CXO DX March 2023

RAMAN NARAYAN

Co-Founder & Editor in Chief

narayan@leapmediallc.com

Mob: +971-55-7802403

Sunil Kumar Designer

THE PRIMACY OF CYBERSECURITY

The array of cybersecurity solutions being showcased at this year’s edition of GISEC Global will highlight how the domain is evolving rapidly and keeping pace with the threats that are also developing at a rapid rate. With more devices connected, with more IoT deployments and cloud acceleration, cybersecurity is now right at the forefront of IT strategies.

While we have seen how IT has become a business enabler, that extends to cybersecurity convincingly. Without a robust cybersecurity posture, achieved as a culmination of the right deployments enabling a 24/ 7 active and effective cyber defence network, Businesses can be quite vulnerable to cyber-attacks.

The work-from-anywhere trends have accentuated the need to enhance the cybersecurity focus and secure digital assets deployed anywhere, in the cloud or on-prem. As a result, there is a growing focus on Zero Trust architecture deployments and that is becoming a huge driver of enterprise investments. In fact, according to Gartner, Zero Trust network access will even replace virtual private networks (VPNs) by 2025

A huge diversity in deployments including multi-cloud and on-prem deployments and the extending edge has challenged and even made the notion of the traditional network perimeter redundant. Therefore, organizations are expected to focus on micro-segmentation and micro-perimeters for controlling and securing digital identities, according to an expert. There will be an increased focus on enabling multi-factor authentication. On the other hand, AI-based cybersecurity solutions are adding more potency to the capabilities for extracting real-time insights that will enhance the cybersecurity posture.

Organizations also need to look at prioritizing security risk management as critical to business success. According to Gartner, organizations that don’t look at this as a priority are likely to face talent churn in the face of massive market opportunities for cybersecurity professionals. They would rather go where they feel their work will be more valued.

SAUMYADEEP HALDER

Co-Founder & MD

saumyadeep@leapmediallc.com

Mob: +971-54-4458401

Nihal Shetty Webmaster

MALLIKA REGO

Co-Founder & Director Client Solutions

mallika@leapmediallc.com

Mob: +971-50-2489676

14 » MANAGING CYBER RISKS

Tenable helps organizations proactively address, manage, and reduce cyber risk across their entire infrastructure including cloud, IoT, OT and other platforms

12 » ENTERPRISES LOOKING TO INVEST IN AGILE AND BESPOKE SOLUTIONS

Companies carefully vetting technology based on its relevant use cases, agility, and applications

21 » EVOLVING CYBER RESILIENCE

A diversity of cloud deployments along with on-prem deployments, a merging of IT and OT networks along with accelerated digital transformation is challenging the cyber security readiness of organizations.

17 » TOWARDS CYBER DISCIPLINE

Morey Haber, CSO, BeyondTrust says that Technology alone cannot provide the resilience organizations need

22 » A MULTI-FACETED APPROACH

Muhammad El-Bassiony from Mindware discusses best practices and trends in cybersecurity.

23 » A PROACTIVE APPROACH

Biju Unni,VP at Cloud Box Technologies discusses how the key to effective cybersecurity is a proactive approach

24 » GETTING YOUR CYBERSECURITY APPROACH RIGHT

Anoop Kumar, Information Security Manager at Al Nisr Publishing shares his views about the transforming cybersecurity landscape

25 » GA BALANCED APPROACH TO CYBERSECURITY

Bilal Lodhia, IT Security Manager at Gargash shares his perspectives on the evolving cybersecurity landscape

33 » GFIVE GUIDELINES FOR TRUSTED GENERATIVE AI

Thierry Nicault, Area VP,MENA, Salesforce outlines a few tips on how to work with the transformative technology of Generatiive AI

34 » THE ETHICS OF FACIAL RECOGNITION

Vito Fabbrizio, of HID Global discusses the best practises of implementing facial recognition

36 » BUILDING ROBUST APPLICATION SECURITY

Simon Pearce, of Cisco AppDynamics outlines a 6-step guide to robust application security in cloud native environments

38 » WHY YOU SHOULD TREAT EVERY DAY LIKE WORLD BACKUP DAY

Fred Lherault from Pure Storage says organizations need a pronged backup strategy

42 » CYBERSECURITY AS A SERVICE

Reduce your organization's Cyber Threats with CyberSecurity as a Service from Finesse, writes Ateeb Wani

MANAGEENGINE TO SHOWCASE RECENTLY-ENHANCED SIEM SOLUTION AMONG OTHER SECURITY OFFERINGS AT GISEC 2023

Company Marks a Decade of Participation at the Premier Security Event This Year

in 2013, this year's edition will mark 10 years of ManageEngine's presence at the premier security event.

"The digital ecosystem is fast evolving due to technological advancements. But so are the threat actors. Unsurprisingly, cybersecurity remains the top priority for CIOs and CISOs in the region. Organizations should focus on identifying high-risk vulnerabilities and address them immediately. GISEC offers us a great platform to showcase our powerful cybersecurity capabilities and help address the security concerns of organisations," said Nirmal Kumar Manoharan, regional director of ManageEngine.

risky security configurations of systems and users. It also continuously assesses the Active Directory security risk posture based on Microsoft's security guidelines. These security and risk posture management features will help enterprises implement a proactive security strategy and prevent cyberattacks before they occur.

In addition, ManageEngine will showcase PAM360, its privileged access management solution, which now features advanced privilege elevation capabilities for Linux environments.

ManageEngine, the enterprise IT management division of Zoho Corporation, announced its participation in the upcoming Gulf Information Security Expo & Conference (GISEC) to be held at the Dubai World Trade Centre on March 14-16, 2023. Having first participated

ManageEngine will showcase all its security offerings, including its SIEM solution, Log360, to which a security and risk posture management dashboard was recently added. This new feature offers granular visibility into weak and

Other ManageEngine solutions covering endpoint security, data security and network security will also be highlighted at the event. Cybersecurity experts will be available to interact with attendees, address their IT security concerns and share insights on the latest security trends at booth number D 60.

CISCO DOUBLES DOWN ON FRICTIONLESS SECURITY

Offers enhanced protection for Hybrid Work and Multi-Cloud Environments

Cisco customers can now access new riskbased capabilities across Cisco’s security portfolio to better protect hybrid work and multi-cloud environments. These advancements demonstrate progress towards realizing the full vision of the Cisco Security Cloud which will protect the integrity of an organization’s entire IT ecosystem.

Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco said, “Cisco is building an end-to-end portfolio of security solutions and integrating them into a single platform. We’re excited to share the latest innovations across zero trust, application security, and secure connectivity as we build towards our vision.”

Cisco also introduced initial findings from the first-ever Cybersecurity Readiness Index focused on five core pillars of security

protection – identity, devices, network, applications, and data. While technology to secure devices is widely adopted, more progress is needed to protect identity, networks and applications.

Several features of Duo Risk-Based Authentication designed to reduce user friction and increase security efficacy in a hybrid work world are now available.

A significant advancement in its applications strategy, Cisco has announced the introduction of industry-first Business Risk Observability, an enhancement of Cisco’s Full-Stack Observability application security solution. This is available through Cisco Secure Application, which is integrated into Cisco AppDynamics.

Cisco + Secure Connect, the unified single-vendor SASE solution, is extending support to Cisco SD-WAN powered by Viptela. Cisco+ Secure Connect uniquely converges Cisco SD-WAN fabrics and Cisco's leading cloud security services to provide secure access to anything from anywhere.

DELL TECHNOLOGIES STRENGTHENS CYBER RESILIENCY

Dell’s AI-powered software and operational security capabilities help drive Zero Trust, protecting data and reducing risk from cyberattacks

Dell Technologies is expanding its industry leadership in data protection appliances and software to help customers protect their data on premises, in public clouds and at the edge.

The Dell PowerProtect Data Manager Appliance leads a series of advancements for multicloud data protection that are simple to use and easy to consume. Dell innovation in AI-powered resilience and operational security accelerates the adoption of Zero Trust architectures, helping protect organizations from the increasing threat of cyberattacks.

The new solutions help address rising data protection challenges facing organizations.

Jeff Boudreau, president and general manager, Infrastructure Solutions Group, Dell Technologies said, “This digital landscape

requires a modern data protection and security strategy to address cyber threats. Dell helps customers strengthen cyber resiliency by offering integrated data protection software, systems and services to help ensure data and applications are protected and resilient wherever they live.” .

Dell’s data protection software, Dell PowerProtect Data Manager, helps organizations simplify their IT operations and reduce risk. PowerProtect Data Manager software addresses the increasing need for cyber resiliency and supports Zero Trust principles.The Dell PowerProtect Data Manager Appliance offers a simple path to adopt modern data protection. The debut system is ideal for small and mid-sized use cases with support that scales from 12 to 96 terabytes of data.

PowerProtect Cyber Recovery for Google Cloud enables customers to deploy an iso-

lated

to more securely separate and protect data from a cyberattack.

