CXO DX May 2023

Page 1

RAMAN NARAYAN

narayan@leapmediallc.com

Mob: +971-55-7802403

CHALLENGES ON THE TRANSFORMATION JOURNEY

The hybrid workplace is here to stay but there are daunting challenges for organizations on the road ahead. Technologies that enable hybrid work are just getting better with each passing day, providing organizations as well as employees better options towards enhanced productivity. Disruptive technologies have continued to surprise us on a regular basis in recent years and with the emergence of generative AI, the impact is expected to be a lot more significant on the workplace as we know it. While varying from sector to sector, every industry will need to learn, leverage and control these new resourceful technologies at work.

Cybersecurity concerns will further rise to the forefront, as cybercriminals can equally use these sophisticated tools to launch more potent attacks. According to a new report from threat intelligence firm Cybersixgill Ltd., generative AI is lowering the entry barrier for cybercrime by enabling easier and quicker creation of malicious code and perform other “pre-ransomware” preparatory activities. It may make the task of weaponizing malware easier. On the other hand, cybersecurity companies are also working around with generative AI to see how they can be a step ahead of cybercriminals.

In the background of all this, adopting digital transformation remains a necessity for organizations and governments worldwide. Middle East countries like the UAE and Saudi have been steadily accelerating their pace of transformation, led by strong leadership vision and enhancing the quality of services available to their citizens and residents. In varying degrees, other countries of the larger MEA region will also see greater momentum towards embracing digital transformation. For Africa, the forthcoming edition of GITEX Africa happening in Morocco is expected be a viable platform to get a glimpse of the latest technologies on offer from leading Technology companies. With many trade visitors from across the continent expected at the show, it could set the stage for some successful partnerships that help accelerate digital transformation initiatives.

SAUMYADEEP HALDER

Co-Founder & MD

saumyadeep@leapmediallc.com

Mob: +971-54-4458401

Nihal Shetty Webmaster

MALLIKA REGO

Co-Founder & Director Client Solutions

mallika@leapmediallc.com

Mob: +971-50-2489676

3 MAY 2023 / CXO DX » EDITORIAL
PUBLISHED BY - Leap Media Solutions LLC REGISTERED OFFICE: Office 10, Sharjah Media City | www.cxodx.com Co-Founder & Editor in Chief Sunil Kumar Designer

14 » GATHERING MOMENTUM

Organizations come to terms with the fact that hybrid work is here to stay as they negotiate the journey to enabling hybrid workplaces.

12 » NETAPP’S 2023 CLOUD COMPLEXITY REPORT HIGHLIGHTS SHIFTING DEMANDS OF A MULTICLOUD ENVIRONMENT

13 » HAMAD INTERNATIONAL AIRPORT TEAMS UP WITH DELL TO DRIVE INNOVATION

20 » TOWARDS STRONGER PASSWORDS

Weak passwords have been a common attack vector for hackers to breach accounts. It is time for everyone to reflect on the need to strengthen their passwords

19 » ENHANCING CYBER POSTURE

Necati Ertugrul, Chief Strategy Officer, CyberCyte discusses the company’s focus on threat hunting and attack surface

management

23 » A STEP AHEAD OF THE MARKET CURVE

Sakkeer Hussain, Director - Sales & Marketing, D-Link Middle East & Africa discusses how the vendor is responding to the demand for better connectivity solutions.

24 » TACKLING THE INSIDER THREAT

Yevhen Zhurer, Head of Business Development at Ekran System and Anna Chernyavskaya, Partner Manager at Ekran System discuss the company’s focus on insider threat management

26 » CHATGPT? BING? BARD? THE TECH IS CALLED LLM

Kurt Muehmel, Everyday AI Strategic Advisor at Dataiku writes about how to get started in the enterprise.

28 » LET’S TAKE THE FIGHT TO THE IDENTITY THIEVES; INTRODUCING ITDR

Michael Byrnes, director - solutions engineering, iMEA, BeyondTrust makes the case for case for Identity Threat Detection & Response.

30 » 3 WAYS CIOS CAN HELP ORGANIZATIONS PLAY OFFENSE AND DEFENSE

Jason Conyard, CIO, VMware writes it’s incumbent on the CIO to mitigate spiraling costs on the multi-cloud journey.

32 » THE EVOLUTION OF RANSOMWARE – NAVIGATING CYBERCRIME

Sergey Shykevich, Threat Intelligence Group Manager at Check Point, looks at the evolution of ransomware.

34 » TREASURY TRANSFORMATION

Manoj Panicker, AVP, Finesse discusses how Kyriba TMS helps optimize cash and liquidity management, manage financial risk, and automate financial operations.

REGULARS

STATS

4 CXO DX / MAY 2023
CONTENTS COVER
FEATURE
06 » NEWS 36 » TECHSHOW 38 » TRENDS &
»
STORY COLUMN
INTERVIEW NEWS INSIGHT
14
20

G42 CLOUD AND GULF BUSINESS MACHINES ENTER STRATEGIC PARTNERSHIP

Together, the two companies will enable enterprises and public sector to accelerate their pace of digital innovation

with G42 Cloud to support regional enterprises with their end-toend path to digital transformation securely and at scale. The new partnership will enable GBM to offer advanced technologies and solutions available on G42 cloud to its customers.

G42 Cloud, a unit of Abu Dhabi’s artificial intelligence company G42, and regional digital solutions major, Gulf Business Machines (GBM) announce a collaboration aimed at bringing advanced technologies to regional enterprises and public sector entities.

As part of its ongoing focus on accelerating regional digital adoption via core technologies such as data, Artificial Intelligence (AI) and business automation, Gulf Business Machines has partnered

Gulf Business Machines (GBM) has extensive experience in providing digital solutions to a wide range of industry verticals including banking & finance, healthcare, public sector and others. This collaboration further advances GBM’s commitment to enable cutting edge technologies to the industries by combining the resources, technical expertise and industry knowledge of both organizations. Working with G42 Cloud, GBM will enable enterprises and public sector to accelerate their pace of digital innovation and to realize incremental business value from Cloud adoption and transformation.

Mike Weston, CEO, GBM said, “G42 Cloud has always been dedicated to the advancement of digital infrastructures, with extensive success in transforming diverse industries. We are excited to enter this partnership with G42 Cloud which honors everything GBM stands for – our commitment to offering the most advanced digital solutions which will enable organizations to grow and tap into new opportunities using technology.”

CRAYON DATA AND VISA PARTNER TO POWER AI-LED PERSONAL DIGITAL STOREFRONTS FOR ISSUERS

Crayon Data’s flagship platform, maya.ai, powered by patented algorithms and ML, generates simple, easy-to-understand, and relevant insights based on non-PII consumer data.

Crayon Data, a leading global artificial intelligence and big data company, today announced its partnership with Visa aimed at powering AI-led personal digital storefronts for issuers. Together, Crayon Data and Visa will empower issuers to create superlative digital experiences for their customers, with AI-led relevance and personalization solutions.

Issuers desire to create new revenue streams by crafting highly differentiated solutions, financial and non-financial, for both cardholders and merchants. This partnership creates a strategic opportunity for Crayon Data to help Visa’s global issuers achieve their desired goals by unlocking the value of their data.

Commenting on the partnership, Suresh Shankar, CEO & Founder of Crayon Data, says, “About 71 percent of con-

sumers expect companies to deliver personalized experiences. Although banks have long sought this, they still struggle with the difficulties in data and technology. With digital natives such as Gen-Z demanding a seamless CX as table stakes, and with the rapid escalation of competition from neo banks and fintech organizations, the next few years will see a complete reshaping of the customer experience in the payments space.”

Crayon Data’s flagship platform, maya.ai, powered by patented algorithms and Machine Learning (ML), generates simple, easy-to-understand, and relevant insights based on non-PII consumer data. These AI-led insights help enterprises transform customer engagement via hyper-personalization. With this partnership, Visa's ecosystem can leverage maya.ai, to deliver lasting loyalty built on relevance.

6 CXO DX / MAY 2023
» NEWS
Suresh Shankar CEO & Founder of Crayon Data

FINESSE PARTNERS WITH ORCA SECURITY

The companies will together help businesses manage and reduce risks associated with cloud computing

Finesse, a global system integrator and digital business transformation company, has teamed up with Orca Security, the pioneer of agentless cloud security trusted by hundreds of enterprises globally, to provide cutting-edge cloud security solutions to businesses. The partnership leverages the expertise of both companies to deliver comprehensive cloud security solutions to help businesses manage and reduce risks associated with cloud computing.

Orca Security has established itself as a leader in cloud security, having served some of the world's most innovative companies such as SAP, Autodesk, Ganett, and Wix. With Orca’s cloud security platform, clients are able to have comprehensive visibility of their cloud infrastructure - with a real-time view of vulnerabilities. The platform also provides security across five major clouds - AWS, Microsoft Azure, Google Cloud, Alibaba Cloud, and Oracle Cloud infrastructure thus reducing complexity, and improving efficiency. Their rapid threat detection and response

help businesses respond quickly to potential threats, thus minimizing the impact of any security breaches. The platform also caters to compliance aspects to comply with regulatory and industry-specific requirements. All of these capabilities are integrated into a single, purpose-built solution that simplifies cloud security management and helps businesses achieve digital transformation with confidence.

According to Eljo J P, CBO & Director of

Finesse, "We are excited to partner with Orca to offer businesses a comprehensive security solution for their cloud environments. As businesses continue to migrate their operations to the cloud, security is a critical concern. By combining Finesse's expertise in software integration with Orca's advanced cloud security platform, we can provide businesses with a complete solution that covers all their cloud environments."

WSO2 PARTNERS WITH TD SYNNEX

Partnership brings joint cloud-based offering for API management, integration, and customer identity and access management to help more companies innovate faster

WSO2, a leader in digital transformation technology, announced a new partnership with leading global IT distributor and solutions aggregator TD SYNNEX. This partnership brings WSO2’s industry-leading software for API management, integration, and customer identity and access management (CIAM) to TD SYNNEX’s expansive global IT ecosystem.

In a survey of 500 IT decision-makers, the vast majority agree on three factors that are key to driving better digital experiences, as well as gaining and maintaining a competitive advantage: improved security (90%), cloud adoption (89%), and API integration (82%). Yet too often, getting these technologies to work together seamlessly increases the costs and time needed to bring new digital services and applications to market.

Through their partnership, WSO2 and TD SYNNEX will help mutual customers significantly lower the barriers to delivering new digital services and software-as-a-ser-

vice (SaaS) offerings that create seamless experiences. WSO2 uniquely brings together industry-leading cloud-native technologies for API management, integration and customer identity and access management, including robust business-to-business and business-to-consumer CIAM.

“We’re proud to partner with TD SYNNEX to help more customers than ever to address this need and drive accelerated growth through our joint cloud-based solution,” said Moses Mathuram, vice president, GSI alliances and strategic partnerships at WSO2. “As we continue to strengthen our partner ecosystem, we look forward to expanding the number of companies of all sizes that can take advantage of our industry-leading, open source solutions for API management, integration and CIAM to speed time to market cost-effectively.”

7 MAY 2023 / CXO DX
» NEWS
Moses Mathuram VP, GSI Alliances and Strategic Partnerships, WSO2

MICROSOFT REPORTS ENGAGEMENT SURGES ON BING, EDGE

Search engine passes 100-million milestone for daily users following February’s launch of a range of advanced capabilities

gine and the Web browser – tools used by billions daily for work and leisure.

