and entitlements for cloud and SaaS Delinea, a leading provider of PAM solu tions for seamless security, and Authomize, a leading provider of Cloud Identity and Access Security, announced a strategic partnership to co-sell their products. When combined with available integrations, this robust solution provides consistent priv ileged access security across multiple cloud infrastructures and SaaS applications through a Zero Trust approach. In their race to the cloud, organizations have lost critical visibility and control over their identity and access privileges to sensitive assets. According to research from Authomize, less than 10% of privi leged roles and 37% of admins are active based on a study of organizations between one and ten thousand employees. These unused privileges increase risks associ ated with privilege creep and excessive privileges that open the door to exploita tion of credential abuse and exposure.
The Securonix Next-Gen SIEM platform takes an analytics-driven approach to SIEM DigiGlass by Redington, the managed se curity services brand of Redington Value, a leading value-added distributor (VAD), has announced a strategic Managed Secu rity Services Provider (MSSP) partnership with Securonix, Inc., a leader in Next-Gen SIEM and XDR. As per the terms of the agreement, DigiGlass by Redington is now authorized to provide managed ser vices for the Securonix Next-Gen SIEM platform for customers across the region.
Sayantan Dev, President, Redington Val ue, said, “DigiGlass by Redington is ex cited to join hands with a market leader like Securonix. Our ecosystem can take advantage of the combined strengths and unique value this collaboration brings to the table. ”
“Our partnership with Authomize fur thers our commitment to ensure that our customers’ cloud and SaaS environments remain secure by protecting sensitive cloud-native identities and entitlements,” said Ram Venkatachalam, Head of Strate gy and Business Development at Delinea. “Authomize extends Delinea’s privileged access management capabilities with even more visibility over privileges in cloud infrastructure and adds a critical layer of continuous security.”
DIGIGLASS BY REDINGTON SIGNS MSSP PARTNERSHIP WITH SECURONIX
10 CXO DX / AUGUST 2022 » NEWS
Authomize builds on its extensive capa bilities and experience across cloud in frastructure environments to continuously secure the entire development stack. It achieves full-stack cloud access security by providing granular cross-stack visibili ty across Cloud Service Providers and de veloper-critical SaaS apps such as GitHub. Authomize tracks all identities, assets, and privileged access usage to provide com prehensive, actionable understanding of the cloud identity and the access layer that enables organizations to ensure security in every environment.
Ram Venkatachalam Head of Strategy and Business Development, Delinea Sayantan Dev President, Redington Value from XDR-as-a-Service, Endpoint protec tion-as-a-Service, Identity-as-a-Service to Security Device Management, Managed Cloud Security, Managed SOC-On-Prem
The company will work towards accelerating the implementation of standards for the Metaverse D-Link Corporation announced its decision to join the Metaverse Standards Forum as the first participant from the networking equipment industry. The Metaverse Standards Forum is a newly established governing body that aims to promote alignment on priorities and requirements for Metaverse interoperability stan dards. Companies and organizations that participate in the basic standards will serve as the foundations for an open Metaverse.
As a principal member, D-Link will coordinate with Standards Developing Organizations (SDOs) from various industries to ac celerate the implementation of standards for the Metaverse.
According to a recent study by Gartner, 25% of people will spend at least one hour per day in the Metaverse for work, shopping, education, social and/or entertainment reasons, and 30% of organizations in the world will have products and services ready for the Metaverse by 2026. Interop erability is one of the key issues in the early stages of the Metaverse industry and tech giants hope the Metaverse Standards Forum will push the growth and evolution of the “TheMetaverse.Metaverse is where humans from diverse cultures in teract through immersive experiences in a virtual world. To realize its full potential, the Metaverse must be built on open standards with interoperability and consistency to bring various domains together,” said CJ Chang, CEO of D-Link Corporation. “As a global leader in network ing and connectivity solutions, D-Link is proud to join the Metaverse Standards Forum at the early stages of its es tablishment. We intend to collaborate with partners from many industries to make the Metaverse a better experience for all through standardization.”
Joe Levy, chief technology and product officer, Sophos said, “We’ve unified three globally recognized and mature teams within Sophos to provide this breadth of critical, subject matter and process exper tise. Joined together as Sophos X-Ops, they can leverage the strengths of each other, including analysis of worldwide telemetry from more than 500,000 cus tomers, industry-leading threat hunting, response and remediation capabilities, and rigorous AI to measurably improve threat detection and response.”
By intertwining the expertise of each group, Sophos is pioneering the concept of an AI assisted SOC, which anticipates the intentions of security analysts and pro vides relevant defensive actions. In the SOC of the future, Sophos believes this approach will dramatically accelerate se curity workflows and the ability to more quickly detect and respond to novel and priority indicators of compromise.
11AUGUST 2022 / CXO DX » NEWS
D-LINK JOINS THE METAVERSE STANDARDS FORUM
SOPHOS ANNOUNCES SOPHOS X-OPS
Joe Levy Chief Technology and Product Officer, Sophos
Sophos X-Ops links together SophosLabs, Sophos SecOps and Sophos AI, three established teams of cybersecurity experts at Sophos Sophos announced Sophos X-Ops, a new cross-operational unit linking Sopho sLabs, Sophos SecOps and Sophos AI, three established teams of cybersecurity experts at Sophos, to help organizations better defend against constantly chang ing and increasingly complex cyberat tacks. Sophos X-Ops leverages the pre dictive, real-time, real-world, and deeply researched threat intelligence from each group, which, in turn, collaborate to de liver stronger, more innovative protection, detection and response capabilities.
Sophos also issued “OODA: Sophos X-Ops Takes on Burgeoning SQL Server Attacks,” research about increased attacks against unpatched Microsoft SQL servers and how attackers used a fake download ing site and grey-market remote access tools to distribute multiple ransomware families. Sophos X-Ops identified and thwarted the attacks because the Sophos X-Ops teams combined their respective knowledge of the incidents, jointly an alyzed them, and took action to quickly contain and neutralize the adversaries.
Four of the top seven strategic business objectives over the next two years require accurate, relevant and timely data to inform de cision-making, from understanding workforces and productivity to improving the customer experience, according to the business leaders surveyed. Fifty two percent incentivise their teams to be more innovative and find new ways to bring products, services, and strategies to market.
12 CXO DX / AUGUST 2022 » NEWS INSIGHTS
70% of organisations struggling to innovate due to inability to use data effectively, say business leaders
Inability to use data atimpactingeffectivelyinnovationOrganizations
The barriers to data-driven innovation success
Organisations looking to tackle how data is hampering their inno vation efforts are advised to focus on people, process and technolo gy to bridge the gap between ideas and tangible impact. And when that connection is made, organisations can not only realise value from their data but use it to unlock greater levels of innovation: 64% are using AI and machine learning to inform innovation.
An inability to turn ideas into new products, services and strategies, at pace, continues to put organisations at risk of failure. This inno vation-execution gap, first revealed in Bayes Business School and VMware’s 2018 report, Innovating in the Exponential Economy, has been exacerbated by organisations struggling with data.
“Most companies are not short of good ideas. But despite prog ress in executing on their ideas, the innovation-execution gap has persisted, due to a lack of digital capabilities and skills, rigid infrastructures, and various constraints and risks associated with data sovereignty and compliance,” said Professor Feng LI, Chair of Information Management at Bayes Business School at City, University of London, who authored the foreword to VMware’s
Nearly three-quarters (70%) of businesses are struggling to un lock the value of their data – directly impacting their ability to innovate, according to 100 C-suite executives in Forbes Top 2000 companies across Europe.
Nearly a third (30%) of business leaders cite cost reduction as their number one strategic objective, but as threats of recession loom, the better utilisation of data could be an antidote for the short term and long-term innovation. Fifty nine percent believe organisations who are prioritising data-led decision making are stealing market share, with 58% fearing they will fall behind the competition if they do not make better use of their data, highlight ing how the inability to innovate could leave many businesses struggling to compete.
Joe Baguley VP & CTO EMEA, VMware new Innovation-Execution report., a follow-up to the original 2018 paper.
The data barriers flagged by business leaders include organisa tions having too much data, cited by 83%; difficulty in accessing the right data (74%), and technology constraints (60%). Data sov ereignty, where data stored or collected is subject to the privacy laws and governance structures within a nation, industry sector or an organisation, is also a major concern, with national (76%) and industry (67%) directives highlighted as significant barriers to realising the value of data.
Joe Baguley, VP & CTO EMEA at VMware, said, “Innovation can’t be put on ice, especially in economic downturns. It is some thing that runs through a business’ DNA and it takes time, the right culture, the right processes and the right technologies to fos ter and ensure it succeeds. It isn’t a nice-to-have, it is what cre ates competitive advantage, attracts and retains employees, and creates shared value. Any transformation, whether it is wholesale organisational change or identifying ways to reduce costs and op timise processes, relies on a digital infrastructure that can support informed decision making. Data does this. If business leaders can better utilise the data they have to drive decisions and improve people’s data literacy across the organisation, they can overcome challenges including data sovereignty restrictions and will be bet ter placed to generate real business advantage from their innova tion investments.”
Bridging the innovation-execution gap
» NEWS INSIGHTS
“As organizations in the Middle East make great strides in digitization across every major sector, it’s essential that these carefully crafted national visions are safe guarded with the right security capabili ties, including the adoption of Zero Trust strategies. The more we resist the idea of Zero Trust, the more we’ll see higher impact breaches that aren’t identified and contained quickly,” said Wael Abdoush, General Manager for IBM Gulf, Levant, and Pakistan.