OPSWAT HIGHLIGHTS THE ROUTE TO IT/OT SECURITY MATURITY

The vendor offers purpose-built CIP solutions that can be deployed in the cloud, on prem and in air-gapped networks

OPSWAT, a global leader in critical infrastructure protection (CIP) cybersecurity solutions, will be at GISEC 2023 to show the region’s private and public sector enterprises how to develop their cybersecurity maturity through the company’s endto-end IT/OT security solutions.

“OPSWAT has been a GISEC attendee for many years, and this time around, we exhibit amid a threat landscape that is bubbling with risk for OT (Operational Technology) and ICS (Industrial Control System) environments,” said Sertan Selcuk, Vice President of Sales, Middle East, Turkey, and Africa, OPSWAT. “Our mission to protect critical infrastructure through purpose-built CIP technologies has never been more urgent. Regional nations have been hard at work diversifying their economies, and heavy industries such

as utilities, energy, manufacturing and oil and gas can only innovate as long as they remain protected from cyber criminals.” From an OT perspective, OPSWAT will

demonstrate how Neuralyzer, the company’s asset-visibility platform, can reach into the darkest spaces of the technology stack and give back control of the suite to OT and security professionals. MetaAccess OT is an industrial-scale, secure remote-access appliance that enforces granular access control. OTfuse is an industrial firewall designed specifically for OT/ICS assets.

Also on display at the lab will be MetaDefender Vault, a secure file-storage system for cross-domain and inter-network transactions, and MetaDefender Kiosk, which is a portable media security solution for transferring files and devices back and forth between air-gapped and connected networks. And NetWall is the company’s security gateway capable of unidirectional and bidirectional setups.

CHECK POINT SOFTWARE TECHNOLOGIES TO SHOWCASE PREVENTION-FIRST BEST SECURITY SOLUTIONS

The cyber security company brings comprehensive, consolidated and collaborative approaches to address unique security challenges in the region

Check Point Software Technologies Ltd, a leading provider of cyber security solutions globally, announced its participation at GISEC 2023, where it will showcase its new technologies and solutions designed to address the region's fast-evolving cyber security needs.

"We believe that prevention is the best security solution, and our focus is on delivering comprehensive, consolidated, and collaborative cyber security solutions to our customers and partners," said Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East. “We are thrilled to be participating in GISEC 2023 and engaging with our customers and partners in the region to discuss how we can help them prevent cyber-attacks and protect their critical assets."

Check Point Software's booth #D20 will showcase the company's latest range of cyber security solutions, including Check Point CloudGuard, Check Point Harmony, Check Point Quantum and Check Point Horizon. Visitors to the booth will have the opportunity to see live demonstrations of the products and engage with experts to discuss their specific security needs.

In addition to showcasing its latest security solutions, Check Point Software will be highlighting its commitment to leveling up its engagement with customers and partners to provide the best customer experience.

"Our commitment is to enhance our engagement with customers and partners, ensuring they receive an exceptional customer experience," continued Ram Narayanan.

SANS INSTITUTE LAUNCHES NEW CYBERSECURITY TRAINING FOR IT ADMINISTRATORS

Brings essential short-form training to one of the most maliciously targeted positions

SANS Security Awareness, a division of the SANS Institute, has announced the launch of its new short-form technical training modules, "Security Essentials for IT Administrators." This series provides a comprehensive review of cybersecurity principles, specifically targeting those with a foundational understanding of IT systems and/or network administration to keep them up-to-date and knowledgeable in the constantly evolving cybersecurity landscape.

The series leverages learning objectives from popular SANS training courses such as SEC301, SEC388, SEC401, and SEC504, and is designed to increase awareness of the unique attack landscape that IT professionals face. This product line is available to organizations looking to improve their security knowledge and preparedness for purchase directly from SANS Security Awareness or accessible

through Microsoft’s ‘Defender for Office 365’ package.

"Security Essentials for IT Administrators" is part of a larger family of short-format technical training offered by SANS Security Awareness, including secure code training modules for developers, industrial control system (ICS) engineer training, and NERC CIP compliance training. This series includes 12 modules of in-depth, task-specific training, with an average module run-time of 7.5 minutes, making it a quick and convenient way for network and system administrators to reinforce their understanding of fundamental security best practices.

"SANS Institute is proud to offer the Security Essentials for IT Administrators video series as a valuable resource for security engineers to enhance their understanding of the unique security challenges they face in their daily roles,"

said Keith Palmgren, SANS Senior Instructor and author of the video series. "This training is an essential element in any security practitioner's toolkit and is a testament to SANS' commitment to providing the highest quality security training available."

ZERO TRUST ACCELERATION, DDOS

MITIGATION

AMONG CLOUDFLARE’S FOCUS AT GISEC

Will educate Businesses about protecting, consolidating, and optimising their corporate networks

Cloudflare, Inc, will use its participation at GSIEC to educate regional enterprises and organisations about protecting, consolidating and optimising their corporate networks, their IT and internet presence, without the cost and complexity of managing legacy network hardware.

Bashar Bashaireh, Managing Director of Middle East & Turkey at Cloudflare said, “As a company that is leading innovation, we are excited to be present at GISEC, to partner with enterprises in the region on their network transformation journey. With Cloudflare, enterprises can replace a patchwork of appliances and expensive legacy circuits with a single global platform that provides built-in, software-defined Zero Trust functionality, DDoS mitigation, firewall services, and traffic acceleration.”

Some of the initiatives and innovations

that the company is keen to demonstrate at GISEC include:

Zero Trust: Cloudflare’s SASE platform, Cloudflare One, is a Zero Trust networkas-a-service built on a single, unified global network.

DDoS Mitigation: Cloudflare’s 192 Tbps network blocks 136 billion daily threats on average. The company’s global network spans over 285 cities & 100 countries to stop attacks on the frontlines.

Application Security: Web applications and APIs make the digital world go round. Cloudflare API Shield keeps APIs secure and productive with API discovery and innovative, layered defenses. API Shield is part of Cloudflare’s application security portfolio that also stops bots, thwarts DDoS attacks, blocks application attacks and monitors for supply chain attacks.

Email Security: Cloudflare Area 1 is a cloud-native email security platform. It crawls the Internet to pre-emptively stop phishing, Business Email Compromise (BEC), and email supply chain attacks at the earliest stages of the attack cycle.

BULWARK PARTNERS WITH CONTINUITY TO SECURE ENTERPRISE STORAGE & BACKUP

Continuity’s solutions will help customers protect their data, and ensure recoverability

Continuity, a leading provider of cyber resilience solutions announced its partnership with Bulwark Distribution FZCO. Together, the two companies are dedicated to securing organizations’ storage and backup systems, to withstand ransomware and other cyberattacks.

The partnership is based on Continuity’s StorageGuard, a security posture management solution that will enable Bulwark’s channel partners and system integrators across United Arab Emirates and other GCC countries & the Indian sub-continent regions, to automatically detect, prioritize and remediate vulnerabilities and security misconfigurations in their clients’ storage and backup systems. This will help them protect their data, and ensure recoverability.

Enterprise storage and backup systems are becoming a growing target for ransom-

is the biggest determining factor to show if an organization will pay the ransom. According to the Gartner Report: Hype Cycle for Storage and Data Protection Technologies, 2022, “network-attached storage (NAS) and scale-out file system storage provides inadequate protection from malicious deletion or encryption of data. Cyberstorage provides active defense against cyber attack on unstructured data.”

“StorageGuard is an exciting innovation that fills a gap for our customers. For the first time, our partners can help their clients harden their storage and backup systems, to improve cyber resiliency and data protection. Organizations will be able to automatically detect all security risks, and prioritize them in order of urgency and business impact.” said Jose Menacherry, Managing Director at Bulwark Technologies.

MINDWARE ACADEMY LAUNCHED TO BRIDGE TECHNOLOGY SKILLS GAP IN THE MIDDLE EAST

Teams up with American University of Sharjah (AUS) for a pilot program

Workspace, Network Management, Server Virtualization fundamentals, Endpoint foundation

Mindware service offerings and understanding processes from receiving the RFP, preparing the quotation, SoW, pricing and assigning engineers.

Mindware has announced the launch of Mindware Academy, an initiative designed to develop young talent and help combat the challenge of IT skills shortage in the Middle East.

Mindware teamed up with the American University of Sharjah (AUS) for a pilot program in December, where a few select students from the University successfully underwent a five week internship. The two institutions are now working towards signing a MOU with the intention of

growing the relationship and deepening the collaboration.

The pilot program covered the following topics and information:

• Introduction to Cloud, Infrastructure as a Service (IaaS), and Cloud vs On-premise

• Security overview, Data Protection, Endpoint Security and Identity & Access Management, Datacentre and Cloud Security, Security Operations and Incident Response

• Data Center overview, Business Continuity and Disaster Recovery, Digital

The internship not only helped the students enhance their technical knowledge but also helped significantly improve their communication and presentation skills, besides giving them clarity on which courses/ tracks to opt for in the next four years of their university education.