“Our new Edge and Bing come together as an AI-powered co-pilot for the Web,” said Tariq Halawani, Executive Director, Enterprise Solutions, Microsoft UAE. “AI is systematically changing every aspect of our lives from the trivial to the critical. Being able to navigate the Web is a crucial skill in today’s digital world, and Microsoft is at the heart of making this process easier and more intuitive, doing what we have always done – helping people achieve more.”

text. Through an interactive chat facility, users can also use Bing as an assistant for more complex tasks, such as planning a trip itinerary. It is also designed to be creative, helping with things like preparing for job interviews and other complex research.

Microsoft Edge also has new AI capabilities. Its sidebar allows summaries of long documents, and the Chat function can fulfil advanced requests such as building a table comparison of two companies’ financial results. The Compose function can offer helpful prompts on social media posts and even help users to fine-tune tone, format, and length.

Microsoft announced it has seen a sizeable surge in engagement in Edge and Bing since introducing the products’ advanced AI capabilities in February. The company launched the AI-powered Bing and Edge as a means of reinventing the search en-

The new Bing search engine bases its responses on a review of results from across the Web. If a comprehensive answer is not found in one source, it will build the answer from multiple sources so that users do not have to read through several pages of

By early March, Microsoft had crossed 100 million daily active users of Bing and of the millions using the new Bing preview, around one third were new to the search engine.

NOZOMI NETWORKS JOINS AWS ISVACCELERATE PROGRAM

Nozomi Networks further extends market reach and service delivery options with Vantage now available for purchase in AWS Marketplace

Nozomi Networks, a leader in OT and IoT security, has joined the AWS ISVAccelerate program, a co-sell program for AWS Partners that provides software solutions that run on or integrate with AWS. This will allow AWS sales teams to promote the Nozomi Networks Vantage platform to millions of customers worldwide. Vantage is hosted on AWS and is a cloud-based OT/IoT network security solution that equips security professionals and industrial operators with actionable, AI-driven insights to manage risk and speed precise remediation. Now, Vantage is available for purchase in AWS Marketplace.

Vantage is designed to give AWS customers a seamless platform for aggregating, analyzing and monitoring OT systems and data in the cloud with a range of flexible, cost-effective deployment options ideally

suited for physical processes. With the rapid emergence of IoT environments and 5G networks, there is growing recognition that cloud networks need access to physical, real-world data which Vantage can deliver for AWS cloud applications.

AWS customers who choose Nozomi Networks Vantage can benefit from an enhanced cybersecurity monitoring and asset intelligence solution that aggregates and analyzes data from physical devices, and then processes and responds to critical issues across large, global enterprises.

“AWS has been a key component of our Vantage offering from day one,” said Andrea Carcano, Nozomi Networks Co-founder and Chief Product Officer. “As we turn to the cloud for scalability and cost-efficiency for our customers

through Vantage, our relationship with AWS is becoming increasingly important because of AWS’s cloud expertise, focus on OT and IoT applications and expertise in several key verticals.”

8 CXO DX / MAY 2023 » NEWS
Tariq Halawani Executive Director, Enterprise Solutions, Microsoft UAE Andrea Carcano Nozomi Networks Co-founder and Chief Product Officer

BARRACUDA CONFIRMS PARTICIPATION

INAUGURAL GITEX AFRICA

The vendor will showcase its latest email, cloud and network security solutions

Barracuda Networks has announced its participation at the inaugural edition of GITEX AFRICA, taking place in Morocco, where it will showcase its latest email, cloud and network security solutions.

This year, the IT market in North Africa, together with the Middle East, and Türkey, is expected to come close to breaking the US$100billion barrier for the first time. For this wave of digital transformation to deliver on its full potential, organisations must be able to effectively protect their digital assets and services. Barracuda’s advanced and innovative products are designed to help protect against the most stubborn and sophisticated cyberattacks, such as ransomware, and support customers in areas such as Email Protection, Zero Trust Access, Managed XDR, and Data Protection.

“I am thrilled to announce our participation at the very first edition of GITEX AFRICA. Digital transformation is pro-

ceeding at an impressive pace across the continent and with our suite of powerful but simple-to-use cybersecurity solutions, Barracuda is perfectly positioned to empower businesses to achieve their innovation ambitions in a safe and secure way,” said Toni El Inati, RVP Sales, META & CEE, Barracuda Networks,

Some of the latest developments that Barracuda will be exhibiting at the show will be:

● Zero Trust Access: as part of Barracuda’s SASE platform, Barracuda CloudGen Access now includes web security that offers robust protection wherever users are working.

● Email Protection: now with Zero Trust Access, Barracuda Email Protection hardens the Microsoft 365 environment by constant verification – ensuring only verified users can access resources.

● Data Protection: Barracuda Cloud-toCloud Backup can be found in Azure Marketplace.

AT

In Africa, Barracuda follows a channel-led go to market strategy and El Inati stated that a key objective of the company’s participation at GITEX AFRICA is to engage with the channel community and explore new partnerships.

LEXAR TO UNVEIL NEXT-GENERATION MEMORY SOLUTIONS AT GITEX AFRICA 2023

The company is set to expand partnerships with the African tech ecosystem

Lexar, a leading global brand in memory and storage solutions, will be showcasing its next-generation product portfolio at the inaugural edition of GITEX Africa 2023. The event will be held from May 31st to June 2nd, 2023 in Marrakech, and Lexar will be exhibiting at their stand on Central Aisle, Booth 4C-35.

“Lexar has been a trusted leading global brand of memory solutions for more than 25 years. Our participation at GITEX Africa 2023, is a part of our long-term strategic vision, to meet the growing demand for technology across the continent. The company is actively present in Morocco, as the country is certainly playing a crucial role to assist and support Africa’s rapidly expanding digital economy,” said Fissal Oubida, General Manager – Middle East, Africa, CIS and Indian subcontinent, Lexar.

GITEX Africa 2023 is a perfect opportunity for Lexar to showcase its award-winning portfolio designed to specifically meet the unique needs of African con-

sumers that are focused on quality, performance, and reliability. Lexar’s stateof-the-art photography, videography, and gaming portfolio of memory and storage solutions, which includes, SDXC, SDHC, microSD, CFExpress cards, card readers, DRAMs, internal SSDs, portable SSDs, and USB flash drives.

“We foresee many opportunities for Lexar, as there is an increasingly rapid technology adoption and growing demand by the urban African population. We are looking forward to developing strategic engagements, building connections, and meeting with key stakeholders from the African tech ecosystem,” concluded Oubida.

Lexar is looking to strengthen its offerings in key verticals such gaming, photography, videography, and digital content creation.

10 CXO DX / MAY 2023 » GITEX AFRICA SPOTLIGHT
Fissal Oubida GM–MEA, CIS and Indian subcontinent, Lexar Toni El Inati RVP Sales, META & CEE, Barracuda Networks

ASBIS TO PARTICIPATE AT GITEX AFRICA

The distributor will showcase new products and solutions from vendors including Intel, Supermicro, AMD, Mimosa, Philips, Logitech

ASBIS, a leading Technology solutions distributor of the region has announced its participation at GITEX Africa taking place from 31 May-2 June 2023 in Marrakech, Morocco. GITEX Africa is poised to be the continent’s most influential and largest all-inclusive tech event where over 20,000 trade buyers, 900 exhibitors and startups, and 125 government delegations are expected to gather together. Attendees can visit ASBIS at stand 3D-50, Hall H3.

At the event, ASBIS will introduce new products and solutions from vendors including Intel, Supermicro, AMD, Mimosa, Philips, Logitech. The Logitech showcase will include Logitech accessories and conference room solutions.

“My first acquaintance with GITEX began from the first edition GITEX Dubai in the early 80s. I was excited and inspired by GITEX then am excited now as well when we join the first GITEX tech show in Africa this year. ASBIS

has been committed to Middle East and Africa region for over 20 years, providing a wide range of the best tech-driven solutions and products for different industries and businesses from the biggest tech companies. We are honored to be involved in the process of the development of the MEA region technology ecosystem as well as helping unleash the digital limitless opportunities of the continent,”, said Hesham Tantawi,VP, ASBIS MEA.

MINDWARE TO HIGHLIGHT BUSINESS TRANSFORMATION TECHNOLOGIES AT GITEX AFRICA

During the exhibition, Mindware will be announcing new partnerships with best-of-breed vendors and introducing brands

Mindware, a leading IT Value-Added Distributors, has announced its presence at GITEX AFRICA. The Company’s participation will be centered around the theme of ‘Digital Transformation’.

Toni Azzi, General Manager, Qatar, Levant and Africa at Mindware comments: “Digital transformation is high on the priority of governments and enterprises across the African continent, as they look to build resiliency and competitiveness. GITEX AFRICA offers us the opportunity to showcase our strong, varied portfolio of market-leading vendors, solutions and services to a diverse audience and help raise awareness and establish connections with partners and customers."

During the exhibition, Mindware will be announcing new partnerships with bestof-breed vendors and introducing brands

INGRAM MICRO CONFIRMS PARTICIPATION AT GITEX AFRICA

Ingram Micro will be present at stand location H4-C10 in Hall 4 with many of its vendors

Ingram Micro, one of the largest IT distributors in North Africa, the Middle East and globally, announced its participation in Gitex Africa 2023, one of the biggest technology events in Africa, which will take place in Marrakech, Morocco from May 29th to June 2nd of this year. Ingram Micro will be present at stand location H4-C10 in Hall 4 with many of its vendors including Dell Technologies, Microsoft, Acronis and more.

GITEX Africa is one of the most anticipated events of the year for technology companies. This exhibition will provide an opportunity for Ingram Micro to showcase its portfolio of leading products and solutions to a global audience, while also offering a chance to meet with business partners, suppliers, and customers.

covering the latest technologies including datacentre, networking, Cloud and security solutions. Mindware will be exhibiting at Hall 4, Stand

Ingram Micro is one of the leading technology distributors in the region and globally, providing value-added distribution as a distributor of high-quality technology products and solutions. As a value-added distributor, Ingram Micro offers additional services and solutions to help its business partners maximize their potential, through technical, financial, and marketing assistance.

11 MAY 2023 / CXO DX » GITEX AFRICA SPOTLIGHT
Toni Azzi GM, Qatar, Levant & Africa, Mindware 4B-40. Hesham Tantawi Vice President ASBIS MEA

NetApp’s Cloud Complexity Report Highlights Shifting Demands of a Multicloud Environment

Key findings indicate that 98% of technology leaders have been impacted by the increasing complexity of the cloud

NetApp, a global, cloud-led, data-centric software company, released the 2023 Cloud Complexity Report, a global survey exploring how technology decision makers are navigating cloud requirements coming from digital transformation and AI initiatives and the complexity of multicloud environments. The report found that 98% of senior IT leaders have been impacted by increasing cloud complexity in some capacity, potentially leading to poor IT performance, loss in revenue and barriers to business growth.

“Our global research report highlights paradigm shifts in how technology leaders look at and manage their cloud initiatives,” said Ronen Schwartz, Senior Vice President and General Manager, Cloud Storage, NetApp. “As cloud adoption accelerates and businesses innovate faster to compete, technology leaders are facing growing pressure to juggle multiple priorities at once – causing many to rethink how they manage efficiency and security in this new environment.”

