narayan@leapmediallc.com
Mob: +971-55-7802403
narayan@leapmediallc.com
Mob: +971-55-7802403
The pandemic years gave a big boost to PC shipments as most people bought new devices to work from home and remote education mandated that students have access to laptops, tablets or desktops. In 2020 and 2021, the industry saw a massive jump but since last year, the shipments have seen a huge dip.
While those years saw a massive jump in people adopting digital devices and becoming digitally savvier, the growth may not see similar huge spikes in near future. However, one could expect the replacement purchase cycles of these device to stay on the healthier side, with people possibly replacing their devices every 3 to 4 years or so. More people work from home in the hybrid work era and more have become aspirational as far as their choice of devices go.
However, a recent Gartner report says that the dip in PC shipments in the fourth quarter of 2022 saw a 28.5% decrease from the fourth quarter of 2021. The report goes on to say that since most people have relatively newer devices bought in the past two years and in anticipation of economic downturn globally, they have been postponing new purchases. On the other hand enterprises seem to be extending PC lifecycles. A recovery is now expected next year.
On another front, the fears of an economic downturn have seen massive layoffs by leading companies including Google, Microsoft, Amazon etc. While there maybe various reasons that led to these layoffs, these decisions have been quite disruptive to the affected professionals and their families. Several of the Technology leaders may have been guilty of massive staffing recruitments based on opportunities that may not have brought in as much growth in good time. Globally, these are challenging times, but eventually more growing Businesses will recruit new hires to pursue their growth trajectories, bringing a balance in the job market.
R. Narayan Editor in Chief, CXO DXSAUMYADEEP HALDER
Co-Founder & MD
saumyadeep@leapmediallc.com
Mob: +971-54-4458401
MALLIKA REGO
Co-Founder & Director Client Solutionsmallika@leapmediallc.com
Mob: +971-50-2489676
Hitesh
Charbel Zreiby, Director, Channel Presales, Dell Technologies discusses how Dell Technologies is helping partners evolve
Grant Taylor, GM at Exclusive Networks KSA discusses how the VAD has been addressing the growing demand for cybersecurity solutions in KSA
Jishant Karunakaran, Founder and CEO at Mindfire Technologies discusses the company’s expansion into Saudi Arabia
Sakkeer Hussain, Director - Sales & Marketing, D-Link MEA discusses how Nuclias cloud networking has an effective solution for schools
Alan Ni, Senior Director, Edge Marketing, Aruba discusses key factors in creating the optimal hybrid model
Rick Vanover, Senior Director, Product Strategy, Veeam discusses best practices for Businesses to protect their data in the cloud
Lance Spitzner, Senior Instructor at SANS says if you want your workforce to exhibit secure behaviors you must do the groundwork by creating the environment for that behavior to flourish
Toni El Inati, RVP Sales, META & CEE, Barracuda Networks discusses a three pronged approach against Ransomeware threats
Signs partnership with Compass Brokers to enhance its distribution capabilities
Turtlefin, India’s leading Insurtech platform announced its partnership with Compass Insurance Brokers LLC, one of the biggest financial solution providers in the UAE, to create a unified and seamless platform to enhance their distribution capabilities in UAE markets. Through this partnership, Turtlefin will enable Compass's distribution teams to access the required information seamlessly and customize proposals for clients. Turtlefin will provide access to its extensive, technology-driven solutions to become more efficient and provide cost-effective solutions. This will help in reducing proposal creation time by more than 50% and increase the sales efficiency by 30% along with better customer experience. Turtlefin will enable Compass's vast distribution network to access all retail insurance products on its platform. Additionally, Turtlefin is also looking at providing its capability of digital prospecting and E- skilling with a vision to support and empower its network of advisors. This will
strengthen the engagement of Compass Advisors with their customers and empower them with necessary tools to cater to their customer’s insurance needs.
Amreesh Kher, Chief Partnership Distribution Officer, Turtlefin said, “This partnership exemplifies our belief in the opportunities in the Middle East markets with an aim to bring about transformation in the insurance distribution ecosystem. With our commitment to improve the distribution network and the in-
surance ecosystem, we are confident that our capabilities and interesting growth trajectory will further enable a future that will be beneficial for the entire community”
Turtlefin’s platform provides end-to-end transaction capabilities on a selected range of insurance products for advisors. It is also working with some leading financial institutions in the India and UAE, to create a unified and seamless platform for the bank’s insurance customers.
Partnership will leverage Nexthink capabilities to deliver the optimal employee-centric digital experiences
scale their digital transformation with improved insights on where and how they can improve and offer positive workplace technology experiences, through the lens of the employee. This partnership will also help both companies build new customer relationships, increase revenue opportunities, and offer value-added services.
Maged Eid, Area VP – META, Nexthink said, “Nexthink provides reliable digital tools and proactive IT support solutions that offer organisations real-time insights into their IT infrastructure. This helps companies understand any performance issues and resolve them – ensuring employees stay productive at all times. We are glad to partner with Giza Systems as they have the strong expertise and market leading capabilities, which will help us meet our business objectives and expand our presence in the region.”
Nexthink, a leader in digital employee experience (DEX) management software announced today that it has partnered with Giza Systems, digital transformation enabler and leading systems integrator in the MEA region; to support joint government and enterprise customers in their digital transformation journey.
This partnership will empower organisations to accelerate and
Nexthink’s advanced employee experience insights, provides IT admins with a single view, enabling them to proactively or even automatically resolve issues – significantly improving the employee remote work experience. This results in lower IT costs, increased employee productivity, and improvement in the success rate of transformation projects.
The hotel group has unveiled an online presence to match the luxury experience of its hotels
Valtech has partnered with Mandarin Oriental Hotel Group to launch a new digital experience. Mandarin Oriental had the foresight to invest early and put themselves at the forefront of the industry in preparing more personalized digital experiences to greet increased post-COVID traveler demand, which is forecasted to continue to increase sharply through 2026. Partnering with Valtech to transform its online presence in the heart of the pandemic resulted in an initial relaunch in time for the first travel surge in December 2021. This rapidly showed results; the average revenue per booking increased by more than 40% and engagement behaviors rose more than 10%.
Mandarin Oriental and Valtech have now completed the grand relaunch of Mandarin Oriental’s sites for all its global locations, including the UAE where it owns and operates iconic properties in Abu Dhabi and
Dubai, to meet the continued increase in travel demand ahead of competitors in the industry; the new online presence enhances the visual experience and flow for travelers, all supported by the replatforming of the website to Sitecore. This further investment has extended the success of the new digital experience, with numbers from the full relaunch showing year-overyear increases in organic traffic (90.8%), unique visitors (17%), and revenue (42%).
"Mandarin Oriental is a global icon in the luxury hotel segment and has always strived to deliver legendary customer experience across all its channels,” said Kareem Monem, Regional Managing Director at Valtech MENA. “What makes this journey so unique is that the Mandarin Oriental leadership saw beyond the challenges Covid presented and invested in the upturn - a decision that is paying back tenfold today. Valtech is proud to have
been a core part of Mandarin Oriental’s Digital Experience Transformation journey, and
Together, they will enable a holistic approach to digital transformation across a customer’s operations
AVEVA, a global leader in industrial software, has been acquired by Schneider Electric, a leading global industrial company specializing in digital automation and energy management.
Since its foundation, AVEVA has grown from a niche design software developer to a leading global industrial software company with a value of more than £10bn. Today, AVEVA’s software drives efficiency and reduces costs for over 20,000 customers worldwide, offering a Digital Twin for the whole asset lifecycle from Engineering through to Operations and Maintenance across diverse industries worldwide.
Schneider Electric and AVEVA together, enable a holistic approach to digital transformation across a customer’s operations.
