MAN WITH A PLAN

MAN

WITH A PLAN

GHANIM AL FALASI IS ON A QUEST TO TRANSFORM DUBAI SILICON OASIS INTO AN AUTONOMOUS CITY FUELED BY EMERGING TECHNOLOGIES.

44

6 NEWS

PASSALACQUA DELIVERS EXCEPTIONAL GUEST EXPERIENCES WITH RUCKUS NETWORK’S AI-DRIVEN WI-FI 7

ADOBE ANNOUNCES PLANS FOR NEW REGIONAL HEADQUARTERS IN RIYADH

ADOBE ANNOUNCES PLANS FOR NEW REGIONAL HEADQUARTERS IN RIYADH

MOZN PARTNERS WITH GOOGLE CLOUD, ELEVATES REGIONAL AI INNOVATION AT LEAP 2024

While

ELEAPFROGGING INTO PROGRESS

arlier this month, I was in Riyadh to attend LEAP, which has grown bigger and better since its debut three years ago. If this is a barometer of what is going on in the digital landscape of the Kingdom, LEAP cements KSA’s position as the largest IT market in the region. Held at a sprawling venue at Malham, some of the announcements made at the show have made the world sit up and take notice. Drawing close to 175,000 visitors over four days, around $11.9 billion in new investments were announced at LEAP, including a new AWS cloud zone and a data centre by Datavolt. IBM, which recently announced its plan to set up its regional HQ in the Kingdom, plans to invest $250 million in a global software development centre. ServiceNow will pump in $500 million to localise its services, and develop local talent. Dell Technologies will open a manufacturing and fulfillment centre, while HPE showcased servers made in Saudi Arabia at the show.

This is reminiscent of the gold rush; every technology vendor worth its salt wants in

on the action. This is not surprising, given the scale and scope of projects currently underway in the Kingdom. The pace at which the country is transforming itself is probably unparalleled, and its ambitions to become a global powerhouse of digital innovation are driven from the top down. The Kingdom has many tailwinds in its favor - as part of Vision 2030, the government is walking the talk by demonstrating a strong commitment to fostering an environment for tech innovation. Besides, the country is blessed with a relatively young, tech-savvy population. And we are doing our bit to turn the spotlight on the burgeoning innovation in the Kingdom – on the sidelines of LEAP, we organised our inaugural CXO50 awards in Riyadh to celebrate and recognise some of the top digital transformation leaders in KSA. The CXO Insight team was on the ground at the show in full strength, reporting on the headlines coming out of LEAP. We encourage you to visit our website to check out all the major stories from LEAP this year.

PASSALACQUA DELIVERS EXCEPTIONAL GUEST EXPERIENCES WITH RUCKUS NETWORK’S AI-DRIVEN WI-FI 7 SOLUTION

The prestigious Passalacqua on the shores of Lake Como, Italy, is to become one of the world’s first early adopters of Wi-Fi 7 with the installation of CommScope’s RUCKUS Networks technology.

Passalacqua is taking the next step in its customers’ Wi-Fi experience by deploying a RUCKUS Wi-Fi 7 solution. The use of RUCKUS R770 APs gives the hotel excellent connectivity speeds, low latency, increased reliability and increased capacity to deliver the exceptional experience its customers are accustomed to enjoying.

The R770 platform is driven by RUCKUS AI, a cloud service for network assurance and business intelligence that enhances Wi-Fi 7 network resilience. RUCKUS AI simplifies network management by presenting key information to operators, improving network visibility, speeding up problem-solving, meeting service level agreements (SLAs) and providing a seamless user experience.

Passalacqua, an extraordinary 18thcentury property standing above the village of Moltrasio on the shores of Lake Como, Italy, opened its doors two years ago as a hotel. It was brought back to life by Paolo, Antonella and Valentina De Santis, some of Italy’s leading hoteliers.

The upgrade to Wi-Fi 7 will allow guests to stream high-definition content, conduct video calls, play online games and use multiple devices simultaneously without any lag or disruptions. The increase in capacity and efficiency will allow hotel staff to deploy new smart solutions, all without experiencing network congestion.

ADOBE ANNOUNCES PLANS FOR NEW REGIONAL HEADQUARTERS IN RIYADH

Adobe announced plans to establish a new regional headquarters in Riyadh as part of its expansion in the region, following RHQ license approval from the Saudi Ministry of Investment. The regional headquarters is expected to open by early 2025 and will enable Adobe to better serve the ever-growing demand for digital customer experiences and creative solutions in the Kingdom and across the Middle East.

Adobe has been active in Saudi Arabia and the Middle East for more than 20 years, helping public and private sector organisations including Saudi Tourism Authority, stc and

Wi-Fi 7’s advanced security features, including encryption protocols, offer guests and staff a more secure environment for data, whether it is financial transactions or personal details.

“We are proud to work with a hightech industry leader such as RUCKUS Networks to deliver the best available connectivity solution to our guests,” commented Andrea Caniggia, COO Meta Spa Group. “Passalacqua aims to provide exceptional service and amenities to our worldwide guests, in this regard, an excellent Wi-Fi connectivity certainly completes such variety of services and experiences.”

“In a luxury hotel, guests expect a premium experience, which is what Wi-Fi 7 gives to Passalacqua guests,” stated Bart Giordano, SVP & President, Networking, Intelligent Cellular and Security Solutions, CommScope. “Deploying RUCKUS Networks’ Wi-Fi 7 technology is a great example of how our expertise in network infrastructure adds huge value to top-class hospitality establishments. Wi-Fi 7’s advanced features, together with RUCKUS AI, opens up dedicated and secure networks where exclusivity and privacy are highly valued.”

Riyadh Air to unleash their creativity, accelerate document productivity and deliver digital experiences to their customers. Adobe has also worked alongside digital transformation partners in the region including Accenture, AWS, Deloitte Digital, IBM, Microsoft and PwC Middle East.

“The Kingdom is home to some of the world’s most pioneering projects. When it comes to digital experiences, and the speed at which new technologies are adopted and embedded, Vision 2030 is world leading,” said Luc Dammann, EMEA President at Adobe. “We are proud to expand our presence in the region to better support customers in realising their ambitions to deliver outstanding digital experiences.”

SPRINKLR ANNOUNCES LOCAL DATA HOSTING SOLUTION IN THE KINGDOM OF SAUDI ARABIA WITH GOOGLE CLOUD

Sprinklr, the unified customer experience management (Unified-CXM) platform for modern enterprises, announced its continued expansion in the Middle Eastern market with the launch of a local data hosting solution for the Sprinklr platform in the Kingdom of Saudi Arabia (KSA) hosted on the Google Cloud. Customers now have the option to host data in Saudi Arabia through Sprinklr’s hosting services provider. Sprinklr also provides hosting solutions in the US on Google Cloud. By hosting data in Saudi Arabia, Sprinklr will enable customer compliance with security, privacy, and governance regulations in the region.

“The ability to host data in Saudi Arabia will help Sprinklr continue to rapidly expand our business, deliver a high level of service, and meet the data hosting requirements of our customers in the region,” said Senior Vice President of Growth Markets at Sprinklr, Haitham Elkhatib. “Sprinklr is the first customer

MOZN PARTNERS WITH GOOGLE CLOUD, ELEVATES REGIONAL AI INNOVATION AT LEAP 2024

Mozn announced that it will be one of the first Saudi Arabian tech companies to collaborate with Google Cloud, propelling Mozn’s mission to “advance digital humanity by harnessing the powers of artificial intelligence” onto the international stage.

The announcement was made at LEAP 2024, Saudi Arabia’s renowned technology conference. Mozn chose the high-profile forum to highlight that partnering with Google Cloud allows the company to make its flagship FOCAL platform available through the Google Cloud Marketplace to

Sprinklr continues to expand rapidly across key growth markets in the Middle East, Africa, and Asia-Pacific. With a local data hosting solution, customers in Saudi Arabia can now more easily tap into the benefits of Sprinklr’s AIpowered platform, including Sprinklr AI+ with generative AI capabilities for customer service, insights, social media management, and marketing that is built with enterprise-level governance, security, and data privacy.

Abdul Rahman Al Thehaiban, Google Cloud’s Managing Director for Middle East, Turkey and Africa said, “Google Cloud is delighted to partner with Sprinklr in its expansion into the Kingdom of

organisations around the world.

“This collaboration with Google Cloud marks a significant stride for AI technology in the region, making our cutting-edge offerings at Mozn accessible on a global scale,” said Dr. Mohammed Alhussien, CEO and Founder, Mozn. “This strategic collaboration will drive AI innovation forward and ensure the prosperity of our digital presence worldwide.”

“Bringing Mozn’s FOCAL platform to Google Cloud Marketplace will help customers quickly deploy, manage, and grow the solution on Google Cloud’s trusted, global infrastructure,” said Dai Vu, Managing Director, Marketplace & ISV GTM Programmes at Google Cloud. “Mozn can now securely scale and support customers on their digital transformation journeys.”

FOCAL stands at the forefront of Mozn’s technological advancements, embodying an AI-driven platform meticulously engineered to transform the landscape of fraud prevention and compliance across experience platform with local hosting in Saudi Arabia on Google Cloud, which we believe provides a clear competitive advantage and makes Sprinklr the customer experience platform of choice for regional leaders working to digitally transform their organisations and unify the front office.”

Saudi Arabia. This collaboration, which comes shortly after the integration of the Sprinklr AI+ platform with Google Cloud’s Vertex AI, further demonstrates our shared commitment to enabling secure and compliant data solutions. By hosting Sprinklr’s unified customer experience platform on Google Cloud, businesses gain access to advanced AI technologies while meeting their data residency requirements.”