Key findings from the report include: Cloud Complexity Reaches a Tipping Point

Data complexity has reached a boiling point for companies globally, and tech executives are feeling the pressure to contain its impact on the business. However, technical and organizational challenges may stunt their cloud strategies, with 88% citing working across cloud environments as a barrier, while 32% struggle just to align on a clear vision at the leadership level.

Global Context: The following regions list this as their top concern if data complexity is not managed:

• Cybersecurity: France, Spain, and Australia/New Zealand

• Leadership skepticism: France, Spain, Japan

• Inefficient use across the organization: Australia/New Zealand

• Lack of visibility: Japan

Leadership Want Cloud Results Now Sustainability has become an unexpected cloud-driver, with nearly eight in ten tech executives citing ESG outcomes as critical to their cloud strategy. However, return on investment (ROI) is a concern among leadership, with 84% of tech executives saying their cloud strategy is already expected to show results across the organization.

Global Context:

• Nearly half of tech executives (49%) report that when cloud strategy discussions happen, cost concerns come up often or all the time.

• Data regulation and compliance is another cloud driver, with various local regulations promoting their multicloud strategy most or some of the time.

Tech Executives Consider AI as a Possible Solution

In the next year, over a third (37%) of tech executives report that half or more of their cloud deployments will be support-

ed by AI-driven applications. Nearly half of tech executives at smaller companies – those with fewer than 250 employees –expect to reach the 50% mark in the next year, and 63% by 2030, while larger companies lag.

Global Context:

• The U.S. leads EMEA and APAC on plans to deploy AI-driven cloud applications in the next year, with France and Japan as outliers in their regions.

• Scaling AI is the top priority in EMEA and APAC, but is second in the U.S., behind meeting regulatory compliance.

As organizations increasingly move to multi-cloud environments, NetApp aims to alleviate efficiency bottlenecks by allowing IT leaders to manage their systems on one, streamlined user interface. By taking an evolved cloud approach, NetApp is leading the charge for next generation cloud management and storage.

12 CXO DX / MAY 2023 » NEWS INSIGHT

Hamad International Airport teams up with Dell Technologies to Drive Innovation

Hamad International Airport evolves its technology portfolio to drive operational efficiencies and meet increasing passenger, aircraft and cargo needs

Dell Technologies announced that Hamad International Airport (DOH) has selected its advanced server and network infrastructure solutions to deliver the best passenger experience and operational excellence as the aviation hub continues with Phase B of its expansion plan.

Hamad International Airport, which currently serves over 170 global destinations and more than 40 airline partners, chose the Dell PowerEdge servers to secure and enhance the airport's infrastructure capabilities, improve efficiencies and costs, while creating the ultimate destination for millions of visitors.

Designed to undertake exceptional performance, Dell PowerEdge servers lay the foundation for the future with computing and networking modules that can be tailored to the airport's needs and expanded over time.

In 2022, as Qatar welcomed football fans from around the world, Hamad International Airport witnessed a 101.9% yearon-year surge in passenger traffic and a 28.2% growth in overall aircraft movement, compared to 2021. Building on this momentum, the airport’s Phase B of the expansion project started in January 2023, will include two new concourses, increasing the airport capacity to over 70 million passengers per year.

The implementation of Dell solutions works towards providing further support for the airport’s ambitious plans and facilitating new avenues to scale and consolidate its data center to run the most complex, mission-critical workloads while remaining flexible for future growth needs. Made for secure interactions

and with the ability to predict potential threats, the PowerEdge servers feature cryptographically verified security design and has an intuitive systems management process to monitor, deploy and implement the automation of routine airport operations tasks.

Travers Nicholas, Country General Manager for Qatar, Dell Technologies said, "Hamad International Airport's contribution to facilitating global trade, raising industry benchmarks and introducing the ultimate in passenger convenience has been remarkable. As the sector continues to move upward and passengers demand enhanced travel experiences, a robust and flexible digital infrastructure supporting high-density growth will prove crucial. Dell Technologies is committed to helping the airport deliver on its growth vision. As

a major player in the global aviation sector, Dell is eager to see it soar to newer heights in the coming future."

Suhail Kadri, Senior Vice President of Technology and Innovation at Hamad International Airport said, "As one of the world's busiest airports, that moves significant number of passengers and commodities on an hourly basis, access to agile technology remains critical. Working with a technology provider who understands the demands of international air travel and is well-equipped to support passengers, airlines and air cargo efficiencies is therefore paramount. Working with Dell Technologies’ via its network of channel partners, helps us meet our ambitious growth plans and introduce new digital innovations, as we continue to invest in modernizing our airport.

13 MAY 2023 / CXO DX » NEWS INSIGHT
Travers Nicholas Country General Manager for Qatar, Dell Technologies

GATHERING MOMENTUM

Organizations come to terms with the fact that hybrid work is here to stay as they negotiate the journey to enabling hybrid workplaces.

14 CXO DX / MAY 2023 » COVER STORY

The hybrid workplace came into mainstream acceptance as the pandemic onslaught subsided. And it continues to gain in popularity with a good number of employees world over. Saudi Arabia has been no exception to the rule as the kingdom’s companies race ahead with digital transformation initiatives as select technology leaders from Saudi based companies seem to affirm.

Aijaz Regoo, CTO at MIS FORWARD says, “The concept of the hybrid workplace has gained significant acceptance and adoption by companies and enterprises in the post-pandemic era. While many offices have indeed reopened, the importance of a flexible work environment has not diminished. The hybrid workplace continues to hold relevance as it offers benefits such as increased employee satisfaction, improved work-life balance, and enhanced productivity. Certain verticals, such as technology, creative industries, and knowledge-based sectors, have embraced the hybrid model more readily due to their nature of work.”

The success varies from company to company and from vertical to vertical when it comes to adopting a hybrid work mode.

Aiman Al Jabr, Head of IT, Havelock One Interiors says, “The hybrid workplace has gained widespread acceptance by companies and enterprises even after the pandemic. It continues to hold relevance as most offices have reopened and employees have started returning to the office. However, the hybrid model remains important as it allows for a flexible work environment that accommodates both remote and in-office work. Some verticals may still find the hybrid workplace particularly relevant, such as technology companies, creative industries, or companies with geographically dispersed teams.”

Ramesh Murugesan, CIO at Al-Gihaz Holding Company cites reports that suggest the investments in enabling the hybrid workplace are indeed growing.

He says, “The new hybrid eco system is constantly evolving post pandemic. Survey data from PWC shows that executives are recognizing the need to increase investments to make remote work successful. Top areas of increased investment include virtual collaboration tools (72%) and IT infrastructure for secure virtual connectivity (70%). Ecosystem Voice of the Employee Study conducted in 2022 results indicated that only 24% want to work from office and remaining 76% want to work remotely and be able to choose their work location (home, office or shared space). Still companies are offering various hybrid working models such as 3 days remote work and 2 days office, 30 days remote work in a year, etc. Interestingly, the remote office concept has evolved to complement the hybrid workplace for agility and significant cost reduction. This has now been extended to non-IT sectors as well.”

Technologies enabling a flexible workplace

It is the coming of age of several collaboration and cloud technologies that made remote collaboration a true success. This has been key to the success that the hybrid workplaces has become as of today.

Aiman says, "Several major technologies play a crucial role in enabling a flexible workplace. These include collaboration solu-

tions like video conferencing, project management software, and instant messaging facilitate communication and collaboration between remote and in-office employee. Cloud technology enables seamless access to data and applications from anywhere, allowing employees to work remotely and access resources as needed. Mobile devices and apps have become essential tools for remote work, providing access to emails, documents, and other work-related resources. VPNs ensure secure remote access to company networks, protecting data and communications transmitted over public networks. IoT devices, such as smart office equipment and sensors, enhance the flexibility and efficiency of the workplace by enabling remote monitoring and control.”

The capabilities to share and access data on a secured basis from anywhere has been key to empowering the hybrid workforce.

Kamal Farag, CTO of Speedi says, “There are many technologies that have become crucial in enabling a flexible workplace, including cloud-based collaboration tools, video conferencing software, project management tools, and virtual private networks (VPNs). These technologies enable remote workers to collaborate and communicate effectively, access company data and applications securely, and manage their workloads from anywhere."

Elaborating on the new technologies that are helping transform the workplace, Gaurav Kole, Group Head of IT, Leylaty Group says, “Several major technologies have emerged as crucial enablers of a flexible workplace. These include cloud computing that enables remote collaboration, file sharing, and seamless access to work

15 MAY 2023 / CXO DX » COVER STORY
Aijaz Regoo CTO at MIS FORWARD

tools and systems, making it easier for employees to work from anywhere. Collaboration Tools like video conferencing software (e.g., Zoom, Microsoft Teams), instant messaging platforms (e.g., Slack, Microsoft Teams), and project management software (e.g., Asana, Trello) facilitate remote collaboration enable teams to communicate, collaborate on projects, share files, and coordinate tasks, regardless of their physical location. In addition, VPNs, Remote Desktop and Virtualization, Enterprise Mobility Management, AI and cybersecurity are among the other enabling technologies. These technologies collectively provide the infrastructure and tools necessary for a flexible workplace, empowering employees to work remotely, collaborate effectively, and maintain productivity regardless of their physical location.”

Challenges in managing a hybrid workplace infrastructure Opinion seems to be divided on the complexities of managing IT in the midst of the disruption and also in the face of significant shifts to hybrid work models.

Ramesh believes that the challenges are a part of the learning process for the IT team while tools to manage the infrastructure are available online.

He says, "It is not really a challenge as most of the tools are available in cloud. The ability to use Digital means and multiple collaboration platforms is also essential in the digital era. The learning and adoption take a while but I don’t see it as a challenge.”

Aijaz delves into the typical issues that need to be managed. He says, “Indeed, the IT team faces unique challenges in managing a hybrid workplace infrastructure. Some of these challenges include ensuring consistent and reliable network connectivity for both in-office and remote employees can be a challenge, particularly when dealing with a large and diverse workforce. IT teams must implement robust security measures to safeguard company data, as remote work introduces additional vulnerabilities and potential risks. They need to be managing a wide range of devices, including personal laptops and mobile devices used by remote workers, that requires effective device management strategies to ensure compatibility, security, and software updates. Further, IT teams need to provide prompt and efficient technical support to both in-office and remote employees, addressing any software or hardware issues they may encounter.”

Gaurav also opines that ensuring reliable and secure network connectivity for both in-office and remote employees can be challenging as is device management with the need to manage device provisioning, configuration, security updates, and compatibility issues across different platforms, ensuring a consistent and secure computing environment. He suggests a proactive approach from IT teams to negotiate these challenges.

Elaborating further, he adds

“Enabling seamless collaboration and communication among hybrid teams requires IT teams to deploy and manage a variety of collaboration tools and platforms. With employees working from different locations, data management becomes critical. IT teams need to establish data storage, backup, and recovery mechanisms to protect valuable corporate data.”

Aiman says that their team has successfully managed the infrastructure of the hybrid workplace without facing any significant challenges.

“They have been up to the responsibilities, ensuring smooth operations and providing technical support to employees. Havelock One's IT team has adapted to the changing needs of the hybrid workplace, implementing appropriate technologies, securing network access, and ensuring reliable connectivity for both remote and in-office employees. Continuous monitoring and proactive maintenance have helped to prevent any gaps or disruptions in the hybrid workplace infrastructure.”

Cybersecurity concerns

It goes without saying that cybersecurity concerns are among the top priorities that need to be managed in a hybrid workplace. With employees working on remote basis and accessing corporate data from different external networks, security breaches are a constant threat.