AVEVA’s strategic focus is on becoming the number one SaaS provider of software and industrial information and evolving to a subscription-only business model. The acquisition will accelerate that transition. Whilst AVEVA will now be wholly owned and part of Schneider Electric, intentions have been set out to preserve AVEVA’s business autonomy, future R&D investment, and enhancing the potential benefits for customers and meeting their needs faster with a stronger portfolio of solutions.
Peter Herweck, CEO of AVEVA, said, “The needs of the industrial world are becoming ever more complex. AVEVA is now optimally placed, with the collaboration not just of Schneider Electric but all its partners, to drive innovation, change and value for its customers.”
The partnership with Tamkeen continues to provide quality training to Bahrainis in the specialized cybersecurity field
SANS Institute, the global leader in cybersecurity training and certifications, and The Labour Fund (Tamkeen) launched the second phase of the Cyber Reskilling Program in Bahrain. Following the success of the first phase in 2022, this year, SANS and Tamkeen continue their strategic partnership to deliver two programs that will allow 60 students to gain GIAC Security Essentials (GSEC) and GIAC Certified Incident Handler (GCIH) certifications within the training period. SANS will also continue to offer participants a supported pathway to enter the cybersecurity workforce. This initiative is aligned with Tamkeen’s strategic direction and is a response to Bahraini market demands in the technology sector that require high-quality and specialized tech training opportunities.
During the first round of the program with Tamkeen the latest SANS graduates showed high levels of knowledge and confidence, which contributed towards gradually bridging the cybersecurity skills gap in Bahrain, according to feedback from engaged employers and organisations.
"The success of the program speaks for itself. With 40% of students scoring over 90% in their GSEC and GCIH exams, and 82% and 86% passing their respective exams on the first attempt, it's clear that this training is providing students with the necessary tools to achieve their cybersecurity goals," said Ned Baltagi, Managing Director, Middle East and Africa at SANS Institute.
The new office will serve as a hub for showcasing cybersecurity solutions from SentinelOne along with interactions with customers and partners
SentinelOne, an autonomous cybersecurity platform company, announced that it has significantly enhanced its regional commitment, with the inauguration of a new office in Dubai. The new facility serves as the regional hub for SentinelOne’s Middle East, Turkey and Africa operations, as it continues expanding into new markets and secures new and existing customers against constantly evolving cybersecurity threats.
The new office, located in Al Thuraya 1 in Dubai Internet City, serves a number of functions including acting as an environment for the brand to showcase its cutting-edge cybersecurity solutions and technology, while also enabling its regional partners and their
customers to directly engage with SentinelOne’s cybersecurity experts. The office also houses the brand’s regional sales and marketing teams who are tasked with driving consistent engagement with channel partners and customers.
“We are proud and excited to announce the opening of our new SentinelOne Dubai office. Serving as a regional hub for our operations, our global culture will continue to thrive as we carry on our important mission to stop the threats of today, tomorrow and beyond by deploying cutting edge solutions such as our Singularity XDR Platform,” said Tamer Odeh, Regional Sales Director, SentinelOne.
Sees increased demand for sustainable printing and display solutions in KSA
With operations in Saudi Arabia since 2013, the new revamped office will be situated opposite the dynamic technology market. It is a 400 sq. m office space which includes state-of-the-art Epson technology from large commercial printers to consumer EcoTank printers. As part of the in-house innovation centre, Epson has installed seven projectors and professional displays to showcase the company’s diverse technologies and the functionalities of its solutions. The new Epson space also boasts two meeting rooms with the latest interactive projectors such as EB-1485FI – ideal for large conference meetings.
demand for Epson’s solutions in the Middle East market, whether from printing to projecting, and Saudi Arabia is at the forefront with its growth in sectors from tourism and hospitality to retail, entertainment, education, real estate and healthcare. With the Kingdom’s focus on digital transformation, Epson is using this new investment to a larger physical space to focus on being closer to our customers with a continued emphasis on pre- and post-sales engagement, marketing, administration, and technical services.” In addition, Epson Middle East is expanding its digital presence in the Kingdom to enable engagement via smartphones and other technologies.
As part of the company’s global growth strategy and to meet increased demand for sustainable printing and display solutions, Epson announces its move to a new, bigger office in the heart of Saudi Arabia, Riyadh.
Epson continues to expand its reach across key Middle East markets, with more than 80 professionals now in UAE, Saudi Arabia and Egypt.
Jason McMillan, Sales Director, Epson Middle East, said: “There is an increased
Recent research by Epson in Saudi Arabia has shown that organisations in the Kingdom are investing further in technology in the next 12 months, with a focus on sustainable solutions that enable better management of energy costs.
Company unveils multi-year vision and evolution of the ServiceNow Partner Program to support $500 billion market opportunity
ServiceNow announced a major partner program transformation to further partner growth and customer success. The multi-year vision is designed to support the $500 billion market opportunity for the Now Platform and associated partner services with a redesign of the company’s partner program that includes a new Partner Development Fund among other incentives and benefits.
ServiceNow’s expansive partner ecosystem is critical to helping joint customers realize the full value of the Now Platform. To help partners meet this demand, ServiceNow is investing in new initiatives to facilitate and expand partners’ expertise, differentiate their skills, and maximize their unique contributions.
“The vision for ServiceNow partners is that they should be treated as co-creators
of value, and as co-pilots on our journey to becoming the platform for digital business,” said Erica Volini, senior vice president of alliances and channel ecosystem at ServiceNow. “Our reimagined Partner Program creates unbounded opportunity for partners to expand and collaborate with ServiceNow well beyond where we can go alone. We are investing in partner success, championing their expertise, and giving them flexibility to drive exponential value with our platform.”
The new ServiceNow Partner Program will be available for all partners beginning March 6, 2023. As part of the program evolution, Erica Volini will succeed David Parsons, who has led the ServiceNow alliances and channel ecosystem organization since 2018. Under his leadership, Parsons established ServiceNow’s global partner ecosystem as a source of unique
differentiation and competitive advantage. Parsons will now lead a new and strategic ecosystem ventures function focused on accelerating growth with partners in targeted markets. ServiceNow looks forward to providing more information about that initiative in the next quarter.
Epicor, a global leader of industry-specific enterprise software to promote business growth, discussed key developments in its Middle East growth strategy at the company’s 2023 Middle East Customer Day on January 17, including plans to launch a new regional data centre driven by surging customer cloud adoption.
With increased interest and demand in cloud solutions amongst Epicor customers in the Middle East, the new UAE data centre — slated to be online Spring 2023 — will help Epicor customers boost performance and speed, as well as improve security. This gives customers using the company’s purpose-built portfolio of solutions — including Epicor Kinetic for manufacturing — a modern, flexible, and scalable technology approach that helps them better compete and grow their businesses.
“We were pleased with our performance in 2022 including increased interest and adoption in cloud-based solutions, and we’re continuing to invest in technologies and infrastructure to ensure our customers have the cutting-edge capabilities they require to connect their operations and prioritize growth,” said Vibhu Kapoor, Epicor Regional Vice President, Middle East, Africa & India. “Customers are choosing
Epicor not only for our cloud capabilities and deep industry expertise, but they’re also interested in strong levels of support from a reliable partner. At Epicor, we understand our customers’ challenges, and are there every step of the way to collaborate and help them gain visibility across their business and optimize production and supply chain processes.”
In addition to highlighting the data centre investment, Epicor also showcased key customer successes at its Middle East Customer Day with the first regional Customer Excellence Awards, honouring several innovative companies that have driven growth and profitability this past year using Epicor solutions.
The winners included:
Journey to the Cloud Excellence Award for Al Shawamikh Oil Services was recognized for driving continuous improvements through automation and digitization of several key operational process to modernize and transform their business. Being early cloud adopters in the region, Al Shawamikh Oil Services migrated from Epicor Kinetic on-premise to SaaS, to enable them to stay current with latest functionality and remain competitive.
Business Transformation Excellence Award: Abu Dhabi Precast transformed
their business operations and introduced more transparency with Epicor Kinetic so teams can better track budgets and expenditures at every phase. The data provides visibility and tracking across more than 40 operational initiatives, pivotal in keeping operations and costs in check.
