GISEC 2023 Day Three

Gisec Global 2023 boosts cyber resilience of the Middle East digital economy

Cyber leaders dismantle digital threats in rising Middle East cybersecurity market that’s on track to scale from US$7.5 billion in 2022 to US$31 billion by 2030

Gisec Global 2023, the Middle East’s largest and most impactful cybersecurity event, opened today at the Dubai World Trade Centre (DWTC), bringing together the cybersecurity industry’s leading brands and experts to boost the cyber resilience of the region’s growing digital economy.

Gisec is hosting a record 500-plus exhibitors from 53 countries. It also features over 200 hours of immersive content, 300-plus leading InfoSec speakers, and 1,000 of the world’s top ethical hackers to contribute to the burgeoning Middle East cybersecurity market that’s expected to reach US$31 billion in value by 2030, according to analysts Frost & Sullivan. The research firm says the Middle East cybersecurity market was valued at US$7.5

billion in 2022 and is anticipated to grow at an annual rate of nearly 20 percent over the next seven years. With thriving cybersecurity ecosystems and supportive government initiatives and policies, UAE, Saudi Arabia, and Israel have emerged as preferred destinations for cybersecurity academics, businesses, research, and innovation.

On the Main Stage of Gisec Global, Dr. Madan Oberoi, Executive Director for Technology and Innovation, Interpol, Singapore, introduced the first Global Police Metaverse, the first virtual platform designed for the global law enforcement community.

Gisec Global is organised by DWTC and hosted by the UAE Cybersecurity Council. Dubai Electronic Security Center (DESC) is the Official Government Cyber Security Partner, and the Ministry of Interior, the Telecommunications and Digital Government Regulatory Authority (TDRA), and Dubai Police are Official Supporters.

This year, the region’s largest cybersecurity event is dismantling the greatest digital threats, from attacking botnet Mantis to hacking through ChatGPT. Gopan Sivasankaran, Regional Director, META, Secureworks, reiterated the importance of driving awareness of the evolving cybersecurity landscape and bringing greater attention to the Extended Detection and Response (XDR) and Managed Detection and Response (MDR) market.

Prominent international cybersecurity leaders will address US$2 trillion market

The 11th edition of Gisec Global is set to host a record of 500-plus cybersecurity brands, 300 leading InfoSec and cybersecurity speakers, and 1,000 of the world’s top ethical hackers to address opportunities in a global cybersecurity market valued at $2 trillion by McKinsey & Company. Organised by DWTC and hosted by the UAE Cybersecurity Council, Gisec Global 2023 is set against the backdrop of a burgeoning global digital economy, estimated to be US$11.5 trillion in size, that faces an unprecedented level of cyber threats that are predicted to cost the world $10.5 trillion annually by 2025.

The Middle East’s largest and most impactful cybersecurity event is poised to be an unparalleled meeting point for the global cybersecurity community, uniting the industry’s leading brands and cybersecurity experts during three days of conference sessions, keynotes, product launches, partner seminars, interactive sessions, briefings, and more. Tech titans Huawei, Microsoft, Cisco, Honeywell, and du will be out in full force at the annual three-day event, alongside headline groundbreaking infosec companies, including Spire Solutions, CPX, Crowdstrike, Mandiant, Pentera, Pvotal, Port53, Cloudfare, Edgio, Secureworks, Synack, Threatlocker, Votiro, Spidersilk, and Waterfall.

Other competitions include the Cyber Maze by Port53, inviting hackers to navigate their way through a series of locked doors in a maze before reaching an endpoint; the UAE Ministry of Interior’s Find the prize (FTP) competition for fresh graduates; the Cyberthon competition; and the Badge Hacking Zone by Gisec Global’s Strategic Partner, du. Gisec Global 2023 will also introduce UnLock – the Gisec Cyber Stars Pitch Competition, where nearly 100 cybersecurity start-ups will reveal

their innovative solutions shaping the future of cybersecurity, while connecting with government officials, investors, IT security and corporate buyers, mentors, prospects and influential disruptors.

Running under the theme ‘Connecting minds, boosting cyber resilience,’ Gisec Global 2023 will take place with the Dubai Electronic Security Center (DESC) as Official Government Cyber Security Partner, and the Ministry of Interior, the Telecommunications and Digital Government Regulatory Authority (TDRA), and Dubai Police as Official Supporters. More than 35,000 visitors from 100-plus countries are expected to attend.