Gaurav says, “cybersecurity issues remain a key concern when employees work remotely or from home. In fact, the shift to remote work has introduced new vulnerabilities and increased the risk landscape for organizations. Remote work expands the attack surface of an organization's network and systems. Employees working from home often use personal devices, home networks, and potentially unsecured Wi-Fi connections, which can be more susceptible to cyber threats. This broader attack surface provides more opportunities for malicious actors to exploit vulnerabilities

16 CXO DX / MAY 2023 » COVER STORY
Aiman Al Jabr Head of IT, Havelock One Interiors

and gain unauthorized access to sensitive data or systems. Cybercriminals often leverage phishing attacks and social engineering techniques to trick remote workers into divulging sensitive information or performing actions that compromise security. Remote employees may be more vulnerable to such attacks due to a potential lack of awareness, distractions at home, or difficulty verifying the legitimacy of requests received through various communication channels. Remote employees may connect to public or unsecured Wi-Fi networks, which can expose sensitive data to interception or unauthorized access. By taking a proactive and multi-layered approach to cybersecurity, organizations can better protect their remote workforce and safeguard critical data and systems.”

Indeed, the work from anywhere concept broadens the attack surface of any organization and provides more opportunities for cybercriminals. Hence, there is a need to implement stronger authentication processes to ensure only legitimate access by employees to the network.

Aijaz says, “Absolutely, cybersecurity remains a key concern when employees work remotely or from home. Remote work introduces additional entry points for potential security breaches, making it crucial to maintain robust cybersecurity measures. Employees need to adhere to best practices, such as using strong passwords, utilizing secure networks, and being cautious of phishing attempts. Implementing multi-factor authentication, encryption, and regular security audits are also essential to mitigate cybersecurity risks effectively.”

In the era of increasing stealth mode malware attacks, employees working from home could be an easier target of focus for cybercriminals. Employees need to be aware of ensuring strong security measures in their devices and more so while connecting to their organizational networks.

Kamal says, “cybersecurity issues are still a key concern when employees work remotely or from home. Cybercriminals often target remote workers because they may have weaker security measures in place compared to those in the office. To mitigate these risks, companies need to provide their remote workers with secure access to company systems and data, implement strong security measures such as multi-factor authentication, and provide regular training to employees on cybersecurity best practices.”

Employees need to be educated on the cybersecurity protocols and organizations need to undertake audits and other measures to ensure their network is secure. The implementation of zero trust cybersecurity is also quite critical from an organization’s point of view.

Ramesh says, “People are the first line of defense when it comes to cybersecurity besides the technical controls. The knowledge and awareness of cybersecurity has become essential. The organizations conduct phishing campaign periodically to assess the awareness for corrective actions. Lot of behavioural analysis tools and techniques are used by Managed Security Awareness Services (MSAS) providers. Customized training programs are automatically assigned based on the user behaviour analysis by AI/ML and Deep learning tools. 2) Data confidentiality is a critical element and crucial in hybrid workplace, technical controls, and zero-trust technologies to be implemented not just the policies, framework, or NDA.”

Cloud as an enabler of the hybrid workplace

Cloud based services have been key to digital transformation initiatives with the scalability and flexibility it provides organisations to manage their journeys. If it were not for the cloud infrastructure globally that allows access of files, applications and services from anywhere over a browser, the pandemic challenges would have been tougher to negotiate.

Aiman says, “The cloud is an integral part of enabling a true hybrid workplace. Cloud technology provides the necessary infrastructure and services to support remote work, offering flexibility, scalability, and accessibility to employees regardless of their location. It allows for seamless data sharing, collaboration, and real-time updates across remote and in-office teams. Cloud-based applications and storage enable employees to access files and resources from any device with an internet connection. The cloud also enhances data security by providing centralized storage, backup, and disaster recovery capabilities. Havelock One recognizes the benefits of the cloud in facilitating a successful hybrid workplace and has embraced cloud solutions to enable remote work and collaboration effectively.”

While concurring with the view that the cloud is an integral part of enabling a true hybrid workplace, he mentions that the flexibility and scalability provided by the cloud is the key.

He says, “Cloud-based tools and services enable employees to access company data and applications securely from anywhere, mak-

17 MAY 2023 / CXO DX » COVER STORY
Ramesh Murugesan CIO at Al-Gihaz Holding Company

ing it easier for them to work remotely or from home. Cloud technology also provides scalability and flexibility, making it easier for companies to adapt to changing business needs and accommodate a hybrid workforce.”

Ai in the new workplace

In the emerging era of generative AI, various AI based technologies can be expected to transform the workplace as we know it. There would be more use case scenarios for AI in the hybrid workplace that seeks to bring in better efficiencies and may also perhaps have some adverse effects on employment opportunities.

Ramesh says, “Employers are already using AI to make workplace decisions. Companies are increasingly turning to artificial intelligence tools and analytics to reduce cost, enhance efficiency, raise performance, and minimize bias in hiring and other job-related decisions. People think that AI replace the jobs but it’s not. One who doesn’t use AI are replaced soon by AI. The Extended Detection and Response (XDR) tools use AI/ML to collect the data similar to CCTV camera to record every action to analyze and provide more insights and personalized recommendations to overcome or remediate the threats. Robotic Process Automation is another popular AI tool which helps to manage the repetitive works and to avoid customizing the software applications. AI helps in Safety and Quality functions reduce the errors and improve the efficiency. The ChatBOTs are bridging the gap in communication to deliver the source of truth in a timely manner.”

According to Kamal, “AI is already playing a key role in the new workplace and workflow. It can automate routine tasks, such as

data entry and document processing, freeing up time for employees to focus on more strategic work. AI can also provide insights and recommendations to workers based on data analytics, helping them make better decisions and improving overall productivity. As AI technology continues to evolve, we can expect it to become an even more integral part of the workplace

For sure, AI is poised to play a key role in the new workplace and workflow, transforming various aspects of how work is performed, managed, and optimized from automation of routines jobs to better decision making and also play a significant hand in employee training and upskilling.

Amidst all this, Gaurav says that AI also needs to be used with responsibility.

He says, “It's important to note that while AI offers significant benefits, ethical considerations such as transparency, fairness, and privacy must be addressed to ensure responsible and equitable use of AI technologies in the workplace. Overall, AI has the potential to revolutionize the workplace by driving automation, enhancing decision-making, optimizing workflows, and delivering personalized experiences, ultimately enabling employees to be more productive, innovative, and focused on value-added tasks.”

As the hybrid workplace gathers further momentum, the organizations that take the lead in enabling a well-connected, optimised and secure hybrid workplace, will be able to attract and retain the best of talents in their respective domains.

18 CXO DX / MAY 2023
Kamal Farag CTO of Speedi
» COVER STORY
Gaurav Kole Group Head of IT, Leylaty Group

ENHANCING CYBER POSTURE

CyberCyte is a UK-based cybersecurity company offering an innovative SaaS platform, CloudCyte, to empower organizations and MSSP’s for providing solutions to the emerging challenges in cybersecurity. Necati Ertugrul, Chief Strategy Officer, CyberCyte discusses the company’s focus on threat hunting and attack surface management

Elaborate on the focus areas of your solutions. Our solution is an MDR Blue Team platform for threat hunting and asset attack surface management. The solutions can be deployed on-premises or on the cloud. The platform enables forensic analysis and asset management and helps to identify cyber risks faster and easier through a zero-trust model. The platform monitors every communication for complete protection from end-users, data centers, cloud platforms, e-mail applications and OT devices to block any unverified communication attempt or the device inside the network. CloudCyte provides a new layer of asset attack surface management and threat hunting framework for identifying and blocking the hidden cyber threats living in stealth mode before compromising the infrastructure. We enable the discovery of both active threats as well as hidden threats that are currently not active in the IT infrastructure. Malicious traffic, uncompliant artifacts, and unknown activity not detected by the existing security controls are identified in hours through gap analysis.

How does your solution help with correcting the configuration gaps?

Besides enabling the discovery of unknown threats, based on the artifacts or information we collect, we enable the discovery of configuration gaps as well. It is a complete platform to identify active and passive threats as well as configuration gaps in the IT infrastructure. Based on artifacts, we can create scenarios to detect configuration gaps.

We use industry standards to identify the recommended baseline for configuration within the IT infrastructure and discover any configuration that is not compliant with the recommendations. We also implement the Sigma rules, Yara rules, and also elastic query and language rules so that these rules are executed to identify these threats. We are a kind of SIEM for forensic artifacts. Based on that data set, we also enable remediation.

How are compliance issues in the network taken care of?

We report on compliance issues and applications that are vulnerable. There are security controls applied to them. We enable automatic remediation and execute these actions so that the infrastructure becomes automatically compliant with these recommendations. The execution of the compliance recommendations is automated in the IT infrastructure.

How can your solution be deployed?

It is a service at any level, and it can be fully deployed on the prem-

ises or can be deployed by the MSSP or the service provider. All components of CloudCyte are based on virtualized containers enabling scalability without requiring complex resource planning.

How do you see the demand for your solution growing?

We now have very key reference customers. We have deployed our solution in large-scale networks globally. There are very active POCs going on in Banks, Manufacturing companies, Entertainment companies, and many different verticals. We are addressing a problem that is common across networks testing if their security infrastructure is working, the way it is supposed to. We help you assess and enhance your cyber security posture.

19 MAY 2023 / CXO DX » INTERVIEW
Necati Ertugrul Chief Strategy Officer, CyberCyte

TOWARDS STRONGER PASSWORDS

Weak passwords have been a common attack vector for hackers to breach accounts. It is time for everyone to reflect on the need to strengthen their passwords

While in general we have become wiser to the need for stronger passwords for accessing our various accounts, yet facts point out in general many people are still inclined towards straightforward weak passwords because they want them to be easy to remember, which makes a potential hacker’s job a lot easier. On the other hand, there is also the habit of using a common password across accounts, which means if the password is compromised, then the hacker can access all accounts. That is a disaster that people walk into with their eyes wide open. According to an industry research, more than 81% of data breaches are due to weak passwords.

While the world observes World Password day every year on May 4th, it is apt to reflect on how we can look at strengthening our passwords. And while we do that, there is also talk about replacing passwords with passkeys that will allow us to access our accounts the way we login to our devices, although there are passwordless technologies around already.

While passwords have been around since ancient times and much prior to the digital age, it is the need for multiple passwords across diverse applications and accounts that make it quite chal-

lenging for users. This drives users towards insecure methods of storing passwords.

According to Morey Haber, Chief Security Officer at BeyondTrust, “The history of passwords dates back to the Roman empire. Initially, they were called passcodes, carved into wood, and soldiers passed them around via the active guard to validate soldier and guard movement. They were a shared resource and multiple people could be aware of the current “secret”. Today, the most common storage medium for a password is the human brain. We assign a password to a system or application, recall it when it needs to be used, and remember it each time we change it. Our brains are full of passwords and, often, we forget them, need to share them, and are forced to document them using unsecure methods like paper or spreadsheets. These insecure methods for sharing passwords have caused the press to report front page news articles on data breaches and compelled organizations to educate employees on the insecure methods for password storage and sharing. A better method to document passwords is needed that is highly secure, documents distributed access, and promotes sharing and collaboration with minimal risk—no matter where the access occurs.”

20 CXO DX / MAY 2023
» FEATURE

He adds that in reality, people should not be expected to remember every password they need, nor is it safe to reuse passwords across multiple services and applications.