Technology Innovation Excellence
Award: Arabian Plastic Industrial Co (APICO), recently listed on the Saudi Exchange, moved to Epicor Kinetic deployed in the cloud to standardize business processes, support adherence to regulatory compliance demands, and optimize their financial and operational processes. The solution is supporting their strategic company objectives — to deliver innovative products and worldclass customer-centric services. “Congratulations to all our worthy winners. Our customers and partners are central to Epicor’s success, and we’re thrilled to celebrate their innovations and achievements in driving their businesses forward,” said Andy Coussins, Senior Vice President and Head of International at Epicor. “We’re excited to share our regional investment plans for 2023, and we thank our customers in the Middle East region for their continued commitment to Epicor, and look forward to collaborating to drive future success.”
AIlooks unstoppable now with generative AI beginning to show how it can play a huge disruptive role going forward, across industries. AI will bring a lot of advances in critical areas such as healthcare and security for instance but now with generative AI, the domains where human creativity has been key will also see an impact. What humans can do, AI will learn quickly to emulate and though right now it looks like baby steps for generative AI, it wouldn’t be long before it does better.
In the larger context, AI has been around for decades but has gathered momentum in terms of actual use cases in the past several years. In the region, AI initiatives are supported strongly by the government with a national AI strategy in place since 2017.
“I can see that AI-based deployments are being a common practice not only in business operational and analytical areas, but they are also now common in various IT industry applications as well. Whether it be image recognition, speech recognition, or even signal processing also areas of IT service management, security incident management, and even predictive trend analysis for business applications AI is finding new home turf,” says Gigi Mathew Thomas, Group Head – IT & Digital Transformation, Ittihad International Investment LLC.
AI has traditionally been effectively used in chatbots for interactions with customers across industries. This is only getting better by the day.
According to Sunil Paul, CEO of Fi-AI is more pervasive than ever across IT applications and the arrival of Generative AI will only accelerate the momentum of AI adoption by Businesses
nesse, a leading SI, “AI is being integrated into every system & application we use on a day-to-day basis. The use of AI Chatbots is being widely used by most organizations in the region. Banks & financial institutions are using it for fraud detection and cross-sell and up-sell. We are seeing its regular use for preventive maintenance, supporting medical procedures, and automating mundane processes. With the use of machine learning, advanced analytics & robotic process automation AI is being used by almost every industry including healthcare, education, manufacturing, etc.”
Dr. Jassim Haji, President of the International Group of Artificial Intelligence based out of Bahrain says, “There is a noticeable growth in the region post-Covid and specifically in industries such as Oil & Gas, Shipping, Health, Education, Banking and HR services. It is expected to observe steady growth for the next 7 years.”
AI has a significant role in enhancing almost all Business processes within an organization. For instance, it helps in generating new innovative product designs based on data analysis as it is helping with early diagnosis of diseases in healthcare. For a front-end function like sales, it can enable great outcomes like helping predict the leads most likely to close, identifying new sales prospects, forecast performance, etc.
Sunil adds, “AI can help in product design & architecture, production, sales, marketing & distribution, remote deployment, invoicing & collections, maintenance and support, and customer experience.”
So how would Businesses need to look at going about their AI strategies and deployments?
Gigi opines, “AI can be deployed over a wide variety OF business applications and scenarios such as chatbots, natural language processing, optical character ignition, Language understanding, machine learning, etc.”
According to him, some of the best practices to be taken into consideration for AI developments are as follows:
- Assess your IT infrastructure and environment to host the AI deployment.
- Identify and document the business use cases where you would like to employ AI
- Formulate methodology to interpret and process raw data
- Train your machine learning models
- Always measure and track your results
- Always collaborate and guide the team
- Recognise the business value and wins quickly and share with business
For Businesses looking to deploy AI solutions, it is important to align with their objectives and start with deployments such as chatbots for instance which show quicker results, and then move on to other use cases.
Dr. Jassim says, “Before deciding on AI’s tool and platform, it is important for a business to identify how AI can reduce the cost, increase efficiency and perform long-term functionalities
that replace manual or human-driven processes. Usually, quick wins are around implantation of RPA (Robotic Process Automation) in back office functions, Chatbots in customer services or documentations with ChatGPT, and Predictive analysis in sales, marketing, and finance.”
The arrival of Chat GPT and similar offerings are opening up a new chapter in how AI is becoming a more pervasive influence in our lives. We are already being made familiar with the potential misuse of such tools but the advances will also bring in a lot of enhancements to different business activities.
Gigi says, “ChatGPT will bring about a lot of autonomous activity by business users and will reduce dependency on other stakeholders and knowledge systems considerably. Such tools will empower users to improve their knowledge and productivity as well as approach steep learning curves. However, I believe that it may also hurt the research nature of activities and make users complacent to readily accept outputs provided by such tools. It will benefit industries ask the tools mature and the more the AI learns. There could be some impact on jobs I believe the overlap would align heavily alongside RPA automation and digitization trend in the industry.”
He adds, “As we have seen, with every technological enhancement and industrial revolution has always led to new doors opened for new avenues of employment and I believe the same will be the case for Chat GPT as well.”
Chatbots are going to get better at interactions with customers. This is going to help Businesses raise their level of customer support if executed well. Likewise, it can help smoother interactions across the stakeholder ecosystem.
Sunil says, “ChatGPT is going to make the customer & vendor engagement smoother and more efficient. This will have some impact in the repetitive content generation jobs, however, used properly it can further improve the efficiency of business operations and customer support, so your employees can concentrate on better tasks,”
With generative AI, companies can create a variety of content like images, videos, and written material and reduce the turnaround time. This will therefore certainly disrupt some of the creative industries although, in the longer run, it will help enhance operational efficiencies.
Dr. Jassim says, “ChatGPT will disrupt many professions, such as copywriting, responding to customer inquiries, news report writing, creating legal documents, and academic research, and more current jobs will be threatened as a result.”
One of the key areas where AI is playing a significant role in enhancing performance is cybersecurity. However, AI tools are also available to bad actors as well- the cybercriminals who can exploit vulnerabilities.
Gigi says, “It is going to be a battle between the Titans and corporations have to keep up peace with their AI deployments specifically in the cyber security space and be on the lookout for potential threats that might creep in through other vulnerabilities, loopholes or fraud. Corporations can use AI in their SOC and NOC operations to identify threats as well as through the log management systems to identify danger.”
AI in cybersecurity as of today is a no-brainer. It has become integral to delivering security better, automating the detection, and catching unknown threats well in time.
Dr. Jassim says, “AI will have the ability to detect and identify patterns and vulnerabilities within extensive networks. Moreover, time-intensive operations can be automated without any intervals, which will increase response times and reduce the pressure of handling complex security tasks.
This year and the next few will be most likely to see AI deployments dominate the technology landscape as Businesses look to leverage the best of AI.
Vectra AI is a leader in Security AI-driven cyber threat detection and response for hybrid cloud. Hitesh Sheth, President and CEO, Vectra AI discusses some aspects of how AI driven solutions enable credible security postures for organizations
tionally create security opportunities for hackers. That is where companies like us come in and find a way to address that need for cybersecurity. That is the basis of our growth outlook and we've done significant team transformation to pursue this growth under the right leadership.
What impact does AI bring in cybersecurity? And what is the unique proposition you offer in that space?
You are never going to catch the unknown using conventional security methods and it is unlikely in real-time. This is where you utilize AI. The key value of AI is to discover the threat at speed and scale.
