Security Advisor Middle East | Issue 39 by Security Advisor Middle East

ISSUE 39 | JUNE 2019

WWW.TAHAWULTECH.COM

The Innovation duo:

MORO AND VIRTUSTREAM VeeamON FORUM 2019 INTERVIEW: Gulf Software Distribution Lancy Andrade Red Cloak: Uncovering the unknown

JOHN RAMESH ON HOW TÃ&#x153;V RHEINLAND IS EMPOWERING SECURITY TRANSFORMATION WITHIN THE INDUSTRIAL LANDSCAPE

Specialized Cyber Security & IT Distribution in META Region We cover all top 20 Critical Security Controls

emt.ae emtMETA.com

CONTENTS FOUNDER, CPI MEDIA GROUP Dominic De Sousa (1959-2015) Publishing Director Natasha Pendleton natasha.pendleton@cpimediagroup.com +971 4 440 9139 EDITORIAL Managing Editor Michael Jabri-Pickett mjp@cpimediagroup.com +971 4 440 9158 Online Editor Adelle Geronimo adelle.geronimo@cpimediagroup.com +971 4 440 9135

Contributing Editors Daniel Bardsley Janees Reghelini Mark Forker Giorgia Guantario DESIGN Senior Designer Analou Balbero analou.balbero@cpimediagroup.com +971 4 440 9140 Designer Mhar Delaben marlou.delaben@cpimediagroup.com +971 4 440 9156 ADVERTISING Group Sales Director Kausar Syed kausar.syed@cpimediagroup.com +971 4 440 9130 Senior Sales Manager Sabita Miranda sabita.miranda@cpimediagroup.com +971 4 440 9128 Business Development Manager Youssef Hariz youssef.hariz@cpimediagroup.com +971 4 440 9111 PRODUCTION Operations Manager Shweta Santosh shweta.santosh@cpimediagroup.com +971 4 440 9107 DIGITAL SERVICES Web Developer Jefferson de Joya Abbas Madh Photographer Charls Thomas Maksym Poriechkin webmaster@cpimediagroup.com +971 4 440 9100

CRITICAL CONTROL

TÜV Rheinland‘s John Ramesh on the evolution and security transformation of the industrial sector

Published by

Registered at Dubai Production City, DCCA PO Box 13700 Dubai, UAE

Tel: +971 4 440 9100 Fax: +971 4 447 2409 Printed by Al Ghurair Printing and Publishing Regional partner of

© Copyright 2019 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.

STRONG FOUNDATIONS

Khalifa University’s latest foray into securing the Internet of Things and smart cities

28 NEW HORIZONS

How advancements in AI spell the future of security in the Middle East

31 SOCIAL RESPONSIBILITY

16 IMPETUS FOR GROWTH

Experts discuss how social media platforms should be regulated to combat data misuse

BLOG

EMT Distribution’s Nandini Sapru shares details about key security vendor partners

VEEAM’S SECOND ACT

Key highlights from Veeam’s annual VeeamON cloud data management conference

“123456”: undisputed king as most-hacked password

NEWS

TENABLE ENABLES ENTERPRISES TO “ACCURATELY” EVALUATE CYBER EXPOSURE UAE, SAUDI FIRMS STILL UNPREPARED FOR CYBERATTACKS: IBM SECURITY Organisations in the UAE and Saudi Arabia are still unprepared to respond to cybersecurity incidents, with 31 percent of respondents indicating they do not have a cybersecurity incident response plan in place, according to the latest study by IBM Security. The report, conducted by Ponemon Institute and sponsored by IBM Resilient, highlighted that companies who can respond quickly and efficiently to contain a cyber-attack within 30 days save over $1 million on the total cost of a data breach on average, shortfalls in proper cybersecurity incident response planning have remained consistent over the past four years of the study. Of the organisations that do have a plan in place, almost half (49 percent) do not test their plans regularly, leaving them less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack. The survey revealed that automation is still emerging as a cybersecurity response. When asked if their organisation leveraged automation, only 19 percent of the respondents said they were significant users. It also noted that cybersecurity skills gap is further undermining cyber resilience, as organisations are understaffed and unable to properly manage resources and needs. 74 percent of respondents reported that staffing for cybersecurity is very important to achieve a high level of cyber resilience. Furthermore, 72 percent of respondents rate their difficulty in hiring and retaining skilled cybersecurity personnel as moderately high to high.

JUNE 2019

Tenable has unveiled new innovations to its Cyber Exposure analytics capabilities in Tenable Lumin. According to the firm, these innovations leverage machine learning to automatically correlate vulnerability and threat data together with asset criticality in a single platform. The solution enables organisations to accurately score, trend and benchmark their cyber exposure based on the likelihood the exposure will be exploited and the business criticality of the impacted assets. This will enable organisations to evolve from a technology – to a risk-based approach to prioritise remediation, communicate to the business and make data-driven decisions to reduce cyber risk. Tenable Lumin includes features such as Cyber Exposure Score, an objective measure of cyber risk, derived through data science-based measurement of vulnerability data together with threat intelligence and asset criticality. The score is

OFER BEN-DAVID, TENABLE

automatically generated through machine learning algorithms which combine the Tenable Vulnerability Priority Rating (VPR), for the likelihood of exploitability, with the Tenable Asset Criticality Rating (ACR), for the business criticality of the impacted asset. Organisations can also leverage scoring to trend improvement over time as a measure of security programme effectiveness. It also has Cyber Exposure Benchmarking, which enables organisations to use the Cyber Exposure score to benchmark themselves against industry peers and measure their overall cyber risk posture. Ofer Ben-David, chief product officer, Tenable., said, “Extending our deep expertise in vulnerabilities to create an objective measure of cyber risk will help transform how cyber-related technology and business decisions are made.”

ESET BOOSTS SECURITY FOR ALPHABET’S CHRONICLE ESET has announced it has partnered with Chronicle, an Alphabet company, to provide essential validation on security incidents and alerts within Backstory, Chronicle’s global cloud service where companies can privately upload, store, and analyse their internal security telemetry to detect and investigate potential attacks. As part of the partnership, ESET will provide customers enhanced insight enabling better protection from advanced persistent threats. “Our partnership with Chronicle will lead to simpler, faster and more streamlined remediation of advanced persistent cyber threats,” said Tony Anscombe, global security evangelist and industry ambassador, ESET. “Together, customers

TONY ANSCOMBE, ESET

will be able to quickly understand incidents in more detail, take the appropriate actions and stay one step ahead of bad actors. This truly will make the world a safer place,” added Anscombe.

www.tahawultech.com

KASPERSKY LAB TO ENHANCE CYBERSECURITY FOR BLOCKCHAIN FIRMS Kaspersky Lab has launched new service packages designed for businesses working in the blockchain industry and crypto economy. Token offering (ICO/ STO) projects and cryptocurrency exchanges are now offered tailored services, such as Smart Contract Code Review, Application and Website Security Assessment, Security Awareness trainings, protection against phishing, and Incident Response. In addition to these services, Kaspersky Lab also provides crypto exchanges with fraud and money laundering prevention and targeted attack detection. To help blockchain and crypto businesses overcome these challenges, Kaspersky Lab now has two service offerings which consider the specifics of how such business models work and the lifecycle of token offerings and crypto exchanges. Kaspersky Lab Blockchain Security services also include Phishing Protection to provide alerts when fake copies of crypto exchanges and ICOs are generated; as well as Incident Response service and Cybersecurity awareness training to

improve the overall level of cybersecurity hygiene so that a company will not fall victim of social engineering attacks. For crypto exchanges that have basic cybersecurity measures in place, Kaspersky Lab provides additional enhancements. These include helping to spot potentially fraudulent blockchain transactions to prevent money laundering, and automatically identify and respond to targeted attacks. For those crypto exchanges that have built an internal Security Operation Center, Kaspersky Lab offers Threat Data Feeds, along with information security training and awareness programs for security operation teams so they can enhance their forensic and detection capabilities. Vitaly Mzokov, Head of Verification, Kaspersky Lab, said, “Despite there being a lot of companies driving development of blockchain-based products, including cryptocurrencies and tokens, many people worry about investing in the crypto economy as it is swarmed with fraudsters and cybercriminals. Blockchain services are not always secure enough to be

worth investing into. We’ve been growing our expertise in this field and already conducted several projects for ICOs. We see a growing demand for cybersecurity from blockchain startups that are looking for both protection from cyberthreats and additional evidence that they can be trusted by investors. That’s what we’re helping them to achieve with our new offering.”

72%

MIMECAST APPOINTS BRANDON BEKKER TO LEAD EMEA REGION

BRANDON BEKKER, MIMECAST

Email and data security company Mimecast Limited has announced the appointment of Brandon Bekker to senior vice president, Europe, Middle East and Africa (EMEA) to help manage the rapid growth within region. In this newly created position, Bekker will be responsible for supporting the continued growth for Mimecast in EMEA and ensuring collaboration and consolidation across all markets in this region, according to the firm.

www.tahawultech.com

Bekker has a proven track record of leadership as he helped establish Mimecast as a market leader across various industries, including healthcare, financial services, retail and public sector in South Africa. As the new SVP of EMEA, he will lead the entire EMEA region and will be based out of the London, United Kingdom office. Previously, he successfully managed Middle East and Africa since 2013 and helped to grow the regional business by more than 75 percent since the company listed. Bekker has held various leadership roles since joining Mimecast in 2007. During his tenure, he has also expanded the business to serve customers in the Middle East with the opening of a Dubai office in 2016.

OF EMPLOYEES STORE DOCUMENTS AT WORK THAT CONTAIN SENSITIVE DATA, WHICH IF EXPOSED COULD EITHER CAUSE REPUTATIONAL OR FINANCIAL DAMAGES

Source: Kaspersky Lab

“Brandon Bekker has been instrumental in helping MEA customers understand the cyber threat landscape and the importance of how layering a third-party solution can improve cyber resilience when adopting cloud services like Microsoft Office 365. It gives me great pleasure to see him take on this new challenge to further support customers,” said Peter Bauer, chief executive officer, Mimecast. “I am confident that he will bring the skills that helped drive customer success and growth in MEA to the rest of the region, particularly in our growing markets like Central Europe, and he will continue to motivate employees to do their best work, best teamwork and greatest learning.”

