Gulf Business TECH Dec 2023 by Motivate Media Group

2023

KNOW MORE ON P.24

012

UNFOLD THE

#FoldablesReimagined

FUTURE REIMAGINING MOBILE: EXPLORE HOW OPPO’S FIND N3 IS BREAKING BARRIERS AND SHAPING THE NEXT CHAPTER OF COMMUNICATION

INSIDE: P.08 HOW THE TECHNOLOGY SECTOR IS DELIVERING ON SUSTAINABILITY P.22 EVERYTHING YOU NEED TO KNOW ABOUT KILLWARE

2023

KNOW MORE ON P.24

012

Embrace Embraceananexpansive expansivea for enhanced viewingplea ple for enhancedviewing sleek sleekand andlightweight lightweigh

UNFOLD THE

#FoldablesReimagined

FUTURE REIMAGINING MOBILE: EXPLORE HOW OPPO’S FIND N3 IS BREAKING BARRIERS AND SHAPING THE NEXT CHAPTER OF COMMUNICATION

INSIDE: P.08 HOW THE TECHNOLOGY SECTOR IS DELIVERING ON SUSTAINABILITY P.22 EVERYTHING YOU NEED TO KNOW ABOUT KILLWARE

screen eand andflawless flawlessscreen asure, easure,packaged packagedininaa foldablephone phone thtfoldable

WhatsOn.ae

Sponsor

Printing Partner

SCAN TO REGISTER

WhatsOnAbuDhabi

Beverage Partner

Vote Processing Partner

#WOAwards

Presented By

Sustainable solutions for the security industry

Getty Images

C O N T E N T S

Some security companies remain concerned that sustainable products may lack the same quality or longevity as traditional plastics

Pic: Supplied

012 | 2023

‘fold’ is 24 Why the future

The involvement of large institutions has the potential to catalyse market confidence and lead to widespread adoption of all things crypto. So, I think it is important to understand the various factors behind increased institutional appetite.”

Navigating risks, building resilience We explore how financial institutions can navigate reputational risk, ransomware and the ‘operational resilience’ imperative

Getty Images

www.typography.com

— Nicola Buonanno, VP Southern EMEA, Chainalysis

Oppo shines the spotlight on its latest flagship devices: Find N3 Fold and Find N3 Flip smartphones

0 0 3

DATE: DECEMBER 7, 2023

FIND OUT MORE

VENUE: FAIRMONT THE PALM

BOOK YOUR SEAT

CampaignME.com/marcomms360 CampaignMiddleEast

CampaignME

Gold Sponsors

Delegate Partner

Presented By

#marcomms360

P.33 How generative AI can support enterprise tech Generative AI tools can analyse purchase data to identify trends and patterns and inform business decisions and strategies, informs Dataiku’s Sid Bhatia

Editor-in-chief Obaid Humaid Al Tayer Managing partner and group editor Ian Fairservice Chief commercial officer Anthony Milne anthony@motivate.ae

Pic: Supplied

P.39 Connecting the dots Help AG’s Nicolai Solling shares how preventing cyber threats and disruptions not only protects essential services but also minimises resource wastage and environmental damage

Publisher Manish Chopra manish.chopra@motivate.ae

EDITORIAL Group editor Gareth van Zyl Gareth.Vanzyl@motivate.ae

Editor Neesha Salian neesha@motivate.ae

Digital editor Marisha Singh marisha.singh@motivate.ae

Getty Images

Senior feature writer Kudakwashe Muzoriwa Kudakwashe.Muzoriwa@motivate.ae

Senior art director Freddie N. Colinares freddie@motivate.ae

PRODUCTION HEAD OFFICE: Media One Tower, Dubai Media City, PO Box 2331, Dubai, UAE, Tel: +971 4 427 3000, Fax: +971 4 428 2260, motivate@motivate.ae DUBAI MEDIA CITY: SD 2-94, 2nd Floor, Building 2, Dubai, UAE, Tel: +971 4 390 3550, Fax: +971 4 390 4845

General manager – production S Sunil Kumar Production manager Binu Purandaran

ABU DHABI: PO Box 43072, UAE, Tel: +971 2 677 2005, Fax: +971 2 677 0124, motivate-adh@motivate.ae SAUDI ARABIA: Regus Offices No. 455 - 456, 4th Floor, Hamad Tower, King Fahad Road, Al Olaya, Riyadh, KSA, Tel: +966 11 834 3595 / +966 11 834 3596, motivate@motivate.ae

Production supervisor Venita Pinto

LONDON: Acre House, 11/15 William Road, London NW1 3ER, UK, motivateuk@motivate.ae

SALES & MARKETING

Cover: Freddie N. Colinares

Senior sales manager Sangeetha J S Sangeetha.js@motivate.ae

Follow us on social media: Linkedin: Gulf Business/GBTechTalk Facebook: GulfBusiness/ GBTechTalk; Twitter: @GulfBusiness; Instagram: @GulfBusiness

Group marketing manager Joelle AlBeaino

A GULF BUSINESS INITIATIVE

joelle.albeaino@motivate.ae 0 0 5

THE FEED

SUSTAINABLE SOLUTIONS FOR THE SECURITY INDUSTRY

virgin plastics, which are increasingly recognised as high-end materials to be used in surveillance products.

Switching to sustainable alternatives is imperative, yet some security companies remain concerned that more sustainable products may lack the same high quality or longevity as traditional plastics

ENSURING TOP QUALITY MATERIALS

mid rising concerns for the environment, there has been increased demand for sustainable practices across all industries. This has gone hand-inhand with the introduction of new regulations and frameworks, such as the EU’s Sustainable Product Policy Initiative, which aims for ‘green’ products to become the norm for industry use. Initiatives like this are urging companies to prioritise the use of more sustainable materials, and making sustainability a priority for stakeholders. While altering the security industry product pipeline doesn’t come without challenges, there are now several more sustainable alternatives for plastic materials. The industry needs to consider what options are available today and how businesses can adapt their products accordingly. WHERE THE INDUSTRY IS TODAY

Product design is evolving to meet sustainability demands. There are more and more sustainable materials to choose from compared to ten years ago, providing security companies with an opportunity to adjust their product pipeline for the better. A notable development is the emergence of bio-based plastics, which are either fully or partly made from biological resources. Alongside recycled plastics, these sustainable alternatives offer a wide range of green design opportunities to manufacturers. While more sustainable options are becoming available, a lot 0 0 6

AUSRA REINAP SENIOR ENVIRONMENTAL ENGINEER, ENVIRONMENT AND SUPPLY CHAIN SUSTAINABILITY AXIS COMMUNICATIONS

of so-called virgin, fossil-based plastics – particularly polycarbonate-based materials – are still widely used in the security industry. Their long-lasting, resilient design has traditionally been an advantage, but this longevity also presents several challenges. Some plastics can contain hazardous substances which have a toxic effect on the environment. If disposed of via landfill, their long lifecycle means they will remain in the environment for a long time. Alternatively, these plastics might be diverted from landfills to waste-to-energy facilities where they are combusted to generate energy for homes and businesses, generating carbon emissions that harm the planet. Switching to sustainable alternatives is imperative, yet some security companies remain concerned that more sustainable products may lack the same quality or longevity as traditional plastics. These are core requirements for security products such as network cameras, which need to be durable. While it’s true that sustainable materials were once used solely for short-term products, like packaging, innovations in recent years mean sustainable plastics have advanced hugely. There are now a growing number of more robust and long-lasting alternatives to

The quality of sustainable materials must remain a core priority for manufacturers operating in the security sector — not only to meet customers’ expectations but also to comply with regulations. Manufacturers need to meet the most stringent regulations worldwide if they are to sell their products globally. Any material used in product design requires extensive testing, whether that is testing outdoors to ensure products work correctly in adverse weather conditions, failsafe tests to ensure they meet fire safety regulations, or electrical testing to ensure they don’t pose a risk to the end-user. One challenge is that safety requirements may not be in line with sustainability requirements. Companies can’t jeopardise safety in favor of sustainability, but there is a limited pool of certified sustainable materials that meet safety regulations as well as less available data on these newer materials. As a result, testing is far more extensive for sustainable materials than traditional plastics: it’s core to ensuring they are safe to use and will not hinder the quality or lifetime of the end product. By testing sustainable materials, manufacturers can develop their knowledge of the material and verify its long-term properties. When upgrading existing products or testing recycled materials, for instance, some sustainable materials are more effective and resilient

“THERE ARE NOW A GROWING NUMBER OF MORE ROBUST AND LONG-LASTING ALTERNATIVES TO VIRGIN PLASTICS, WHICH ARE INCREASINGLY RECOGNISED AS HIGH-END MATERIALS TO BE USED IN SURVEILLANCE PRODUCTS.”

G B T E C H TA L K

12 | 2023

than the virgin plastics used historically. It’s become clear that sustainable products can be just as good – if not better – than their plastic counterparts in terms of longevity. Manufacturers must also look to the future when testing materials. If a product has a lifecycle of ten years or more, manufacturers cannot be certain whether the materials used to develop that product today won’t be restricted in the years to come. Manufacturers ought to stay one step ahead here, pre-emptively finding alternatives for both the materials deemed hazardous today, and the risky materials, such as brominated and chlorinated flame retardants, which are likely to be restricted in the future. Phasing out substances in advance of legal requirements not only ensures readiness for compliance, but provides a competitive advantage. UNDERSTANDING THE VALUE CHAIN

Manufacturers must conduct research into their supply chains to determine where materials have been produced, and how they have been sourced and understand their wider social and environmental impact. This extends beyond asking ‘Is this material sustainable?’; it brings a range of other factors, such as labour ethics, into question. Yet the traceability and transparency of supply aren’t always clear. Sometimes a sustainable choice comes with a negative impact that must be considered. For instance,

PRODUCTS ARE DESIGNED WITH PARTICULAR MATERIALS IN MIND,

and it isn’t always simple to adapt them for bio-based and more sustainable materials

it can’t be assumed that any biobased material is sustainable. What if the plants grown to create it are using up arable land and depriving the local population of food? There is a lot to dig into to ensure security companies are making the most sustainable choice possible, while balancing it with developing a highquality, high-performance product. This balance is easier to achieve through strong collaboration with material providers, as they can share valuable insights into the properties of materials, as well as details of their source.

It requires investing resources to make |design changes and reverify new materials to ensure they meet regulatory requirements and maintain the product quality – meeting all the same customer demands (if not more) than the original product. However, there are newly developed methods for upgrading and producing high quality recycled materials to boost performance and reduce degradation, therefore maintaining the longevity and quality of existing products. Beyond design, manufacturers must also consider the lifetime of the product and its end-of-life. There have been significant shifts in the plastics industry to meet increased demand for recycled and bio-based materials, thereby reducing some of the associated costs. While there is still room for improvement in the global recycling infrastructure, the industry is seeing continued progress.

SWITCHING TO SUSTAINABLE PLASTICS

A RESILIENT, SUSTAINABLE FUTURE

Despite their high-quality and ethical value, switching to sustainable plastics can come at a financial cost given the higher raw material price. This is particularly true if working with a supplier to develop a bespoke material for a unique need or to pass a specific certification. Of course, the proliferation of more sustainable materials on the market is inevitably making production more cost-efficient. This trend will continue as more manufacturers opt for recycled and bio-based materials over traditional plastics at the start of the product design process. Manufacturers can also upgrade existing products in the market to make them more sustainable, though this comes with some challenges. Products are designed with particular materials in mind, and it isn’t always simple to adapt them to bio-based and more sustainable materials.