IBM Security released the annual global Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for surveyed organi zations. With breach costs increasing near ly 13% over the last two years of the report, the findings suggest these incidents may also be contributing to rising costs of goods and services. In fact, 60% of studied orga nizations globally raised their product or services prices due to the breach, when the cost of goods is already soaring worldwide amid inflation and supply chain issues.
Dan Smoot Riverbed President and CEO lower breach costs compared to business es with a solely public or private cloud model, which experienced $5.02 million and $4.24 million on average, respective ly. In fact, hybrid cloud adopters studied were able to identify and contain data breaches 15 days faster on average than the global average of 277 days for partic Theipants.report highlights that 45% of studied breaches around the world occurred in the cloud, emphasizing the importance of cloud security. However, a significant 43% of reporting organizations stated they are just in the early stages or have not started implementing security prac tices to protect their cloud environments, observing higher breach costs. Business es studied in the Middle East, that haven’t start applying cloud security practices suffer from 8.3 million US dollars on the average total cost of a data breach.
Concerns over critical infrastructure tar geting appear to be increasing globally over the past year, with many govern ments’ cybersecurity agencies urging vigilance against disruptive attacks. In fact, IBM’s report reveals that ransom ware and destructive attacks represented 28% of global breaches amongst critical infrastructure organizations studied, high lighting how threat actors are seeking to fracture the global supply chains that rely on these organizations. This includes fi nancial services, industrial, transportation and healthcare companies amongst others. Despite the call for caution, globally only 21% of critical infrastructure orga nizations studied adopt a zero trust secu rity model, according to the report. Add to that, 17% of global breaches at crit ical infrastructure organizations were caused due to a business partner being initially compromised, highlighting the security risks that over-trusting environ ments pose.
The perpetuality of cyberattacks is also shedding light on the “haunting effect” data breaches are having on businesses, with the IBM report finding 83% of stud ied organizations globally have experi enced more than one data breach in their lifetime. Another factor rising over time is the after-effects of breaches on these or ganizations, which linger long after they occur, as nearly 50% of breach costs are incurred more than a year after the breach.
In the Middle East, the costliest breach es are often made by a malicious insid er and can reach close to 9.6 million US dollars. This initial attack vector surpass es physical security compromises, stolen credentials, phishing attacks and cloud misconfigurations. The report did howev er highlight an improvement year-on-year where organizations in the Middle East are identifying and containing data breaches quicker and more effectively.
IBM REPORT: DATA BREACH COSTS REACH ALL-TIME HIGH
Hybrid Cloud Advantage
The global report also showcased hybrid cloud environments as the most prevalent (45%) infrastructure amongst organiza tions studied. Averaging $3.8 million in breach costs, businesses that adopted a hybrid cloud model globally observed
The 2022 Cost of a Data Breach Report is based on in-depth analysis of real-world data breaches experienced by 550 orga nizations globally, 31 of which are from the Middle East, between March 2021 and March 2022. The research, which was sponsored and analyzed by IBM Security, was conducted by the Ponemon Institute.
Most targeted sectors in the Middle East include health care, energy, and financial services. Wael Abdoush General Manager for IBM Gulf, Levant, and Pakistan
Over-trusting Critical Infrastructure Organizations
13AUGUST 2022 / CXO DX
Mohamad Rizk, Regional Director, Middle East & CIS at Veeam Software says, “Data growth over the past two years [since the pan demic] has more than doubled, in no small part to how we have embraced remote working and cloud-based services and so forth. As data volumes have exploded, so too have the risks associated with data protection. Ransomware is a prime example. Given the increased threat vector and risk to data systems caused by vast numbers of remote workers, organizations must ensure they have a robust Modern Data Protection strategy in place to ensure data is backed up, protected and recoverable across all devices and ap plications. Employee best practices and training are vital to this – helping IT teams ensure that users are connected via their corpo rate VPN and storing company data in secure cloud environments » REIMAGINING MANAGEMENTDATA
COVER STORY
Data Management in a multi cloud environment needs to be addressed strategically by organizations that makes data access secure as well seamless
Gregg Petersen, Regional Director - MEA at Cohesity says, “Many companies have distributed their data to a variety of storage loca tions and, as the fines would show, are having challenges in proper ly managing their archipelago of proprietary, siloed islands of data. No doubt, IT teams spend significant time and resources tackling governance, archiving, and compliance issues. This distorted im age causes several glaring problems that grow with the amount of data and the number of regulations. In this way, it is almost impos sible to see whether data is redundant, whether critical personal data is stored in risky locations, or whether it has been overlooked in the backup plan.” He adds that point products may not provide an effective solution in data management because it calls for seamless integration. “A company can attempt to get these data islands under control with processes and point-product solutions, but may face high infrastructure and operating costs, a lack of integration between products, and increasingly complex architectures. And it is ques tionable whether all data is protected from ransomware in such a fragmented environment and whether important tasks such as rapid recovery can be implemented in the required time and quality to keep businesses up and running. Cohesity can help customers with all these critical boardroom topics as we sit at the intersection of three of the highest priority business issues today: Security, Cloud and Data Management.” As data volumes have leapfrogged, the risks have multiplied, es pecially with so many employees working on remote basis and ac cessing corporate data from anywhere.
14 CXO DX / AUGUST 2022 Data Management has become one of the critical aspects of ensuring a robust and resilient multi cloud IT in frastructure. It is a challenge and needs a strategic ap proach to managing the ever-exploding volume of data for enterprises. The challenges are more so because data is lying distributed across multiple locations as part of Business operations.
15AUGUST 2022 / CXO DX » COVER STORY rather than personal accounts or their own desktops.”
“Cohesityvalue.solves
Senior Director, Technical Sales - Middle East, Russia & CIS, Veeam Software
Data Management in a multi-cloud environment In a recent study by Vanson Bourne, a full 88% of respondents said the benefits of the cloud can be realised only if solutions are in place to solve mass data fragmentation challenges across their mul ticloud environment. Mass data fragmentation is the ever-growing proliferation of data—across different locations, silos, clouds, and management systems—that prevents organizations from fully uti lizing its
Walid Issa - Senior Manager, PreSales and Solutions Engineer ing - Middle East Region at NetApp says, “The total amount of data estimated to be generated by 2025 is enormous, we're talking 150+ zettabytes. It’s almost unimaginable how much data we’re producing and consuming daily. And today, people, companies, and entire industries depend on cloud-based applications, systems, and services, all of which are generating a lot of data. So, whether on Cloud, hybrid or multi-cloud, we must continuously and intel ligently manage cloud resource consumption, capacity, perfor mance, protection, security, and costs without putting a lot of ef forts and energy. It can be hard to manually manage cloud resource consumption to optimize costs. But you need to avoid high cloud bills that result from inefficient provisioning, improper infrastruc ture management, and the inability to take advantage of cost-saving opportunities. In terms of enterprises spending, they need to take advantage of cost saving opportunities by deploying the right data management solutions to boost their cloud return on investment, protect and secure their data, deliver cloud-native stateful applica tions and Eliminate cloud infrastructure management complexity.”
“As businesses move more workloads to the public cloud and em brace multi-cloud as their primary data management strategy, IT managers are looking for ways of moving data more seamlessly across hyperscalers and private storage. Cloud-native is a strategy which decouples data platforms from the underlying infrastructure to deliver scalable and agile applications via the public cloud. This approach essentially renders the physical infrastructure irrelevant and allows a business to run applications in any cloud and on any device. In most cases, Cloud-native refers to container-based envi ronments, often managed using Kubernetes, with containers pro viding the platform used to make up a Cloud-native application.
“It is therefore critical that businesses have a clear strategy for managing data across their cloud and data provisioning. This in cludes ensuring data is backed up at all times, recoverable in the event of a disaster, outage or cyber-attack, and as protected from external malicious threats as possible,” adds Mohamad.
Veeam research shows that organizations recognize these challeng es and are investing heavily, often due to having fallen short in delivering the protection users need. 80% of UAE organizations and 82% of Saudi organizations have a protection gap between how much data they can afford to lose after an outage and how fre quently data is backed up. Businesses are losing ground as modern ization of ‘production’ platforms is outpacing their modernization of ‘protection’ methods and strategies. Data volumes and platform diversity will continue to rise, and the cyber-threat landscape will expand. So, CXOs must invest in a strategy that plugs the gaps they already have and keeps pace with rising data protection demands.
Veeam research notes that 69% of UAE organizations and 76% of Saudi Arabian organizations are already running containers in pro duction, while 29% and 22% respectively plan to do so in the next 12 months. Moving forward, as Cloud-native deployments grow, businesses must invest in their Modern Data Protection strategy to Mohamad Rizk
Containers are a highly portable and repeatable entity that can run on any platform and access data quickly to power the applications running on them,” says Mohamad.
The Veeam Data Protection Trends Report 2022 has found that on average, 17% of UAE organizations’ and 18% of Saudi organiza tions’ data is left completely unprotected. Another interesting sta tistic from the report is that 81% of UAE organizations and 81% of Saudi organizations were unable to recover at least some of the data they had lost as a result of ransomware attacks.
Enterprises embracing multi cloud environments are looking for cloud native data management strategies.
mass data fragmentation with multicloud data management and data protection that converges backup and recov ery, file and object services, disaster recovery, development and testing environments, and analytics on a single platform. This re moves silos while radically simplifying infrastructure or powering data management and data protection capabilities as SaaS,” says Gregg.
NetApp is helping customers build their Data Fabric which is built upon a rich set of data management capabilities that ensure consis tency across their integrated environments whether on-prem, cloud or multi-cloud.