Sprinklr recently announced an integration with Google Cloud’s Vertex AI, and the ability to seamlessly integrate with new AI offerings helps Sprinklr customers access the latest and most advanced Generative AI technologies. Sprinklr customers will be able to bring their own models from their generative AI partner of choice or create new ones and integrate them with proprietary AI from Sprinklr to drive higher productivity, enable better decision-making, and provide more seamless customer experiences.

As with all of Sprinklr’s data hosting locations, Saudi data hosting will be backed by Sprinklr’s global support teams, technical resources, and sub-processors.

For more information, email SprinklrUAE@teamlewis.com.

a spectrum of industries in the region. Designed for precision and adaptability, FOCAL leverages advanced AI and analytics to offer targeted solutions for fraud detection and regulatory compliance. Its reliable framework identifies and mitigates risks in real time and ensures streamlined operations within complex regulatory environments. Mozn’s FOCAL was recognised as a top 25 worldwide FinTech product in the “Digital Business Solutions” category by Statista and CNBC.

OSOS, Mozn’s leading Arabic generative AI platform is next on the docket to be introduced onto Google Cloud Marketplace for worldwide usage.

As Mozn begins this journey as a Google Cloud partner, the company remains committed to pushing the boundaries of its offerings, aiming to further the progress of digital humanity. Positioned at the vanguard of technological transformation, Mozn reinforces its role as a prominent AI innovator in the region.

DELL TECHNOLOGIES EXPANDS SAUDI ARABIA OPERATIONS

Dell Technologies announced plans to open a new merge and logistics fulfilment centre, which includes a second touch manufacturing facility in the Kingdom of Saudi Arabia (KSA). This strategic investment commemorates Dell’s position in securing a regional headquarters license to operate in KSA and reinforces the company’s commitment to Saudi Vision 2030 in driving economic diversification through technological advancement.

The new centre, based out of Riyadh, will handle all Dell product lines in KSA, including notebooks, desktops, servers, storage and networking. This in turn will help manage the growing demand for Dell’s end-to-end consumer and enterprise solutions, create additional services and offerings, reduce lead times, and enhance customer satisfaction. Additionally, Dell is moving its Flat Panel Monitor Hub to Riyadh with inventory stocked and delivered directly to customers with same-day or next-day shipments.

The Saudi facility is scheduled to be operational by the end of 2024, is the first in the META region and Dell’s third in the EMEA region, after Ireland and Netherlands. It will play a pivotal role in accelerating the growth of the ICT sector in Saudi Arabia, by creating new jobs, training local talent and fostering a culture of innovation.

On Dell’s hub at KSA, the Deputy Minister for Technology at Saudi MCIT, Mohammed Robayan, said: “Dell’s plans to open a manufacturing and logistics centre in Saudi Arabia contributes to the Kingdom’s digital landscape and reinforces our aspiration to lead as a tech manufacturing hub. This endeavor not only addresses the evolving market demands but also aligns with our commitment to nurturing a skilled technology workforce, bridging the gap between education and industry needs. MCIT will support Dell’s investment as it endeavours to expand its operations within the Kingdom.”

Mohammed Amin, Sr. Vice President, CEEMETA, Dell Technologies, said: “Dell

has been at the heart of Saudi Arabia’s technology industry for more than two decades, and we are pleased to have been granted the license to operate under the new regulations and open a new centre in Saudi Arabia. The expansion seeks to leverage Dell’s expertise in cutting-edge technologies and position the Kingdom as a prominent contributor to the global technology ecosystem, aligning our operations with the goals of Saudi Vision 2030. Through the centre, we look forward to creating new growth opportunities and contributing to the development of a thriving digital economy.”

The announcement was made by Adrian McDonald, President – EMEA for Dell Technologies during Dell’s participation at LEAP2024 in Riyadh, where the company is showcasing its latest innovations in AI, multi-cloud, modern workplace, edge, cybersecurity, and more.

GARTNER PREDICTS LESS THAN 25% OF GOVERNMENT ORGANISATIONS WILL HAVE GENERATIVE AI-ENABLED CITIZEN-FACING SERVICES BY 2027

Less than 25% of government organisations will have generative AI (GenAI)-enabled citizen-facing services by 2027, according to Gartner, Inc. Fear of public failure and a lack of community trust in government use of the technology will slow adoption for external use with citizens.

Like all industries over the past 15 months, governments have been exploring the

opportunities and risks associated with the emergence of GenAI. Gartner’s annual global survey of over 2,400 CIOs and technology executives found that 25% of governments have deployed, or plan to deploy GenAI in the next 12 months. A further 25% plan to deploy in the next 24 months. Early focus has been on establishing an initial governance framework to support experimentation and narrow adoption.

“While governments have been benefiting from the use of more mature AI technologies for years, risk and uncertainty are slowing GenAI’s adoption at scale, especially the lack of traditional controls to mitigate drift and hallucinations,” said Dean Lacheca, VP Analyst at Gartner. “In addition, a lack of empathy in service delivery and a failure to meet community expectations will undermine public acceptance of GenAI’s use in citizen-facing services.”

Align Adoption with Risk Appetite

To address this, Gartner recommends governments continue to actively deploy GenAI solutions that will improve internal aspects of citizen services.

“GenAI adoption by government organisations should move at a pace that is aligned to their risk appetite, to ensure that early missteps in the use of AI don’t undermine community acceptance of the technology in government service delivery,” said Lacheca. “This will mean back-office opportunities will progress more rapidly than uses of the technology to serve citizens directly.”

According to Gartner, government organisations can accelerate GenAI adoption by focusing on use cases that predominantly impact internal resources, avoid perceived risks associated with citizen-facing services and build

knowledge and skill associated with the technology. They should also build trust and mitigate associated risks by establishing transparent AI governance and assurance frameworks for both internally developed and procured AI capabilities.

“These frameworks need to specifically address risks associated with citizenfacing service delivery use cases, such as inaccurate or misleading results, data

privacy and secure conversations,” said Lacheca. “This can be done by ensuring governance processes specifically address each risk both before and after initial implementation.”

In addition, government organisations should implement an empathy-focused practice of human-centred design when designing the use of citizen or workforce-facing AI solutions. This ensures the solutions remain in line with

STC GROUP LAUNCHES SOVEREIGN CLOUD OFFERING POWERED BY ORACLE CLOUD

stc announced the deployment of Oracle Alloy to help organisations leverage hyperscale cloud services while also supporting data residency and data sovereignty. The collaboration between Oracle and stc aims to deliver cutting-edge cloud solutions tailored for the unique needs of the Saudi Arabian market. With this sovereign cloud capability, stc will be able to capitalise on the business opportunities, scale, and performance of the cloud, and innovate at the speed of hyperscale cloud providers.

“This collaboration represents a significant step forward in stc’s mission to empower organisations in Saudi Arabia with innovative cloud solutions. By combining stc’s deep understanding of the local market with Oracle’s leadingedge cloud technology, this capability will enable our customers to achieve their digital transformation goals securely and efficiently,” said Saud Alsheraihi, vice president, of Products and Solutions, stc. stc and Oracle combine the expertise of two industry leaders to provide a highly secure and reliable cloud infrastructure with features to support the requirements of the Kingdom of Saudi Arabia. Oracle Alloy will be hosted in the state-of-the-art data centres of Center3 and leverage the distinctive and advanced capabilities of the stc Group entities to streamline and enhance the cloud customer journey. By leveraging Oracle’s cloud technology and stc’s extensive local market knowledge, the new platform will offer a comprehensive suite of cloud services

while offering features to support data sovereignty.

“Oracle Alloy is a complete cloud infrastructure platform that enables organisations to become cloud providers. It is a key component of Oracle’s distributed cloud strategy, which aims to give our partners and customers more choice in how they build, deploy, and operate cloud services,” said Nick Redshaw, senior vice president of technology, Middle East & Africa, Oracle.

Oracle Alloy functions as a full cloud region that Oracle supports and updates with new features as they become available in other Oracle public cloud regions around the world, benefiting from continuous hyperscaler innovation for local and sovereign needs. It enables partners to control the commercial and customer experience and extend it to address their specific market needs. With its strong customer network and local capabilities, stc is well-positioned to help organisations in Saudi Arabia and Bahrain

community expectations when it comes to determining how and when they should be used from a citizen-facing perspective.

Gartner clients can learn more in “Predicts 2024: Government CIOs Must Prepare for an AI-Enabled Future.”

Learn more about how governments are adopting AI to improve service delivery to their citizens in the complimentary Gartner webinar Government Leaders, Is Your Data Ready to Enable Secure AI Initiatives?

harness the high performance, flexibility, security, and scalability offered by Oracle Cloud Infrastructure (OCI).

This initiative underscores the commitment of stc and Oracle to empower businesses and government entities in Saudi Arabia with the tools they need to thrive in the digital age. With these new capabilities, organisations can harness the power of cloud computing to drive innovation, enhance agility, and accelerate their digital transformation journey while maintaining control over their data within the borders of the Kingdom.

Key benefits of the new platform include:

• Data Sovereignty: Hosting sensitive data within the borders of Saudi Arabia..

• Security and Compliance: Implementing robust security measures and adhering to compliance standards to help safeguard data integrity and privacy.

• Scalability and Flexibility: Providing scalable cloud infrastructure that can adapt to evolving business needs and workload demands.

• Local Support and Expertise: Offering dedicated local support and expertise to assist customers throughout their cloud journey.

