CYBER SENTINELS DAY TWO
BY INSIGHT PA R T N E R
YOUR PREVIEW TO THE GULF INFORMATION SECURITY EXPO & CONFERENCE AND THE FIRST EVER GULF ENTERPRISE MOBILITY EXHIBITION & CONFERENCE
SAMSUNG LAUNCHES ENTERPRISE READY GALAXY S6 EDGE At GEMEC 2015, Samsung has officially launched the Samsung Galaxy S6 Enterprise Offerings, which closes the gap between business and consumer technology. One of the smartest and sharpest personal smartphones available, it features enhanced manageability, a refined email experience and improved multi-tasking offering a new level of productivity to benefit both employers and end-users. “The Samsung Galaxy S6 represents the next step in mobility and is one of the most advanced and secure smartphones on the market. More than just a smartphone, the S6 is a business tool that increases productivity and puts what’s next in people’s hands now,” said Mr. Khaled Kamel, Head of Department, Enterprise Business, Samsung Gulf Electronics. He added, “With the Samsung Galaxy S6 Enterprise Offerings, Samsung has developed the most up-to-date mobile technology with several first of its kind breakthroughs.”
POURNAMI NAIR,
STRATEGIC ALLIANCE & QUALITY CONTROL MANAGER , SPECTRUM GROUP
COMPLETE SOLUTION PROVIDERS What is the Focus of Comguard in this edition of GISEC ? We are showcasing a wide array of security solutions with 5 of our premium vendors; Bluecat (Network & Device Management), Kaspersky &Sophos (endpoint and network security) , Nexthink(end-user IT analytics), and Ping Identity(single sign-on). What is your expectation from GISEC? We would like to showcase what Comguard does as a group. We have added a lot of new vendors this year as well as
last year. We have a lot of niche technologies within Comguard. We would like to evangelize the technologies and showcase what the five participating vendors bring to the table to both the partners as well as the industries. What is the key differentiator that makes Comguard stand as a class apart from the competitors? We like to believe that Comguard is a VAD in the truest sense. We started off our operations in the Middle East as Training and Professional Services company. It was the other way round for us and thus we understand the true essence
and value of distribution. Plus, we have a very robust and expert pre sales and technical support team that does make us stand a class apart. This year we are also focused to roll out a very robust CRM, as an extended arm for the vendors and partners and its key aim would be to maximize our efficiency of the back end processes as well. We are also initiating 24* 7 support lines. Do you offer bundled solutions as well? We like to call ourselves a complete solution provider, because at the end of the day we do evangelize from the perspective of the end user. However, commercially we do not interact with end users, but channel everything through our partners.
HIGHLIGHTS QUOTE OF THE DAY TRIXIE LOHMIRMAND SENIOR VICE PRESIDENT, DUBAI WORLD TRADE CENTRE.
“Keeping abreast with advanced cyberthreats, revolutionary initiatives and strategies must be in place to secure this digitalised era,”
TODAYS GUESTS
HANI NOFAL, 12.35 PM
FARID FAROUQ, 10.10 AM DAN LOHRMANN, 4.00 PM
VISIT US
STAND NUMBER SR-28
PIC OF THE DAY
Are you planning to foray into MSS too? We have started a consultancy and MSS division in 2015 with the name Recconix. Any exciting offers for GISEC 2015? We have a tweet and win campaign. TWEET & WIN - #CGisec15 One lucky couple will win a 3 night/4 day all paid trip to Maasai Mara, Kenya.
Lt. General Dahi Khalfan Tamim, Deputy Chairman of Police and General Security inaugurating GISEC 2015
LAUNCHES NEW SECURITY PRODCT Page 04
02
CYBER SENTINELS DAY TWO
BORDERLESS ENTERPRISES How significant is GISEC 2015 for Fluke? This year edition is really important for us as we would be showcasing and promoting our Borderless Enterprise solution. Its one of the latest enhancements to our portfolios wherein we seek to provide enterprises with utmost mobility and workspace freedom. Apart from the borderless enterprise, what other solutions are you planning to unveil ? Fluke is launching a new component to the Network and Application Performance space, which is the TruVIEW. Its unique VOIP module which passively monitors application transactions as they occur and reports response time for user, network and application tiers. Application transaction details are stored and can be leveraged for troubleshooting, baselining, error detection, performance and availability analysis, trend reporting, and many other functions.