Innovation in the plastics industry has provided more sustainable options to choose from than ever before, many of which offer the same – if not greater – quality and longevity as their virgin plastic counterparts. When combined with significant advances in recycled options and the capability to re-design products around bio-based materials, there is a clear opportunity today for companies to make the switch to more sustainable plastic materials. The move to a sustainable future doesn’t come without its challenges, and it may be some years to come before ‘green’ is seen as the norm. Yet forwardthinking manufacturers are already opting for sustainable materials that have a more limited impact on the environment while providing customers with long-lasting, high-quality and resilient products. 0 0 7

THE FEED

CHARTING A PATH TOWARD SUSTAINABILITY How the technology sector can deliver on sustainability using a foundational approach

UNA PULIZZI GLOBAL HEAD OF CORPORATE AFFAIRS KYNDRYL

investigating the adoption of new AI tools, and investing in cyber security and resiliency capabilities. These all have climate considerations and are a part of the conversation as enterprises grapple with their climate footprint, as well as those of their suppliers. AT THE CROSSROADS

Digital infrastructure sits at an intersection where environmentally conscious corporate action can translate into cost savings and business growth. That’s good news for enterprises that are charting paths to carbon neutrality and setting goals to achieve net zero. It means enterprise leaders can balance both driving growth

Getty Images

ehind every enterprise is a sprawling IT estate. These include all the complex technological infrastructure and digital ligature that is necessary to keep data moving – efficiently and securely – from one place to the next. These functioning estates power businesses around the world, keeping commerce and the daily lives of billions of people running smoothly. Digital infrastructure may not be the first place one turns when thinking about climate action, but it would be a mistake to ignore it. As companies grapple with modernising their operations to keep pace with the times, they are shifting to the cloud,

and environmental efficiency – one doesn’t have to come at the expense of the other. Take the adoption of cloud technology as an example. It’s been shown to help enterprises reduce energy use by as much as 85 per cent. Tools exist to support this work; and, collaborating with the right partners can enable enterprises to calculate emissions across their entire technology estate, providing critical information that can be used to develop tailor-made reduction plans. IT can be – and is – part of a broader approach toward rewiring for a more sustainable future. As the global head of corporate affairs for a company that’s redefining how IT services are delivered, I know the difference purpose-driven companies can make: for their employees, customers, stakeholders, and communities. Driving environmental impact must be a key pillar in a company’s broader strategy. We

0 0 8

12 | 2023

“COMPANIES INCREASINGLY ACKNOWLEDGE THE PROMISE OF SOUND ENVIRONMENTAL STRATEGY. GLOBAL SUSTAINABLE INVESTMENT HAS GROWN, SURPASSING $35TN, AS CUSTOMERS AND TALENTED EMPLOYEES ALIKE GRAVITATE TOWARD COMPANIES THAT SHARE THEIR VALUES. ”

Getty Images

know organisations can drive their sustainability strategies and build best practices into their operations and workplace cultures, and that can, in turn, result in scalable impact. When sustainability is built upon a strong culture and business strategy, enterprises can navigate around greenwashing practices that damage public trust. The matter becomes one of focus and execution. PART OF A BROADER RESPONSIBILITY

Sustainability involves more than energy and emissions reductions, and is only one part of an enterprise’s broader responsibility to instill integrity into governance and purpose into culture. This is difficult, painstaking work. But it’s worth it. Companies increasingly acknowledge the promise of sound environmental strategy. Global sustainable investment has grown, surpassing $35tn, as customers and talented employees alike gravitate toward companies that share their values.

EARLIER THIS MONTH IT NOTABLY PLEDGED

$4.5BN

to help finance climate projects in several African nations, including toward the development 15 gigawatts of clean power by 2030

In the context of COP28 UAE, it is abundantly clear that organisations around the world are doing their part to foster sustainability, aligning with the United Nations SDGs and focusing on implementing realistic solutions. You see this leadership right here in UAE, where the focus will be reducing global emissions to meet the Paris Agreement targets. And, we welcome their leadership as they host COP28. For decades, the UAE has invested in ambitious projects aimed at reducing the

globe’s climate impact. Earlier this month it notably pledged $4.5bn to help finance climate projects in several African nations, including toward the development of 15 gigawatts of clean power by 2030. And last October, the UAE launched its ambitious strategic initiative to achieve climate neutrality by 2050. These actions can contribute to a foundational approach to sustainability and have the potential to improve lives for generations to come. 0 0 9

THE FEED

COUNTING ON CRYPTO We explore how institutional investment is fuelling the UAE’s crypto market growth

they have noticed that not all cryptocurrencies have exhibited volatility. An entire subclass known as stablecoins are pegged to fiat currencies. (For example, October saw the launch of the UAE-dirham-pegged DRAM). Stablecoins are backed by an equal amount of fiat currency, sometimes in the form of short-term securities like treasury bills and commercial paper. On decentralised exchanges, which are especially popular in the UAE, stablecoins provide an alternative to fiat, enabling direct trading against global currencies through smart contracts.

Getty Images

02. REGULATION AND GOVERNMENT SUPPORT

henever you are looking for a test case in the adoption of some new technology, you need to look no further than the UAE. The country has lately been a leader in the field of crypto assets, publishing a strategy on blockchain, legislating on NFTs or non-fungible tokens, and even arising as a possible purveyor of a central bank digital currency (CBDC). In particular, the UAE leads in institutional investment within the crypto space, in that institutional investment is fast becoming the biggest segment of crypto investments in the country. According to Chainalysis’ fourth annual Geography of Cryptocurrency Report, between July 2022 and June 2023, around two in three (67 per cent) cryptocurrency transactions in the UAE were for values over $1m, and therefore, classified as institutional investments. 0 1 0

01. MARKET MATURITY

Cool-headed institutional investors are beginning to see a mature market for crypto assets to take root. They are recognising that crypto is not as volatile as a few analyst reports suggest and that even the so-called “crypto winter” has largely been in lockstep with the performance of traditional financial markets. In addition,

Earlier we mentioned the confidence institutional engagement will bring to the crypto space. However, we must remember that those same institutions need reassurances of their own before dipping their toes. Regulations can help protect consumers and the companies that go looking for opportunities. Guidelines on cybersecurity and how to spot fraud are also helpful. Last year, Dubai established the Virtual Asset Regulatory Authority (VARA) to oversee the crypto market and authorities are continually updating compliance rules to protect and encourage in equal measure. The UAE is also working with other governments on mBridge, a cross-border payments project, and the central bank is working towards the launch of a CBDC. This clear intent by the government to establish the country as a global crypto hub encourages institutions to also be a part of the burgeoning crypto economy.

“THE INVOLVEMENT OF LARGE INSTITUTIONS HAS THE POTENTIAL TO CATALYSE MARKET CONFIDENCE AND LEAD TO WIDESPREAD ADOPTION OF ALL THINGS CRYPTO. SO, I THINK IT IS IMPORTANT TO UNDERSTAND THE VARIOUS FACTORS BEHIND INCREASED INSTITUTIONAL APPETITE.”

12 | 2023

03. INSIGHTS GALORE

It’s rare for institutions to invest in any financial asset without first conducting due diligence. Traditional assets afford investors access to swathes of market data to guide informed decision-making. Crypto businesses can take this a step further with on-chain data. On-chain segmentation can, for example, look at holdings and wallet age to determine all kinds of behavioural proclivities, which empowers more informed decisions. With the right tools, institutions can extract real, actionable insights. 04. CYBER RESILIENCE

Risk management is a function fraught with challenges in today’s global digital economy. As institutional investors look to

the crypto future and try to figure out how to leverage it, they must find ways to protect their assets. Security has always been an issue in Crypto World but one that is being addressed in a manner that institutional investors appreciate. In the early days of crypto, centralised exchanges quickly emerged as a means of transferring ownership of, and storing, cryptocurrencies. But a few such custodians suffered from security shortcomings that led to major attacks. Mt. Gox is just one example of this. The Tokyo-based exchange lost BTC 850,000 in a 2014 attack. Centralised exchanges have come a long way since then. Hacks against centralised services have largely been on a decline. Whereas between 2016 to 2020, 50 to 90 per cent of cryptocurrencies stolen

in all hacks were traced back to the exploitation of centralised services, in 2021 and 2022, this figure dropped sharply to well below 25 per cent. Today’s cyberattacks are more commonly found at the frontier of crypto: decentralised finance (DeFi), which is also the most transparent sector of the crypto ecosystem where all transactions are visible and the code behind protocols is in the open for all to see. This same transparency is what made DeFi protocols – especially popular in the UAE – a target for most hacking incidents last year, as shown in the Chainalysis’ 2023 crime report. But DeFi is fighting back, partnering with blockchain security firms to conduct code audits, identify vulnerabilities, and patch them. These efforts are bearing fruit as the value of cryptocurrency stolen in DeFirelated hacks has dropped year on year. While such data tends to be heavily characterised by outlier events (and so one or two largescale attacks by year end could tip the scale), the news is undeniably positive at present and is driving institutional investor sentiment into a bullish zone. In this regard, DeFi is like any new technology born on the Internet. The early days are often beset by security challenges but then adoption gathers steam and experience feeds a cycle of improvement.

Getty Images

THE FINAL WORD

The UAE government is behind crypto. Regulations and experience have combined to produce a mature market. And the blockchain and its treasure trove of actionable data is just waiting to be mined. The UAE’s crypto sector are in high gear and on a highway to success. And the more institutions that leverage crypto as an asset class, the more innovation we will see in the segment. The potential use cases could rival, or even outdo, traditional finance once again placing the UAE at the forefront of global innovation. 0 1 1

Getty Images

THE FEED

FIGHTING FRAUD WITH TOKENISATION As financial services become more sophisticated, so do the fraudulent techniques used by scammers. But this is where tokenisation can make a difference

esidents of the UAE have undoubtedly experienced their fair share of fraudulent phone calls and text messages from scammers attempting to obtain their personal information. In fact, 66 per cent of UAE residents have received messages from scammers posing as their bank. With the growing threat of data scams, an increased need for security measures has emerged - measures that protect both customer data and the reputation of businesses. As the e-commerce industry in the GCC expands, the security of data in online payments is an 0 1 2

HUSSAM KAYYAL OFFICER FOO

important cause for concern. Fintech has evolved to deliver more ways to bank and buy online, however, it has also increased the risks associated with data security. Sure, we can now make a payment with just a tap, or auto-save our payment details in apps, but does that mean the merchant you’re paying, or anyone else for that matter, has access to your card details? WHERE TOKENISATION CAN HELP

With the implementation of tokenisation, the answer is no. Payment tokenisation is a security technique used by financial institutions and merchants that replaces

sensitive payment information, such as credit card numbers, with a unique set of characters. These characters, which are randomly generated by an algorithm, create a ‘token’. Tokens can pass through the internet or other wireless networks to process a payment without ever exposing credit card details. Tokenisation is the technology used for touch-and-go payments, such as Apple or Google Pay, and for in-app purchases. When these transactions occur, only the digital token is transmitted to the merchant or app, keeping card details completely secret and safe. It’s important to note that Tokenisation does not guarantee that security breaches won’t happen. It does, however, guarantee that if they do happen, vital data is protected. Since card data is replaced with a token that cannot be decoded or traced back to the owner, the token itself does not provide any value to scammers. In addition to enhanced safety, organisations can benefit from several advantages by implementing tokenisation. For example, it has great potential to help e-commerce businesses flourish by enabling merchants to accept subscriptions or recurring payments. Since tokens are used, the customer’s actual financial information is not stored with the business. This allows businesses to accept subscriptions or recurring payments, without bearing the risk of storing sensitive card information. It also enables faster and more efficient transactions by eliminating the need for intermediaries, such as banks, to validate transactions. This reduces transaction fees and settlement times, making it more cost-effective and efficient for businesses. With the UAE’s e-commerce market forecasted to increase by 60 per cent by 2025, tokenisation can support businesses through this surge. Another benefit is that tokenisation helps ensure compliance with

12 | 2023

with a regional Fintech company, you cannot put a price on ensuring the security of customer data. We’ve had the opportunity to develop end-to-end tokenisation solutions for a variety of financial institutions and merchants in the region. Using Android and iOScertified software development kits, we’ve enabled functionality across mobile banking apps and touch-and-go payment systems. Another key to successful tokenisation solutions has been ensuring compliance with PCI DSS best practices. MORE APPLICATIONS

And it’s not just card numbers that can be tokenised. A variety of sensitive information can be ‘tokenised’ by banks to enhance safety. Addresses, phone numbers and other personal details can be

replaced with tokens so if unauthorised access occurs in banking systems, only tokens can be obtained, which have no value to scammers. Tokenisation can also be used in ATM transactions to ensure secure communication between the ATM and bank servers to prevent skimming and other attacks on ATM infrastructure. As financial institutions and businesses across the GCC continue to deliver more innovative, app-based customer experiences, they need to be more mindful than ever before of the evolving risks posed by online data fraud. Leveraging tokenisation protects customer data, but it also safeguards company reputation. In a world where trust can so easily be breached, tokenisation is a vital tool to build and retain it.