This has spawned an entire market for personal password managers, privileged access management for businesses, and passwordless technology like Microsoft Hello and Apple TouchID.

“Since Covid, we truly have a work-from-anywhere world, and the cloud is ideal for situations when passwords need to be available outside of the organization, across multiple geographical locations, and when on-premise technology is incapable or cost-prohibitive for meeting business objectives and minimizing risk. On Password Management Day, consider the risks of remembering, sharing, documenting, and reusing passwords. Security best practices today have better methods, including password services in the cloud, to minimize the need to remember passwords.

Joseph Carson, Chief Security Scientist, Delinea says, “ World Password Day serves as a reminder to reflect and think about your password health. If you’re anything like me, you are not a fan of passwords – having to frequently change them and choose the next great password that is better, longer and more unique than the previous one. This World Password Day, let’s take a moment and think about how we can remove passwords from our lives and into the background, while making our digital lives safer. A great place to start is by using a Password Manager.”

He adds, “A Password Manager will let you know when your

password needs to be changed, when it’s weak, or when it’s reused. Even better, when used in conjunction with multi-factor authentication (MFA), it takes away the tedious take of choosing – and remembering – your next great password. Let’s use this World Password Day to move passwords out of our lives, into the background, and make our digital world a safer place.”

According to Paul Ducklin, principal security researcher, Sophos, “ It is time to get rid of accounts you aren't using. Lots of sites force you to create a permanent account even if you only want to use them once. That leaves them holding personal data that they don't need, but that they could leak at any time. If a site can't or won't close your account and delete your data when asked, consider reporting them to the regulator in your country.”

He elaborates that users need to fix their recovery settings as there is a possibility that your account credentials could fall into wrong hands.

“Revisit your account recovery settings. You may have old accounts with recovery settings such as phone numbers or email addresses that are no longer valid, or that you no longer use. That means you can't recover the account if ever you need to, but someone else might be able to. Fix the recovery settings if you can or consider closing your account.”

Anton Shipulin, Industrial Cybersecurity Evangelist at Nozomi Networks discusses the risks involved with the convergence of OT systems with IT systems.

21 MAY 2023 / CXO DX » FEATURE
Joseph Carson Chief Security Scientist, Delinea Paul Ducklin principal security researcher, Sophos

“In the past, OT systems were isolated from the Internet and other external networks, making them less vulnerable to unauthorized malicious access. However, with the increasing use of conventional network protocols, and operating systems, OT systems are now more exposed to cyberattacks than ever before. One of the most common ways that cybercriminals get access to OT systems is through default, weak or compromised passwords.”

He adds, “To mitigate this risk, organizations must implement a strong password management process. This includes using strong, complex passwords that are difficult to guess or brute force and changing them regularly. Passwords should also be unique for each system or application and should never be shared or reused. Additionally, organizations should consider implementing multi-factor authentication, which requires users to provide additional verification beyond just a password, such as a fingerprint or security token. But these practices should of course consider strict requirements for the continuity of OT operations. Most of the relevant OT cybersecurity standards and national regulations have requirements for a strong password management process.

By implementing the password management process, organizations can significantly reduce the risk of cyberattacks and protect their OT systems from unauthorized access. It is important for organizations to prioritize password security as part of their overall OT cybersecurity strategy, especially in the rapidly evolving IT and OT convergence.

Ed Skoudis, SANS Technology Institute College President opines that weak passwords are a component of one of the most common attack vectors a penetration tester can leverage to breach an organization.

“For organizations of any size or sector, strong and secure passwords are a critical line of defense against malicious attackers and evolving TTPs. However, the complexity of ensuring passwords are impenetrable can often lead to a false sense of security while countless vulnerabilities are left unchecked. “

He mentions three simple steps to quickly improve password effectiveness:

1. Think of them as “passphrases” rather than “passwords.” Combining a series of words, as opposed to just one or two words, instantly makes it more difficult for attackers to breach the account.

2. Leverage special characters within passwords and passphrases, especially spaces. Many people don’t realize that including spaces is a simple way to remain one step ahead of attackers.

3. Utilize enhanced multi-factor authentication mechanisms, such as SMS text messages, especially for email and collaboration channels like Slack and Microsoft Teams.

22 CXO DX / MAY 2023
Anton Shipulin Industrial Cybersecurity Evangelist, Nozomi Networks
» FEATURE

A STEP AHEAD OF THE MARKET CURVE

Sakkeer Hussain, Director - Sales & Marketing, D-Link Middle East & Africa discusses how the vendor is responding to the demand for better connectivity solutions

How is 2023 shaping up for D-Link across sales of key product categories in the Business segment?

The year so far has been extremely productive, and we are observing a great demand for our cloud and networking portfolio of solutions. As more and more businesses are moving to a multi-cloud or hybrid cloud deployment model, they are looking for strong solutions to drive their cloud strategies. Hybrid models allow them to take advantage of the best features of each cloud platform. At D-Link, we are offering top-notch solutions that can support these types of deployments.

We are also seeing that more and more customers are making cybersecurity a top priority when investing in technologies. Our offerings can help businesses to meet their security and compliance requirements while also embracing new tech. With the rise of cloud computing, edge computing is also gaining prominence. Our host of offerings in this regard from access points to routers are enabling customers to do business from anywhere.

We are continuing to see a huge demand for 5G technologies as its benefits are well-known. Our portfolio of solutions and products support large-scale 5G deployment.

Do you see demand for better connectivity infrastructure as companies invest in the hybrid workplace? In this context, how is demand for structured cabling, switches and VPN routers scaling up?

Yes, I do see a demand for better connectivity infrastructure as companies invest in the hybrid workplace. A hybrid workplace is a workplace where employees work remotely as well as in the office. Recent years have seen this model become increasingly popular, as it allows

employees to work from home when necessary, while still collaborating with colleagues in the office.

However, the hybrid workplace also presents some challenges, one of which is ensuring that employees have reliable and consistent connectivity. This is where better connectivity infrastructure comes in. Companies can ensure their employees have the tools they need to be productive by investing in better connectivity infrastructure.

A number of ways can be used by companies to improve their connectivity infrastructure. One of these ways is to invest in structured cabling. Companies can ensure that their employees have access to high-speed internet, even when they are working remotely, by investing in structured cabling.

The investment in switches and VPN routers can also help companies improve their connectivity infrastructure. In contrast, VPN routers enable employees to connect remotely to a company's network from a remote location, while switches connect multiple devices to a network. With switches and VPN routers, companies can provide their employees with a secure and reliable way to connect to the network, no matter where they work. This is where D-Link can play an important role to our customers as we boast pioneering connectivity offerings.

The demand for structured cabling, switches, and VPN routers is scaling up in the context of the hybrid workplace. As more and more companies adopt the hybrid workplace model, the demand for these products is expected to continue to rise. Regardless of where employees work, these products are essential to ensuring reliable and consistent connectivity.

What have been some of the new technologies/ products introduced in the current year?

We have invested in all the advanced technologies that are making a buzz right now – from AI, ML, blockchain to 5G, we always try to stay ahead of the market curve and present offerings that can help our partners and customers achieve business outcomes.

How has Nuclias cloud networking enabled SMB Businesses with easier network management? Have there been any updates on the Nuclias front?

D-Link’s Nuclias cloud networking solutions have enabled SMBs to enjoy the same grade of benefits as enterprises would. They have the flexibility to pay as per consumption and upgrade as they wish based on how their businesses scale and expand. We are continuously adding more features to help SMBs enhance their network management.

23 MAY 2023 / CXO DX » INTERVIEW
MEA

TACKLING THE INSIDER THREAT

Yevhen Zhurer, Head of Business Development at Ekran System and Anna Chernyavskaya, Partner Manager at Ekran System discuss the company’s focus on insider threat management

Discuss the focus of your solutions on insider threat manage-

ment

Yevhen: We provide a solution that helps organizations address insider risks by enabling identity and access management, user activity monitoring, and incident detection features. We focus specifically on the user activity monitoring user entity behavior and user behavior. We report what the user is doing or how they performed. Using AI-based analytics in real-time, we detect any anomalies in user behavior vis-a-vis the baseline behavior.

What are the deployment options for your solution?

Yevhen: We have an agent-based solution, meaning that for every workstation agent, or for example, terminal server, and so on, there should be an agent installed to reach full functionality and total control over the code. Ekran System has the flexibility to deploy as SaaS, on-premises, or in hybrid environments. Azure and AWS deployment options are available.

24 CXO DX / MAY 2023
» INTERVIEW
Anna Chernyavskaya Partner Manager, Ekran System

In this region, most of our customers, require on-prem solutions due to the sensitive data they’ve got and they need to store data securely on their premises.

Discuss your partner focus for the region.

Anna: We work through partners and have been witnessing steady growth. We have several ongoing projects being executed through partners in the region. We assist our partners with POC and other related technical queries from customers. We work with distributors such as Bulwark in the region.

How significant is the demand for these solutions in the region?

Anna: We see a growing demand. We started out during the pandemic in the region when the users were largely working on a remote basis. From that point, our business started to really grow here.

Yevhen: The demand continues because the pandemic has shown that users can work remotely not only in this region but globally. And the fact that the users are working remotely, they need to be controlled because they are using sometimes their own devices for work. And if they’re using their own devices, they can switch them for example, just Facebook or something and it can be hacked or social engineered. So, the user can be affected by specific actors and do forbidden actions which need to be monitored and alerted.

How do the alerts work?

Yevhen: Alerts are based on the rules which we set up. Just for example, continuously monitors keystrokes, meaning that a particular keyword can be used to initiate recording or to trigger an alert, providing a great way to limit the scope of data you gather and let you react to incidents in a timely fashion.

For instance, a common use case is job search, and the user is not allowed to make a job search during his working hours for the employer, and as soon as the user starts typing or opens specific websites can either start monitoring or if we did not do this, we can notify the system administrator. Our solution can be also utilized as a learning tool. When the user is trying to perform a forbidden action, we can notify the user itself with a popup message not to do it. Otherwise, the application will be killed.

Anna: Artificial intelligence helps detect activity in unusual working hours. And once the user logging into the system in unusual working hours, this system will assign a risk for him. And it will be highlighted and the administrator can pay attention to that.

How are the privacy concerns addressed?

Yevhen: We have implemented the pseudonymization functionalities. User logins and device names are substitutes with aliases. Unique aliases are assigned randomly, making it impossible to discover a pattern and link an alias back to a user. In case of a security incident, you will need to de-anonymize, a user for this, a security officer and a data protection officer (DPO) have to work together. However, users’ private data is protected from anyone who has access to the Ekran System Management Tool.

Which are the verticals of significant interest for you in the region?

Yevhen: Banking, financial services, and insurance companies still are the key verticals. The government sector, Education and Telecom are also among the major focus areas. SMBs are also a key segment since they want to monitor employee productivity.

Yevhen Zhurer, Head of Business Development at Ekran System and Anna Chernyavskaya, Partner Manager at Ekran System discuss the company’s focus on insider threat management

25 MAY 2023 / CXO DX
Yevhen Zhurer Head of Business Development, Ekran System
» INTERVIEW

ChatGPT? Bing? Bard? The tech is Called LLM

Kurt

Everyday AI Strategic Advisor at Dataiku writes about how to get started in the enterprise

It’s good to chat. And of late, it would appear that it’s good to be good at chatting. Especially if you are an AI bot. People everywhere, many of whom were not aware of how far natural-language processing (NLP) had come, have recently marveled at the capabilities of OpenAI’s ChatGPT, Microsoft’s Bing, and Google’s Bard. The underlying technology of these AI superstars is the large language model (LLM), a neural network built by churning through enormous volumes of text to create a system that is able to synthesize human-like text in response to prompts from its users.