• Integration by bringing the endpoints of the data fabric togeth er in a single control panel. From on-prem databases to cloudhoused, high-performance applications, monitor and manage it all from a unified, trusted platform.
customers take charge of cloud environments with enterprise grade solutions to tackle big problems that exist no matter which clouds they choose. We deliver full visibility and intelligent automation that aligns resources with specific work load requirements for continuous optimization. We also offer our customers automated, built-in security on-prem or their clouds of choice for both traditional and cloud-native applications and their data. We also deliver application aware data management for stateful applications, consistent, pervasive storage automation, and powerful backup, data protection, and disaster recovery capabili ties. This will simplify data and infrastructure management so they can quickly and easily provision storage with complete visibility and built in automation into their environment, ” Walid adds.
» COVER STORY
• Automation to reduce the number of manual tasks involved Walid Issa Senior Manager, PreSales and Solutions Engineering – ME Region, NetApp
“Thetions.”Cohesity solution takes this same hyperscale architectural approach and adapts it to the specific needs of enterprise data man agement. We deliver a single software-defined multicloud platform to consolidate all your data across data centre, edge, and cloud, a unified management system, and simple, powerful services that you can easily deploy or consume,” he adds.
• Visibility into the full stack with powerful visualizations and tools to remediate problems automatically.
Walid says, “For a seamless user experience, it is key to deliver data where, when, and how they need it, no matter where it lives at the time and with the protection, security, and cost optimization the business needs. In other words, deliver the right data and ap plications to the right place, at the right time, and with the right capabilities. Therefore, having the right architecture and data man agement solution is essential to enable this experience. Our Data Fabric is the best option here, it's an architecture and set of data services that provide consistent capabilities across a choice of end points spanning hybrid multi-cloud environments. The data fabric in this case will help organization unleash the power of their data to meet business demands and gain a competitive edge. It allows their IT organization to better harness the power of hybrid cloud, build a hybrid multi-cloud experience, and modernize storage through data management. “ It’s easy to get overwhelmed by the complexity of multi-cloud environments when you have insufficient data management and storage services. There’s a lot of manual processes, complicated by an already tight market for cloud skillsets. And don’t forget the pile of data growing in the background without optimal data man agement, you’ll likely get some big cloud bills. And not to forget, security threats, evolving business needs, and pressures from other “NetAppdepartments.helps
Veeam advocates five stages on the journey to intelligent data man agement: 1. Backup: Back up all workloads and ensure they are always recoverable in the event of outages, attack, loss, or theft.
3. Visibility: Improve management of data across multi-cloud environments with clear, unified visibility and control into us age, performance issues and operations.
Key components of data management Data Management approaches vary with different vendors. Cohesi ty follows the architectural approach of the hyperscalers.
16 CXO DX / AUGUST 2022 ensure data is fully protected across cloud, virtual, physical storage, SaaS, and Kubernetes.
For NetApp, the Data Fabric is the main data management archi tecture and solution and has the following key components:
Gregg says, “The hyperscalers have been incredible effective with data management and if we analyse this, we find that this success lies in their architectural approach, which has three major compo nents: a distributed file system—a single platform—to store data across locations; a single logical control plane through which to manage it; and the ability to run and expose services atop this plat form to provide new functionality through a collection of applica
5. Automation: Data becomes self-managing by learning to back itself up, migrate to ideal locations based on business needs, secure itself during anomalous activity and recover instanta neously.
2. Aggregation: Ensure protection and Availability of data across multi-cloud environments to drive digital services and ensure the aggregated view of service level compliance.
4. Orchestration: Seamlessly move data to the best location across multi-cloud environments to ensure business conti nuity, compliance, security and optimal use of resources for business operations.
Mohamad says, “This is not a responsibility businesses can out source to a cloud provider. Adhering to any data privacy regula tion should never been viewed as box ticking. Really, it’s about establishing a culture where businesses are transparent and re sponsible about how they use data. It’s important that businesses understand what data they have on their hands and how it is being stored. For example, we advise that companies keep at least three copies of data, stored on at least two different forms of media, one offsite, and one offline. All backup data needs to be stored compliantly, whether it’s in the cloud or being stored on-prem ises or an offsite data centre. Customers are increasingly curious about where their backup data is and whether it is being stored compliantly. Businesses concerned about privacy regulations should seek the advice of an expert who can provide the coun sel they need. At Veeam, we work with over 450,000 customers worldwide and are the #1 provider of Modern Data Protection solutions, of which regulatory implementation is a massive part.”
Businesses need to implement governance solutions with the threat probabilities such as ransomware attacks multiplying. An effective governance solution will help monitor data usage and ensure it is safe from misuse.
• Continuous Optimization of the infrastructure that we have now, as well as when we scale. And finally Securing and protecting end-to-end data protection in the event of an outage, disaster, or ransomware attack.
17AUGUST 2022 / CXO DX in everything from dev/test to provisioning so we have more time to focus on things that deliver greater value to the busi ness.
The data privacy landscape across the world is fluid and from re gion to region and been the subject of both change and evolution in the past few years. Businesses are custodians of any data they collect, process and use, and it is their responsibility to ensure data in their custody is being stored compliantly and fully protected.
Organizations also need to ensure they are compliant with data reg ulatory laws. Just this year, the UAE unveiled its landmark Data Protection law and across nations and industries various standards such as the GDPR, HIPPA, PCI DSS.
With the staggering extent at which data volumes are growing, the challenges are growing exponentially for organizations to manage the data in accordance with compliance requirements. Hence the data management solution needs to address several necessary aspects.
Walid says, “Enterprise data estates are growing exponentially, making it harder than ever for IT and compliance teams to gain insight into the data they collect and how to protect it. Data Man agement Solutions should be able to give us features like visibility into all our data through multi-environment data mapping. They should be Able to Identify duplicate data to eliminate redundancy, lower costs by pinpointing non-critical data that can be deleted and map personal, non-personal, and sensitive data. It should turn on alerts for instant notification of sensitive data and anomalies and offer automated data reporting to get a better understanding of the types of data that our organization stores, where our data lives, and whether it’s at risk. In addition, it should be able to categorize and classify our data by scanning personally identifiable information, classifying data, and categorizing it automatically, eliminating a huge amount of manual effort. We offer all of the above and more through NetApp Cloud Data Sense which is a tool to Map, Identify, and Report on Structured and Unstructured Data in the Cloud or On Premises enabling our customers to integrate data governance as part of their data management.” In summary, the rules of data management have changed as we embrace a multi cloud environment, where data straddles differ ent environments and needs to do so seamlessly and in a secure manner. A complete data management solution that offers cloud native capabilities is key to managing data in modern enterprise environments.
» COVER STORY
How data governance matters
Gregg Petersen Regional Director - MEA, Cohesity
According to Gregg, “Governance is absolutely fundamental from a security standpoint. Ransomware and cyber-attacks are no longer matter of if, but of when and it is estimated that a ran somware attack occurs every 11 seconds. Many organizations also face the challenge of detecting abnormal activities initiated from the inside, such as unauthorized data downloads and either malicious or unintentional sharing, leaving them once again in a vulnerable situation. To avoid these risks, businesses need to implement a governance solution that monitors access privileges to data and ensures sensitive data does not get into the wrong Hehands.”adds further, “Governance also helps combat the threat of ‘dark data’, which though it often sits idle and rarely gets re-used for additional value, can be a valuable target for cyber criminals. In the event of a compliance or regulatory investigation, busi nesses are often unable to find or report on all the data they need to meet these requirements. In order to effectively protect and efficiently manage data, organizations need to ensure data gov ernance and data security are more intertwined as part of their broader data management strategy.”
Ask for references and get feedback from ex isting customers about the MSSP’s reliability and expertise, and how responsive it is when clients need support. Ask about its technical team--how much experience it has and what certifications its members hold.
Jishant Karunakaran Founder and CEO, Mindfire Technologies
What are some of the aspects that orga nizations should look into when select ing an MSSP provider? Choosing an MSSP requires thought and research. Not all offer the same levels of protection, so you should focus your search on a provider with a solid track record, reputation and importantly good client base. There are some best practices to follow when selecting an MSSP.
18 CXO DX / AUGUST 2022 » INTERVIEW
Jishant Karunakaran, Founder and CEO of Mindfire Technologies, a leading MSSP in the region speaks about how enterprises can benefit in securing their infrastructure comprehensively by utilizing the services of a capable MSSP
Find out if your MSSP offers training to teach users how to spot and avoid cyber threats and break risky practices that can result in a security incident. Aside from protecting your IT environment, your MSSP must have the tools and knowhow to help you comply with all applicable pri vacy and security laws. And finally, you need a provider that responds promptly to your calls, especially if you believe a breach is underway.
THE NEED FOR MANAGED SECURITY SERVICES
You will want an MSSP that takes a holis tic approach, preferably by implementing a SIEM (Security Information and Event Management) solution. SIEM provides complete visibility into your environment. Your provider also should offer integrated threat intelligence to accelerate detection of new threats and– if ever needed – effec tive remediation.
How are Managed services likely to benefit organizations?
There is no room for error when it comes to enterprise information security, with the rapid adoption of digital transforma tion initiatives to add better consumer experience and efficiency across business segments. The attack surface is increas ing by leaps and bounds. This, coupled with a growing list of threat actors, APT groups and organized cyber criminals who are constantly striving to exploit vulner abilities and also with their techniques and tools constantly evolving to attempt to stay ahead of conventional protection tools and defenses. Advanced Persistent Threat groups are another dangerous type of threat actors, industrial or nation-state spies engaged in espionage, Intellectual Property theft etc. They typically target policy makers, banks and financial intu itions, the defense industry, government institutions, and large strategic business es. APT threat actors are difficult to detect primarily because they tend to use custom malware or zero-day vulnerabilities that security systems cannot easily identify or recognize.
A provider needs to learn your IT envi ronment to properly secure it. If a pro vider doesn’t ask enough questions about what’s in place, how it’s used and which users need what level of access, you prob ably should find another provider.