WERNER HEEREN,
RSD HIGH GROWTH MARKETS - FLUKE NETWORKS - REGION MEAT
What roadmap would GISEC set for Fluke? We wish to use this platform to get to know our end-users and target audience and make them realize that emerging challenges in WLAN security, SaaS, mobility, unified communications and data centers. ë
performance and protection while simplifying the network.
ALAIN PENEL REGIONAL VICE PRESIDENT – MIDDLE EAST AT FORTINET
Advanced Protection for Evolving Networks Brief about your company Fortinet is a global leader in high-performance cyber security solutions. Fortinet is the only network security vendor to have its own threat intelligence, managed by its in-house global FortiGuard Threat Research team. This allows us to provide industry-leading response times to new and emerging IT threats. What are the competitive advantages of your products?
Strong focus on research & development, certified protection, FortiGuard Labs: in house security research and services and of course unique technology platform How many products do you have? From wired/wireless networks and messaging systems to web applications, databases and much more, Fortinet’s solutions portfolio helps secure the broad enterprise infor-
mation infrastructure. In parallel, Fortinet’s centralized management and reporting solutions allow customers to effectively manage and monitor any Fortinet deployment, from a few devices to thousands of appliances and endpoint security agents. With Fortinet solutions, customers benefit from simplified management, added control and get a global view of their security status in real time.The FortiGate Network Security Platform delivers the best levels of
How are you present in various countries in this region? Fortinet is a 100% channel driven company, and are well represented by our partners across the region. Exclusive Networks is our main distributor for the GCC, while Oxygen covers Saudi Arabia, and Online Distribution covers Pakistan. Briefly tell about your partner ecosystem and engagement strategy Our partners’ ecosystem is growing to match our revenue growth and reach. We refined our partner program this year as well to make sure it will reach our partners expectations. The ME Channel team grew as well relatively and we are focusing on an early engagement model with our partners and our distributors. We are providing all needed tools and support to make sure we have happy and satisfied partners that they can deliver the best in class support to our customers . Highlight the major deployments done in the past one year Among our many major deployments last year, one of the noteworthy ones was with the Holy Spirit University of Kaslik, Lebanon . ë
CYBER SENTINELS DAY TWO
Mitigating Risks with End-to-end security “ The Next-Gen firewall technologies from Fortinet addresses all the sophisticated technology vulnerabilities that the organizations are facing today in the wake of security crisis.“ said Nader Baghdadi, Regional Director Enterprise Sales, Fortinet. He went on to add that at Fortinet, they are trying to educate their partners and customers to follow a framework that in turn can help them in detecting data breaches and taking acute measures for the same. “We focus on the client device connections, how many end-users are bringing their own devices (the BYOD), then we move on to the other layers and perimeters by informing the client how we analyze the threat applications“. Next Generation Firewall technologies from Fortinet offer integrated, highperformance protection against today’s wide range of advanced threats targeting your applications, data, and users. In addition, Fortinet now offers Advanced Threat Protection (ATP) in Fortigate Next Generation Firewalls providing
NADER BAGHDADI, REGIONAL DIRECTOR ENTERPRISE SALES, FORTINET
enhanced security tools to combat and mitigate multi-vector persistent attacks. “The next gen firewall helps us to navigate and analyze the quantity of data is there to be protected and accordingly you can set the road and the right configuration“ added Nader.