And while we always talk about AI and the security side of things, we should not forget that it is being used on the offensive side as well. sometimes, the hackers are a step ahead. Therefore, the only way you're going to level the playing field and have a credible security posture is with AI.
applied AI does and so the focus is on Applied AI and domain experts. You need to marry data science with specific domain knowledge such as perhaps genomics in healthcare to get useful results. It is about how we take this knowledge and transfer it to not just partners, but most importantly, customers. Whenever customers deploy our solutions, two things occur. First, we're very, very transparent about how our algorithms work. If you're a customer, we will show you exactly the logic of the solution, that however can be understood by a machine learning expert. Second, we are doing extensive training for Analysts who are manning the SOCs.
How important is Automation to cybersecurity?
How does the region reflect vis a vis your global market outlook and focus?
If you look at our overall revenue mix, half the businesses is International, and the dominant part of that is here in Europe and the Middle East. We've been here in the region now for a few years already. We have been doing business here in UAE, Qatar, Bahrain, Iran, Saudi, Egypt, and Oman. This region, especially in this current economic climate, is one of the most stable. So that creates a near-midterm opportunity for growth, which makes this region, significantly more important for us in the coming 24 months or so.
The second thing is, there are a lot of investments to transform the economies, in the UAE, Saudi, and across the region. Transformation initiatives always uninten-
How do you work with customers to address their needs? How do you address the expertise requirements to meet customer requirements?
On the customer front, we look at the customer profile and identify the required surface coverage. 99.9% of the companies out there have a hybrid infrastructure. There are five attack surfaces which include the public cloud, data centers, SaaS applications, identity, and the endpoint. We provide attack visibility with context across all five attack surfaces. Our solution identifies attacker methods and prioritizes the threats that matter most to the business and Integrate with the existing stack for context, workflow, and controls to stop threats.
One of the key lessons we learned early on is that generalized AI doesn’t work but
It helps on multiple fronts. The first is the actual signal discovery. The second area where automation AI is important is when once you find a discrete event, they usually tend to be a series of events. So how do you stitch those events together? How do you create a narrative? And then very critically, how do you create a sense of prioritization from that narrative? For instance, in a company, if there are 100,000 employees or devices, and half of them are hacked, which are the top priorities? So an automated approach becomes key and you can automate using AI. But then on, once you have identified the critical events, devices, or people, how do you automate the workflow response, that's the other area, that becomes very critical. Today, you know, customers will trust you to do the discovery, and automate that fully but they're not going to trust, even now, the automation of the response. Because, if there is one mistake, that could halt an enterprise. So they will automate the discovery but not the response. Having said that, there's a lot of workflow automation.
How are the technology shifts impacting the partner ecosystem? What is your message to them?
Our channel ecosystem is one of our strengths and to capitalize on it we need to make sure that our partners are equipped with the right knowledge of our products & solutions portfolio. For that, we have implemented what we call the “Ready To Sell” which is an enablement framework that empowers our partners with the knowledge, certifications & tools required to achieve different levels of self-sufficiency and specialization around our offerings. This allows our partners to drive opportunities on their own and that’s key to our success in the channel space.
As we step into a future with different technology shifts that will shape the business - such as Multi-Cloud, Edge, AI, Security & others - it is important for our partners to rethink their offerings catalog and build capabilities from the Edge to the Core to the Cloud. This will help them transform the traditional solution provider selling motion into a more advanced use case discussion that can help achieve specific business outcomes and which eventually translates into a technology requirement. At Dell Technologies we are focusing our R&D around innovations in those tech shifts to help our customers and we will continue to support our partners with both the right offerings & knowledge.
How much change is already happening within the partner ecosystem?
The market trends are changing thus impacting the partner landscape trends.
We started witnessing Solution Providers differentiating themselves with their IP (Intellectual Property) and consultative skills to address customers’ demands to transform and automate their operations. Others are shifting from selling to servic-
ing with a focus on expansion & upsell especially with the As-A-Service model becoming more and more popular – based on an IDC study, it is projected to reach $133.7B by 2026 at a CAGR of 12.6%.
Also, we are going to witness evolving partner roles as the whole ecosystem evolves: projects will become more complex with different specializations required which could drive multiple partners to collaborate on the same opportunities and this means that the partners and the industry are becoming more interconnected than ever.
How do you see the role of your distributors in your go-to-market strategy?
Our distributors are an integral part of our channel ecosystem. They give us the ability to enhance our coverage through their network of resellers which offers the breadth that we cannot achieve on our own no matter how much we grow our sales teams. We train our distributors to work with their resellers’ landscape the same way we do with ours and this is the biggest value add they bring by delivering to them enablement, and demand generation activities and supporting them in the opportunities they bring.
How are partners differentiating themselves?
Generally, partners differentiate themselves in different aspects such as the portfolio of services they can deliver, their team’s capabilities, after-sales support, etc… More specifically from a Dell Technologies perspective, we help our partners differentiate in two major areas. First, through our partner program which allows them to grow in the different tiers such as Gold, Platinum & Titanium based on different metrics out of which is accreditation & certification on our offering pre and post-sales. Second, through the specializa-
Charbel Zreiby Director, Channel Presales Dell Technologiestion exercise which is part of our Ready To Sell framework: we help partners become specialized in areas specific directly to our offerings or indirectly where our offerings complement other 3rd party solutions that they sell from different ISVs. These various specializations are in place to help partners differentiate themselves and to become specialty partners we take them through a tailor-made cycle of training, certifications & endorsement to make sure they have been able to learn and apply all that’s required to sell, deploy and deliver support services.
Grant Taylor, General Manager at Exclusive Networks KSA discusses how the cybersecurity focused VAD has been committed to addressing the growing demand for cybersecurity solutions in Saudi Arabia through its partners
Do you see growing focus on cybersecurity investments in Saudi Arabia?
Yeah, I don't think there's any choice, if you're going to bring digital transformation into your environment. This process is accelerating in the country with services pushed across the board, and cybersecurity comes hand in hand with digitalization initiatives. So the need for cybersecurity will only increase in Saudi over the next five to 10 years, as we race towards the 2030 vision.
Discuss your expansion plans in Saudi Arabia?
Saudi plays a pivotal part of the Middle East business for us and the business is growing. Over the next three to five years, we expect the Saudi business to represent 50% of the total Middle East business, so it is becoming incredibly important to the wider Middle East and to Exclusive Networks as a company globally.
Do you see Vision 2030 and NEOM as key drivers for increasing the growth in Saudi Arabia? How do you see Exclusive Networks and your partners benefiting from those key drivers?
Neom is just one of a number of mega projects that the Saudi Arabian government is focusing on. The are spending over a trillion dollars in the next seven years on mega infrastructure projects all of which will have a digital footprint and hence need cybersecurity. From that perspective, cybersecurity is only set to grow within Saudi Arabia.
How important has the participation at LEAP been?
How do you see the cybersecurity threat landscape evolving globally and in Saudi Arabia in particular?
The cybersecurity threat landscape is ever expanding and I think we will always be in an environment where we have to try and stay one step ahead of the bad actors from around the world and Saudi market is no different to that. Saudi Arabia has a highly advanced attitude towards cyber security and in general there is a broad understanding of the need to protect infrastructure and data and the country is investing time, effort and money on achieving that.
Elaborate on your cyber security solutions focus for the Saudi Arabian market?
We represent a number of tier one information security solutions that are delivering enterprise grade security for not only the enterprise level, but also to the small and medium businesses. So we cover the whole range. Our business in Saudi is growing exponentially as it is across the region and that's and outcome of having the right solutions and relationships in the market.
LEAP is the premier technology expo for Saudi Arabia. Within the KSA market, we see it certainly as a competitor to GITEX moving forward. For us, it was a place where we had to be present as this is an expanding market with exciting opportunities and we along with our vendors wanted to showcase our commitment to the Saudi market.
Have you expanded your team in Saudi Arabia?
The team has expanded from seven people six years ago to 30 people now and we will continue to expand as the business requirements change.
Have you extended your partner footprint in Saudi Arabia?