JUNE 2019

FEATURE

STRONG FOUNDATIONS SECURITY REMAINS A KEY CONCERN THAT BOTH PUBLIC AND PRIVATE SECTOR FIRMS SHARE AS NATIONS MOVE FORWARD WITH THEIR SMART CITY AMBITIONS. EXPERTS FROM KHALIFA UNIVERSITY HAS RECENTLY EMBARKED ON A MISSION TO SECURE THE MILLIONS OF DEVICES THAT WILL BE CONNECTED BY THE INTERNET OF THINGS (IOT) – AN ESSENTIAL COMPONENT OF ‘SMART CITIES’ AND CENTRAL PART OF THE UAE’S ECONOMIC DEVELOPMENT. DANIEL BARDSLEY REPORTS.

JUNE 2019

www.tahawultech.com

ovelists, filmmakers and comic book artists have created many depictions of how cities might look in future and while their ideas have varied, they have often had a dystopian theme. The cityscape to come might be a tangle of metal frames and stacked mobile homes like that in Steven Spielberg’s 2018 blockbuster movie Ready Player One, which depicts a society turned upside down by “the bandwidth riots”. It could also involve the soaring towerblocks of Mega-City One, a North American urban sprawl where the motorbiking Judge Dredd has, since the late 1970s in the weekly comic 2000AD, been fighting an often deadly battle against the criminal underworld. While writers of fiction like to give their imaginations free rein as they fashion a dark future for humankind, technology is already on the cusp of reshaping urban life in what will, it is hoped, be a much less menacing way: making the city connected. In a “smart city”, connectedness will play a pivotal role in optimising traffic flow, detecting crime, improving waste management and paying bills.

“At its most basic premise, a smart city is a city that has deployed devices and sensors to collect data about activities occurring around the city to feed that data back into software solutions that can dynamically respond to those activities,” says Catherine Michel, the chief technology officer at the Canadian-headquartered digital services company Sigma Systems. Solutions linked to smart cities can extend to everything from intelligent street lighting to assistance for elderly people and more efficient energy networks. In a briefing document, the London-based professional services company PwC notes that smart cities are about deploying a wide range of technologies, whether that is Internet of Things (IoT) devices, artificial intelligence, big data, mobile technology and robotics. Michel says, though, that “a city does not become a smart city just by deploying connected devices”. “Becoming a smart city requires concerted, intelligent design, starting with the use cases for what the solutions are ultimately meant to do for the lives of its citizens,” she says. “The ultimate goal is to get the city’s infrastructure and services working at their most efficient levels to best support, rather than impede, the quality of life on a daily basis.”

Catherine Michel, Sigma Systems

“A CITY DOES NOT BECOME A SMART CITY JUST BY DEPLOYING CONNECTED DEVICES.” www.tahawultech.com

There can be few places where smart city technology is more relevant than in Dubai and Abu Dhabi, both fast-growing cities where rapid population growth means that infrastructure such as transport networks are often stretched to capacity and beyond. Indeed, Michel says that the pressure that municipal infrastructures are under is a key factor helping to drive the adoption of smart city technology. “So there is now a civil and social mandate to get ahead of these pressures. And, as the saying goes since the time of Plato, ‘Necessity is the mother of invention,’” she says. While few would regard the smart city as echoing the dystopias of fiction, its connectedness does have a potential downside, specifically in relation to cybersecurity. According to Dr Theo Tryfonas, a professor focused on smart cities at the University of Bristol in the United Kingdom, one of the key vulnerabilities is the “abundance of data” and how that might be misused. An example could be data related to a smart energy meter. “If someone is able to [access] the data, they could infer activity in the house – if someone puts a toaster on or if they have an electric shower,” he says. PwC, which estimates that the smart city market will be worth more than $1.7 trillion over the coming two decades or so, highlights myriad ways in which smart cities could be attacked. These include Distributed Denial of Service (DDoS) attacks, malware, data manipulation, remote execution and signal jamming. What is a particular concern,

JUNE 2019

FEATURE

according to PwC, is that a threat that enters a smart city’s infrastructure at one point may be able to travel widely between devices. As an example, PwC suggest that a street light system that has fallen victim could result in the lights themselves being taken control of, followed by the servers. This could ultimately result in sensitive customer information being accessed. This is all especially concerning given that, according to the company, the increased use of digital technologies in cities has outpaced the development of security measures such as credentialing and security systems. “Even in the most security-conscious cities, the technology that allows ambulances to turn red traffic lights to green has already been hacked, for instance,” PwC says. “Meanwhile, penetration of the power grid infrastructure is not uncommon. And, of course, examples abound of breached personal information in the private sector. “Once a city becomes ‘smart’ via interconnectivity, the potential for havoc is boundless. Imagine all of a city’s stop lights set to green as a worst-case scenario.” Given the threats, it is fortunate that researchers are developing new ways to protect smart cities.

Among the scientists active in this field is a four-strong team at Khalifa University of Science and Technology in Abu Dhabi who, it was announced earlier this year, have secured a grant from the Dubai Electronic Security Centre, a Government of Dubai organisation. As part of a two-year project entitled, “Energy-efficient secure IoT hardware for smart cities,” Dr Hani Saleh, Dr Baker Mohammad, Professor Mahmoud Al Qutayri and Dr Yousuf Al Salami are looking to secure IoT devices. The four researchers are part of Khalifa University’s System-on-Chip Center, which Dr Mohammad said focuses on chip design solutions to serve the UAE’s needs. In this case, the aim is to develop a “lightweight and efficient” cryptographic processor. “Having secure and trusted hardware is essential for all devices, including smart cities. With Dubai’s plan for a smart city, with many IoT devices used to collect and transmit [data], and in some cases take actions, securing the IoT node is important,” says Dr Mohammad, who is an associate professor of electronics engineering. The crypto processor could be used, says Dr Mohammad, in IoT devices such as cameras, sensors and actuators employed in smart cities.

Dr. Baker Mohammad, Khalifa University of Science and Technology in Abu Dhabi

“WITH DUBAI’S PLAN FOR A SMART CITY, WITH MANY IOT DEVICES USED TO COLLECT AND TRANSMIT [DATA], AND IN SOME CASES TAKE ACTIONS, SECURING THE IOT NODE IS IMPORTANT.” 8

JUNE 2019

“The UAE is a leading technology hub for utilising the latest technology in AI and smart cities. Energy conservation to e-government, transportation and entertainment are some examples where this technology can be used,” says Dr Mohammad. The researchers are following what the university describes as an “integrated approach” to securing IoT hardware, with the cryptographic processor designed to be unclonable and resistant to side-channel attacks. It will also incorporate logic obfuscation technology. “The plan is to develop an efficient algorithm and implementation on hardware for the crypto processor to achieve efficient power and acceptable security,” says Dr Mohammad. Improved efficiency cuts the size of the chip area and, the university says, also reduces the “computational complexity” of the security elements. The university says that part of the project aims to produce “optimal security schemes which will be implemented on a field programmable gate array [FPGA] device”. FPGAs differ from logic gates in that they do not have fixed functions. The development of the FPGA device allows the quick evaluation of prototypes with different security schemes. As a follow-up, the researchers are aiming to integrate the hardware, which uses the Verilog hardware description language, into an Application Specific Integrated Circuit that will combine small size with high performance and low power usage. So, with scientists such as this team at Khalifa University working hard to develop improved IoT technology, urban living in the Emirates and elsewhere should in future be secure as well as smart.

www.tahawultech.com

REDEFINING technology transformation

+971 4 440 9100

@TahawulTech

info@cpimediagroup.com

www.tahawultech.com

facebook.com/tahawultech

twitter.com/tahawultech

linkedin.com/in/tahawultech

COVER FEATURE

JUNE 2019

www.tahawultech.com

CRITICAL CONTROL

WHETHER THEY GENERATE OR DISTRIBUTE POWER, OR EXTRACT OIL AND GAS, OR FACILITATE COMMUNICATIONS, INDUSTRIAL COMPANIES HOUSE CRITICAL INFRASTRUCTURE VITAL FOR A NATION’S ECONOMY. THE ADVENT OF INDUSTRIAL INTERNET OF THINGS AND THE CONVERGENCE OF IT AND OT INFRASTRUCTURES AS WELL AS THE GROWING NUMBER OF SENSITIVE INFORMATION HAVE SIGNIFICANTLY EXPANDED THE THREAT LANDSCAPE. AS A RESULT, GOVERNMENTS AND ENTERPRISES ALIKE ARE DOUBLING UP THEIR EFFORTS TO SECURE THESE VALUABLE RESOURCES. TÜV RHEINLAND’S REGIONAL MANAGER FOR ASIA PACIFIC, INDIA, MIDDLE EAST AND AFRICA – DIGITAL TRANSFORMATION AND CYBERSECURITY, JOHN RAMESH SHARES INSIGHTS INTO THE EVOLUTION OF THE INDUSTRIAL SECTOR AND WHY SECURITY TRANSFORMATION WITHIN THE SPACE IS NOW MORE IMPORTANT THAN EVER.