The interest we have seen, however, is in products that are largely for consumers. They allow one-to-one, real-time interaction through ad-hoc typing or pasting of text in a Web interface. But the potential for models that can be plugged into enterprise platforms is phenomenal. So, how do we approach adoption of these powerful technologies so they can become part of our Everyday AI culture?

There are two main ways to accomplish this. The first would be APIs (application programming interfaces, which allow bespoke

26 CXO DX / MAY 2023
» COLUMN

code to make calls to an external library at runtime) exposed by cloud-native services. The second would be self-managed opensource models.

Let’s chat

Providers like OpenAI, AWS, and GCP already provide public model-as-a-service APIs. They have low entry barriers and junior developers can get up to speed with their code frameworks within minutes. API models tend to be the largest and most sophisticated versions of LLM, allowing more sophisticated and accurate responses on a wider range of topics. However, the hosted nature of the API may mean that data residency and privacy problems arise — a significant issue for privately owned GCC companies when it comes to regulatory compliance. There are also cost premiums to an API, as well as the risk of a smaller provider going out of business and the API therefore no longer being operable.

So, what about an open-source model, managed by the organization itself? There is a wide range of such models, each of which can be run on premises or in the cloud. Enterprise stakeholders have full control over the availability of the system. But while costs may be lower for the LLM itself, setting up and maintaining one necessitates the onboarding of expensive talent, such as data scientists and engineers.

In the end, different use cases within a single organization may require different approaches. Some may end up using APIs for one use case and self-managed, open-source models for another. For each project, decision makers must look to a range of factors. They must consider risk tolerance when using the technology for the first time, and so they must choose a business challenge where the department has a certain tolerance for such risk. Looking to apply LLM tech in an operations-critical area is ill-advised. Instead, look to provide a convenience or efficiency gain to a team. Finally, traditional NLP techniques that don’t rely on LLMs are widely available and can be well adapted to specific problems.

The importance of moderation

Following on from the risk issue, every LLM product should be subject to human review. In other words, the technology should be seen as an extraordinary time-saver for first drafts, but organizations should retain their review structure to ensure accuracy and quality. Let LLMs work to their strengths. LLMs are best used for generating sentences or paragraphs of text. To this end, it is also necessary to have a clear definition of what success looks like. What business challenges are being addressed and what is the preferred — and preferably, measurable — outcome? Does LLM technology deliver this?

Discussions of business value bring us neatly to a further consideration that applies to the entire field of artificial intelligence and to matters of ESG (environment, social, and governance) — responsible use. Organizations that build or use LLMs are dutybound to understand how the model was built. Every machine-learning and neural-network model that has ever existed was only as accurate, equitable, and insightful as the data used in its construction. If there was bias in the data, then there will be bias in the LLM products.

Responsible AI does not just cover the general public. What of the employee? LLM builders must have an appreciation of the model’s impact on end users, whether these are customers or employees. For example, ensuring that users know they are interacting with an AI model is critical. It is helpful to be very plain with users on how and where models are used and be open with them about drawbacks, such as those regarding accuracy and quality. The principles of responsible AI dictate that users have the right to full disclosure so that they can make informed decisions on how to treat the product of a model.

Governance and accountability

Many of these issues are addressed through a robust governance framework. Processes for approving which applications are appropriate uses for each technology are an indispensable part of an Everyday AI culture. The rules of responsible AI make it plain that individual data scientists are not the right decision makers for which models to apply to which use cases. Their technical expertise is invaluable input, but they may not have the right mindset to account for wider concerns. Those that do make the decisions should set up policies that can be easily followed without laborious consultation; and they should be held accountable for the results.

As with all business decisions, it is important not to run and join the LLM procession just because you hear the band playing. Wait, watch, evaluate. And then make the moves that are right for your organization. LLM has a place in the modern enterprise. Make sure you place it well.

27 MAY 2023 / CXO DX
Ishpreet Singh Chief Information Officer Qualys
» COLUMN
Kurt Muehmel Everyday AI Strategic Advisor, Dataiku

Let’s take the fight to the identity thieves; introducing ITDR

Michael Byrnes, director - solutions engineering, iMEA, BeyondTrust makes the case for case for Identity Threat Detection & Response

The global cybersecurity discipline is rapidly moving away from traditional perimeter-based strategies. The surge in attacks that occurred in the Arab Gulf during pandemic lockdowns was a wake-up call to the SOC. Security leaders know hybrid work has become a permanent fixture and identity is our new perimeter. The hacker has been replaced by the credentials thief. No need to break a rear window and enter by stealth when you can disguise yourself as someone who belongs and stroll brazenly through the front door.

It is easier to steal identities now because there are more identities available. Mass cloud adoption and the proliferation of non-human accounts has given rise to a ludicrous situation in which — in a very real way — identities are strewn about the floor just waiting to be picked up by nefarious parties. Because so many different tools are used to manage credentials, account supervisors may be unaware that an account is lying unused and overprovisioned. And threat actors are keen to use these accounts because they can creep through systems as a logged-on user, running no malicious code, biding their time. Such attack methods are exceedingly difficult to stop, especially when security teams lack the visibility to spot them.

Given these factors, is it any wonder that identity compromise is the cause of almost every cyberattack? Our methods for countering these kinds of incursions are not cutting it. Endpoint solutions focus on the detection of malicious code, for the most part, and are inadequately designed for discovering identity compromise, lateral movement, and privilege escalation. Calling for just-in-time (JIT)

access models is all well and good, but if the relationship between users, privileges, and systems is poorly understood because of a lack of visibility, then JIT cannot be implemented effectively.

The case for Identity Threat Detection & Response (ITDR)

So, out with the old. And to replace siloed tools, we turn to something that is really more of a methodology than a product. We call it identity-threat detection and response (ITDR). We combine security tools and processes to allow us to zero in on suspicious in-session activity and respond to attacks as they happen. ITDR is able to do this through a deeper understanding of permissions, configurations, and the relationships between accounts. And this deeper understanding comes from uniting best-in-class solutions already available in the market.

The level of insights available in ITDR opens the door to predicting likely attack paths. This is because visibility at scale allows the suite to flag compromised systems by uncovering exposed identities and a list of all the systems they can access. It also has an audit trail of where those identities have been used and has control over them; it can revoke privileges and rotate logon details, for example.

Adoption of ITDR should be undertaken carefully. Because it is more a practice than a product, integration plays a significant role in implementation. Investments can easily be squandered if stakeholders do not pay due attention to the fundamentals. Before any detection or response can take place, organizations must claim back visibility and control of the hardware and software that com-

28 CXO DX / MAY 2023
» COLUMN

prise their identity infrastructure. This visibility and control must also apply to accounts themselves. Security personnel must be able to see at a glance all current access so they can sift out overprivileged accounts.

Automated effectiveness

Identity governance, identity-lifecycle management, privileged-access management, and cloud-infrastructure entitlements management will all be important in delivering this visibility. There are platforms on the market that automate discovery of identities and privileges and enforce best practices. This can be useful when working with disparate systems across cloud and premises. Automated discovery solutions are better equipped to keep pace with a rapidly changing threat landscape. They integrate seamlessly into a range of ecosystems and automate data exchange to give a comprehensive unified view of the identity environment, regardless of technology mix. The recommendations that spring from these platforms can mean the difference between a timely discovery and a costly outage.

So far, we have been talking about visibility — about discovering the identities in place and establishing, through policy, which ones are a risk to the enterprise, and which are necessities. Next, we look at detection. With its newfound visibility, the business can bridge the gaps between its identity solutions and its security tools. Simply pouring your discovered identity data into SIEM and XDR tools is insufficient. The system used to manage identities must know information such as levels of privilege and relationship with other accounts.

Assuming everything comes together as it should, ITDR will have implemented the right basics and the security team can build on its foundation to deliver IdP/SSO services, privileged access management (PAM), identity governance and administration (IGA), and multi-factor authentication. The organization should also regularly audit every policy, process, and control to ensure they conform to current best practices. Constant vigilance and ongoing review will prevent the emergence of gaps or shadow infrastructure. If an integrated ecosystem is built in layers, this can greatly help an SOC to proactively reduce the attack surface.

Tight control

With ITDR in place, identities are there for all to see instead of hidden or obscured by IT complexity. With the right tools, signals, and integrations in place, threat hunters do not even need to respond to many identity security threats as the security suite will do this automatically. Organizations can build out identity security indicators of attack/ compromise (IACs), and leverage user and entity behavior analytics (UEBA) to better detect attacks as a secondary layer of defense. They can also build out their identity threat playbooks so that all stakeholders know how to respond to an incident.

Identity compromise must become the priority in cybersecurity. It is simply too common to ignore. Through ITDR, a path emerges — one of comprehensive visibility and tight control. One of finally taking the fight to the identity thief.

29 MAY 2023 / CXO DX » COLUMN
Michael Byrnes Director – Solutions Engineering, iMEA, BeyondTrust

THREE WAYS CIOS CAN HELP THEIR ORGANIZATIONS PLAY BOTH OFFENSE AND DEFENSE

Jason Conyard, Chief Information Officer, VMware writes that it’s incumbent on the CIO to also mitigate spiraling costs on the multi-cloud journey

In today’s uncertain economic environment, business leaders are looking to CIOs more than ever before, to accelerate key priorities while hitting aggressive financial targets. This often means charging ahead with digital initiatives that set us up for future success, while simultaneously lowering costs and optimizing for efficiency. If it sounds like these priorities are often in conflict, you’re not wrong.

Over the past few years, multi-cloud has emerged as one of the most effective ways for organizations around the globe to sharpen their competitive edge. Recent research commissioned by VMware found that nearly all (95%) organizations believe multi-cloud architectures are critical for business success.

However, several years into the multi-cloud journey, organizations are starting to see the financial and operational costs of moving fast across multiple clouds. According to the same study, 76% of multi-cloud organizations reported a need to improve control over their cloud expenses.

It’s not enough to just enable the business - it’s incumbent on the CIO to also mitigate spiraling costs. Simply said, as macroeconomic concerns rise, CIOs must play both offense and defense.

Here are three ways we can all be¬¬¬ playing both sides of the field.

1. Invest In Cloud Mobility

The value of a multi-cloud strategy is in the flexibility and freedom to access your data from anywhere and at any time. The primary risk in realizing this potential is in commercial and technical lock-in.

If your cloud provider changes their pricing model, are you commercially locked in, or can you seamlessly migrate workloads and applications?

If the next global news headline has you concerned about data privacy and security, does your team have the skills to adopt a new cloud architecture?

30 CXO DX / MAY 2023
» COLUMN

By designing and refactoring with mobility in mind, you can easily move applications between clouds without requiring significant changes to the underlying architecture, thus reducing the risk of being contingent on a particular provider.

Maintaining mobility also offers benefits such as empowering developers to choose the right cloud for the right app, leveraging best-in-class AI and ML capabilities for cross-cloud analysis and mitigation, and enabling “anywhere work” for employees all over the world while complying with data sovereignty regulations.

2. Improve Visibility To Control Cloud Spend

Rising cloud costs can be the Achilles heel of app innovation. While developers drive demand for multi-cloud technology, CIOs are often left to clean up the financial aftermath of successful app launches.