Hiring the services of an MSSP offers more advantages to an organization’s own security team as they can start to focus on strategic security initiatives while the MSSP handles the day-to-day operational tasks such as monitoring and management of the organizations’ security environment. MSSP’s can provide effective protection with reduced cost as the organizations don’t have to invest directly on critical se curity solutions. Hiring resources with se curity skills is also very difficult, training and skilling of these resources on emerg ing technologies is also very difficult. MS SPs often comes with a pool of resources with hands on to in-depth security experi ence and broad industry expertise.
The first clue that you’re talking to the right MSSP is that the provider asks about your business needs and strategic goals.
How do you see the threat landscape challenging for enterprises?
Security requires more than firewalls, patch updates and antivirus. These days, you need functions such as asset discov ery, vulnerability assessments, intrusion detection, log management, threat intel ligence and behavior monitoring. If an MSSP doesn’t deliver these functions, it may not be able to fully protect you in a business environment.
Does the threat landscape necessary for organizations to look at managed services? Managed Security Services or outsourced security services are becoming a new re ality for businesses of all sizes. The threat landscape makes the service of a capable managed security services provider with tools, processes and people to provide 24X7 monitoring and remediation, all the more important.
Believe the hype, it’s here. ENTER THE NEXT DIGITAL UNIVERSE GET YOUR EVENT PASS 4000+ COMPANIES 700+ STARTUPS 170+ COUNTRIESgitex.com#GITEXGLOBAL DIAMOND SPONSOR PLATINUM & LANYARD SPONSOR SILVER SPONSORGOLD SPONSORS ATTENDEESSPONSORBADGE INNOVATION PARTNERLOUNGEMAJLISSPONSORLOUNGECONNEXIONSSPONSOR 10-14 OCT 2022THE WORLD’S LARGEST AND MOST INFLUENTIAL TECH + STARTUP EVENT DUBAI WORLD TRADE CENTRE
20 CXO DX / AUGUST 2022 » INTERVIEW
The B2B Business cannot start overnight. We need to have a cer tain threshold number of people on board for the platform to be completely ready, in terms of buyers and sellers, and only then the transactions can start happening. We have had very positive response to date. At every stage, we were ready for corrections, both technical and operational so that we adjust to the require ments of the market. We have had a massive response in the on boarding phase, and once we crossed 100, we had to put people on hold because we wanted into go to the second and third phase with the first 100, to ensure any finetuning required and correct the errors if any, before we proceeded further. We want to make this a win-win for everyone.
What is the opportunity you see? Does this impact the tra ditional distribution reseller ecosystem?
At the launch a couple of months ago, our clock was at zero in terms of members. Since then, we have been onboarding people.
What is TEXUB all about?
A MARKETPLACEB2B FOR THE FUTURE
TEXUB has been launched as a safe, stable and seamless dig ital ecosystem for global IT and mobility trade in the B2B space. It benefits both the buyers and sellers. Sellers can eas ily reach out to more markets to sell their products with op tions to define reginal restrictions if required for certain prod ucts. Buyers will have the advantage of an expanded supplier base, which will provide them competitive pricing options.
In the post covid phase, we have seen a burgeoning require ment of PCs and laptops per family. The market demand has seen a dramatic increase globally and we intend to provide the opportunity to the channel to reach out to a global market. This is an opportunity for them to expand their global busi ness reach without increasing their CAPEX or OPEX. It is an opportunity business, rather than a threat for anybody.
The opportunity in the B2B space is just beginning and is growing very rapidly but from a small base compared to B2C.
TEXUB, a global B2B marketplace pioneering the future of IT trade was launched in Dubai, on the 25th of May, 2022.Suchit Kumar, CEO of TEXUB and Niranjan Gidwani, former CEO of EROS Group and Consultant Director at TEXUB spoke about the platform's roadmap ahead
How has the response been?
How does your proposition stand apart from competitors?
There are two; one is a seller's market and one is a buyers’ market. So, we are addressing both now. When it comes to the seller’s markets, of course, it is the US and Dubai. Dubai is both a buyer’s and seller’s market as is India. There will be many sellers but the buyers’ market is more important which is what we are focused on mapping and building. We have expanded our manpower in Nigeria and Pakistan and in some other countries. We have added more people in the US as well. We just recruited people in India and have initiated back-office support from India. We have been building the team in Dubai as well.
Where do you see your major buyers coming from in terms of segments? Is it the SMB or the enterprise?
Suchit Kumar CEO, TEXUB Niranjan Gidwani former CEO, EROS Group and Consultant Director, TEXUB
As soon as our sellers complete a few transactions, The insur ance company we have approached will perform an audit of our customers and then they will onboard us. They just need some initial data to kickstart the process.
While there could be several platforms mushrooming, there will only be a few who can execute it the right way and suc ceed. We believe we can differentiate well and succeed.
21AUGUST 2022 / CXO DX » INTERVIEW
How are you working on the insurance requirements?
There are certain very key differentiators in this model. I think the biggest differentiator is that the model that we have is a non- subscription model. So, there is no payment that either a buyer or a seller makes to come on board. The second biggest differentiator is that we are masking the buyer from the seller and vice versa. So, that the platform becomes the base of doing the business unlike other business models like Alibaba, etc, where you get connected and after some time, you don't need the platform. And the third part is the hand holding phase, wherein if there are any apprehensions or aspi rations that buyers may have, the teams are being put in place to mitigate any worries any issues.
What are the immediate markets for you and how are you building your teams to focus on these markets?
Currently, it will be the trading side and while the enterprise side will be looked at in a subsequent phase. While we will not tackle the enterprise segment initially, we are hoping that anybody who's interested will put in an RFQ as such for the products which they wish to source from anywhere and there is somebody who wishes to meet those requirements as long as the brand is allowing it for the specific territory and we will facilitate it. Discuss your logistics arrangements? We've signed up with them for India, UAE and the US. We are extending our agreement with them for both Singapore and Amsterdam as well.
Third, it’s about the tactics, the playbooks. There are more tactical approaches, and dual-stage attacks that we're seeing after doing reconnaissance for information, including infor mation that's coming from social media works, for example. In addition to everything that we talked about before, we're still seeing more volume. All of that translates to more risk.
42 different techniques associated with that.
In 2022, wiper malware has been much more active than recent years which ties into the theme of aggression. This is destructive malware that's wiping out hard drives and master boot records of systems. We're starting to see this tying into the world of extortion too. We're not just talking about data at risk, but systems infra structure at risk now.
Another popular attack pattern is targeting firmwares. Firm ware attacks can come through various vectors, from malware and rootkits to infected hard drives, corrupted drives, and inse cure firmware products. Hackers do not have to physically touch a device to carry out an attack. They can do so through remote connections like Bluetooth and Wi-Fi. This means that the grow ing market of connected devices, such as game consoles, mobile phones, and television, is increasingly becoming vulnerable to firmware hacking. What can organizations do to protect against these attacks? How do AI and machine learning factor into the defense Derek:equation?It’s important to distinguish the differences and they are all necessary. First, you have at the basic level - automation. Con sider a threat feed with threat intelligence and with policies being applied. Without that, organizations would be lost, quite frankly. For example, we’re responding to 100 billion threats a day with FortiGuard Labs, and a majority of that is automated. Automation is largely to help with the volume of detections and policies need ed at speed, reducing reaction time and offloading mundane tasks from SOC analysts. Where machine learning and AI come into place are for the threats that are unknown. The question here is: how do you get ahead of the curve? AI is the action piece, whereas machine learning (ML) is the learning piece. Machine learning works on models,
One, we're seeing more speed and speed can kill. We often talk about the fact that there's more sophistication and more threats out there. We know that, but what we're seeing now is that there's an agility piece here. Threats are getting into a system, hitting the targets, exfiltrating data, demanding ran som, and getting out of a system, much quicker than normal. This includes attackers capitalizing on new vulnerabilities, both zero-days and n-days. That’s one of the most concern ing elements is this theme of speed when it comes to the offense. 3.2.
What changes have you seen in the cyber threat landscape over the last three months? Derek: We're seeing weekly changes driven by three major fac 1.tors.
The second thing that we're seeing is more aggression. You can imagine when you combine these together, you're get ting an even more potent mix, right? This is the problem.
Yes, there is more speed, but there is more aggression as well. This includes the double extortion, triple extortion themes, and targeted attacks that we're seeing too. 5.4.
OFBENEFITSAIAND ML CYBERSECURITYIN
22 CXO DX / AUGUST 2022
Derek Manky, Chief, Security Insights & Global Threat Alliances, FortiGuard Labs; and Jonas Walker, Security Strategist with Fortinet’s FortiGuard Labs discuss the evolving threat landscape and the role AI and ML can play in protection technologies
» INTERVIEW
What new attack tactics are you seeing used in the cyber threat landscape? Jonas: If we look at the techniques, tactics, procedures (TTPs) and the playbook aspect, we actually have some big picture per spective on this. We're looking at real data at a very granular lev el. There are a lot of developments but defense evasion is one of the top techniques that is being focused on by attackers. There are
Jonas: The other piece of that is the skills gap conversation. Ma chine learning goes a long way to not only replace, but fill those gaps. We know there's a shortage in the workforce globally, not just in cybersecurity, of course, but specifically in cybersecurity, how do you address that the gap? Does it make sense to go and hire 20 to 30 people in your NOC or SOC - and even if you have the ability to do that - can you find the people? This is where machine learning solutions can support skilled employees. An integrated approach such as a security fabric is very powerful.