The launch of the sovereign cloud service represents a significant advancement towards achieving the goals outlined in Saudi Vision 2030. By fostering innovation, promoting digitalisation, and enhancing the Kingdom’s technological infrastructure, this initiative will help support the diversification of the economy and the development of a vibrant digital ecosystem.

DELOITTE SET TO ESTABLISH SERVICENOW INNOVATION CENTER IN RIYADH

Deloitte, the global professional services firm, and ServiceNow, the digital workflow company making the world work better for everyone, announced plans to establish the ServiceNow Public Sector Innovation Center at the Deloitte Digital Centre in Riyadh. The announcement was made on the opening day of LEAP, the flagship technology event in the Kingdom of Saudi Arabia, taking place March 4th – 7th, 2024.

Deloitte Middle East CEO, Mutasem Dajani commented, “The launch of our ServiceNow Innovation Centre in Riyadh demonstrates our commitment to the emerging needs of both, the public and private sectors in the Kingdom of Saudi Arabia. It also further

underlines our commitment to local Saudi talent through job creation and skill development. We will continue to work with our alliance partners to drive innovation and digital transformation, in line with the Kingdom’s Vision 2030.”

The facility will be the best-in-class ServiceNow Innovation Center in Riyadh and will serve as a strategic hub for public sector and business leaders seeking to drive innovation and accelerate time to value. The centre will be powered by generative AI and will leverage the combined expertise of Deloitte and ServiceNow professionals specialising in transformation efforts across industries. The Innovation Centre will work closely with organisations to understand their business goals, streamline their operations, bridge internal skills gaps to upskill their workforce and maximise return on investment.

Rashid Bashir, Consulting CEO at Deloitte Middle East, commented on the partnership, “In alliance with ServiceNow, we are committed to utilise our market leading, deep understanding

of organisational needs to empower businesses with the knowledge, skills, and resources needed to unlock the full potential of the ServiceNow platform and drive sustainable growth to thrive in the ever-evolving digital landscape.”

“At ServiceNow, we are committed to change how governments work through digital transformation as well as generative AI,” said Raj Iyer, head of global public sector at ServiceNow. “Through this new innovation centre in Riyadh, ServiceNow and Deloitte are working shoulder-to-shoulder to help the Kingdom of Saudi Arabia accelerate the delivery of new digital services. It has never been easier to leverage the power of a platform like ServiceNow to truly transform how governments serve their citizens.”

The ServiceNow Innovation Center will build on over 11 years of Deloitte’s experience as a ServiceNow Global Elite Partner, having delivered transformation programmes for over 5,500 clients worldwide and over 6,000 implementations.

OOREDOO GROUP UPGRADES BUSINESS SOLUTIONS OFFERING

Ooredoo Group announced a key partnership agreement with Avaya that will see Ooredoo integrate Avaya’s cutting-edge contact centre and unified communications solutions into its service offerings for business customers across multiple countries.

The agreement, signed at the Mobile World Congress in Barcelona, marks a significant step towards upgrading the digital experiences of businesses across the region.

By leveraging Avaya’s trusted technologies alongside Ooredoo’s leading connectivity and digital services, businesses will gain access to a comprehensive suite of solutions

available on-premise, through the cloud, or via a hybrid model. These solutions enable dependable, secure, and scalable communications, empowering businesses to excel in today’s experience-driven economy.

Ahmad Abdulaziz Al Neama, Group Regional CEO, Ooredoo, said: “As businesses increasingly compete in an experience economy, delivering exceptional, personalised experiences has become paramount. Through our collaboration with Avaya, we are providing a turnkey Digital Services solution for businesses, enabling them to deliver outstanding experiences across the entire customer journey.”

The partnership will equip Ooredoo’s business customers with the tools they need to delight customers and engage colleagues in an increasingly digital world. Avaya’s renowned solutions, trusted by millions of businesses worldwide, integrate advancements in communications, including voice, video, digital, and real-

time collaboration, to upgrade business interactions and experiences.

The partnership will also make it easier for businesses to chart their own journeys to cloud-based communications. Whether opting for on-premises solutions or cloudhosted services, businesses can seamlessly extend their capabilities with Avaya’s cloud innovations, enhancing both employee and customer experiences with minimal disruption to daily operations.

Nour Al Atassi, Vice President – Service Providers, Avaya International, said: “Organisations across the region are seeking innovative communications solutions to engage customers and employees across multiple touchpoints. Our partnership with Ooredoo enables businesses to innovate at their own pace, supported by a marketleading digital transformation expert. We are excited to collaborate with Ooredoo and create new possibilities in business communications.”

Moving

MAN

WITH A PLAN

DRAWING ON 33 YEARS OF EXPERTISE IN BUILDING IT SYSTEMS FROM THE GROUND UP, GHANIM AL FALASI, SENIOR VICE PRESIDENT OF TECHNOLOGY AND ENTREPRENEURSHIP AT DUBAI SILICON OASIS, IS NOW ON A QUEST TO TRANSFORM DSO INTO AN AUTONOMOUS CITY POWERED BY EMERGING TECHNOLOGIES

Ghanim’s journey began in 1990, fresh out of university, when he joined Dubai’s Central Military Command with aspirations to pioneer something groundbreaking in IT. After graduating from the University of Hayward, now known as East Bay University, in San Francisco, he harbored a burning ambition to forge new paths.

Amidst the chaos of the Kuwait invasion, Ghanim received word of an opportunity to spearhead the IT department at the Central Military Command. Despite the turbulent circumstances, he seized the chance. Ghanim and his team sprang into action, developing cutting-edge IT systems, mainframes, and state-of-the-art technology within the military. For eight years, they labored tirelessly, crafting innovative solutions and pushing the boundaries of possibility.

Yet, in 1998, the government decided to merge the Central Military Command with the Federal military. During the complexities of the merger, Ghanim found himself starting anew as they shifted IT operations to the unified army. Seizing a new opportunity in Dubai’s aviation industry, he embarked on a fresh chapter in 2000, taking on the challenge of building the IT department of Dubai Airport from scratch.

“I joined as an IT manager under the engineering department because they didn’t have a dedicated tech department. Terminal one was slated to open within four months, and I was mandated to put a new network in place. And that is exactly what I did; in no time, the one-person IT department grew to a strength of 45 employees. It took me 11 years to develop a full IT infrastructure for Dubai Airport,” recalls Ghanim.

Ghanim, whose passion has always been technology and entrepreneurship, found a better opportunity and transitioned to Dubai Silicon Oasis in 2011. “Initially, I served as the head of a group in charge of IT strategy and business excellence. Additionally, I set up a small section focusing on corporate innovation. By 2013, amidst a surge of innovation, the management opted to elevate this section into a full-fledged department, which I led as the head of the Corporate Innovation Department. From there, our mission was to infuse innovation into the very fabric of DSO.”

Meanwhile, Ghanim also took charge of DSO’s HR department in line with Dubai’s progress towards becoming the city of happiness. He decided to rebrand the department as the “People Happiness Department,” transforming it from the

traditionally daunting HR title to something more inviting. This shift allowed DSO to establish a comprehensive framework for fostering happiness within the organisation, which Oxford University vetted.

“I was focusing on innovation, HR, and people’s happiness until a merger occurred. The merger of DSO with DAFZA and Dubai CommerCity resulted in the formation of the Dubai Integrated Economic Zone. They assigned me the responsibility of overseeing Dtec (Dubai Technology Entrepreneur Center) and the entire technology ecosystem within DSO,” says Ghanim.

Part of Ghanim’s responsibility is also to develop the potential of DSO, a seven-square-kilometer city. It is truly an integrated community where work, living, and entertainment are all available; it encompasses everything from nurseries to universities, academia, hospitals, and shopping centers, with 90,000 people residing here.

“My strategy is to create an ecosystem where technology could thrive, serving as a testing ground for innovations. Additionally, we have a geofenced environment where drones can be tested for delivery purposes, and robotics can operate on the streets. We facilitate various types of testing, including preliminary testing required before government approval. For example, if RTA wishes to conduct tests related to autonomous driving, we block off roads for their use,” says Ghanim.

The Dubai Future Foundation has already constructed a landing pad for drones and DSO is now establishing additional experimentation zones for different types of technology. “We are forging more partnerships with governmental departments so that startups and our tenants can directly engage with the government, thereby reducing hurdles for testing new technologies,” says Ghanim.

One of the emerging technologies on Ghanim’s radar is artificial intelligence, and he aspires to establish an ecosystem that will attract AI-focused startups, big companies, students,

PART OF GHANIM’S RESPONSIBILITY IS ALSO TO DEVELOP THE POTENTIAL OF DSO, A SEVEN-SQUARE-KILOMETER CITY. IT IS TRULY AN INTEGRATED COMMUNITY WHERE WORK, LIVING, AND ENTERTAINMENT ARE ALL AVAILABLE; IT ENCOMPASSES EVERYTHING FROM NURSERIES TO UNIVERSITIES, ACADEMIA, HOSPITALS, AND SHOPPING CENTERS, WITH 90,000 PEOPLE RESIDING HERE.

academia, and hobbyists to come together as one community.

“Whether it’s integrating AI into drones, robotics, or other areas, these are the experiments we’re currently undertaking. The convergence of AI and robotics is essential, leading us into new dimensions. We’ve already initiated the development of the MedTech and robotic verticals, and now we’re focusing on the AI vertical,” he says.

Ghanim highlights that DSO’s strategy aligns with Dubai’s 2040 Master Urban Plan, which prioritises improving people’s happiness and quality of life, strengthening Dubai’s position as a global hub for citizens, residents, and visitors. He states, “Our goal is to position ourselves as a leader in knowledge and innovation. This is underscored by our close proximity to 22 universities and our steadfast commitment to technology. We envision DSO as the premier technology hub, drawing innovators from around the world to test their technologies in an ideal setting.”