Providing visibility to your application and service owners is the first step to reigning in spend and protecting against ballooning costs.

Think about an apartment complex that includes the cost of utilities as part of the monthly rate. How closely would you monitor your electricity or water usage if you never receive a bill?

With visibility comes accountability and while previously applications owners could only optimize for security, scale and availability, today, they can now also optimize for cost.

With cloud management solutions, application owners can share in the responsibility of managing spend by looking for patterns and identifying opportunities to reduce spend. Just last year we filed a patent for an automatic cloud “dimmer switch” that reduces and redeploys cloud resources the moment they are no longer needed. This innovation has not only reduced spend but saved in energy consumption.

3. Simplify Your Landscape

In response to the profound pace of change in the industry, we’re seeing businesses be quick to add powerful technology and services to their portfolios, but much slower to fully cut the legacy systems these new tools were meant to replace. This creates a cumbersome tech web that can frustrate your business and slow down innovation.

Why go to great lengths to attract and hire top talent only to tether them to legacy apps that are no longer fit for purpose? With a simpler landscape, engineers who manage liability and risk

are no longer saddled with patching and monitoring a grab-bag of underutilized systems and applications Shed the weight and invest in the future.

When companies take the opportunity to reduce the number of legacy applications and systems, they can not only save money and increase productivity, but reduce their attack surface and risk profile. Agility is key here. To be agile and give developers the environment they need, we must simplify the landscape.

Empowering the Team on Both Sides of the Field

Leaders need to leverage their employees’ skills and empower them to help their business grow, while enabling customers to prosper. To foster this growth mindset, it requires up- and cross-skilling employees to be successful on both offense and defense: innovating fast, while controlling costs and complexity. We need to enable teams to get rid of dead weight and embrace new models to drive efficiency and better secure our businesses. At the same time, we need to reward them for thinking about both the short-term gains and long-term ROI of embracing a cloud-smart operating model.

31 MAY 2023 / CXO DX
» COLUMN
Jason Conyard Chief Information Officer, VMware

THE EVOLUTION OF RANSOMWARE – NAVIGATING A NEW AGE OF CYBERCRIME

Ransomware is one of the single biggest threats to an organization’s security. In the early days, attacks were conducted by single entities who developed and distributed massive numbers of automated payloads to randomly selected victims, collecting small sums from each “successful” attack. Fast forward to today, and these attacks have evolved to become mostly human-operated processes, carried out by multiple entities over several weeks.

In 2022, 1 out of every 13 organizations suffered an attempted Ransomware attack, while the Costa Rica government was forced to declare a national emergency when Russian hackers, Conti, breached its Ministry of Finance and demanded a $20 million ransom.

However, as we move further into 2023, ransomware as we know it is evolving: the number of victims is decreasing, and hackers’ demands are changing. You could be forgiven for thinking this is a good thing but in fact, it is because the ransomware ecosystem has become increasingly fragmented but in parallel, much more focused on specific targets and more sophisticated. New variations of malware appear daily, which

has created a complex and hard-to-navigate threat landscape. Shifting

focus from encryption to extortion

The focus of bad actors has moved away from ransom payments and is now firmly on extorting unencrypted data. Why? Unencrypted data is more valuable. It can be released into the public domain almost immediately, meaning victims will be eager to get it back, no matter the cost. Many different types of information are considered sensitive, from corporate financial and proprietary data to personal data relating to physical or mental health, financial data or any other personal identifiable information (PII), which makes the threat of data exposure even more potent. Some groups now skip the encryption phase altogether, relying on threats of data exposure alone to extort money. Data exfiltration is much easier than encrypting an entire network, implementing encryption professionally and assisting with decryption when ransom is paid. Cybercriminals find ways to do less and get more.

An extreme example of the effectiveness of the threat of personal data exposure was demonstrated in an attack on Medibank, an Australian health insurer, in October 2022. When the company refused to pay ransom demands of $10M, the attack-

32 CXO DX / MAY 2023
» COLUMN
In this article, Sergey Shykevich, Threat Intelligence Group Manager at Check Point, looks at the evolution of ransomware from a money-making exercise to highly organized operations.

ers (possibly connected to the REvil group) dumped massive amounts of personal information relating to pregnancy termination, drug and alcohol abuse, mental health issues and other confidential medical data relating to millions of Australian and international customers.

The evolution of Ransomware-as-a-Service (RaaS) While the ransomware ecosystem is splintering, we are also seeing a pivot to more attractive business models, including Ransomware as a Service (RaaS).

Often referred to as human-operated ransomware, it is the human aspect that makes RaaS so dangerous. Human attackers can make calculated decisions that result in a wide variation of attack patterns specifically tailored to individual targets. Available via the dark web, it is essentially an arrangement between two parties. One develops the tools to carry out an attack, and the other deploys the payload. If the attack is successful, both parties receive a share of the profits with the initial cost and accessibility of RaaS making it so easy. Anyone can purchase a kit and they need only well-written playbooks and some basic technical knowledge to execute an attack.

RaaS is extremely profitable, and anyone selling it is a top target for the authorities. For example, in 2021, the U.S. Department of State offered a $10 million reward for information leading to the location of RaaS specialist, DarkSide.

Security leaders are concerned RaaS will grow in popularity over the next 12 months as a potential consequence of redundancies in the technology sector. For example, in the first two months of 2023, over 107,000 tech-sector employees lost their jobs. Many layoffs were in specialist areas where technology-focused jobs are scarce, and the threat of disgruntled employees using their skills to support bad actors could start to filter into the cybercrime space.

Ransomware is a significant and costly threat that needs to be addressed. But are we seeing the tides change as governments across the world move towards offensive action against these groups?

Has the time come to hack the hackers?

Nations around the world already possess offensive hacking capabilities. In January 2023, the US Attorney General announced that the FBI and its international partners had succeeded in temporarily disrupting the network of the prolific ransomware gang, Hive. In effect, they had hacked the hackers.

The operation, which began in 2022, saved multiple government organizations from having to pay millions of dollars in ransom payments. For example, in one instance, the FBI was able to disrupt an attack against a Texas school district and stopped it from making a $5 million payment to the hackers. Clear proof that hacking on the offensive works and we could see more organizations adopt this method in the next 12 months.

Similarly, after two major, back-to-back cyberattacks against Australian telecommunications giant Optus and insurance ti-

tan Medibank, the Australian cyber security minister vowed to “hack the hackers”. In December 2022, Japan also started the process to amend laws to allow for offensive cyber operations against foreign hackers.

It begs the question; if more groups knew they could be hacked before they launched an attack, would they think twice about it?

What’s the solution to the evolution of ransomware?

One way to prevent ransomware attacks would be to introduce a ban on organizations making payments. For example, in Florida and North Carolina, it is illegal for state agencies to pay a ransom and Australia is considering codifying payment bans into law. However, this could result in bad actors specifically targeting organizations that are least likely to cope with extended periods of downtime. Hospitals, energy providers, and schools could become prime targets and the threat of genuinely harming society or individuals could force these organizations into paying.

While elements of early ransomware remains, it is undeniable that the methods and execution have evolved. It used to be about profit, but now it is about much more than that. As the threat landscape becomes more fragmented and RaaS continues to thrive, 2023 could be a pivotal year in the fight against it.

33 MAY 2023 / CXO DX
» COLUMN
Sergey Shykevich Threat Intelligence Group Manager Check Point

TREASURY TRANSFORMATION – THE TRENDSETTING FORCE

Manoj Panicker - AVP - Treasury Transformation discusses how Kyriba TMS, as an allin-one, cloud-based platform helps organizations optimize their cash and

Treasury – the nucleus of an organization

The treasury operations of a company are crucial, specifically with regard to cash liquidity, which is the most critical aspect. CFOs understand that their treasury teams must manage critical tasks such as accurate forecasting of cash flows, operational efficiency, fraud prevention, compliance, optimizing working capital, and FX risk management to maintain their organisation’s health. The performance of the treasury team directly impacts the bottom line.

The core areas of Treasury function can be broadly categorized into the following:

• Cash Management

• Liquidity Management

• Risk Management

• Capital Markets

• Corporate Finance

Challenges in Manual Process:

As per the survey taken by Kyriba – the leading Treasury Management Solution and later got published in Global Treasurer, they observed that global treasury teams are wasting an average of 4,812 hours per year using traditional spreadsheets to manage their cash, payments and accounting operations, this leads to:

• Lack of visibility of Cash Position

• Redundancy of processes

• High Banking volume

• Lack of Speed and Quality of Cash forecasting

• Challenges in settlement of payment in multi currencies

• Coping up Regulatory changes

• Non-Centralized control and efficiency

Treasury Transformation

Automating corporate treasury is becoming increasingly important as businesses look to streamline their operations and reduce costs. Automation can help improve efficiency, reduce risk, and increase visibility into financial operations.

The Wall Street Journal published a seemingly innocuous article

entitled, “Stop Using Excel, Finance Chiefs Tell Staffs,” in which CFOs lamented the time their teams waste on spreadsheets, including pulling data from disparate systems, instead of engaging in more strategic initiatives.

Kyriba TMS: Transforming Treasury Management

Treasury management has come a long way since its inception. Gone are the days when finance professionals relied on spreadsheets and manual processes to manage cash and associated risks. Today, modern treasury management systems (TMS) like Kyriba TMS have become instrumental in enabling businesses to efficiently and effectively manage their cash, liquidity, and risks. Kyriba TMS is a leading cloud-based TMS platform that is used by more than 2,000 global organizations. Let's take a closer look at this innovative solution and how it is transforming treasury management.

What is Kyriba TMS?

Kyriba TMS is an all-in-one, cloud-based platform that helps organizations optimize their cash and liquidity management, manage financial risk, and automate their financial operations. It provides a suite of modules that support treasury management, payments, risk management, supply chain finance, and working capital optimization. Kyriba TMS integrates with a wide range of systems, including banks, ERPs, and trading platforms.

Features and Benefits of Kyriba TMS:

1. Cash and Liquidity Management

Kyriba TMS provides real-time visibility into an organization's cash positions across all bank accounts and currencies. The platform's robust cash forecasting capabilities help businesses make more informed decisions about funding, investment, and liquidity management. Additionally, Kyriba TMS enables organizations to automate their cash management processes, including payments and bank account reconciliation.

2. Risk Management

Kyriba TMS provides robust risk management capabilities to help businesses mitigate financial risk. Its treasury risk manage-

34 CXO DX / MAY 2023
» COLUMN
SPONSORED

ment module enables organizations to monitor and manage market, liquidity, and credit risk in real-time. It also provides tools for creating and managing financial hedging strategies.

3. Payments

Kyriba TMS streamlines the payments process by providing a single platform to initiate, approve, and track payments. The platform supports a wide range of payment types, including bank transfers, cheques, ACH, and wire transfers. Businesses can also take advantage of the platform's built-in fraud detection and prevention tools.

4. Supply Chain Finance

Kyriba TMS provides supply chain finance capabilities that allow businesses to extend payment terms to suppliers while improving their working capital. The platform enables organizations to provide early payment options to their suppliers in exchange for discounts.

5. Working Capital Optimization

Kyriba TMS provides a range of tools to help businesses optimize their working capital. The platform's cash visibility and forecasting capabilities enable organizations to identify opportunities to improve cash flow. It also provides tools for managing accounts receivable and accounts payable.