Getty Images

the Payment Card Industry Data Security Standard (PCI DSS) - a globally recognised standard created to better control cardholder data and reduce credit card fraud. By ensuring compliance and simultaneously protecting customer information in the case of a security breach, tokenisation can safeguard companies against lawsuits and legal implications that could cost money and harm business reputation. And then there’s the invaluable advantage of trust. Almost half of all consumers in the region lose trust in a company whose name appears in fraudulent communication, despite the company having no actual connection to it. Tokenisation not only protects the reputation of your business, but helps build trust with your customers. In my experience working

0 1 3

THE FEED

WATCH AND LEARN Observability, as opposed to monitoring, allows IT teams to not just see everything, but to see it within the context of the bigger picture

Getty Images

o more with less’ seems to be the mantra of Middle East IT departments. Less budget, less staff, less time – the odds are stacked against these professionals. Moreover, this challenge will only be exacerbated by growing skills gaps – the UAE alone is expected to experience a $50bn digital skills gap by 2030. The ‘more’ part of the equation however, continues to grow. More responsibility, more innovation, more productivity, and perhaps most importantly of all, more data. And with the Middle East’s digital economy projected to grow more than four-fold to about $780bn by 2030, data volumes too will inevitably skyrocket. The thought of safeguarding, managing, and maintaining exponentially growing amounts

0 1 4

KEVIN KLINE TECHNICAL EVANGELIST FOR DATABASES SOLARWINDS

of data can cost IT teams many sleepless nights. To make matters worse, today’s digital ecosystems are more complicated, distributed, and disparate than ever before. However for the business, this is an unmissable opportunity. Data underpins everything from business transactions and system performance to threat detection, service delivery and beyond. It’s a treasure trove of information that can guide strategic decision making, promote customer centricity, and yield better outcomes across the enterprise. This is why databases are critical to managing a successful IT department – and it’s time to discard the widespread industry’s perception of them as an unknowable black box. To be sure, databases represent the most difficult component of the

IT ecosystems to observe, tune, manage, and scale. But the database isn’t a Magic 8 ball in terms of its internal processes, we no longer have to shake the mystery toy and accept one of the six answers it’s designed to spit out. The fact of the matter is that database specialists and IT teams need a clear view of database performance telemetry if they want any hope of maintaining the health, stability, and scalability of their services. A TRANSFORMATIVE ROLE

This is where observability tools can play a transformative role. Taking its cues from the allseeing Panopticon watchtower, observability eliminates the dark corners of the database dungeon by providing a comprehensive view across the full cloud-native, on-premises, and hybrid technology stacks. The word ‘panopticon’, is derived from the Greek word panoptes, or “all-seeing.” The Panopticon model features a central, lighted guard tower at the center of a circular room — allowing 360-degree lines of sight that allow the guards to observe every surrounding cell from a single, centralised vantage point. English philosopher Jeremy Bentham had no way of foreseeing the challenges of today’s database professionals when he first conceived of the Panopticon in the 1700s. The concept would lay the blueprint for a prison system designed around one core concept: enabling the minimum number of guards to effectively monitor the maximum number of inmates. Bentham’s system also works as a strategy for ensuring the health and performance of your organisation’s critical databases. The Panopticon was designed so that every cell could be

monitored from one central point – ensuring not only better and more straightforward security, but preserving resources in saved time, manpower, and effort expended. Think of your ITOps, database, DataOps, and DevOps teams as the wardens of your IT performance. Traditional monitoring can be likened to patrolling a traditional prison: rows of cells facing out into a hallway that is patrolled on a schedule or used to spot and address misbehaviour as it’s noticed. How can they be sure they’re focusing their efforts in the right place? Or trust that Cell Block A won’t stage a breakout while they’re breaking up an argument in Cell Block B? In short: they can’t. Odds are, the team is either running from outage to outage in an everlasting fire-fighting mode or relying on random spot checks for something as vital as the health of our IT systems. GIVING TEAMS AN ADVANTAGE

Observability, as opposed to monitoring, puts teams into that central Panopticon watchtower, allowing them to not just see everything, but to see it within the context of the bigger picture. This comprehensive visibility and always-on observation enables IT teams to identify critical issues as they occur, even those caused by complex dependencies between the database, operating system, storage subsystem, and network. Furthermore, database performance issues are a starting gun for costly bottlenecks or

Getty Images

12 | 2023

WITHOUT COMPLETE AND PRECISE DATABASE MONITORING AND OBSERVABILITY, IT OPERATIONS STRUGGLE TO ACCURATELY DETERMINE AN APPLICATION’S ROOT CAUSE OF PERFORMANCE ISSUES

serious outages that can handcuff your company’s ability to compete or grow. Without complete and precise database monitoring and observability, IT operations struggle to accurately determine an application’s root cause of performance issues. This increases the risk of downtime, data loss, and poor customer experiences. Discovering the root cause of performance issues is quite literally a system-critical undertaking, whether you’re simply running your enterprise, scaling your operations, or deploying new code. Observability also offers teams the rare opportunity to get ahead of performance issues, since you can see performance anomalies in advance of a service disruption, rather than relying on real-time remediation.

“OBSERVABILITY, AS OPPOSED TO MONITORING, PUTS TEAMS INTO THAT CENTRAL PANOPTICON WATCHTOWER, ALLOWING THEM TO NOT JUST SEE EVERYTHING, BUT TO SEE IT WITHIN THE CONTEXT OF THE BIGGER PICTURE.”

With traditional methods, DevOps and IT teams must manually analyse the data presented to them, correlate it to the problem, and locate the error before they can finally begin addressing it. In contrast, observability collects data to provide information on what’s not performing as expected and why. This allows teams to take a proactive approach to not only solving downtime and bottlenecks – but proactively preventing them. In the software world, that translates directly to more time spent where it matters: developing new business value within your applications and infrastructures, fueling innovation, and exceeding customer expectations. Given how complicated the modern database has – and continues to – become, arming your enterprise with the right observability solutions can provide a boost to efficiency and performance and pardon your teams from a sentence to timeconsuming, mundane, and error-prone work. 0 1 5

THE FEED

A WIN-WIN SITUATION Not just price, performance is also paramount for UAE retailers to benefit from the holiday shopping season

1,000 in the UAE, exploring online shopping intentions this holiday season. The research found that 70 per cent of UAE consumers expected to do more of their holiday shopping online (through applications and digital services) this White Friday and Cyber Monday compared to last year, a figure that was second amongst all the countries surveyed. But UAE retailers be warned. Aiming to compete on price alone isn’t sufficient to maximise opportunities during the holiday shopping season. Our research revealed that online shoppers want more than great prices – they also want brands to provide them with brilliant, seamless digital experiences when they’re using apps and digital services. In fact, even if prices are low, they will still turn their backs on brands that don’t ensure their applications perform properly.

Getty Images

CONSUMERS ARE TURNING TO APPLICATIONS

he year 2023 has been a challenging one for the retail sector. Inflationary pressures, a rising cost of living and geopolitical issues, have taken their toll on consumer confidence, leaving the majority (79 per cent) of regional consumers concerned about their finances. It should come as no surprise then 0 1 6

that amid ongoing economic uncertainty and tempered consumer spending, the end-ofyear holiday shopping season is becoming increasingly important to both consumers and retailers. This is evidenced in the latest Cisco AppDynamics research in which we surveyed over 12,000 global consumers, including

Encouragingly, for retailers that have invested in developing their online presence, the research indicates that consumers will be spending more of their holiday season budgets online than in previous years. On average, 61 per cent of spending by people in the UAE on White Friday and Cyber Monday was done online last year versus in-store; this year, consumers expected this figure to jump to 68 per cent. The biggest driver for this shift is the fact that consumers believe that they can find cheaper prices and greater choices online. This aligns with the findings of the PwC report, which highlighted that close to half (44 per cent) of Middle East consumers are using comparison sites to face rising prices. After all, shifting to online shopping affords a more quick and convenient cost and value comparison experience. With growing numbers of people being impacted by rising costs of living,

12 | 2023

consumers are having to stick to tight budgets this holiday season, and they’re determined to find the best deals to make their money go further. But it isn’t just price that sets the precedent. There are other reasons why we’ll see a major uplift in online spending this year – a little more than half (52 per cent) of UAE consumers stated that they will be doing more online shopping because they get more choices online than in stores, while 33 per cent said that they simply won’t have time for big shopping trips this year. All this bodes well for online retailers in the Emirates. But if they are to take advantage of this enormous opportunity, market leaders will be rolling out inventive and compelling pricing strategies to attract new customers to their applications and optimise their conversion rates. They must recognise, however, that price alone will not be enough to engage new customers and boost sales. No doubt, the price will continue to be critical. But increasingly, application performance is becoming paramount to capitalising on the UAE’s growing preference for online retail. APPLICATION EXPERIENCES MATTER

It doesn’t matter whether they’re buying gifts for their loved ones, household essentials, or treating themselves to new clothes and devices — the fact is that UAE consumers now expect a worldclass digital experience every time they use a retail application or digital service. They are after all a demographic that has for years now had one of the highest

GREGG OSTROWSKI CTO ADVISOR CISCO APPDYNAMICS

68 PER CENT OF UAE CONSUMERS STATE THAT IT DOESN’T MATTER HOW GOOD THE DEALS ARE THAT RETAILERS ARE OFFERING, THERE IS STILL NO EXCUSE FOR POOR ONLINE SHOPPING EXPERIENCES

penetrations of smartphones in the world and are therefore accustomed to having everything, instantly, at their fingertips. And especially in recent years, we as consumers have all become far more sophisticated in our use of applications — we’ve seen firsthand the incredible digital experiences that some brands are now providing, and we see no excuse for others to fall below this mark. In fact, for many people, poor application performance is now a dealbreaker – 68 per cent of UAE consumers state that it doesn’t matter how good the deals are that retailers are offering, there is still no excuse for poor online shopping experiences. The list of factors that could lead to frustration for online shoppers is long and varied — it could be slow loading pages, issues with payment processing, service unavailability, or application crashes. But while retailers may struggle to pinpoint the cause, they can be certain of the outcome — customers simply won’t forgive any brand whose application lets them down. In the UAE, (72 per cent) of consumers, the highest percentage globally, report that retail brands will have just one chance to impress them over the holiday period and if their digital service or application does not perform well, they won’t use it again. This makes it abundantly clear that retail leaders simply cannot afford to be complacent when it comes to application availability and performance. The slightest slip up and shoppers will vote with their feet, irrespective of how attractive a brand’s prices might be.

“IT IS NOW CRITICAL FOR ORGANISATIONS TO ENSURE THAT THEIR APPLICATIONS ARE OPERATING AT PEAK PERFORMANCE AT ALL TIMES, IRRESPECTIVE OF THE TIME OF YEAR.”

TECHNOLOGISTS NEED THE RIGHT TOOLS TO KEEP SHOPPERS HAPPY

It is now critical for organisations to ensure that their applications are operating at peak performance at all times, irrespective of the time of year. But for retailers, the stakes are raised during the holiday season, when customer emotions are running high and there are huge spikes in demand for applications and the supporting infrastructure. This high-pressure scenario is made more challenging by the fact that delivering seamless digital experiences is becoming ever more challenging for IT teams. Widespread adoption of cloud native technologies has left technologists managing an ever more complex and fragmented hybrid application environment, and many don’t have visibility into Kubernetes environments. This is making it incredibly difficult for IT teams to identify, understand and resolve issues before they affect end-user experience. If retailers hope to remain competitive through the ongoing shift towards more online shopping, they must work to equip their IT teams with the tools, skills and working structures needed to manage availability and performance within modern application environments. This means implementing application observability, to ensure their technologists have unified visibility across the entire application landscape, and fostering greater collaboration between IT teams, so that all technologists are working together to achieve a shared vision and common goals. UAE retailers have an unprecedented opportunity to attract new customers and ramp up sales over the coming weeks. But only those that combine market leading prices with worldclass digital experiences will be able to take full advantage. 0 1 7

THE FEED

TRANSFORMING CX WITH AI An AI-powered customer experience is the shining castle on the hill. And it is finally within our grasp

Getty Images

nce we all started living digitally, it was only a matter of time before market trends reflected the flexibility of the ecommerce world. Just as orders can be fulfilled in a fraction of the time, so can consumer tastes twist and turn in the breeze. If a competitor finds a way to give same-day delivery, so must you. If a competitor offers buy-now-pay-later (BNPL), so must you. The same applies to engagement channels and customer experiences of all types. In a survey of 13,000 consumers across Europe, the Middle East, and Africa (EMEA), ServiceNow

0 1 8

ALI KADDOURA COUNTRY MANAGER UAE, SERVICENOW

and Opinium found that shoppers are prioritising experience more and more. Seventy-nine per cent of UAE consumers expected brands to know their purchasing habits and 91 per cent wanted this individualisation reflected in the discounts they were offered. Privacy also loomed large as almost all (93 per cent) of consumers in the Emirates agreed that a good level of security for personal data would be a prerequisite. But regional shoppers haven’t forgotten about price, 37 per cent indicated they would switch brands for a better deal.