The number of partners that we work with is growing and the amount of credit that we offer those partners is expanding as well. The amount of time that we spend engaging and developing those partners is also increasing. For instance, for channel companies who were traditional infrastructure partners and have recently moved into cybersecurity, we're providing training to help them grow into this space as well.
Mindfire Technologies has established itself over the past decade as a leading cybersecurity solutions provider. Jishant Karunakaran, Founder and CEO at Mindfire Technologies discusses the company’s expansion into Saudi Arabia
ity, and so on. If someone has reserved a parking slot, they will get priority and guidelines to reach the parking.
The entire campus will be completely covered with internet connectivity and there will have complete visibility and control of the campus for the authorities.
Lecturers and students would need to move around the campus to take different classes. So they will have a digital identity that will make it easy to know where they are. This digital identity can be integrated with a public bus facility if they have that provision. The overall idea behind this turnkey solution is to manage digital identities, with access privileges and restrictions, along with enabling a smart campus.
Jishant Karunakaran Founder and CEO, Mindfire TechnologiesHave you commenced your Saudi Arabia operations?
We have opened a full-fledged office in Saudi Arabia. Our country Manager came on board in October last year. We are focusing on three key verticals- hospitality, healthcare, and education. In Saudi Arabia, we have an additional focus on infrastructure solutions. Our solutions for KSA include cybersecurity and digital infrastructure. We offer smart city services as part of this additional focus.
Discuss your focus on the Education segment opportunity in Saudi Arabia?
Saudi Arabia has several huge educational campuses with even monorail systems. They are looking at making them smart campuses with CCTV surveillance all around, self-service portals to help with car parking, and so on. We are looking at enabling smart electric poles at these huge campuses that can provide light at night and alongside, they also have charging facilities for cars, surveillance cameras, digital signage, public announcement facil-
Today nations can secure their cities and borders. However, cyberspace is borderless with almost 100% of the population of countries like the UAE connected to cyberspace. There is no country border in cyberspace. So that makes it more challenging to secure digital identities. Social security is effective when we have a consolidated platform to manage and secure digital identities. That is why we are expanding our focus to offer complete solutions related to cyber security.
How do you see the focus on cybersecurity and cloud adoption in Saudi Arabia?
There is accelerated momentum on the cybersecurity front and cloud adoption in Saudi Arabia. We are looking to work on some cloud adoption engagements there. The key challenge in cloud adoption is cybersecurity. So we see a good opportunity for us. For instance, data security is a key issue and at times for a long time, a Business may not be aware that someone has been grabbing their data. Therefore, effective cybersecurity is critical to combat such threats. We can help customers with secure cloud migration, taking care of all aspects of readiness. Security is one of the foremost aspects to take care of when you migrate to the cloud.
What other solution do you offer in the Saudi market?
We also have a focus on disaster recovery solutions for the Saudi market. A huge percentage of incidents happen that make customers lose their business data. So we help customers to adopt a proper disaster recovery plan, in consultation with their management. We make sure they are able to prevent such disaster disruptions and help recover from cyber-attacks.
Sakkeer Hussain, Director - Sales & Marketing, D-Link Middle East & Africa discusses how D-Link Nuclias cloud networking has an effective solution for schools to manage and secure their networks
Tell us about how Nuclias managed networking solutions are relevant for the education segment?
Digital Transformation is forcing educators to become tech experts, a very awkward situation as schools are typically understaffed and under-resourced compared to businesses with comparable IT needs. Nuclias addresses this problem by enhancing what your IT people can do, expanding where they can do it, reducing the number of breakdowns they have to fix, reducing the amount of attention your network requires, and by making it easier to outsource your network management to a third party, such as a Managed Service Provider (MSP).
Educators often have a limited-to-non-existent understanding of what’s happening on their networks. But with Nuclias, admins can enjoy an intuitive grasp of what’s happening now, where it’s happening, and how it’s trending. By seeing where busy spots are, where underutilized spots are, what percentage of available resources are being used, and any alarms, admin efficiency is enhanced, both now through timelier maintenance, and in the future through better planning.
Nuclias managed networking solutions deliver the robust infrastructure that educators need to connect large numbers of Wi-Fi devices seamlessly, and the tools to minimize the hassles, lower the barriers, and solve the problems inherent to the Digital Transformation of on campus learning at the primary, secondary, and tertiary level, with no pre-requisites in terms of an institution’s size, hosting needs, or IT resources on hand.
These solutions have been designed to rebalance the on-campus learning equation by putting professional-grade managed wireless capabilities back into the hands of educators. By minimizing the burdens, lowering the barriers and solving problems, they enable the educators to focus on what matter most- education of students at all levels. With centralized remote network management via an intuitive interface, and multitenant architecture, managing the network is easily done.
How is the network workload managed for best performance?
A wireless campus network is a complex system, and Nuclias intelligently coordinates the workload between the Access Points (APs), enabling better coverage and performance per AP than
each could achieve on their own. This coordination also enables better client handover between APs, so that network service interruptions are minimized as users move around campus.
What is Airtime fairness and how does this operate in Nuclias managed networks?
If one network user consumes a large portion of the available wireless bandwidth in a given area, it can create a poor online experience for other users nearby. But Airtime Fairness eliminates this problem, by allocating an equal amount of bandwidth dynamically to everyone within a coverage area, so no one’s experience suffers to excess.
How are students secured from malicious infiltration?
As educational institutions grow increasingly technology dependent, they increasingly become tempting targets for bad actors. Sometimes the results of an intrusion are relatively minor, like when some of your computing power is hijacked to mine cryptocurrency. Or they can be major, like when access to your school’s vital data is thwarted during a ransomware attack.
Nuclias protects students by making it easier for educators to regulate their online activities, both in terms of what they can do online and what they can’t do online, and by minimizing their potential exposure to bad actors while connected and/or utilizing your school network.
In addition, Whitelisting/Blacklisting (also known as Access Control Listing) allows educators to confine user Internet access to certain websites, or to block access to certain websites. Not only does this limit student access to distracting or objectionable content, it’s also a good security practice, as such sites often harbor malware.
As has already been widely reported, the pandemic caused a great shift in our working patterns and in the workplace – prompting organizations to reconsider the office space and the enterprise network in order to support employees’ evolving expectations and needs. And over two years later, that shift shows no signs of slowing. In fact, as we look to 2023, redesigning the workplace and the network that supports it has become pivotal for organizations that want to achieve better business operations and results, as well as improve employee satisfaction.
Yet, how exactly have employee expectations and needs changed? And what should CIOs consider when creating the best hybrid workspace and experience for the future?
We teamed up with Leesman, a leading global provider of original research on workplace quality and employee satisfaction, to create a report that utilizes their insights and large survey database of over 70,000 worker respondents and 125 corporate real estate respondents to answer these questions.
With 93% of corporate real estate leaders surveyed indicating that their organiza-
tions plan to adopt hybrid work as standard practice going forward and 94% revealing that they plan to make further physical changes in the workplace to support organizational and/or employees’ needs, the results offer compelling information for CIOs as they map out their goals for next year.
Despite many workplace specialists’ beliefs that the main purpose of the future office is to be a hub of collaboration, Leeman’s findings indicate that the office is becoming more important as a hub of connection, with connection-based activities showing the highest increase in importance over any other work activity.
The office has become a centralized area to connect with colleagues and co-workers, not necessarily on specific tasks or problems in pre-arranged (and large group) formal meetings, but to engage in “informal social interaction” and "informal, unplanned meetings.” The office is a space where employees increasingly want to go to develop relationships and get a deeper sense of community, and more informal spaces to socialize would better support that.
It’s important to note that workers are satisfied with the effectiveness of home-based collaboration and are more satisfied with hybrid-based collaboration than office only. This may be due to the effectiveness of technologies such as online meetings and messaging for collaboration.
Both prior to and during the COVID disruption, “individual focused, desk-based work” remained the most important working activity according to Leesman’s survey results, regardless of respondent role, age, and gender, with an 80-90% importance rating. So, for CIOs who want employees to spend more time working in the office, one of the most fundamental requirements is to support individually focused desk-based work – both in the office and wherever hybrid work gets done.