When asked about the demand for Firewalls in the region and its awareness , Nader said, “The term and idea of firewall dates back to 2004 or 2005 and its basic idea was to have numerous layered security for various applications. Security today is a must and UAE has gradually became a melting pot for education and awareness on security compared to its other gulf and European counterparts . At Fortinet, we believe we are the best in class. Because we go all the way from client connected device to BYOD with a multitude of technologies that provide security to the enterprises. Fortinet is venturing out of the security zone and extending arms towards the other mobility technology and space as well So we are becoming an end-to-end security solution providers“ Fortinet has just launched New FortiGate 3000 series and an Enhanced FortiClient Endpoint Solutions at GISEC that delivers Advanced Protection from Cyber Threats, from the Inside Out.
RETHINKING THE RISK: BT LAUNCHES NEXT GENERATION CYBER SERVICE BT has launched BT Assure Cyber, an advanced security platform designed to offer complete and comprehensive monitoring, detection and protection against cyber threats targeted at private sector and government organisations. The new solution builds on BT’s extensive knowledge in the security field and combines a blend of carefully selected tools developed by BT and its world class security partners to create and deliver a unique new service to the security market. Mark Hughes, president of BT Security, said: “The traditional security perimeter has dissolved. Cloud computing and mobile devices have the potential to make organisations more agile, efficient and competitive. They also introduce a multiplicMARK HUGHES, PRESIDENT OF BT SECURITY ity of new security risks. These developments take place in an environment where organic growth, mergers and acquisitions, changes in suppliers and adoption of new technologies make it increasingly difficult to assess an organisation’s exposure to the global cyber threat landscape. That changing business environment can hinder the understanding of security posture, including technical and non-technical procedures and controls that protect an organisation from internal and external threats. As innovation in technology accelerates, so must innovation and investment in the security controls that protect sensitive corporate assets from cyber-attack. Helping organisations master that changing cyber threat landscape is at the core of the BT Assure Cyber proposition. It is all about rethinking the risk.”
FIDELIS CYBERSECURITY TO GO TO MARLIN EQUITY PARTNERS FROM GENERAL DYNAMICS Marlin Equity Partners (“Marlin”) has signed a definitive agreement to acquire Fidelis Cybersecurity Solutions from General Dynamics. Fidelis Cybersecurity Solutions offers a comprehensive portfolio of products, services, and expertise to help customers combat today’s sophisticated advanced threats and to prevent data and intellectual property theft. The transaction is expected to close in Q2 2015. At that time, Peter George, who is currently president of General Dynamics Fidelis Cybersecurity Solutions, will become CEO of the new independent company, Fidelis Cybersecurity.
Fidelis’ flagship product, Fidelis XPS, is an advanced threat defense platform which is recognized by many of the large organizations around the globe as highly effective in detecting and preventing not only initial malware infections, but also the subsequent spread of malware and the theft of information. Fidelis complements this solution with an elite incident response team which is on the frontline helping customers investigate breaches and stop zero days, and a threat research team conducting original research and incorporating real-time insights into Fidelis XPS. Peter Chung, a principal at Marlin, said, “Marlin is very excited to partner with Fidelis’ world class management team to expand and grow the company’s industryleading solutions. As global cybersecurity threats continue to become more prevalent, Fidelis’ technology is uniquely positioned to help customers defend themselves against advanced malware attacks and internal and external data theft.”
UAE
3
CONTINENT
7
COUNTRIES
700
TOP IT EXECUTIVES
SEP-OCT 2015 B ROU G HT BY
GLOBAL ENTERPRISE CONNECT ORGAN ISE D BY
www.gecopen.com
03
04
CYBER SENTINELS DAY TWO
IT RISK MANAGEMENT AS A MANAGED SERVICE Bulwark Distribution has partnered with RadarServices Middle East. RadarServices Middle East, headquartered in Dubai,is the Middle Eastern arm of RadarServices, Europe’s Number 1 for pro-active IT security monitoring and IT risk management as a managed service. Commenting on the tie up, Mr. Jose Thomas, CEO of Bulwark explained, “RadarServices provides key services in the field of IT risk management as a managed service. We see a strong demand for such services.” Mr. Aji Joseph, GM at RadarServices Middle East adds, “Our Risk Detection & Intelligence Service allows pro-active, continuous risk identification. No data leaves the client’s premises. There is no additional investment in personnel or
JOSE THOMAS, CEO OF BULWARK
in hard- or software necessary. Results are delivered in an easy to understand Risk Cockpit, through which near-time management of potential risk becomes possible. This is how we understand IT security monitoring - strongly oriented onclient needs.”