SolarWinds to showcase Hybrid Cloud Observability

SolarWinds, a leading provider of simple, powerful, secure observability and IT management software, is participating at Gisec Global alongside its value-added distribution partner in the region, Spire Solutions.

Gisec is the UAE’s most established and influential cybersecurity exhibition and conference, offering opportunities for global solution providers to meet, connect, and network. At the event, SolarWinds will showcase enhancements to SolarWinds Hybrid Cloud Observability, a comprehensive, integrated, and full-stack observability solution built to integrate data from across the IT ecosystem, including networks, servers, applications, databases, and more. Hybrid Cloud Observability was developed using the SolarWinds Secure by Design principles and a rigorous adherence to a multilayer security framework.

Hybrid Cloud Observability now includes SolarWinds Security Event Manager (SEM) and SolarWinds Access Rights Manager (ARM), helping organisations better understand the complexities within their environments while providing real-time visibility to help detect and remediate security issues. This integration combines security-related events, metrics, and activities with the other data in Hybrid Cloud Observability and allows customer to monitor their security and compliance status on a dedicated security dashboard.

CPX and Huawei launch their first joint cloud security offering

CPX Holding, a leading provider of digital-first cybersecurity solutions and services, and Huawei are bringing their first cloud solution to the UAE market.

A ground-breaking security data lake has been launched at the Gulf Information Security Expo & Conference (Gisec) 2023, as part of the ongoing strategic alliance announced a few months ago between CPX and Huawei. The data lake is aimed at protecting valuable critical infrastructure in the UAE from cybersecurity challenges.

Powered by advanced analytics and machine learning from Huawei and CPX’s industry-specific expertise, the new offering enables customers to gain unparalleled visibility into their operations and rapidly respond to mission-critical cyber incidents.

With the expanding threat landscape, protecting operational technology (OT) environments from cybersecurity challenges has become crucial for ensuring the safety and reliability of operations. Cyber incidents on OT systems can cause grave damage, resulting in production downtime, equipment damage and even physical harm to persons. IT leaders often have limited visibility over their organisational data, making security more difficult to control. To counter this, the security data lake service provides a reliable and scalable solution for collecting, storing and analysing data from OT environments.

The service is provided from a secure, government-approved cloud offering in the UAE and is designed to protect the most vital sectors including oil and gas, transportation, healthcare, finance and banking, amongst others. It has undergone rigorous testing to ensure the highest levels of security and regulatory compliance for UAE organisations.

ManageEngine to showcase recently-enhanced SIEM solution among other security offerings

ManageEngine, the enterprise IT management division of Zoho Corporation, is participating in the Gulf Information Security Expo & Conference (Gisec). Having first participated in 2013, this year’s edition will mark 10 years of ManageEngine’s presence at the premier security event.

ManageEngine will showcase all its security offerings, including its SIEM solution, Log360, to which a security and risk posture management dashboard was recently added. This new feature offers granular visibility into weak and risky security configurations of systems and users. It also continuously assesses the Active Directory security risk posture based on Microsoft’s security guidelines. These security and risk posture management features will help enterprises implement a proactive security strategy and prevent cyberattacks before they occur.

Some of the other recently-launched capabilities of Log360 are:

l Incident manager for security operations centers (SOCs): Log360’s incident manager facilitates prompt threat detection, granular investigation and automatic response workflows to optimise the key metrics of SOCs.

l SAMA compliance support: Log360 offers audit-ready compliance report templates for the Saudi Arabian Monetary Authority (SAMA) framework.

In addition, ManageEngine will showcase PAM360, its privileged access management solution, which now features advanced privilege elevation capabilities for Linux environments—in addition to its already extensive

PEDM capabilities for Windows environments—and the SSH Command Control feature.

Other ManageEngine solutions covering endpoint security, data security and network security will be highlighted at the event. Cybersecurity experts will be available to interact with attendees, address their IT security concerns and share insights on the latest security trend. Demonstrations will also be held to offer a first-hand experience of the company’s security solutions.

Knowledge sharing, collaboration vital to fending off cyberattacks, experts highlight at Gisec Global 2023

Top regional and global information security officers discussed creating a ‘community of action’ and chalked out strategies to help digital businesses in the region build cyberresilience at the Gisec CISO Circle, part of Gisec Global 2023.