Sustainable development is another key pillar of DSO’s ambitious strategy

to transform itself into an autonomous city, surpassing the smart city concept, and prioritising sustainability by leveraging AI.

Ghanim illustrates this with an example of a meeting room setup. “As we’re currently in this meeting room, perhaps neither of us requires this specific temperature setting. AIM, the AI mayor of the city responsible for its autonomous operation, will recognise this. AIM will cater to each individual’s needs based on their preferences. It will reduce the lights and lower energy consumption throughout the entire city. The roads will be highly proactive; they will illuminate as you pass by and then automatically turn off afterward.”

Ghanim’s blueprint for transformation also envisions changes to mobility, which will be autonomous. “Cars will not be permitted to drive within the city limits. If you’re visiting me, your car will need to be parked outside the city. Instead, a pod will arrive to pick you up promptly. This will be facilitated by artificial intelligence, coordinating with my personal assistant. The pod will transport you to your destination without the need for you to navigate. Since it’s electrically powered, there’s minimal risk of collision. This is just one part of the larger vision we are stitching together.”

Do you wonder if there’s a timeline for this transformation? Ghanim says he’s aiming for D33 (Dubai Economic Agenda). “If someone were to say this is overly ambitious, I’d ask, why doubt it? Because all the building blocks are already available. Take EV cars, for example. Autonomous driving has already reached level three and could potentially reach levels four and five with a dedicated environment. If we can establish such an environment for V2V communication, enabling autonomous driving becomes much simpler. Additionally, AI-powered building management is already feasible. What’s lacking is the cohesive development of policies and procedures for an autonomous city. That’s precisely what I’m working on now.”

CHARTING A PATH FOR SUCCESS

MARK MOFFAT, THE NEWLY APPOINTED CEO OF IFS, WAS IN DUBAI RECENTLY. HE SPOKE TO US ABOUT HIS VISION AND GAME PLAN FOR CAPITALISING ON THE REGION’S GROWTH OPPORTUNITIES.

Can you share the purpose of your visit here with us?

I made that commitmentin my first 100 days as CEO, my goal is to meet 100 customers. I’m well underway in meeting that goal. As you can see, this region represents significant growth potential for us. We’re tremendously excited about the UAE and the Middle East. It’s a phenomenal market for our industry, and I was eager to come here as quickly as possible. I joined IFS as chief customer officer in

July 2022, having previously worked at PwC for 24 years. During my time there, I had extensive experience working in the region. Coming from a partner organisation, I understand the dynamics of effectively collaborating with partners in a software company.

As the new CEO, what is your vision, and where do you see growth coming from? We’ve been growing at over 30% compound yearly for the last six years. So, even in environments where the

market is slower, we’ve managed to maintain our growth. And why have we done that? We have a super clear strategy that remains unchanged. Our focus industries, which are six, remain the same.

We’re really proud of our strong industry focus and the development of deep functional capabilities within these industries. When we go to market, we engage with customers in our chosen sectors. We have intimacy with their operations, understanding their business challenges, operational nuances, regulatory requirements, and the broader macroeconomic context in which they operate. By remaining laserfocused on these industries, we believe we can add significant value.

We offer a service called ‘Customer Success’ as part of our offering. When we partner with a customer who purchases our software, we encourage them to also invest in our success offering. This package, among other benefits, provides industry expertise throughout the project lifecycle. After implementation, customers have ongoing support to optimise and maximise the benefits of our solution. I’m deeply committed to ensuring that when a customer invests in us, we take responsibility for delivering a return on their investment indefinitely. This commitment stems from our unwavering industry focus.

Is IFS now truly a cloud company? You may be aware that we rearchitected our platform to IFS Cloud

a couple of years ago. IFS Cloud offers true SaaS and cloud-native capabilities, which is fantastic because it enables us to introduce new functions and features every six months for our customers who remain with us. This strategy is proving successful, as we anticipate another 30% growth year, and our cloud revenue is growing 46% year on year. As you know, our valuation has exceeded $10 billion.

Our product is a truly SaaS, multitenancy product. However, the way we make it available to customers is quite clever. We offer customers the option to deploy our product in their own environment, within their chosen hyperscale provider, or they can opt for our cloud-managed solution using Microsoft. This flexibility of choice is crucial. For instance, in the UAE, where Microsoft operates a data centre, we can provide full managed cloud services. However, in other markets within the region, this might be more challenging. In such cases, we offer our SaaS product to customers in their own environment. Regardless, the product itself is truly cloud-based.

How is IFS harnessing the power of AI?

The way we’re approaching AI is quite specific. It’s crucial for us to maintain a focus on industry-specific applications of AI, rather than adopting a broad approach like that offered by OpenAI’s large language models. Currently, we’re looking at every single industry we focus on, identifying use cases for AI throughout the value chain and ensuring that we thoroughly understand the potential value and impact on our customers. Once identified, we integrate these use cases into our product and ensure they are readily available to our customers when needed.

We’re considering AI in six different ways and the capabilities it offers. These include content generation, action and recommendation aspects, and anomaly detection. For instance, in manufacturing and asset management, we can identify patterns and suggest the

OUR GOAL IS TO BECOME THE GO-TO CHOICE FOR CUSTOMERS SEEKING MODERN APPLICATION SOFTWARE TO MANAGE ASSETS AND SERVICES. JUST AS SALESFORCE IS SYNONYMOUS WITH CRM AND WORKDAY IS RENOWNED FOR HCM, WE WANT EXECUTIVES IN OUR TARGET INDUSTRIES TO AUTOMATICALLY THINK OF IFS WHEN CONSIDERING ASSET AND SERVICE MANAGEMENT, AS WELL AS ERP SOLUTIONS.

next best action, explore optimisation opportunities, and forecast events while providing contextual knowledge.

IFS.ai is here, and many customers are already benefiting from it. One of the AI capabilities we’re particularly proud of is our planning, scheduling, and optimisation engine. Currently, any customer utilising our PSO engine can save an average of 25% in operational costs, resulting in a nearly equivalent reduction in carbon emissions for these specific use cases.

ERP has transitioned to the cloud.

What about EAM and FSM?

We have a couple of products in FSM that we acquired historically, and all of their functional capabilities are available on the cloud. Asset management is entirely based on IFS Cloud. When we make acquisitions, our target architecture is always IFS Cloud. While there is a period of time needed for integrating the core product after an acquisition, our strategic direction remains focused on IFS Cloud. As you may know, IFS Cloud offers great composability for our customers.

When we respond to a customer’s asset management problem, we often engage in lengthy discussions about our capabilities in this area. The beauty of our solution is that our customers can utilise any component of IFS Cloud and the available modules. With a single data model and architecture, everything works together seamlessly and effectively.

What are you doing to enhance your brand recognition and which are your target markets in the region?

We’re constantly striving to enhance our brand. While ifs may be less wellknown compared to some of our biggest competitors, we’re making significant strides. We’re opening a new office and tripling its size in Dubai, which is a huge investment for us. This expansion is part of our efforts to promote our brand in various locations. Collaborating with partners is crucial in this regard. We recently held a Connect event in Riyadh and did one in Dubai last year, expanding our brand presence in other markets. Brand elevation is a top priority for us. We’re committed to ensuring that people recognise us as a serious player with substantial investment and continuous growth. Our goal is to become the go-to choice for customers seeking modern application software to manage assets and services. Just as Salesforce is synonymous with CRM and Workday is renowned for HCM, we want executives in our target industries to automatically think of IFS when considering asset and service management, as well as ERP solutions.

In terms of markets, I would emphasise that the UAE and Saudi Arabia are of paramount importance to us. For obvious reasons, Saudi Arabia is particularly significant due to the substantial investment activity there. I recently attended the Egypt Energy Conference in Cairo, where we identified promising prospects. We’re fortunate to have numerous opportunities for growth across various regions, but the UAE and Saudi Arabia are likely our most significant markets.

DIGITAL DEFENCES

THE CRUCIAL ROLE OF VAPT IN DEFENDING AGAINST CYBER THREATS.

As cyber threats evolve in sophistication and frequency, organisations are increasingly turning to Vulnerability Assessment and Penetration Testing (VAPT) as a proactive measure to safeguard their systems and data.

VAPT helps organisations identify vulnerabilities and weaknesses in their systems, networks, and applications before malicious actors can exploit them. By proactively identifying these weaknesses, organisations can take

corrective actions to strengthen their security posture.

“Both vulnerability assessments and penetration tests are important because they provide feedback about the current state of security within an organisation. Importantly, they can be viewed as two different exercises. Vulnerability assessments seek to uncover weaknesses in a system or network, while penetration tests attempt to demonstrate the exploitability of said systems and networks -- often leveraging vulnerabilities identified by the former.

The outcomes of these exercises inform the organisation about the risks present in their environment and suggest how they might be prioritised for remediation,” says John Shier, Field CTO, Threat Intelligence at Sophos. Ed Skoudis, President of SANS Technology Institute, concurs that VAPT is crucial in today’s digital landscape because it systematically identifies and evaluates security vulnerabilities in an organisation’s IT infrastructure, allowing an organisation to better understand and manage its

risk posture. As cyber threats become more sophisticated and pervasive, VAPT offers a proactive approach to detect weaknesses before they can be exploited by attackers.

“This not only helps safeguard sensitive data and maintain business continuity but also ensures compliance with regulatory standards, thereby enhancing customer trust and protecting the organisation’s reputation. VAPT also helps organisations prioritize resources for fixing vulnerabilities based on the risk they pose to the organisation,” he says.