Derek: During my conversations with CISOs, they often say, “Derek you know I'm overwhelmed, there's a lot of attacks out there, a lot of information, how do we simplify this?” Actionable threat intelligence is the answer to this. Networking and security are converging and that's why you have to have actionable threat intelligence, and security subscription services tied into that. Be ing able to detect and respond to threats is the first priority and to understand the threat landscape. Essentially, you need all three of these working in harmony together: automation & orchestration, AI/ML, and escalation paths to SOC analysts on items that have been escalated as high priority.
Jonas: Segmenting networks is something that I recommend as a very effective practical approach to reducing risk, because a lot of these threats can penetrate potentially one device system. If you segment it, it won't be able to spread and hit other systems and create further downtime.
» INTERVIEW
Jonas: Employee education and security awareness training is all something that should be implemented when addressing cyber threats of course. Employees are often the first line of defense in many cases.
Jonas Walker Security Strategist with Fortinet’s FortiGuard Labs "AI is the action piece, whereas machine learning (ML) is the learning piece. Machine learning works on models, and each application can use a different model."
Derek Manky Chief, Security Insights & Global Threat Alliances, FortiGuard Labs
23AUGUST 2022 / CXO DX and each application can use a different model. Machine learn ing for web threats is entirely different than machine learning for zero-day malware. Organizations need to be able to do them all to effectively secure against various attack vectors. By utilizing machine learning and AI, you're reducing risk dramatically. Also, you are offloading costs from your OpEx model since you don't need to hire your way out of the problem.
Derek: Building on top of that, zero-trust and ZTNA are a big topic nowadays. There are a lot of things happening on networks, devices coming in and out, applications coming one and off, etc. The idea that nothing should be trusted inherently can significant ly increase security, instead it should be earned trust. In addition to that, breach and attack simulation and having a plan ahead of time is critical. We often say, “It's not a matter of if, but when, there's going to be an attack”. Yes, you should do all the prepara tion work, but at the same time, have a game plan.
What are some additional protection measures you recom mend to protect against today’s cyber threat landscape?
DIGITAL
We define the Edge as the new experiences being enabled by edge technologies for customers, employees, students, patients, and any users of network services. Edge technologies allow the processing of data by devices at the edge of networks, which is where users and devices are. It is where things connect to the network, whether they are wired or wireless. The edge is where actions take place. Over time, these actions at the edge will be come smarter.
PREPARING FOR THE NEXT WAVE OF TRANSFORMATION
Over the next few years, organizations in every industry will ex perience change on an unprecedented scale as people, digital de vices, smart technologies, and an ever-expanding network come together to transform commerce, work, education, healthcare, recreation, and more. A whole new range of possibilities emerg es when we can engage with literally every device and build in telligence and connectivity into physical objects such as office furniture and clothing. The path to 2030 will spawn new custom er-centric businesses, enable entire new industries and reinvent existing ones, challenge us to adapt and evolve, and facilitate greater access, equity, and inclusion across every aspect of soci ety – this is the potential of the Edge.
Jacob Chacko, Regional Director at Aruba, discusses how new experiences are being enabled by edge technologies for custom ers, employees, students etc
24 CXO DX / AUGUST 2022 » COLUMN
The C-Suite and business leaders understand the value of technology and the benefits it can bring to their bottom line, but there is one key technological shift on the horizon that they can’t afford to ignore. Networking at the edge.
Jacob Chacko Regional Director - ME, Saudi & South Africa, Aruba
Smart meets digital at the Edge – smart conference rooms, smart assembly lines, smart menu ordering, smart stadiums, and a range of technology-enabled smart experiences. The opportunity at the Edge is driven by many things, including smart applications pow ered by artificial intelligence (AI) and machine learning (ML), mobile devices, Internet of Things (IoT) technologies, data anal ysis, next-generation Wi-Fi, 5G communications, and “edge-tocloud computing.”
7. Focused Project Approach – The pilot projects and exper iments undertaken should be meaningful, should have clear goals, leadership, and dedicated resources, and should be de livered rapidly to ensure business focus, with rapid sharing of lessons learned to drive subsequent projects.
Edge-based strategies are driving five critical shifts shaping the future of business and work:
2. Open and Flexible Technology Options – Ensuring the adop tion of open, agile, and secure technology choices that allow teams to pursue future options that may not have been consid ered initially.
1. Leadership Awareness – The starting point is rapid immer sion in the top team to ensure they understand the opportu nity, are aware of the associated risks, know what it takes to succeed, can prioritize what’s to be done, and maintain a clear dialogue with all stakeholders.
5. User Dialogue – Understanding expectations and concerns to ensure solutions genuinely meet the requirements of their intended users.
3. IT Alignment – Making sure the IT function can lead and de liver the journey to the edge and has the capabilities to manage the demands, security challenges, and risks of an edge-based technology ecosystem.
The new edge network combines AI, ML, and automation to con tinuously learn, predict, and adapt to changes, needs, and threats in real time. The new edge network utilizes technologies and soft ware to make sense of the resulting insights, enabling businesses to act and respond, optimizing the experience for the customer or user wherever they are. Pushing intelligence out to the edge will drive change in the design of our products, services, processes, and organizations, and transform how decisions get made – giv ing greater autonomy to the devices at the edge.
25AUGUST 2022 / CXO DX » COLUMN
4. Mindset and Digital Literacy – Driving organization-wide awareness of the shifts taking place in the marketplace and the new business paradigms being pursued, and building high lev els of digital literacy and capability to deliver on the opportu nity.
4. Embracing and Embedding Smart – The Edge is helping or ganizations embrace the true power of smart devices to deliver mass customization and deep personalization of a range of user experiences. Rapid advancements in AI and ML are enabling the establishment of smart spaces and creating the opportunity for smart personalization, adaptation, and continuous learning in the applications offered to users.
Seven key enablers of that preparatory process are identified below:
2. Transformational Leadership – The scalability and rapid ca pability enhancements of exponentially advancing technologies such as AI, ML, IoT, and cloud computing are enabling leaders to pursue and deliver experiments to drive 2x to 10x greater im provements across their businesses.
Transformational Aspects of Edge-Based Strategies
5. Emergence of New Businesses and Industry Sectors at the Edge – The focus on solutions tailored to customer needs is driv ing opportunities from the creation of new businesses to the birth of new trillion-dollar industry sectors.
Call to Action Capturing the Edge opportunity requires radical shifts in stra tegic thinking, an investment in developing deep digital ex periences, experimentation with new business and revenue models, and evolution of the IT function. This change needs to be owned and driven from the C-suite. Such initiatives clear ly require a vision, defined goals, and a robust delivery plan. However, before an organization can start to articulate these, most need to go through a preparatory phase to ensure they are ready to embark on a transformation of this scale.
3. The Pursuit of Digital Innovation and Excellence – The in creasingly central role of digital technologies demands that we raise digital literacy across the organization and prioritize the rapid evolution of our digital capability to accelerate the adoption of a digital mindset and speed up the creation of digitally based products and services based on insights generated from data col lected.
6. Business Case and Investment Funding – The true poten tial of the opportunity at the Edge will only reveal itself once solutions are in the field – the business case and investment funding strategy need to evolve in line with the evidence from the projects delivered.
The opportunity at the Edge represents a new way of conceiv ing business – designing from the outside in and putting the organization’s focus on what happens at the edge to maximize value for customers and employees, while also driving opera tional efficiency. Although it may seem that the concept is in its infancy, the nature of competition and the exponential rate of advancement in the underlying technologies mean that the pace of adoption will accelerate. This will lead in turn to transfor mational shifts in the experiences created and the business and revenue models adopted across every sector. For the C-suite, the call to action is clear. The only question is: how quickly can you respond to start building the future?
1. User Empowerment – The technologies are enabling a funda mental redesign of the user experience – be they customer, stu dent, patient, or employee – giving users the tools to define what they want, how they want it, and even how they want to pay for it.
T
26 CXO DX / AUGUST 2022 » COLUMN
WHY ECO-CONSCIOUSNESS
Research shows that exhibiting value-focused leadership is good for profit. Companies that align with a customer’s values can help seal the deal against the competition. When values are mis aligned, customers are not hesitant to purchase elsewhere.
Thierry Nicault, Area Vice President - Middle East and North Africa, Salesforce writes that Businesses that want to remain future-proof and stand out against the competition should strive to implement ethical and sus tainable practices IS LONG-TERM BUSINESS STRATEGY
he latest Edelman Trust Barometer indicates that consum ers look to businesses to lead in times of uncertainty, with 52% of respondents saying they don’t think businesses are doing enough to address climate problems.
In fact, according to Salesforce’s fifth State of the Connected Cus tomer Report, over three quarters (78%) of customer purchasing decisions are swayed by environmental practices and two-thirds
A SMART
When it comes to free returns, every returned package leaves a trail of emissions from the planes, trains, trucks and vans that carry it back to the retailer. Many items damaged in transit head to landfill. When large amounts of product are bought and then returned with no implications, businesses don’t profit and the planet suffers.
Likewise, for a business to enact an impactful climate strategy, all emissions must be considered. A big part of this is investing in the tools that allow both businesses and the suppliers they work with to measure their impact.
Ultimately, businesses must seek to find the right balance be tween short and long term profit to work towards a successful and sustainable future.
Balancing planet and profit Research shows that companies can no longer rely on their prod ucts alone to ensure customer loyalty. Consumers are looking to purchase from value-driven businesses that operate with sustain ability in mind. Eco-consciousness is a smart, long-term business strategy.
27AUGUST 2022 / CXO DX » COLUMN (66%) have ceased buying from companies whose values didn’t align with their own.
Re-evaluating the customer experience But change doesn’t end with product. The sustainability lens can also be applied to wider customer experiences. For exam ple, incentivizing consumers to purchase more to receive benefits such as free next day delivery and free in-mail returns should be re-evaluated if companies want to adopt a green ethos. And re-evaluation isn’t always a bad thing. According to Sales force research, 42% of shoppers say they will consider paying more for sustainable shipping options or select a longer delivery window. The sweet spot is keeping premiums under $2 for ship ping. And for those unable to pay, businesses most give the option to accept longer delivery times.