He further explained that the highest possible accuracy and quality of risk identification is achieved through a unique two-step process. “Automatic risk detection via correlation of events from vulnerability assessment, intrusion detection and SIEM is combined with risk assessment by our Risk Intelligence Team.” Amongst the features of the service are risk management as a managed service, automated risk detection, risk analysis and assessment by experts (risk intelligence), active guidance for risk remediation, a risk cockpit for IT managers as well as executives, security/ scalability, interoperability/automated updating.
Prevention Oriented Approach to Advanced End point Attacks Palo Alto Networks has further strengthened the cyber threat prevention capabilities of its Traps Advanced Endpoint Protection offering. According to Saeed Agha, General Manager Middle East Traps takes a unique prevention-oriented approach to addressing advanced attacks on endpoints by identifying and blocking the techniques used by attackers as they attempt to exploit vulnerability, or deliver malware directly to an endpoint. Unlike other endpoint security solutions, this approach enables Traps to stop even unknown malware and zero-day exploits from compromising an endpoint, and eliminates the need to rely solely on signatures and security patches for protection. The latest release of Traps, version 3.2, is now available to customers on the Palo Alto Networks Support Portal and includes new exploit prevention modules, enhanced Prevention of Unknown Malware Prevention and enhanced Scalability.
SECURITY INTELLIGENCE WITH LAYER 8 TECHNOLOGY Cyberoam intends to leverage the event to educate regional businesses and CXOs on its patented Layer 8 technology and shall showcase how IT and security teams in the region can benefit from Cyberoam’s network security innovations. With Cyber security challenges and targeted attacks emerging a ‘real’ threat, network administrators in the region are inclined to deploy security that helps prevent network-based advanced targeted attacks before they cause greater damage and paralyze business. Cyberoam shall discuss its patented Layer 8 technology and demonstrate actionable security intelligence capabilities for the attendees. “GISEC 2015 discusses enterprise
RAVINDER JANOTRA, REGIONAL MANAGER MIDDLE EAST,CYBEROAM
security as a catalytic force while shedding light on its evolution to combat cyber security risks and threats emerging from migration to 3rd platform technologies”, said Ravinder Janotra, Regional Manager Middle East,Cyberoam. “As more organi-
zations in the region embrace IT that is built on mobile devices, cloud, virtualization, big data and other disruptive tech forces, there’s a need to insulate businesses from potential risks that accompany these decisions. We are eager to contribute our part in driving greater security awareness at the event while showcasing our patented network security innovations.” With a strong local network of channel partners and dedicated sales teams across UAE ,OMAN,BAHR AIN,KUWAIT,QATAR ,JORDAN, LEBANON,IRAQ,SAUDI ARABIA and other countries in the region, the company has been driving a lot of security awareness for the region’s CXOs. Cyberoam is at Stand Number: SR22
CISCO LAUNCHES NEW SECURITY CAPABILITIES FOR PROTECTION ACROSS THE ATTACK CONTINUUM
RABIH DABBOUSSI, GENERAL MANAGER, CISCO UAE
Cisco has added AMP Threat Grid to the Cisco Advanced Malware Protection (AMP) portfolio, which integrates innovation acquired through last year’s acquisition of ThreatGRID. This integration provides the latest malware threat intelligence and dynamic malware analysis capabilities, both on-premise and in the cloud, that strengthens Cisco AMP’s continuous analysis and zero-day detection capabilities. In addition, Cisco is introducing Incident Response Services that equip UAE organizations with teams of information security experts that leverage threat intelligence and best practices for readiness and response from network to endpoint to cloud. New threat intelligence, dynamic malware analysis and retrospective security capabilities for Cisco AMP enhance protection across the attack continuum. Unique to Cisco AMP, the solution continuously records and analyzes file activity at and after initial inspection. Rabih Dabboussi, general manager, Cisco UAE said, “Every day, organizations are faced with advanced threats that infiltrate and persist in company environments for months before they are discovered. We believe that the most effective way to address these real-world challenges is continuous threat protection against these attacks. Further enhancements like advanced correlation of indicators of compromise, vulnerability mapping and expanded retrospective security further differentiate Cisco AMP and strengthen security teams’ responses before, during and after an attack. Attacks are occurring at an alarming rate. Unfortunately, many enterprises do not have cybersecurity professionals with the necessary expertise and skills to prepare for and mitigate these attacks. The Cisco Incident Response Services team works with businesses to address these challenges, taking an intelligence-driven approach to security, so that security blind spots can be reduced and network visibility improved. Armed with this insight, Cisco can significantly minimize the impact of a breach via proven readiness and response services.”