Yogendar Kumar, Head of Information Security at Finesse, says by simulating real-world attack scenarios, VAPT provides a comprehensive evaluation of an organisation’s overall security posture, assessing the effectiveness of existing security controls, policies, and procedures. “Many industries and regulatory bodies mandate regular security assessments like VAPT to ensure compliance with standards such as PCI-DSS, HIPAA, GDPR, and NIST.”

What common vulnerabilities can VAPT uncover in an organisation’s IT infrastructure?

VAPT can uncover a wide range of vulnerabilities in an organisation’s IT infrastructure, including unpatched software, weak passwords, system misconfigurations, and insecure network protocols.

Ezzeldin Hussein, Regional Senior Director, Sales Engineering – META at

SentinelOne, says VAPT helps uncover specific threats like SQL injection attacks, sensitive data exposure, phishing vulnerabilities, and insufficient access controls, including user permissions, role-based access control (RBAC), and segregation of duties (SoD), each representing potential entry points for malicious actors. These vulnerabilities, if left unaddressed, could potentially expose the organisation to significant security risks, including data breaches and unauthorised access.

How frequently should organisations conduct VAPT assessments, and what factors should determine the frequency?

Constant changes within the threat landscape and also within IT networks mean that VAPT assessments should be performed regularly, according to Tarek Kuzbari, Regional Sales Director of Picus Security. Quarterly or annual testing is not enough to achieve a proactive approach.

THE THIRD STEP IN THE VULNERABILITY ASSESSMENT PROCESS IS TO CLOSE ANY SECURITY GAPS. THIS IS USUALLY A JOINT EFFORT BETWEEN THE DEVSECOPS TEAM, WHICH SETS OUT THE MOST EFFECTIVE WAY TO MITIGATE OR REMEDIATE EACH VULNERABILITY DISCOVERED.

Ideally, automated assessments should be performed daily to identify assets and vulnerabilities and to assess security control effectiveness. Periodic manual testing to identify more complex vulnerabilities can be used to augment automated tests.

“Organisations may need to increase the frequency of testing after IT changes, such as during and following the deployment of new systems and applications,” he says.

Ram Vaidyanathan, Chief IT Security Evangelist at ManageEngine, says the actual frequency depends on factors such as size of company, nature of the IT infrastructure, type of data involved, number of users and devices, etc. It also depends on your overall risk assessment, and organisational risk score. “Consider the information provided by different security tools before you decide on the exact frequency. There is no one correct answer for the frequency. However, I recommend that your organisation conduct at least one VAPT assessment at the end of every quarter.”

Kumar from Finesse notes organisations in highly regulated industries, such as finance, healthcare, or government, may be subject to specific regulatory requirements that mandate the frequency of VAPT assessments. These requirements should be adhered to as a minimum.

He adds organisations with a higher risk profile, such as those handling sensitive data, operating critical infrastructure, or facing advanced persistent threats, should consider more frequent VAPT assessments, potentially every six months or even quarterly.

What steps are involved in the VAPT process, from initial assessment to final reporting?

Organisations that undergo a vulnerability assessment will follow a

four-step process, according to Kalle Björn, Sr Director, Systems Engineering - Middle East, Fortinet.

The first step is to create a comprehensive list of vulnerabilities in an organisation’s applications, servers, and systems. This is done by either scanning them using specific internet vulnerability assessment tools or by testing them manually. Vulnerability analysts can also use vulnerability databases, vendor announcements, threat intelligence feeds, and asset management systems to identify potential weaknesses. This helps organisations to understand the full details, and includes elements like risk appetite and tolerance level, business impact analysis, mitigation practices and policies, countermeasures for devices and services, and residual risk treatment.

The second step aims to discover the source and initial cause of the vulnerabilities identified in the first step. The analysis stage identifies the system components responsible for each vulnerability as well as its root cause.

The third step in the vulnerability assessment process is to close any security gaps. This is usually a joint effort between the DevSecOps team, which sets out the most effective way to mitigate or remediate each vulnerability discovered. The remediation process includes introducing new cybersecurity measures, procedures, or tools; updating configuration and operational changes; and developing or implementing patches for identified vulnerabilities.

“With that process completed, as the fourth step it is vital for organisations to create a vulnerability assessment report. This needs to include recommendations on how to correct and mitigate vulnerabilities, risk mitigation techniques, and any gaps the assessment uncovers between the results and the organisation’s system baseline,” says Björn.

Hussein from SentinelOne says VAPT begins with scoping the assessment’s objectives and target systems. Reconnaissance gathers information about the environment, followed by automated vulnerability scans and manual testing to uncover weaknesses. Exploitation attempts validate the severity and potential impact of vulnerabilities, with privilege escalation and post-exploitation to assess overall security. Findings are documented comprehensively, and a detailed report is prepared with prioritised remediation recommendations. Guidance is then provided to address vulnerabilities, and optional reassessments ensure ongoing security.

Shier from Sophos summarises:

“In a very concise way, the typical steps are a cycle of identifying weaknesses, assessing risk, remediating weaknesses, implementing controls, and testing information systems. This cycle is ongoing and should strive to reduce weaknesses while increasing the controls and capabilities of the organisation.”

GETTING AHEAD OF THE CURVE

NADJI RAIB, SENIOR AREA DIRECTOR FOR SOUTHERN EUROPE AND THE MIDDLE EAST AT SECURITYSCORECARD, DISCUSSES THE CRITICAL IMPORTANCE OF ADDRESSING SUPPLY CHAIN BREACHES. SECURITYSCORECARD IS AN AI-DRIVEN PLATFORM THAT IDENTIFIES CYBER RISKS ACROSS ALL ATTACK SURFACES.

Tell us more about what SecurityScorecard does. SecurityScorecard is a 10-year-old cybersecurity company that provides a SaaS solution. With a simple A to F graded system, we empower companies to understand the external exposure risks they face or those of third parties they are interested in. There are multiple use cases for creating a scorecard. Our scores are evidence-based, as we collect data from an external perspective and data breach incidents. An A to F rating doesn’t just indicate whether a company is good or bad; it also correlates to the likelihood of a breach. For example, if you receive an F rating, you are 14 times more likely to experience a violation than an A-rated company, indicating lower external exposure and higher security.

Does it mean a company with an A grade has never experienced a breach?

I would say that’s not entirely factual. While it’s true that breaches can occur due to various reasons, such as insider threats or zero-day vulnerabilities, from a threat actor’s perspective, they are more likely to target companies that expose the most vulnerabilities. Let me provide a simple analogy: Imagine a robber walking down a street where houses vary in their security measures. One house is securely sealed with no open doors or broken windows, while another house has open doors and a broken window. Which house do you

think the criminal would target first? It’s simple math. Similarly, what you expose externally is an indicator of your cyber resilience and the level of cyber hygiene you maintain.

What is your methodology for rating companies’ cyber resilience?

Our methodology is highly transparent and evidence-based. For those interested in the technical details, we publish our methodology on our website for everyone to see. This transparency enables companies to understand and agree with our assessment, as it reflects everything they expose externally.

In terms of the technical process, we conduct scans of the entire IPv4 space, allowing us to observe all publicly available information. Additionally, we utilise passive scanning techniques, such as honey pots and sinkhole technologies, to gather malicious information. We also

incorporate elements of cyber threat intelligence into our analysis.

The next stage involves identifying assets belonging to the company from an external perspective. We meticulously map out any assets, including external IPs, domain names, subdomains, and associated IPs. Once we have gathered this information, we correlate it and benchmark the company against similarsized digital entities.

Our grading system ranges from A to F, reflecting the company’s external exposure and security posture. Furthermore, we evaluate companies across ten different areas, including network security, application security, patching cadence, DNS health, messaging security, cyber threat intelligence, and social engineering.

To delve even deeper, we offer additional products and modules, such as Attack Surface Intelligence, which correlates cyber threat intelligence with information on your assets.

Your report notes that 73 percent of the top 30 companies in the UAE have third parties that experienced a breach. Could you shed more light on this?

With the onset of digital transformation, people are moving to the cloud for scalability reasons and to cater to every customer due to heightened competition. As everyone shifts to the cloud, including third-party suppliers, for the same reasons, they become equally accessible to everyone. When we consider breaches, in 2023, over two-thirds of them –specifically 66% – occurred through thirdparty channels. For instance, a breach in Uber involved its lawyers, resulting in the leakage of Uber’s data. Thus, while relying on third parties for scalability and productivity, companies share critical data with them, making them vital for business continuity but also posing a risk to the organisation’s reputation. Regulators, such as the DORA in Europe and SAMA in Saudi, emphasise the importance of continuously monitoring critical third-party supply chains. This is crucial because any breaches they encounter will directly impact the organisation relying on them.

LEADING THE RACE

A

NEW BCG SURVEY OF OVER 1,400 C-SUITE EXECUTIVES IN 50 MARKETS REVEALS

THAT WHILE 66% OF GLOBAL LEADERS ARE AMBIVALENT OR DISSATISFIED WITH THEIR COMPANIES’ AI AND GENAI PROGRESS, THE MIDDLE EAST REFLECTS A CONTRASTING TREND IN ADOPTING THESE TECHNOLOGIES.

GenAI burst into the public consciousness in 2023, promising to revolutionise business operations. The Middle East exhibits a distinct approach to AI and GenAI adoption, differing notably from broader global trends. According to the Boston Consulting Group (BCG) survey, while 66% of global leaders report dissatisfaction or ambivalence regarding their AI and GenAI progress, the scenario in the Middle East is different. 61% of executives anticipate over 10% productivity gains from AI and GenAI in 2024. 54% of Middle Eastern Executives indicate that their AI/GenAI capabilities are currently focused on practical application, going beyond limited experimentation to encompass more comprehensive and scaled initiatives.