There is also a difference in attitude between office workers and hybrid workers on fixed computing equipment, with more office workers than hybrid workers selecting this IT feature as important (37%). As for mobile computing, more hybrid workers than office workers find this IT feature important (70%).
Mobility has also become one of the most desired factors for employees in today’s work environment – and many organizations are already looking to change the physical layouts, forms, and size of their offices to reflect this, as well as to foster open communication and a collaborative culture.
Judging by Leesman’s results, offices are likely to become smaller in the future. Therefore, organizations must improve workspace organization and flexibility with flex-desking, assigned days, and tighter tools for room booking (supported by an increasing number of IoT devices and measurement systems). At the same time, more organizations are investing in quieter and smaller rooms for working alone or in pairs, increased Wi-Fi network connectivity for the office, and mobile computing equipment.
CIOs must also understand which aspects of technology have grown or decreased in importance. According to Leesman’s data, employees are dissatisfied with fixed computing equipment in the office (considering it to be slow and out of date), and IT infrastructure also seems insufficient compared to home working settings. In light of this, CIOs should consider whether fixed IT features are necessary for their business and whether they should be replaced with mobile equipment. This may also bring with it a need to review network speed and quality.
Leesman’s findings make it clear that the redesigned office of the future will benefit from a far more advanced wireless infrastructure to support the full range of devices, users, and platforms and to enable work-from-anywhere mobility. Rethinking IT infrastructure is key to achieving better business outcomes — from increasing employee productivity and engagement, to reducing capital and real estate operating costs, and more.
Aruba has always maintained that as “people move, networks must follow.” Job satisfaction and performances may improve if organizations better support an optimal hybrid experience that sees the office as a mobile and evolving working space and the network as a key enabler to be an employee satisfaction and performance multiplier.
The “Global DataSphere” is exploding in size. IDC predicts that by 2026, the amount of data in the world will have doubled again. While most enterprises have digitised their operations, they continue to add more strategic workloads and create more and more data. So, as the amount of data enterprises have to deal with grows exponentially, moving to the cloud based on an elaborated strategy offers significant benefits like scalability, flexibility and cost-effective storage.
But can this go on forever? Gartner expects total worldwide end-user spending on public cloud services will reach a record $592 billion this year, a 21 per cent increase from 2022. This rapid level of growth and migration raises some concerns at an enterprise level, with fast “lift and shift” migrations meaning best-practices for modern data protection aren’t followed. The Cloud security alliance (CSA) reported that 96% of companies say they have insufficient security for sensitive cloud data - so across the board we have a long way to go on this journey. Here are three best practices for enterprises to protect their data in the cloud.
The first step to solving any problem is knowing what you're dealing with. Before you can protect anything, you need to know who’s storing what and where. Is everyone in the business using the same accounts? To make sure this is done right, IT teams often need to play detective or go on a journey of discovery across the business. To find these threads, it is often necessary to look through finances and collect invoices for cloud costs across the organisation.
When brought together, the amount of data kept by most enterprises, whether it was migrated over from on-premises or originally stored in the cloud, is vast. Humans are natural hoarders, and the digital world is no exception. While the “virtual garage” of the cloud can store endless boxes of data, locating everything is only half the battle. In order to know what data is mission-critical and sensitive, you’ll need to classify it. Automated data classification engines can help you sort through and organise - so you’re not blindly trying to protect everything to the nth degree. Once you know exactly what you have stored on the cloud (and where) only then can you start looking at how this data is secured.
As organisations face a fairly low barrier of entry to move data to the cloud, teams may not have prioritised the security and net-
Rick Vanover - Senior Director, Product Strategy, Veeam discusses three best practices for Businesses to protect their data in the cloud
work processes that are required - if the migration happened too fast this can easily be the case. Similarly, because the cloud is a completely different environment to secure, things are often missed - there are lots of new service types that don’t always exist on-premises and many of these need to be protected and recovered in the case of attacks or outages. Examples of these include code in cloud storage, applications that leverage other cloud services and APIs provided in the cloud.
A key issue is enterprises often not realising exactly what they’re responsible for regarding security and data protection in the cloud. There is a big gap in awareness of the shared responsibility model on which cloud security is built on. This means they assume the provider is responsible for certain security measures when in reality it's their job. While it does depend on the cloud provider, typically the provider is responsible for the security of the infrastructure and the physical facilities that host it. Securing applications, data and access to the environment, however, is the responsibility of the customer.
In practice, this means enterprises need to ensure they have backups of all critical and sensitive data stored in the cloud in case of breaches or outages. The best practice is to have multiple backups in different locations (e.g. one on-premises as well as a cloud copy) and have copies of data across different mediums, with at least one copy being kept offsite, offline and immutable - even better yet, all three.
The other core security responsibility that lies with the enterprise is controlling access and privileges. If every user of your cloud has access to God Mode, any breach is going to be devastating. Likewise, if you’re using a single account to do multiple different functions like protection and provisioning. The best practice is to ensure multiple accounts are used across the business, using access and identity management correctly across accounts and subscriptions so you can easily remove the failure domain in the case of a security breach. At a user level, ensure the principle of least privilege is being followed across the cloud environment so that people only have access to the resources and environments they need.
In all likelihood, putting the previous two principles into place will be a significant project for most enterprises. But the good news is the initial heavy lift to do so will not be required again on the same scale. However, to keep the cloud environment healthy and cost-effective long term, it's important to have cloud data hygiene processes in place.
Ensure you have a proper data life cycle process. Without it, the good work done initially will become ineffective and expensive over time, with the business paying to store and protect the wrong data in the wrong ways. Data needs to be on the right storage platform in the cloud - and this will change during its lifecycle. For example, it might move from block resource to object storage to archive storage. The costs associated with these are variable, so make sure you’re not storing (or backing up) data in inefficient ways.
This is one small part of avoiding eventual “bill shock” for cloud computing and storage costs. Beyond simple data, costs are API costs, data egress (transfer) and more. I always recommend enterprises have an established “cloud economic model” that they follow to prevent costs from piling up and ensure spending matches expectations. To use a real-life analogy, if you leave a light on or forget to cancel a subscription you no longer use, your monthly bills will be higher than expected. If this happens across an enterprise cloud environment, the total tally can be eye-watering.
As enterprises' (and the world’s) amount of stored data continues to grow over the next five years, the cloud is going to be a vital piece of the puzzle in managing this. Enterprises need to look beyond just storing and protecting their data and look at ways to utilise it and unlock value for their business and their customers. Doing this requires re-factoring for greater agility, but this will also mean the business is prepared for the ‘whatever’. Cloud computing is nothing if not dynamic, and will continue to evolve, with best practise bound to change. If enterprises become data-centric now, both on the cloud and on-premises, they’ll be ready for whatever the future throws their way.
Lance Spitzner, Senior Instructor at SANS Institute says if you want your workforce to exhibit secure behaviors you must do the groundwork by creating the environment for that behavior to flourish
Want to know a secret? We’ve spent too long getting cybersecurity culture all wrong! Over the past 20 years, we’ve grown accustomed to using tech to secure tech – and we’re good at it! However, we’ve done a poor job of using tech to secure people. Given that humans are the primary attack vector, there’s a clear rationale for solving the people problem and that starts with breathing new life into stale cybersecurity culture.
Getting the human factor right is the key to setting up a resilient strong cybersecurity posture. It should be no surprise that routine human error is a major contributing factor to breaches and one that can undermine even the most resilient of workplace cybersecurity measures. In our fast-evolving hybrid world where 80% of breaches involve human elements, there is no stronger case for a total rethink and reset on how we lead a cybersecurity change and drive a strong cybersecurity culture across the workplace.