“THERE NEEDS TO BE THE RIGHT SYNERGY BETWEEN PEOPLE, PROCESSES AND TECHNOLOGY TO ACHIEVE THE BEST POSSIBLE OUTCOMES IN MITIGATING THE CYBER RISKS THAT EXIST IN THE LANDSCAPE.”

www.tahawultech.com

an you please give an overview of TÜV Rheinland’s operations? What have been some of the highlights at the company over the past 12 months? Established in 1872, TÜV Rheinland has been assisting critical infrastructure sector organisations on matters of safety and security for over 145 years. Our key services include compliance assessment and certification, testing and implementation of security frameworks and practice in line with internal standards as well as local and global regulations. Over the past two decades, we have been operating in the Middle East, India,

Africa and the Asia Pacific regions. We cater to a variety of industrial and critical sectors such as utilities, oil and gas, transportation and shipping. One of our primary offerings centres on enabling organisations to comply with local cybersecurity laws and regulations, remediating cyber incidents and achieving higher maturity of cyber resilience for their industrial and operational technology (OT) assets and facilities. As for the Asia Pacific region, we have a laboratory stationed in Malaysia. We also have several strong partnerships in Japan, where we focus on delivering technical expertise centreed around GDPR, artificial intelligence, governance, risk and compliance management (GRC), testing and certification, OT and industrial cybersecurity and more. Some of the key highlights, we have achieved over the past year, include signing a number of memorandums

JUNE 2019

COVER FEATURE

of understanding (MoUs) with large regional organisations to collaborate on cybersecurity services within industrial facilities. We have also made significant investments in our regional operations. In addition to our strong presence in Oman, we have further bolstered our IMEA operations by opening new hubs in key countries such as the UAE and Saudi Arabia with plans to open more in the pipeline As part of our expansion plans, we have also hired top consultants and industrial and OT cybersecurity experts. This is in line with our commitment to bridging the current skills gap in the market and our vision of expanding our capabilities beyond traditional testing, inspection and certification. How have industrial control systems evolved over the years and how have Internet of Things technologies impacted industrial systems? Over the past few years, Industrial Control Systems (ICS) have undergone a rapid transformation fueled by innovations in automation, technology and communication. From traditional systems to modern hyper-connected complex networks, automation and control systems have now evolved to become an integral part of organisations within the critical infrastructure sectors. The industrial plants, which once relied on legacy systems, have now become more agile and efficient, providing greater advantages for businesses. Furthermore, as we realise the Industrial Internet of Things (IIoT) era, we can expect a new wave of innovation heading towards this sector. An unprecedented number of devices or “things” are forming hyper-connected systems that will allow organisations to collaborate and process information in real-time. We will see technologies

JUNE 2019

such as artificial intelligence (AI) are increasingly transforming automated control systems paving the way for smarter operations in the industrial sector. TÜV Rheinland is well-equipped with the right tools and expertise to support the digital transformation for IIoT across many industries including utilities, manufacturing and oil and gas. What do you think are the biggest cybersecurity risks that will affect ICS and IoT devices? Cyber threats have increased significantly over the last few years and it appears to be coinciding with the geopolitical scenario within the region. Therefore, we can expect geopolitical issues to contribute to significant risks that will affect ICS and IoT devices. Many industrial facilities in the region were constructed more than a decade ago and currently house technologies that lack the capability to deter today’s threats. Any disruption on these devices that are deployed in critical infrastructures can cause major societal impact.

How can information sharing help improve security around ICS? Information sharing is key in enabling government firms and enterprises with ICS assets to raise security awareness. For instance, if a utility plant is experiencing malicious traffic, anonymised sharing of this information can enable government authorities to determine the widespread impact of that specific cyber incident. This collective information will also allow them to proactively devise strategies that will help organisations protect themselves against similar threats. Can you elaborate on TÜV Rheinland’s offerings in terms of enabling the security transformation of regional firms? TÜV Rheinland has a comprehensive set of offerings focused on aiding industrial organisations to identify and prioritise their security requirements based on risks and compliance with global and local laws and regulations. We also have the right expertise in helping an organisation design the appropriate cybersecurity strategies that are tailored

www.tahawultech.com

“INFORMATION SHARING IS KEY IN ENABLING GOVERNMENT FIRMS AND ENTERPRISES WITH ICS ASSETS TO RAISE SECURITY AWARENESS.”

to their specific security requirements. We support our customers across all stages of implementation from vulnerability assessment to penetration testing to training and consulting services, which are all aimed at improving their security posture.

against the demands of the industrial cybersecurity landscape. There are plenty of emerging certifications in this sector but the TÜV Rheinland approach focuses on the key requirements of safety and cybersecurity. We have recently launched a new Certified Operational Technology Cybersecurity Professional Programme (TÜV) in response to the growing demand for specialists in industrial cybersecurity. This part of the cybersecurity market is challenging to address and anything that helps improve quality is beneficial. It actively assesses candidates using a combination of a professional career review, interview and technical examination. Experts who meet the required standard will receive a certification from TÜV Rheinland.

Why is it critical for security professionals to have adequate cybersecurity training and gain industry certifications today? How can this give them a leg up over their competition? Cybersecurity training and obtaining certifications are key to achieving both the cybersecurity objective of an organisation and for enhancing a security professional’s career perspective. This not only give security professionals the credibility when dealing with sensitive and critical industrial control systems but also helps them gain trust from different stakeholders of their organisation. In such a complex area of cybersecurity, a third-party verified certification programme can help companies benchmark the expertise of their teams

What kind of technologies do organisations need to prioritise if they are to reduce their current threat levels? It would be ideal for organisations to prioritise investing in technologies that will provide them visibility over their cyber-physical and digital assets. This is to ensure that they can proactively detect, monitor and manage any kind of malicious activity in their environments. However, there is an incorrect notion within the industry that technology can solve most, if not all, of the cybersecurity issues that we face today. In reality, it will take more than just implementing the latest technologies from the market to address these threats. There needs to be the right synergy between people, processes and technology to achieve the

www.tahawultech.com

best possible outcomes in mitigating the cyber risks that exist in the landscape. What do you think are the technologies that will have the biggest impact in the cybersecurity industry in the next two years? Industrial technologies are undergoing rapid innovation and transformation. The convergence of IT and OT, as well as the increasing number of connected devices, will have the biggest impact on the industrial cybersecurity space. What can regional firms expect from TÜV Rheinland in the next 12 months? A recent study that TÜV Rheinland conducted predicted a number of trends surrounding the industrial security space. Some of these include: cybersecurity will continue to be a boardroom issue; IoT cybersecurity will continue to face a major standardisation challenge and the skills shortage will distort the labour market. In addition, we also found that threat detection and response depend on maturing security orchestration; Red Team Testing and Agile Security development are gaining greater mainstream acceptance; and finally, cybersecurity will define digital economy winners and losers. With these factors in mind, TÜV Rheinland aims to continue delivering specialised services and solutions focused on securing industrial cyberphysical infrastructure. We will also continue to augment our offerings to help organisations achieve desired levels of compliance and cybersecurity with optimal levels of investment.

JUNE 2019

EVENT | IVANTI INTERCHANGE UNPLUGGED

UNLOCKING UNIFIED IT IVANTI HOSTED THE FIRST-EVER DUBAI EDITION OF ITS INTERCHANGE UNPLUGGED CONFERENCE, WHERE INDUSTRY EXPERTS AND THE FIRM’S TOP EXECUTIVES DISCUSSED HOW UNIFIED IT SOLUTIONS, IVANTI CLOUD AND CYBERSECURITY CAN TRANSFORM BUSINESSES.

op Ivanti executives from the region descended to Dubai for the firm’s flagship event Interchange Unplugged to discuss how organisations today can better manage and secure the digital workplace. Held at the Waldorf Astoria, Palm Jumeirah, the event brought together Ivanti’s regional partners and customers. The event kicked off with a welcome keynote by Husni Hammoud, the firm’s general manager for the Middle East, where he expressed his gratitude and commitment to their partners for their role in enabling the company’s growth in the region. At the sidelines of the event, Hammoud discussed the importance of Interchange Unplugged as a platform in highlighting their continued support for their partners and customers. “When we brought the Ivanti business here in the region, we sought out people and partners who share our vision of embracing the game-changing potential of technologies like cloud and AI,” said Hammoud. “Together with our partners, we are

JUNE 2019

able to take advantage of the many business opportunities that the latest developments in the digital age bring. We have always had a strong focus on building our customers’ IT capabilities for the long-term and making them part of our DNA. We will continue towards being a responsible driver of digital transformation in the market. We plan

to expand our footprint across various markets in the Middle East over the next few months and ensure that we provide value-added solutions to regional organisations.” Interchange Unplugged featured a keynote speech from Ivanti’s vice president for Northern Europe and MEA, Nigel Seddon. In his presentation,

Nigel Seddon

“WE HAVE EXPERIENCED A VERY POSITIVE PAST FEW YEARS AND HAVE ACHIEVED BETWEEN 300 TO 400 PERCENT BUSINESS GROWTH.” www.tahawultech.com

Seddon highlighted the software firm’s success and future objectives. “We have experienced a very positive past few years and have achieved between 300 to 400 percent business growth,” said Seddon. “We will continue to aim to invest in more people here in the region as well as penetrate new markets. We see a lot of opportunities in countries such as Saudi Arabia and Qatar, and we have plans to expand our presence in those markets.” Seddon also noted that the company is dedicated to continuously innovating to reach its goal of becoming a billiondollar company. The event saw keynote presentations and product demonstrations from top Ivanti executives including the firm’s pre-sales consultant Ali Ikram, who showcased the advantages of the Ivanti Security Controls (ISEC), a unified IT operational security management platform used for managing and protecting Windows-based machines, Red Hat Enterprise Linux machines and VMware ESXi Hypervisors. Senior sales engineer Bastian Van Groor also presented on how Ivanti’s unified IT solutions empower enterprises to become more agile, resilient and secure. The presentations were followed by a panel discussion on “The power of Unified IT,” which featured top insights from Ivanti’s area director for UK, Ireland and Middle East, Andrew Brickell; Department of Culture and Tourism’s ITSM consultant, Hamza Shoubaki; Intertec Systems’ executive director, Nikhil Kothari and Dubai Health Authority’s head of IT support services, Hayat Ahmed Al Hammadi. The event closed with an Awards ceremony honouring Ivanti’s top partners in the region.

www.tahawultech.com

Husni Hammoud

“WE WILL CONTINUE TOWARDS BEING A RESPONSIBLE DRIVER OF DIGITAL TRANSFORMATION IN THE MARKET.”