“The Middle East is making significant progress in the field of GenAI by developing essential AI capabilities and recognising the importance of data as a key asset for immediate and strategic value,” says David Panhans, Managing Director and Senior Partner at Boston Consulting Group. “The region’s focus on leveraging data for AI and GenAI

solutions to various business challenges, combined with a digital-first, data-driven mindset, sets the region apart in GenAI and enables substantial productivity gains and innovation.”

The BCG AI Radar: From Potential to Profit with GenAI report is based on a survey of 1,406 C-level executives in 50 markets and 14 industries. Seventy-one percent of executives surveyed say they plan to increase tech investments in 2024—an 11-point jump from 2023—and even more (85%) plan to increase their spending on AI and GenAI. In workforce development, the Middle East is leading in upskilling efforts related to GenAI. However, despite this progress, there is room for improvement, as currently, only 11% of Middle East executives report that more than a quarter of their workers have received training in GenAI tools. This indicates a focused yet ongoing effort in the region to equip the workforce with the necessary skills for the AI landscape.

“As the Middle East continues to excel in AI and GenAI, a key focus is on building the necessary AI muscle to support and advance this area,” states Mark Zaleski, Managing Director and Partner at BCG X. “Our region is committed to advancing technology and developing our workforce through comprehensive change management, starting with leadership. We have made significant progress in training our workforce in GenAI, but the journey towards achieving comprehensive AI proficiency is ongoing. We believe our commitment to developing technology and human capital is critical.”

This Is Not the Time to Wait and See

Although a small percentage of companies are already reaping the rewards of AI and GenAI, others are either playing catch up

or standing on the sidelines. More than 60% of executives surveyed say their firms are still waiting to see how AI-specific regulations develop, and just 6% of companies have trained more than 25% of their people on GenAI tools so far.

According to the report, “winning” companies acknowledge GenAI’s permanence and recognise its potential for both enhanced productivity and topline growth. It outlines several characteristics that set the winners apart from observers, including:

• Winners invest for productivity and top-line growth. Organisations that plan to invest more than $50 million in AI and GenAI this year are 1.3 times more likely to see cost savings in 2024—and 1.5 times more likely to achieve more than 10% in cost savings.

• Winners are systematically upskilling. Twenty-one percent of organisations spending upward of $50 million on AI and GenAI this year have already trained more than a quarter of their people.

• Winners are vigilant about GenAI cost of use. Cost of use, which has serious longterm implications, is not commanding the attention it should. Only 19% of those surveyed consider cost the top concern when choosing an AI and GenAI solution.

• Winners build intentional relationships. Only 3% of executives consider preexisting partnerships a priority when looking for AI solutions.

• Winners implement responsible AI (RAI) principles. Of the companies surveyed that are investing more than $50 million in AI in 2024, 27% put the CEO in charge of their RAI strategy (versus 14% overall).

“In the Middle East, AI can redefine company operations, creating significant value for individual businesses and the broader economies. This shift towards AI-driven transformation demands a ‘Value-first’ approach and ’Tech + Change Management’ mindset to succeed across various sectors,” says Robert Xu, Managing Director and Partner at BCG X. “Integrating GenAI into our business ecosystems will not only improve operational efficiencies and bring topline impact but also encourage the development of new business models, fostering economic growth and regional development.”

SECURITY FOR CONNECTED DEVICES

JOHN VECCHI, CMO OF PHOSPHORUS, DISCUSSES

STRATEGIES FOR PROTECTING CYBER-PHYSICAL SYSTEMS AND THWARTING BAD ACTORS

What does Phosphorus do?

Phosphorus was founded in 2017 by Chris Rouland and Earle Ady, who had previously founded other startups such as Endgame and Bastille. The company operated in stealth mode for several years while developing its technology. We have been actively going to market for just about a couple of years and are currently in a Series A round of funding.

The company was specifically founded to address the issue of insecure connected smart devices. There are well over 60 billion of these devices worldwide, ranging from enterprise Internet of Things devices such as cameras, printers, and HVAC controllers to operational technology and industrial control systems, robotics, and medical devices.

These devices are in a horrible state of security. The company was fundamentally built to address this issue. However, to do that, we must discover these devices and conduct a full risk assessment. Therefore, we built our own discovery engine from the ground up to locate all these devices safely and efficiently. So, that’s essentially what we’re doing.

Can you provide more detail on how Intelligent Active Discovery works and how it ensures accurate identification of

xIoT devices?

The challenges with these devices are because of their difference from traditional IT assets like laptops, workstations, and servers. These devices are more sensitive, and you can’t install endpoint agents on them. Therefore, it is difficult to use a traditional vulnerability management or scanner, primarily designed for IT assets, to communicate with these devices.

That’s why we built our discovery engine, ‘Intelligent Active .’ There are two

reasons for this name. Firstly, it’s active, unlike many legacy IoT/OT solutions that are passive, merely listening to network traffic. Secondly, we employ intelligence in a layered and cautious approach. When communicating with these devices directly, we start with just a few packets to understand their preferred port and protocol. Once we identify the device, we move on to the next tier. This approach is crucial because it ensures we communicate with the devices in the manner they expect, enabling us to discover them safely and efficiently. We can perform the discovery process quickly and safely by minimising the number of packets sent to these devices.

Traditionally, especially in OT and ICS environments, many organisations are wary of active discovery due to past experiences with legacy solutions causing harm to devices. However, our approach is different; it ensures efficiency, speed, and safety, addressing the concerns associated with active discovery in industrial environments.

Phosphorus operates without hardware or agents. Can you explain how it achieves this, and what advantages this approach offers for deployment? We are a fully software-based solution with no agents required. Our deployment

process is straightforward. For on-premise deployments, we provide an OVA (Open Virtual Appliance), which is a virtual image or machine. Customers can deploy this virtual machine themselves, or if we conduct a proof of value concept, we assist in the deployment. The process is simple: you provide us with a range of IP addresses and specify what you want us to find and discover. Once you input the IP address range, our system will scan and discover all devices within that range.

We can find any smart device within the specified IP address range. Once discovered, we provide detailed information about each device, including its make, model, and series. Additionally, we conduct a full risk assessment for each device. This assessment includes details such as whether the device is using default credentials, the firmware version and its age, the number of CVE IDs associated with the firmware, and whether certain services, such as Telnet or SSH, are open and unused, posing a security risk. We also alert you if certificates on the devices are expired or insecure. With this comprehensive risk profile for each device, organisations can prioritise which vulnerabilities to address first and decide on the appropriate mitigation strategies.

Could you elaborate on the automation capabilities of Phosphorus for addressing cyber-physical vulnerabilities?

We like to say it’s automated but with full control. Depending on the environment, it can be scary to think that an automated platform is going to start performing actions on smart devices without any control. Therefore, we have the ability to schedule what we call ‘jobs’ on this platform. For example, you can schedule a job to rotate the credentials or passwords on maybe 10,000 different devices. With just one button, you can perform the same action for firmware updates or any other task. You can also perform these actions on just one device or a specific number of devices. For instance, you can schedule the platform to rotate passwords on these devices every 60 days, and it will happen automatically. So, in that sense, we offer full automation but under the operator’s control.

DIGITAL DISRUPTORS

DIGITAL INNOVATION TRIUMPHS AT THE 6TH CXO50 AWARDS AND CONCLAVE.

The sixth edition of the CXO50 Awards celebrated the top executives driving digital innovation in today’s rapidly evolving landscape.

The theme of this year’s event was “Digital Innovation,” reflecting the unstoppable wave of technological advancement sweeping across every sector. In this digital age, innovation isn’t just a choice – it’s a necessity for survival and success.

The conference commenced with a keynote session by Sebastian Samuel, Chief Information Officer (CIO) at AW Rostamani, who presented on ‘Getting Ready for the Future’. He shared insights on how to prepare for the future in this software-driven and AI-driven world.

He advocated a three-fold approach: “First, embrace a Franchise Model for IT, urging collaboration between business

and IT, emphasizing shared responsibility and customised solutions. Second, adopt a mindset of a creative explorer, encouraging innovation, value addition, and a shift from ownership to usership. Lastly, transform from a CIO to a CVO, focusing on revenue acceleration and establishing a new IT operating model with innovative mindsets and technologies.”

Somy Varghese, Head of Digital Transformation and Technology at a leading retail company, gave the next keynote presentation. In an inspiring message, she urged the audience to empower one another and embrace

diversity. Her message to women in the industry resonated: “Advocate for yourself and create your own story,” fostering a spirit of empowerment and selfdetermination for women in technology.

The panel discussion on ‘Strategies for thriving in the era of digital disruption’ featured industry experts such as: Shadi Khuffash, Sr. Sales Director South Middle East at Fortinet; Raed Abd ElRahman, Regional Channel Manager at Bitdefender; Samer Semaan, Channel and Alliances Manager Middle East and Emerging Africa at Pure Storage; and Shaheen APM, Solutions ManagerMiddle East & Africa at Allied Telesis.

The panel emphasized the inevitability of disruption. Acknowledging infrastructure as pivotal, they advocated cybersecurity as crucial for digital transformation, urging leaders to enable change, foster agility, and embrace emerging technologies like IoT, Blockchain, and Edge computing. Cautioning against weaponising AI, they hailed Data Analytics as the hottest trend, emphasizing cross-collaboration and cultural transformation for success.

The event featured a break-out roundtable discussion on cloud security, involving select winners of the CXO 50 Awards, sponsored by Skyhigh Security and its partner, MMI Infosec.