The total of all this is a UAE consumer base that is, on average, 91 per cent less loyal to brands than it was two years ago — a whopping 15 percentage points higher than the EMEA average. A change of this magnitude is a cry for back-to-the-drawing-board thinking. Something must be done if your organisation is to remain relevant. But what? An organisational reshuffle? Territorial expansion? Rebranding? Here, I shall argue that it is none of these. I submit that the answer is good old seamless service and rapid results — a customer experience that can deliver the transition from “Meh” to “Wow”. CASTLE ON A HILL

Our EMEA research could not be clearer on one point. Almost all UAE customers (94 per cent) told our researchers that they gravitate towards businesses that can resolve their issues quickly and efficiently. If you are thinking that sounds like a job for a technology platform, you would not be alone. For almost two decades, the region has been investigating ways of using tech to do more with less – less resources, less human capital, and less training. And while many technologies have risen up to fill that void, the roundest of all pegs is AI. An AI-powered customer experience is the shining castle on the hill. And it is finally within our grasp. Think about what customers have always wanted – a frictionless journey from initial engagement to after-sales service. AI can automate processes, minimise repetition, and reduce complexity. And it can immensely improve the employee experience, taking over tasks such as email composition and data gathering. Before we get too carried away with supplanting our human workforce, we should note that many modern customers do not crave a 100 per cent automated experience. Our research found

12 | 2023

Getty Images

which will lead to fewer tickets raised with the helpdesk and a lower burden on the admin team. With issues resolved before they even occur, financial institutions enjoy significantly streamlined operations. Artificial intelligence and its subsidiaries – like naturallanguage-processing, robotic process automation (RPA), and advanced analytics – are generalised enough to find homes in almost any business use case. However, solutions will vary with those use cases, so organisations should take care to explicitly establish what problem is being solved and then select the right AI to solve it rather than being dazzled by a specific technology and adopting it for novelty’s sake. Pick the right partner, and draw up a plan that makes sense to the business, its ambitions, its regulatory obligations, and its ESG and ethical visions.

you can hurt your brand by withholding the option for one-toone human interaction. More than one in three EMEA respondents (37 per cent) respondents fall into this category, so we must allow for human-AI balance. And a separate study by IPA Research shows almost three in four consumers want to know when they are dealing with AI. The AI-human combo is a tempting one, but we must walk a tricky line to have it translate into a delightful customer experience. Automate where appropriate, allow for interaction with human agents when requested, and be open about the choice with your customers. Tell them if they are conversing with a bot and let them know about any data being used in the process. AI FOR ALL

We have all been consumers, so the journey is easy to visualise. We can visualise the bad examples because we have been through them, and we can visualise the good ones, even if we have not encountered them yet. Virtual agents are the gatekeepers. They point us to the right products, answer common questions,

THE FUTURE IS YOURS

THE AI-HUMAN COMBO IS A TEMPTING ONE, BUT WE MUST WALK A TRICKY LINE TO HAVE IT TRANSLATE INTO A DELIGHTFUL CUSTOMER EXPERIENCE

and facilitate many workflows. But that is just the beginning. Any business you can imagine in any industry you have ever heard of can reap bountiful boons from AI when it is introduced to its customer experience – predictive maintenance, automatic contract creation, advanced analytics, and more. Across the region, we frequently hear of the advancements in the FSI sector brought about by AI. Access to systems can be automated, especially as FSI human agents commonly access some systems only once a month. Virtual assistants can guide them,

Any strategy should start with data. What data is available internally will dictate the limits of use cases. Your AI partner can then guide you in ensuring your data is accurate, accessible, and conforms to ethical contours – by being free of bias, for example. They can ensure you are taking a step to reduce complexity, rather than adding more of it. They can advise on cybersecurity provisions that reduce risk. Through collaboration with your technology partner, you will have laid the foundation for all the items on the regional consumer’s wish list — speed, accuracy, security, choice, individualisation, and a dozen things today’s shoppers have yet to ask for. Holistic, connected systems that futureproof your enterprise while delighting the customers of today and the employees that serve them – with the right vision, and will, this can be yours. 0 1 9

THE FEED

THE THREATS THAT LIE AHEAD IN 2024 The availability and ease of use of advanced large language models have opened a new era for cybercriminals, eliminating the need for extensive expertise, time and resources

t seems not that long ago that if you noticed someone having a full-fledged conversation with their phone, you would have approached them with caution. As we ring in 2024, this seems normal. Artificial intelligence (AI) has been everywhere for a while, but now everybody notices it, everybody plays with it, and almost everybody trusts it. And in many ways, across many use cases, that trust is appropriate. AI has earned its stripes. But in one area – one dark alleyway of concern – we must be cautious of AI. The cyberthreat actor is using it, and using it effectively. What follows are just some of the ways this is happening. UNDERGROUND DEVELOPMENT OF MALICIOUS LLMS

Recent advancements in AI have given rise to large language models (LLMs) capable of generating human-like text. While LLMs exhibit remarkable technological potential for positive applications, their dualuse nature also makes them vulnerable to malicious exploitation. One significant security concern associated with LLMs lies in their potential misuse by cybercriminals for large-scale attacks. Leading LLMs such as GPT-4, Claude and PaLM2 have achieved unparalleled capabilities in generating coherent text, answering intricate queries, problem-solving, coding, and 0 2 0

SHYAVA TRIPATHI, AJEETH S AND RAFAEL PENA RESEARCH SCIENTISTS TRELLIX ADVANCED RESEARCH CENTER

numerous other natural language tasks. The availability and ease of use of these advanced LLMs have opened a new era for cybercriminals. Unlike earlier, less sophisticated AI systems, today’s LLMs offer a potent and cost-effective tool for hackers, eliminating the need for extensive expertise, time, and resources. And this value has not been lost on the cybercriminal underground. Setting up the infrastructure for large-scale phishing campaigns has become cheaper and more accessible, even for individuals with limited technical skills. Tools such as FraudGPT and WormGPT are already prominent in cybercriminal networks. Popular darknet forums today often serve as platforms for the coordinated development of phishing emails, counterfeit webpages, as well as the creation of malware and vulnerabilities designed to evade detection to thousands of users already. These LLM applications can assist in mitigating considerable challenges encountered by cybercriminals, and we expect the development and malicious usage of these tools to accelerate in 2024. THE RESURRECTION OF SCRIPT KIDDIES

The availability of free and opensource software is what originally led to the rise of those known as ‘Script Kiddies’, individuals with little to no technical expertise using pre-existing automated

tools or scripts to launch cyberattacks. Though they are sometimes dismissed as unskilled amateurs or Blackhat wannabes – the growing availability of advanced generative AI tools, and their potential for malicious malware usage, means Script Kiddies pose a significant and growing threat to the market. The internet is now filled with tools that use AI to make people’s lives easier, from creating presentations, generating voice notes, writing argumentative papers, and much more. Many of the best-known tools like ChatGPT, Bard, or Perplexity AI come with security mechanisms to prevent them from writing malicious code. This is not the case for all AI tools available on the market however, especially the ones being developed on the dark web. It is only a matter of time until cybercriminals have access to an unrestricted generative AI that can write malicious codes, create deepfake videos, assist with social engineering schemes and more. This will make it easier than ever for unskilled actors to execute sophisticated attacks at scale. Furthermore, widespread leveraging of such tools to exploit vulnerabilities will make root cause analysis of attacks more challenging for defenders. We consider this to be an area to monitor carefully in 2024. AI-GENERATED VOICE SCAMS FOR SOCIAL ENGINEERING

The rise of scams involving AI-generated voices is a concerning trend that is set to grow in the coming year, posing significant risks to individuals and organisations. These scams often involve social engineering tactics, where scammers use psychological manipulation techniques to deceive individuals into taking specific actions, such as disclosing personal

Getty Images

12 | 2023

information or executing financial transactions. AI-generated voices play a crucial role in this, as they can instill trust and urgency in victims, making them more susceptible to manipulation. Recent advancements in artificial intelligence have greatly improved the quality of AI-generated voices. They can now closely mimic human speech patterns and nuances, making it increasingly difficult to differentiate between real and fake voices. Furthermore, the accessibility and affordability of AI-voice generation tools have democratsed their use. Even individuals without technical expertise can easily employ these tools to create convincing artificial voices, empowering scammers.

THE INCREASING AUTHENTICITY OF AI VOICES MAKES IT DIFFICULT FOR VICTIMS TO DISTINGUISH BETWEEN GENUINE AND FRAUDULENT COMMUNICATIONS

Scalability is another key factor. Scammers can leverage AI-generated voices to automate and amplify their fraudulent activities. They can target numerous potential victims simultaneously with personalised voice messages or calls, increasing their reach and effectiveness. Detecting AI-generated voices in real-time is a significant challenge, particularly for individuals who are not familiar with the technology. The increasing authenticity of AI voices makes it difficult for victims to distinguish between genuine and fraudulent communications. Additionally, these scams are not limited by language barriers, allowing scammers to target victims across diverse geographic regions and linguistic backgrounds.

Phishing and vishing attacks are both on the rise. It’s only a logical next step that as the technology for AI-generated voices improves, threat actors will leverage these applications with victims on live phone calls – impersonating legitimate entities to amplify the effectiveness of their scams. WATCH YOUR BACK

We need to be ready. By all means, use ChatGPT to research markets. Feel free to ask Google Bard about the solar system. But remember that similar AI – raw and powerful without the commercial veneer – is at the beck and call of insidious commanders who will use it to harm you, your family, your community, your economy, and your future. 0 2 1

THE FEED

Getty Images

trend. See for example the government programmes such as the UAE’s Operation 300bn that seeks to diversify economies by strengthening their industrial sectors. In 2021, Gartner estimated that by 2025, tragic fatalities resulting from cyberattacks will have cost victims’ communities $50bn, all because of the weaponisation of OT systems. So, if the region is to prosper from more connected environments and the benefits they bring, organisations that run critical infrastructure, including hospitals, need to put in the place the security technologies, skills and policies to ensure such tragic incidents can never happen here.

ON THE HUNT FOR KILLWARE A potentially fatal cyberthreat is facing critical infrastructure

n the cybersecurity community, we routinely highlight the impact of threat actors’ nefarious activities, often talking in terms of financial costs, operational downtime, and damaged brand reputations. But in recent years a new type of cyber weapon has emerged, known as killware. Some security researchers define killware by its intent, malicious payloads that target critical infrastructure or operational technology (OT) and are designed to cause harm. Others base the definition on the attack’s outcome. This is because in an increasingly cyber-physical world, the risk to human life may be an unfortunate side effect of any number of threats, including ransomware. Actual examples of killware are rare, but two examples from the last five years show how easy it could be for malicious activity to spill over into killware. In 0 2 2

VISHAL PALA SENIOR SOLUTIONS ENGINEER - META BARRACUDA

2017, Triton malware was found on the operational technology systems of a petrochemical facility. It was designed to disable the safety systems put in place to shut down the plant in case of a hazardous event. In 2022, an attack on a software supplier to the UK’s National Health Service caused widespread outages across the NHS affecting patient referrals, ambulance dispatch, out-of-hours appointment bookings, mental health services, and emergency prescriptions. Both incidents could have had fatal results. Just imagine the potential impact of a malware attack that disrupted or disabled smart city traffic signals, air traffic control, autonomous vehicles, connected hospitals, water supplies, critical power systems, and more. OT and IT continue to merge in an increasingly digital, connected landscape. The Middle East is no exception to this

SWORDS AND STACKS

The rise of the internet of things (IoT) has been a double-edged sword for the region’s growing industrial sectors. On the one hand, it has opened the door to new use cases, especially since the rollout of 5G. On the other hand, it has forced air-gapped OT systems online and exposed them to the outside world. This has significantly extended the potential attack surface. The skills needed to understand both industrial control systems, OT and modern IT environments are rare. And even rarer are the skills that can grasp what it takes to protect everything. The UAE alone has a cybersecurity skills shortage of nearly 32,000 people. Let’s start with inventory. Audit your factories, offices, warehouses, and field equipment. Anything that connects to the network should be on the triage list and part of the patchmanagement strategy. Connected OT assets should be monitored constantly for anomalies, just as IT assets would be. Institute policies that prohibit rogue IoT devices like smart appliances from connecting to the network.