JUNE 2019

INTERVIEW

IMPETUS FOR GROWTH NANDINI SAPRU, DIRECTOR, SALES, EMT DISTRIBUTION, SHARES DETAILS ABOUT KEY VENDORS AND HOW THEY PLAY A ROLE IN THE FIRM’S GROWTH STRATEGIES.

hat was emt distribution’s primary focus at GISEC this year? At GISEC 2019, we mainly focused on showcasing the strengths of our extensive portfolio and services. This included recent partnerships with global vendors such as Logical Operations and Airlock Digital. Logical Operations offers different courseware within the information security space as well as other verticals. The most popular ones are the certified IOT practitioner, where we train students on how to work with and program on emt devices. Also, we

Glenn Mahney, sales director, Airlock Digital

“WE SELECTED EMT DISTRIBUTION AS OUR KEY DISTRIBUTOR BECAUSE WE WERE CERTAIN WE COULD GET THE APPROPRIATE LEVEL OF ENGAGEMENT FROM THEM. THEY HAVE DONE AN INCREDIBLE JOB OF TAKING OUR PRODUCTS TO MARKET EFFECTIVELY. THE PARTNERSHIP MATCHED OUR REVENUE GOALS PERFECTLY.” 16

JUNE 2019

have in-depth security courses such as certified security-first responder. Here the course teaches how a company should respond when a security incident happens. It also includes other courses such as training non-IT staff on information security. We also highlighted a product called Airlock, which specialises in application whitelisting. This essentially means when an organisation wants to use different applications in their network, they should take a more proactive approach into allowing what should be used, instead of blacklisting what should not be. To understand this better, we use the analogy of going to a restaurant. Imagine if the restaurant restricted people from entering versus following an approved guest list. We only allow applications that should be used to be controlled by Airlock. Besides this, we also showcased our other valued vendors such as Tapeswitch, Flexera and BeyondTrust. What has been your strategy when onboarding security vendors to your portfolio? One of the aspects that really works

www.tahawultech.com

to our advantage with our vendors is that many of them have acquired other firms, which automatically adds to our portfolio. This certainly helps us strengthen our portfolio even further. This year we were looking at application whitelisting, therefore it is a product we have added. We are also looking into other areas such as security analytics, data, IoT and related security. We will be onboarding vendors across these areas after ensuring they match with our growth strategies.

James Varnham, MD, EMEA, Logical Operations

“AS A STRONG REGIONAL DISTRIBUTOR, EMT DISTRIBUTION BOASTS AN INNOVATIVE SOLUTIONS PORTFOLIO. AS OUR COURSES ARE GEARED TOWARDS TRAINING, IT COMPLEMENTED THEIR EXISTING RANGE OF PRODUCTS SEAMLESSLY. WE WORK CLOSELY WITH THEM TO CRAFT COMPREHENSIVE SOLUTIONS COMPLETE WITH THE TRAINING ELEMENT, WHICH THEY CAN NOW OFFER TO REGIONAL CUSTOMERS.”

As a platform, how important is GISEC for emt Distribution? We’ve been a part of GISEC for the last five years consecutively. What we like about GISEC is the quality of visitors that attend the event. We are able to establish great partnerships with new resellers, value-added partners, and so on from this exhibition. How do you get regional organisations excited to come to see you? It all begins from training. Our training division carries out several group support for users to get proficient on different aspects. We then present our extensive product catalogue along with our services portfolio and reinforce the training element. For example, our first interaction with customers is to train them on what they should have, then we present the products they should get to address their business challenges, post which we provide our services to ensure the process and implementation are effective. Finally, we train them again so that they are able to run the solution on their own. This encourages and intrigues customers to know more about our offerings.

www.tahawultech.com

Nandini Sapru, EMT Distribution

JUNE 2019

FEATURE

THE INNOVATION DUO DUBAI-BASED DATA HUB MORO AND VIRTUSTREAM, A DELL TECHNOLOGIES COMPANY, HAVE RECENTLY PARTNERED TO DELIVER INNOVATIVE CLOUD OFFERINGS TO ACCELERATE DIGITAL TRANSFORMATION IN THE REGION. MORO CEO MOHAMMED SABUNCHI AND VIRTUSTREAM EMEA VICE PRESIDENT PAUL DUFFY, DISCUSS THE BOUNTIFUL OPPORTUNITIES THAT THE NEW PARTNERSHIP WILL BRING TO THE REGION.

JUNE 2019

www.tahawultech.com

n the first decade or so of the cloud’s adoption, it was often the non-missioncritical applications that were transferred to external servers. This “low-hanging fruit”, as one report described them, might consist of general-purpose applications, the type of thing that, were they to go down, would not present a business with insurmountable problems. More recently, however, businesses have been moving beyond transferring just these 9/5 applications, as they are sometimes known. There is now a trend for companies to also move to the cloud their “24/7” or mission-critical applications, the ones that are the very lifeblood of their existence. Among the providers offering businesses the opportunity to transfer their most significant mission-critical applications to the cloud are Moro and Virtustream, which have formed a partnership that is already generating significant interest in the local marketplace. It is perhaps no wonder that customers are turning to these providers for some of the most important aspects of their digital transformation, because both Moro and Virtustream have significant factors in their favour.

Based in Dubai, Moro is a semigovernment entity that is backed by Dubai Water and Electricity Authority (DEWA). Virtustream, meanwhile, is part of Dell Technologies, among the world’s largest and most respected technology companies and one that has spent more than $20 billion (Dh73.5 billion) on research and development. The two partners recently gave details of their services at an EMEA (Europe, Middle East and Africa) summit in London organised by Virtustream. Since launching operations in 2017, Moro has expanded rapidly in five main areas of business: data centre and managed services, system integrated services, digital services and security services, and cloud services. The partnership between Moro and Virtustream comes under the cloud services banner. Mohammed Sabunchi, the CEO of Moro, says that it made sense for a newly formed and fast-growing company like his to join forces with Virtustream. “We wanted to establish a level of maturity in a very short time; the obvious choice was to go with Virtustream. There are multiple capabilities that we cannot find with any other technology,” he says.

“The more we knew about it, the more we realised it’s almost a perfect match for what we want to offer to our end-users.” Together, the companies offer what is described as a multi-zone environment on a single infrastructure platform enabling multiple workloads. Sabunchi says that there was a lack of hyperscale data centres in the region, hence the demand is there for a company like Moro, which describes itself as “a world-class data hub providing hyperscale solutions”. There is no lack of ambition behind this statement: Moro says that its aim is to become the number one data and digital transformation hub in the region. On top of the fact that it is a semigovernment entity, Moro says that it has a number of other selling points: state-of-the-art facilities and technologies; operational agility; a customer-centric focus; and top-tier partnerships with leading technology providers, such as Virtustream. Moro states that it offers customers the best of both worlds, since it combines these international partnerships with the

Paul Duffy, Virtustream

“KEY CUSTOMERS MAKE A DECISION AND QUICKLY OTHERS FOLLOW IN THE REGION. THERE ARE FANTASTIC OPPORTUNITIES FOR US AND MORO.” www.tahawultech.com

JUNE 2019

FEATURE

top-level skills of its in-house experts, plus deep local knowledge and cultural understanding. Moro offers a wide array of services, ranging from – to name just a few – Internet of Things as a Service (IoTaaS) to SAP HEC – SAP HANA Enterprise Cloud Services, through to a full array of other data centre and managed services, cloud services and professional services. “What Moro is about is creating a digital hub for the clients to come and have a single contact for every element,” says Sabunchi. “We’re probably one of the most exciting organisations set up in the Middle East. We’re specialised in offering digital services, cloud services.” Virtustream can trace its history back to 2009, and in subsequent years the company expanded rapidly on the back of significant venture-capital funding. In 2015 Virtustream was acquired by EMC which itself was taken over by Dell later the same year. “Virtustream is a Dell Technologies business. We get a huge lift form being part of that ecosystem,” says Rory Read, the president and CEO of Virtustream. When it came to rolling out its cloud services for the missioncritical applications of enterprise-

class businesses and organisations, Paul Duffy, Virtustream’s EMEA vice president, says the company was faced with the decision of whether to go it alone or to form partnerships with local companies in different geographies. “Do we build out our own network of data centres or do we leverage key partners that have the local language and culture?” he says. The company chose the latter approach and, as well as the partnership with Moro, within the GCC it has forged a similar agreement with Mobily, the Saudi Arabian telecommunications company. Globally, Virtustream has nine partnerships to offer customers the chance to have mission-critical applications migrated to, and run in, the cloud. Among Virtustream’s key offerings in the marketplace is the Virtustream Enterprise Cloud, a full stack platform designed to run the most highly missioncritical applications. Virtustream highlights the way that it can offer customers an “unparalleled combination” of security, compliance, accreditations and privacy protection, which is what many companies

will be looking for to secure their most mission-critical applications. For the moment, the Middle East captures a relatively small proportion of Virtustream’s business, at around four per cent of the total. But the company’s partnership with Moro has gone well so far and the two companies have high hopes for their continued success together. “If we look at the opportunities we have closed with Moro [already], it’s multi-million and multi-year,” says Duffy. These contract wins should, in turn, help the partnership to secure more deals, since business in the region is, says Duffy, “very much relationship based”. “Key customers make a decision and quickly others follow in the region. There are fantastic opportunities for us and Moro,” he says. “The innovation that’s going into Dubai, that’s leading the rest of the region. They’re driving that digital approach. “Moro can offer these services to other Gulf nations and even outside of that. We see Moro as a great partner.”

Mohammed Sabunchi, Moro

“WE WANTED TO ESTABLISH A LEVEL OF MATURITY IN A VERY SHORT TIME; THE OBVIOUS CHOICE WAS TO GO WITH VIRTUSTREAM. THERE ARE MULTIPLE CAPABILITIES THAT WE CANNOT FIND WITH ANY OTHER TECHNOLOGY.” 20

JUNE 2019

www.tahawultech.com

10th September 2019 Jumeirah Emirates Towers Hotel, Dubai Tahawul Tech Evolve Forum is your dedicated platform to engage, connect and influence over 200 business executives across industries seeking Digital Transformation Technology strategies and solutions. Partner with Evolve 2019 and build relationships with Digital Transformation decision-makers and influence the Digital Innovators of tomorrow. To find out how your company can benefit from sponsoring TahawulTech Evolve Forum please contact: Group Sales Director: kausar.syed@cpimediagroup.com or Mobile: +971 50 758 6672

TO REGISTER PLEASE VISIT

https://www.tahawultech.com/evolve-forum/2019/

#EvolveForum For delegate, agenda or speaker enquiries please contact:

For sponsorship enquiries Kausar Syed Youssef Hariz Group Sales Director Business Development Manager kausar.syed@cpimediagroup.com youssef.Hariz@cpimediagroup.com +971 4 440 9130 / +971 50 758 6672 +971 4 440 9111 / +971 56 665 8683

HOSTED BY

Sabita Miranda Senior Sales Manager sabita.miranda@cpimediagroup.com +971 4 440 9128 / +971 50 778 2771

OFFICIAL PUBLICATION

ORGANISER

Yvonne Zeljkovic Event Producer yvonne.zeljkovic@cpimediagroup.com +971 50 725 0937

INTERVIEW

IN-DEPTH EXPERTISE

vulnerable. We have seen cases where an organisation had the latest tools at all levels of security and they still suffered a data breach. This is because many companies just simply plug a solution into their environment without even considering if itâ&#x20AC;&#x2122;s compatible with their IT capabilities or if it goes with their security requirements.