6. Enhanced Security

Kyriba TMS offers enhanced security features to protect businesses’ financial data. Kyriba TMS (Treasury Management System) offers a range of enhanced security features to protect sensitive financial data and prevent unauthorized access. The platform employs best-in-class security protocols and technologies to ensure maximum protection for its users. Some of the key security features of Kyriba TMS include:

• SOC 2 Type 2 compliant

• Redundant disaster recovery

• Encryption, authentication and administration

• Audit trails

7. Kyriba Connectivity service

Kyriba’s Connectivity as a Service gives our customers a complete connectivity solution encompassing ERPs, internal financial systems, third party providers, and over 1,000 ‘out-of-the-box,’ pre-configured, pre-tested connections with financial institutions across the globe. Kyriba’s solution includes application processing interfaces (APIs) delivering real-time integration, payments and reporting.

Why Choose Kyriba TMS?

For superior decision-making support across a wide range of corporate activities and risk management techniques, Kyriba offers unmatched cash visibility. Treasury management solutions from Kyriba have a wealth of features and functionality to aid in efficient treasury/cash administration. It is the best method for maximising profitability while managing your working capital. By skilful management of cash, liquidity, payments, and financial risk, the entire company's liquidity can be optimised.

The 5 WHYs to choose Kyriba:

1. Integrated solution focused on Treasury and Finance.

2. 100% SaaS - Multi tenant architecture.

3. Connectivity - Integrated connectivity managed 100% by Kyriba

4. Global Solution - Product interfaces in 14 languages, international support centres

5. Security - Unique secure platform, digital signatures, encryption, multi-factor authentication, SSO, SOC 2 Type 2, ISO 27001

Finesse- Kyriba Partnership

Finesse is a renowned implementation partner for Kyriba, boasting a team of highly certified consultants who have accomplished over completed over 40 successful implementations across more than 10 countries worldwide. Leveraging their profound treasury expertise and industry know-how, Finesse adopts a meticulous approach to drive treasury transformation and pairs it with Kyriba's innovative cloud-based treasury and financial management solution platform. Collaborating together, Finesse and Kyriba are able to support clients in optimizing their treasury processes.

Conclusion

As the Treasury Automation helps treasury teams to harness more data and employ more analytics, those teams will become more strategic and capable of meeting their CFOs’ expectations. And companies will enjoy improvements in free cash flow, cash usage for working capital, productivity and efficiency, investing and borrowing performance, and reduced risk exposures.

35 MAY 2023 / CXO DX » COLUMN
Manoj Panicker AVP – Treasury Transformation, Kyriba TMS

DAP-3666 WIRELESS AC1200 WAVE

2 DUAL-BAND OUTDOOR POE ACCESS POINT

The DAP-3666 Wireless AC1200 Wave 2 Dual-Band Outdoor PoE Access Point is a versatile, high power outdoor access point designed with harsh weather resistant features making it an ideal solution for creating outdoor wireless hotspot networks. Utilising the cutting-edge speed of 802.11ac Wave 2, it deliveres maximum combined wireless signal rates of up to 1200Mbps and supports MU-MIMO technology that allows multiple devices to get high-bandwidth Wi-Fi signal at the same time, distributing data more efficiently. It is Passpoint certified by Wi-Fi Alliance and complies with Hotspot 2.0, making the process of devices finding and getting access to the known network seamless.

For centralise network management, administrators can use D-Link’s free Nuclias Connect software or Nuclias Connect Hub (DNH-100) to configure and manage multiple access points. In order to achieve optimal network performance, the DAP-3666 has several operational modes tailored to best fit the individual needs of your network. Access Point, Wireless Client, WDS (Wireless Distribution System), and WDS with Access Point modes allow for flexible, customizable deployment.

The GORE-TEX Technology repels water and harmful dust while at the same time letting heat and humidity dissipate, allowing the DAP-3666 to boast a certified IP68 rating. Extreme summers or freezing winters pose little threat to the DAP-3666’s subtle, clean-line design.

Highlights:

• Easy to manage with D-Link’s free management software-based solution, Nuclias Connect

• Superior throughput with dual-band transfer speeds up to 300 Mbps in the 2.4 GHz band and 867 Mbps in the 5 GHz band

• Band Steering makes sure connected devices get the best available frequency band

• Supports Power over Ethernet (802.3af) for simpler installation with less cable clutter

• Weather Resistant to temperatures between -30 and 60°C

• GORE-TEX® Technology repels liquid water while allowing for heat and humidity dissipation

LEXAR ARES RGB DDR5 DESKTOP MEMORY

Specifically designed for gaming, the Lexar ARES RGB DDR5 Desktop Memory delivers superior performance with speeds starting at 5600MHz and up to 6000MHz2, and with quick CL32-36-36-68 / CL3438-38-76 timings (XMP 3.0 & EXPO). A premium aluminum heat spreader keeps the gaming system cool for ultra-fast performance.

Lexar ARES RGB DDR5 Desktop Memory features on-board Power Management IC (PMIC) to provide better power control and power delivery and it also includes Lexar RGB Sync which lets gamers customize the RGB LED to their own style.

Highlights:

• Superior gaming performance with next-gen DDR5

• Lexar RGB Sync lights up the game

• Built-In Power Management IC (PMIC) enhances power efficiency

• Premium aluminum heat spreader for optimal heat dissipation

• Designed for the latest Intel XMP 3.0 and AMD EXPO

• Lifetime limited warranty

36 CXO DX / MAY 2023
» TECHSHOW

45B1U6900CH, A NEW PHILIPS MONITOR

Thenew Philips monitor, 45B1U6900CH, will be available to the Middle East with an aim to facilitate workflow. The Philips 45B1U6900CH is equipped with a large, 44.5inch (113 cm. diagonal) screen with 5120 x 1440 resolution and several other features that are designed to aid professionals' multitasking, such as: a 5MP webcam, USB-C docking with RJ45, a 32:9 SuperWide screen, and a curved display with viewing angles of 178/178 degrees.

Instead of having two separate monitors, the Philips 45B1U6900CH’s 44.5-inch screen and 32:9 SuperWide ratio allows professionals to easily open multiple windows and have an extra-wide perspective for viewing video content. In addition, the monitor’s Curved VA Display produces wide, 178/178-degree viewing angles and 1500R curvature for crisp, high-contrast imagery and an overall more immersive experience.

Highlights:

• ASUS’ Evo Platform Lineup ensures t • In addition to its large screen, another key asset for optimal productivity is the Philips 45B1U6900CH’s pop-up 5MP webcam. Optimized for a better video experience, the monitor is equipped with

a noise-cancelling microphone and a built-in 5MP webcam for high-quality meeting calls.

• The pop-up 5MP webcam also aids individual productivity with Windows Hello; the advanced sensors for facial recognition logs each user into their Windows accounts within seconds.

• •With the USB-C Docking with RJ45., professionals are able to connect to the network with RJ45, set up USB-C 100W power delivery to their connected device, experience high-resolution video output, and connect an external device for high-speed data transfer.

• Display HDR 400 for VESA certified, high-quality coloring on screen, a headphone hook for easy stowage, and MultiClient Integrated KVM for controlling a two PC setup on the same monitor.

• The monitor’s TUV Rheinland Eyesafe RPF 50 certification ensures protection against blue light-induced eye strain with its ever-present blue light filter on the display.

LEXAR FLY MICROSDXC UHS-I CARD

Designed for drone and action camera photography enthusiasts, the Lexar FLY microSDXC UHS-I Card lets users quickly capture and transfer high-quality media files, including Full-HD and 4K UHD1 video with speeds up to 160MB/s read and up to 90MB/s write2.

This card is also rated Class 10, UHS Speed Class 3 (U3) and Video Speed Class 30 (V30), giving users the stable write speed performance they need to ensure smooth and efficient recording so dropped frames are a thing of the past. And, with up to 256GB capacity, drone enthusiasts can stay airborne, capturing more aerial footage on one card.

Highlights:

• Reliable performance designed specifically for drone and action cameras

• Quickly captures, plays back, and transfers media files, including Full-HD and 4K UHD1, with write speeds up to 90MB/s

• Delivers read speeds up to 160MB/s for quick offloads

• Up to 256GB to capture more aerial footage

• Designed for durability, even in harsh conditions

37 MAY 2023 / CXO DX
» TECHSHOW

Public Cloud End-User Spending to Reach Nearly $600 Billion in 2023

Cloud Drives Digital Business Transformation Through Emerging Technologies, Including Generative AI

Worldwide end-user spending on public cloud services is forecast to grow 21.7% to total $597.3 billion in 2023, up from $491 billion in 2022, according to the latest forecast from Gartner, Inc. Cloud computing is driving the next phase of digital business, as organizations pursue disruption through emerging technologies like generative artificial intelligence (AI), Web3 and the metaverse.

“Hyperscale cloud providers are driving the cloud agenda,” said Sid Nag, Vice President Analyst at Gartner. “Organizations today view cloud as a highly strategic platform for digital transformation, which is requiring cloud providers to offer more sophisticated capabilities as the competition for digital services heats up.”

“For example, generative AI is supported by large language models (LLMs), which require powerful and highly scalable computing capabilities to process data in real-time,” added Nag. “Cloud offers the perfect solution and platform. It is no coincidence that the key players in the generative AI race are cloud hyperscalers.”

All segments of the cloud market are expected see growth in 2023. Infrastructure-as-a-service (IaaS) is forecast to experience the highest end-user spending growth in 2023 at 30.9%, followed by

platform-as-a-service (PaaS) at 24.1% (see Table ).

Gartner predicts that by 2026, 75% of organizations will adopt a digital transformation model predicated on cloud as the fundamental underlying platform.

“The next phase of IaaS growth will be driven by customer experience, digital and business outcomes and the virtual-first world,” said Nag. “Emerging technologies that help businesses interact more closely and in real time with their customers, such as chatbots and digital twins, are reliant upon cloud infrastructure and platform services to meet growing demands for compute and storage power.” While cloud infrastructure and platform

services are driving the highest spending growth, SaaS remains the largest segment of the cloud market by end-user spending. SaaS spending is projected to grow 17.9% to total $197 billion in 2023.

“The technology substrate of cloud computing is firmly dominated by the hyperscalers, but leadership of the business application layer is more fragmented,” said Nag. “Providers are facing demands to redesign SaaS offerings for increased productivity, leveraging cloud-native capabilities, embedded AI and composability – particularly as budgets are increasingly driven and owned by business technologists. This change will ignite a wave of innovation and replacement in the cloud platform and application markets.”

Worldwide Public Cloud Services End-User Spending

38 CXO DX / MAY 2023 » TRENDS
2022 2023 2024 Cloud Application Infrastructure Services (PaaS)111,976 138,962170,355 Cloud Application Services (SaaS)167,342 197,288232,296 Cloud Business Process Services (BPaaS)59,86165,24071,063 Cloud Desktop-as-a-Service (DaaS) 2,525 3,122 3,535 Cloud Management and Security Services 34,487 42,401 51,871 Cloud System Infrastructure Services (IaaS)114,786 150,310195,446 Total Market 490,977597,325 724,566
Forecast
of U.S.
BPaaS = business process as a service; IaaS = infrastructure as a service; PaaS = platform as a service; SaaS = software as a service Note: Totals may not add up due to rounding. Source: Gartner (April 2023)
(Millions
Dollars)
Experience Next-Gen Memory & Storage Innovations Visit us at : Central Aisle, Booth 4C - 35

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.