12 | 2023

THE UAE ALONE HAS A CYBERSECURITY SKILLS SHORTAGE OF NEARLY

32,000 PEOPLE

Shut down any connections that involve unused or unmanaged devices. Next comes segmentation. Remember that threat actors enter at the weakest point and shuffle laterally across systems and accounts until they reach the crown jewels. Ensure that IoT and OT devices are separated from critical systems and data to frustrate lateral movement. Segmented networks are a best-practice standard. Regional industrial organisations must now adopt this standard as a matter of course to stop threat actors from deploying potential killware. PASSWORDS AND PEOPLE

Getty Images

Now we must think about how sessions (the periods when employees or malicious actors access critical systems) are initiated. Session security at its most

basic level calls for strong, frequently changed passwords. Such policies must govern every device from the moment it is deployed. There are different password policies out there. Select the one that makes the most sense for your organisation and enforce it consistently. Implement multi-factor authentication (MFA) on each device wherever possible and, if practicable, procure tamper-proof devices that support secure firmware and software updates. You can even automate the secure deployment of devices using an appropriate security platform. Do not overlook the importance of culture. A security-conscious workforce is by far your most powerful weapon against killware. Your employees should ideally use complex passwords and MFA. Establish an access principle of least privilege, where employees receive only the access rights they need to do their jobs effectively. This culture comes through training, monitoring, encouragement, and regular updates. Including a sec-

tion on essential cyber hygiene in the employee handbook is not sufficient. Unfortunately, no matter how well trained your workforce is and regardless of how segmented and welldesigned your infrastructure is, sophisticated threat actors may find a way through. If that happens, you cannot afford to play it by ear. The threat could potentially be killware, and if you operate critical machinery that could become a lethal weapon in the wrong hands. REPELLING INTRUDERS

First, take all OT devices offline. Attackers may be stopped in their tracks. And if the attacker has tracked mud but has not yet struck a match then there may be time to stop the malware from executing if any connected devices are removed from the equation. Once OT devices have been isolated, return them to factory settings to prevent immediate repeat incursions once they are reintroduced to the network. Review the incident. Make sure you know where the point of failure was and how it can be remedied to bolster defences. Contact the manufacturer of any affected OT devices and report the incident. Enlist the manufacturer’s help in patching the device or in understanding what may have caused it to become the point of failure. Perhaps a misconfigured account or a vulnerability elsewhere allowed malware to masquerade as a trusted process. Killware may not always result in death but when cybersecurity professionals discuss risk, it does not get more urgent than this. As the region builds knowledge-based sustainable futures, its public and private sector enterprises must contemplate the potential of a threat actor with the intent to inflict physical harm. 0 2 3

STORY

COVER

FOLD.

UNFOLD. 0 2 4

SUCCEED.

LAUNCHING A NEW SERIES OF ITS FIND N3 FOLDABLE AND FLIP SMARTPHONES IN THE UAE, GLOBAL TECHNOLOGY BRAND OPPO IS LOOKING TO FURTHER EXPAND UPON ITS MARKET SHARE IN THE REGION. CHI ZHOU, PRESIDENT - OPPO MEA, SPEAKS TO GULF BUSINESS ABOUT HIS COMPANY’S INCREASING GROWTH IN THE GCC. ALSO, ARNE HERKELMANN, HEAD OF PRODUCT MANAGEMENT AT OPPO, AND LUCY AZIZ, HEAD OF PR AND COMMUNICATION AT OPPO GCC, DIVE INTO THE KEY FOCUS AREAS OF THEIR LATEST FLAGSHIP DEVICES WORDS GARETH VAN ZYL WITH KUDAKWASHE MUZORIWA 0 2 5

STORY

COVER

Find N3 Boundless View Two-app

martphone pioneer OPPO launched its new Find N3 Fold and Find N3 Flip smartphones in the UAE on November 16, with a range of stakeholders attending its launch event in Dubai. The launch marked a major next milestone in an evolution for OPPO in the Middle East and Africa (MEA). OPPO first opened a regional office in Egypt in 2015, and, since then, the company has strategically expanded with a physical presence in more than 13 markets, including Saudi Arabia, Oman, Kuwait, the UAE, and Qatar, among many others. When it first entered the region, the smartphone market here was primarily dominated by a handful of incumbent players. But over the years, OPPO has been able to progressively and successfully gain greater adoption levels. “In recent years, our market share has experienced significant growth. According to the latest Canalys report, we achieved an impressive 11 per cent year-on-year increase in Q2 2023 within the UAE market,” Chi Zhou, President, OPPO MEA, told Gulf Business. Looking at the Canalys report also reveals that OPPO is now among the top five smartphone vendors in the Middle East and the only one of this top group to be growing in the market, especially since 2021. A key part of OPPO’s strategy to increase its market share in the region revolves around its diversified approach, says Zhou. “ We introduced a wide range of products to cater to different market segments. For instance, our Reno series was designed with young, urban, and stylish customers in mind – individuals who prioritise top-notch photography experiences. On Chi Zhou, president, the other hand, our premium Find N series was OPPO MEA developed to cater to tech enthusiasts who are constantly seeking the latest innovations in the market,” says Zhou.

We work closely with retail partners to understand their evolving consumer demographic, ensuring that we cater specifically for OPPO’s local consumer and their smartphone desires and requirements.”

0 2 6

Pics: Supplied

TARGETED ‘GLOCALISATION’ But it’s not just the sheer range of products that OPPO has under its wings, but also its ability to connect with consumers on the ground by localising its channel and marketing approach. Zhou calls this the “glocalisation” of the brand.

GULF BUSINESS TECH

“We work closely with retail partners to understand their evolving consumer demographic, ensuring that we cater specifically for OPPO’s local consumer and their smartphone desires and requirements,” Zhou tells us. This further extends in the way that they market to these demographics as well. “We create social media content specifically crafted for Arabic-speaking audiences and frequently collaborate with well-known Arab influencers, allowing us to reach a wider audience and build trust within the community. Moreover, we strategically launch promotions and exclusive offers during significant cultural events such as Ramadan and Eid,” Zhou adds.

UAE’S KEY ROLE While Saudi Arabia remains the biggest smart device market in the region, the UAE has become a highly developed launchpad from which OPPO can branch out to the region. In fact, OPPO’s UAE office today acts as a primary location for the phone maker in MENA. “Aside from the more obvious strengths such as easy access to some of the world’s fastest-growing markets, political stability and investment friendly policies, the UAE has some of the highest internet penetration in the world as well as accelerated 5G expansion,” says Zhou. Zhou notes that the 96 per cent internet usage rate in the UAE also illustrates just how pivotal this market is for smart device brands. Then there’s the geographical positioning of the country, which further adds to its attractiveness. “It gives us unique access to networks and partnerships that we don’t see in other regions, and the UAE is nuanced in its population, consumer consumption and perfect balance between cultural sensitivity and understanding. It

is a wonderfully dynamic country that allows brands like OPPO to thrive and go on to do the same in neighbouring countries,” he adds.

LAUNCH OF FIND N3 SERIES A string of foldable phones burst onto the scene at the 2019 Mobile World Congress (MWC). At the time, there was an arms race to be bigger and better in this category. Then 2020 rolled around and Covid-19 disrupted global markets. In 2021, OPPO would launch its first foldable device, the OPPO Find N. This would be followed by the N2, which would win wide acclaim for its hinge technology, which allows for the phones to fold completely flat without a gap — all while not leaving a harsh crease on the screen. This is a philosophy that OPPO has continued with its new Find N3 series.

UNVEILING THE OPPO FIND N3 SERIES: A LEAP FORWARD IN FOLDABLE TECH In conversation with Arne Herkelmann, head of product management at OPPO, Gulf Business gained valuable insights into the thinking behind the latest additions to OPPO’s new smartphone lineup— the Find N3 and Find N3 Flip series. The focus for OPPO has been on affordability without compromising on innovation, according to Herkelmann. Listed below are some of the key takeaways from Herkelmann on the types of experiences that they’re trying to recreate.

COMPACT DESIGN, EXPANSIVE EXPERIENCE

Arne Herkelmann, head of Product Management,OPPO

The OPPO Find N3 series builds upon the success of its predecessors. The Find N3, in particular, maintains a compact and easily portable form factor while delivering an expansive tablet-like experience when unfolded. The larger screen of the Find N3 allows users to engage in multitasking seamlessly, setting it apart from its predecessors. Meanwhile, the Find N3 flip is also compact, allowing it to be easily stored away in a smaller form factor and unfolded when needed.

REVOLUTIONISING THE USER EXPERIENCE WITH BONUS VIEW

Find N3 Taskbar

One of the standout features highlighted with the Find N3 is the boundless view technology. Unlike previous models where running two apps side by side meant sharing the screen real estate, boundless view enables users to utilise the full 7.8-inch display simultaneously for multiple applications. “We are redefining how you can use your phone. So the whole system design has been created for the phone. And we 0 2 7

STORY

COVER

user the ability, for example, to quickly check a document while searching for something on Google — all at the same time,” adds Herkelmann.

CAMERA INNOVATION

Hasselblad portrait mode

Ultra-wide

OPPO’s commitment to camera innovation is evident in both the Find N3 and Find N3 Flip models. The Find N3 series boasts the best cameras in its category, featuring a brand-new camera sensor for the main camera that competes with flagship non-foldable devices. It also leverages the Hasselblad Portrait Mode, ensuring that photos are picture-perfect. The Find N3 also introduces a telephoto camera in its flip format, eliminating the need for users to compromise on camera performance.

BATTERY CHARGING EFFICIENCY Despite the slim profile of the Find N3, OPPO has managed to incorporate a dual-battery system, ensuring a thin yet powerful device. The dualbattery setup enables users to enjoy a full day of usage, even under heavy stress. Additionally, Flexform capture the Find N3 supports OPPO’s 67-watt SuperVOOC charging technology, allowing users to recharge are also allowing multitasking on another level, where we their devices rapidly. are making it easier to use multiple apps and to be more Not only does this allow for faster charging, but productive or more entertained with one device,” says also a longer-lasting battery life, which helps to Herkelmann. further extend the lifespan of the new N3 device series. In turn, this helps OPPO drive home its STANDOUT HINGE DESIGN commitment to being eco-friendly. Addressing a common concern with foldable devices, OPPO “With our SuperVOOC charge charging, we has also evolved its proprietary hinge design, which is a support more than 1600 charging cycles, which key component contributing to the durability is double what the industry offers. This allows for the phones to work optiand flexibility of the Find N3 series. The hinge on mally for at least four years, thereby both the Find N3 and Find N3 Flip is protected by ensuring the increased durability and patents, and allows the display to stretch without sustainability of the phones itself,” says the creases that often accompany foldable Lucy Aziz, Head of PR and Communicascreens. It has undergone rigorous testing, tion at OPPO GCC. proving its longevity with the ability to fold the device millions of times without issues. “On another hand, we also are doing some initiatives to reduce the amount of “We have our own custom hinge design which plastic in our products. So from 2023, in is patent protected. This helps OPPO ensure that the whole of Europe, all the packaging the display on the N3 series doesn’t have a sharp Lucy Aziz, head of PR we’re using on our devices is 100 prer fold in the middle of it, because it’s getting flatter and Communication, OPPO GCC cent recyclable. Furthermore, at the end when you fold it open,” says Herkelmann. of 2022, we also had another initiative to GOLDEN ASPECT RATIO reduce the amount of gas emissions coming out The OPPO Find N3 Fold adopts the golden aspect ratio from our operations. So, OPPO is taking a greener for its displays, striking a balance between compactness planet very seriously,” she adds. and usability. By extending the length of the screen while The OPPO Find N3 series emerges as a keeping the width of the device compact, OPPO achieves a compelling option for those seeking an affordable 20:9 aspect ratio, providing users with a familiar feel when yet feature-rich foldable device range, which will, the device is closed. This design choice ensures that users no doubt, further help it to extend its share in the can transition between a compact form and a larger screen local market. for enhanced functionality without sacrificing usability. It officially hit shelves on 23 November in the “With the N3 Fold, users can easily run two documents UAE, and is available from all major phone and side by side in order to compare them. This gives the retail outlets. 0 2 8

