EC-MEA September 2020 by GEC Media Group

INSIDE

TENABLE AND THE CISO l

HYPER SCALARS AND VEEAM

PA G E S 5 4 VOLUME O8 | ISSUE 02 SEPTEMBER 2020 WWW.EC-MEA.COM

ENABLING PLATFORMS IN HYBRID WORKPLACE

Platforms built using 5G networks can provide the efficiency for hybrid workplaces to move forward.

AD-ECMEA-102020

Is 5G the unifier for hybrid workplaces

ARUN SHANKAR EDITOR A R U N @ G E C M E D I A G R O U P. C O M

The demands of remote work are driving innovation in connectivity and collaboration. Imagine if connectivity was ubiquitous and intuitively scalable. Imagine the levels of collaboration workflow and use cases that could flow effortlessly. How business and society could move to a new level of engagement and exchange. After all that is how modern society is switching gears to a digital society. Says Cienna’s Azz-Eddine Mansouri, the spike in usage of collaboration tools are putting an unforeseen strain on networking technologies further driving the adoption of IoT. Putting the right infrastructure in place is also a critical part of the next level of innovation in networking and connectivity. Network builders must create infrastructure which is cost-effective, while scaling for growth, to take advantage of future capabilities of 5G, says Charbel Zreiby at Dell Technologies. It all starts by identifying business priorities that technologies can help achieve. How ready is the existing infrastructure, whether on and off-premises, to take on new applications? Modern networking solutions are also pairing up with advanced analytics for several use cases, prominently for cybersecurity. Adds Dr Abrar Ullah at Heriot-Watt University, 5G can bridge the present gap between remote teams in the new-normal. 5G will create a perfect framework to allow devices to function at fullest potential enabling real-time connections, while helping machines to respond faster. Another weak link in the chain that has been exposed in the new-normal, is increased exposure to cyber security threats. Enterprise networks are widening, with hybrid clouds, 5G and IoT devices, and this creates the need for a radical new approach to cybersecurity, says Haider Pasha at Palo Alto Networks. Carriers and service providers also need to rethink access and interconnectivity in the new-normal. 5G scaling is now dependent on interconnection between data exchange points. The promise of 5G cannot be met without more data exchange points at the edge to support proliferation of data and distance limitations inherent in 5G, points out Jeroen Schlosser at Equinix. Another emerging opportunity that can drive innovation and accelerate disruptive use cases is whether enterprises should build their own private 5G network or use a service provider’s. According to Mohamed Tantawi at Juniper Networks, this depends on whether private spectrum is available as well as availability of 5G skills from an industrial 5G systems integrator. A 10-fold increase in workload capacity, highly reduced latency, more predictable network performance, will accelerate adoption of compute infrastructure in the cloud. Mohammad Al-Jallad at HPE, points out that 5G is facilitating adoption of cloud-based infrastructure. IT leaders will double consumption of as-a-service within next two years in order to accelerate shift towards agile and cost-effective infrastructure. For more on this subject and deep dive our thought leadership, turn the pages ahead. Happy reading! ë PRINTED BY SALES AND ADVERTISING Ronak Samantaray ronak@gecmediagroup.com Ph: + 971 555 120 490

MANAGING DIRECTOR Tushar Sahoo tushar@gecmediagroup.com EDITOR Arun Shankar arun@gecmediagroup.com

DESIGNER: AJAY ARYA ASSISTANT DESIGNER: RAHUL ARYA

DUBAI, UAE

PUBLISHED BY ACCENT INFOMEDIA MEA FZ-LLC PO BOX : 500653, DUBAI, UAE 223, BUILDING 9, DUBAI MEDIA CITY, DUBAI, UAE PHONE : +971 (0) 4368 8523 31 FOXTAIL LAN, MONMOUTH JUNCTION, NJ - 08852 UNITED STATES OF AMERICA PHONE NO: + 1 732 794 5918

GLOBAL HEAD, CONTENT AND STRATEGIC ALLIANCES Anushree Dixit anushree@gecmediagroup.com SUBSCRIPTIONS

EVENTS EXECUTIVE Shriya Nair shriya@gecmdiagroup.com

MASAFI COMPOUND, SATWA, P.O.BOX: 5613,

PRODUCTION, CIRCULATION, SUBSCRIPTIONS info@gecmediagroup.com

CEO Ronak Samantaray ronak@gecmediagroup.com

GROUP SALES HEAD Richa S richa@gecmediagroup.com

AL GHURAIR PRINTING & PUBLISHING LLC.

INFO@GECMEDIAGROUP.COM SOCIAL MARKETING & DIGITAL COMMUNICATION YASOBANT MISHRA yasobant@gecmediagroup.com

A PUBLICATION LICENSED BY INTERNATIONAL MEDIA PRODUCTION ZONE, DUBAI, UAE @COPYRIGHT 2013 ACCENT INFOMEDIA. ALL RIGHTS RESERVED. WHILE THE PUBLISHERS HAVE MADE EVERY EFFORT TO ENSURE THE ACCURACY OF ALL INFORMATION IN THIS MAGAZINE, THEY WILL NOT BE HELD RESPONSIBLE FOR ANY ERRORS THEREIN.

S E PTE M B E R 2020

MEA

CONTENTS SEPTEMBER 2020 | VOLUME 08 | ISSUE 02

EDITOR’S PAGE.

IS THE MISSING UNIFIER 25-39 FOR HYBRID WORKPLACES

06-09 VIEWPOINT.

COVER STORY

11-12

As IT teams work to rebuild the organization across extended digital boundaries, private and service provider 5G networks may be the missing enabler. Top executives deliberate in the pages ahead.

EVENTS NEWS

13-17 CHANNEL NEWS

18-20 SECURITY NEWS

30-31 CHANNEL STREET HOW TO SECURE MISSION CRITICAL HYBRID ERP APPLICATIONS

l Up ahead increasing reliance on broadband and 5G l Is your networking infrastructure ready for new-normal l 5G can bridge gap between remote teams in new-normal l Security and 5G equally important in new-normal workplace

33-36

l 5G scaling dependent on data exchange interconnection l Build your own private 5G or use service provider’s?

INNOVATION n

BUSINESS VALUE OF AN AS : SET AND ITS RISK PROFILE

VEEAM MOVES AGGRES

SIVELY INTO NEW-NORMAL WITH ACT II

40-41 PRODUCT NEWS

l 5G facilitating adoption of cloud-based infrastructure

32 REAL LIFE

44-51 GUEST COLUMN

S E PTE M B E R 2020

PEOPLE NEWS

MEA

VIEWPOINT

POST-INCIDENT REVIEW AND THE BIG DATA PROBLEM Post-incident review is a big data problem that requires a big data solution, explains Cybereason’s Allie Mellen.

ALLIE MELLEN,

Security Strategist, Cybereason.

Managing risk is not the same as solving the problem of cybersecurity once and for all.

MEA

cross the board, security teams of every industry, organisation size, and maturity level share at least one goal of the need to manage risk. Managing risk is not the same as solving the problem of cybersecurity once and for all, because there is simply no way to solve the problem once and for all. Attackers are constantly adapting, developing new and advanced attacks, and discovering new vulnerabilities. An incident response team is accountable for having a plan to handle an incident and implementing it. They’re prepared to mitigate damage, identify the root cause of an incident, and communicate with the proper channels. But they are also responsible for another crucial part of incident response: the postincident review, which is a detailed retrospective that allows an enterprise to carefully understand each part of an incident, from start to finish. It is one step in the incident response process that requires a cross-functional effort from all individuals and technologies connected to the incident to truly understand the root cause and full scope of the attack. It answers critical questions like what happened before, during, and after the attack. A good post-incident review results in a list of practical actions that address each of the issues that allowed the threat actor to succeed. These actions should minimise the impact of an attack and teach the security team, the security tools, and the wider enterprise how to prevent, detect, and respond to a similar attack in the future. However, this leaves post-incident review with a major problem. It takes organisations an average of 191 days to identify a data breach. For a post-incident review that does its due diligence, this means potentially going all the way back in time through at least 191 days’ worth of data to find the root cause of the attack. Consider all of the

S E PTE M B E R 2020

Post-incident review is a detailed retrospective that allows an enterprise to carefully understand each part of an incident.

data in your environment that has come and gone over the course of 191 days. How many investigations have your analysts performed in that time? Post-incident review is a big data problem that requires a big data solution. Incident response teams need to be able to easily query months’ worth of data, but until now the industry just hadn’t reached the point where that was an option. Network forensics is limited to two to three weeks of raw data, while log management solutions are difficult to access and correlate across large data sets. As an industry, we need to be incorporating the principles of big data into our security solutions. Legacy solutions do not address dwell time or the need to see every phase of the attack properly correlated, which means security analysts miss out on important data. The bottom line: if you’re a security company, you need to be using data science principles in your development. If you are in a SOC, you need to be thinking not only about incident response, but also about how your tools handle massive amounts of incoming data and make it easily consumable. ë

VIEWPOINT

PROTECTING MOBILE WORKFORCE WITH HYBRID DNS SECURITY Despite most internet communications relying on DNS, it is inherently vulnerable and not sufficiently secured, says Infoblox’ Ashraf Sheet.

he future of the workplace is undoubtedly a remote workforce, accessing the corporate network via mobile devices and the cloud. This is likely to cause a few sleepless nights for the teams traditionally responsible for managing network security on-premise. With remote working, data breaches will become commonplace. Networks will be infiltrated with malware due to an increase in roaming or off-network access.

VULNERABLE AND UNSECURE

ASHRAF SHEET,

Regional Director, MEA, Infoblox.

By taking a hybrid approach of onpremise DNS security together with a cloud-delivered solution, orgs can best protect those working remotely.

At the root of many of these breaches, and the damage and stress that accompanies them, lies the DNS, or domain name system. Often referred to as the address book of the internet, DNS sits at the heart of every organisation’s IT network, translating domain names into machine-readable IP addresses. Despite most internet communications relying on DNS, however, it is inherently vulnerable and not sufficiently secured, resulting in weaknesses that can be exploited for criminal ends. Due to its position at the core of the network, DNS is often the first part of an organisation’s infrastructure to see the majority of malicious activity and should, therefore, be considered an organisation’s first line of defence.

THE MOBILE OPTIONS Meeting the demand for greater speed and mobility means that internet traffic from mobile workers tends not to be backhauled to an organisation’s network via corporate points of presence such as servers or routers. As a result, DNS traffic to and from an organisation’s mobile users will not generally be visible to corporate security monitoring. The growing shift towards a more mobile workforce makes it important, therefore, for organisations to adopt a hybrid approach to DNS security that will protect both on-premise and mobile users; a combination of on-

At the root of many breaches, and the damage and stress that accompanies them, lies the DNS. premise DNS security as mentioned above, and one of the following approaches to maintaining DNS security in a mobile environment. Agent software, for example, can be installed on a mobile device and reroute DNS traffic to a cloud-based DNS security solution that can monitor client-side behaviour to detect malicious or suspicious DNS activity. And in cases where it isn’t possible to install an agent, configuration settings on a mobile device can be set to proxy mobile device traffic through services often referred to as cloud access security brokers, or CASB.

DNS AS AN ASSET If not given proper consideration within an organisation’s security plans, DNS can provide an easy point of entry for malicious actors intent on disrupting networks, and accessing and exfiltrating sensitive information. And the problem is growing. As sophisticated cybercriminals continue to develop new techniques and tactics to exploit vulnerabilities in DNS services, the increasing demand to support a growing mobile workforce opens up additional attack vectors. DNS services and data can be used as an asset in the security chain, however. By taking a hybrid approach of on-premise DNS security together with a cloud-delivered solution, organisations are able to protect not just the users within their corporate network, but also those based in branch offices, and those who increasingly opt to work remotely. ë

S E PTE M B E R 2020

MEA

VIEWPOINT

QUANTUM COMPUTING WILL DRAMATICALLY IMPACT EVERYTHING The possibilities for quantum computing are endless, from improving how we cure diseases to developing further technologies, says Todd Moore of Thales.

TODD MOORE,

Vice President of Encryption Products for Cloud Protection and Licensing Activity, Thales.

Complex, unsolvable mathematical problems could be solved in less time than it takes to read this article.

MEA

he world is on the verge of a dramatic change. Forget the Industrial Revolution, the significant increase of computational power that quantum computing is set to dramatically impact everything. What may appear to be a complex, unsolvable mathematical problem today, in the age of quantum, could be solved in less time than it takes to read this article. Although quantum computing does exist today, it still has a long way to go before it becomes a reality; these devices tend to be slow and limited in what they can do. However, once we hit that tipping point, the possibilities for quantum computing are endless, from improving how we cure diseases to developing further technologies. As an industry, technology professionals are still getting to grips with the true scale of what quantum will bring, but what is certain is the processing power will be like nothing we’ve ever seen. The Thales Data Threat Report recently found that 72% of businesses feel that their organisation will be impacted by quantum computing in the next 5 years. So it is important that we start levelling up our pre-existing protections to prepare for what’s to come. Whilst encrypted data might be secure in terms of today’s technology, quantum will decrypt data at a much faster rate, essentially breaking the security methods we use today to protect sensitive information. Businesses should look to consider implementing a crypto-agility approach to mitigate the impact of quantum. This is about enabling businesses to deploy algorithms that can be flexible, to respond to quantum-level threats in real time should there be a failure of the original encryption. It’s about deploying systems that can move between different encryption algorithms to protect against quantum computing threats. We need to look beyond static encryption to ensure that we’re able to encrypt sensitive data with the latest and emerging algorithms and update these algorithms in real-time to protect against the

S E PTE M B E R 2020

Quantum computing still has a long way to go before it becomes a reality; these devices tend to be slow and limited in what they can do. quantum computing threat. Moving forward, the security industry needs to be continually keeping up with the evolving threats that are out there. Therefore, the next frontier for our security systems must and will be building in quantum readiness, ensuring that when quantum is more realised, our existing and future data remains secure. Achieving quantum readiness doesn’t necessarily mean businesses need to redesign their entire cybersecurity system. What will need to be done, however, is anything that relies on cryptography will need to be updated, meaning there is a lot of work ahead. The good news is there is a lot of collaboration happening in the industry as it works towards developing the certifications needed to roll out the necessary protections for all businesses. While the solution is still far away, the industry is facing a race against time. Businesses need to be aware of this and start doing their own research into the developments that fit their company and who they should consider partnering with. One thing is for sure, quantum is coming, and in some ways, the threat it brings is already here. ë

VIEWPOINT

FINANCIAL SERVICES BRANDS CAN FOSTER COMMUNITY SPIRIT Banks should look at ways of contributing to the development of Kubernetes and the upstream model, argues Red Hat’s Tim Hooley.

TIM HOOLEY,

EMEA FSI Chief Technologist, Red Hat

93%

of financial services industry IT leaders stated that enterprise open source was important.

anks and other financial services companies aim to become technology businesses but are under pressure to reduce costs and deliver on large transformation projects. Furthermore, supporting remote working on an unprecedented scale has placed greater emphasis on cloud and security. It has been reported that 93% of financial services industry IT leaders stated that enterprise open source was important to their respective organisations. This is enabling banks to implement hybrid cloud strategies and develop cloud-native applications. Besides using enterprise open source from a trusted vendor, gains are possible by working with open source communities, also known as the upstream. From here, the software can be downloaded for free, or consumed via a trusted open source vendor that hardens the software, secures and stabilises it, and adds lifecycle management and service level support. Open source community collaboration allows banks to contribute directly to the development of new code. It’s a way of expanding a team many times over; supporting open source projects, contributing developer time, and gaining the output of hundreds or thousands more, creating a magnification effect! Open source allows an enterprise to play a leading product development role by nurturing a solution that addresses specific business requirements. Many organisations can work together to acquire required capabilities and the code will likely become freely available, providing an opportunity for other developers to access it. Banks should look at ways of contributing to the development of Kubernetes and the upstream model gives them the ability to do this. They can marry their own resources with the community’s to shape Kubernetes-based products and solutions to target their own individual business requirements. It’s a model that promotes continuous development, benefitting banks and the wider community.