CYBER SENTINELS DAY TWO
Citrix To Help Drive Cloud Interoperability Standards Citrix has become a Corporate Sponsor of the OpenStack Foundation. NetScaler and XenServer solutions from Citrix are used as core infrastructure for some of the largest cloud infrastructure providers in the world, and now the power of these products will reach customers choosing to build their clouds on OpenStack. Commenting on this, Klaus Oestermann, Senior VP and GM, Delivery Networks, Citrix said, “We’re pleased to formally sponsor the OpenStack Foundation to help drive cloud interoperability standards. Citrix products like NetScaler, through the recently announced NetScaler Control Center, and XenServer, are already integrated with OpenStack. Our move to support the OpenStack community reflects the great customer and partner demand for Citrix to bring the value of our cloud and networking infrastructure products to customers running OpenStack.” Lew Tucker, Vice President and CTO, Cisco and Board Member, OpenStack welcomed Citrix to the OpenStack Foundation as a Corporate Sponsor, and applauded their commitment to open industry standards. “Citrix’s membership is a testament to the growth and maturity of the OpenStack community. We plan to build upon our existing relationship with Citrix to support customers looking to deploy Mirantis OpenStack with NetScaler and XenServer”, commented Boris Renski,CMO, Mirantis. Jonathan Bryce, Executive Director, OpenStack Foundation said, “Diversity and choice are two powerful drivers behind both the success of OpenStack and the growing list of companies who have chosen OpenStack as their infrastructure platform. We’re glad to see Citrix become a Corporate Sponsor, and we look forward to the contributions they can bring to the community as it continues driving cloud infrastructure innovation and software maturity.”
05
Clash of the Cyber Espionages
COSTIN RAIU, DIRECTOR OF GLOBAL RESEARCH AND ANALYST TEAM AT KASPERSKY LAB
Kaspersky Lab has recorded a rare and unusual example of one cybercriminal attacking another. In 2014, Hellsing, was subjected to a spear-phishing attack by another threat actor and decided to strike back. The discovery was made by Kaspersky Lab experts during research into the activity of Naikon. The experts noticed that one of Naikon’s targets had spotted the attempt to infect its systems with a malicious e-mail attachment. “The targeting of the Naikon group by Hellsing, in some sort of a vengeful vampire-hunting-“Empire Strikes Back” style, is fascinating. However, considering
the targeting and origin of the attack, it seems more likely that this is an example of a deliberate APT-on-APT attack,” said Costin Raiu, Director of Global Research and Analyst Team at Kaspersky Lab. Kaspersky Lab gives out three major warning to escape cyberattacks. Stay away from suspicious attachments, beware of password protected archives; update all third party apps regularly. Comguard is the authorised distributor for Kaspersky in the ME.
‘Rise of Intelligence, Demise of Analytics’ - Paladion “Business sensitivity is paramount in building an effective security framework. Our showcase at GISEC this year will focus on this aspect and reveal how security data science can provide deeper insights and enable smarter decisions for enterprises” said Firosh Ummer, Managing Director of EMEA, who believes that traditional techniques of analysis are grossly insufficient in the face of more sophisticated attacks and security related incidents. His presentation titled ‘Rise of Intelligence, Demise of Analytics emphasizes on how organizations fail to detect security incidents due to the sheer volume of security events, false-positives, short response times and difficulty in prioritizing alerts from various security technologies. In this session (April 28th at 13.10pm) we will discuss new techniques emerging in the area of security intelligence to help you develop a holistic security framework,” stated Ummer.