LANCY ANDRADE, SECURITY CONSULTANT, GULF SOFTWARE DISTRIBUTION, SAT DOWN WITH SECURITY ADVISOR ME TO DISCUSS WHY CONDUCTING A COMPREHENSIVE RISK ASSESSMENT IS KEY TO THE SUCCESS OF ANY SECURITY STRATEGY.

hat do you think are the biggest challenges faced by the cybersecurity industry? One of the biggest challenges that we see in the Middle East region is skills shortage. The market is teeming with many vendors offering a variety of solutions. While organisations today make significant investments into the latest tools available, there are fewer professionals who are skilled enough to manage and optimise those solutions. To be able to implement an effective cybersecurity strategy, every organisation needs to identify the primary risks that make their systems

WHILE ORGANISATIONS TODAY MAKE SIGNIFICANT INVESTMENTS INTO THE LATEST TOOLS AVAILABLE, THERE ARE FEWER PROFESSIONALS WHO ARE SKILLED ENOUGH TO MANAGE AND OPTIMISE THOSE SOLUTIONS. 22

JUNE 2019

www.tahawultech.com

What do you think differentiates GSD as a security distributor in the region? I believe what differentiates us from our counterparts in the market is our key focus for our business partners. We make sure to choose vendor partners who specialise in focused security segments. There are players in the market who have a huge range of products but lack in focus when it comes to which solution set they want to emphasise on. On the other hand, we only have a specific group of products in our portfolio but we make sure that we put in-depth focus and expertise on them. Our in-house security experts who are adept with vast skills and knowledge to support both our channel partners and customers further differentiate us from our competition. In addition, we also have our own demo lab, an environment set up within our premises where our partners can showcase our vendor solutions to their customers. More than that, we also ensure to support our partners during all stages of their business from pre-sales activities to creating RFPs to compliance and so on. Our key focuses include ensuring our partners gain maximum profits and helping them grow their businesses. How do you tailor your offerings to address your customers’ specific needs? The first step we take, along with our channel partners, is conducting a risk assessment for our customers. Based on the outcome of the risk analysis we can help them develop a security strategy as well as recommend products that suit their needs. As the largest IBM valueadded distributor in the region, we offer a variety

www.tahawultech.com

“WE AIM TO GROW OUR PORTFOLIO AND LOOK FOR VENDORS WHO HAVE NICHE OFFERINGS THAT WILL NOT ONLY COMPLEMENT OUR EXISTING PARTNERS BUT ALSO FURTHER ADD VALUE TO OUR OFFERINGS.“ of customised solutions with flexible licensing options. We have multiple security vendors within our portfolio that are focused on delivering solutions that are pertinent to combatting the threats that regional firms are facing today. We have Cloudflare, which provides content delivery network services, DDoS mitigation and Internet security; we also offer deception technologies from Smokescreen; we carry Reveille, which offers application monitoring and management; and finally, we have STEALTHbits, which focuses on data access governance and security. All of the vendors within our portfolio offer a range of solutions that are compatible for different environments whether it be onpremise or for private or public clouds. In addition, another key area for us is our managed security services. Due to the skills shortage, many organisations are employing the help of managed security service providers (MSSPs). Doing so helps them gain the right security expertise and lessen the workload of their security teams. As cloud adoption increases, many organisations have the tendency to deploy their workloads on multiple environments. Do you think this poses significant security risks for enterprises today? A lot of customers are opting for the hybrid or multi-cloud approach as it gives them flexibility. However, it does present a number of bottlenecks. For one, running systems on multiple environments present challenges around data visibility and control.

To counter this, organisations need to apply a multi-layered security approach. Now, to ensure the effectivity of this approach they also need to trust cybersecurity partners who have extensive knowledge of the underlying infrastructures of different cloud platforms and can assist them in monitoring and implementing sophisticated mitigation strategies. That’s where we can come in. So, whether it’s on-prem or cloud, GSD has the right partners that can help regional enterprises build security strategies that will enable them to remain vigilant against future threats. What can we expect from GSD this year? Which technologies will you be focusing on? IBM technologies are at the core of our business. So, continuously enhancing our IBM-focused products and services is always on top of the list of priorities. As for our security offerings, we see a lot of demand for technologies around Internet of Things, blockchain and AI so we will be looking at onboarding vendors who specialise in these areas. We will also be focusing on enhancing our capabilities and offerings around security analytics, application control, incident management as well as data governance and compliance, which involves GDPR and identity and access management. We aim to grow our portfolio and look for vendors who have niche offerings that will not only complement our existing partners but also further add value to our offerings.

JUNE 2019

EVENT | VEEAMON 2019

VEEAM’S SECOND ACT AT ITS ANNUAL VEEAMON CLOUD DATA MANAGEMENT CONFERENCE, VEEAM SOFTWARE ANNOUNCED THAT IT JOINED AN ELITE GROUP OF SOFTWARE COMPANIES AND REVEALED HOW HYBRID CLOUD WILL PLAY A KEY ROLE IN THE NEXT CHAPTER OF THE BUSINESS. ADELLE GERONIMO REPORTS FROM MIAMI, FLORIDA.

eeam, the backup solutions and cloud data management company, has surpassed its billion-dollar mark joining an elite group of pure play software firms to achieve this milestone. The firm’s co-founder and executive vice president (EVP), worldwide sales and marketing Ratmir Timashev announced at the annual VeeamOn Conference held in Miami, Florida. According to Timashev, the milestone is part of the successful “Act I” of its growth plan, which was focused on the virtualisation of modern data centres. “In 2013, we predicted that in less than six years we will hit the $1 billion mark and here we are today,” he said. “We have joined a very elite group of companies. There are only 34 companies in the world that are pure software companies whose revenues are more than $1 billion.” For over a decade, Veeam has been major player in the backup, recovery and replication solutions market. Initially focused on server virtualisation for VMware environments, in recent years, Veeam has expanded on this

JUNE 2019

core offering, delivering integration with multiple hypervisors, physical servers and endpoints, along with public and SaaS-based (Software as a Service) workloads, while partnering with leading cloud, storage, server, HCI and application vendors to provide the most robust Cloud Data Management platform on the market. “10 years ago, virtualisation was the trend that transformed modern data centres. It became an integral part of our growth strategy during that past decade. We believe that being in the right place and time with our brilliant product have enabled us to ride this wave of technology innovation and emerge successful.” Further into his keynote address, Timashev also highlighted another milestone that Veeam has attained, which was gaining over 350,000 customers. “We have been onboarding an average of 4000 customers monthly. Last year alone, we have added approximately 50,000 new customers.” The Veeam co-founder noted that they have attained a significant number of these customers by word of mouth. “Our

customers describe Veeam products as simple, reliable and flexible,” he said. He then noted that this is a testament to the quality of service that Veeam provides and why customers are core to the growth of the company. Looking ahead, Timashev announced Act II of the firm’s growth strategy. “Act II will be focused on hybrid cloud,” he said. “We believe that there is a huge opportunity for data management in the hybrid cloud era. “According to a recent survey that we have conducted, 73 percent of organisations have set up hybrid cloud strategies with plans to invest into an infrastructure that supports a hybrid environment. “With our vision to become ‘the most trusted provider of backup solutions that deliver cloud data management,’ we are well-positioned to dominate this market.” At VeeamON, the company also unveiled a new initiative: the ‘with Veeam’ programme. As part of the new initiative, Veeam is partnering with top enterprise storage vendors to provide customers

www.tahawultech.com

with comprehensive secondary storage solutions that combine Veeam software with premium storage and HCI infrastructure hardware and management stacks. Solutions have already been announced with ExaGrid and Nutanix. According to Veeam, it has worked closely with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration. Veeam APIs enable its broad partner ecosystem to build complete solutions that are powered by the Veeam Availability Platform, with some partners integrating both primary and secondary storage with Veeam’s market-leading,

www.tahawultech.com

data-management stack. The ‘with Veeam’ programme builds on this strategy by providing broader and deeper integration points for partners to easily and rapidly deliver a secondary storage solution as a unified full-stack that is easy-to-procure, -size, -deploy and -manage, providing customers with options for their data-protection needs. Timashev noted that the launch of the ‘with Veeam’ programme will take their strategy to new heights and will help organisations achieve the levels of data protection, data retention, data availability and data management that their business’s demand. “Our strategy has always been about being open and agnostic by working with

a broad ecosystem of partners to better serve our mutual customers’ needs,” said Timashev. Veeam also announced the general availability of new Veeam Availability Orchestrator v2. According to the firm, the latest version expands its orchestration and automation capabilities to a broader set of applications and VMs, helping organisations address a variety of operational and disaster recovery (DR) and data migration scenarios. “The new version of Veeam Availability Orchestrator eliminates the challenges of manual processes by introducing reliable orchestrated recovery of production VMs, whether they’re protected by backups or replicas,” said Danny Allan, vice president, Product Strategy, Veeam. “This also includes the ability to quickly and efficiently leverage protection data to prove recoverability and compliance, whether standards are imposed internally or by governing regulations like HIPAA, SOX, GDPR and more.”