Ultimately, the stronger your security culture, the more likely it is that people will behave in a secure manner and exhibit secure
behaviors. The bottom line is if you want your workforce to exhibit secure behaviors you must do the groundwork by creating the environment for that behavior to flourish.
Culture is built and shaped by what people think. At its heart, it’s about people’s shared attitudes, perceptions, and beliefs. A cybersecurity culture is underpinned by these key principles. The drivers of this positive cybersecurity culture are some of the things that we as humans value the most. Fundamentally, if security at your organization is too authoritative, unapproachable, or unable to engage with a workforce in a positive way, then people will simply not like the cybersecurity lessons you’re trying to teach. Humans are widely criticized as the weakest link in the cybersecurity chain, but telling people they’re doing it all wrong will get you nowhere. You’ve got to educate and build that cyberculture that reaches everyone at every level across the workforce.
It will come as no shock that even the best management programs break down if they’re not backed up with a strong and positive culture. All too often, negative culture is the exact root cause of why vulnerability management programs fail. SecOps fail too when teams butt heads and the working culture isn’t positive and collaborative enough to foster great results. The point is, no matter how important the security objective, it is destined to fail if the workforce believes there to be a toxic security culture. Terms which too often arise when describing this type of poor culture are ‘punitive’, ‘vague’, and ‘fear-focussed.’ If you have this kind of problem, how are you going to take the workforce on a cybersecurity journey with you? It’s one thing having the ideation in place, but with the communications strategy in place to share that vision and execute it requires a whole other skill set.
The Golden Rules: How do we go about it?
Self-awareness plays a main role in this endeavor and security teams must be able to hold a mirror in front of themselves and ask “would I buy into what I see here?” It’s a measure that requires an understanding of what people think about the security team. While it might seem daunting to ask the workforce what they think about their cybersecurity team, there’s no better way to get a cyberculture health check and an understanding of what needs fast improvement. To get started you can focus on these key performance indicators.
Ask yourself:
- Do people feel safe reporting incidents? Even ones they might have been responsible for?
- Does the security team receive regular communication from the workforce such as requests for briefings?
- Is the message getting through? If not, why? Is it too technical, too vague, or too unfamiliar?
When trying to steer the security course of an organization, remember that emotions count enormously. It’s vital to facilitate a frank discourse where employees feel that they can freely share their thoughts and feelings about everything from the security team to policies and training opportunities.
Success lies in motivating the workforce and enabling security. You don’t do that by technical wizardry, you do that by understanding people. Look towards simple behavioral architecture to see if you can inspire people to do what you want them to do without them even noticing it. As experts in what we do, we can be guilty of giving cognitive overload. How about we simplify this by spelling out in simple non-technical language what must be done to hit the right notes? In cybersecurity, the list of don’ts is never ending so it’s impossible to tell people everything they shouldn’t be doing. Instead, make it easy for everybody and tell the workforce the 5 things they should be doing. Isn’t it better they take 5 simple actions than ignore the list of 20 things you tell them not to do?
When communicating cybersecurity instructions, you need to keep it simple. For instance, if you’re rolling out a new password manager, do you think people will take the time to decipher the technical language, or care about your -well-intentioned- explanation of why it’s important for regulations and the company? That’s a resounding no. Why not be the good guys and tell people about how much time they’ll save with this new solution and just how much simpler the working day will be when they follow a few simple instructions? If writing for mass audiences isn’t your strong suit, no problem. Take the time to connect with HR or internal communications teams to get help communicating your vision in non-technical language. For effectiveness, writing should always be from the point of view of people and not the security team. Remember, communicating doesn’t have to be dull and corporate. Putting your instructions into something like a comic book would get a lot more people wanting to absorb what you have to say!
Today, cybersecurity leadership is no longer just about technology. It is ultimately about organizational change - change not only in how people think about cybersecurity but in what they prioritize and how they act - from the Board of Directors to every other level of the organization.
Building, managing, and measuring a strong cybersecurity culture by leveraging the latest real-world lessons and organizational change models is now a core business priority. For a security professional, it’s important to see their job role as a people manager charged with helping people change behaviors to then change business goals. Ultimately, managing human risk is why we all do security.
Ransomware. The waking nightmare of every CISO. Ever since it crept onto the global threat landscape, encrypting data and extorting payment for decryption keys, it has evolved. Today, we have RansomOps, Ransomware-as-a-Service, and ransomware campaigns that go after backups to ensure enterprises have no way back to normal operations except to pay up. Now we have reached this stage, it is understandable that some regulators and industry voices are arguing the only way to stop the global criminal enterprise is to outlaw payments to its extortionists.
There have been international calls to ban payments to ransomware gangs since at least the summer of 2021. Just months later, in the fourth quarter of that year, the average UAE organisation was facing 408 cyberattacks per week and that year saw 59% of UAE enterprises hit with ransomware. While this percentage was less than 2020’s figure, the average damage inflicted was greater.
Figures like these put cybersecurity industry catchphrases in perspective, particularly the one that goes: “Defenders have to get it right every time, but threat actors only need one good day.” With 408 attacks a week pummelling their infrastructure,
how long, realistically, can overworked, under-resourced cybersecurity teams deprive their adversaries of that good day?
While there have been no official moves by the UAE government on this issue so far, it remains a proposal worthy of discussion. If we impose fines for payments, we may deter businesses from considering this as their path back to operational normalcy. However, such measures may have an adverse effect on the problem. The incentive to pay could be too strong to be subverted by the threat of fines. We are, after all, talking about crippled businesses that could go under if they do not return to their markets. And in the case of critical infrastructure like the Colonial Pipeline, there is the chance that authorities might make an exception, potentially rendering legislation toothless.
Further, a ban might shift payments out of sight, or into the shadows. Think about it. A small circle of decision makers in an organisation hit by ransomware could opt to make the payment, and, if they are lucky enough to get a decryption key or key that works, restore systems outside business hours. Cyber-gangs that have just received payment are unlikely to cry
foul. And while future audits by regulators may uncover the subterfuge, this may be a risk worth taking to get back on track. In the end, fines will only be a further pain point, antagonising businesses and hiding vital data about the scale of the ransomware problem.
The answer to ransomware remains the same as it ever was. Protect yourself. Put together a cybersecurity strategy and infrastructure that can deliver a threat posture equal to its RansomOps rivals. Here is a three-pronged strategy that will greatly enhance your organisation’s threat posture.
Train employees in the basics of cybercrime. Part of the UAE’s infamous 250% surge in cyber incidents in 2020 was 1.1 million phishing attacks. These are often the opening salvo in a ransomware campaign. If employees knew how to detect the signs of social engineering – something that could be taught in a one-day seminar as part of their onboarding and induction training – they could avoid the common missteps that lead to the compromise of credentials. This culture of awareness must include a clear path for reporting suspicious emails and foster an
Toni El Inati - RVP Sales, META & CEE, Barracuda Networks discusses a three pronged approach to developing a cybersecurity strategy and infrastructure that can deliver a threat posture equal to the RansomOps rivals.
environment where employees are encouraged to proactively report inadvertent, though potentially harmful potential slip-ups. Apart from training your people on email security and Web hygiene, procurement of anti-phishing technology will allow your IT team to identify and flag unusual activity. For the attacker, acquisition of credentials is a crucial step. While dropping ransomware payloads is not impossible without valid network privileges, it becomes many times more difficult. And since RansomOps gangs habitually favour low-hanging fruit, fortifying identity security is a solid foundation of protection for any enterprise.
Online applications are inviting inroads for ransomware gangs. File-sharing services, webforms, and e-commerce sites are all candidates for infiltration routes, and attackers can use them via compromised accounts (user or machine) or through an API. Common methods include exploitation of vulnerabilities in OWASP (Open Web Application Security Project – a community that provides a repository of free and open resources), and credentials stuffing, where attackers use username-password pairings across systems and organizations in a kind of distributed brute-force attack where the credentials are already known to work in at least one location.