NAVIGATING THE DATA-DRIVEN STORAGE

MOHAMED EL ZOMOR, SENIOR DIRECTOR - STORAGE PLATFORM SOLUTIONS, CEEMETA AT DELL TECHNOLOGIES, LISTS FIVE KEY STORAGE CONSIDERATIONS FOR CIOs.

We’re standing on the cusp of the AI revolution and businesses are all hoping to cash in on a technology that could define a generation. However, the adoption of AI also presents one of the biggest digital transformation challenges since the race to the cloud in the 2010s: managing the AI data boom.

The good news is that many businesses are recognising the need

for investment to do AI properly, and re-allocating budgets accordingly. A recent study of IT decision makers with responsibility for GenAI found that 76% are expecting to increase their IT spend to pursue AI projects. While this is a step in the right direction, how businesses spend this uplift will separate the leaders from the laggards.

So, what should top the IT spend list for the AI-savvy CIO? The answer is Storage.

AI is a data-hungry and datagenerating technology. This means

that our old methods of storing data need to evolve and grow around it. There is an increasing business need for storage strategies that are built for the AI-generation, and those who act quickly will race ahead. CIOs will be key in directing their organisation through these changing times, and the first challenge will be to get the business on board for the journey.

Here are five areas CIOs should consider getting their storage transitions off on the right track.

What are your specific storage challenges?

At the outset of your journey, it’s essential to identify and address the roadblocks that may arise. These include compliance issues, high storage costs, and the need for realtime analytics. By recognising these hurdles, you can work with IT teams to design a storage platform that can accommodate their current, and future, needs, while remining compliant with data regulations, giving them a competitive edge.

Are you harnessing AI to optimise your storage?

AI and ML comes in all shapes and sizes, and some can be used early to pave the way for more complex deployments, such as GenAI. For example, you could use AI to optimise your current hardware for storage. Using AI solutions for existing hardware can identify areas for managing data, ensuring its available, secure, and high performing. This approach will be important as the business looks to introduce GenAI, as the ability to adapt and learn from data usage patterns will be crucial to its smooth running.

Have you evaluated the right modality and business model for your outcomes?

While public cloud and on-premises

AS PART OF YOUR TECHNOLOGY REFRESH, ENSURE THAT YOUR STORAGE PLATFORM NOT ONLY DELIVERS ON PERFORMANCE BUT ALSO EXCELS IN SAFEGUARDING YOUR DATA. COLLABORATE WITH SECURITY EXPERTS, STAY UPDATED ON EVOLVING THREATS, AND PROACTIVELY INVEST IN SECURITY SOLUTIONS THAT CAN ADAPT TO THE EVERCHANGING CYBERSECURITY LANDSCAPE.

cloud have been the de-facto storage solutions for businesses in recent years, it’s important to note that some data is better stored close to where it is created and consumed. This is true at both the edge and the datacentre. For example, in the manufacturing industry, where edge computing can simplify data management to help improve production operations, and modernise and scale across various locations.

Security is also a factor when considering storage modality. How much control is required versus allowing access to data, and how much risk can one afford? Key considerations when thinking about the best place for your data.

Is your data storage aligned with innovation?

Data is the lifeblood of any business, as the insights it delivers can drive industry innovation and competitiveness. With the increasing value and volume of data, organisations are retaining more information to improve customer loyalty and bring new services to the market. However, storing this growing data set is challenging.

To keep hold of this valuable data, refreshing your technology to cope with the load is essential. It’s also important that the desired outcome of data-driven insights for innovation is baked into to your strategy at the outset.

Are you prepared for data privacy and security challenges?

Data breaches and privacy concerns are more prevalent than ever. Over half (54%) of organisations suffered a cyberattack or incident that prevented access to data last year, according to the 2023 Dell Technologies Global Data Protection Index.

This indicates the need to develop a robust incident response plan that outlines the steps to be taken in the event of a data breach or security incident. Having a well-defined plan can minimise the impact of a breach and ensure a swift and effective response.

As part of your technology refresh, ensure that your storage platform not only delivers on performance but also excels in safeguarding your data. Collaborate with security experts, stay updated on evolving threats, and proactively invest in security solutions that can adapt to the ever-changing cybersecurity landscape. Data privacy and security are not optional; they are fundamental to your business’s reputation and success.

As we look to the AI future ahead of us, businesses must ensure their hardware is giving them the best possible foundation for success. By addressing data challenges, aligning data storage with innovation, and preparing for data privacy and security challenges, CIOs can ensure a smoother transition into this exciting new era.

Those who act quickly and invest wisely in their IT infrastructure will not only gain a competitive edge but also lead the way in unlocking the full potential of AI and ML technologies, disrupting industries and changing the way we live and work forever.

BRIDGING GAPS

MAHER JADALLAH, SENIOR DIRECTOR MIDDLE EAST & NORTH AFRICA, TENABLE, SAYS AUTOMATION IS THE KEY TO DATA PROTECTION IN CLOUD ENVIRONMENTS.

One of the core challenges of cloud computing is its complex security needs.

As organisations traverse the digital landscape, the convergence of systems, applications, and users blurs traditional boundaries, requiring a reinterpretation of traditional data and identity silos. Under the shared responsibility model for the public cloud, protecting identities and data is always the responsibility of the enterprise rather than the cloud service provider. Even in Software as a Service (SaaS), customers are still required to

protect their own data, identities and application configurations.

Identity and access management (IAM) systems usually serve as the core method for defining access rights and permissions, enabling organisations to centrally manage authentication, Single Sign-On (SSO), and authorisation across multiple systems and applications. Yet, legacy IAM systems struggle to adapt to the dynamic nature of cloud environments, where access requirements change frequently. To address these challenges, the security industry has responded with innovative solutions designed to operate at cloud scale, such as cloud extensions to Identity Governance and Administration (IGA) offerings and the adoption of attributebased or policy-based access control (ABAC or PBAC).

The IAM landscape is further complicated by introducing new entities like containers, serverless architectures, and IoT devices. These entities present unique access challenges, necessitating innovative approaches to identity management. By leveraging data awareness and automation, organisations can streamline their IAM processes and mitigate security risks in cloud environments.

Data protection solutions have evolved on a similar path to IAM systems. Data Loss Prevention (DLP) solutions have enabled organisations to discover, classify, and monitor the movement of sensitive data within their networks, and apply adequate policies. As in the case of identity and access management, new datacentric solutions were introduced to tackle the challenge of protecting data in the cloud. Cloud access security broker (CASB) systems, for example, can be used to identify unsanctioned cloud applications, monitor and control data, and encrypt traffic to the cloud through a centralised platform.

However, the effectiveness of DLP solutions hinges on constant data classification and policy refinement, which can be challenging in dynamic

cloud environments. While CASBs can be used to restrict user access to an application, they don’t address visibility and management of identities and permissions in the cloud at the user, application and resource level. Fortunately, Cloud security posture management (CSPM) systems can help partially fill this gap, enabling organisations to continuously monitor cloud platforms and alert on misconfigurations and potential compliance issues. For example, CSPMs can detect misconfigured Amazon Simple Storage Service (Amazon S3) buckets that may expose organisations to the leaking or loss of sensitive data.

Much like identity-centric security lacks an awareness of the data side, neither DLP nor CASB and CSPM, nor a combination of these products can provide integrated insight into identities. Similarly, making decisions based solely on the sensitivity of data with no insight into user behavior and contextual understanding of their actions may result in misidentification of major risks, multiple false positives and disruption to business.

As organisations are required to constantly adapt their policies and controls, IT and human resources (and consequently, budgets) are pushed to their limits. Many of these organisations are approaching a tipping point where the scale and flexibility of cloud environments may be too much to deal with, resulting in increased exposure to risk. The key to addressing the challenge of managing identities and permissions in the cloud at the user, application and resource level is to introduce automation, thereby reducing the level of required human resources.

Bringing down identity and data silos is essential for achieving this goal. By effectively leveraging data-awareness, we can establish a decision-making framework that distinguishes between legitimate and excessive permissions based on contextual understanding of

THE DISCONNECT BETWEEN IDENTITYCENTRIC AND USERCENTRIC SECURITY IS DEEPLY ROOTED IN EXISTING CYBERSECURITY PARADIGMS. TO CREATE THE NECESSARY PARADIGM SHIFT, A NEW SECURITY MODEL SHOULD INTRODUCE CAPABILITIES BASED ON SEVERAL KEY PRINCIPLES.

needs and status. The incorporation of data-awareness into an access management framework could significantly improve its least privilege posture through a more accurate, ongoing assessment of risk.

Next – as said before – automation is the ultimate prescription for scale issues. The process of creating and enforcing least privilege policies (at least, in the most common cases) should be done rapidly, at scale and with minimal involvement of Dev or Ops teams. This way, organisations can gradually achieve least privilege while allocating other resources to identify and resolve complicated permissions and investigate unknown access events. It is also important to remember that not all access permissions are equal. Given the number of access policies in modern cloud environments, you must be able to differentiate between how you handle each of them. The level of risk can be attributed to the sensitivity of the data where it resides, the entity that holds the permissions, and so forth.

the risk they pose to critical data or resources, and enforce least privilege policies accordingly.

The disconnect between identitycentric and user-centric security is deeply rooted in existing cybersecurity paradigms. To create the necessary paradigm shift, a new security model should introduce capabilities based on several key principles. Firstly, policies should ensure that users, applications, machines and services can access only the data and resources that are necessary for their legitimate purposes, per their current

It is also crucial to identify the myriad of entity types that are accessing cloud resources. From human users to applications and bots, similar principles and logic should be applied to all entity types to ensure comprehensive security across any cloud environment, without impacting application continuity or speed to market. Most importantly, security systems should be able to identify and mitigate accessrelated risks with minimum disruption to normal business operations.