Held on day two of the event under the theme of ‘Building a united cyber frontier’, the CISO Circle agreed that collaboration and information sharing within the cybersecurity

industry is critical to tackling cybercrime, now a constant threat in the digital age. Since its launch last year, the CISO Circle has brought together like-minded security experts from diverse sectors to exchange insights on tackling cybersecurity challenges and address critical priorities reinforcing business, economic, and national security agendas. The panellists at this year’s CISO Circle were H.E. Dr. Mohamed Al-Kuwaiti,

Head of the UAE Cybersecurity Council; Dr. Aloysius Cheang, CSO, Huawei Middle East & Central Asia; and Hadi Anwar, Chief Cyber Defence Officer, CPX. Addressing the CISOs in his keynote speech, H.E. Dr. Al-Kuwaiti, stressed the importance of partnerships and collaborations based on the values of trust and transparency to achieve the common goal of building better cyber resilience.

Speaking at the Gisec Mainstage, Amer Sharaf, Director, Compliance, Support and Alliances, Dubai Electronic Security Center, discussed the public and private sectors’ efforts to digitally transform Dubai into the safest city in the world.

Hardware hacker, tech wizard, and author, Joe ‘Kingpin’ Grand, explained to the audience his hardware hacking mindset and showed live demonstrations of some of the more common hacking techniques.

H.E. Dr. Al-Kuwaiti was meanwhile recognised and celebrated by hundreds of cyber leaders from across the world for his outstanding contributions towards advancing global cybersecurity and digital transformation. Dr. Al-Kuwaiti, who is also the Head of Cyber Security for the UAE Government, was presented with the Cybersecurity Excellence Awards’ Global Leadership Award at Gisec Global’s Mainstage, in recognition of his bold mission to spread cyber awareness and culture, develop cyber talent, empower cross-border collaboration, and position the UAE at the forefront of international cyber resilience

The annual three-day super-connector is hosted by the UAE Cybersecurity Council and organised by DWTC, and takes place amid a rapidly expanding Middle East cybersecurity market that, according to analysts Frost & Sullivan, will grow in value from US$7.5 billion in 2022 to US$31 billion by 2030, clocking 20 percent annual growth.

At Gisec Global 2023 H.E. Dr. Mohamed Hamad Al-Kuwaiti, Head of Cyber Security, UAE Government pointed out Gisec as one of the most important events which is not only for the government but also for the companies which are helping us to achieve that resiliency. Today the sectors like healthcare, education, oil and gas, electricity, water, transportation, and aviation are going through digital transformation.

The main focus of digital transformation is that if one didn’t do it in the right manner there is a great chance of attacks. It can be easily exploited and hacked. It is not only a threat to the person but also to the government and companies that work for them. They are together here in Gisec to send one message only, which is cyber security culture. He also adds that one should need to have that culture in their DNA and need to integrate cybersecurity in every single move. This is actually what we see in every platform and network, especially in the vendors. They actually introduce great cyber operation center where they actually have the visibility of the attack and where they are coming from, how they respond to them, and which sector is highly impacted. He concludes by saying that we are really in an attack and we need to take precautions, be vigilant, and should be aware of that attacks.

ThreatLocker pointed out the main fear of today’s world

ThreatLocker, the leading organization that provides cutting-edge cyber security solutions is exhibiting in Gisec Global 2023. Rob Allen, VP of Operations, EMEA, ThreatLocker, points out that the fear for a lot of organisations is the threat of ransomware. These days the main fear is data exploration, data loss, and data being in the wrong hands. The expectations first of all need to be accomplished and should be trusted. There are a lot of different products making a lot of different promises, so it needs to be in a company that we can trust. Another thing that CSOs and CISOs are looking for is solutions that are easy to manage. Again a lot of solutions that are out there, would come with what would term as a tendency to be false positive. So if one wants to respond to every single threat, every individual thing that is happening can become overwhelming.

In the last year, Threat Locker added four components. Last few years they had a network access control which is a software-based firewall built into the same agent and gives people visibility over network traffic and control over that network traffic. Threat locker is alerting and responding based on policies.

Delinea’s modern PAM solutions empower organisations to secure the digital assets

Delinea’s modern PAM solutions empower organisations to secure their digital assets both on-prem and in the cloud, while aligning with compliance requirements. The comprehensive solutions portfolio enables companies to provide authenticated users with just-in-time, just enough access to data, servers, and applications to complete their tasks, without hampering productivity. It also offers end-to-end monitoring and reporting for auditing purposes and to quickly identify abuse of privilege and thwart attacks.