Offline data backups remain the greatest weapon against ransomware extortion in that they are the last line of defence. Failing user vigilance and automated and human cybersecurity, data restoration will win the day, assuming backups are resilient and comprehensive and not connected to the network where attackers will likely find and delete them.
Comprehensive backups account for all data within an organisation. This goes beyond the user data that is the everyday product of the knowledge worker. Configuration files, archived data, metadata, log data – if it is at all useful to the enter-
prise, it must be included in the backup. The frequency of the backup is up for judgement, but a good rule of thumb is that frequency of backup should reflect frequency of use. Data used daily should be backed up daily, data used monthly should be backed up monthly, and so on. Meanwhile, resilient backups are those that are difficult for ransomware to locate and destroy. Cloud backup-replication services with unlimited storage and ex-
tensive search and restore capabilities are ideal for this purpose.
The whole purpose of banning ransomware payments is to make any future campaigns unprofitable for attackers. But if enough of us protect ourselves sufficiently to cause enough pain to enough attackers, then that may just be enough to make them reconsider ransomware as a business model altogether.
"If employees knew how to detect the signs of social engineering – something that could be taught in a one-day seminar as part of their onboarding and induction training – they could avoid the common missteps that lead to the compromise of credentials."
Kodak Alaris has enhanced its portfolio of award-winning document scanners with the launch of two powerful, compact models. The Kodak E1030 and E1040 provide superior image quality and a simple user interface for fast, reliable information capture.
Backed by industry-leading services and support including a three-year advanced unit replacement warranty, these new desktop scanners are designed to deliver reliable productivity gains and total peace of mind. Perfect Page technology delivers consistent high-quality images that are better than the original. The new Dual Illumination feature eliminates shadows and other artifacts that often occur when scanning damaged originals, further improving image quality and Optical Character Recognition (OCR) accuracy. The E1000 Series also include USB 3.2 connectivity and an 80-page automatic document feeder (ADF).
With their compact size, the Kodak E1000 Series Scanners are ideal for desktop use in small to medium-sized businesses, branch offices, reception and admin desks, and enterprises with remote workers. The new E1000 Series Scanners make it easy for organizations to convert documents into digital information and deliver data to their systems for greater business efficiency and better customer and employee experiences.
Highlights:
• Capable of processing up to 40 pages per minute, the E1000 Scanners can handle a variety of paper sizes and weights, including hard cards.
• The optional Passport Accessory or integrated A4/Legal Size Flatbed Accessory accommodate document scanning for specialized needs and delicate documents.
• The Kodak E1030 and E1040 Scanners are easy to set up and use. Office workers can start scanning right out of the box.
• An intuitive LED control panel makes them easy to integrate into business processes and applications, and Smart Touch technology enables customized scanning workflows with one-touch simplicity.
Most non-webcam users struggle with poor lighting conditions, unflattering camera angles, and low-quality sound from their laptop speakers. Brio 300 series webcams are perfect for those who want to make the easy but substantial jump to significantly improve their video meeting experiences with an external webcam. For companies who need to provide certified, simple-to-use webcams to employees’ home or office workstations, Brio 305 is a budget-friendly option.
Brio 300 series is the latest offering in Logitech’s portfolio of webcam products to support the New Logic of Work, where personal workspaces are individualized, easy to set up and use, and consciously designed for a positive future.
This halogen-free camera is ideal for addressing operational efficiency, as it allows users to monitor temperatures remotely and access smart filtering functionality that reduces false alarms.
deal for improving operational efficiency, this halogen-free, thermometric camera lets you remotely monitor temperatures and trigger temperature-based events. Robust and impact-resistant, it offers early fire detection analytics and built-in cybersecurity features. AXIS Q1961TE lets you remotely monitor temperatures from -40 °C to 350 °C (-40 °F to 660 °F)*. So, you don’t need to be onsite to know if your equipment is getting close to overheatingyou’ll receive a notification if the temperature passes a set threshold, or if it increases or decreases too rapidly. This allows you time to act to avoid unwanted downtime and it enables predictive maintenance planning. AXIS Q1961TE supports up to 10 configurable polygonal detection areas, making it possible to monitor areas for specific temperature levels. With spot temperature reading, you can click on the image and see the exact temperature in the specific area. Furthermore, through metadata, you’ll have access to temperature statistics.
The key features of AXIS Q1961-TE are:
• Remote temperature monitoring
Highlights:
• The Brio 300 series (Brio 300 and Brio 305) are FullHD 1080p webcams with high dynamic contrast, auto light correction, and a single digital microphone with noise reduction, so users are seen and heard clearly despite poor lighting and background noise. With a reliable meeting experience every time, users can join video calls feeling confident and engaged.
• The webcams connect to computers through a USB-C port, making it simple to join video meetings. Afterward, a quick spin of the built-in privacy shutter gives users assurance the camera lens is blocked and no longer showing their workspace.
• Avoid unwanted downtime caused by overheating equipment
• Preinstalled early fire detection analytics which reduce false alarms and spot temperature reading
• Built-in cybersecurity features that prevent unauthorised access
• Supports up to 10 reconfigurable polygonal detection areas
• Edge-to-edge technology enables audio alarms
• IK10-rated, which makes it impact-resistant and robust
• IP66/67 and NEMA 4X rated for corrosion protection
• The unconventional cone shape design adds personality to every workspace. Available in offwhite, graphite and rose colors, the webcams pair harmoniously with Logitech mice and keyboards for a stylish and coordinated setup.
• For IT teams equipping employee workstations and home offices, Brio 300 series webcams are compatible with most video conferencing platforms and certified for use with Microsoft Teams, Zoom, and Google Meet. Brio 305 can easily be deployed across organizations and remotely managed through Logitech Sync, resulting in fewer help desk tickets.
In the Middle East and North Africa (MENA), IT spending is estimated to return to growth in 2023, to total $175.8 billion, up from $172,9 billion in 2022
Worldwide IT spending is projected to total $4.5 trillion in 2023, an increase of 2.4% from 2022, according to the latest forecast by Gartner, Inc. This is down from the previous quarter’s forecast of 5.1% growth. While inflation continues to erode consumer purchasing power and drive device spending down, overall enterprise IT spending is expected to remain strong.
“Consumers and enterprises are facing very different economic realities,” said John-David Lovelock, Distinguished VP Analyst at Gartner. “While inflation is devastating consumer markets, contributing to layoffs at B2C companies, enterprises continue to increase spending on digital business initiatives despite the world economic slowdown.
“A turbulent economy has changed the context of business decisions and can cause CIOs to become more hesitant, delay decisions or reorder priorities. We’ve seen this in action with the reshuffling taking place among some B2B companies, especially those that overinvested in growth. However, IT budgets are not driving these shifts, and IT spending remains recession-proof.”
The software and IT services segments are projected to grow 9.3% and 5.5% in 2023, respectively. The devices segment is forecast to decline 5.1% this year as both consumers and enterprises lengthen device refresh cycles
“During the height of the pandemic, employees and consumers had technology refreshes of tablets, laptops and mobile phones due to remote work and education,” said Lovelock. “Without a compelling reason for an upgrade, device assets are being used longer and the market is suffering.”
Tight labor market impacts IT services spend Job vacancy rates have been increasing every quarter and the open jobs per unemployed rate is at record lows in many countries. High competition for talent is challenging CIOs to hire skilled IT staff, limiting growth for companies who struggle to scale without the requisite talent. Simultaneously as software spend continues to rise, the IT services market is growing as companies look to bring in outside IT staff for implementation and support. For example, spending on consulting is expected to reach $264.9 billion in 2023, a 6.7% increase from 2022.
“CIOs are losing the competition for talent,” said Lovelock. “IT services spending is growing more quickly than internal services in every industry. Skilled IT workers are migrating away from the enterprise CIO towards technology and service providers (TSPs) who can keep up with increased wage requirements, development opportunities and career prospects.”