While there will continue to be evolving security challenges in cloud environments, there are a growing number of tools and measures that can be implemented to mitigate risks and ensure that a robust security framework is in place at all times. By leaning into automation to ease the burden of managing data policies, organisations will face less issues with scaling their cloud environments and be able to free up critical business resources.

Philips 100Hz monitors

Philips 100Hz monitors have been carefully designed, with a blend of features and specifications, to fit your every need, making them perfect for studying, working, gaming.

With optimal resolutions and 100Hz refresh rates, perfectly and automatically balanced by complementary framerates, you’ll get enhanced productivity, wide viewing angles, and reduced screen stutter for a sleek, fluid and flawless viewing and gaming experience. Clear rendering of objects for smoother videoplay, and all of these performance and benefits are achievable using existing hardware and peripherals and graphic cards, so no need to upgrade.

With Philips 100Hz refresh rate monitor models, Adaptive-Sync supports the new DRR (Dynamic Refresh Rate) features of Windows 11, dynamically varying refresh rate according to your task, and balancing performance and power consumption. Faster page flipping and scrolling, plus smoother ‘inking’ in various Microsoft and Adobe applications, allow you to finish that CAD/CAM design, spreadsheet, document or design project effortlessly and

on time. With the perfect balance of speed, efficiency and performance, you can be safe in the knowledge that your monitor is meeting all of your energy-saving needs too. Perfectly productive.

In addition to Philips’ FlickerFree technology, Philips’ LowBlue Mode setting uses a smart software technology to reduce harmful shortwave blue light. This helps to protect eyes from damage, reducing negative effects on vision over time. Further, PowerSensor and LightSensor technologies automatically reduce and adjust picture brightness to save energy.

Philips places great emphasis on a sustainable future, with initiatives such as energy efficiency, fully recyclable packaging, and compliance with international environmental standards. Strictly adhering to RoHS standards to ensure substantial reduction or elimination of toxic substances, Philips emphasizes freedom from harmful substances such as mercury, halogens, PVC and BFR. In addition to using 100% recycled packaging materials, Philips also utilizes up to 85% post-consumer recycled plastics in some selected models.

GameSir X2

GameSir has launched the GameSir X2s, a Type-C wired mobile gaming controller tailor made for elevated gaming experiences.

Seamlessly compatible with Android, HarmonyOS, and iPhone 15 series devices, the GameSir X2s is the newest

generation of X2 Type-C controllers, boasting a raft of key features considered ‘must-have’ by gamers worldwide.

Mobile gamers can become immediately acquainted with the precision and durability they demand, deserve, and expect thanks to the X2s controller’s fusion with the internationally coveted Hall Tech. The Hall Effect sensing sticks deliver 360° seamless pinpoint control, backed by anti-friction glide rings for a super smooth experience with reduced stick grinding and extended usage time.

ASUS Ultracompact PCs

ASUS has unveiled an exciting lineup of ultracompact PCs that set new standards for performance, style, and sustainability. From the sleek and powerful ASUS NUC 14 Pro+ ultracompact PC to the gaming prowess of the ASUS Republic of Gamers (ROG) NUC, together with the semi-industrial ASUS Fanless Chromebox CF40 and ASUS ExpertCenter PN65, ASUS continues to push the boundaries of what’s possible in the world of technology.

The ASUS NUC represents

VERTIV MODULAR DESIGNER LITE

a commitment to continuous improvement in technology, prioritizing user-friendly product design. Developed through a partnership between ASUS and Intel, the compact ASUS NUC integrates the power of a full-sized computer with top-notch quality, reliability, modular design, extended lifespan, smart cooling solutions, and advanced AI capabilities. Its versatility shines through an array of configurations catering to diverse user needs, from power users to casual home use experiences. With a focus

on supporting diverse businesses and enhancing PC applications, the ASUS NUC aspires to make a lasting impact in the ever-evolving tech landscape.

Powered by the first-of-its-kind Intel Core Ultra 9 processor, NUC 14 Pro+ is AI-ready and redefines expectations by effortlessly handling the most demanding workloads, from intricate computer renderings to complex financial models. It’s a true workhorse for professionals seeking top-tier performance.

An extensive range of I/O ports further facilitate productivity, allowing users to seamlessly connect to peripherals, external displays, and other devices to streamline workflows.

The ultra-small form factor (USFF), ASUS NUC 14 Pro, is powered by an Intel Core Ultra 7 processor to deliver exceptional performance. It’s the first AI-ready NUC that features high-speed Intel WiFi 6E AX211, Intel vPro Enterprise, and support for up to four external displays. With leading performance and a compact design, NUC 14 Pro is designed to meet the diverse needs of modern professionals.

Vertiv has unveiled a new tool designed to transform and simplify the configuration of prefabricated modular (PFM) data centres. Available now in Europe, Middle East and Africa (EMEA), the Vertiv Modular Designer Lite is a user-friendly, web-based application aimed at streamlining the process of designing Vertiv SmartMod and Vertiv SmartMod Max solutions to meet specific user needs.

The Vertiv Modular Designer Lite offers an array of features to enhance the customer experience. It addresses the challenges of early planning and provides a proposed solution based on customer inputs that can be helpful to a range of technical and non-technical stakeholders. Users can quickly design all-in-one data centres up to 200kW without any technical background. The tool requires no logins or software downloads, allowing users to select from a range of optional configurations to design their modular data centres in just a few minutes.

DEEP DIVE INTO DEEPFAKES

Last month, global media was agog with news of a finance clerk at a Hong Kong-based multinational corporation falling victim to a sophisticated deepfake scam, which resulted in the unauthorised transfer of $25 million to cyber criminals. A video conference call in which deepfakes impersonated both the CFO and other senior managers familiar to the clerk was what overcame the clerk’s initial scepticism. Investigations revealed that cyber criminals used deepfake technology to transform publicly available video and audio footage into lifelike versions of the company’s staff.

While deepfake technologies hold promise for creative applications, their potential for misuse poses a significant threat to businesses. Deepfake manipulation, once limited to faking photos, documents, and videos, is now being used to create phoney video calls in real time and even mimic voices for complex phishing scams. The Guardian newspaper in the UK called deepfakes the 21st century’s answer to Photoshopping.

So what is a deepfake? In a recent InformationWeek article, Nabil Hannan, NetSPI’s Field CISO, has described deepfakes as artificial audio, video, or image creations that use known, valid data and artificial intelligence to produce a synthetic output.

Hannan noted that in cybersecurity, deepfakes are categorised as social engineering attacks that can be used to breach an organisation’s systems and compromise internal data.

Enterprises should be worried about the dangers of deepfake technologies, the foremost being reputational damage. Deepfake voice phishing uses cloned voices to impersonate trusted individuals over the phone have been around for some time. However, deepfake videos take the damage quotient to a new level. According to the Federal Bureau of Investigation (FBI), Business Email Compromise (BEC) exploits organisational reliance on email

and video calls to conduct business and was responsible for $50.8 billion in losses between October 2013 and December 2022.

Deepfake videos that aim to damage the reputation of companies or their key people could do serious harm by influencing how people see things, affecting markets and customer trust. These could range from cloned recordings of executives with their entire conversation altered for malicious purposes to fabricated videos portraying a top official or CEO making false statements or endorsing a fraudulent scheme. These can trigger a public relations nightmare, erode consumer trust and have legal repercussions.

Deepfake impersonation of a highlevel executive could trick employees into revealing confidential information or granting unauthorised access to sensitive systems. This could lead to data breaches, intellectual property theft, and sabotage.

Transaction and payment frauds are a close second behind reputational damage.

Deepfakes can mimic the voice or appearance of key personnel to initiate fraudulent transfers, as in the Hong Kong example, leading to significant financial losses. In the case of banks, deepfake audio or video could be used to create bank accounts under false identities, facilitating money laundering.

As biometric technology becomes even more mainstream as a solution for authentication, deep fakes can be used to bypass biometric security measures such as face or voice recognition to give criminals unfettered, unauthorised access to enterprise systems and data.

With video and voice messaging becoming commonplace, companies and employees should be more aware of how cybercriminals are using deepfake technology and AI to attack multiple industries. So, what can companies do to mitigate these risks?

Zero Trust: Organisations can fortify their defences against identity theft by adopting a zero-trust approach to security. This involves implementing zerotrust controls and fostering a zero-trust culture. Key elements include constant authentication that considers context, ongoing monitoring, and enforcing the principle of least privilege. All of this should be backed by robust and welltested security policies.

Educate Employees: Train employees to be critical consumers of online content and to identify the hallmarks of deepfakes, such as unnatural blinking or inconsistencies in lighting and voice patterns.

Implement Security Measures: Multifactor authentication and verification protocols can help prevent unauthorised access gained through deepfakes. Organisations could also implement privileged access security tools.

Invest in Detection Tools: Technology is constantly evolving to detect deepfakes. Staying updated on these tools and implementing them can be a valuable line of defence.

Crisis Communication Plan: A welldefined communication plan can help enterprises respond effectively and minimise damage if a deepfake attack occurs.

Encourage Transparency and Authenticity: Establishing trust with stakeholders and emphasizing transparency and ethical conduct can reduce the impact of deepfakes.

To conclude, deepfakes pose a multifaceted challenge for businesses. By increasing awareness, putting in place protective measures, and promoting digital literacy, companies can strengthen their defences against this evolving threat.