Open source community collaboration allows banks to contribute directly to the development of new code. Banks are not averse to the upstream, with examples including a major financial services organisation that joined a community to drive the development of a critical piece of middleware. The bank’s developers worked with the open source community to create new software and features for the business process management platform. Subsequently, the bank is now an active member of the open source community, demonstrating that leveraging global communities is a smart and costeffective way to drive software development and transform digitally. Most financial services developers are tucked away behind the company firewall. Like banking itself, software development can be a stringent and highly regulated process. It’s time to change this. In today’s fast-paced digital economy, the policy of keeping your developers in a closed environment is no longer tenable. There are different ways an organisation can contribute to upstream communities and gain access to a global network of developers, the most common model being to contribute code. By doing so, banks and financial services organisations can discover, or help to build, software that can be adapted for a specific business need. Enterprise organisations that participate in existing open source projects can stay ahead of the curve, reduce costs, and speed up time to market. ë

S E PTE M B E R 2020

MEA

www.fitsmea.com

Live WebSummit

UNVEILING THE FUTURE AT #FITSMEA20

2020

#SMARTEverything Regionâ&#x20AC;&#x2122;s Tech Future is here.

Sep 16-17, 2020

BROUGHT BY

OFFICIAL MEDIA PARTNERS

EVENTS NEWS

GCF announces FITS 2020 for ICT decision makers As organisations worldwide gear up to thrive and succeed in the New Normal, businesses are finding it extremely challenging yet exciting to make way for new technologies to come in and disrupt the organisation’s working culture, from bottom to top. The region’s most awaited and largest gathering of IT leaders and decision makers, The Future IT Summit 2020 is coming to you as bigger, broader, and better in the form of a live websummit from September 16-17, 2020. The event is a virtual extravaganza of networking, branding, lead generation, virtual meetings, solution showcase, keynotes and much more. Currently in its sixth year, FITS has been one of the most successful and touted

GCF, Veritas and Datacentrix host websummit on enterprise data

events in the region by key industry players and end users alike. The event positions itself as a knowledge-based platform for the senior business and technology decision makers in the region to bring their best practices to the table, through various platforms. Brought to you by Global CIO Forum, FITS is embellished with various segments such as The Catalyst Awards, Titans Badge of Honour, The Top Happy IT Companies to work for Awards, TechX Woman Panel and much more. The Live WebSummit in 2020 is all set to take the event a notch higher with extremely engaging topics such as; l AI and contactless business l A CIOs journey in innovation, disruption and transformation in the pandemic l Business automation and intelligent workforce l The pivotal role of HR in remote workforce and the new normal l And much more… FITS 2020 is all set to welcome over 5000 decision makers, including but not limited to CIOs, IT managers, IT heads, VP and directors of IT, CEOs, CTOs, CDO and CHRO from Middle East, Africa, SEA, Europe and US markets. Spanning over two days, the event is expected to set some never-seen-before milestone in the industry whilst showcasing the mettle of the torchbearers of the #NewNormal.

On August 12, Global CIO Forum in association with Veritas and Datacentrix, successfully hosted the Enterprise Data Services Platform in Telecommunications WebSummit. The websummit emphasised how organisations can see the complete picture with global data visibility. The sessions also explored the pivotal role played by immersive navigation services, how dark data costs your business more and how hyper-focused solutions can be an answer to all your organisation’s data challenges. The Enterprise Data Services Platform in Telecommunications WebSummit was specially designed for the telecommunications sector, and demonstrated how software-defined infrastructure provides any application with mission-critical levels of availability and performance, while making data and workload mobility more agile and streamlined.

WEBSUMMIT TOPICS

How to ensure predictable availability, application resiliency and storage efficiency across multi-cloud, virtual and physical environments. l Protect your enterprise from the unforeseen. l Ensure your data is always secure, compliant and available. l Gain visibility into your data, storage and backup infrastructure. l

THE SPEAKERS

The keynote speakers for the Enterprise Data Services Platform in Telecommunications WebSummit were Tosin Odukoya, District Manager, English Africa and Indian Ocean Island at Veritas; Bassam Jbara, Technical Director, Africa, Levant and East Europe at Veritas; and John Dewar, Data Management Business Unit Manager at Datacentrix.

S E PTE M B E R 2020

MEA

EVENTS NEWS

On August 19, Global CIO Forum in association with Veritas and Datacentrix, successfully hosted the Prepare, Migrate, Protect, Optimise WebSummit. The websummit explored how organisations can defy their data protection limits and have a holistic view of their data along with comprehensive protection. Recent circumstances have made it evident that cloud will be critical for business and has emphasized its role more than ever. Organisations are on the lookout to expand their cloud capabilities and there is a dire need to gain deeper insights into organisationsâ&#x20AC;&#x2122; data and expand business potential.

WEBSUMMIT TOPICS l l l l l

Crafting a hybrid cloud strategy Building resiliency Addressing challenges in digital dependency Protecting workload whilst simplifying recovery Best practices for taking on ransomware

THE SPEAKERS

GCF, Veritas and Datacentrix host websummit on data protection and migration

The keynote speakers for the Prepare, Migrate, Protect, Optimise WebSummit were Nitish Rucktooa, Central Africa and Indian Ocean Islands Country Manager at Veritas; Bassam Jbara, Technical Director, Africa, Levant and East Europe at Veritas; and John Dewar, Data Management Business Unit Manager at Datacentrix. The presentations were followed by a Q&A session.

On September 1, Global CIO Forum in association with Riverbed and StarLink, successfully hosted the Qatar edition of the Network Transformation and Cloud Readiness WebSummit. The websummit discussed the upcoming wave in network transformation in Qatar. With government measures to control the spread of the Covid19 pandemic still in effect in Qatar, organisations have had to prioritise IT investments that enable their employees to work from home. The transition of employees to remote working arrangements has also meant that organisations must now ensure seamless and secure access to applications and data across the Internet and home networks.

WEBSUMMIT TOPICS

How organisations can maximise network efficiency and expand network capacity with market-leading WAN optimisation technology l How a unified performance monitoring solution provides deep and broad visibility and analytics l How organisations can ensure the fastest, most reliable delivery of SaaS, cloud and on-premises applications l How organisations can modernise their network with a software-defined architecture that delivers cloud-ready agility and cost savings l

THE SPEAKERS

GCF, Riverbed and StarLink host summit on advanced networking 12

MEA

S E PTE M B E R 2020

The keynote speakers for the Qatar edition of the Network Transformation and Cloud Readiness WebSummit were Salman Ali, Regional Technical Channel Manager, Middle East at Riverbed and Shahzad Hussain, Senior Presales Consultant at StarLink. The presentations were followed by a Q&A session.

CHANNEL NEWS

Mindware to distribute Keysight’s network security solutions

(left to right) Nicholas Argyrides, General Manager, Gulf, Mindware and Alaa Hadi, Senior Regional Sales Director, META, Network Solutions Sales, Keysight Technologies.

Mindware has announced that it has signed a distribution agreement with Keysight Technologies to offer Keysight’s Network Applications and Security group’s entire portfolio of network testing, visibility and security solutions through its expansive

network of channel partners to enterprises across the GCC, Levant, North Africa, and Pakistan. Keysight’s network testing, visibility and security solutions protect enterprises against security threats through actionable insight into the performance, stability and

security of their applications and networks. Keysight’s solutions validate network functions, test the integrity of security infrastructure, and deliver an end-to-end view of the enterprise network. This helps strengthen applications across physical and virtual networks for enterprises and governments, service providers and network equipment manufacturers. Building on Keysight’s Network Applications and Security group’s strength with customers in the telecommunications, government and finance sectors, Mindware will look to extend the same success to other verticals. The company will distribute Keysight’s comprehensive solutions while also providing value-added services for support, implementation, training and business development. Mindware intends driving business for Keysight by upskilling channel partners through training and enablement sessions focused on the vendor’s technology. The regional distribution powerhouse will play a key role assisting its partners with potential business leads and helping them conduct proof-of-concepts.

Al-Futtaim Technologies bags Cisco Gold Partnership Certificate Al-Futtaim Technologies has announced that it has been awarded Cisco’s Gold Partnership Certification making it one of only six companies in the UAE that has received this prestigious recognition. As part of the certification process, the Al-Futtaim company had to meet the rigorous standards set forth by Cisco in networking competency, service, support and customer satisfaction. The process also included a third-party audit that validates a partner’s technology skills, business practices, customer satisfaction, presales and post-sales support capabilities and other critical factors that customers consider when choosing a trusted partner. Through the Cisco Gold Partnership Certification, Al-Futtaim Technologies will have access to comprehensive sales, technical, and lifecycle services training and support available from Cisco. To receive the Cisco Gold Partner Certification, Al-Futtaim Technologies had to meet stringent requirements including successfully completing exams and certifications, investments in building demo labs among other technical requirements from Cisco.

MURALI S, MANAGING DIRECTOR, AL-FUTTAIM ENGINEERING AND TECHNOLOGIES

S E PTE M B E R 2020

MEA

CHANNEL NEWS

Veeam announces enhancements to partner programme Veeam Software has announced new enhancements to its ProPartner Programme for Value-Added Resellers, VARs, across EMEA. By driving increased engagement from active partners across the region, the new competencies will reward and better support partners in serving customers’ evolving needs, help them become specialists in their markets, and demonstrate competitive advantage. As EMEA businesses continue to move towards digital transformation, partners are broadening their portfolios and becoming strategic digital advisors to their customers. Furthermore, as businesses look to maximise Return on Investment, subscription-based IT models are overtaking CapEx technology investments and partners are adapting their business models to sell subscriptions or resell services that are powered by Cloud Service Providers. To support its partners through this transition, Veeam has enhanced its ProPartner Programme to ensure Platinum, Gold, Silver and registered partners are all appropriately supported and rewarded, creating a truly partner-friendly programme. Through a points-based system, Veeam will reward partners for successfully progressing through the programme’s new competencies.

Injazat’s Cyber Fusion Centre integrates behaviour analytics Injazat has announced the launch of its new Cyber Fusion Centre, expanding its cyber defence capabilities and portfolio of services. As one of the first-of-its-kind in the region, Injazat’s Cyber Fusion Centre is providing Mubadala and its group of companies protection against data breaches and cyberattacks. Designed to approach security in a holistic manner, Injazat’s Cyber Fusion Centre evolves beyond the conventional monitor and respond model of most security operations centres. By embodying elements such as threat detection and response, in addition to intelligence sharing and analysis, the centre empowers businesses to gain a holistic overview of cybersecurity processes, in order to operate with greater awareness and efficiency.

Spectrami, Artemis Pro offer full stack of security assessment

DANIEL FRIED, GM AND SVP, EMEA AND WORLDWIDE CHANNELS, VEEAM.

ANAND CHOUDHA, CEO SPECTRAMI.

MEA

Integrating behaviour analytics and machine learning, the Cyber Fusion Centre provides a proactive and unified approach to neutralise potential threats. The platform also leverages an artificial intelligencebased recommendation engine, which suggests remediation actions based on previous behaviour patterns to reduce response times. Committed to improving cyber defence infrastructure, Injazat has also added additional highly skilled security analysts and engineers to its existing talent pool, to further boost operations within the Cyber Fusion Centre. The first phase of the project saw a number of leading companies onboarded onto the Cyber Fusion Centre with an additional group of eight companies scheduled to begin receiving services within 2020. Injazat is leveraging its successful track record of supporting business critical services. The company is applying the knowledge and expertise it has built up to develop and deploy next-generation cyber capabilities and solutions. Once the second phase by the Centre is completed, Injazat will then expand its services to the wider UAE market within the third quarter of 2020.

S E PTE M B E R 2020

Spectrami has added Artemis Pro portfolio to provide a full stack of security assessment and pentest offering to customers and partners across Middle East and Africa. Artemis Pro offers an efficient and secure mechanism for security teams to initiate assessments, track and eventually remediate vulnerabilities on a single platform. Traditional pentests are performed mostly manual and sometimes automated. However, the findings are stored in documents, files and presentations. This approach is flawed as information is fragmented and customers find it challenging to interpret whether their security posture has improved against an evolving threat landscape. Artemis Pro is a collaborative tool and pentest lifecycle management platform. It provides fine grained control on the pentest processes and integration with DevSecOps and SDLC lifecycle. Customers can engage the best whitehat hackers to identify vulnerabilities by using a flexible credit system. Large enterprises with in-house capability can onboard their security teams using the on-premise version. Similarly, Managed Security Service Providers can enhance their pentesting service offering by leveraging the smart and efficient platform to provide high visibility and historical data through dashboards to their customers.

CHANNEL NEWS

Software AG, du partner to accelerate IoT implementations In line with UAEs vision to fast track digital transformation, Software AG and du signed a partnership to provide a subscription-based licensing model for IoT services to its business customers. The strategic collaboration enables Software AG and du to address complex IoT implementations for organisations in UAE. These businesses will benefit from rapid application development features, reduced time to deployment and out of the box IoT analytics and dashboard to see the complete picture of their IoT data. The partnership will empower customers to freely design, build, deploy and upgrade IoT applications with agility and flexibility, combining cloud, on-premise and edge deployment models. A scalable architecture offers quick time to market for IoT applications. The

partnership establishes du as an IoT provider for the UAE market, powered by Software AG’s Cumulocity IoT. The platform will drive IoT across key industries of government, healthcare, utilities, manufacturing, transport and automotive. These companies will be able to track assets and improve logistics; gather data from smart city applications to make peoples’ lives easier. They can also improve service for their customers by automating manual functions, from meter readings to security measures. In line with the initiative, du and Software AG will launch a new IoT academy and an experience centre in the coming months. The opening is part of the drive to accelerate the adoption of IoT in the country while also staying abreast on IoT innovation methodolo-

gies, best practices and applications as the ecosystem continues to evolve. In 2019, Software AG was honoured as the Visionary in the Gartner Magic Quadrant for Industrial IoT Platforms in addition to receiving the highest use case scores by Gartner in the Critical Capabilities for Industrial IoT Platforms Report. The partnership was signed between Farid Faraidooni, Deputy CEO, du and Philippe La Fornara, President EMEA, Software AG in a virtual setting using technology as a social distancing measure to formalise this partnership. Also present at the ceremony were Marwan Bin Dalmook, Senior VP ICT Solutions and Smart City Operations, du as well as Rami Kichli Vice-President, Software AG, Gulf and Levant.

emt Distribution brings OPSWAT security solutions to the META region

VISHAL BHATIA, CHANNEL BUSINESS DEVELOPMENT MANAGER, EMT DISTRIBUTION.

emt Distribution is now delivering unique and efficient technology primarily focusing on critical infrastructures and IoT, SCADA, air-gapped environments, in collaboration with OPSWAT. With the vision of trust no file, trust no device, OPSWAT’s flagship technology Metadefender Core addresses the challenges of customers who do not want to compromise on the authenticity of the files entering their environment through any mediums, be it web, emails, USB or APIs. With module such as Multiscanning, where the power of 35 antivirus engines with the likes of Crowdstrike, TrendMicro, McAfee, and many more come to play and deep CDR, Content Disarm and Rconstruction, also known as Data Sanitisation, Metadefender Core ensures every file is scanned and disarmed from the most common attack vectors before reaching the user. OPSWAT’s ICAP server can integrate with almost all firewalls, web gateway, data diodes, NAS, and much more! This further augments file upload protection. An ideal use case for organisations like banks, ministries, tender boards, etc. who have a web portal for file uploads. Offerings such as Metadefender Kiosks are optimal for customers in oil and gas sector, aerospace, defence, power stations who have zero tolerance for external USB’s and yet want to develop a framework of trusted files received from external environments. With over 60 named OPSWAT customers in the Middle East, emt Distribution’s focus is to build strategic partnerships and create a channel ecosystem to address challenges of critical infrastructures through consulting and inhouse professionals.

S E PTE M B E R 2020

MEA

CHANNEL NEWS

KHDA recognises Certnexus as an international certification organisation (left to right) Rania Halimeh, Regional Channel Development Manager, emt Distribution Technology and Jeff Felice, President, CertNexus.

Certnexus is an approved organisation in the USA, operating as an international certification organisation, and a global provider of vendor neutral, emerging technology certifications and micro-credentials for business, data, development, IT and security professionals. CertNexus’ exams meet the most rigorous development standards possible, which outline a global framework for developing personnel certification programmes to narrow the widening skills gap within emerging tech.