Mindware Academy will start with two programs a year in UAE, with six students attending each program. Mindware will look to ramp up the number of programs, as well as expand the concept from UAE to the wider Middle East region, involving more universities.

ZOHO ANNOUNCES AED 100 MILLION INVESTMENT FOR EXPANSION IN UAE

Grows its partner network by 50% to improve its reach

In 2022, Zoho grew by 45% in the UAE, which was the second-highest growing country globally. It has also doubled its employee base in the UAE as well as across the MEA region in the past year, by hiring locally as per its ‘transnational localism’ policy of being locally rooted while staying globally connected. The partner network in the country grew by 50% in 2022, helping Zoho serve its customers better.

“As part of our transnational localism strategy, when we expand into a region, we want to give back to the local community and be rooted in the local culture as we grow,” said Sridhar Vembu. “Over the past five years, we have invested in local hiring, growing our partner network, adding Arabic support in our products, and integrating with local payment gateways to adapt our solutions for the local market.

We will continue to invest in growing our footprints in the country through hirings, upskilling programmes, localisation of

products, integrating our solutions with local vendors, and partnering with organisations to help local businesses in their digitalisation efforts.”

Zoho has partnered with various organisations such as Department of Economy and Tourism (DET) and Dubai Culture in order to make enterprise technology available to businesses of all sizes. It has also partnered with educational institutes like Manipal Academy of Higher Education (MAHE) and Emirates Academy of Hospitality Management (EAHM) to offer upskilling courses. Since 2020, Zoho has helped over 3500 SMEs gain access to its cloud technology through various partnerships, investing AED 20 million in wallet credits. It also invested AED 4.5 million in upskilling initiatives for imparting digital literacy to over 200+ students and 300+ companies.

ENTERPRISES LOOKING TO INVEST IN AGILE AND BESPOKE SOLUTIONS

Companies carefully vetting technology based on its relevant use cases, agility, and applications

Endava, one of the world’s leading providers of digital acceleration and agile software development services, has launched a new report titled ‘Emerging Tech Unpacked’. The research sought to understand businesses’ familiarity with 13 pivotal concepts (including AI, Digital Ecosystems, ESG, Web3, Phygital, Digital Twins and Telematics), the level of relevance these have to the organisations’ line of business, and the current state of strategy around adoption and implementation.

The key takeaway from the report is that against the backdrop of a challenging global economic environment, businesses are veering away from the hype-cycle which has been so influential in purchase decisions over the last decade. Instead, companies are carefully vetting technology based on its relevant use cases, agility, and applications. Not surprisingly, Big Data (75%), Predictive Analytics (72%) and AI-driven Automation (71%) were the three technologies showing the highest rates of adoption, given their proven ability to drive strategic impact.

The report, which surveyed decision makers from nearly 700 organisations, also showed that distrust in over-hyped technologies continues; while the Metaverse was cited as one of the most recognised emerging trends, 30% of organisations lack any form of strategy for including it in their operations, and half of those said it was because the technology is irrelevant to their business. Less scepticism is shown to Web3 with nearly a third (27%) of respondents having implemented a strategy and three in ten businesses (30%) in the process of doing so. Building digital ecosystems and microservices are also validated trends for businesses looking to

invest in building strategic frameworks, with 33% of respondents planning to incorporate these services in some way.

Speaking on the research, Endava CEO John Cotterell said, “By now, everyone is aware of the global economic forecast, but what’s interesting is how different businesses are readying themselves to weather the storm. While there’s a renewed scepticism of ‘over-hyped’ technologies, it’s important to not lose sight of the big picture, and companies are now sitting up to take note of where they can and should invest their resources.”

“Technologies like the Metaverse, digital twins and Web3 may not seem like they’re particularly relevant, but this is often because they’re misunderstood. While it’s necessary to be sensible with investments; we’ve seen time and time again what can happen if businesses rely on aging infrastructure and the gains made by being an early adopter of some

of these more innovative technologies and practices. Working in a fast-paced industry means having to keep up with the ever evolving nature of tech stacks; digital transformation projects are no longer fit for purpose. Instead, businesses are now looking to invest in more agile and bespoke solutions that meet the challenges of today as well as the future.”

Nick Curran, Head of Endava Middle East and North Africa added, “Organisations in the UAE and the wider Middle East region have consistently demonstrated their eagerness to embrace the very latest innovations. But at the current pace of digital advancement, the abundance of emerging technologies presents an intimidating landscape for business leaders. Our report serves to guide these digital pioneers in selecting the ‘right technologies’ that will enable them to implement impactful use cases that drive tangible business outcomes and give them a decisive competitive edge.”

MANAGING CYBER RISKS

In the rapidly transforming cyber threat landscape, probably the most vital challenge for organizations is to be aware of all threats to the network at any point in time to ensure the right proactive action is taken against the threats. Exposure management is therefore a key element of a resilient cybersecurity posture given the ever-evolving and expanding attack surface.

“The world is changing but one thing remains the same — as fast as organizations adopt new technology to facilitate new ways of working, threat actors are waiting in the wings to take advantage.

When threat actors evaluate a company's attack surface, they're not thinking in terms of organizational silos. They're probing for the right combination of vulnerabilities, misconfigurations, and identity privileges.”

While Traditional vulnerability management focuses on the act of enumerating flaws in software that could be exploited

Tenable helps organizations proactively address, manage, and reduce cyber risk across their entire infrastructure including cloud, IoT, OT and other platforms

(CVEs), Exposure management extends beyond this by providing additional context like who is using the system, what they have access to, how it's configured, etc.

“There is more to proactively securing an environment than patching software. Exposure management enables cybersecurity teams to operationalize their preventive security programs, which in turn also allows organizations to clearly explain the effectiveness of their security program,” adds Bernard.

Taking care of the blind spots

The cybersecurity posture needs to be comprehensive, ensuring there are no blind spots and for that, they need to have a complete view of the total attack surface within their infrastructure.

“Benjamin Franklin is credited as saying ‘an ounce of prevention is worth a pound of cure’ and this would certainly hold true with cyber attacks. Protecting everything can be soul-destroying given it's practically an impossible task. Instead, organizations need to reduce effort by focusing on what matters most,” says Bernard.

He adds, “The difficulty is that blind spots are created for three key reasons. Firstly, security teams struggle to link the dots between a vulnerable asset and what it connects to - i.e. the potential attack path a threat actor could take having compromised a single device or entry point. Secondly, cloud configurations create a virtual ‘fog’, hiding what is stored where. And lastly the unknown unknowns - those assets that are connected to the Internet that security teams may not even know exist.”

Security teams need a holistic view of their entire modern attack surface as part of their exposure management program to enable cross-domain visibility and help remove the resultant blind spots. They need to determine all of their software versions and where vulnerabilities exist, identify misconfigurations that increase their risk exposure, and establish who is using what systems and what level of access they have. This detail needs to be correlated together, regardless of whether it’s happening on a laptop, a container, an application, or a programmable logic controller (PLC) to provide the full breadth and depth of the organization’s exposures.

Once a holistic viewpoint is established, the next step is to identify what would cause theoretical versus practical damage. From this viewpoint, the team can take the actions needed to reduce threats through remediation and incident response workflows.

Tenable One, is Tenable’s Exposure Management Platform that helps organizations gain visibility across the modern attack surface, focus efforts to prevent likely attacks, and accurately communicate cyber risk to support optimal business performance.

The platform combines the broadest vulnerability coverage spanning IT assets, cloud resources, containers, web apps, and identity systems, builds on the speed and breadth of vulnerability coverage from Tenable Research, and adds comprehensive analytics to prioritize actions and communicate cyber risk. Tenable One allows organizations to:

● Gain comprehensive visibility across the modern attack surface

● Anticipate threats and prioritize efforts to prevent attacks

● Communicate cyber risk to make better decisions

Tenable One includes the full functionality of Tenable Vulnerability Management (formerly Tenable.io); Tenable Cloud Security (formerly Tenable. cs); Tenable Identity Exposure (formerly Tenable.ad); Tenable Lumin Analytics (formerly Tenable Lumin) and Tenable Web App Scanning (formerly Tenable WAS)

Enabling Zero Trust

While Zero Trust is not a new concept, today it has evolved into a more detailed technology architecture. In a world that doesn’t subscribe to traditional network perimeters and the infrastructure is a complex mix of multi-cloud and on-prem deployments, implementing a Zero Trust model is a necessity. However, there is no silver bullet, no single technology, and no one size fits all solution.

Bernard elaborates, “Zero Trust is a way of thinking about information security that treats trust as a vulnerability. The model was designed to resonate with the highest levels of the organization without necessarily requiring them to make a significant investment in new tools. And, it levels the playing field, immediately derailing any execs who see themselves as "trustier than thou." A cybersecurity strategy that removes trust entirely from digital systems is, in fact, a great equalizer, one that any

proponent of "flat" corporate hierarchies ought to be more than happy to embrace.”