JUNE 2019

INTERVIEW | VEEAMON 2019

“MIDDLE EAST FIRMS READY FOR THE MULTI-CLOUD WORLD” VEEAM’S REGIONAL MANAGER FOR SAUDI ARABIA AND LEVANT, RAWAD ZAKI DISCUSSES THE STATE OF CLOUD AND DATA MANAGEMENT ADOPTION IN THE MIDDLE EAST.

ow is the cloud adoption in the Middle East region? Today, we are seeing that many organisations are moving to the cloud with the objective to reduce costs and streamline their operations. In the Middle East region, the adoption has been quite slow. However,

with major cloud providers establishing data centres in the region such as AWS in Bahrain and Microsoft in the UAE, regional organisations are increasingly integrating cloud into their strategies. In Saudi Arabia, one of the key mandates of the government’s Vision 2030 initiative is to develop strategies around data management and provide availability of services. Therefore, one of the key goals of this government initiative is to build establish a public cloud locally, guided by the National Information Centre (NIC). Upon doing so, the initiative will enable the NIC to provide complete cloud services for all government entities and will deliver cloud services such as IaaS, SaaS and PaaS among others. How have customer demands around data management and availability evolved? Business transformation today is driven by a new breed of users who want seamless and connected experiences. Businesses are facing increased pressures to deliver constant and instant access to services. Availability is a must and downtime is no longer acceptable no matter what the reason behind it is. Any downtime could result to huge losses whether it be financial or reputational. Therefore, organisations today are on the lookout for the latest solutions that will give them the ability to achieve a zero downtime and zero data loss environment.

JUNE 2019

How can Veeam’s offerings enable an organisation’s security transformation? According to recent studies, more than 60 percent of enterprises are targeted by malware. Data management and backup play a key role in ensuring that should an organisation gets hit by an attack they will be able to restore any data that they might’ve lost. In addition, availability is one of the key aspects in the move to the cloud as it ensures ease of access to data and services. With data protection being a key aspect of availability, integrating solutions around this will help businesses boost their security measures. With Veeam Availability Suite we enable our customers to shift workloads on-prem to the cloud while ensuring that they have complete control over their data. Furthermore, the Veeam Backup & Replication 9.5 Update 4 also includes a feature called Secure Restore, which allows an organisation’s security solution to scan backups before restoring them into their systems Do you think Middle East organisations are ready to leverage multi-cloud environments? Yes, definitely, they are ready. A lot of regional firms are leveraging the latest products and solutions in the market. However, what we are seeing now is that due to the accelerated pace of advancements in technology many organisations are running heterogeneous systems. They are hosting a number workloads across a variety of clouds may it be AWS, Microsoft Azure, IBM and so on. So, they have the capabilities and resources to flourish in multi-cloud environments. The main challenge now is managing the distributed data between all the clouds and centralising this management to ensure visibility regardless of where the data is residing. Veeam is well-positioned to help them address this challenge. We are equipped with the technologies and expertise to help them in managing and protecting their data in multi-cloud environments.

www.tahawultech.com

VEEAM TO BRING THE “BEST OF BOTH WORLDS” TO ENTERPRISES

fter hitting its $1 billion mark in revenue bookings, Veeam is now preparing for its second act, the company has announced during it VeeamON conference in Miami. The second act, according to co-founder Ratmir Timashev, seek to capitalise on the many opportunities that the hybrid cloud – from backup to data mobility across clouds. At the event, the company also made major announcements such as the launch of its “with Veeam” programme and product updates such as the Version 2 of its disaster recovery solution, the Veeam Availability Orchestrator. At the sidelines of the conference, the company’s vice president of enterprise strategy Dave Russell discussed how the firm’s latest announcements reflect the firm’s long-term vision of becoming “the most trusted provider of backup solutions that deliver cloud data management.”

“The past year has proven that Veeam’s business continues to be strong and healthy,” said Russell. “I believe that all of the major announcements that we have shared at VeeamOn are an amalgamation of all the progress that we have made in 2018 and it’s very exciting to share that with our customers and partners. Russell highlighted that Veeam has always been focused on bringing people the power to choose the right solutions for their business. “The ‘with Veeam’ programme reflects this endeavour by providing deeper integration points for partners to easily and rapidly deliver unified solutions that will offer customers the flexibility they need when it comes to data management implementations. “At Veeam we know what our strength is and it’s software. We spent decades perfecting this and we have deep expertise when it comes to software. The ‘with Veeam’ programme enables us to

bring the best of both worlds [hardware and software] to our customers,” explained Russell. According to Russell, collaborating with its strategic technology alliance partners Veeam will be able to deliver seamless experiences to customers. “We have our partnership with Nutanix and ExaGrid this week and there will be more to expect in the coming months. Our goal is to offer choice and we want our customers to be able to get the configuration that’s right for them no matter who their enterprise storage vendors are,” he said. As for future plans, Russell noted that analytics will be a key aspect that the company will be focusing and investing into in 2019. “With over 350,000 customers in our portfolio, analytics and machine learning will play significant roles in enabling us to proactively guide customers to manage and learn from their data.”

Dave Russell

“I BELIEVE THAT ALL OF THE MAJOR ANNOUNCEMENTS THAT WE HAVE SHARED THIS WEEK ARE AN AMALGAMATION OF ALL THE PROGRESS THAT WE HAVE MADE IN 2018 AND IT’S VERY EXCITING TO SHARE THAT WITH OUR CUSTOMERS AND PARTNERS.” www.tahawultech.com

JUNE 2019

INTERVIEW

HOW AI ADDS NEW HORIZONS TO CYBERSECURITY FROM IMPROVING CUSTOMER SERVICE TO AUTOMATING WORK PROCESSES AND PROVIDING PREDICTIVE ANALYSIS, ARTIFICIAL INTELLIGENCE (AI) IS TRANSFORMING THE WAY ORGANISATIONS OPERATE. AI IS ALSO BRINGING SIGNIFICANT ADVANTAGE TO CYBERSECURITY IN UNCOVERING VULNERABILITIES AND RESPONDING TO THREATS. SECURITY CORRESPONDENT DANIEL BARDSLEY SPEAKS TO PAUL Oâ&#x20AC;&#x2122;BRIEN, DIRECTOR OF AI, SERVICE, SECURITY AND OPERATIONS LAB APPLIED RESEARCH, BT TECHNOLOGY AND PROFESSOR NADER AZARMI, EMIRATES ICT INNOVATION CENTRE (EBTIC) DIRECTOR AND HEAD OF BT GLOBAL RESEARCH CENTRES TO DISCUSS HOW ADVANCEMENTS IN AI SPELLS THE FUTURE OF SECURITY IN THE MIDDLE EAST.

JUNE 2019

www.tahawultech.com

here is no shortage of money being invested in cybersecurity research as the threats from attackers appear to grow. Microsoft, for example, spends more than $1 billion annually in cybersecurity research and development, with the firm having said that the amount is increasing as activity migrates to the cloud. While the companies on their own are very active in pushing the boundaries of cybersecurity technology, a facility in the UAE is showing that the private and public sectors can work together to help improve security. The Emirates ICT Innovation Centre (EBTIC), which is based at Khalifa University of Science and Technology in Abu Dhabi, recently celebrated its tenth anniversary. Although its remit extends more widely, EBTIC – a collaboration between Khalifa University, the UAE telecommunications company Etisalat and the UK-headquartered telecommunications provider BT, with support from the UAE-based ICT Fund – is active in cybersecurity research. According to Paul O’Brien, BT’s director of AI, service, security and

operations lab applied research, the work at EBTIC includes finding ways to defend network resources while also developing solutions and catering to customers. “The research challenge is global and therefore it is important to zoom in to the security future of the region,” he says. “We also see a great demand from our local business customer base in the cybersecurity space as a whole.” A key area that EBTIC is focused on is Internet of Things (IoT) security, says Professor Nader Azarmi, EBTIC director and head of BT Global Research centres.

Paul O’Brien, BT Technology

“TIME IS MONEY IN THIS SPACE; THE FASTER WE CAN DETECT THESE TYPES OF THREATS, THE FASTER WE CAN DEAL WITH THEM AND PROTECT OUR ASSETS.” www.tahawultech.com

“The issue is imperative when we are looking at adding billions of devices to the network from different sectors where, in most cases, these devices are low on power and storage capabilities,” he says. “This requires defining new techniques and algorithms to run cybersecurity defence systems and make sure these devices are secure in addition to security at the network level.” Artificial intelligence (AI) is a particular area of interest at EBTIC when it comes to developing cybersecurity technology. This ties in with the methods that BT is already employing to defend its networks. “We are already using AI algorithms that can detect automatically, or with minimal human assistance, anomalies in the data flows, and alert the user of a possible attack,” says O’Brien. “Time is money in this space; the faster we can detect these types of threats, the faster we can deal with them and protect our assets. This is

JUNE 2019

INTERVIEW

Prof. Nader Azarmi, EBTIC and BT Global Research Centres

“WE BELIEVE THERE MIGHT BE A WAY OF LOOKING AT THE EARLY DESIGN STAGE OF SUCH SYSTEMS AND EMBED THE SECURITY ASPECT FROM AN EARLY STAGE.” one of the most important aspects of our research.” Officials say that BT is not, however, interested only in how AI could be used to scupper attacks; it is also focused on ways in which it could be used maliciously in attacks in future. “It is actually in this space where we are heavily engaged with academia to gain insight into what might be around the corner,” says O’Brien. Meanwhile, another area of interest at EBTIC is in how AI can be used to develop software systems that are, in Azarmi’s words, “resistant to malicious attacks right from the start”. As Azarmi notes, when systems are developed, the software inside the product is often not secure, so that security has must be built around it. “We believe there might be a way of looking at the early design stage of such systems and embed the security aspect from an early stage,” says Azarmi. “AI gives you the capability to predict the potential behaviour of people, because some of these attacks might use a repetitive approach. “This early-warning system is quite critical to businesses. With this in mind, we are looking at malware simulations with the aim of determining how the threat progresses through the network so we can blunt its attack.” Another area of research at EBTIC is human-machine collaboration, where,

JUNE 2019

as Azarmi puts it, AI is involved in detection and prediction as well as in “breaking up the problem and sharing sections with the relevant agents specialised in certain sub-problems”. “Once the parts are solved, they are put back together to present a complete solution. This makes the whole process of detection, action and remedy much quicker,” he says. Indeed Azarmi says that in future there will be more focus on “making AI work”, on moving away from malicious AI to helpful AI, such as when it is used with autonomous vehicles. He says “explainable AI” is also an important research topic. “At the moment, a lot of the work is like the black box, where the answer is provided, but how it was reached is not easy to explain,” he says. “People want to have clarity on how a given decision was made and visibility of the step-by-step process.” O’Brien says that explainable AI is not important when, for example, a person is on the internet searching for an image of, say, a pineapple. When you get one bad hit in every 100, it does not, he says, “seem to be a big issue”. In other circumstances this is not the case, though. “If AI was determining whether you should get a bail or a loan, for example, then it becomes very important to have explainable AI with increased transparency,” he says.