Certnexus exams have been successfully completed by candidates in over 50 countries and are developed to conform with the American National Standards Institute and International Organisation for Standardisation, ISO, 17024:2012 standard. Certnexus exams are also accredited by several international organisations. Certnexus has recently signed an ICO agreement with Knowledge and Human Resource Development Authority, KHDA, in Dubai,

Frost & Sullivan recognises LinkShadow’s cybersecurity capabilities

Frost & Sullivan has named LinkShadow as a top industry innovator in the Frost Radar: User and Entity Behaviour Analytics Based on Machine Learning, 2020. The company is recognised for its strong track record in cybersecurity analytics and steadily evolving growth pipeline. LinkShadow’s flagship solution is the only one available in the market that tracks the chain of incidents, aggregates them, shows their stages, and graphically represents the attack path on a global map. It is becoming more crucial for organisations to have security tools that analyse the

MEA

behaviour of users who are connected to their networks and entities or endpoints such as servers and applications to detect anomalies. As the number of under-theradar attacks increases, it will become more challenging for security staff to investigate the attacks to effectively take action. Therefore, the need for user and entity behaviour analytics, UEBA, tools is greater than ever. LinkShadow’s main differentiator among market competitors is its service bundle, which includes the UEBA, intelligence-driven threat hunting, insider

S E PTE M B E R 2020

which regulates the technical and vocational education and training sectors and administers the awarding of international qualifications. Certnexus will be recognised as an international certification organisation in Dubai. This verifies that the activities of Certnexus are in accordance with KHDA’s regulations, and recognises that Certnexus qualifications meet the level of the National Qualifications Framework for the purposes of access to education and training in the United Arab Emirates.

threat detection, and comprehensive management dashboard in a single solution. Moreover, unlike other service providers in the market, LinkShadow offers its solution on a perpetual model. LinkShadow has fuelled its success through its unique behavioural analytics capabilities, which enables it to effectively support multinational businesses with a diversified customer base by: l Delivering supreme solutions that include threat intelligence, insider threat management, privileged user analytics, network security optimisation, machine learning, and statistical analysis. l Providing risk scoring, prioritisation, application security visibility, and predictive analytics. l Providing technical support and training. l Identifying market needs beforehand and constantly enhancing customer value by adding new features and capabilities to its service bundles. l Establishing strategic partnerships with security information and event management providers and leveraging joint go-to-market strategies.

CHANNEL NEWS

Invest. NetApp will continue to invest in tools that make business planning and incentive management and measurement simpler and more collaborative for partners. It will offer a bigger payout in its New Account Incentive Programme and allow rebates to be paid faster through the Run to NetApp Incentive Programme. NetApp also launched a new Tech Refresh Incentive Programme that helps partners take advantage of the extensive NetApp installed base. l Differentiate. NetApp now organises partners by Registered, Gold, Platinum, and Star programme levels. The programme will showcase partners with specific and focused specialisations, highlighting partners who provide services across key focus areas, including XaaS, implementation, support, cloud, foundation, hybrid cloud, and converged infrastructure. NetApp’s simplified, partner-first approach enables partners to grow and succeed by providing access to a leading portfolio of hybrid cloud data services and data management solutions. This portfolio and partner programme enable the partner ecosystem to solve customers’ challenges and invest in the delivery of key business outcomes, no matter where their data lives. l

NetApp’s partner programme accelerates digital transformation NetApp has announced new updates to its Unified Partner Programme to complement and align with its partners’ business capabilities and models. NetApp’s award-winning partner programme will be simplified and expanded to deliver a consistent programme experience, enable digital transformation for customers, accelerate partner profitability, and provide partners with a predictable business environment. Enhancements to the Unified Partner Programme in NetApp FY’21 will: l Simplify. NetApp will unify contracts and agreements; streamline guides and policies; offer fewer, more focused, deal-based incentive programmes; and offer growth attainment rebate programmes. l Expand. NetApp will provide Registered Partners with access to more information,

KRISTIAN KERR, VP PARTNER ORG EMEA, NETAPP.

communications, enablement, and training. The updates will also include bringing Cloud First Partners into the NetApp Unified Partner Programme and expanding NetApp Learning Services training programmes for cloud partners and service providers. NetApp will also expand and update its specialisations with new content and benefits, including the addition of SAP and XaaS.

Cybereason launches programme to enhance defence postures Cybereason has announced the launch of a new partner programme for the Middle East that will allow the region’s value-added resellers and managed security-service providers to enhance their customers’ defence postures against an ever-evolving threat landscape. The announcement follows Cybereason’s recent signing of Westcon-Comstor ME, which recently became a partner in the marketing and distribution of Cybereason solutions across the Middle East. The Cybereason Defense Platform gives security analysts and operations teams the industry’s deepest visualised cloud services and the ability to stop targeted attacks. In addition, Cybereason is disrupting the global endpoint-security market. The company’s approach centres on automating many tasks that previously required manual labor. Its cloud-based endpoint protection platform delivers an industry-leading ratio of one analyst to 150,000 endpoints, compared with the benchmark of one analyst to just 20,000 endpoints.

Such achievements are gaining Cybereason international recognition. It was the top ranked current offering in The Forrester Wave: Endpoint Detection and Response, Q1 2020 report and had the highest rated platform in NSS Labs Inc.’s Advanced Endpoint Protection Test. In addition, Cybereason was the only company to receive a Best Buy product rating in SC Media’s 2020 Annual Endpoint Security Product Test. Through the new regional partner programme, VARs and MSSPs will get access to Cybereason’s Partner Nest, which delivers top-flight sales and technical enablement. In addition, all partners are instantly eligible for the Cybereason Defenders League certification programme that empowers partners with skills to deliver a demo and a POC, enabling them to become experts. Furthermore, certified partners automatically join the Cybereason Defenders League, an exclusive community of experts with access to Cybereason’s founders, product team, and key roadmap updates.

TAREK KUZBARI, REGIONAL DIRECTOR, MIDDLE EAST AND TURKEY, CYBEREASON.

VARs will collaborate with a market leader in endpoint protection on areas such as business planning, marketing, and deal-making, while gaining access to world-class sales and technical training. MSSPs will get access to discounted pricing models and can also opt to deploy Cybereason’s MDR-in-a-box offering, a practice building, all-encompassing programme that leverages a combination of flexible support services, methodology, and Cybereason intellectual property.

S E PTE M B E R 2020

MEA

SECURITY NEWS

Improve Threat Resolution Cycles By Leveraging DNS DNS IS A KEY THREAT CONTROL POINT DNS IS CRITICAL TO CATCH THREATS

66%

ANTHONY JAMES, VICE PRESIDENT OF PRODUCT MARKETING, INFOBLOX.

of security and risk (S&R) leaders said DNS catches threats their other security tools either can’t or don’t catch.

THREAT INVESTIGATIONS TAKE TOO LONG

Infoblox finds security teams underutilise DNS against threats As cyberattacks escalate, Infoblox and Forrester Consulting investigated how security and risk, S&R, teams are using their DNS investments. The 203 respondents to the Accelerate Threat Resolution with DNS study reveal they most often use DNS to detect and block threats early in the kill chain, identify compromised devices, and investigate and respond to malware. The top findings underscore DNS is an effective but underutilised tool for threat hunting and resolution even as alert fatigue challenges security teams to scale:

69%

of S&R leaders use DNS as a control point to defend against attacks

74% of security operations teams spend more than 4 hours investigating a single threat incident.

STOP MALICIOUS ATTACKS FASTER

65%

Using internal DNS as a security control point drives key beneﬁts.

S&R leaders use DNS data throughout investigations for correlating network logs, determining exposure, and examining outbound resources.

66% Catching threats that other security tools can’t/don’t 64% Faster threat resolution 62% Accelerating incident response 59% Cost effectiveness

Read the full study

Methodology: Base: 203 US security decision makers Source: A study conducted by Forrester Consulting on behalf of Infoblox, April 2020

l 94% of S&R leaders either use or consider DNS as a starting point for threat investigations but only 43% of security and risk leaders rely on DNS as a data source to complete their investigations. l 66% of respondents use DNS to catch threats, from DNS tunnelling or data exfiltration, domain generation algorithms, and lookalike domain attacks that other security tools miss but only 34% anticipate using internal DNS to stop malicious attacks at scale. l 52% of leaders cite alert fatigue among

teams and 51% report challenges dealing with threat triage; but only 58% of teams incorporate some automated processes for incident response. Forrester surveyed 203 security and risk leaders from companies that earned more than $1 billion in annual revenue in the financial services, health care, education, retail, and government sectors for this report. Respondents include all levels of decision-making, including C-level, 48%, VP, 11%, Director, 34%, and Manager, 7%, roles across companies.

NTT finds insurance, finance, retail at max risk from cybercrime In recent months, in a bid to maintain business continuity and enable customers to engage via digital channels, organisations across the Middle East and Africa have had to invest in enhancing their online presence. With this growing trend towards digital service channels, Dimension Data’s parent company, NTT, in its 2020 Global Threat Intelligence Report, has found that web application attacks are on the rise, and now account for 66% of all cyberthreats seen in the region. Cybersecurity challenges across the Middle East and Africa have been compounded by the impact of Covid-19, as phishing attacks leveraging the virus have been seen as early as January 2020, even before the global pandemic

MEA

was declared. Fake websites masquerading as official sources of information were created at rates exceeding 2,000 sites per day, with many of them specifically targeting the healthcare organisations that were trying to help people through this global emergency. In the broader Europe, Middle East and Africa region, the report shows that reconnaissance activity, wherein intruders secretly gather information about systems for future attacks, was the most common threat, often accounting for more than 40% of all attacks. Similar to the global analysis, vulnerability scanners, testing tools, and malware appeared in the top five most common malware and attacker tools in EMEA. The report also found that the indus-

S E PTE M B E R 2020

PAUL POTGIETER, MANAGING DIRECTOR, DIMENSION DATA MIDDLE EAST

tries most targeted in the EMEA region were insurance, 50%, finance, 44%, and retail, 3%. Additional highlights of the NTT 2020 Global Threat Intelligence Report:

SECURITY NEWS

IBM study finds average cost per data breach is $6.53 million

IBM Security has announced the results of a Middle East study examining the financial impact of data breaches on organizations in Saudi Arabia and the the UAE. Based on the in-depth analysis, the cost of a data breach in Saudi Arabia and the UAE has risen by 9.4% over the past year. These incidents cost companies studied in the region $6.53 million per breach on average, which is higher than the global average of $3.86 million per breach and is

the second highest average breach cost amongst the 17 regions studied. In Saudi Arabia and the the UAE, breaches cost companies $188 per lost or stolen record on average, which represents an increase of 8.5% from 2019. Healthcare was found to incur the highest per record cost of a data breach, followed by Financial Services and then Technology. The study found that malicious attacks were

F5 adds Bahrain PoP to address rapidly evolving cyber threats

the root cause for 59% of data breaches in Saudi Arabia and the UAE, followed by system glitches at 24% and human error at 17%. Data breaches which originated from a malicious attack were not only the most common root cause of a breach, but also the most expensive, costing companies in Saudi Arabia and the UAE an average total cost per data breach of $6.86 million. Sponsored by IBM Security and conducted by the Ponemon Institute, the 2020 Cost of a Data Breach Report is based on in-depth interviews with more than 3,200 security professional in organizations that suffered a data breach over the past year. For the past six years, the Ponemon Institute has examined factors that increase or reduce the cost of a breach in Saudi Arabia and the UAE and has found that the speed and efficiency at which a company responds to a breach has a significant impact on the overall cost. This year’s report found the average time for companies in Saudi Arabia and the UAE to first identify a data breach after it occurs has decreased from 279 to 269 days, with an additional 100 days to contain the breach.

Cisco’s finds complexity remains cybersecurity’s worst enemy FADY YOUNES, CYBERSECURITY DIRECTOR, MIDDLE EAST AND AFRICA, CISCO..

MOHAMMED ABUKHATER, RVP, MIDDLE EAST AND AFRICA, F5.

F5 Networks has announced the launch of a new Silverline Cloud Platform Point of Presence, PoP, in Bahrain. The move is part a global expansion strategy to help customers better adapt to rapidly evolving threat imperatives and a new diversity of cloud consumption opportunities. Silverline enables the deployment of security services for every app, regardless of location, without upfront investments in IT infrastructure and support. The new PoP will provide improved application performance and reduced latency for Silverline Managed Services customers in the Middle East, Africa, and adjacent regions. It encompasses F5’s Silverline Web Application Firewall, Silverline DDoS Protection, Silverline Shape Defenseand Silverline Threat Intelligence offerings. Bahrain is F5’s third Silverline PoP serving the EMEA region, with the others located in the UK and Germany. F5 currently operates 12 other Silverline PoPs worldwide. Bahrain was chosen for F5’s latest PoP location due to its strategic geography and burgeoning cloud computing credentials. As a case in point, it was the first country in the Middle East to adopt a cloud-first policy and the Bahraini Government is currently aiming to reduce spending on IT infrastructure by up to 90%. Last July, Amazon Web Services announced the availability of the Middle East, Bahrain Region, which is the first AWS Region in the Middle East. Bahrain was also one of the first countries worldwide to roll out commercial 5G.

Cisco has published its sixth annual CISO Benchmark Report surveying the security posture of 2,800 security professionals from 13 countries around the globe. In today’s security landscape, the average company uses more than 20 security technologies. While vendor consolidation is steadily increasing with 86% of organizations using between 1 and 20 vendors, more than 20% feel that managing a multi-vendor environment is very challenging, which has increased by 8% since 2017. Other notable findings: l 42% of respondents are suffering from cybersecurity fatigue, defined as virtually giving up on proactively defending against malicious actors. l Over 96% of fatigue sufferers saying that managing a multi-vendor environment is challenging, complexity being the main causes of burnout. To combat complexity, security professionals are increasing investments in automation to simplify and speed up response times in their security ecosystems; using cloud security to improve visibility into their networks; and sustaining collaboration between networking, endpoint and security teams.

S E PTE M B E R 2020

MEA

SECURITY NEWS

Kaspersky warns of rise in targeted phishing attacks

Kaspersky analysis has revealed that phishing attacks are becoming increasingly more targeted. A number of new tricks have also been found, from HR dismissal emails to attacks disguised as delivery notifications. As a result of such tendencies, security solutions have detected 2,578,501 phishing attacks in Egypt, UAE, Saudi Arabia, Qatar, Kuwait, Bahrain, and Oman. These and other findings are documented in Kaspersky’s new spam and phishing in Q2 2020 report. Phishing is one of the oldest and most flexible types of social engineering attacks. They are used in many ways, and for different purposes, to lure unwary users to the site and trick them into entering personal information. The latter often includes financial credentials such as bank

account passwords or payment card details, or login details for social media accounts. In the wrong hands, this opens doors to various malicious operations, such as money being stolen or corporate networks being compromised. This makes phishing a popular initial infection method. Users in Saudi Arabia have been influenced the most by this type of threat: there were 973, 061 phishing attacks detected in 3 months. It was followed by the UAE, 617,347 attacks; Egypt, 492,532; Oman, 193,379; Qatar, 128,356; Kuwait,106,245; Bahrain, 67,581 attacks. Phishing is a strong attack method because it is done at such a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials. The first six months of 2020, however, have shown a new aspect to this well-known form of attack.

McAfee reports massive surge in Covid-19 themed attacks McAfee has released its McAfee Covid19 Threat Report: July 2020 examining cybercriminal activity related to Covid-19 and the evolution of cyber threats in Q1 2020. McAfee Labs saw an average of 375 new threats per minute and a surge of cybercriminals exploiting the pandemic through Covid-19 themed malicious apps, phishing campaigns, malware, and more. New PowerShell malware increased 688% over the course of the quarter while total malware grew 1,902% over the past four quarters. Disclosed incidents targeting the public sector, individuals, education and manufacturing increased; nearly 47% of all publicly disclosed security incidents took place in the United States. Each quarter, McAfee assesses the state of the cyber threat landscape based on in-depth research, investigative analysis, and threat data gathered by the McAfee Global Threat Intelligence cloud from over a billion

sensors across multiple threat vectors around the world. Capable threat actors exploit pandemic McAfee researchers found it is typical of Covid-19 campaigns to use pandemicrelated subjects including testing, treatments, cures, and remote work topics to lure targets into clicking on a malicious link, download a file, or view a PDF. To track these campaigns, McAfee Advanced Programs Group has published a Covid-19 Threat Dashboard, which includes top threats leveraging the pandemic, most targeted verticals and countries, and most utilised threat types and volume over time. The dashboard is updated daily at 4 pm ET; more information can be found here: McAfee APG Covid-19 Threat Dashboard. Data breaches, the new ransomware attack Over the course of the first quarter of 2020, McAfee Advanced Threat Research observed malicious actors focus on sectors

RAJ SAMANI, FELLOW AND CHIEF SCIENTIST, MCAFEE.

where availability and integrity are fundamental, for example manufacturing, law and construction firms. New ransomware declined 12% in Q1; total ransomware increased 32% over the past four quarters.