While the zero-trust model represents a significant divergence from the legacy, moat-and-castle approach to network security, it can be implemented by practitioners using commercial off-the-shelf technology. And it's built upon current cyber best practices and sound cyber hygiene, such as vulnerability management, proactive patching and continuous monitoring, already implemented in most organizations today.

Tenable with its solution plays a critical role in enabling the Zero Trust journey for organizations.

Bernard says, “Tenable solutions are a critical part of a zero-trust architecture. Providing foundational visibility into the modern network, vulnerability prioritization to stop attacks before they happen, and Active Directory (AD) security, so organizations can stop lateral movement and prevent attacks before they happen.”

Managing the cloud security posture

With increased cloud deployments, it becomes quite critical to be on top of the vulnerabilities, across the assets in the cloud. According to Gartner, “Nearly all successful attacks on cloud services are the result of misconfiguration, mismanagement, and mistakes.” Another important factor is that the window between when a vulnerability is discovered and when it is exploited continues to shrink. Attackers typically start scanning for vulnerabilities within 15 minutes of a CVE being announced. Organizations need to be able to act quickly and determine if any critical assets are at risk.

“Tenable Cloud Security (formerly Tenable.cs) enables security teams to continuously assess the security posture of their cloud environments by maintaining a current inventory of cloud assets for proactive analysis whenever a new vulnerability is published without a user having to take any actions. With the introduction of Tenable Cloud Security Agentless Assessment paired with Tenable Cloud Security Live Results, Tenable helps organizations not only remediate vulnerabilities faster but also prevent threats like zero-days from being exploited,” says Bernard.

The SMB Focus

Tenable offers Nessus, a solution for vulnerability scanning that is used by many SMB organizations worldwide to improve their cybersecurity posture.

Bernard says, “From the beginning, we've worked hand-inhand with the security community. We continuously optimize Nessus based on community feedback to make it the most accurate and comprehensive vulnerability assessment solution in the market. Today, Nessus is trusted by tens of thousands of organizations worldwide as one of the most widely deployed security technologies on the planet - and the gold standard for vulnerability assessment.”

Leveraging Nessus for identifying and assessing vulnerabilities can significantly empower and improve even a one or two-person IT security department, positively impacting the cybersecurity posture for a small and midsize business (SMB) from the second it's implemented.

Prefigured templates make it simple to conduct point-in-time assessments across an unlimited number of IT assets. Nessus enables SMB Security Admins to run custom scans that can meet the organization’s unique needs and achieve full visibility of their network. Reports can be modeled as users see fit to focus on vulnerability type, host, asset, or plugin. This capability is ideal for SMB security admins that know they have specific vulnerabilities in legacy systems or expect a particular type of cyberattack. With Nessus’ Automated Live Results interface offline vulnerability assessments take place every time a plugin is updated, which can help alert SMB security admins to the possibility of weaknesses before they conduct their next scan.

Empowering the SOC

Operating in shifts around the clock, Security Operations Center (SOC) teams strive to prevent, detect and respond to cybersecurity threats and incidents. Tenable One can help SOCs get ahead of the game enabling them to be more agile and strategic in their approach to threats.

“The intelligence provided by the platform allows SOCs to anticipate threats and prioritize efforts to prevent attacks in the first instance. With the actionable metrics SOCs can also show the value of their proactive security efforts as well as save time, improve investment decisions, support cyber insurance initiatives, and drive improvement over time — all while tangibly reducing risk to the organization,” says Bernard.

The growth outlook

For Tenable, the opportunity in the region is sizeable as organizations gear up to make increased cybersecurity investments to reinforce their cybersecurity posture.

“It’s an exciting time in Dubai as the region recovers post Covid, with the UAE economy expanding strongly. Organizations are looking to invest in technology that will help them capitalize on opportunities and deliver increased functionality. Given that the attack surface is continually expanding and changing, we’re evolving too. We’re listening to our customers and developing solutions that help them understand and address their business risk.”

An increasing number of Businesses understand how critical it is to be invested in the right solutions that can help visibility across their OT and IT environments. Preventing malicious and sophisticated cyber-attacks requires full visibility into all assets and exposures, extensive context into potential security threats, and clear metrics to objectively measure cyber risk, and Tenable with its solutions is well positioned to address this.

TOWARDS CYBER DISCIPLINE

Morey Haber, Chief Security Officer, BeyondTrust says that Technology alone cannot provide the resilience organizations need but rather the basic cyber security disciplines used to form a solid cyber security foundation

What are the key threats on the cybersecurity landscape as far as Businesses are concerned?

In our 2023 predictions, we laid out several threats to organizations, but I’d like to focus on two.

Firstly, I think we can expect a new round of attack vectors that target and successfully bypass multifactor authentication strategies. Push notifications, and other techniques for MFA will be exploited, just like SMS. Organizations should expect to see the foundation of MFA eroded by exploit techniques that compromise MFA integrity and require a push to MFA solutions that use biometrics or FIDO-2 compliant technologies.

Second, attackers will lean more on their powers of persuasion than on their malware kits as they step up social engineering attacks in the cloud. A single fake social media profile, leveraged in the right way, can allow a threat actor to gain employment or impersonate a trusted vendor. This trend will call for more rigorous background checks and communications that rely on more than just a simple social media profile. Using open-source intelligence (OSINT) threat actors will exploit social media to trick unsuspecting victims. Suitably anonymized, the threat actor will persuade victim after victim to divulge secrets or act in other ways contrary to their interest or that of their employer.

The Lapsus$ group used social media to “become” an employee and then spoof access by calling a support helpdesk. The lack of experience can make almost anyone a successful hacker with just persuasion and persistence.

What are some of the best practices to build cyber resilience in the era of hy-

brid workforces and increased cloud deployments?

The best practices should focus on cyber security basics. Technology alone cannot provide the resilience organizations need but rather the basic cyber security disciplines used to form a solid cyber security foundation. For example, how does your business perform vulnerability, patch, configuration, log, identity, and privileged access management today? Now consider your hybrid work force, dissolving perimeter, and identity attack vectors. How do you take traditional security disciplines and accomplish the same goals with a hybrid workforce? Once these are mapped to your new environment, access controls, and monitoring capabilities, you can select vendors and technology to provide resilience.

It is a huge mistake to start with modern technology to build cyber resilience when the business use cases are not well defined and the architecture for a hybrid workforce is not understood. Once you understand the model, apply security basics, and the rest will develop for your strategy.

How much of AI and automation is now key to successful detection and remediation in different cybersecurity solutions?

We are in the infancy of AI becoming a successful detection and remediation tool within cyber security solutions. However, automation in contrast is quite mature for MDR, XDR, and SOAR solutions. If you were to plot these on a Ven diagram, automation would be relatively complete and AI would be small with very little (if any) overlap between the two. The industry has not just matured enough for the two to co-exist, but in my opinion, this will occur in a very short period of time.

Are SOCs in the enterprise or delivered via managed services a necessity?

A traditional Security Operations Center (SOC) is no longer a necessity in any enterprise or business. While some verticals would argue a centralized security model is necessary to monitor and manage threats, many organizations have taken this concept and adapted it to accommodate remote workers, managed services, and even blended the requirements with cloud, network, and other operations teams to manage environments holistically. Breaking security into a separate dedicated silo, via a physical location, in my opinion has just lost its relevance in a work from anywhere world.

EVOLVING CYBER RESILIENCE

A diversity of cloud deployments along with on-prem deployments, a merging of IT and OT networks along with accelerated digital transformation is challenging the cyber security readiness of organizations. This calls for a holistic cybersecurity strategy that employs best practices and solutions incorporating advances technologies

The cyber threat landscape in the present-day scenario is quite varied and ranges from phishing and social engineering attacks to ransomware, Advanced Persistent Threats, DDoS, malware, and several more types. With digital transformation initiatives, the attack surface has further broadened with more devices connected. The increased IoT deployments in critical sectors for instance means a need for a comprehensive cybersecurity approach spanning OT and IT networks. Supply chain attacks against third-party vendors or suppliers that can compromise the security of a company's network or data are also increasingly common.

Ezzeldin Hussein, Sales Engineer Director, SentinelOne says, “The cybersecurity landscape is constantly evolving, and new threats can emerge at any time. Therefore, businesses need to be vigilant and proactive in their cybersecurity practices to stay ahead of potential threats.”

Businesses today face various cybersecurity threats that are increasing in frequency as well as sophistication. Work from any-

where is here to stay, potentially exposing more vulnerabilities.

According to Mohammed Al-Moneer, Regional Sr. Director, META at Infoblox, “SaaS, multi-cloud, SD-WAN and IoT are on the rise, substantially increasing an organizations’ exposure to risk. Today threat actors are increasingly using DNS (that is, the Domain Name System) for malware command-and-control (C2), data exfiltration, and Web traffic re- direction. Phishing, malware, and ransomware attacks routinely exploit techniques like DNS beaconing to communicate with C2 servers and DNS tunneling to covertly deliver pay- loads and exfiltrate data from enterprise networks. Common DNS attacks include DNS spoofing and DNS hijacking.”