Officials involved in the Emirates ICT Innovation Centre (EBTIC) say that the facility represents an important collaboration between academia, government, and the private sector. Such a joining of forces is, according to BT, especially valuable when it comes to cybersecurity. “BT engages with over 40 universities globally and we continually seek to establish centres of excellence,” says Paul O’Brien, BT’s director of AI, service, security and operations lab applied research. “We do this because we realise that we do not have a monopoly on smart ideas and hence need to source smart technologies and collaborate with universities to understand what is around the corner. “This is exceptionally important for cybersecurity, where anticipating the next move of malicious actors in cyberspace is key.” According to Professor Nader Azarmi, EBTIC director and head of BT Global Research centres, BT and Etisalat have been collaborating “for years”. “This initially led to the discussion about facilitating innovation in the region with a strategic focus on research and development,” he says. “Khalifa University was a natural fit, especially with regards to the source of talent. Government was the next logical step, with our initiative perfectly aligned with the vision for the country: a knowledgebased economy.” Tying in with this, O’Brien says that the centre plays an important role in the UAE Vision 2021, which focuses on innovation and research because they help to create a knowledge-based economy. O’Brien says that this is about creating technological capability – not simply buying it in. “It is imperative for any country that wants to succeed in the ICT space that it lays the foundation for good collaboration amongst industry, government and academia,” he says. As the pace of change increases in line with the move to a digitised world, the speed of innovation has to increase, O’Brien says, and collaboration can help to achieve such faster change. “As the pace gets faster and more software based, all involved parties have to be much closer,” he says. “Governments need to be close from a regulatory point of view to bring about the right environment for innovation. Industry has to be close to research to make innovation sooner, while academia needs to be close to the problems to be relevant. This increased tempo is driving change.”

www.tahawultech.com

FEATURE

SOCIAL RESPONSIBILITY AS DATA INCREASINGLY BECOME A VITAL ASSET FOR BOTH INDIVIDUALS AND ORGANISATIONS, RECENT ISSUES AROUND HOW PLATFORMS SUCH AS FACEBOOK, TWITTER, AND GOOGLE HANDLE CUSTOMER INFORMATION HAVE ATTRACTED CRITICISMS FROM USERS AND GOVERNMENTS ALIKE. SECURITY CORRESPONDENT DANIEL BARDSLEY SPEAKS WITH INDUSTRY EXPERTS TO DISCUSS HOW SOCIAL MEDIA PLATFORMS SHOULD BE REGULATED TO COMBAT MISINFORMATION AND PREVENT THE INAPPROPRIATE USE OF PERSONAL DATA.

www.tahawultech.com

hen it comes to social media, an often quoted phrase is, “If you’re not paying for the product, you are the product.” Although not everyone sees this as a fair reflection of reality, the saying has developed particular resonance in a modern world where the likes of Facebook and Google hold sway. These platforms are free for everyone to use and, in return, the operators collect all manner of data

JUNE 2019

FEATURE

about individuals and employ it to “microtarget” advertising. Indeed, as yet another online ad comes up on the screen in front of them, it is easy for users to feel that the social media giants know them better than they know themselves. “There’s no doubt about it, all of these companies they have very intimate knowledge about the people using these platforms,” says Nicolai Solling, the chief technology officer for the cybersecurity company Help AG. Of course, this collection of data is not without controversy. News bulletins frequently air concerns over privacy and data breaches, with Facebook suffering a publicity meltdown in 2018 when it emerged that Cambridge Analytica had harvested data from large numbers of users without their consent. Another source of contention has been the modest size of the tax bills handed to social media giants, while there are regular complaints about social media companies unwittingly providing a platform for inappropriate material, such as racist content or terroristrecruitment messages. Yet effecting change is not easy: authorities can appear impotent when lined up against corporate giants like Facebook and Google, which are each worth hundreds of billions of dollars. Indeed, when lawmakers from Canada and the United Kingdom called separately for Facebook’s CEO, Mark Zuckerberg, to testify before them, their pleas fell on deaf ears. “It’s very challenging to regulate these

services because the whole fabric of how we communicate as a society today is dependent on them,” says Solling. “There are no governing laws on how they use this data. It gives them great benefit when they feed data into the algorithms on their social media platforms. “I do think there has to be some oversight. There’s a lot of fundamental discussion that needs to be done on how to utilise these things in a good way.” One set of suggestions has come from the Truth, Trust and Technology Commission, a body linked to the London School of Economics in the United Kingdom made up of academics, parliamentarians and others.

Nicolai Solling, Help AG

“IT’S VERY CHALLENGING TO REGULATE THESE SERVICES BECAUSE THE WHOLE FABRIC OF HOW WE COMMUNICATE AS A SOCIETY TODAY IS DEPENDENT ON THEM.” 32

JUNE 2019

In a report delivered in late 2018, the commission suggested creating a non-governmental “Independent Platform Agency” funded by a levy on the platforms’ revenue. The agency would observe the social media landscape, offer policy advice and encourage ways of improving the reliability of material that is posted. Long term, the commission indicated that there might be a need for tougher regulation, such as breaking up the companies or making them responsible for the content posted on them. Among those considering regulatory issues is Dr Natasha Tusikov, an assistant professor in the Department of Social Science at York University in Canada and a Fellow at the Käte Hamburger Kolleg / Centre for Global Cooperation Research in Germany. According to Tusikov, at present, because there is pressure to regulate the internet, governments, recognising that achieving regulation is complex and difficult, instead merely exert pressure on social media companies

www.tahawultech.com

Dr Natasha Tusikov, York University in Canada

“IT’S THE WORST OF BOTH WORLDS. THIS INTERACTION BETWEEN COMPANIES AND GOVERNMENTS FEEDS THE TENDENCY OF THESE COMPANIES TO ACT ARBITRARILY.”

to “do something”. As a result, ad hoc measures take the place of proper thought-out rules. “It’s the worst of both worlds,” says Tusikov. “This interaction between companies and governments feeds the tendency of these companies to act arbitrarily.” According to commentators such as Tusikov, because the social media giants are based in the United States, an American “laissez-faire” approach to regulation has tended to prevail. Silicon Valley has pushed this approach and justified it with the argument that innovation requires self-regulation rather than tough external oversight. “As a Canadian, I would like to see other countries have their political and social values reflected in the internet,” says Tusikov. National regulations already exist, such a ban on eBay selling Nazi paraphernalia in Germany, for example. Tusikov would like to see more countries crafting their own rules. Tusikov and a fellow academic, Dr Blayne Haggart, an associate professor

www.tahawultech.com

in political science at Brock University in Canada, would ultimately like to see an end to the current business model based upon the detailed collection of data and microtargeted advertising. They have put forward what might be seen as the radical proposal of nationalising social media, with Tusikov saying that national broadcasters, such as the British Broadcasting Corporation and the Canadian Broadcasting Corporation, show that the non-profit model can work in media. “It’s not unknown, but it’s several decades since we’ve had these conversations. Maybe a crown social media company could be politically feasible,” says Tusikov. In the United States, such suggestions are often seen as infringing upon free speech, raising concerns about authoritarianism. Tusikov argues that such worries are unnecessary in countries like Germany or the United Kingdom, which are not regarded as being authoritarian in the way that China, for example, often is. “The French president Emmanuel Macron has called for a human rights internet – a strong role for government, but democratic-based human rights model. I hope we’re not stuck in the binary model where we have to show allegiance to China or the United States,” says Tusikov. “The idea of government regulation of the internet is a much more nuanced discussion about what would these rules look like and what safeguards have to be in place to ensure governments don’t suppress human rights.’”

Another suggestion has been that Facebook and other social media giants should be broken up. Calls for action appear to be growing, with the United States senator (and presidential hopeful) Elizabeth Warren among those who have said Facebook should be dismantled, citing what is described as anticompetitive behaviour. More recently, a Facebook co-founder, Chris Hughes, has echoed this, saying that Facebook’s takeover of WhatsApp and Instagram should be reversed. Others have argued against a tougher regulatory regime, saying that the network does not have a true monopoly as there are myriad other communications services. In any case, people on both sides of the debate have said that breaking up Facebook would have a limited effect on the issues of misinformation and data collection. Tusikov argues that the companies would still be operating on the same data-intensive advertising model, which many feel is based upon the inappropriate use of personal data. “What would have to accompany anti-trust measures would be a serious restriction and regulation of this data model,” she says. “We see the granular level of detail of the information they have on people. One thing governments could say is that they can collect neighbourhood level or postal level. They could collect age range or gender categories.” The social media companies would not be able to make inferences about characteristics of individuals, such as their political opinions or religious beliefs. Enforcement might not be easy, as Tusikov notes that it requires trust in the social media companies. “There would be quite a bit of accountability and oversight. We’ve seen quite a lot of bad actors. There have been very few efforts to rein them in and say, ‘It’s not just a bad apple, it’s a feature,’” she says.

JUNE 2019

FEATURE

UNCOVERING THE UNKNOWN

AT THE SIDELINES OF LAST MONTH’S DELL TECHNOLOGIES WORLD 2019 IN LAS VEGAS, SECURITY CORRESPONDENT DANIEL BARDSLEY SAT DOWN WITH TOP EXECUTIVES FROM THE TECH GIANT’S SUBSIDIARY, SECUREWORKS, TO DISCUSS THE FIRM’S LATEST THREAT DETECTION AND RESPONSE SOLUTION – RED CLOAK.

JUNE 2019

www.tahawultech.com

inding out that attackers have breached a network is, as many organisations have found to their cost, neither quick nor simple to do. Indeed, the 2018 Cost of a Data Breach Study from the Ponemon Institute in the United States suggests that it takes companies an average of 196 days – or about six-anda-half months – to detect a data breach. According to the institute, there is an average cost of $148 (Dh544) per compromised record, which is not an insignificant amount. Moreover, there is little sign from the IBM-sponsored survey that the cost of data breaches is likely to fall over time. When reporting the results last year, Larry Ponemon, the eponymous institute’s founder and chairman, said that the average size of a data breach (measured by the number of records stolen or lost), the per-capita cost and the total cost had all increased since the 2017 survey. So it appears that attackers are being given plenty of time to do what they want, and are causing a considerable amount of harm. Such results highlight the importance of developing new, faster ways to detect and eliminate breaches.