BU TR

THE CHAN

EXCL AVEVA

ARR OF DIG TW

AVEVA’s en end trackin industrial a performan through di solutions i making dig twins a rea in the regio

MEA

S E PTE M B E R 2020

Ali Sajwani, DAMAC Prope

BLENDING INNOVA TECHNOLOGY INTO CULTURE

SUPPLEMENT OF ENTERPRISE CHANNELS MEA

BUSINESS TRANSFORMATION SEPTEMBER 2018

THE CHANGE TO FUTURISTIC BUSINESS

biznesstransform.com

BUSINESS TRANSFORMATION OCTOBER 2018

THE CHANGE TO FUTURISTIC BUSINESS

biznesstransform.com

SECURITY NEWS

CYBORGS CAN WE REBUILD THE HUMAN BEING Developments in bioengineering have opened the doors to overcome human limitations.

Andy Brocklehurst, Cisco

Osama AlHaj-Issa, HPE Aruba

Mahmoud AlYahya, Xerox

NEIL HARBISSON Cyborg and designer of artificial senses

BLOCKCHAIN Which regional industries will be early adopters

Henrique Vale, Nokia

HOW TELECOS NEED TO MANAGE BIG DATA REPOSITORIES

David Warburton, F5 Networks

WHY THE BITCOIN BLOCKCHAIN IS TOO LARGE TO BE HACKED

Srinivasan CR, Tata Communications

WHY BANKS NEED TO START CONSIDERING OUTSOURCED SOCs

Morey Haber, BeyondTrust

IF YOUR APPLICATION IS HACKED SO CAN YOUR BLOCKCHAIN

CELEBRATING

MONTHS SUPPLEMENT OF ENTERPRISE CHANNELS MEA

BUSINESS TRANSFORMATION JANUARY 2020

THE CHANGE TO FUTURISTIC BUSINESS

EXCLUSIVE

biznesstransform.com

SPECIAL ISSUE

Steve Bates, KPMG Jeffrey Wheatman, Gartner

2020

OPPORTUNITIES, DISRUPTIONS, TRANSFORMATIONS Twenty top executives give their comments on regional forces of transformation and their outlook for 2020.

(Left to right) Ahmed Al-Faifi SAP, Amaldeep Pradeep Allegion, Anouar Bourakkadi Idrissi Edenred, Bani Haddad Aleph Hospitality , Chris Cooper Lenovo, Alain Penel Fortinet, Damian Dimmich Democrance, Fadi Kanafani NetApp, Farhan Syed KPMG, Jasmit Sagoo Veritas, Jihad Tayara EVOTEQ, Lori MacVittie F5 Networks, Lucas Jiang TP Link, Michael Armstrong ICAEW, Milan Sheth Automation Anywhere, Mohit Davar Huobi, Nitin Kaushal Capillary Technologies, Raj Sabhlok ManageEngine, Roberto D’ Ambrosio Axiory Global, Sanmeet Kochhar HMD Global, Steen Jakobsen Saxo Bank, Wisam Yaghmour HID Global, Wojciech Bajda Ericsson.

SUPPLEMENT OF ENTERPRISE CHANNELS MEA

BUSINESS TRANSFORMATION FEBRUARY 2020

THE CHANGE TO FUTURISTIC BUSINESS

biznesstransform.com

SUPPLEMENT OF ENTERPRISE CHANNELS MEA

BUSINESS TRANSFORMATION JUNE 2020

THE CHANGE TO FUTURISTIC BUSINESS

biznesstransform.com

BUILDING TRANSFORMED

EDGE ENTERPRISES AT THE

AVEVA

ARRIVAL OF DIGITAL TWINS

Craig Hayman, CEO Aveva.

Jacob Chacko HPE ARUBA

AVEVA’s end to end tracking of industrial asset performance through digital solutions is making digital twins a reality in the region.

Ali Sajwani, DAMAC Properties.

JULY 2020

THE CHANGE TO FUTURISTIC BUSINESS

HPE ARUBA, TECH MAHINDRA

EXCLUSIVE

BLENDING INNOVATION, TECHNOLOGY INTO CULTURE

SUPPLEMENT OF ENTERPRISE CHANNELS MEA

BUSINESS TRANSFORMATION

Ram Ramachandran Tech Mahindra

INDUSTRIALISATION OF

3D PRINTING

The edge of the network is closest to the digital customer, consolidating analytics in real time, while intelligently orchestrating with the core.

Ektaa Sibal

SELF-BELIEF LEADS TO EXCELLENCE

Suzanne Adnams, Gartner

CIOS NEED TO MANAGE ORGANISATIONAL CULTURE

Amel Gardner, Epicor

CHANGE MANAGEMENT DURING IR4

Manishi Sanwal, Voiceback Technologies.

CREATE CUSTOMER DELIGHT BY USING ANALYTICS

Deborah Alvord, Gartner.

WORKSPACES WILL NEED TO TRANSFORM

Farhan Syed, KPMG.

REALIGNING THE BANKING ENTERPRISE

Tom De Waele, Bain.

STEPS CEOS MUST TAKE TO COPE WITH PANDEMIC

Ranjith Kaippada, Cloud Box Technologies.

E-RETAILERS CAN NO LONGER DELAY AI

3D printing technologies and materials have evolved in terms of quality and accuracy to allow production at scale through farms and large-scale plants.

Ektaa Sibal.

WORDS, THOUGHTS, MINDSET

Bill Largent, Veeam

VEEAM ACT II ALIGNS WITH TRANSFORMATION

Andrew McCloskey, AVEVA

DIGITAL TWINS CAN IMPROVE EFFICIENCY IN CONSTRUCTION

Vinayak Mahtani, bnbme

YOU MAY NOT BE IN AS BAD A POSITION AS YOU THINK

Gautham Raj Jumbo Group

Kenny Ingram, IFS

CHALLENGERS WHO DISRUPT CONSTRUCTION INDUSTRY

Lothar Hohmann Precise Group

Ektaa Sibal, Inner-Self Transformation Specialist

MANAGE STRESS IN THE POST PANDEMIC WORLD

COVER FEATURE

IS THE MISSING UNIFIER FOR HYBRID WORKPLACES As IT teams work to rebuild the organization across extended digital boundaries, private and service provider 5G networks may be the missing enabler. Top executives deliberate in the pages ahead.

(Left to right , top to bottom) l A z z - E d d i n e M a n s o u r i , G e n e r a l M a n a g e r S a l e s , C i e n a M i d d l e E a s t l C h a r b e l Z r e i b y, S e n i o r M a n a g e r, C h a n n e l P r e s a l e s M E R AT, D e l l T e c h n o l o g i e s l D r A b r a r U l l a h , P r o g r a m m e D i r e c t o r o f S t u d i e s , S c h o o l o f M a t h e m a t i c a l a n d C o m p u t e r S c i e n c e s , H e r i o t -Wa t t U n i v e r s i t y, D u b a i l H a i d e r Pa s h a , S e n i o r D i r e c t o r a n d C h i e f S e c u r i t y O f f i c e r, M i d d l e E a s t a n d A f r i c a , Pa l o A l t o N e t w o r k s l J e r o e n S c h l o s s e r, M a n a g i n g D i r e c t o r, E q u i n i x M E N A l M o h a m e d Ta n t a w i , S P S e n i o r S a l e s D i r e c t o r, M E TA , J u n i p e r N e t w o r k s l M o h a m m a d A l - J a l l a d , C h i e f T e c h n o l o g y O f f i c e r a n d D i r e c t o r, M i d d l e E a s t a n d A f r i c a , H P E

MEA

S E PTE M B E R 2020

COVER FEATURE

CIENA

UP AHEAD INCREASING RELIANCE ON BROADBAND AND 5G The spike in usage of collaboration tools are putting an unforeseen strain on networking technologies further driving the adoption of IoT.

he road to 5G demands high-performance wireline networks founded on open, automated, best-in-breed designs—fully interoperable, flexible, and built to cost-effectively address current and future 5G demands while safeguarding network investments into the future. For 5G, Adaptive IP delivers the agility and flexibly needed to allocate network resources for maximum performance and return using purpose-built routers that leverage programmability, automation, and analytics. For networking, Adaptive IP unburdens the legacy way of designing, deploying, and maintaining IP networks by reducing the complexity associated with obsolete network designs, resulting in decreased power, space, and total cost of ownership. The Covid-19 pandemic has generated an increase in demand for traffic and a change in traffic patterns, as millions turn to the Internet for work, virtual education, remote healthcare and entertainment during times of lockdown. The spike in usage of collaboration and video conferencing tools, e-learning applications, gaming, and telemedicine, to name a few, are putting an unforeseen strain on networking technologies and requiring more bandwidth,

The Covid-19 pandemic has generated an increase in demand for traffic and a change in traffic patterns

further driving the adoption of IoT. A recent Ciena survey revealed that 75% of UAE respondents have taken steps to improve their home internet since the lockdown. Now more than ever, network connectivity plays a key role in helping the world navigate and overcome the challenge of this global pandemic. We can, therefore, expect an increasing reliance on scalable, reliable broadband to make the most of new technologies that support digitisation, through the proliferation of 5G. With the adoption of 5G and IoT, more businesses will be able to realise their digital transformation and to operate more efficiently and effectively, even remotely. Having the right network infrastructure in place to ensure mobile always-on connectivity is crucial, so forward thinking organisations are looking to upgrade or replace legacy systems, adopt new tools and technologies and continue to embrace new use cases enabled by 5G and IoT. Looking beyond the pandemic, various industries where we expect to see new use cases for IoT and 5G are the healthcare sector, with a growth in digital medical applications, as well as education, as more schools adopt virtual curriculums that support a rapidly changing learning environment. In the UAE and KSA, we can also expect to see an increase in smart city applications such as intelligent traffic systems, that will be enabled by 5G and IoT. Ciena supports 80% of the world’s largest network providers and has designed services that adapt in order to meet customer needs both now and into the future. Ciena’s approach supports the complete network lifecycle, with consulting, solution practices, and services oriented around the needs of providers by helping them build networks that can adapt.

AZZ-EDDINE MANSOURI,

General Manager Sales, Ciena Middle East.

A recent Ciena survey revealed that 75% of UAE respondents have taken steps to improve their home internet since the lockdown From Adaptive IP to the latest innovations in WaveLogic coherent optics, Ciena’s networking solutions and software allow service providers to get the most out of their network assets by taking advantage of technologies like Network Functions Virtualisation, Segment Routing, and Edge Cloud to efficiently support existing business opportunities while preparing for new and emerging ones. Blue Planet, a division of Ciena, provides market-leading intelligent automation software and services to help service providers automate their IT and network operations. ë

S E PTE M B E R 2020

MEA

COVER FEATURE

DELL TECHNOLOGIES

IS YOUR NETWORKING INFRASTRUCTURE READY FOR NEW-NORMAL Network builders must create infrastructure which is costeffective, while scaling for growth, to take advantage of future capabilities of 5G.

etworking, 5G and IoT fields are changing at an unprecedented pace. Innovations and developments like the SD-WAN, WiFi6 and 5G coexisting together are becoming critical technologies for the enterprise, transforming different industries like healthcare and manufacturing. The telecommunications industry, in specific, is transforming fast with the advent of 5G, IoT applications and the demand for high bandwidth and low latency at the edge. As volumes of data increase in line with subscriber usage and the growing number of devices, the requirement to transport, process and securely store the data, whilst also adhering to the constant regulatory changes becomes challenging. To address this, network builders and solution providers must create an infrastructure solution which is cost-effective, while scaling for growth, to provide their customers the best possible platform to take advantage of future capabilities of 5G. Modern networking solutions are also increasingly pairing up with advanced analytics for several use cases, prominently for cybersecurity. The onset of the pandemic has caused organisations to pause and reconsider their

How ready is the existing infrastructure, whether on and off premises, to take on new applications? 24

MEA

digital readiness. There has been a new focus on IoT technology in various industries, especially in healthcare. Innovations in telemedicine, contact tracing, and remote patient monitoring and quarantine tracking have utilised IoT devices and 5G enabled automation. There has also been a reconsideration for SD-WAN for remote working, powered by 5G networks, as well as a prioritisation for storage, cloud and edge solutions, prompting organisations to reexamine software-defined models and invest in edge enablement of applications. What is being seen across industries, in general, is a shift back to deploying the right infrastructure that can accommodate the fast pace of change happening across these areas, providing flexibility and accelerated growth while going into the future. It all starts by identifying the business priorities that these technologies can help achieve. Then it is about how ready the existing infrastructure is, whether on and off premises, to take on these new applications. Leading market segments will be in industrial applications, manufacturing, smart cities, smart parking, street lights, video monitoring, education, retail and healthcare. All these use cases will be centered on low-latency, high processing power applications and often incorporating elements of artificial intelligence and where real-time analytics are driven to the edge. Dell Technologies solutions can transform networking from the edge to the core to the cloud, enabling customers to meet the demands of modern workloads and accelerating the journey to 5G. With products and services ranging from software-defined infrastructure and open networking, next generation storage with data

S E PTE M B E R 2020

CHARBEL ZREIBY,

Senior Manager, Channel Presales MERAT, Dell Technologies.

It all starts by identifying business priorities that technologies can help achieve center switching solutions, edge computing and analytics as well as VMware orchestration platforms, the solutions bring the automation and agility demanded, while accelerating time to market with fit-for-industry products. The open networking solutions, like the Dell EMC PowerSwitch, can provide network configuration automation and OPEX savings. As well, Dell Technologies integrated hardware and software solutions for SD-WAN and other complementary virtualised networking functionality can maximise connectivity at the edge. ĂŤ

COVER FEATURE

HERIOT-WATT UNIVERSITY

5G CAN BRIDGE GAP BETWEEN REMOTE TEAMS IN NEW-NORMAL 5G will create a perfect framework to allow devices to function at fullest potential enabling real-time connections, helping machines to respond faster.

n many ways, technology has come to the rescue of humanity in these desperate times. Advanced remote work collaboration as a result of the pandemic is likely to benefit from the power of fast and secure networks including 5G. 5G will help introduce new technologies such as augmented and virtual reality into the remote working experiences, and bridge the gap between working from home and being in the physical workspace. Similarly, online gaming has also seen an upswing during the pandemic – the lowlatency and the bandwidth levels that 5G can guarantee will reduce the consumers’ cost-of-entry due to less expensive hardware. Also, there is a potential for increase in the use of IoT devices due to social distancing. The implementation of IoT, wireless devices and fast networks have been observed in shopping malls, schools, lifts, entertainment industry and health sector. On the other hand, owing to disruptions caused by the pandemic, 5G deployments have slowed down in the short term. Despite that, we expect to see it picking up soon, and will see an increased demand for new devices and services that can offer rich experiences from

5G will impact manufacturing, healthcare, retail, transportation, financial services, energy, smart cities

anywhere. IoT devices connected to fast speed Internet has always been an open target for cyber-attacks. It is reported that the number of cyberattacks has increased in the recent times due to growing reliance on the fast speed Internet. This demands further work on fast but secure connectivity to the cyber space, which is a driver for further research work. The starting point is the organisation’s vision for digital transformation. They need to be clear as to which processes and procedures are to be digitised. Next is considering the role that the IoT and network performance will play in enabling this. After that comes the assessment of desired outcomes, to decide what kind of use cases should be enabled. The last stage is about building the necessary infrastructure to address the identified requirements. Over time, it is expected that 5G will impact nearly all businesses. Some of the leading market segments globally that will feel this impact are manufacturing, healthcare, retail, transportation, financial services, energy and smart cities. We are starting to proof-ofconcept deployments and going forward, as equipment becomes available, we expect to see greater adoption. Very few aspects of our lives remain unaffected by digital transformation. As our reliance on information system broadens and deepens it becomes ever more important to improve their applicability, dependability, intelligence and usability. Studies show that 5G can outperform the current 4G and 4G LTE standards with respect to download and upload speeds, by up to 100 times. It also promises to reduce latency problems in current networks. With regards to latest innovation, 5G wireless networks will create a perfect framework

DR ABRAR ULLAH,

Programme Director of Studies, School of Mathematical and Computer Sciences, Heriot-Watt University, Dubai.