There are so many attacks vectors to account for but traditional threats such as through email are quite potent as well.

Christopher Budd, Senior Manager, Threat research at Sophos says, “For most Businesses the key threat remains ransomware. Another threat that businesses should be aware of is business email compromise (BEC). While not as well-known as ransomware this is another major threat that has been impacting businesses over the past few years.”

Cyber Resilience

Building a cyber resilience strategy needs to be a priority to have a robust infrastructure. Some of the key steps towards enabling cyber resilience in the era of hybrid workforces and increased cloud deployments require a comprehensive and multi-layered approach.

Giuseppe Brizio, CISO EMEA, Qualys says, “ First of all, let’s define Cyber resilience, as a combination of people, processes, organization and technologies aimed to protect businesses from cyber-attacks. Cyber resilience requires capabilities to prevent, detect, and respond to cyber-attacks through the creation of secure and resilient IT infrastructure in order to enable organizations to minimize their cyber risk and related operational and financial damages. Cyber resilience is essential for businesses of all sizes and industries. With the ever-increasing sophistication of cyber-attacks, businesses must be proactive about protecting their digital assets. Cyber resilience helps organizations build a culture of security that focuses on prevention and responding quickly and efficiently to cyber threats.”

He elaborates that regular security assessments, employees training on cybersecurity awareness, developing an Incident Response capability and a Business Continuity Plan to ensure business operations can continue during a cyber-attack by defining alternative ways of operating and establishing communication protocols are key to ensuring cyber resilience.

Ezzeldin says, “Building cyber resilience in the era of hybrid workforces and increased cloud deployments requires a combination of people, processes, and technology. By doing so, busi-

nesses can reduce their risk of cyber-attacks and ensure they are prepared to respond to any incidents that may occur.”

He outlines the following best practises for building cyber resilience:

• Implementing a zero-trust architecture: This approach assumes that all users, devices, and network traffic are untrusted, and requires authentication and authorization for all access to resources. This can help protect against insider threats, external attacks, and lateral movement within the network.

• Conducting regular security training: Regular security training for employees can help raise awareness of cyber threats and promote good cybersecurity practices like strong passwords, identifying phishing emails, and reporting suspicious activity.

• Using multi-factor authentication (MFA): MFA adds an additional layer of security beyond a password by requiring users to provide a second form of authentication, such as a fingerprint or one-time passcode. This can help prevent unauthorized access to systems and data.

• Monitoring network activity: Continuous monitoring of network activity can help identify and respond to potential threats in real-time, enabling businesses to quickly contain and remediate any incidents.

• Keeping software up-to-date: Regularly updating software and patching vulnerabilities can help prevent attackers from exploiting known security weaknesses.

• Conducting regular backups: Regular backups of critical data can help businesses recover from a ransomware attack or other data loss incident.

• Evaluating third-party vendors: When working with third-party vendors, businesses should conduct due diligence to ensure they have adequate security measures in place to protect against potential supply chain attacks.

• Establishing incident response plans: Having a well-defined

incident response plan helps businesses respond quickly and effectively to cyber-attacks, minimizing the impact on operations and data.

Christopher from Sophos offers an interesting view. He says that a key best practice in today’s hybrid environment is to think of your “network” as being not just the office network but all the systems that connect to your network (like remote workers) and your network connects to (like cloud services).

“When you look at your business that way, then approaches like zero trust deployment become more obvious and make sense. This perspective is critical because it reflects the reality of today’s environments.”

Factoring in a Zero-Trust approach is key today to building a holistic cybersecurity strategy but that alone isn’t enough.

Mohammed Al-Moneer, Regional Sr. Director, META at Infoblox says, “Building cyber resilience in the era of hybrid workforces and increased cloud deployments requires several best practic-

es. These include implementing a Zero-Trust security model, regularly updating and patching software, providing employee security training, and conducting regular security assessments. DNS security and AI can also play a role in protecting against cyber threats in these environments by providing continuous monitoring, automated threat detection and response, and network segmentation to limit the impact of any successful attacks. By adopting these best practices and leveraging advanced technologies, businesses can better protect their networks and data from cyber threats in the era of hybrid workforces and increased cloud deployments.”

Enterprise Readiness

There is a growing awareness among enterprises in the region to enhance their overall cybersecurity posture, especially ensuring that their digital transformation initiatives and cloud acceleration do not leave some exposed vulnerabilities.

Mohammed of Infoblox says, “We have observed an increasing awareness among customers in the region about the need to invest in the enterprise segment to enhance their cybersecurity defences. As an AI-powered network security solutions provider, Infoblox is committed to helping customers in the region build a strong cybersecurity posture by providing comprehensive visibility, control, and protection for their networks.”

Ezzeldin opines that there is a popular view that endpoint security is the first line of defense which therefore continues to see investment. Further, customers are more comfortable with easy-to-deploy and manage solutions.

He elaborates, “We have seen a particular focus on investing in endpoint security solutions, as this is often the first line of defence against cyber-attacks. Customers are also increasingly interested in AI-powered identity and cloud security solutions, which help detect and respond to threats in real-time, without human intervention. Along with awareness, we have also seen strong demand for solutions that are easy to deploy and manage, particularly as many organizations in the region are still developing their cybersecurity capabilities. SentinelOne's single-agent platform has been well received in this regard, as it can provide comprehensive security platform with minimal impact on IT resources.”

AI and Automation

AI and automation are now key to successful detection and remediation in different cybersecurity solutions.

Mike Fraser, VP & Field CTO of DevSecOps, Sophos says, “AI and automation are completely key to the success of detection and remediation in cybersecurity solutions like Extended Detection and Response (XDR), Managed Detection and Response (MDR), Cloud Detection and Response (CDR), etc. With detections, it is imperative to have AI to help with identifying active threats, adapting to adversaries, and keeping false positives to

a minimum. Automation is vital for both detections and remediation to enable faster time to detection and then being able to remediate through response actions mapped to the detection.

AI algorithms can help ingest large volumes of data and identify threats in real time and hence help take decisions quicker, well in time before potential damage is done.

Ezzeldin says, “AI and automation are vital to successful detection and remediation in cybersecurity solutions. AI and machine learning algorithms can analyze large volumes of data and identify patterns that may indicate a cyber-attack or security threat. This can help security teams identify and respond to potential threats in real-time before they can cause significant damage. In addition to detection, AI and automation can also play a critical role in remediation. AI and automation can also help organizations improve their overall cybersecurity posture by providing continuous monitoring and threat intelligence.”

SOC in the Enterprise

SOCs (Security operations center) play a vital role in providing a comprehensive view of the cybersecurity landscape and help coordinate a unified response to threats in the quickest time possible using all IT security solutions, tools, and practices. A SOC is key to enhancing the overall cybersecurity posture of an organization. They are either in-house or delivered via managed services from a third-party solutions provider.

Mike says, “SOCs are a necessity because they provide a security operations team that proactively detects, prevents, and responds

to security threats. An in-house SOC in an enterprise gives more control and governance with the security operations team being more familiar with the internal needs of the organization. Even so, an enterprise’s in-house SOC can benefit from a SOC delivered through Managed Detection and Response (MDR). MDR gives enterprises access to specialized talent, experience, and products. For SMB, MDR is an absolute necessity because the economics of building an in-house SOC would not make sense and they can pay for services that give them access to a team of security experts without having to hire full-time staff.”

Muneer concurs that a SOC is a necessity for enterprises to detect, respond, and remediate cybersecurity threats effectively.

“SOCs can help businesses identify potential threats in real time, investigate and remediate security incidents, and provide continuous monitoring and threat intelligence to enhance their cybersecurity resilience. DNS security plays a crucial role in supporting SOCs by providing visibility and control over DNS traffic, which is often used as a vector for cyber attacks. Additionally, DNS security can integrate with SOCs to provide automated incident response and real-time threat intelligence, enabling businesses to respond more efficiently to potential threats.”

From Zero Trust to AI, cybersecurity is employing advanced approaches and technologies to ensure a credible cybersecurity posture. Seen in the larger context, evolving true cyber resilience will require organizations to look at a holistic approach to cybersecurity and ensure they are covering all bases as far as vulnerabilities go, across their expanding and diverse IT and OT infrastructure.

A MULTI-FACETED APPROACH

Muhammad El-Bassiony, Security and Cloud Solutions Presales Manager, Mindware discusses best practices and trends in cybersecurity

• Faster response times: AI and automation can automate the detection and response to cybersecurity incidents, reducing the time it takes to identify and remediate security incidents.

• Enhanced accuracy: AI and automation can reduce the risk of human error, which can be a significant contributor to cybersecurity incidents. They can also analyze data more accurately and identify patterns that might be difficult for human analysts to detect.