Balancing Short-Term and Long-Term Gains
The reality is, re-defining the customer experience by removing purchasing benefits might affect sales in the short term, but can help drive trust long-term amongst eco-conscious consumers.
Creating products that aren’t meant to last is a sure-fire way to ensure repeat customers, but that comes at the cost of the planet. In the short-term, this sounds like a good business strategy, how ever as consumers look to purchase from more environmentally friendly brands, implementing sustainable practices will help re tailers retain customers and remain profitable in the long term.
Although sustainable practices attract and retain customers, they can also be more expensive to implement. So how can companies balance these as part of a successful business strategy?
Businesses that want to remain future-proof and stand out against the competition should strive to implement ethical and sustain able practices. But the work doesn’t stop there, retaining trust is just as important as building it, and authenticity is crucial in maintaining an engaged customer base.
Only by investing in tools that track scope 3 emissions (indirect emissions that occur in a company’s value chain) on the same platform that analyzes scope 1 emissions (direct emissions from owned and operated assets) and scope 2 emissions (associated with the purchase of electricity, heat, or cooling for a company’s own use), will companies be able to obtain an accurate and holis tic picture of emissions data. Then, and only then, can business leaders make decisions that will impact the business and all asso ciated suppliers as a whole.
Thierry Nicault Area Vice President – MENA, Salesforce
The reality is that sustainable practices don’t always align with maximizing profit in the short term. Historically, businesses have been built by encouraging consumers to continue consuming and sustainability has taken a back seat. Reframing this mindset is a good place to start.
Measurability is key Consumers expect brands to be honest about their carbon foot print, so be prepared to account for your emissions.
In short, AI/ML can be valuable as sets to expand a manufacturer’s knowledge about its processes, prod ucts, and production. Integrating AI/ ML strengthens strategic decision making and can deliver bottom line value, both of which are becoming ever more important in today’s chal lenging climate.
6. Human Capital Intelligence – Pro vides labour efficiency with insights about how to improve employee sat isfaction and retention. Can identify employees who might be at risk be fore they quit. This is important with today’s tight labour market.
It is important for manufacturers to start thinking about what kind of information they need to deliver a certain result and then build in the AI/ML tools with se mantic data models to generate accurate and helpful results.
5. Pricing Intelligence – Supports market-centric pricing and detects pricing anomalies or opportunities in the market where prices could be raised to increase margins as well as where margins may be shrinking and how to deal with that.
2. Asset Intelligence – Very common ly used for predictive and preventative maintenance. It is helpful to be able to predict when a piece of equipment might not work as it is supposed to or have unexpected downtime which is one of the leading causes of lost op portunity and lost value for a company during production.
3. Forecasting Intelligence – A new er tool that is necessary for compa nies to help with supply chain issues. Helps with knowing what/when to order materials and can even predict when some materials may be short.
28 CXO DX / AUGUST 2022 » COLUMN
1. Process Intelligence – Improves ef ficiency and decision making for both business and manufacturing processes. This can be as simple as, "how do I de tect anomalies in our accounting system to prevent fraud?" Information like this is simple for AI/ML to detect.
A recent example that highlights the value of ML/AI is the COVID pandem ic that threw a huge curveball at manu facturers who had to quickly figure out how to adapt. Demand forecasting with the benefit of ML allowed manufac turers with those tools to quickly, and more accurately, determine what need ed adjusting.
It is also important to remember that successful ML implementations de mand some specialist skills, so don’t try to go it alone when you are de termining how to utilize and integrate machine learning or artificial intel ligence for your organization. It re quires focus and skill sets from those with experience in these areas.
GETTING THE BEST OF AI AND ML IN MANUFACTURING
In terms of implementation, it is ad visable to start with simple process es and analyses, and then branch out based on those learnings with more advanced AI/ML. Most enterprises already have significant amounts of data within their ERP, CRM and HR maintenance management systems and manufacturing execution systems which they can leverage with ML.
With manufacturers facing challeng es including rampant inflation, supply chains issues, and geopolitical tensions, many are turning to machine learning (ML) solutions to help navigate the headwinds and boost their operations.
Here are six primary value drivers that manufacturers can tap into by integrat ing AI/ML:
Khaled AlShami VP, Solution Consulting, MEA, Infor
Manufacturers can gain serious ad vantages with ML, which can deliver predictive quality control and product maintenance to ensure they are produc ing good products, monitoring system maintenance to avoid production dis ruptions, and capturing their internal knowledge.
4. Sales Intelligence – Helps with im proving efficiency and effectiveness of customer relationships, answers questions like: Who are my best po tential target customers? As well as helps with forecasting sales goals for the coming year.
Khaled AlShami, vice president, solution consulting, Middle East & Africa, Infor discusses six tips to help manufacturers leverage AI and Machine Learning
Availability as a general category, comprising technologies like load balancing and caching and CDNs, maintained the highest priority for about as long as it took for a newly launched web server to survive unmolested on the Internet in 2003. Which, for those unaware, was not very long.
This year, for the first time, we saw a non-core security service rise to the top of the “most deployed.” That service is identity.
Lori MacVittie, Principal Technical Evangelist, Office of the CTO at F5 writes that the shift in security toward identity is just beginning as identity and access have risen to become the most deployed technologies
SECURITY SHIFTS TO IDENTITY
Consider API security. Yes, people are deploying it. But we dug into the details and asked about specific types of protections that respondents considered valuable. We grouped them loosely into three categories:
But it’s not just that identity and access have risen to become the most deployed technologies. There is ample evidence through out our research that points to a significant shift toward identi ty-based security.
In the eight years since we first launched the annual research that would become the State of Application Strategy Report, we’ve seen the steady rise of security to the top of the app security and delivery services stack.
30 CXO DX / AUGUST 2022 » COLUMN
Security shot to the top of the stack and has remained there, un challenged since about 2017—until now.
» COLUMN
2. Modern. These protections have emerged in the past few years and risen as a significant source of security for APIs. This group includes payload (content) inspection like seeking out malware and malicious content and authentication/authorization. Spoiler: that’s the identity part.
This shift toward identity revealed by our research is also signifi cant as the market embraces zero trust as a foundational approach to security. Zero trust was named by 40% of respondents as the “most exciting” trend or technology. As an architectural model, zero trust focuses on securing and protecting applications and in frastructure by designing networks with secure micro-perimeters and limiting risks by restricting user privileges and access.
But the trend also indicates how important identity is in a digital world, and why it’s only somewhat surprising to see identity-re lated services rise to the top of the most deployed application security and delivery technologies in 2022.
At the heart of zero trust is a simple question: who should have access to a resource? While there’s definitely a lot more that goes into answering that question and enforcing resulting policies across core, cloud, and edge, without identity the entire approach falls Whetherapart.identity stays top of mind remains to be seen but, given that emerging trends like Web3 also place a heavy emphasis on identity as a core construct, we think it is likely that the shift in security toward identity is just beginning.
31AUGUST 2022 / CXO DX
Both identity and behavioral analysis are important parts of a comprehensive security strategy, especially for APIs given the role they increasingly play in powering the digital economy. Inspection remains key as well, as many attacks—particularly malware and malicious content—are often easily identified by a unique signature that can be matched against the payload of an API transaction. Speed of identification is as important as confi dence in identifying a possible attack, and inspection remains a quick and reliable method of identifying malicious content.
Lori MacVittie Principal Technical Evangelist, Office of the CTO, F5
3. Adaptive. Adaptive protections are a new category, fueled by the ability to leverage AI and machine learning to perform behav ioral analysis that can differentiate between human and non-hu man users. These techniques tend to form the foundation for an ti-fraud and bot protection services. We asked what respondents considered the most valuable protec tions on this list. The results showed a high degree of security so phistication, especially among those who had implemented API protections in the past year. As with deployment of services, iden tity was at the top of the list of most valuable protections for APIs. The value placed on adaptive methods is promising. That’s not entirely surprising given the eager embrace of AI and machine learning to fuel security services. Given the volume of data and the impact of missing an attack, it’s no surprise that the entire industry is turning to more advanced and adaptive methods of security to protect everything from infrastructure to applications to the business itself.
Lastly, we see identity-related technology deployment as a result of COVID-accelerated digital transformation. We asked respon dents what kinds of changes were being made to their security strategies post-COVID. More than one-quarter (26%) have im plemented a credential stuffing solution and 34% have imple mented API security frameworks. That first number is the relevant one to this topic, as credential stuffing is all about protecting the identity (credentials) of people in a digital world. Given the incredible rise in digital options for every kind of business over the course of the pandemic, it’s heart ening to see at least some taking their responsibility to protect identity seriously. This is a relatively fast-moving trend in security, and we expect it will continue to become more pervasive as organizations further expand their presence in the digital economy. The importance of APIs foretells a need to identify more accurately the ‘user’ of APIs, especially with the growing importance of APIs in automa tion, cloud-native application architectures, digital ecosystems, and, of course, IoT. Protecting APIs in a digital economy is not just a technology concern but a business one as well.
1. Traditional. These protections derive largely from the webbased protections included in web application firewalls for years. Rate limiting, OWASP Top Ten, and of course encryption/decryp tion.
• The use of cloud services for hosting malware and command and control (C2)
Cloud services are an essential part of the digital infrastructure of modern enterprises. While their use has brought many companies more opportunities for col laboration, flexibility, scalability and cost savings, it has also created a new attack surface. That's because as the services have grown in popularity, the focus of at tackers has also shifted. More and more cyber actors are abusing cloud services for their machinations.