Advanced remote work collaboration as a result of the pandemic is likely to benefit from 5G to allow IoT devices function at their fullest potential and maximise their benefits. It will enable more real-time connections, help machines respond faster to requests and minimise delays. In other words, it will get us closer to realising the true IoT world of millions of sensor devices connected to the network. Networks that build 5G with open access, keeping multiple connectivity in mind will be able to support a whole new range of services, solutions and applications. Examples of innovations that 5G will spur are autonomous vehicles, smart traffic management systems, smart homes, usage of drones with video cameras to help with public safety and more. ë

S E PTE M B E R 2020

MEA

COVER FEATURE

PALO ALTO NETWORKS

SECURITY AND 5G EQUALLY IMPORTANT IN NEWNORMAL WORKPLACE Enterprise networks are widening, with hybrid clouds, 5G and IoT devices, and this creates the need for a radical new approach to cybersecurity.

ith the introduction of 5G, we have been able to tap the potential of the digital economy, with smart cities, factories, cars, and connectivity. 5G also helps pave the way for new emerging business models to cover new industries, such as smart factory, autonomous transportation, remote healthcare, agriculture and even retail. There is no doubt that 5G is a game-changer, and we have witnessed 5G applications to be driven by consumers and enterprises. They are also proving essential for governments to implement smart city rollouts. 5G will also enable better customer experience at major upcoming events. However, with the adoption of 5G, it is important to prevent cyber risks for which there are three focus areas to swiftly respond to threats in real time: securing the 5G-ready telco cloud, next-gen managed security services, and securing private LTE 5G networks. Enterprise networks are widening, with hybrid clouds, 5G and IoT devices, and this creates the need for a radical new approach to cybersecurity. 5G allows a higher volume of data across the network, and we have seen a positive outcome for several sectors from energy, transportation to healthcare and government. However, organisations must

5G will enable better customer experience at major upcoming events 26

MEA

be mindful of changing cyber threats as they transition to 5G. With the Covid-19 pandemic, cyberattacks have evolved especially with the rise of home offices. When using 5G and several IoT devices connected to a home network instead of a corporate one, companies will need to scale up security to protect confidential data. Threat intelligence team at Palo Alto Networks, Unit 42, analysed 1.2 million newly registered domain names containing words from March 9, 2020 to April 26, 2020, from which over 80,000 classified as risky and spread across various regions. As best practice, we recommend people to be conscious on the websites visited and links clicked, especially which include terms like covid, virus, and corona. Not all of these will be malicious, but they are treated as a suspect. For an enterprise as an end user, the 5G connection delivers far greater speed and capacity, while reducing latency. Moreover, organisations within manufacturing in factories will be at an advantage with an increased ability to adopt automated processes, especially processes that make use of connected devices. 5G will also help cities to become smarter and more efficient, with reduced energy consumption, enhanced traffic management and advanced IoT connections and sensors. Both enterprise and consumers are set to gain from the 5G evolution and advanced IoT technologies. As in the past with previous wireless technologies, 5G and IoT will be adapted widely, fostering further innovation. The targeted markets will be on both a B2B and B2C level, including autonomous systems in factories such as robots, AGVs, computer vision, and AR and VR tools. In the UAE, we have started seeing many

S E PTE M B E R 2020

HAIDER PASHA,

Senior Director and Chief Security Officer, Middle East and Africa, Palo Alto Networks.

With the Covid-19 pandemic, cyberattacks have evolved especially with the rise of home offices. innovative smart city solutions including autonomous vehicles and a range of smart apps that will be enhanced by 5G. Organisations around the world have a growing dependence on networking, 5G and IoT, which in turn makes it an appropriate time to start laying a strong foundation for security. One of the latest products, the ML-Powered Next-Generation Firewall embeds machine learning in the core of the firewall. This proactively assists in stopping threats, securing IoT devices, and recommending security policies. Using PAN-OS 10.0, there are multiple industry firsts such as ML-Based In-line Malware and Phishing Prevention, Zero-Delay Signature Updates, ML-Based Integrated IoT Security, and ML-Based Security Policy. ĂŤ

COVER FEATURE

EQUINIX

5G SCALING DEPENDENT ON DATA EXCHANGE INTERCONNECTION Promise of 5G cannot be met without more data exchange points at the edge to support proliferation of data and distance limitations inherent in 5G.

igital transformation and customer demand are driving the need for cutting-edge digital services. Private global connectivity between enterprises, strategic cloud service providers, and network services is therefore essential for business success today. As found by Equinix 2019 Global Interconnection Index, GXI and related independent survey, over threequarters 76% of UAE IT decision-makers think their organisations will move more functions to the cloud. 7 out of 10, 70% IT decision-makers think interconnection is a key facilitator of digital transformation. Over two-thirds 68% of IT decision-makers are using interconnection to reduce the cost of connectivity. Covid-19 has accelerated digital transformation initiatives already in place. In other cases, legacy industries that had not previously adopted digital are now acknowledging its value as a business imperative. All in all, the current pandemic has taken businesses by surprise and altered organizations to assess their existing investments. Businesses are increasing Internet capacity handling more traffic, addressing performance issues - offloading from the Internet to use interconnection, and adopting more efficient alternatives - employing cloud services. 5G is poised to speed up digital business innovations like self-driving cars, smart cities, connected healthcare and more. But the promise of 5G cannot be met without more data exchange points at the edge to support the proliferation of data and distance limitations inherent in 5G technology. To scale for 5G, network service providers will need direct and secure, proximate interconnection points between larger numbers of network nodes to securely host and stream

data at significantly higher speeds, volumes, and lower latencies. Retail and industrial will be the first industries to take advantage of the IoT, a key consequence of the 5G. Retail, with increasing mobile wireless products such as smartphones, wearables and home assistants, and the supply chain logistics that bring them to market, is leveraging the IoT to gain valuable customer insights, introduce new products and ensure customer satisfaction. The industrial industry, with its connected turbine engines, power plants and vehicles, leverages IoT to ensure greater efficiencies and safety in the production, running and maintenance of these machines. Health care and financial services are up next once these industries can better ensure the needed levels of privacy and security. Retail is leveraging IoT to gain valuable insights by evaluating data - related to customersâ&#x20AC;&#x2122; purchase histories and visit frequencies to a particular store - coming from different connected devices such as smartphones, wearables and home assistants. Based on the data, retailers introduce new products, marketing campaigns, reduce operational costs and ensure customer satisfaction. As a global colocation and interconnection company, Equinix ensures protection, connection, and power to the digital economy through data centers and network connectivity, colocation and professional services, and its portfolio of advanced interconnection solutions. To meet the ever-growing, on-demand interconnection needs of customers, Equinix is expanding its Dallas Infomart Data Center with the launch of its 5G and Edge Proof of Concept Center, POCC. The Equinix 5G and Edge POCC will provide a 5G and edge sand-

JEROEN SCHLOSSER,

Managing Director, Equinix MENA.

70% IT decision-makers think interconnection is a key facilitator of digital transformation box environment, enabling Mobile Network Operators, cloud platforms, technology vendors and enterprises to directly connect with the largest edge data center platform in order to test, demonstrate and accelerate complex 5G and edge deployments and interoperability scenarios. The Equinix 5G and Edge POCC aims to develop 5G and edge architectures that leverage ecosystems already resident at Equinix, explore hybrid multicloud interconnectivity scenarios between MNOs, public clouds and private infrastructures, as well as develop multiparty business models, partnering strategies and go-to-market motions for the nascent 5G and edge market. ĂŤ

COVER FEATURE

JUNIPER NETWORKS

BUILD YOUR OWN PRIVATE 5G OR USE SERVICE PROVIDER’S? This depends on whether private spectrum is available as well as availability of 5G skills from an industrial 5G systems integrator.

he use of 5G with the edge cloud to operate capability, remotely from workers whilst allowing them to still remain in control, will offer new opportunities for business and innovation. The IoT applications can run on the edge cloud, providing remote sensing and other capabilities to enterprises who need access to their working environment. Security across those networks from open IoT devices will be another area that will receive increasing attention. The 5G world will involve the need for more B2B relationships where the nature of the enterprise’s business and the application will drive the role of 5G, IoT and the Edge Cloud. The use of 5G in industrial and other verticals is already starting, with businesses realising that replacing wired IP LAN’s with Private 5G provides a more flexible production facility when reconfiguration is needed. The basic components will be common across these new deployments – 5G radio, increasingly using ORAN, with an Edge Cloud running the applications and some network functions. Part of that journey for a given business is the decision to self-build that 5G private network or to use a solution from a local mobile operator.

Businesses are realising that replacing wired IP LAN’s with Private 5G provides a more flexible production facility 28

MEA

This decision will depend on whether private spectrum is available as well as the availability of in house 5G skills, or skills from an Industrial 5G Systems Integrator, versus the mobile operator approach. The sectors that are already exploring 5G in many countries are Healthcare, Industry 4.0, Agriculture, Transportation, Smart City and Rail. These need 5G coverage and capacity, the low latency offered by the 5G radio and the Edge Cloud with a secure capability. As for the UAE, the country has proven to be an early adopter of new technologies and we expect - once the 5G infrastructure is rolled out and operational - that we will see some very interesting use cases coming from the UAE. 5G brings a large expansion in transport capacity to mobile networks as base stations move from a 1Gb backhaul to at least 10Gb. This means that aggregation and core routing networks must be planned for higher capacity as do the security platforms protecting these networks. Juniper’s flagship MX series routers allow operators to scale to the new requirements of 5G across aggregation and core, whilst the SRX and vSRX security platforms, allow operators to protect these networks. In addition, Juniper’s leading cloud software, Juniper’s Contrail platform can be used, together with the MX, QFX and vSRX to build the Edge Cloud capability to enable new markets and verticals. 5G uses many new technologies to be able to offer better spectral efficiency and low power per bit in the radio sector. The 5G system offers many benefits but the combination of low latency radio, with the creation of the Edge Cloud, allows 5G to be used for connectivity in many new markets such as Automotive, Rail, Smart City and Industrial. In addition to the 5G systems available from traditional radio

S E PTE M B E R 2020

MOHAMED TANTAWI,

SP SENIOR SALES DIRECTOR, META, JUNIPER NETWORKS.

5G brings an expansion in transport capacity to mobile networks as base stations move from 1Gb backhaul to at least 10Gb vendors, new open standards are being created to allow innovation in the Radio Access Network. These Open-RAN systems rely on software with common hardware to operate. Hence, when ORAN, Edge Cloud and 5G are brought together, they can be used to flexibly address the needs of many new market verticals. Most mobile operators are focussed on 5G enhanced Mobile Broadband, at present, providing faster mobile broadband speeds for customers during the pandemic. As we move into a post Covid world, increased vigilance, remote working and social distance will remain part of our lives for some time. ë

COVER FEATURE

HPE

5G FACILITATING ADOPTION OF CLOUDBASED INFRASTRUCTURE IT leaders will double consumption of as-a-service within next two years in order to accelerate shift towards agile and cost-effective infrastructure.

ue to the pandemic, organisations realised the need for the adoption of digital services to continue the functioning of their business and further accelerated their investments in IT. According to a global survey of 2,400 IT decision-makers commissioned by Aruba, 38% of IT leaders plan to increase their investment in cloud-based networking, 35% in AI-based networking and 33% in Edge compute. IT leaders expect to double their consumption of as-a-service within the next two years in order to accelerate the shift towards more flexible, agile and cost-effective infrastructure. The widespread remote work adoption further pushed the acceleration of 5G across the globe as the need for fast speed data transfer became vital in the last few months. A typical journey starts by aligning the organisation objectives to new projects. Next step is creating ideas for new products, services and capabilities and mapping the capabilities to existing infrastructure and augmenting, if necessary. Finally, a proof of value is usually created prior to having a production deployment. The expectations are that 75% of enterprisegenerated data will be created and processed at the edge outside a data center or cloud by 2025, and there will be 55.9 billion connected devices globally of which 75% will be connected to an IoT platform. These represent opportunities to multiple sectors to enable new experiences, accelerate smarter operations, gain competitive advantages and evolve infrastructures for 5G. Multiple sectors can leverage use cases including Telco, Transportation, Retail, Healthcare, Manufacturing, Government, Hotels and hospitality, Education and Financial Services.

HPE offers solutions that are cloudconnected, and delivers secured and personalised digital experiences enabling customers, employees and operations at the edge leading to accelerated adoption of mobile, IoT and 5G initiatives. The solutions comprise wired and wireless, location services, digital workplaces, 360 secure fabric, mobility and workplace services, IoT converged edge systems and related software, edge center, 5G Core Stack, Network Functions, Telco Cloud, Telco Blueprints for Core and Edge, Edge Orchestrator, Ezmeral Container and ML Ops Data platform, Wi-Fi 6, 5G interworking equipment in addition to the expertise necessary to support successful initiatives and digital transformations. HPE is committed to investing in research, products and consumption models to support customers in accelerating their digital transformation journeys. Recently, HPE announced its intent to acquire Silver Peak, a leader in SD-WAN. Additionally, HPE introduced numerous innovative and transformative solutions including Aruba AI-Powered Edge Services platform, ESP, which is designed to automate, unify, and secure the Edge by spotting and fixing issues and errors before they impact the business. It is built on AIOps, Zero Trust network security and a Unified Infrastructure for campus, data center, branch and remote worker locations. In addition to this, HPE also unveiled a 5G lab to accelerate the adoption of open multivendor 5G solutions, released Edge Orchestrator to enable telcos to monetise 5G networks and edge infrastructure by delivering new low latency cloud services at the edge via an app catalog and announced new GreenLakeâ&#x20AC;&#x2122;s flexible as-a-service model, allowing customers to prioritise investments in line with

MOHAMMAD AL-JALLAD,

Chief Technology Officer and Director, Middle East and Africa, HPE.

38% of IT leaders plan to increase investment in cloud-based networking, 35% in AI-based networking and 33% in Edge compute business priorities. Recently, HPE also released Ezmeral, a software portfolio aiming to fuel data-driven and edge-to-cloud digital transformation by supporting customers to run, manage, control and secure the apps, data and IT that run their business from edge to cloud. To support customers during Covid, HPE released a new return-to-work solution to help organisations accelerate recovery in wake of COVID-19, put safety first and reassure staff, students and visitors as they return to the workplace. ĂŤ

CHANNEL STREET

DARREN GAETA,

Vice President of World Wide Alliances and Channels, Onapsis.

ONAPSIS

HOW TO SECURE MISSION CRITICAL HYBRID ERP APPLICATIONS

With ERP vendors prioritising cloud licensing, Onapsis security solutions for critical applications are moving to the forefront with channel partners.

ll cybersecurity professionals agree that you are only as secure as your weakest link. ERP systems, by nature of their need for continuous uptime, see delays of months and years on patching critical vulnerabilities. Outside systems are left to fill the gap, but penetrate the shield and the ERP system is a ripe target, often with few signs of it having been breached. These systems are at core of what run the business. Compromise them and businesses will cease to function. Everyone wants a single plane of glass, and Onapsis supports that in instances, while analysing results or responding to active threats. The primary interface is through a web-based console, and Onapsis has further connectors with a variety of third-party tools. The Onapsis Platform is scalable and flexible. It can deploy in any combination of private, public, or hybrid models, even distributed

MEA

among different cloud solutions. This works because Onapsis has models that leverage local clients or zero-footprint API calls. Sensors collect and analyse data from the ERP system, removing the security load from the ERP processing stack. The console lets you set policy, view results, and integrate with third party systems like SIEMs and ServiceNow. Onapsis only require TCP connections between the ERP system, sensors, and console. Onapsis threat database is SaaS-based with intelligence from Onapsis Research Labs group, responsible for finding over 800 critical and zero-day vulnerabilities in SAP and Oracle. Onapsis sends updated signatures to clients, and their consoles automatically look for vulnerabilities or exploits in action. Similarly, customers apply compliance module checks based on library and custom queries in response to their auditorsâ&#x20AC;&#x2122; needs. Once in place, the work primarily shifts to finding

S E PTE M B E R 2020

compliance failures. ERP platforms state, amongst its terms of service, that you as a customer are responsible for application security on top of their platform. ERP service providers build and maintain an excellent foundation, but you are responsible for the house on top of that foundation. If someone finds a window you left open or a door your left unlocked, that is on you, not the ERP provider. Cyber insurance is unlikely to pay out in those instances as their terms disqualify coverage for an unpatched vulnerability. That is quite common in ERP systems where patch frequency is six months or greater. The question therefore is what are the gains of operating in the cloud using Onapsis? Onapsis offers insights on both sides: open vulnerabilities and exploits in action. Onapsis shows source code that makes an enterprise less secure and exposes system changes that

CHANNEL STREET

weaken their security position. Inside the cloud arena, there is a big move to specialisation in cloud offerings. Onapsis has offerings that work in a number of the private cloud solutions. Onapsis has customers in HANA Enterprise Cloud, for example. Onapsis engineering team is actively engaged in building support for a number of environments because Onapsis recognise that ERP is becoming increasingly dependent on cloud services.