GULF BUSINESS TECH

FIND N3 Weight: Glass edition: About 245g Leather edition: About 239g

Dolby Vision video Front: Max 4K/1080P/720P@30fps, default 1080P@30fps (beauty enabled)

Storage: RAM and ROM Capacities: 16GB + 512GB

Chips: CPU: Qualcomm Snapdragon® 8 Gen 2 Mobile Platform, Licensed by Qualcomm CPU Speed Cores: 8 cores GPU: Adreno™ 740 @680MHz

Display: Size: Main screen - 7.82 inches (diagonal), Cover screen - 6.31 inches (diagonal) Colour Depth: Main screen 1.07 billion colours (10-bit), Cover screen - 1.07 billion colours (10-bit)

Battery: Battery: 4805mAh Fast Charge: 67W SUPERVOOC 2.0, SUPERVOOC, VOOC 3.0, PD3.0 (9V/2A)

Camera: Rear: 48MP Main, 64MP 3x Telephoto, 16MP 6x Telephoto, 48MP Ultra-wide Front: 20MP Main screen, 32MP Cover screen Shooting Mode: Various modes including Photo, Video, Portrait, Night, and more

Biometrics: Fingerprint and Facial Recognition supported Connectivity: USB Interface: USB Type-C Earphone Jack: Type-C NFC: Supported

Video: Rear: 4K@60fps/30fps, EIS/OIS, Slow-motion mode, Movie mode, Time-lapse mode, Dual-view video,

Operating System: ColorOS 13.2

FIND N3 FLIP Weight: About 198g

Cover screen - 16.7 million colours (8-bit)

Slow-motion mode, Movie mode, Time-lapse mode

Storage: RAM and ROM Capacities: 12GB + 256GB

Cover Glasses: Main screen - SCHOTT UTG®, Cover screen - Corning® Gorilla® Glass Victus™

Chips: CPU: MediaTek Dimensity 9200, 8 cores GPU: ARM Immortalis-G715 MC11 @981MHz

Display: Size: Main screen - 6.8 inches (diagonal), Cover screen 3.26 inches (diagonal) Resolution: Main screen FHD (2520×1080), Cover screen - SD (720×382)

Camera: Rear: 50MP Main, 32MP Telephoto, 48MP Ultra-wide Front: 32MP Shooting Mode: Various modes including Night, Video, Photo, Portrait, and more

Colour Depth: Main screen - 1.07 billion colours (10-bit),

Video: Rear: 4K@30fps, EIS/OIS,

Battery: Battery: 4300mAh Fast Charge: 44W SUPERVOOC, VOOC 3.0, PD Biometrics: Fingerprint and Facial Recognition supported

Sensors: Various sensors including Geomagnetic, Light, Proximity, In-display optical, Acceleration, Gravity, Gyroscope, Step counting Connectivity: WLAN: 2.4GHz, 5GHz USB Interface: USB Type-C Earphone Jack: Type-C NFC: Supported Operating System: ColorOS 13.2

0 2 9

F E AT U R E S

Getty Images

V E R I TA S

NAVIGATING RISKS, BUILDING RESILIENCE FINANCIAL INSTITUTIONS CAN NAVIGATE REPUTATIONAL RISK, RANSOMWARE AND THE ‘OPERATIONAL RESILIENCE’ IMPERATIVE, SAYS MARK NUTT

identifiable data, and people’s savings and pensions, it is even more critical. Consideration of reputational risk is however, only one factor in the wider business imperative to ensure ‘operational resilience’.

What is operational resilience?

0 3 0

hether your source of news is FT, BBC or the Daily Mail, headlines of data related business outages, and associated credibility damage are on the rise. From data outages to increasingly audacious ransomware attacks on all levels of public and private organisations– data management has become a mainstream topic and highly visible. Today, data security, accessibility and management are the most significant aspects of reputational risk to any financial institution. For commercial and private banks, pension funds, insurance companies or any business with responsibility for secure stewardship of personal,

Operational resilience refers to the ability of businesses to prevent and recover from disruptions to their critical business operations. Strong operational and cyber resilience is essential for the stability and reliability of any business, as it ensures that organisations can continue providing essential services to their clients, even in the face of major disruptions. With increasingly prevalent combinations of on-premise and multi-cloud hybrid business critical operational data environments, comes an increased risk of disruption. Only a relatively small portion of workloads running critical workloads in public cloud today are designed this way. Many are simply legacy applications that have been “lifted and shifted” to the cloud meaning very few applications have

GULF BUSINESS TECH

Dealing with ransomware Early detection of ransomware will further secure an organisation, but only when combined with a comprehensive response plan that is regularly tested, rehearsed, and continually communicated to all stakeholders to ensure successful business resiliency. In terms of the potential stress testing of financial institutions, far too many of them have a combination of tools, solutions, and plans in place that don’t get tested. These then fail at the point of a breach. The key strategy is to invest in being able to test the plan on an ongoing basis. This isn’t a case of a ‘one-off’ – it should be a living process, capable of adapting to react to the rapidly shifting shape of the new cyber threats. To ensure successful operational resilience in the face of ransomware attacks, IT teams at financial institutions should: • Implement robust risk-management processes to identify and assess potential ransomware attacks and develop strategies to prevent or mitigate them. • Develop and regularly test contingency plans to ensure their business can continue providing essential services should an attack take place. • Invest in redundant and resilient IT systems to reduce the likelihood of disruptions following an attack and improve the business’s ability to recover from it. • Regularly train and re-train staff and all service-providing third parties on operational-resilience

AS CLOUD ADOPTION CONTINUES TO ACCELERATE, THE RISK OF THIS INCREASES, AND THE MODERN IT ORGANISATION NEEDS AN ELASTIC, SCALABLE, MULTI-CLOUD OPTIMISED PLATFORM TO AUTOMATICALLY MANAGE AND PROTECT ITS DATA EFFICIENTLY AND TRANSPARENTLY.”

Getty Images

built-in tolerance for a major outage, such as the loss of a complete availability zone. This topic is now the top priority for all our customers during my conversations with them. To achieve operational resiliency, IT teams at financial institutions must ask themselves two questions: First, how do we protect our data? And second, how do we detect preventable elements, like ransomware attacks, more effectively? While human error will always be a risk factor, all financial institutions must also face the simple truth: a ransomware attack will happen. As cloud adoption continues to accelerate, the risk of this increases, and the modern IT organisation needs an elastic, scalable, multi-cloud optimised platform to automatically manage and protect its data efficiently and transparently.

0 3 1

F E AT U R E S V E R I TA S

WITH INCREASING RELIANCE ON PUBLIC CLOUD SERVICES FOR BUSINESS-CRITICAL OPERATIONS, EXECUTIVES ALSO NEED TO BE CLEAR ON WHICH SECURITY CAPABILITIES ARE PROVIDED AS PART OF THEIR CLOUD SERVICE AGREEMENTS AND WHICH REMAIN THEIR OWN RESPONSIBILITY.”

procedures in the face of an attack. Too often, key outsourcing partners do not receive updates in critical communication procedures, in this regard. • Regularly rehearse the plan with drills and exercises to test IT cyber resilience processes and identify areas for improvement. These must be done with employees and service providers. Ensuring everyone knows the plan and their roles and responsibilities during an attack is the most regularly overlooked factor in operational resiliency creation. • Work closely with regulators and industry organisations to stay up to date on best practices and emerging threats.

AI can also take on some financial operations and make them autonomous, in some cases relieving skills gaps within over stretched IT departments. But AI isn’t the silver bullet: as financial institutions use it more, so do the criminals. This creates a never-ending battle and will be an ongoing challenge for finance professionals and IT teams in the coming years. The writer is the SVP - International, Veritas Technologies.

Who’s to blame Within organisations impacted by a ransomware attack, often there is a rush to attribute blame. Who’s responsible for this breach? Often blame is apportioned to the CIO or the CTO, and even CEOs are potentially accountable. Too often the root cause of operational resiliency breakdown is failure of communication. Either internally between business units or functional group, or more often where planned processes have not been sufficiently tested or updated with key IT outsourcers or service providers. With increasing reliance on public cloud services for business-critical operations, executives also need to be clear on which security capabilities are provided as part of their cloud service agreements and which remain their responsibility. In reality, all parties are somewhat to blame. So, in the face of cyber breach whether malicious or accidental, organisations need to act together as a team. Only by coming together, and everyone implementing a well-rehearsed recovery plan, can operational resiliency truly be maintained, business risk minimised, customer data and their precious savings or pensions be protected. As we look toward 2024, the financial landscape will be transformed as new technologies will come into play more. Artificial Intelligence (AI) is a gamechanger as it can already help the process via anomaly detection and malware screening. 0 3 2

TOO OFTEN THE ROOT CAUSE OF OPERATIONAL RESILIENCY BREAKDOWN IS ACTUALLY A

FAILURE OF COMMUNICATION

ARTIFICIAL INTELLIGENCE (AI) IS A GAME-CHANGER

AS IT CAN ALREADY HELP THE PROCESS VIA ANOMALY DETECTION AND MALWARE SCREENING

12 | 2023

INTERVIEW

HOW GENERATIVE AI CAN SUPPORT ENTERPRISE TECH We explore how generative AI tools can analyse purchase data to identify trends and patterns and inform business decisions and strategies

Q: SID BHATIA

What are the use cases for Gen AI in enterprises?

The technology has a wide range of applications in the business world, across REGIONAL VP AND all industries, and some of the use GENERAL MANAGER cases include: META DATAIKU • Product design: Create unique and one-of-a-kind designs for clothing and accessories. For example, fashion designers can use generative AI applications to generate various new patterns and styles, which can then be used to create new and innovative products. • Advertising: Leverage generative AI to create high-quality content for marketing and advertising purposes. For example, marketing teams can use a generative AI model to create a series of videos showcasing their products, which can then be used in online and social media campaigns to promote the company and its products. • Process efficiency: Improve the efficiency of business processes such as supply chain management and logistics. For example, businesses can use generative AI models to optimize delivery truck routing, making delivery times faster and more efficient. • Customer data: Extract deep insights from data, such as user behaviour, demand, and sales trends. For example, a company could use generative AI tools to analyse historical purchase data to identify trends and patterns. This could then be used to make informed business decisions and strategies.

What are the concerns associated with generative AI?

Generative AI, while offering numerous benefits in enterprise workflows, presents notable challenges and ethical concerns. One pressing issue is the potential for biases in generated content. These AI models can unintentionally perpetuate biases present in their training data, which might reinforce stereotypes and lead to ethical and legal dilemmas. Data privacy is another paramount concern. To operate effectively, generative AI often requires access to sensitive data. Ensuring stringent data security measures is imperative to guard against unauthorized access and data breaches, especially given the evolving landscape of data privacy regulations. The opacity of AI models poses transparency and explainability challenges. Many generative AI systems are complex and difficult to interpret, making it challenging to provide clear explanations for AI-generated content or decisions. Moreover, issues related to intellectual property rights and copyright can arise, as it may be unclear who owns and should be attributed to AI-generated content. Enterprises must navigate regulatory compliance hurdles, as different industries have specific regulations. Failure to adhere to these regulations can result in legal repercussions. Human oversight is crucial to detect errors and ensure ethical alignment. Additionally, organizations need to grapple with the ethical implications of using generative AI in various contexts, including fair outcomes, unintended consequences, and its impact on the workforce. To address these concerns, a responsible AI approach with clear guidelines and ethical boundaries is essential for leveraging generative AI effectively in enterprise operations. In light of these challenges, what measures are in place to ensure the security and compliance of generative AI systems

Several necessary measures can be put in place to solidify the security and ensure the compliance of generative AI. Most notably, these include: • Data governance: To ensure compliance, organisations must establish strong data governance practices, which include data classification, access controls, and encryption. This is a crucial step in protecting sensitive data used by generative AI systems. • Regular auditing and monitoring: Frequent audits and monitoring of AI systems can help identify any security vulnerabilities and ensure compliance with

“HUMAN OVERSIGHT IS CRUCIAL TO DETECT ERRORS AND ENSURE ETHICAL ALIGNMENT.” 0 3 3

INTERVIEW

industry regulations. This can involve tracking data usage, model behavior, and access patterns. • Explainability and interpretability: Simply ensuring that AI models are explainable. This is essential for compliance in many industries. Being able to explain how decisions are made by generative AI systems might seem obvious but is usually easier said than done. This is why explainability must be top of mind when building models around generative AI. • Adherence to industry standards: Depending on the industry, there may be specific standards and certifications (For example, ISO 27001) that organisations must follow to ensure security and compliance. Organisations must always be aware of any standards being set and/or modified in their industry. • Ethical AI governance: Implementing ethical AI governance practices, such as establishing ethics committees and conducting ethical impact assessments. This can help organisations address compliance and ethical concerns in a more organised and regulated manner. How should companies go about implementing Gen AI in the enterprise?