• Improved efficiency: AI and automation can automate routine cybersecurity tasks, such as vulnerability scanning and patch management, freeing up security teams to focus on more complex security issues.

Are SOCs in the enterprise or delivered via managed services a necessity?

such as the size of the organization, the complexity of its IT environment, its risk tolerance, and its budget. However, regardless of the delivery model, having a SOC in place is essential for organizations that want to ensure the security and integrity of their digital assets.

From your solutions point of view, how do you see the awareness of the region's customers and the need to invest in the enterprise segment?

Based on industry reports and trends, it is clear that there is growing awareness among Middle East customers of the need to invest in the enterprise segment.

How much of AI and automation is now key to successful detection and remediation in different cybersecurity solutions?

AI and automation are increasingly essential to successful detection and remediation in different cybersecurity solutions. As cyber threats become more sophisticated and organizations face an ever-growing number of attacks, AI and automation can help improve threat detection, response times, accuracy, and efficiency. They offer several advantages, including:

• Improved threat detection: AI and automation can analyze vast amounts of data in real-time, allowing security teams to quickly identify potential threats and respond to them before they cause significant damage.

SOCs (Security Operations Centers) can be considered a necessity for organizations that prioritize cybersecurity and want to ensure the protection of their sensitive data and assets. SOCs are designed to monitor and respond to security incidents in real-time, allowing organizations to quickly detect and mitigate threats before they can cause significant damage.

SOCs can be delivered via managed services, which means that the SOC is outsourced to a third-party provider who manages the security operations on behalf of the organization. Managed SOC services are often more cost-effective and efficient than building and operating an in-house SOC, which requires significant investment in resources, staffing, and technology.

Whether an organization should invest in an in-house SOC or use managed SOC services depends on a variety of factors,

The region has seen significant growth in the use of digital technologies and the adoption of cloud-based services in recent years, which has increased the need for robust cybersecurity measures and solutions. Additionally, the COVID-19 pandemic has accelerated digital transformation initiatives and highlighted the importance of secure and reliable IT infrastructure.

Furthermore, many regional governments and regulatory bodies have introduced cybersecurity regulations and standards, which has also driven awareness and investment in the enterprise segment. For example, the UAE's National Cybersecurity Strategy 2019-2023 aims to enhance the cybersecurity of critical infrastructure and promote a culture of cybersecurity across the country.

In conclusion, the growing adoption of digital technologies, the impact of the COVID-19 pandemic, and the introduction of cybersecurity regulations are all factors driving awareness and investment in the enterprise segment in the ME region.

A PROACTIVE APPROACH

Biju Unni, Vice President at Cloud Box Technologies discusses how the key to effective cybersecurity is a proactive approach that leverages the latest technologies and methodologies

What are the key threats on the cybersecurity landscape as far as Businesses are concerned?

We have to acknowledge that the threat landscape facing businesses is constantly evolving. Some of the most significant threats include phishing attacks, ransomware, insider threats, and supply chain attacks, are the ones that require the most attention and immediate action.

Phishing attacks remain a significant threat to businesses as attackers employ social engineering tactics to drive people into clicking malicious links or spilling sensitive information. Ransomware attacks have reached an all-time high with the trend increasing at a higher rate since the early days of the pandemic. Insider threats are a standard threat faced by any organization of any size. Finally, supply chain attacks can be challenging to detect and mitigate, as attackers target third-party vendors and suppliers to gain access to their clients' networks.

Ultimately, the key to effective cybersecurity is a proactive approach that leverages the latest technologies and methodologies.

What are some of the best practices to build cyber resilience?

The term cyber resilience is in its essence the most effective cybersecurity tool at your disposal and enables your business to proactively stay secure. At Cloud Box Technologies we recommend a few practices to ensure your business is cyber resilient. Adopting a Zero Trust architecture, implementing strong authentication and access controls, using encryption and data protection technologies, implementing a continuous monitoring and threat detection protocol, conducting regular security awareness training and regularly testing and updating your security measures.

How is the awareness of the region's enterprise customers regarding the need to invest in cybersecurity solutions?

We have observed that the awareness of the region's customers regarding the need to invest in cybersecurity has increased significantly in recent years. This is due to the increased adoption of digital technologies. Customers are now more aware of the potential risks and vulnerabilities that come with digital transformation and the need to invest in robust cybersecurity solutions to protect their valuable assets. This has led to increased demand for cybersecurity services and solutions, particularly in the enterprise segment.

How much of AI and automation is now key to successful detection and remediation in different cybersecurity solutions?

AI and automation technologies can help detect and respond to threats in real-time, providing faster and more accurate incident response. For example, machine learning algorithms can analyze vast amounts of data and identify patterns and anomalies that may indicate a potential security incident. However, it's important to note that AI and automation are not a silver bullet. They should be used in conjunction with human expertise and analysis to ensure that threats are properly identified and remediated.

Are SOCs a necessity for the enterprise segment?

SOC provides real-time monitoring and analysis of an organization's security environment, enabling faster detection and response to security incidents. This proactive approach to security can help minimize the potential impact of a security incident. A company with sufficient resources may choose to build their own SOC to have complete control over their

security operations and leverage in-house expertise. On the other hand, partnering with an MSSP can provide access to a broader range of security expertise and technologies, as well as cost savings and scalability. At Cloud Box Technologies, we offer both SOC building and managed SOC services to meet our clients' diverse needs. We work closely with our clients to understand their unique requirements and help them determine the best approach to SOC deployment. Our SOC team leverages the latest technologies and industry best practices to provide our clients with real-time monitoring, analysis, and incident response capabilities, ensuring that they are well-protected against today's evolving cyber threats.

GETTING YOUR CYBERSECURITY APPROACH RIGHT

Anoop Kumar, Information Security Manager at Al Nisr Publishing shares his views about the transforming cybersecurity landscape

In the context of the learnings from the pandemic and thereafter, what are the best approaches to comprehensive cybersecurity for organizations?

It starts with elementary technical controls followed by the human, social, cultural, and management factors that apply to the identification, counteraction, and correction of cybersecurity weaknesses. Continuous authentication and authorization to ensure user identity is managed adequately, as they are the modern perimeter to any organization, educate all involved users periodically and finally continuously assess the technology and controls.

Are budgetary constraints a concern when investing in cybersecurity?

It is obvious that most organizations face budgetary constraints due to the business impact of the pandemic, but they don’t have any option to ignore cyber security control investments, as the working model is hybrid still. However, they must look for cost-effective alternative controls to sustain through this difficult period.

Is it challenging to manage cybersecurity in a multi-cloud environment?

The fact is that with the multi-cloud growing in complexity, with a lack of cross-platform visibility and numerous regulatory standards that compete for IT’s focus in a multi-cloud environment, enterprise leaders see security as a major challenge. The most significant problem in a multi-cloud model is the consistent application of controls, the expertise required, and of course the budget. Also note, the understanding of data, inventory of data, ownership of data, and of course the management of the same is becoming complex.

How serious are threats from emerging tech like chat GPT for instance?

Chat GPT, like other AI language models, is intended to reject inappropriate user requests, it can potentially be used

by hackers to circumvent any language deficiencies of their phishing content, by generating highly convincing phishing messages or even use for OWASP kind of exploitations in an easy and concise manner. To sustain from such modern threats, organizations must not spend too much money and effort to sustain. Instead, stick to basics and keep it simple and continue the security practices, culture, and journey with affordable controls.

How important is security automation?

We must say, security automation has become an important part of IT operations, because it is proven to perform a number of tasks faster and more effectively / efficiently than people. In addition, with security staff becoming more and more difficult to find, affordability of such resources, security automation removes the

need for human intervention in many resource-intensive tasks.

How important is driving awareness and educating users about cyber security?

Attackers are shifting gears, and with cyber-attacks steadily on the rise and increasing in sophistication, it is a must. Business leaders responsible for protecting their organizations against threats must constantly evaluate technologies that can enhance security across the board. Elementary controls like Firewalls, antivirus software, and email security that exist within an organization’s IT ecosystem must be validated and assessed periodically.

While these technologies no doubt provide much-needed defense against cyber threats, there is one element that businesses often overlook we must say is security awareness training. In addition, with human error being a major contributing cause in 95% of all data breaches, the importance of security awareness training cannot be ignored. That proves this statement is valid “If you protect people by giving adequate awareness and training, automatically the organization is secured.’

Is managed security a good option for Businesses?

Attackers are shifting gears at fast pace and with cyberattacks occurring more frequently with high sophistication, a Managed Security strategy is necessary to counter the attacks. Cybersecurity in general is the practice of protecting networks, devices, and programs from any type of cyberattack. It is the best defense against cyberattacks and is becoming a necessity for all types of businesses. However, organizations must vary while selecting the right third party and be conscious about OPEX budget.

A BALANCED APPROACH TO CYBERSECURITY

Bilal Lodhia, IT Security Manager at Gargash shares his perspectives on the evolving cybersecurity landscape

What are the best approaches to comprehensive cybersecurity for organizations? Has the pandemic impacted the approach?