PARTNER PROGRAMME The Onapsis nCase Partner Programme is based on a four-pillar global strategy that encompasses system integrators, managed security service providers, technology alliance partners and value-added resellers. Onapsis offers business-critical application security and compliance solution. As a member of the Onapsis nCase Partner Programme, partners benefit from access to specialised knowledge base, expertise and insight into ERP security best practices. In turn, this makes Onapsis partners qualified to help customers analyse security and compliance programmes within their customer’s critical infrastructure. When Darren Gaeta, Vice President of World Wide Alliances and Channels at Onapsis, joined in November of 2018, the organisation had a rudimentary channel programme with system integrators including Deloitte, PwC and IBM. Darren primary

objective was on expanding the programme, utilising a four-pillar approach. Darren built the programme focusing on adding VARs, system integrators, MSSP’s, and technology alliances. Gaeta leveraged past relationships including Accenture, Deloitte, PwC, IBM, Protiviti, Optiv, Guidepoint, and Deepwatch. These relationships have added to Onapsis’ go-tomarket sell out channels. The revamp of the partner programme makes it easier for partners to work with Onapsis. Onapsis has launched a registration platform to simplify registering and approving prospective customer deals. Onapsis has introduced a global partner portal with exclusive access to sales and technical training, as well as branding and lead generation programmes. Onapsis has developed a specialised knowledge base, with expert advice, educational resources, and insight into security best practices, including actionable information about key compliance issues that need to be addressed during ERP migrations. In the past year, Onapsis nCase Partner Programme has reached nearly $5 Million in revenue for selected partners. The Onapsis Partner Programme has also reached global status, expanding beyond North America into EMEA and the Benelux region. Inside the region, Spectrami is Onapsis’ value added distributor and follows the same global partner programme inside the region as well. ë

BENEFITS OF ONAPIS NCASE PARTNER PROGRAMME l

Offerings that support emerging ERP transformation

Offerings that support cloud migration and regulatory compliance use cases

Improved revenue margins

Participation in deal registration

Access to Onapsis technology in consulting engagements

Ability to incorporate Onapsis technology in MSS offerings

Integration of Onapsis with partner products

Access to sales and technical training

Access to branding and lead generation programmes

Opportunity for services revenue

S E PTE M B E R 2020

MEA

INNOVATION

tools. The core solution benefits from Tenable are around vulnerability management. Tenable scans networks, systems, applications and tells the customer whether they are vulnerable on those systems. After this, the end customer can mitigate the risk of being hacked by applying specific measures to those systems to make sure they are not vulnerable to cyberattacks. Nessus is used globally and Tenable has intelligence not only on existing vulnerabilities but also feeds from vulnerabilities that will be exploited in the coming days. It is collected through manual and automated processes as well. It is like a hybrid mode, it is not fully manual, and it is not fully automated. Tenable’s focus is on enterprises, regardless of whether it is government or private, small, medium, or large. What matters is that the company cares about its intellectual property, its customer records, financial data or any confidential data. “That is our core competence,” says Maher Jadallah, Regional Director, Middle East, Tenable.

MAHER JADALLAH,

Regional Director, Middle East, Tenable.

TENABLE

ASSET MAPPING

BUSINESS VALUE OF AN ASSET AND ITS RISK PROFILE The CISO in the modern digital world will need to take responsibility for guarding an organisation’s crown jewels as a condition within his job role.

enable has published a global industry study that revealed, 95% of Saudi Arabian organisations have experienced a business-impacting cyberattack in the past 12 months. The data is drawn from, The Rise of the Business-Aligned Security Executive, a commissioned study of more than 800 global business and cybersecurity leaders, including 49 respondents in Saudi Arabia, conducted by Forrester Consulting on behalf of Tenable. As cybercriminals continue their relentless attacks, 85% of respondents in Saudi Arabia have witnessed an increase in the number of business-impacting cyberattacks over the past two years. Unfortunately, these attacks had damaging effects, with organisations reporting loss of customer or employee data 41%, ransomware payments 37% and financial loss or theft 35%. Roughly 61% security leaders in Saudi Arabia say these attacks also involved

operational technology. Business leaders want a clear picture of how at risk they are and how that risk is changing as they plan and execute business strategies. But only four out of 10, local security leaders say they can answer the fundamental question, with a high level of confidence: How secure, or at risk, are we? Organisations with security and business leaders who are aligned in measuring and managing cybersecurity as a strategic business risk deliver demonstrable results. In the future, there may be two kinds of CISOs. Those who align with the business and everyone else. The only way to thrive in this era of digital acceleration is to bring cyber into every business question, decision and investment.

VULNERABILITY MAPPING Tenable’s core engine is Nessus and that is the largest source of vulnerability assessment

Each customer values their data in their own way. The process of mapping the criticality of an asset on the network is done jointly with the business and the organisation’s cyber security team. The criticality of an asset varies by organisation and by industry. Tenable solutions need to be used by an organisation’s CISO to ensure that the organisation’s crown jewels as defined by business are protected. Jadallah points out that inside an organisation, business looks at the criticality of an asset typically through two aspects. It could be either through the ability to make profits, if it is highly accountable on making profits. And the other is through its repository of data. Here, data could have many forms such as customer profile data, transaction data, or patient medical records as an example. A typical legacy cyber security application does not map assets based on the criticality for business. “A legacy system will not look into the business impact but at Tenable we map security vulnerability to asset criticality. If the asset is critical, we give it a different flag,” says Jadallah. If an asset is flagged as business critical and has a high vulnerability exposure, it is flagged to the CISO. “I call it prioritisation. I need to prioritise my remediation plan towards those critical assets. That is why Tenable addresses this well because we map vulnerabilities to critical assets to business,” says Jadallah. When a CISO sits with business and understands the drivers, the mission and what the customer cares about, they can map that into the

S E PTE M B E R 2020

MEA

INNOVATION

Source: The Rise of the Business-Aligned Security Executive, Tenable and Forrester Consulting.

MEA

S E PTE M B E R 2020

INNOVATION

Source: The Rise of the Business-Aligned Security Executive, Tenable and Forrester Consulting.

S E PTE M B E R 2020

MEA

INNOVATION

configurations of the existing security system. They have to sit together to become more aligned. By sitting together, their strategy begins to match the goal of the company. CISOs who operate in their individual silo are not part of tomorrow’s landscape. They will need to be able to speak the language of business. This is an upgrade to the typical CISO role, feels Jadallah. “Today, a typical CISO, will not last long. We need CISOs today that are more aligned to the business and speak the language of business. That is the kind of modern CISO required for the future.”

The Rise of the Business-Aligned Security Executive, Tenable and Forrester Consulting.

MEA

S E PTE M B E R 2020

TARGETING OPERATIONAL TECHNOLOGY According to the recent Tenable survey, 61% security leaders in Saudi Arabia say attacks also involved operational technology. Inside the realm of operational technology, devices and systems are not subject to continuous upgrades as in the information technology realm. In some cases, the system may not have been updated for more than 10-20 years. Since it is an old system, that has not been patched it is highly vulnerable to hacking, even through the most basic hacking tools. On the information technology side, devices, systems, and applications are being continuously patched and updated. And hackers would prefer to move laterally towards the operational technology side. “It is easier for me to go through an old and neglected system, than a dynamic network that is always updated and protected,” points out Jadallah. The weak link in the chain, is that operational technology workers are also on the same organisational network as rest of the employees, and use the same tools as rest of the organisation. Any employee that has access to operational technology systems or is connected to an operational technology device, is therefore a priority subject to be compromised. They also log in directly into air-gapped operational technology systems to manage them as required. Target the operational technology teams, compromise the administrator and you can get access to the operational technology systems. In reality today, threat actors are targeting the operational technology side, because the compromise can be demolishing and a backbone breaker, according to Jadallah. Not all cybersecurity systems can provide an integrated view of asset criticalities and security vulnerabilities, across the complete organisation. “You need a system that can give you cyber exposure after all these modern assets are connected to each other. You need a system or tool that will help you to find vulnerabilities on that interconnected network,” he stresses. ë

Distance is NO BARRIER

Introducing D-Link Smart Wireless Solution for Point-to-Point Deployment

ESD Surge Protection

DAP-F3711-I Range: Upto 5 Kms Antenna Gain: 15 dBi High-Power Wireless 5Ghz 11ac Bridge

2x2 MIMO

Ã¼

IP 65/66 Complied

Point to Point or Multipoint Application

Centrally Managed

TDMA+Polling Avoiding collision/ Interference between channels

DAP-F3704-I Range: Up to 5 Kms Antenna Gain: 10 dBi High-Power Wireless 5Ghz 11n Bridge

ACK Timeout adjustment Improves long distance Transmission

DAP-F3705-N Range: Up to 10 Kms Antenna Gain: 23 dBi High-Power Wireless 5Ghz 11n Bridge DAP-F3712-N Range: Up to 20 Kms Antenna Gain: 23 dBi High-Power Wireless 5Ghz 11ac Bridge

Intelligent Rate Control Improving stability of Bandwidth

Self Healing Useful in extreme noisy area

Connect to more |

INNOVATION

BILL LARGENT,

CEO, Veeam.

BACKUP AND RECOVERY

VEEAM MOVES AGGRESSIVELY INTO NEW-NORMAL WITH ACT II Fueled by direction from Insight Partners, Veeam is aggressively aligning with hyper scalars and building solutions for cloud and Kubernetes platforms. BY ARUN SHANKAR

n January 2020, Insight Partners entered into a definitive agreement to acquire Veeam Software, a vendor in backup solutions that delivers cloud data management. Under the ownership of Insight Partners, Veeam has become a US company, with a US-based leadership team, while continuing its global expansion. The acquisition will enable Veeam to accelerate its Act II - Veeam’s evolution into hybrid cloud. As part of the acquisition, Bill Largent was elevated to Chief Executive Officer and Danny Allan to Chief Technology Officer. Following an investment from Insight Partners at the beginning of 2019, Veeam has worked alongside Insight Partners’ business strategy and ScaleUp division, Insight Onsite, to expand its software-defined Veeam Cloud

MEA

Data Management Platform. The company launched a number of new innovations in 2019, including Veeam Backup for Amazon Web Services, Veeam Backup for Microsoft Office 365 v4, Veeam Universal License and Veeam Backup for Microsoft Azure. For Veeam, moving from Act I to Act II is about the transformation it is going through. When Veeam started in 2006, it was about VMware, VMWare virtualisation and later HyperV. Act II is more about building a single platform for cloud, virtual and physical. Act II essentially builds an end to end solution for the modern virtual data centre. Veeam is now moving from VMware deployments and pure backup and recovery to reducing risk and helping to accelerate digital transformation in its customer base.

S E PTE M B E R 2020

As part of Act II, Veeam is also expanding the scope of its business from the channel. Other than its value-added resellers and other channel partners, Veeam plans to leverage on its OEM relationships and alliances. This includes HP, NetApp, and Cisco, amongst others. Act II also involves the transition from socket licensing, followed by VMware, to user and licensing portability. As part of Act II, CEO Bill Largent, also points to the changes with the Veeam founders as being significant, having closely worked with the founder team since 2001. “It is really a transformation of their day to day activity out of the business to consulting activity for the next 12 to 18 months as they transition their roles,” reflects Largent. In the months ahead, Veeam expects to improve its relationships with the global hyper scalers. “They need a lot of maturing,” says Largent. Veeam’s latest SaaS offering that it has built around Microsoft Office 365 is also one of Largent’s hot spots for 2021. “This SaaS offering, which we have not had historically, has been our fastest growing single feature product offering, we think because there are hundreds of millions of users out there using licenses for Office 365,” he explains. Another important Veeam development that Largent expects will drive digital transformation is its licensing portability. “We started that change a little bit ago. So that is a big piece of our digital transformation. You can take that license with you in the cloud, on-premises, or the hybrid cloud. We believe that is a significant step for us, how we have done the licensing,” he explains. While cloud and hyperscale is a key focus area for Veeam’s growth and innovation, Largent stresses that the vendor is not refocusing. “Our core business is backup and recovery and that still drives innovation coming along, that moves us further into the enterprise world,” he points out. Largent regards Veeam’s vendor alliances and relationships as important with HPE, NetApp and Cisco leading the pack. “We are working with probably 30-40 different storage platforms and have those kinds of relationships. We have also expanded into Kubernetes and other areas with some of the different software vendors.” Veeam has emphasised its partnership with Kasten over the last 12 months, the leader in backup solutions for containerised workloads, using its K10 Data Management Platform, purpose-built for Kubernetes, providing enterprise operations teams easy-to-use, scalable,

INNOVATION

KEY TAKEAWAYS In a world where a business’s most valuable asset is constantly on the move, data management has never been more critical. l Legacy solutions cannot keep up, Veeam’s software provides holistic coverage for the modern business. l A major focus has been criticality of data to business success as customers undergo rapid digital transformation. l 44% of enterprises are being hindered in their transformation journeys due to unreliable, legacy technologies. l For Veeam, moving from Act I to Act II is about the transformation it is going through. l In the months ahead, Veeam expects to improve its relationships with the global hyper scalers. l Veeam is deeply into cloud strategy with Founder Andrei Baronov driving the innovation, along with other key architects. l

and secure system for Kubernetes backup and application mobility. “Kasten is a new one for us over the last 12 months now and we believe that containers need to be there. We think that is still out several years - two years before heavier deployment,” he explains. Across the years from 2001, the Founders and Largent have managed the double-digit growth of the global company, focusing and frequently repositioning at the same time. According to Largent, while the team will remain the same, the Founders will move to a less prominent position. “So, we have kind of handled things, the three of us, I would say, on a communal basis, have done our own thing.” Largent’s role historically, starting in October of last year, was all about deal closing, getting sales accomplished, talking to customers, as well as vendors in the Veeam partner community. All that changed when Largent moved into the CEO role in January this year, where he is now steering Veeam through the turbulent months ahead and into 2021. ë Adapted from and previously published in Business Transformation, July 2020.

S E PTE M B E R 2020

MEA

PRODUCT NEWS

ASBIS ME to distribute Axtel’s professional headsets Axtel, a global provider of high-quality devices, has joined ASBIS ME in a distribution deal to meet demand from the region’s high-quality professional headset space. Axtel’ headset products add value to ASBIS business. Supreme sound quality, reliability, and maximum comfort thanks to an ergonomic design from Axtel’s R&D department. Axtel is leading in the advanced audio technology for voice quality and noise cancellation, Axtel’s headsets are suitable for any environment. With Axtel, ASBIS ME will continue to transform one-time clients into trusted business partners. Prince Gangadharan, Manager Sales, ASBIS ME noted that 2020 was an important year for the solutions company, as it moved towards transformation, artificial intelligence and 5G. While the industry has been trying to perfect itself, its users’ habits are changing in the blink

Shure launches wireless AD3 Plug-On Transmitter

Shure’s Axient Digital Wireless System has established itself as the go-to industry standard for premium, flawless audio. Whether it’s a live, on-stage performance or a high-stakes broadcast to millions of viewers, Axient Digital empowers today’s entertainers, broadcasters, musicians, and others to bring perfectly clear audio to audiences all over the world. Now, with the introduction of the Company’s Axient Digital AD3 Plug-On Transmitter, audio professionals can transform any XLR microphone into an Axient Digital wireless microphone, delivering impeccable audio quality and RF performance, wide-tuning, and encryption features.

MEA

Mimecast launches phishing simulation tool for enterprises

MANDY MCKENZIE, DIRECTOR OF PRODUCT MANAGEMENT FOR AWARENESS TRAINING, MIMECAST.

of an eye. ASBIS ME believes that the Axtel’s high-quality headsets throughout the design and manufacture process with added training, will improve skill sets of partners.