SECUTABLET - THE SECURE TABLET FOR PUBLIC SECTOR AND ENTERPRISES
DR. HANS-CHRISTOPH QUELLE, CEO OF SECUSMART GMBH
The SecuTABLET is a new, secure tablet that supplements the SecuSUITE for BlackBerry 10 portfolio and can be seamlessly integrated into existing SecuSUITE infrastructures.
“Security is ingrained in every part of BlackBerry’s portfolio, which includes voice and data encryption solutions,” said Dr. Hans-Christoph Quelle, CEO of Secusmart GmbH, a BlackBerry com-
pany. “National and international government customers have entrusted their voice and data communications with the Secusmart Security Card for years. This same technology is what secures the new SecuTABLET. Working alongside IBM and Samsung, we have added the last link in the chain of the Federal Security Network. Subject to certification of the SecuTABLET, German government agencies will have a new way to access BlackBerry’s most secure and complete communications network in the world.” “The SecuTABLET closes a supply gap and opens up for government and administrations an opportunity to derive greater benefit from digitization and the mobile Internet, with system integration as a fundamental success factor,” said Stefan Hefter, Senior Management Consultant with IBM.
06
CYBER SENTINELS DAY TWO
Today’s Conference Agenda DAY TWO, MONDAY 27 APRIL 2015 10.00
Chairman’s welcome address
CYBER SECURITY MEGATRENDS CISOs CAN’T IGNORE 10.10 - 10.20
WELCOME ADDRESS
Farid Farouq, Vice President IT, Dubai World Trade Centre 10.20 - 10.40
TRAILBLAZER CISO 2020: Are you ready to be the guardian of your state? Dan Lohrmann, ex CSO, State of Michigan, US, Chief Strategist & CSO -Security Mentor
10.50 - 11.20
TRAILBLAZER No place to hide: Unmasking the risks and threats lurking in our cyber streets Steve Williamson, Director IT Risk Management, GlaxoSmithhKline, UK
11.20 - 11.50
MORNING COFFEE
NEXT GEN THREATS AND VULNERABILITIES 11.50 - 12.35
KEYNOTE ADDRESS The threat landscape and future of hacking Les Anderson, Vice Presidnet of Cyber BT, UAE
12.35 - 13.20
KEYNOTE ADDRESS Privacy Dilemma Hani Nofal, Executive Director INS, GBM, UAE
13.20 - 14.30
Networking Lunch
ART AND SCIENCE OF ENTERPRISE SECURITY 14.30 - 15.00
IDEA SWAP Before the Breach – actions to protect your data from attacks! Manal Masoud, Principal Consultant, Paramount Computer System, UAE Amit Bhatia, Head of Information Security Governance, Oman Insurance Company Jonas Zelba, Senior Research Analyst, Information and Communication Technologies Practice, MENA, Frost & Sullivan Hadi Jaafarawi, Managing Director Middle East, Qualys Inc, UAE Nader Baghdadi, Regional Enterprise Director South Gulf & Pakistan, Fortinet
15.00 - 15.30
IDEA SWAP Protection from within - learnings from the Snowden affair Ahmed Baig, Senior Director – Corporate Strategy, Risk & Excellence, Smartworld - A Dubai Government Entity, UAE Nick Pollard, Senior Director Professional Services, EMEA & APAC, Guidnace Software Inc, UAE
15.30 - 16.00
AFTERNOON TEA
16.00 - 17.00
TRAINING SESSION Hands-on-Session: How do you build a vigilint security culture in your organisation? Dan Lohrmann, ex CSO State of Michigan, US
17.00
CLOSING REMARKS from the chair and close of conference day
17.30
I.T. Security AWARDS Ceremony