I think the pandemic didn’t really change our approach to Cybersecurity so much but it may have forced businesses to embrace the value that Cybersecurity brings. Situations like Business outages due to DDoS attacks for instance further exacerbate revenue generation, when everyone is working remotely. Ultimately, the best approach to security is wherein IT verticals like Security, Governance, and Operations are aligned and integrated very well. Having a reasonable security framework like NIST 800-53 or CIS v8 combined with the technical delivery in an auditable manner is what allows Cybersecurity programs to flourish.

Do cybersecurity investments face budget constraints?

Budgets are an obvious constraint for any function of an organization. What’s unique to Cybersecurity is the fact that there is a strong correlation with risk. Where do risks love to go? ROAM. Budgets can restrict delivery but, in that event, the risks should be transferred to business until the reduction/ mitigation can be afforded. This may trigger an immediate allocation of an extraordinary budget or out-of-cycle budget, which can then be used to procure the solutions to reduce or mitigate the Cyber risks.

Is it challenging to manage cybersecurity in a multi-cloud environment?

It really comes down to which angle you look at. For example, from a purely technical angle, it can be overwhelming to maintain knowledge in-house for multiple clouds as well as on-prem. Outsourcing at the right boundaries while having sophisticated agreements, a high level of vendor management, and clear objectives greatly help. That then allows Cybersecurity

SOPs to be followed as defined by you, the customer. Let’s assume then that a CVE is released, which then triggers for on-prem, Cloud 1, and Cloud 2, and that evidence are to be submitted for mitigation/reduction. Additionally, SIEM logging evidence is submitted, SOAR configuration evidence is submitted, and so are threat hunting reports for the disclosed CVE. Maybe sprinkle in some IOCs for the TIP.

How serious are threats from emerging tech like chat GPT for instance?

ChatGPT isn’t necessarily an emerging threat, it just makes it easier for pre-existing untapped threats to potentially be exploited by a larger group of belligerents. Malware is a piece of software, and if the methodology needs to change to make the malware successful, then that development will keep continuing. Spectre vulnerabilities are a perfect example of this continuous cat and mouse. At the end of the day, having malware in one’s hands doesn’t make one an expert hacker; it’s being able to breach (which involves multiple stages as outlined by MITRE) that makes the hacker. Cybersecurity teams’ jobs don’t change because of disruptive technology, the delivery of security is a persistent, absolute objective.

How essential is security automation?

Automation can greatly help speed up the filtering for noise. Mechanical activities like extracting PCAPs, uploading to VirusTotal, and Sandboxing are super mechanical. Even when logic comes into play, we can further automate memory dumps, verification of execution of code versus network traffic and process ownership chains, as well as the status of monitoring applications. This can greatly speed up how much value a SOC can deliver. But we can also automate other elements. Hardening against CIS benchmarks using Infrastruc-

ture-as-Code, automating reporting elements for SOPs and Policies, and even going so far as having a Policy-as-Code implementation for declarative operations and security, it all adds value by removing human errors and drastically reducing turnaround time, all while increasing availability to around-the-clock.

How important is driving awareness and educating users about cyber security?

Humans are always the weakest link in the security chain. Security memes on the Internet are almost entirely dominated by this one point. Awareness training and testing are nice, but what really needs to be driven home isn’t that “2FA is necessary for work.” It should be that “2FA is necessary FOR ME.” Having a personal Gmail compromised which is then used to get in touch with work connections, creates a need that can cause a lot of damage, it’s not unheard of. Cybersecurity needs to be taught at all levels. If an individual has good cyber hygiene for themselves, we’ll have cyber hygiene in the workplace as well.

SME Tech Innovation Summit & Awards

highlights key themes of digital transformation

Awards of recognition for IT leaders and companies were presented in a fitting finale at the event

The 2023 edition of the SME Tech Innovation Summit & Awards held at Hotel Conrad Dubai on 16th February saw an impressive gathering of mid and senior-level IT and Business heads from UAE-based Businesses in attendance. The event was organized by Leap Media Solutions, publishers of CXO DX, a leading publication for the CXO community in the region, and organizers of large format industry events like Future Workspace Summit & Awards in the UAE and Saudi Arabia.

SME Tech Innovation Summit & Awards focused on the objective of facilitating dialogues and a better understanding of as many Technologies related transformation aspects that can fuel growth for SME companies.

The day’s journey unfolded through various sessions of insightful keynotes and panel discussions and culminated with a spectacular awards ceremony including recognitions for high achievers from the Tech industry of the region.

There were several insightful keynote speakers throughout the day

The first keynote speaker of the day Charbel Zreiby, Director, Channel Presales, Dell Technologies spoke on Accelerate Intelli-

gent Outcomes everywhere with AI. The second keynote speaker was Massimo Angelucci, Senior Solution Architect at Lenovo who spoke about ‘The Next Digital Transformation’. The next speaker Harsh Thakkar, Distribution Sales Manager at VeeaM Software spoke on how to ‘Keep your Business running with Veeam Data Protection Platform’.

Samer Semaan, Channel & Alliances Manager, Middle East & Emerging Africa, Pure Storage discussed ‘Pure Storage’s Pillars of Digital Transformation’ in his presentation. Following his address, the next speaker, Farid Najjar, Area Distribution Lead at NetApp spoke on ‘How to manage applications and data everywhere across hybrid multi-cloud environments.’

Aaamir M. Sheikh, Channel Lead GCC at Freshworks spoke about ‘Key CX Trends’ in his keynote address and he was followed by Rejeesh Kumar, Director of Technology & Services at Mindfire Technologies who spoke on ‘Why Managed Security Services is crucial for effective cybersecurity’.

The first panel discussion of the day highlighted how several Businesses in the UAE have been able to innovate and introduce new business models using digital technologies and channels, thereby broadening their customer and market reach. The discussion brought into the spotlight ‘How going digital helps innovation and raises competitiveness’.

The distinguished panelists of this session included:

• Nader Amiri, Founder & COO, elGrocer

• Neelam Keswani, General Manager-UAE, PayTabs

• Anuvrat Gaurav, Regional Country Director, SellAnyCar.com

• Omair Siddiqui, Regional Commercial Director of Grocery, Careem

• Charbel Zreiby, Data Center Channel at Dell Technologies Middle East, Russia, Turkey & Africa (MERAT)

• Samer Semaan, Channel Manager Middle East, Pure Storage

The second panel discussed the topic ‘Optimising Cloud Transformation Strategies for the Mid-Market’ and brought to the fore different views about what next companies need to do and what they shouldn’t in terms of their cloud strategies.

The eminent panelists of the second session included:

• Santhosh John Thomas, Head of IT, African+ Eastern (NE) BVI Ltd

• George Akhras, CIO at AMSI

• Neeraj Giroti, Senior Manager IT at Century Financial

• Sayed Habib, General Manager of Business Development at Danube Home

• Harsh Thakkar, Distribution Sales Manager, Veeam Software

• Farid Najjar, Area Distribution Lead, NetApp

• Wael Mustafa, Country Manager for the Gulf Region at Lenovo

The topic of the third-panel discussion was ‘Optimising an omnichannel CX experience’, wherein the panelists from different verticals had interesting perspectives to offer on how Omnichannel CX is today quite integral for Businesses and organizations to have an effective reach out to their customers/clients/consumers or users.

The expert panelists of this session included:

• Sagarika Nayak, Regional Customer Success Manager, GMG

• Kowshik Bhattacharjee, Head- Service Excellence Medcare Hospitals & Medical Centres

• Sun & Sand Sports Sanjeev Nichani, Head CRM & Loyalty, Apparel Group

• Abdulrahman Khaiwi, Head of Information Technology, Emirates National Schools

• Akhil Desai, Head – Customer Experience & Service, Udrive

• Shreyas Nandennavar, Head of Partnerships and Strategic Alliances – MEA, Freshworks

The fourth panel of the day held an exhaustive discussion on the topic

‘Role of technology in making Corporate TAX, less-TAXING!’. The session was powered by Tally and was moderated by Priyesh Sethi, Senior Marketing Manager of MENA at Tally. The eminent panelists included:

• CA Jai Prakash Agarwal, Managing Partner, Smart InfoPark Technologies

• CA Harikishan Rankawat, Managing Partner –RNG Auditors and Vice Chairman – ICAI Dubai Chapter

• CA Atul Gupta, Board Member IFAC and XBRL International, and Chairman GST Committee at FII (Federation of Indian Industry), President ICAI (2020-21)

• Hany Elnaggar, CA, M.Sc, Group Head of Direct & International Tax (ME&GCC)

The final panel discussion of the day focused on ‘Managing cybersecurity challenges in a post covid hybrid work era.’ Anoop Kumar, Information Security Manager from Gulf News brought his industry expertise into making the session quite insightful along with the other cybersecurity experts who were part of the panel. The distingushed panelists of this session included:

• Shahab ud din, Group IT Infrastructure & Security Manager, Al Ittihad Investments

• Bilal Lodhia, Enterprise IT Security Manager at Daman Investments,

• Shoeb Pawaskar, Head of Cybersecurity and compliance in Ducab

• Jishant Karunakaran, Founder and CEO of Mindfire Technologies

A spectacular Awards ceremony brought up the finale of the day’s agenda. The Awards recognized IT and cybersecurity leaders from different verticals as well as CX experts from various industries. The recognitions were for the outstanding contribution in their respective roles to the continued pursuit of digital transformation. A select number of companies were recognized for outstanding digital transformation from across key sectors.