For high-tier broadcast, film, and TV applications that require a flexible connection to a wired microphone, the new AD3 Plug-On Transmitter makes it possible – complete with a plug-on design, highperformance radio, and spectral efficiency. Ideal for sideline reporting, street interviews, and press conferences, the AD3 seamlessly transforms a wired source into an advanced, Axient Digital wireless source. Additionally, it can easily connect to a shotgun microphone on a boom pole to up- level portability on film and TV sets. The AD3 is compatible with Axient Digital AD4D and AD4Q rack receivers in Standard or High Density modes. The AD3 was designed to provide exceptional portability and connectivity, all while still offering the reliability and performance that are synonymous with the Shure brand. Out-of-the-box, the AD3 includes an innovative locked XLR connector design, a user-friendly control menu, OLED display that is easy to read in challenging lighting conditions, and a sweat, moisture, and debris resistant build. The transmitter also includes a pouch, belt clip, USB-C cable, and supports both conventional AA and Shure SB900A rechargeable battery options.

S E PTE M B E R 2020

Mimecast has announced an industry changing capability that will allow customers to launch live phishing simulations. Known as SAFE Phish, it’s designed to let security teams create training exercises using real-life, de-weaponised campaigns that target their organisations and employees. Training results are engineered to be incorporated into the Mimecast SAFE Score dashboard, which is designed to aggregate data to gauge a company’s security posture. Organisations have an opportunity to re-define the way overall risk is measured as a result. Because SAFE Phish results act as a security feed, data from phish testing can be incorporated into the Mimecast SAFE Score dashboard, which is designed to calculate individual user risk using four factors: engagement, knowledge, sentiment, and bad URL clicks. Data is also aggregated to provide an overall organisational risk assessment. According to recent research from Mimecast, almost 60% of 1,025 IT decision makers said they saw an increase in both phishing, 58%, and impersonation attacks, 60%, over the last year. The uptick of Covid-19-related phishing campaigns also highlights the fact that threat actors are looking for new opportunities to target victims with relevant topics.

PRODUCT NEWS

D-Link emphasises router security during remote working D-Link urges customers to pay heed to the security aspect when purchasing wireless routers and other gateways for home networks. As businesses across the region embrace remote working models, it opens the door to risks posed by unknown networks and devices that are not vetted by corporate IT teams. Ensuring

security is embedded into personal devices and home Wi-Fi- routers becomes even more important during such a scenario. Routers are especially vulnerable to attacks as its configuration presents predefined credentials readily available over the internet. Routers are susceptible to many known vulnerabilities

as it is, which are oftentimes not fixed even with the latest updates. The average user rarely thinks about router security when making a purchase. According to a survey by Broadband Genie, only 31% of the 2,205 respondents have changed the Wi-Fi network password, which is different from the router’s admin password, and only 30% checked the router’s admin panel to see what other devices are connected to their router. Customers can keep their routers secure by undertaking simple steps such as regularly changing the passwords, ensuring the firmware is up to date, turning off features that enable remote access from outside the home, leveraging the option to use a separate network for guests and by being more aware of all the devices connected to the home network. With the proliferation of IoT devices, it is critical to safely manage its operations through the router. D-Link’s flagship Exo Smart Mesh Wi-Fi Router series come embedded with in-built security. The next-generation routers offer high-performance Wi-Fi connectivity combined with McAfee protection, providing a faster and more secure home network.

D-Link supports the global events sector with robust routers

SAKKEER HUSSAIN, SALES AND MARKETING DIRECTOR, D-LINK MEA.

As regional businesses slowly ease into the new normal, D-Link Corporation, a global player in connectivity solutions for small, medium and large enterprise business networking, is primed to support customers as they encounter unexpected challenges in the new business environment, especially in terms of events. The onset of the ongoing Covid-19 pandemic brought the world to a standstill at the beginning of 2020. The UAE, being a hub for technology, travel and tourism, has an eventful calendar all year round with thousands of visitors annually. This includes numerous conferences, expos and trade shows, exhibitions, smaller networking events, training sessions and so on. To control and monitor the pandemic, all kinds of events were suspended for the foreseeable future. But as the country reopens and gradually gets accustomed to redefined work cultures and lifestyles, we are seeing innovative ways of hosting events successfully in this new normal. A great example is the recently held Ai Everything x Restart Dubai Summer Conference. With attendees in-person and online from all over the globe, it was hailed as a resounding success and signalled the reopening of the events sector. To make large-scale hybrid events successful, the technology it relies on must be foolproof. A stable Wi-Fi connection and robust routers are paramount to ensure the smooth running of events in this hybrid-model. D-Link Middle East understands the current demands of the market and is focused on solving evolving challenges as the country restarts full-fledged. The company’s state-of-the-art Wi-Fi 6 routers, DIR-X5460 AX 5400, DIR-X1860 AX 1800 and DIR-X1560 EXO AX AX1500, can be the ideal tools to ensure uninterrupted connections. Powered with Wi-Fi 6, 802.11ax, technology, these routers provide faster speeds, greater capacity and less network congestion. D-Link’s flagship remote work management solution, Nuclias Managed Wireless Networking portfolio, has also seen an uptake in adoption during the current circumstances.

S E PTE M B E R 2020

MEA

REAL LIFE

Nobu Hospitality boosts guest experiences with Aruba tools Aruba has announced that Nobu Hospitality, a luxury lifestyle brand founded by Nobu Matsuhisa, Robert De Niro and Meir Teper, is standardising on Aruba as its preferred network infrastructure vendor for three of its new hotels in Chicago, Warsaw and London Portman Square. Using the foundation of Aruba ESP, a combination of Aruba wired, wireless and security solutions, Nobu Hotels is enabling highly secure and reliable Wi-Fi,

as well as a range of IoT applications, that help provide a superior experience for its guests, replete with all of the comforts and technologies they have at home. To accomplish this, the edge, where data is generated, secured, analysed and acted upon, must serve as the foundation for leveraging actionable analytics from Nobu Hotelâ&#x20AC;&#x2122;s integrated network, business applications and guest preferences, to deliver new on-property

Airtel, Avaya partner to enable remote work in Nigeria NOUR AL ATASSI, DIRECTOR, SERVICE PROVIDERS, MIDDLE EAST, AFRICA AND ASIA, AVAYA.

Airtel Nigeria, has partnered with Avaya to enable organisations in the country to implement remote working and learning initiatives. Through the partnership, Avaya will offer organisations in Nigeria full-feature access to its flagship collaboration app, Avaya Spaces, on a complimentary basis, through Airtel Nigeria. Avaya Spaces changes the way work gets

MEA

done, bringing together globally distributed teams instantly with immersive, 24/7 collaboration. And seamless integration makes Avaya Spaces easy to use with the cloud solutions that organisations already use. Avaya Spaces can handle not only the usual tasks, but also unplanned and new-priority work that arrives nearly every day. Users can launch ad-hoc HD video

S E PTE M B E R 2020

guest experiences. According to Rodney Linville, Global Corporate Director of IT for Nobu Hospitality, Arubaâ&#x20AC;&#x2122;s open, secure and nimble cloud-native infrastructure was the ideal choice to reflect the Nobu Hotel brand. With the help of key integration partners, Nobu is deploying a range of Aruba solutions at its various properties. Among these are Aruba edge and core switches, ClearPass Policy Manager, and Aruba location-ready APs, the latter of which are designed specifically for hospitality and IoT use cases. This is particularly important for Nobu as the IT team is pairing the Aruba Bluetooth beacon and Zigbee radio technology in the APs with solutions from key IoT and analytics partners including the following: l ASSA ABLOY Global Solutions for automating access and identity controls with door locks and enabling contactless check-in, allowing guests to use their smartphones to gain secure room access l React Mobile to create a safe working environment for their staff with an enterprise class Employee Safety Device platform, as required by local or union regulations l Skyfii for improving hotel operations and the visitor experience

conferencing meetings to bring everyone together, share and collaborate in-person. And automated alerts when someone chats or posts an item within Spaces make it easy to stay on top of fast-moving projects and stay in touch with team members anywhere. The Avaya Spaces app is available on Android and iOS devices, and can also be securely accessed on personal computers and laptops via Chrome or Firefox browsers. With obvious use cases for schools, it enables teachers and administrative staff to reliably communicate with parents, students and each other to minimise learning disruption amid the school closure. Using the app, students will be able to participate in virtual classrooms from any location, with the ability to download study materials and send assignments to teachers electronically. Since January, Avaya has seen an increase of more than 3,200% in video collaboration traffic on the Avaya Spaces platform. Several hundred universities, schools and other organisations worldwide have engaged Avaya to gain the connectivity and collaboration capabilities Avaya Spaces provides as they address the challenges of Covid-19 pandemic.

GUEST COLUMN

ARAFAT YOUSEF,

Managing Director, MEA, Nexans Data Network Solutions.

CREATING FUTURE-READY BUILDING INFRASTRUCTURES

Technology drivers are changing the design, implementation and management of data and power infrastructure in buildings, explains Nexans’ Arafat Yousef.

oday’s intelligent buildings offer functionality far beyond traditional building management systems. An intelligent building supports energy savings and integrates services to drive economic, social and environmental benefits for owners, tenants, and staff populating buildings. Benefits range from improved productivity to enhanced comfort and safety. Sensors and devices make it possible to digitally represent physical objects, systems and spaces. Data collected by IoT devices enables optimised functionality of the building systems and spaces.

MEA

For example, many new smart PoE systems have built-in sensors that offer enhanced energy-saving possibilities. Occupancy sensors can help utilise space and flexible work places more efficiently. Smart lighting equipped with occupancy and ambient light sensors that change lighting over the course of the day help increase productivity. An intelligent building’s nervous system is essentially the network that connects data input devices, which includes actuators, switches, system controls and so on, with the intelligent software that acts based on those inputs. Today, more and more systems run on,

S E PTE M B E R 2020

or are being adapted to, an Ethernet network rather than a proprietary system.

INTELLIGENT BUILDING NETWORK DESIGN Let’s take a closer look at current key developments in intelligent and connected buildings, and their requirements. A BIoT, essentially an IoT Installed in buildings, could, for example, encompass smart sensors, access control systems, or HVAC and metering systems. These systems and devices are all connected to a network. The digital ceiling is essentially a moniker

GUEST COLUMN

An intelligent building’s nervous system is essentially the network that connects data input devices. An intelligent building supports energy savings and integrates services to drive economic, social and environmental benefits. for a network of smart digital products and applications installed in the ceiling. Not only building systems, but also WLAN access points, IP cameras, smart building systems and connected lighting solutions with PoE-powered LED fixtures. Connecting highly efficient LED based lights with twisted pair cabling offers the benefit of providing lighting control signals and PoE to the fixtures and switches through the same cable, eliminating the need for a separate power cabling infrastructure.

TECHNOLOGY DRIVER The latest Power over Ethernet standard allows for power transmission over all four cable pairs. It offers up to 90W output power at the power sourcing equipment and 71.3W at the powered device. Furthermore, the latest standard supports 10GBase-T, making it possible to provide 10Gbps transmission speeds while supporting power delivery over copper. It’s also backwards-compatible with previous generations of PoE. This latest generation of PoE enables connected lighting solutions, as well as applications such as network powered digital signage in public areas and airports, and offers support for power-hungry IP cameras and the latest WLAN access points. In fact Wi-Fi 6 technology is affecting the network cabling layout in today’s buildings. This generation of Wi-Fi offers greater user

bandwidth and channel efficiency. However, increasing wireless network performance requires better signal quality, which leads to a decrease of radio cell size by some 30%. Care should be taken to ensure adequate cabling is available to support the higher access point density required. As bandwidth bottlenecks are shifted away from the wireless part of the networks, which can now handle gigabit speeds, the capability of the wired interface becomes critical. Category 6A copper is recommended as a minimum to provide adequate bandwidth and superior heat dissipation capabilities in cable bundles.

IMPACT ON IT INFRASTRUCTURES Today, data and power networks are converging. An increasing number of end devices are connected via copper cable to provide data as well as power. Previously, a work desk might use PoE-based power for no more than a VoIP phone. However, today’s digital ceiling devices and applications, often require much more bandwidth and/or power. Furthermore, the changing nature of applications using the network also means requirements in the area of IT security and reliability have changed. To address cabling density and endpoint flexibility requirements, intelligent building cabling standards recommend using a passive zone cabling architecture. With this approach, Service Concentration Points, SCPs, can be created, each of which can support multiple service outlets in a coverage area of about 16 m2. Unlike the standard Enterprise LAN where the location of the work area outlets for Information Technology is usually predictable, these service outlets which connect the different building functions, or Operational Technology, may be positioned in many different parts of the space. Utilising a zone cabling architecture will result in a cabling density that is designed to support different systems and devices that can be optimally positioned according to the function they serve. Fibre in the digital ceiling approach

An alternative network design for digital ceiling support is to install optical fibre and a small Ethernet switch providing power and connectivity as an active consolidation point in the building space being supported. From this active consolidation point, only a short distance needs to be bridged to the connected devices with patch cords and PoE power can be supplied. This approach can also provide for future connections as network designers often don’t know how many devices or systems will be connected in any given area of an Intelligent Building ahead of time. Choosing the right cabling infrastructure The key to selecting the right cabling infrastructure is to provide a flexible solution that can support the different bandwidth and power requirements of various services and devices in different locations. Installation of Category 6A cabling is considered a best practice because it supports the highest bandwidth and greatest power levels without the risk of overheating in large bundles, which are sometimes present in the zone cabling architecture. The introduction of a digital ceiling active consolidation point can provide similar flexibility and the potential to reduce cabling costs. Installing optical fibre to a locally powered Ethernet switch located within the building space can meet bandwidth and power requirements for each device with the flexibility of connecting that device with a simple patch cord. New Single Pair Ethernet, SPE, equipment will open the way for an additional overlay network designed to support intelligent building systems. Work on SPE cabling standards is underway with the expectation that this technology will enable economical, high density deployment of a whole new wave of connected sensors and controls that will make our buildings even smarter. ë

S E PTE M B E R 2020

MEA

GUEST COLUMN

NABIL KHALIL,

Executive Vice-President, R&M Middle East, Turkey and Africa.

ALL-OVER-IP NETWORKS ARE THE FOUNDATION FOR SMART BUILDINGS With All-over-IP solutions, the realisation of intelligent buildings will become less expensive and far less complex, explains R&Mâ&#x20AC;&#x2122; Nabil Khalil.

uildings have evolved tremendously in recent decades and the Middle East is now home to some truly impressive works of architecture, from the worldâ&#x20AC;&#x2122;s tallest tower to buildings that have earned their place as global icons for their aesthetics and sustainable design. While these marvels of modern engineering characterise the skylines of cities across the region, there is a clear eagerness to go a step further. The rapid advancement of technology has made it possible to not only imagine the natural evolution of buildings, but also realise their transformation into Smart Buildings. By utilising technology to automate the operation of building systems such as lighting, alarms, fire and life safety, HVAC and more, these structures have the potential to greatly enhance the safety, efficiency, and comfort of

MEA

occupants. Moreover, building owners can achieve these benefits while simultaneously enjoying increases in efficiency and reductions in cost owing to the streamlining of operations. With clear reasons to transforming new and existing developments into intelligent buildings, industry stakeholders are now tasked with identifying and understanding which technologies they must invest in. The gathering, processing and analysis of data from sensors and systems located all across the premises is fundamental to making a building smart. IP-based systems, also known as networked systems, are what make this possible. These systems use Internet Protocol to communicate with each other through IP addresses and data packets and all types of building systems, from HVAC

S E PTE M B E R 2020

The gathering, processing and analysis of data from sensors and systems located all across the premises is fundamental to making a building smart.