Stephen Fulton, vice president, software and platform innovation

“SECUREWORKS HAS BEEN IN BUSINESS 20 YEARS; WE’VE TAKEN THAT INTELLIGENCE AND INTEGRATED IT INTO THE THREAT DETECTION APPLICATION.” www.tahawultech.com

At the same time, however, it is vital that such detection methods do not generate large numbers of false alerts, as these are time-consuming to investigate. The ideal is to prevent threats from being missed while not generating useless alerts. A new product called Red Cloak Threat Detection and Response from the US-based cybersecurity company Secureworks aims to dramatically speed up the detection of cyber threats. With this new cloud-based softwareas-a-service (SaaS) application – which Secureworks says should suit many companies in the Middle East – detection times of minutes or hours are said to be more likely than weeks or months. Red Cloak Threat Detection and Response is the latest product to use the Red Cloak name, which dates back to 2010. It was launched in Las Vegas at the Dell Technologies World 2019 event in May, a mammoth gathering of 15,000 IT specialists that featured keynote speeches from Michael Dell and a number of major figures from Silicon Valley. The launch may have lacked the fanfare of some of the more high-profile announcements and keynote addresses, but for companies looking to secure their systems, it may have been the most significant development from the “Sin City” event. Red Cloak Threat Detection and Response uses advanced analytics of a kind that, says Stephen Fulton, vice president, software and platform innovation at Secureworks, “we do don’t believe anybody else has”. The application makes use of integrated threat intelligence and information from Secureworks’ own global network, which the firm says is constantly monitored by a team of experts. These all help the application, which harnesses machine learning technology

JUNE 2019

FEATURE

Curt Dennis, senior product manager

“WE’RE CAPTURING SMALL EVENTS THAT MAY NOT HAVE SPECIFIC RELEVANCE, BUT A SERIES OF EVENTS OVER TIME CREATES A BEHAVIOURAL ALERT.” and artificial intelligence, to identify suspicious activity. “Secureworks has been in business 20 years; we’ve taken that intelligence and integrated it into the threat detection application,” says Fulton. “It is a security analysis application that allows our customers to detect previously unknown threats. “We have thousands and thousands of customers. If we see anything across that dataset, we can communicate it to individual customers or multiple customers.” Once a threat has been identified and communicated to a customer or customers, their in-house security professionals can help to deal with it as part of what Secureworks – a Texas-based company associated with Dell Technologies – has described as a collaborative investigation. It is for this reason that the new product is aimed primarily at firms with their own security analysts. “We like to see a company have three to four full-time security analysts. If they have that many doing that full time, this will be a good fit for them,” says Curt Dennis, senior product manager at Secureworks. “If they need a more managed type service, we can come up with a different type of programme for them.” Emphasising this point, Kyle Falkenhagen, senior director, product management at Secureworks, describes companies using Red Cloak Threat Detection and Response as having to be “at a certain maturity level”.

JUNE 2019

“It’s very much a requirement that they have security professionals on staff,” he says. Customers can use the technology to detect threats themselves and, once these are identified, they can contact Secureworks for assistance in what to do by using a chat function that is part of the application. “They get the power of our analysts and rich experience of threats wrapped into the application. You can ping one of our senior analysts 24/7,” says Dennis. A key aspect of Red Cloak Threat Detection and Response’s approach is the way that it captures many small events, each of which on its own might not be sufficient to trigger an alert, and uses them together to determine if there is cause for concern. Information comes in from a variety of sources, whether it is the cloud, the network, the endpoint or the firewall. According to Secureworks, the system’s approach of looking for multiple sources of threat, rather than a single source, is one of its key strengths. It is said to be more suitable for dealing with the complex tactics that an adversary might use. “We’re capturing small events that may not have specific relevance, but a series of events over time creates a behavioural alert,” says Dennis. “Our algorithms are watching for where people are logging in [from]. If you normally have people logging in from the US or London and we see someone logging in from Ukraine, that creates an alert.”

A suspicious IP address is something else that might trigger concern. Dennis indicates that the application has proved itself to be effective at dealing with threats without being too sensitive. “We had a data set of 100,000 DGAs [Domain Generation Algorithms]; it detected all of them. And out of 100,000 of them, it only generated five false positives. It saves a tremendous amount of time,” he says. The first visible signs of an attack might be from an endpoint watch list alert, which is generated by Secureworks’ own threat intelligence, which includes thousands of incident response (IR) engagements. Most of the attacks that Red Cloak Threat Detection and Response will highlight will be financially motivated, but Fulton says that state-sponsored attacks are likely to make up about 10 percent of the total. The application could be used by large companies in the Middle East according to Secureworks, which is publicly Iisted and which has 42,000 clients in 65 countries. Around the world, restrictions on the transfer of data from some countries may affect the ability of certain firms to send their data to Secureworks’ servers in the United States, in which case Secureworks says it can look to work directly with the client. Language support is currently available only in English, but Secureworks says that it is looking to offer greater localisation of, for example, language and nomenclature. The cost paid for the service is determined not by the volume of data or a customer’s employee headcount, but by the number of endpoints. “We specifically didn’t want to do data volume. That’s a big complaint from customers. It’s based on the amount of endpoints. You can send as much data as you want – endpoint data, cloud data,” says Falkenhagen.

www.tahawultech.com

BLOG

“123456”: UNDISPUTED KING AS MOST-HACKED PASSWORD BY TOMAS FOLTYN, ESET

n analysis of the 100,000 most-commonly reoccurring breached passwords confirms that ‘123456’ is the undisputed king of atrocious passwords. Using data from Have I Been Pwned (HIBP), a website that allows users to check if their email addresses or passwords have appeared in a known data breach, the United Kingdom’s National Cyber Security Centre (NCSC) has found that 23.2 million user accounts worldwide were “secured” with ‘123456’. Its close, and similarly poor, relative, ‘123456789’, was used 7.7 million times, leaving the door just as wide open for cybercriminals. Other stalwarts among the most common passwords – ‘qwerty’, ‘password’ and ‘1111111’ – rounded out the top five. And perhaps just as unsurprisingly, many of the most-hacked passwords were made up of names, soccer teams, musicians, and fictional characters. Some

www.tahawultech.com

of the most popular choices each appeared in hundreds of thousands of passwords. The NCSC made available the entire list of the 100,000 most commonly reoccurring passwords for breached user accounts. Overall, the NCSC’s findings may well bring echoes of other analyses of the most commonly re-occurring passwords. As we also reported late in 2018 and 12 months earlier, studies conducted annually by password security company SplashData produced very similar results. At any rate, if any of your passwords appears on the NCSC’s list, you would be very well advised to change it posthaste, and perhaps use some of our guidance for picking passwords or passphrases that are both strong and unique. You can also use our how-to guide to check on HIBP if any of your online accounts may have been the victim of a known breach. Setting up multi-factor authentication wherever possible will add an extra

layer of security in exchange for very little effort. ATTITUDES Alongside the password risk list, the NCSC also published the results of its first ‘UK Cyber Survey’, which sought to find more about people’s awareness of, and attitudes towards, cybersecurity. The survey, which gathered input from more than 2,500 people in the UK between November 2018 and January of this year, found that only 15 percent say they know “a great deal” about how to protect themselves from harmful cyberactivity. Most (68 percent) said that they know “a fair amount”. More than two-thirds of the respondents believe that they will likely fall victim to at least one type of cybercrime over the next two years. The most prevalent concern was money being stolen, as 42 percent fear that this is likely to happen by 2021.

JUNE 2019

COLUMN

A BRAND NEW WORLD

G is no longer a futuristic concept, but a modern reality. This next stage of wireless technology promises to bring hyper-connectivity to the inevitable billions of new devices that are all talking with one another at incredibly fast speeds with remarkably low latency. Globally, carriers are investing hundreds of billions of dollars into developing the technology. In fact, Middle East nations are betting big on the 5G race. Over the past year, regional operators have made headline announcements about 5G services. In the UAE, Etisalat and Expo 2020 Dubai have partnered to deploy the network at Expo 2020â&#x20AC;&#x2122;s smart site. Additionally, major telcos such as Etisalat and du have announced its 5G sites and have launched 5G-ready mobile devices. Commercial 5G testing in other GCC nations such

JUNE 2019

as Oman and Saudi Arabia are also well underway with plans to launch the network in the next 12 months.. There is no doubt that 5G will play a huge role in shaping the digital future. It will open up new possibilities for consumers, businesses and society as a whole. 5G will accelerate a wide array of emerging technologies as well as new services â&#x20AC;&#x201C; everything from faster mobile connectivity to self-driving cars to remote surgeries being performed from anyplace in the world. It is definitely an exciting technology to look forward to. However, the promising new 5G world will face its own set of cybersecurity challenges. The advent of the Internet of Things (IoT) era, which is expected to be dependent on 5G networks, will create a vast number of endpoints that cyber-attackers can penetrate. This radically increases the complexity of

ONLINE EDITOR ADELLE GERONIMO SHARES HER VIEWS ON THE LATEST DEVELOPMENTS IN THE SECURITY LANDSCAPE.

securing networks from hackers and cybercriminals. In addition, the sheer amount of data that will be created, and speedy processes that will be facilitated by 5G networks will make it much more difficult to spot behavioural anomalies. 5G technology can also be used by the adversary to compromise networks at a new speed and scale. As endpoints become hyper-connected, 5G can potentially weaponise IoT devices to launch more powerful Distributed Denial of Service (DDoS) attacks. As with any innovation, 5G will create new use cases for multiple industries, which could prompt a new breed of security threats. The good news is that 5G is still in its nascent stages and there is time to make security a priority. There is an opportunity to ensure that security is a front-and-centre focus in developing the technology.

www.tahawultech.com

Get Everything SD-WAN Has To Offer

SD-WAN can deliver reduced WAN costs. But it can’t be at the expense of Security. Fortinet’s Secure SD-WAN solution provides full SD-WAN capabilities with all of the Next Generation Security features needed for today’s ever-changing threat landscape.