When looking to implement and scale Generative AI in the enterprise, organisations need to consider the “what” (use cases) and the “how” (pathways). In terms of the use cases, to ensure value, organisations must identify use cases up front, allowing both for mundane apps that optimise and tweak, and moonshots that transform the business (the all-knowing, oracular chatbot). Then there is the consideration around ‘how’ and ‘where’ organisations can do down one of four paths: Services, where the organisation can outsource development and deployment of a Gen-AI suite to a third party; Point solutions, where an enterprise can buy a Gen-AI application off-the-shelf; DIY, whereas the name suggests, the organisation can develop the internal AI and software capabilities to build solutions

“ENTERPRISE STAKEHOLDERS HAVE FULL CONTROL OVER THE AVAILABILITY OF THE SYSTEM. BUT WHILE COSTS MAY BE LOWER FOR THE LLM ITSELF, SETTING UP AND MAINTAINING ONE NECESSITATES THE ONBOARDING OF EXPENSIVE TALENT, SUCH AS DATA SCIENTISTS AND ENGINEERS.” 0 3 4

that make sense and align with the wider AI strategy; or finally Platform, market offerings that allow the business to build machine-learning and AI capabilities, including Gen AI, into their day-to-day operations. The platform approach is the best of all worlds – reduced entry-barriers, lower costs, faster time to value, easier maintenance, more audit options, better governance, and more. But to fulfill its potential, an AI platform requires an organisation-wide shift in mindset. Business leaders must be prepared to break down silos and move towards an Everyday AI culture where teams collaborate routinely, and value can be added repeatedly through brainstorming and rapid prototyping. A middle ground must be found between developmental autonomy and governance, so that employees feel empowered to add new value. How can enterprises seamlessly integrate Gen AI with their existing technology stack?

There are two main ways to accomplish this. The first would be APIs (application programming interfaces, which allow bespoke code to make calls to an external library at runtime) exposed by cloud-native services. The second would be self-managed open-source models. Providers like OpenAI, AWS, and GCP already provide public model-as-a-service APIs. They have low entry barriers and junior developers can get up to speed with their code frameworks within minutes. API models tend to be the largest and most sophisticated versions of LLM, allowing more sophisticated and accurate responses on a wider range of topics. However, the hosted nature of the API may mean that data residency and privacy problems arise – a significant issue for privately owned GCC companies when it comes to regulatory compliance. There are also cost premiums to an API, as well as the risk of a smaller provider going out of business and the API therefore no longer being operable. If we look at open source models, there is a wide range of such models, each of which can be run on premises or in the cloud. Enterprise stakeholders have full control over the availability of the system. But while costs may be lower for the LLM itself, setting up and maintaining one necessitates the onboarding of expensive talent, such as data scientists and engineers. In the end, different use cases within a single organisation may require different approaches. Some may end up using APIs for one use case and self-managed, open-source models for another. For each project, decision-makers must look at a range of factors. They must consider risk tolerance when using the technology for the first time, and so they must choose a business challenge where the department has a certain tolerance for such risk. Looking to apply LLM tech in an operations-critical area is ill-advised. Instead, look to provide a convenience or efficiency gain to a team. Finally, traditional NLP techniques that don’t rely on LLMs are widely available and can be well adapted to specific problems.

SPOTLIGHT INTERVIEW

THE SKY IS NOT THE LIMIT NIKHIL GOEL, CHIEF COMMERCIAL OFFICER OF ARCHER AVIATION, SHOWCASES HOW THE COMPANY IS LEVERAGING THE STRONG GLOBAL DEMAND AND ITS ROBUST ECOSYSTEM TO REVOLUTIONISE URBAN AIR MOBILITY How does an event like Dubai Airshow align with the company’s growth strategy and outlook? What did you showcase at the event?

Archer showcased its Midnight eVTOL (electric vertical takeoff and landing) aircraft at the Dubai Airshow. Beyond the opportunity to experience sitting in an electric air taxi, the show also provided us with an unprecedented opportunity to give stakeholders in the region a glimpse into the future of urban air mobility in the UAE and beyond. Tell us more about Archer Aviation and how the company is differentiating itself from other players in the eVTOL industry.

Archer’s goal is to transform urban travel, replacing 60–90minute commutes by car with estimated 10-20-minute electric air taxi flights that are safe, sustainable, low noise and cost-competitive with ground transportation. Our differentiating factors are: • Experienced team: Archer has an experienced,

successful and execution-based team with expertise across all disciplines and a track record of execution success. • Business model: Archer’s business model for commercialisation is unsurpassed and is leading the industry in execution. We are seamlessly working on a variety of fronts, including advancing the certification process with the US Federal Aviation Administration, developing meaningful partnerships with both the private and public sectors, clearing the way for the mass implementation of eVTOLs and construction of a mass-production facility in the US. • Strong partnerships: Archer has established action-oriented collaborative partnerships globally including with USbased United Airlines, car manufacturer Stellantis, UAE’s Air Chateau, India’s 0 3 5

SPOTLIGHT INTERVIEW

InterGlobe Enterprises, Abu Dhabi Investment Office (ADIO) and the US Department of Defense. Archer recently signed MoUs with Abu Dhabi’s ADIO and India’s InterGlobe Enterprises. Tell more about these deals and when do plan to launch commercial operations in these markets.

We partnered with ADIO in October to launch an all-electric air taxi service across the UAE in 2026 and partner with local Maintenance, Repair, and Overhaul (MRO) providers. Abu Dhabi is set to be our first international market outside the US. The agreement with ADIO is aimed at supporting Archer through incentives for setting up its first global headquarters and factory in the Smart and Autonomous Vehicle Industry (SAVI) cluster in Abu Dhabi. Similarly, we joined forces with InterGlobe Enterprises, which backs India’s top airline IndiGo to launch and operate flying taxi services in India in 2026, subject to appropriate 0 3 6

regulatory approvals and clearances. Our partnership seeks to capitalise on a growing need for transport solutions in the world’s most populous country that is battling severe ground travel congestion and pollution in its main cities. The parties intend to work with select in-country business partners to operate Archer’s aircraft, finance and build vertiport infrastructure, and train |pilots and other personnel needed for these operations. The partnership also seeks to finance the purchase of up to 200 of Archer’s Midnight aircraft for India operations. These agreements follow the $142m deal we secured in August to provide up to six of our Midnight aircraft to the US Air Force. Archer is set to be the first eVTOL aircraft firm to operate commercial air taxi services in the UAE. What does this mean for the company?

We are excited about our collaboration with ADIO, which will make the UAE our first international market outside

of the US. Archer plans to partner closely with ADIO and the Abu Dhabi Department of Economic Development to bring manufacturing and operations for our air taxis to the region. Furthermore, we signed an MoU covering a planned purchase of up to 100 of Archer’s Midnight eVTOL aircraft by Air Chateau. The deal is valued at approximately $500m and provides for an initial non-refundable, pre-delivery payment of $1m by December 31. Air Chateau plans to own and operate the Midnight aircraft in the region. We are positioned to be a driving force in making all-electric air taxis a reality in the skies of the UAE and beyond in the coming years. What future opportunities do you see in these two markets?

Archer is working with numerous industry partners across the UAE to support its plans to commercialise operations in the UAE by 2026. In addition to Air Chateau, Archer signed MoUs with Falcon Aviation, which will operate its air taxis across Dubai and

GULF BUSINESS TECH

Abu Dhabi, as well as GAL-AMMROC who will provide MRO support for Archer’s eVTOL aircraft. Furthermore, in addition to launching urban air taxi services, Archer and InterGlobe plan to pursue a variety of other use cases for electric aircraft in India, including cargo, logistics, medical and emergency services, as well as private company and charter services. How are the preparations to launch in the UAE and India going in terms of certification, flight trials and development of adequate infrastructure for eVTOLs?

Archer is seeking to work with its global manufacturing partner Stellantis, as well as local partners in the UAE, to build out its aircraft manufacturing capabilities and its Center of Excellence in Abu Dhabi. Archer’s Center of Excellence will be focused on the development and implementation of next-generation aviation technologies. Tell us more about Archer’s Midnight aircraft, its flight range, capacity and safety features.

With a range of up to 161km (100 miles) and the ability to hold 454kg (over 1,000 lbs) of payload, Archer’s Midnight aircraft is designed to perform rapid back-to-back flights with minimal charge time in between, while handling four passengers and a pilot. The company is committed to certifying and operating our aircraft with the highest standards of safety. The aircraft is designed to eliminate any single points of catastrophic failure in the aircraft’s critical systems.

The UAE has unveiled several smart mobility initiatives over the years. How do you plan to contribute to the country’s smart mobility strategy?

We laid out our intentions to build an engineering Center of Excellence to support the growing advanced air mobility industry in the UAE and across the Middle East and to collaborate with local manufacturing companies and MRO providers in Abu Dhabi to spearhead the production of eVTOL aircraft, furthering Abu Dhabi’s efforts to grow its SAVI cluster. The global eVTOL market is projected to grow at a CAGR of 12.16 per cent to reach $34.92bn by 2030. How do you envision the

future of the eVTOL market? Which trends do you expect to accelerate the adoption of air taxis?

We believe we have a once-in-a-generation opportunity to be one of the first companies to meaningfully deploy a transformational technology that will forever change how people move in and around cities around the world. Morgan Stanley predicts urban air mobility to be a $66bn market by 2035, and a $1tn market by 2040. Individual investors must decide what risk they are willing to take with any investment, but we agree with Morgan Stanley that the opportunity in this industry is massive and our focus is on delivering on our mission of making urban air mobility seamless while creating value for our shareholders.

0 3 7

OPEN FOR ENTRIES EARLY BIRD DEADLINE

18 JANUARY 2024

FIND OUT MORE

FINAL DEADLINE

15 FEBRUARY 2024 CampaignME.com

PRESENTED BY

CampaignMiddleEast

CampaignME

#AgencyOfTheYear

12 | 2023

INTERVIEW

CONNECTING THE DOTS We look at how preventing cyber threats and disruptions not only protects essential services but also minimises resource wastage and environmental damage

Q: NICOLAI SOLLING

How are cybersecurity and sustainability intrinsically linked?

One of the major focus points when talking about sustainability is bringing down carbon emissions. This can be done in several ways, HELP AG and one of them is by utilising technology to make processes smarter and more efficient. Many use cases demonstrate the overlap between cybersecurity and sustainability. For example, by migrating to the cloud and fortifying it with robust security measures, organisations can optimise their resource utilisation while significantly reducing their environmental footprint. This not only minimises the environmental impact associated with security breaches but also contributes to building a sustainable and secure digital ecosystem. For another example, we can look to the world of operational technology (OT) and internet of things (IoT). Preventing cyber threats and disruptions in these areas not only protects essential services but also minimises resource wastage and environmental damage. Security estate consolidation can also contribute to sustainability by integrating operations for quicker detection and response to cybersecurity incidents, thus reducing the associated environmental impact. Consolidation also leads to optimised resource utilisation and a smaller carbon footprint as maintaining multiple systems and vendors is avoided. In summary, sustainability and cybersecurity intersect by promoting efficiency, minimising environmental impact, and enhancing resource utilisation. The efforts in these areas contribute to a more secure and sustainable future.

CHIEF TECHNOLOGY OFFICER

How have you integrated sustainability into your operations?