GUEST COLUMN

controls to digital signage, can be IP-based. Allover-IP networks open up better possibilities for the development for smart buildings. Investment: Devices and systems which work with Ethernet IP technology are favourably priced as competition, uncomplicated

standards and mass production reduce the manufacturing costs. Furthermore, open standards and license-free software, which is free of charge, simplify the engineering of All-over-IP solutions. Connectivity: IP devices and networks

speak the same language, end to end. They do not need any translation between the server, operating systems such as with gateways, and end devices. They are easy to connect to each other with standardised RJ45 cable interfaces which simplifies installation, commissioning and maintenance. Performance: The Ethernet IP protocol enables the transmission of large quantities of data faster than field bus systems. This makes it possible to collect and distribute data from the entire network. The availability of a fast data connection allows new data-intensive applications such as HD video or analytics to be used. Scalability: Buildings can be connected and controlled digitally throughout. The current Internet Protocol Version 6 can theoretically allocate 1,500 IP addresses per square meter. In practical implementations, there is no limit to the number of devices which can be addressed. Security: The star-shaped topology reduces the number of connection points and gives IP networks more operational reliability. The access controls and authentication measures incorporated in the IP improve the security of building automation. Add-ons: Thanks to the total availability of data from different components, new applications and technical solutions can be developed. An administrator can integrate these with the click of a mouse. ĂŤ

S E PTE M B E R 2020

MEA

GUEST COLUMN

ANTHONY PERRIDGE,

VP of International, ThreatQuotient.

LEVERAGE CTI TO BENEFIT YOUR SECURITY POSTURE Cyber threat intelligence can add great value to threat detection and response, explains ThreatQuotient’ Anthony Perridge.

ver the last year, we have seen the cyber threat intelligence, CTI, community growing and diversifying; as a result, the way threat intelligence is being used has also evolved. However, a survey conducted by SANS, sponsored by ThreatQuotient, recently revealed that 1 out of 5 companies are still unsure of CTI’s value to their organisation. CTI analyses information about the intent, capabilities and opportunities of adversaries in cyberspace. It is a valuable resource for organisations and individuals serving in roles requiring to be prepared for the wide range of threats that their organisation is facing. To help organisations realise the value of CTI, we compiled a list of benefits this resource can bring.

MEA

TRACKING THREAT BEHAVIOURS Security organisations tend to consider intelligence as an indicator feed. They’re not wrong, but CTI can offer so much more value than that. Not only does it help to enrich alerts with technical details about specific attacks and campaigns, it is also a source of information around threat behaviours and adversary TTPs. Encouragingly, 27% of the SANS survey’s respondents perceived this as the greatest value to their threat detection and response. As organisations become more familiar with threat behaviours, adversary TTPs and how to leverage them, these figures will certainly continue to rise. Another way to leverage CTI is to classify and share adversary behaviours across

S E PTE M B E R 2020

organisations, for example through utilising a framework like MITRE ATTA&CK. These frameworks help organisations to track the types of threat behaviours that are active within their industry, allows them to have a better collaboration process and subsequently prioritise actions that must be undertaken across architecture, security operation and response functions.

IDENTIFY DIGITAL FOOTPRINT OR ATTACK SURFACE IDENTIFICATION Organisations can also take advantage of this intelligence by identifying digital footprint or attack surface identification. This means that they are able to have a clear overview of all their external assets accessible from the

GUEST COLUMN

Another way to leverage CTI is to classify and share adversary behaviours across organisations. FIND A SHARING PARTNERSHIP THAT WILL BENEFIT YOUR ORGANISATION

1 out of 5 companies are still unsure of CTI’s value to their organisation.

internet, as well as assets that can be attacked and compromised by attackers. Eventually, being aware of these, combined with adversary TTPs, helps prioritise which threats and/or vulnerabilities should be taken care of. It comes as no surprise therefore that 81% organisations have seen their security and response improve since they started producing or leveraging CTI. For those organisations who are unsure about the impact of CTI on their security and response, they should consider, and measure, the average resolution time of security incidents when CTI analysts participate and compare to those times to when they didn’t. This would help them to appreciate how much it has enriched the understanding of security incidents and response but also the process, allowing to resolve issues quicker.

In recent years, we have seen a growing interest in collaborating and sharing information amongst security teams. As a result of this trend, multiple solutions have emerged providing organisations with the right tools to tackle cyber threats such as threat library, endpoint detection and penetration testing. Beyond the data being shared, information sharing programmes have a wide range of benefits. From point-of-contacts to advocacy for security and best practices, participating in an information-sharing group provides a secure and confidential environment for organisations to increase situational awareness and reduce the impact on organisations.

COLLABORATE WITH GOVERNMENTS AND ISACS We mention collaboration above, and CTI shows even more value as it isn’t limited to the private sector. Indeed, security teams also have the opportunity to share their intelligence and collaborate with their peers in the government and other public entities. Collaboration with the latter can be done through an Information Sharing and Analysis Centre, a non-profit organisation providing a central resource to gather information related to cyber threats to critical infrastructure. Such centre is based on a two-way sharing of information between the private and public sector. Surprisingly, the SANS survey revealed that this smart way to make the most of the intelligence and better defend against threat has only seduced 40% of organisations. The biggest value propositions of CTI coming from governments and ISACs perceived by these were the timely and relevant threat informa-

tion, points of contact at member organisations and advocacy in the community for security. If ISACs enable a development of the expertise around threat intelligence, governments are in a good position too to bring the community together and support collaboration across industries; and organisations seem to be more reliant on it with 51% of the SANS survey’s participants taking advantage of this data source.

A GROWING INTEREST FROM THE PUBLIC SECTOR Whilst sources of government CTI are multiplying, only half of the community is actually taking advantage of it. Yet, governments have matured their own understanding of private sector cyber threats over the last years. They can now give additional context and track adversary behaviours including their tactics, techniques and procedures, and don’t have to only rely on indicators of compromise anymore. The problem with IoCs is that they gained lot of attention on the market even though they simply indicate computer intrusions. In a nutshell, they tend to be too generic to provide long-term and strategic intelligence value. These are only few benefits organisations can get by leveraging CTI, but as the intelligence is growing to include TTPs, threat behaviours, attack surface awareness and strategic assessments, so is the maturity of the CTI process itself. Organisations are increasingly developing intelligence requirements, producing, consuming and sharing intelligence. Moving forward as a community, information sharing is the key to benefit organisations’ security posture. ë

S E PTE M B E R 2020

MEA

GUEST COLUMN

BOOST AGILITY WITH SECURE CONTAINERS AND MICROSERVICES Containers and microservices have taken most organisations by storm, says Palo Alto Networks’s Matthew Chiodi.

very executive is undoubtedly worried about cyber risk. But I’ll bet many of you are likely overlooking a major gap in your cloud strategy: A hole in your Docker. No, I’m not talking about a tear in your casual Friday attire. I’m talking about Docker, the most popular software container platform in the world. While you may not be well-versed on containers, or the applications that often run inside them, microservices, I can guarantee your CTO, CIO, and developers are keenly familiar with them. In fact, if your organisation has migrated workloads to the public cloud, your teams are likely knee-deep in containers and microservices. This should be, in part, good news because containers and microservices are key enablers in your quest for digital transformation. Over the past 18 months, they have taken most organisations by storm. You need to be aware of them and ask your teams the right questions to move your organisation forward, faster. I won’t make your eyes glaze over with arcane technical details, but here’s what you need to know: l Microservices reduce complexity by treating software as small, digestible, agile pieces of code delivered as a service rather than as a traditional software programme. Microservices increasingly are replacing those hulking, expensive, difficult-to-deploy legacy applications that have dominated your data centres for decades. l Containers promote portability, allowing applications to run in the most appropriate and flexible location, whether public cloud, private cloud, on-premises, or on either physical or virtual infrastructure. Containers are fairly lightweight given that they don’t contain an operating system like a traditional virtual machine would. l Containerised environments have many more layers of abstraction that require specialised tools to interpret, monitor, and

MEA

protect these new applications. In a production container environment, you have a number of different layers to secure. Thus far we’ve extolled the positive side of containers, but there is a dark side, as well. When it comes to managing the new risks brought forth by containers, many security teams are taking one of two approaches. The first, and unfortunately the most common path, is to completely ignore them. This is never a good strategy. The second is when teams attempt to address the risks tactically with yet another security point product. Both of these approaches will almost certainly not end well.

HOLISTIC CLOUD STRATEGY From a security perspective, the true value of containers and microservices can only be achieved when they are secured as part of an overarching cloud security strategy that is based on standards. Organisations over the past decade have fallen into the trap of thinking that more security tools equal better security. Unfortunately, we now have more security tools than ever before, and yet breaches continue to be reported at a torrid pace. More security tools do not equal better security.

security programmes, ideally that include what I call the Container Security Triad, then you are well-positioned to avoid the headaches and risks this vulnerability, and others like it, can cause. Of course, if you don’t have a comprehensive cloud security strategy inclusive of containers and microservices, now might be a good time for that conversation.

ADOPT THE CONTAINER SECURITY TRIAD The Container Security Triad has three critical elements in its risk mitigation framework. Build, deploy, and run. When teams are creating containers, this is the build phase. The security team’s focus should be on detecting and remediating known vulnerabilities, as well as identifying new vulnerabilities commonly known as 0-day. Deployment security is a critical part of the equation because it helps to ensure that poorly constructed containers don’t make it to production. Think of it like a general contractor building your house, checking to ensure that the materials used in the construction process are defect-free. Runtime brings additional risks. Runtime security focuses on protecting running

TAKE HEED, DEAR READER Which brings us back to my hole in your Docker point. In early 2019, there was a troubling development: a critical vulnerability was reported that affected the underlying programme that supports Docker and other related services. This vulnerability was extremely serious, as it allowed an attacker to completely control the container as well as any other containers running on the platform. If your organisation’s CISO or CIO have taken steps to craft comprehensive cloud

S E PTE M B E R 2020

Containers and microservices are key enablers in your quest for digital transformation.

GUEST COLUMN

containers and related infrastructure such as Kubernetes, the Docker engine or the underlying host. The most effective way to manage risk is to measure the containers’ behaviour against a known baseline. If you know what’s normal for the container, you can take aggressive action when you see a deviation from the baseline. This is another benefit of containers. Since they typically do only one thing, it is straightforward to pattern their behaviour and notice when there are anomalies.

THERE’S NO SUCH THING AS TOO FAST Many CEOs, board members, and business executives are hearing a lot about the benefits of containers and microservices, and are becoming very comfortable with the idea that these technologies are helping their organisa-

tions become more agile, more resilient, and more digital. But you should also be aware that there exists the potential for an interesting conflict within your organisation regarding just how fast you should embrace and adopt containers and microservices. For instance, if you talk to the software engineering team in the midst of DevOps mania, they will tell you they can’t move fast enough without containers and microservices. But the security operations team, charged with ensuring the highest possible level of cybersecurity, may not always share that enthusiasm. Containers and microservices are inexorable forces that not only speed the release of new software, but also can aid greatly in reducing the complexity of software code that too often is at the root of cybersecurity vulnerabilities. That’s where the Container Security

Triad comes into play; properly planned and executed, it can ease the shift left mentality for security that is often referred to as DevSecOps.

TIPS FOR THE C-SUITE How should executives talk to their CISO, CIO, or CTO about containers and microservices? Some suggestions for you: l If we’re using containers, are they integrated into our overall cloud security strategy? If they’re not, it’s a good time to ask why and how they are currently addressing it. If they’ve taken a tactical approach with a security point product, that is not a good path forward, given the proliferation of security tools in most organisations. l How does your container security strategy address people, process, and technology within the overall cloud security framework? Let’s be honest, too many CISOs still view cybersecurity as a technical domain. This is a mistake, because security is a process, not a product. l How are containers and microservices impacting our cloud security risk profile? It’s great that the DevOps teams will be releasing software faster and with greater measurable impact on the bottom line, but they must also be able to tell you how containers and microservices are reducing cyber risk. If we remove complexity, whether it’s with containers, microservices, or any technology that facilitates agile, reliable delivery of IT services for the business, we are on the path to making the enterprise more secure. By contrast, if we make things more complex by layering on even more security tools, we not only increase complexity, but also risk. ë

Microservices reduce complexity by treating software as small, digestible, agile pieces of code delivered as a service. MATTHEW CHIODI,

Chief Security Officer for Public Cloud, Palo Alto Networks.

S E PTE M B E R 2020

MEA

PEOPLE

EXECUTIVE MOVEMENTS Carol Koech appointed new Country President for Schneider Electric East Africa

Mondia appoints Jorge Seeliger as Chief Product and Innovation Officer

Mondia, a technology company that specialises in the marketing and distribution of digital content, has announced that Jorge Seeliger has joined the company as Chief Product and Innovation Officer. Based in Madrid, Seeliger joins Mondia’s senior leadership team as Executive Board Member to deliver deep insight into business strategy, technology trends and user centricity that will drive the company’s business and enable innovation to provide greater digital experiences to its customers. In his new position, Seeliger will be responsible for the conceptualisation, development and management of Mondia’s overall product strategy, content, partnerships, and will be the driving force behind the company’s continued focus on innovation and transformation. Seeliger joins Mondia from IPG, a global marketing solutions specialist, where he held positions such as Chief Business Officer and Head of Innovation and Product for EMEA. Seeliger’s work at IPG saw him win multiple global awards including Cannes Lion, Festival of Media Global, Campaign and WARC amongst others for projects ideated and led by him in collaboration with his team. He holds an Executive MBA degree from the IE Business School.

Schneider Electric has appointed Carol Koech as the new Chief Executive for East Africa. A Kenyan national, Carol will lead Schneider Electric’s growth vision in the region and drive alignment in strategy and process across its building, datacentre, industry and access to energy business portfolio. Carol joined Schneider Electric in 2018 where she has helped transform the building’s segment and the access to energy programme in East Africa. With a career spanning over 15 years, Carol has held roles in finance, project development, engineering and commercial positions. Her career journey has seen her leading operations in Sub-Saharan Africa. Prior to joining Schneider Electric, Carol was a Senior Regional Sales Manager at GE and led efforts to grow the brand’s sales and profitability through closely engaging with customers on their industrial challenges. Carol worked at Unilever for a period of five years. She is also a STEM champion, mentoring young ladies at work and in high schools and has participated as a mentor at YALI, Go Green City and a host of other competitions.

Vectra appoints Randy Schirman as VP, Worldwide Service Delivery Partner

Randy Schirman has been appointed Vice President of the Worldwide Service Delivery Partner business for Vectra, where he is responsible for leading the company’s global strategy across its portfolio of Service Provider, Systems Integrator, Outsourcer, Hosting and Managed Services partner communities. Prior to joining Vectra, Schirman was a member of the Rubrik leadership team where he joined the company as worldwide Vice President of the Service Delivery Business Unit. During his tenure, Schirman led the efforts to build the global service provider and systems integrator businesses for Rubrik, developing strong alliances with industry giants. Schirman is a seasoned sales veteran with nearly 25 years of sales, channel and management experience. Prior to Rubrik, Schirman spent a number of years at Talari Networks (WanOp) where he served as Vice President of sales, acquired by Citrix. Previous he was with Citadel Security Software where he served as Vice President of sales, and was part of the acquisition by McAfee. Prior to Citadel, Schirman spent a number of years with NetScreen Technologies as Vice President of service provider sales, where he built the organisation from origin through the acquisition by Juniper Networks.

Milestone Systems announces Thomas Jensen as CEO

After an extensive search for the right candidate for the CEO position at Milestone Systems, the Board of Directors is delighted to announce that Thomas Jensen has accepted the role. With his background in Hewlett-Packard and most recently in Europe’s largest IT integrator company Bechtle, Thomas Jensen is an executive leader with a strong global footprint that includes P&L responsibility for international businesses in software and hardware. He has deep business experience with IT and technology, and an understanding for the dynamics of business communities, technology partners and integrators. People are at the core of Thomas Jensen’s leadership philosophy, which resonates well with Milestone Systems’ Scandinavian leadership values and People First approach to management.

MEA

S E PTE M B E R 2020

Phone: +971-4-8863850 E-mail: info@asbisme.ae www.asbisme.ae

“A New Normal of Technology, Business & Networking Events ”

TECHNOLOGY

LEADERSHIP BUSINESS

INNER-SELF CULTURE

90 DAYS MILESTONES

62 +

SESSIONS

6000 +

100 +

C-SUITE ATTENDEES FROM 32 COUNTRIES

PARTICIPATION OF OVER

INTERNATIONAL AND TOP INDUSTRY LEADERS.

89%

OVER

ENGAGED AUDIENCE

COUNTRIES

TECH LEADERS

CIOS

VENDORS

IT DIRECTORS

SATISFIED PARTNERS AND SPONSORS

INNOVATORS

EDUCATORS

ACADEMICIANS AND INVESTORS

BROUGHT TO YOU BY

ORGANIZED BY

Global CIO Forum