Another trend, according to the Global Threat Report: Cloud Security 2022, are at tacks on decommissioned or neglected cloud infrastructures to tap sensitive data. This is
32 CXO DX / AUGUST 2022
ers include:
• The theft of credentials • The abuse of cloud service providers
Roland Daccache, Sys tems Engineering Manager, META, CrowdStrike writes that real time visibility, updated threat intelligence and cloud specific security solutions are key to se curing cloud services »
Cloud services also popular with attackers – Three tips to improve security
COLUMN
The most common cloud attack vectors used by eCrime attackers and other intrud
• The exploitation of cloud vulnerabil ities
• the exploitation of misconfigured im age containers
The pandemic has accelerated digital trans formation and the adaptation of cloud ser vices at many companies. Some have de cided to go all-in on the cloud, others have only gradually moved certain services and functions to different cloud platforms. And still others, who were early cloud adopters, moved from older cloud implementations to newer architectures in hopes of better scal ability, maintenance and security.
1. Enable runtime protection and pro vide real-time visibility. Enterprises can't protect against what they can't see – this includes infrastructure that is about to be decommissioned. Central to securing cloud infrastructure to prevent breaches is
es should ensure that their cloud account factory enables detailed logging and cloud security posture management (CSPM) with alerts to responsible parties, including cloud operations and security operations centre (SOC) teams. Unmanaged cloud subscrip tions should be actively searched for. Once they are identified, it is important to ensure that the responsible parties are either made to decommission any cloud shadow IT or have it incorporated into your CSPM and fully managed. The CSPM should be used for the entire infrastructure until the day the account or subscription is fully decommissioned to ensure that operations teams have ongoing Defendingvisibility. the cloud is likely to become even more complex, as not only are cloud services constantly evolving, but attack ers are also increasingly looking to attack cloud infrastructure as well as applications and data. However, with a comprehensive approach based on visibility, up-to-date threat intelligence and cloud-specific threat detection, enterprises have the best chance of leveraging the cloud without sacrificing security.
» COLUMN
runtime protection and the visibility that cloud workload protection provides. It remains critical to protect workloads with next-generation endpoint protection, in cluding servers, workstations and contain ers, whether they are in an on-premises data centre or hosted in the cloud.
Here are three key cloud security princi ples they should keep in mind.
Whenorganizations.companies
Roland Daccache SystemsManager,EngineeringMETA,CrowdStrike
33AUGUST 2022 / CXO DX because these environments often no longer support security controls such as monitor ing, detailed logging, security architecture and planning and vulnerability remediation, making them an attractive target.
2. Eliminate configuration errors. The most common cause of cloud intrusions continues to be human error and over sights that occur during general manage ment activities. It is important to set up a new infrastructure with cloud-specific processes and audit measures that facili tate secure operations. One way to do this is to use a cloud account factory to easily create new sub-accounts and subscrip tions. This strategy ensures that new ac counts are set up in a predictable manner, eliminating common sources of human error. Also, make sure you set up roles and network security groups that prevent developers and operators from having to create their own security profiles and in advertently creating new vulnerabilities. 3. Leverage a CSPM solution. Enterpris
Cyber experts continue to encounter cases where neglected cloud infrastructures still contain critical business data and systems.
As a result, many organizations have opted for a mix of homegrown and lega cy approaches that create silos and make management difficult. Insufficient visibil ity means security risks can go unnoticed and open the door to attackers. Security teams that have visibility into attackers' tools and tactics have the best chance of detecting and stopping threats faster.
Attacks on such systems have led to sen sitive and reportable data leaks in the past, resulting in costly incident response and reputational damage. And in some cases, where the systems were still providing critical services that had not yet been fully transitioned to a new infrastructure, these attacks resulted in momentous service outages. In addition, the investigation, containment and recovery from such inci dents had a very negative impact on some only had to only worry about their on-premises systems, it was easier to monitor and analyse activity in some cases. Unfortunately, the traditional security and networking tools that worked in many legacy environments are not ac tionable in the cloud.
VR
V
Training benefits Application of VR in the medical field is making it easier for professionals to conduct medical processes, educate patients and support back office processes. The key benefit of VR is to create a virtual world, and mimic real life scenarios. Users can immerse themselves into a virtual reality and additionally, be provided with a learning environment.
Virtual Reality in Healthcare Continues to Offer Varied Solutions in 2022 writes Dr. Alexander Morozov, Medical Officer, Scientist, Proven Reality
For instance, the healthcare sector utilizes virtual reality to support various patient care initiatives, trainings, and other activities. Companies like Proven Reality are developing ad vanced VR solutions for healthcare that can change the way medical skill training, patient care, and autism therapy is per cieved. Though the technology is still in its nascent stages, the prospect of using VR to supplement medical processes could be highly beneficial for the medical workforce in the future.
34 CXO DX / AUGUST 2022 » COLUMN
irtual Reality (VR) is gaining momentum, not just for video games, but within the medical world as well. Recent advancements in technol ogies and government initiatives have resulted in digital solutions being focused on increasingly. VR has made its way into the broader health ecosystem and is rap idly gaining attention, with the VR market projected to reach a value of approximately $184.66 billion by 2026, with a CAGR of 33.85 percent.
IN CAREHEALTH-
35AUGUST 2022 / CXO DX » COLUMN Medical skill training through simulation is one of the focal areas where we can see a great synergy between technology and healthcare. Practitioners and trainers are always seeking ways to make classroom learning more engaging, effective, and seamless. With VR training, industry experts can facili tate all of this through immersive learning experiences. Dif ferent studies reveal that people trained through VR demon strate a higher accuracy in the medical field. Students also reported higher engagement and less anxiety over performing difficult medical tasks when learning through the virtual en vironment. For example,the Proven Reality Auscultation VR app enables students to practice with a range of pathologies and complications, and students can independently perform the actions necessary when listening to the heart or lungs. On the other hand, teachers can monitor the students' activities from their PC, tablet, or smartphone and rectify their mistakes when necessary. To compare the effectiveness of heart and lung auscultation in a simulation-based environment com pared to the traditional teaching methods, a study was con ducted with two groups of students. Among students trained using VR technology, there was a 43% improvement in recog nition of lung sounds following the end of the course, as well as a 120% improvement in recognition of heart sounds three months after the use of VR in training. In addition to auscultation training, there are a wide range of training applications for medical professionals; from gen eral medical examinations training to specialized training in diagnostic procedures, including ultrasound and endoscopy. Training with immersive technology allows students to re ceive real-time feedback on their decisions and enhance their knowledge retention skills. This in turn will help reduce the carbon footprint and generate better training results. Aside from the obvious benefits of educating medical stu dents, VR can be used for teaching the general public on healthcare matters. This prospect gained traction during the peak of the pandemic when healthcare literacy became im portant. Using VR to engage individuals and help their under standing of specific issues presents a range of benefits previ ously not explored.
VR for teaching patients with autism
In addition to educating medical staff and general public, VR can also be used to treat people already diagnosed with med ical conditions. For people with autism, technology-assisted intervention can potentially improve social and behavioral impairments among children with Autism Spectrum Disorder (ASD). The team at Proven Reality recently tested their VR application (VR headset) under the "Road crossing" project in an ASD therapy center in Europe to show the efficiency of the application in supporting children with ASD and their special needs in social and behavior skills. Significant improvement was recorded in the emotional well-being of children as some of them transferred their skills to real conditions. They ap proached the pedestrian crossing, called and voiced the rules of the transition. Many children who participated in remedial classes looked at the glasses more than once and showed the teacher with a pointing gesture that they would like to repeat the game during the therapy. It's only the beginning VR is a growing technology and the trend of implementing this technology in healthcare will continue in the near future. With new advancements in this technology and innovative softwares launching every year, there are certain develop ments ahead as most companies have only just begun explor ing the benefits of VR. Dr. Alexander Morozov Medical Officer, Scientist, Proven Reality
36 CXO DX / AUGUST 2022 Dell Technologies has unveiled the Pre cision 7865 Tower, uniting performance and computing power in the first Precision system to feature AMD’s Ryzen Thread ripper PRO 5000 WX-Series processors. This professional workstation is maxi mized for demanding, multi-application workloads and brings together immense power, flexibility and reliability in one system, whether for VR and AI initiatives, analyzing massive data sets, graphic de sign, or imaging.
Highlights:
The Precision 7865 Tower comes with up to 64 CPU cores, up to 56TB storage, op tional Thunderbolt 3, up to 1TB of DDR4 ECC memory with RMT Pro and a full suite of professional graphics (up to 16GB AMD Radeon Pro W6800 or up to 48GB NVIDIA RTX A6000 graphics), allowing users to create and render simultaneously, without sacrificing performance.
The newly designed chassis also supports dedicated air channels for critical compo nents, enhancing both thermal efficiency and acoustic performance. Servicing and upgrading are also made simpler with con venient front and side access, with toolless interiors and organized, color-coded Microsoft has announced the availability of its industry leading HoloLens 2 mixed reality headset in the UAE.
• The Precision 7865 Tower also delivers fast network speeds (1G and 10G native), supporting work from home and allowing multiple users on one tower virtually.
PRECISION 7865 TOWER
» TECHSHOW
• The Precision 7865 Tower also features a lockable chassis with intrusion detec tion which helps keep it secure. TPM 2.0 (trusted platform module) and self-en crypting drives create a comprehensive solution that users can depend on to help protect sensitive data, intellectual proper ty and confidential projects.
MICROSOFT HOLOLENS 2
• The AMD Advanced Management with DASH (Desktop and mobile Architec ture for System Hardware), allows the Precision 7865 to deliver secure out-ofband and remote management, giving IT administrators the ability to support employees’ needs regardless of location.
components that make it more intuitive to upgrade memory, storage or graphics cards as power demands increase.