From an operational standpoint, we made a strategic decision years ago to avoid maintaining an on-premise data center for our services.

A primary motivation behind this choice was the reduced environmental impact associated with cloud operations compared to traditional physical data centres. This commitment to sustainability not only drives our operations but also guides our efforts in assisting customers to transition to the cloud. By doing so, we’re helping them achieve greater agility, cost efficiency, and an overall more sustainable use of resources. What do we need to keep in mind when implementing green technologies?

When implementing green technologies, such as renewable energy systems or IoT (internet of all things) for smart buildings, several cybersecurity considerations emerge: 01. Complex control systems: Modern green technologies often employ advanced supervisory control systems. For instance, the shift to wind and solar power generation requires intricate monitoring of power production and distribution. Each of these control systems represents a potential vulnerability. 02. Upgraded electrical grids: As we transition to renewable energy, electrical grids must be updated and made more intelligent. Each demarcation or integration point in these modern grids presents a potential security challenge. 03. IoT devices in smart buildings: Smart buildings rely on a myriad of interconnected devices to improve efficiency and sustainability. The increased number of endpoints means a larger attack surface. Ensuring the security of these devices is paramount, as they can be gateways for malicious actors. 04. Data privacy concerns: With the proliferation of sensors and IoT devices, there’s an increased risk associated with the data they collect. Protecting this data from unauthorised access and ensuring it’s used ethically is crucial. 05. Reliability and availability: Given our increasing reliance on these green technologies, any disruption due to cyberattacks can have cascading effects. Ensuring the continuous availability and efficiency of these IT-controlled systems is as much a cybersecurity concern as it is an operational one. 06. Supply chain risks: Green technologies often involve components sourced from various vendors. Ensuring the security of the entire supply chain is vital to prevent vulnerabilities introduced by compromised components or software. While green technologies offer vast benefits for sustainability and efficiency, it’s essential to approach their implementation with a comprehensive cyber resilience strategy. This not only safeguards the technology but also the people and systems that depend on it. How do artificial intelligence (AI), machine learning (ML) and big data tie into both cybersecurity and sustainability?

From a cybersecurity perspective, artificial intelligence, 0 3 9

INTERVIEW

machine learning and big data offer an opportunity to run smarter cybersecurity operations by reducing the strain on human analysts. These technologies enable cybersecurity specialists to optimise threat detection and response, contributing to cyber resilience. The use of big data and AI in cybersecurity is projected to reach a value of $35bn by the end of 2025. From a sustainability perspective, AI and big data offer many ways in which individuals can increase their efficiency and optimise their consumption patterns. For example, AI can be used in a smart cooling system to adjust the temperature based on knowledge of the user’s behavior, and accordingly reduce the environmental load of the cooling system. Given the prevalence of remote workforces, how can organisations secure such distributed environments?

With the advent of increasingly dispersed workforces, there’s been a shift in how we approach security architectures. Now, more than ever, there’s a pressing need for scalable and agile security solutions that cater to users wherever they may be. One viable approach is leveraging cloud computing. The sustainability case for cloud computing is compelling: by providing computing resources on-demand, there’s minimal waste. Additionally, it reduces the on-premises footprint typically associated with power and cooling. In the context of security, the cloud offers cloud-delivered security 0 4 0

services, which are specifically designed to protect a remote workforce. As organisations adapt to new models of work, their security architectures must be robust and dynamic, not just safeguarding the central office infrastructure but extending protection to each user, regardless of their location. Furthermore, beyond the security advantages, supporting a remote workforce also aligns with sustainability initiatives. By minimising the need for daily commutes or frequent business travels, organisations reduce the environmental impact associated with transportation methods like cars and planes. Thus, in building secure, cloud-based architectures, businesses are also contributing to a more sustainable future. How can organisations achieve a secure digital transformation?

Digital transformation is becoming increasingly synonymous with modern business strategy. While it serves as a powerful catalyst for sustainability efforts, it also brings about heightened cybersecurity risks. Understanding this dynamic, how can organisations strike a balance?

It’s essential to remember that digital transformation itself isn’t the primary source of risk. Instead, the risk arises from a greater dependency on IT systems

12 | 2023

and the potential vulnerabilities they may harbor. In our age of interconnectedness, a single vulnerability can have cascading effects on an entire business ecosystem. Thus, when embarking on any digital transformation journey, security shouldn’t be an afterthought or a subsequent layer; it should be foundational. From day zero, cyber resilience must be at the forefront of any transformation strategy. By embedding security into every digital process, tool, and system, organisations can harness the advantages of digital transformation without compromising their security posture. Incorporating security from the outset ensures that digital transformation leads to sustainable growth and innovation, rather than potential digital disruptions or vulnerabilities. Collaboration between IT, cybersecurity teams, and business stakeholders is crucial to align transformational goals with robust security practices, ensuring a harmonious blend of progress and protection. How can organisations ensure that their data centres are both cybersecure and sustainable?

Balancing the dual goals of cybersecurity and energy efficiency in data centers requires a multi-faceted approach. Both areas are of critical importance in today’s digital age, with the former ensuring data integrity and operational continuity, and the latter contributing to environmental sustainability. From a cybersecurity perspective, hosting data centers not only prioritise the highest availability metrics but also frequently secure certifications from international cybersecurity standards, like ISO. Such certifications enforce stringent access and change controls, further bolstering their security measures.

From a sustainability perspective, the benefits of such a decision are manifold. Hosting data centers, with their aim to maximise revenue, are inherently motivated to minimise operational costs. This drive results in tighter control over power consumption, a greater inclination to utilise renewable energy sources, and a stronger emphasis on recycling. Furthermore, these data centers are often strategically situated outside bustling city areas. Such placements result in a direct reduction in environmental disruptions. For instance, as data centers expand and require more electricity and redundancy, they necessitate more cabling. This translates to more excavation in streets and changes to the urban landscape. The relocation of these centers outside city confines also leads to a decrease in power demand within the city, resulting in fewer power stations in metropolitan areas. This shift also contributes to a notable reduction in both air and heat pollution in urban zones. Additionally, there’s an increased focus on choosing technologies and materials that bolster a building’s energy efficiency during its construction phase. What are the cyber threats facing green technologies and infrastructures?

When it comes to green technologies, it is vital to ensure that the integrity and availability of supervisory processes are maintained. Looking specifically at IoT and OT environments, organisations must build an understanding of how these systems operate in order to build cyber resilient processes. These technologies are susceptible to threats such as physical tampering, software vulnerabilities, and unauthorised access due to their wide deployment and connectivity. To mitigate these risks, organisations should employ stringent security measures, including regular software updates, robust authentication protocols, and continuous monitoring. How does Help AG utilise AI and machine learning in its operations?

Help AG utilises artificial intelligence and machine learning in many aspects, with one important application being in our Cybersecurity Operations Center. It not only helps increase the efficacy of the alerts, reducing false positives, but also assists us in managing the handling of these alerts through automation using ML and AI. Furthermore, ML and AI reduce the time needed to build threat detection logic by transitioning from static logic creation to automated behavioral-based anomaly detection. All of this enables us to operate more sustainably, reducing the consumption of resources both from technological and human perspectives, and aiding us in becoming more cost-efficient. 0 4 1

COMPETITION

WIN THIS!

Tech quiz whiz

Do you pride yourself on being a tech genius? Do you code in your sleep? Do you know why SSDs are superior to standard hard drive technology?

AVAIL SIX MONTHS FREE SUBSCRIPTION TO OUR MAGAZINES

If that’s you, make sure to participate in our quiz – which will be at this same spot in every Gulf Business Tech issue – and stand a chance to win exciting prizes. Just email your answer along with your name, designation and contact details to neesha.salian@motivate.ae and wait to hear from us. Stay tuned to our social media platforms Gulf Business on LinkedIn, Facebook, Instagram and Twitter, and ﬁnd out if you have won. HERE’S THE QUESTION

Who created the world’s ﬁrst malware? Yisrael Radai Bob Thomas Onel de Guzman Elk Cloner

0 4 2

CONGRATULATIONS TO THE WINNERS

GULF BUSINESS BUSINESS LEADER OF THE YEAR

LIFETIME ACHIEVEMENT AWARD

Sir Tim Clark

Chairman and founder, DAMAC Group

Hussain Sajwani

President, Emirates

BANKING, FINANCE & INVESTMENT BUSINESS LEADER OF THE YEAR Shayne Nelson Group CEO, Emirates NBD

GULF BUSINESS COMPANY OF THE YEAR ACCOR

CLOUD COMPANY OF THE YEAR Huawei

ONLINE TRADING COMPANY OF THE YEAR EFG Hermes ONE

TECHNOLOGY COMPANY OF THE YEAR Microsoft

REAL ESTATE AND CONSTRUCTION BUSINESS LEADER OF THE YEAR Atif Rahman Chairman and Founder of ORO24 Developments

INVESTMENT COMPANY OF THE YEAR AIX Investment Group

ENERGY COMPANY OF THE YEAR Aramco

BANKING COMPANY OF THE YEAR Abu Dhabi Commercial Bank

SME OF THE YEAR Tarabut Gateway

TOURISM BUSINESS LEADER OF THE YEAR Raki Phillips CEO of Ras Al Khaimah Tourism Development Authority

FINANCE ADVISORY COMPANY OF THE YEAR EFG Hermes

SUSTAINABILITY COMPANY OF THE YEAR Masdar

LIFESTYLE PROJECT OF THE YEAR Kyoto by Oro24

DISRUPTIVE COMPANY OF THE YEAR Kitopi

REAL ESTATE AGENCY OF THE YEAR Driven Properties

YOUNG ACHIEVER OF THE YEAR Abdallah Abu Sheikh Co-founder and CEO of Astra Tech

HOSPITALITY BUSINESS LEADER OF THE YEAR Satya Anand President Marriott EMEA

DEVELOPER OF THE YEAR Aldar Properties

RETAIL BUSINESS LEADER OF THE YEAR Ahmed Galal Ismail CEO of Majid Al Futtaim Holding

REAL ESTATE AND CONSTRUCTION INNOVATIVE PROJECT OF THE YEAR Keturah Reserve by MAG Properties

TRANSPORT & LOGISTICS BUSINESS LEADER OF THE YEAR Sir Tim Clark President of Emirates

PROPTECH COMPANY OF THE YEAR Property Finder

HEALTHCARE BUSINESS LEADER OF THE YEAR Alisha Moopen Deputy Managing Director of Aster DM Healthcare TECHNOLOGY BUSINESS LEADER OF THE YEAR Prateek Suri Founder and CEO of Maser ENERGY BUSINESS LEADER OF THE YEAR Dr Sultan Ahmed Al Jaber MD and Group CEO of ADNOC, and Chairman of Masdar

Associate Sponsor

Strategic Partner

GOLDEN FRAME AWARDS RETAIL COMPANY OF THE YEAR GMG

REAL ESTATE AND CONSTRUCTION PROJECT OF THE YEAR Atlantis The Royal by Kerzner International

DISRUPTIVE SME OF THE YEAR Polynome Events FZE

TOURISM COMPANY OF THE YEAR Saudi Tourism Authority

SOCIAL INNOVATION EXCELLENCE AWARD Butterfly Social Technologies Ltd

HOSPITALITY COMPANY OF THE YEAR ACCOR

AGRIBUSINESS LEADER OF THE YEAR ETG Inputs Holdco Ltd (EIHL)

RETAIL COMPANY OF THE YEAR Dubai Duty Free

INNOVATIVE SME OF THE YEAR Petrafos Energy FZC

TRANSPORT & LOGISTICS COMPANY OF THE YEAR Emirates

INNOVATIVE SME OF THE YEAR Downtown Reality Real Estate Brokerage LLC

HEALTHCARE COMPANY OF THE YEAR Al Khayyat Investments

SUSTAINABLE SME OF THE YEAR Healthy Pop Foods Co LLC

GulfBusiness.com Sponsor

MARCOMMS LEADER OF THE YEAR Lucy Aziz Head of PR and Communication, OPPO GCC

GulfBusiness Venue Partners

Beverage Partner

#GulfBusinessAwards Vote Processing Partner

Presented By

Find N3

VITALITY IMAGING TRIPLE CAMERA SYSTEM

PIONEERING THE FUTURE OF IMAGING

Turn quick snaps into super shots

Making the sensor sensational

Unleash the magic of expansive perspectives

All life’s light and colour