As was the case last year, they co-participate at Gisec together with the regional value-added distributor, Shifra. This aligns with the channelfocused strategy, as 100% of our business in the Middle East is transacted through the channel. At Gisec, they have keen to engage with potential partners and customers. They are also excited to identify partners that want to grow their business by developing expertise around PAM and our portfolio, enabling them to translate the full potential of our solutions to end customers.

Delinea Platform, a cloud-native foundation for the industry-recognized PAM solutions that empowers end-to-end visibility, dynamic privilege controls, and adaptive security. The Delinea Platform supports the latest version of Secret Server, award-winning vault solution, as well as a VPNless secure Remote Access Service for vendors and remote workers and a rich integrations ecosystem through our marketplace.

They have clear that remote working is here to stay and cloud transformation is keeping pace, so they are at Gisec to better understand what they need for creating robust access management strategies and explore if solutions for multifactor authentication, password management and continuous verification can help reduce the risks, without creating an overhead that impacts productivity. They fear that they have to

compromise one for the other. The opposite of complex is not simple; it is seamless. That’s why they created PAM solutions that are transparent to the end users, provide IT and security teams with powerful tools and the visibility, automation and control they need to keep the organisation safe, and are highly customisable and scalable for easy deployment across many types of organisations.

Sophos Endpoint Security advancements improve Cyberthreat Defenses and Streamline Management

Sophos, a global leader in innovating and delivering cybersecurity as a service, introduced innovative advancements to its portfolio of industryleading endpoint security offerings. New adaptive active adversary protection; Linux malware protection enhancements; account health check capabilities; an integrated zero trust network access (ZTNA) agent for Windows and macOS devices; and more improve frontline defenses against advanced cyberthreats and streamline endpoint security management.

Designed to improve protection and operational efficiency, as well as speed up detection and response, the new Sophos endpoint innovations include:

• Adaptive active adversary protection: A core part of Sophos’ “shields up” design methodology that provides defenders with additional time needed to respond to targeted attacks underway. Sophos Intercept X immediately enables heightened defenses as soon as it detects a “hands-on-keyboard” endpoint intrusion. This wide-reaching step up in defensive measures removes an attacker’s ability to take further actions by minimizing the attack surface, disrupting and containing the attack prior to response team engagement, and providing insights needed for complete remediation

• Linux malware protection enhancements: On-access malware scanning and quarantine capabilities improve real-time prevention of security incidents within Linux operating environments. Added to the Sophos Intercept X Advanced for Server offering, these new features complement existing functionality, including live runtime detections and response to container escapes, cryptominers, data destruction, and kernel exploits

• Account health check: Intuitive, real-time health check monitoring of security configurations and policy settings with the ability to automatically return to recommended settings in a single click, optimizing security posture and enabling organizations to promptly re-establish security best practices. Assessments ensure devices are running the necessary security components, policies are following recommended settings, tamper protection is active, exclusions aren’t creating attack surface exposure, and more

• Integrated ZTNA agent for Windows and macOS devices: Sophos Intercept X is one of the only endpoint protection solutions with a modular ZTNA agent, and organizations can now extend defenses to include Sophos ZTNA across entire estates without deploying an additional agent

• Faster, lightweight agent: Reduces the Windows agent’s memory footprint by 40% and the number of processes by more than 30%, accelerating the performance of applications, workloads and devices. Sophos has also introduced a new extended detection and response (XDR) sensor deployment option that’s approximately 80% lighter than the previous full agent

Sophos endpoint solutions provide deep learning malware detection, anti-ransomware technology, exploit prevention, and much more to prevent attackers from gaining a foothold in the first place. Sophos

Intercept X, the market-leading endpoint security solution, protects more than 300,000 organizations against both known and unknown malware and exploits.

Sophos XDR gives security analysts the ability to proactively hunt threats, providing faster detection, investigation and response to drive better security outcomes. Sophos endpoint offerings also include server workload protection for unmatched server and container security and integrated web and application controls; Sophos Mobile for secure unified endpoint management; and Sophos Encryption for full disk encryption. Sophos’ complete and integrated portfolio of endpoint, network and cloud solutions and managed security services are part of the Sophos Adaptive Cybersecurity Ecosystem. They’re powered by threat intelligence from Sophos X-Ops for faster and more contextual and synchronized protection, detection and response.

SEC _ RITY IS NOT COMPLETE WITHOUT U!