HoloLens 2 provides the most comfortable, intuitive, and immersive mixed reality experience available, delivering enterprise value across key sectors with Dynamics 365 business applications and industry ISV solutions, backed by the reliability, security, and scalability of Microsoft Azure. Microsoft’s comprehensive mixed reality platform blends the physical and digital worlds, across the spectrum from augmented reality to virtual reality, extending computing
• Use of Dell Optimizer for Precision software makes the system smarter, using AI to learn work styles and respond to needs, automatically improving applica tion performance, specialized reporting and analytics.
• Remain focused on safely completing tasks error-free with hand track ing, built-in voice commands, eye tracking, spatial mapping, and large field of view.
Highlights:
• Connect with remote colleagues in real-time and work together on a holographic canvas overlayed in your physical environment to quickly resolve issues on the spot.
• Peace of Mind for Sustainability Demands: As end users are under more pressure to prioritize sustainability, the new FlashBlade//S family helps them deliver on these needs with better performance on key metrics such as capacity per watt, bandwidth per watt, and capacity per rack-unit, resulting in an overall smaller data center footprint. For these reasons Meta chose Pure to power its AI Research SuperCluster (RSC).
• Fully articulated hand tracking, touch, grasp, and move holograms in ways that feel natural. HoloLens 2 adapts to your hands, so holograms respond like real objects.
AXIS Live Privacy Shield compares a live camera view to a set background scene and applies dynamic masking to areas of change—essentially, moving people and objects. Users can choose between transparent colour or mosaic masking, the level of masking required, and how often the background automati cally updates. Colour masking provides the greatest privacy pro tection, effectively eliminating the collection of personal data while enabling movements to be seen. Mosaic masking shows moving objects in very low resolution and allows users to better distinguish forms by seeing an object’s colors. AXIS Live Priva cy Shield is suitable for remote video monitoring or recording in indoor areas where surveillance is otherwise problematic due to privacy regulations. With dynamic masking functionality, it is ideal for near-range indoor and outdoor scenes.
• Performance at Scale, Simplicity, and Efficiency of Un structured Data: The new FlashBlade//S family, through closely engineered hardware and Purity//FB 4.0 software, pushes the boundaries of performance, scale and efficiency. FlashBlade//S will also accelerate the pace of innovation and help bring denser and more power efficient technolo gies to market faster. beyond two-dimensional screens to funda mentally transform productivity and opti mize operations. Thousands of leading orga nizations across the globe in industries such as manufacturing, construction, healthcare, retail, and education are using HoloLens 2 and Azure mixed reality services to save significant costs, reduce energy consumption and operational emissions, improve learning and retention, enhance the delivery of patient treatment, and boost employee and customer satisfaction. HoloLens 2 will act as a busi ness catalyst and empower partners to create new value, increase revenue, and improve customer relationships by offering mixed reality capabilities. Redington has been ap pointed as the sole distributor for HoloLens 2 in the UAE and has been fully onboarded together with a number of partners.
AXIS LIVE PRIVACY SHIELD
• Future-Proofing with Evergreen Subscription: By lever aging the full power of Evergreen subscription-based services, customers get unmatched flexibility and non-dis ruptive upgrades with FlashBlade//S. Organizations never have to worry about their storage platform becoming obsolete or disruptive data migrations again.
• Easily share an event as a photo or as a video with others in real-time with mixed reality capture
» TECHSHOW Highlights:
• HoloLens 2 enables organizations to empower their workforce from day one with mixed reality apps from Microsoft Dynamics 365 and offers over 200 applications from its rich partner ecosystem, across Indepen dent Software Vendors, System Integrators and Digital agencies, to address unique industry-specific use-cases.
37AUGUST 2022 / CXO DX With AI-based masking – supported in selected Axis cameras with a deep-learning processing unit (DLPU) – the application analyzes live video for human forms and gives users the choice of masking humans, faces or the background in restricted places. It enables users to schedule when the privacy application should be applied and removed, such as using the new functionality on weekdays and removing it during weekends.
In MENA, software will emerge as the highest growth segment in 2022, record ing a 12.3% increase in spending from 2021 (see table 2). This will be followed by spending on IT services and data cen ters. Weak consumer outlook and supply shortages will restrict the spending on de Thevices.critical IT skills shortage being felt across the globe is expected to abate by the end of 2023 when the corporate drive to complete digital transformations slows down and there has been time for upskill ing and reskilling of existing staff. How ever, in the near term, CIOs will be forced to take action to balance increased IT de mand and dwindling IT staffing levels.
2.8 191,001 6.4 212,218 11.1 221,590 Da4.4 ta Center Systems Communications Services 1,458,527 3.8 1,464,551 Sp2021ending Sp2022ending Sp2023ending2022 Grow th (%) 2021 Grow th (%) Se gment2021 YR 2021 Grow th (%) 2022 YR 2022 Grow th (%) 2023 YR 2023 Grow th (%) Software 11,508 13.8 12,328 12.3 13,595 10.2 IT Services 15,701 16.4 17,128 9 18,565 8.4 Devices29,41710 27,825 -5.4 28,081 0.9 Data Center Systems 3,466 8.83,713 7.13,762 1.3 Communications Services 110,9050.7 112,117 1.1 115,089 2.7 Overall IT 170,9974.5 173,110 1.2 179,091 3.5 Table 1. Worldwide IT Spending Forecast (Millions of U.S. Dollars) Table 2. MENA IT Spending Forecast (Millions of U.S. Dollars) Source: Gartner (July 2022) Source: Gartner (July 2022)
38 CXO DX / AUGUST 2022 » COLUMN
“Inflation is top of mind for everyone.
The IT labor market continues to tighten, making it difficult to attract and retain talent. The Gartner Global Labor Market Survey of nearly 18,000 employees in the first quarter of 2022 showed compensation is the No. 1 driver for IT talent attraction and retention. Technology service provid ers are increasing prices on IT to allow for competitive salaries. This is driving an increase in spending in software and ser vices through 2022 and 2023. Worldwide software spending is expected to grow 9.6% to $806.8 billion in 2022 and glob al spending on IT services is forecast to reach $1.3 trillion. Plans Not Expected to by Inflation Volatility Software 735,86914.7 806,800 9.6 902,182 11.8 Devices808,580 16 767,872 -5 790,888 3 IT Services 1,207,966 12.8 1,283,192 6.21,389,169 8.3 Overall IT 4,401,944 10.2 4,534,632 34,809,561 6.1 2023 Grow th (%) 0.4 1,505,733
Be Deterred
or Currency
Spending on data center systems is fore cast to experience the strongest growth of all segments in 2022 at 11.1%. Cloud consulting and implementation and cloud managed services are expected to grow 17.2% in 2022, from $217 billion in 2021 to $255 billion in 2022, helping to drive the overall IT services segment to 6.2% growth in 2022 (see Table 1).
Worldwide IT spending is projected to to tal $4.5 trillion in 2022, an increase of 3% from 2021, according to the latest fore cast by Gartner, Inc. While IT spending is expected to grow in 2022, it will be at a much slower pace than 2021 due to spend ing cutbacks on PCs, tablets and printers by consumers, causing spending on devic es to shrink 5%. IT spend in the MENA region is forecast to total $173 billion in 2022, growing 1.2% from 2021.
Worldwide IT Spending to Grow 3% in 2022 CIOs’ Investment
Central banks around the world are focusing on fighting inflation, with overall inflation rates expected to be reduced through the end of 2023. How ever, the current levels of volatility be ing seen in both inflation and currency exchange rates is not expected to deter CIOs’ investment plans for 2022,” said John-David Lovelock, distinguished re search vice president at Gartner. “Orga nizations that do not invest in the short term will likely fall behind in the me dium term and risk not being around in the long term.” Price increases and delivery uncertain ty, exacerbated by the Russian invasion of Ukraine, have accelerated the tran sition in purchasing preference among CIOs, and enterprises in general, from ownership to service — pushing cloud spending to 18.4% growth in 2021 and expected growth of 22.1% in 2022. Not only is cloud service demand reshaping the IT services industry, but it is also driving spending on servers to 16.6% growth in 2022, as hyperscalers build out their data centers.
Are
A better WiFi has arrived. Mesh WiFi 6 dual-band system Atlas Pro 6 MX5501Model#1/2/3-Pack:MX5500/MX5502 / MX5503 Covers homes with up to 4-5 bedrooms 30+ devices Capacity per node AX5400 up to 5.4 Gbps WiFi 6 Offers 4x More Capacity*. Mesh WiFi 6 delivers true gigabit speeds—up to 5.4 Gbps with 6-stream connectivity—throughout your entire home inside & out. 160 MHz Capable. Access to the least congested channels on the 5 GHz band unleashes the true power of WiFi 6, allowing working from home, e-learning and streaming & gaming on more devices than ever. No interference from the neighbours. Dynamic Frequency Selection (DFS) reduces interference from neighboring networks. Industry-Leading Technology. The Qualcomm™ Immersive Home 216 Platform transforms home & business WiFi to wired-like stability and speed. Easy Setup and Control. It’s simple to set up and lets you manage your network or prioritise devices from anywhere, all with the free Linksys app.
Linksys Atlas Pro 6 with Velop Intelligent Mesh is a dual‑band WiFi 6 system that simultaneously delivers next l evel streaming, gaming and uninterrupted video calls to more than 30 devices per node. Access to 160 MHz unleashes the true power of WiFi 6 technology—these are the least congested channels available on the 5GHz band and offer incredibly fast connectivity. Works with all modems and ISPs.
WiFi 6Multi-gigabitspeedsLinksys.com