Awards were also presented to leading vendors, distributors, and SIs across different categories who provide solutions that are helping drive technology transformation across the SME sector.

SME TECH INNOVATION AWARDS 2023 WINNERS

TECHNOLOGY TRANSFORMER OF THE YEAR

CATEGORY WINNER NAMES COMPANY NAME

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year Mustansir Aziz

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

SME Technology Transformer of the Year

SME Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Technology Transformer of the Year

Ramakrishnan Natarajan

Sageer NK

Sanil Manoly

Santhosh John Thomas

Shijin Prasad

Shon Philip

Tamer Hamed

Umesh Moolchandani

Vimal Rama Chandran

CYBERSECURITY TRANSFORMER OF THE YEAR

CATEGORY

Cybersecurity Transformer of the Year

Cybersecurity Transformer of the Year

Cybersecurity Transformer of the Year

Cybersecurity Transformer of the Year

Cybersecurity Transformer of the Year

Hospitals

Hotels Worldwide

National Investment

INTERNATIONAL GROUP

Healthcare Group

FZCO

Modern Hospital.

Modern Hospital.

Group

Emirates Hospitals Group

Emirates Hospitals Group

University of Wollongong

African + Eastern

Cure Medical Centers & Pharmacy

Concorde Corodex Group

DUCAB

Bin Dasmal Group

HLB HAMT

WINNER NAMES COMPANY NAME

Abbas Sabuwala

Bilal Lodhia

Jayesh Nandanan

DMCC

Daman Investments

Mediclinic Middle East

Rami Mardini Robodin

Shahab ud din

Ittihad International Investment

» SME TECH INNOVATION AWARDS 2023 WINNERS

TECHNOLOGY ACCELERATOR OF THE

Technology

Technology

Technology

Technology

Technology

Technology

OUTSTANDING TECHNOLOGY TRANSFORMATION

» SME TECH INNOVATION AWARDS 2023 WINNERS

WINNERS OF THE VENDOR AWARDS

CATEGORY WINNER

Digital Transformation Vendor of the Year

Backup and Recovery Solutions Vendor of the Year

Multi-Cloud Data Management Vendor of the Year

Cyber Protection Vendor of the Year

Cloud Networking Vendor of the Year

Collaboration Solutions Hardware Vendor of the Year

Storage Solutions Vendor of the Year

Storage Hardware Vendor of the Yea

Digital Workspace Solutions Vendor of the Year

Cloud Application Security Vendor of the Year

Datacentre Infrastructure Vendor of the Year

Cybersecurity Vendor of the Year

Leaders In Driving Compliance Awareness

WINNERS OF THE DISTRIBUTOR AWARDS

CATEGORY

Regional VAD of the Year

Digital Transformation VAD of the Year

Storage VAD of the Year

Networking Distributor of the Year

Information Security VAD of the Year

Cloud Solutions VAD of the Year

Best Security Services by A Distributor

Collaboration Solutions Distributor of the Year

WINNERS OF THE SI AWARDS

CATEGORY

Digital Transformation Integrator of the Year

Cybersecurity Solutions Provider of the Year

Infrastructure Solutions Integrator of the Year

Emerging SI of the Year

Dell Technologies

Veeam Software

NetApp

Acronis

D-Link

Logitech

Pure Storage

Toshiba

Freshworks

Barracuda Networks

Lenovo

Sophos

Tally

WINNER

Ingram Micro

Mindware

VAD Technologies

Logicom

Bulwark Technologies

BPS

DigiGlass by Redington

NEWCOM

WINNER

Finesse

Mindfire Technologies

Cloud Box Technologies

DM World

FIVE GUIDELINES FOR TRUSTED GENERATIVE AI

Thierry Nicault, Area Vice President, Middle East and North Africa, Salesforce outlines a few tips on how to work with the transformative technology of Generatiive AI

Like all of our innovations, we are embedding ethical guardrails and guidance across our products to help customers innovate responsibly — and catch potential problems before they happen.

Given the tremendous opportunities and challenges emerging in this space, we’re building on our Trusted AI Principles with a new set of guidelines focused on the responsible development and implementation of generative AI.

We are still in the early days of this transformative technology, and these guidelines are very much a work in progress — but we’re committed to learning and iterating in partnership with others to find solutions.

Below are five guidelines we’re using to guide the development of trusted generative AI, here at Salesforce and beyond.

Accuracy: We need to deliver verifiable results that balance accuracy, precision, and recall in the models by enabling customers to train models on their own data. We should communicate when there is uncertainty about the veracity of the AI’s response and enable users to validate these responses. This can be done by citing sources, explainability of why the AI gave the responses it did (e.g., chain-of-thought prompts), highlighting areas to double-check (e.g., statistics, recommendations, dates), and creating guardrails that prevent some tasks from being fully automated (e.g., launch code into a production environment without a human review).

Safety: As with all of our AI models, we should make every effort to mitigate bias, toxicity, and harmful output by conducting bias, explainability, and robustness assessments, and red teaming. We must also protect the privacy of any personally identifying information (PII) present in the data used for training and create guardrails to prevent additional harm (e.g., force publishing code to a sandbox rather than automatically pushing to production).

Honesty: When collecting data to train and evaluate our models, we need to respect data provenance and ensure that we have consent to use data (e.g., open-source, user-provided). We must also be transparent that an AI has created content when it is autonomously delivered (e.g., chatbot response to a consumer, use of watermarks).

Empowerment: There are some cases where it is best to fully automate processes but there are other cases where AI should play a supporting role to the human — or where human judgment is required. We need to identify the appropriate balance to “supercharge” human capabilities and make these solutions accessible to all (e.g., generate ALT text to accompany images).

Sustainability: As we strive to create more accurate models, we should develop right-sized models where possible to reduce our carbon footprint. When it comes to AI models, larger doesn’t always mean better: In some instances, smaller, better-trained models outperform larger, more sparsely trained models.

THE ETHICS OF FACIAL RECOGNITION

Vito Fabbrizio, Managing Director of Biometric BU at HID Global discusses how facial recognition works and the best practises of implementing it

With recent advances in artificial intelligence, facial recognition is emerging as a powerful means of validating identity. People use it all the time to access their mobile phones, but acceptance hasn’t always extended beyond that personal use.

That’s due in part to concerns about potential misuse. Some people see Orwellian undertones in the notion of scores of databases full of facial scans. This points to the importance of facial recognition ethics, including discussions on how to measure and resolve disparities.

What Is Facial Recognition?

Biometric technologies are advancing rapidly, which means new modes of authenticating people are becoming more prevalent. Biometric facial recognition technology transforms images into numerical expressions, and computer algorithms make it possible to compare two images to see if they match.

The appropriate use of facial recognition technology depends on the prevailing culture, ethics, legislation and practices. With facial recognition still relatively untried — with no widely used or accepted regulations governing its use — security leaders will need to ensure they’re using the technology responsibly.

And they need to get moving on this soon. The market for facial recognition technology is expected to top $12.6 billion by 2028, up from $5 billion in 2021.

How Facial Recognition Works

As a form of biometric authentication, facial recognition depends on artificial intelligence (AI) to identify human faces in images or videos. This approach can yield several key advantages including:

• Proof of presence — know for sure who accessed what and when

• Nothing to carry or remember — ATM cards, PINs and passwords potentially become obsolete

• Reduced human intervention — facial recognition takes the burden off human operators, and steers toward contactless processes in the post-pandemic environment

AI plays a vital role in all of this, driving the high-volume data operations needed to scan and match faces at scale. This in and of itself has raised concern among privacy advocates and others who worry that automated algorithmic approaches to identity could potentially be misused.

The Importance of Ethical Facial Recognition

Bias is an inherent human trait. In fact, bias can be reflected and embedded in everything we create, even technology.

In a recent World Economic Forum article, these biases were described as outputs that emanate from societal biases and include race, gender, biological sex, nationality or age. How do such biases wind up in AI technology? AI algorithms must be trained by humans who use potentially unrepresentative or incomplete data that reflect historical inequalities. This can lead to biased algorithms and in turn, biased decisions that have a collective impact on certain groups of people. The Pew Research Center released data on facial recognition showing that only five percent of Americans “have a great deal of trust that technology companies will use facial recognition responsibly.”

Implementing Ethical Facial Recognition

Taking steps toward more ethical facial recognition technologies means addressing bias in the first place. The National Institute of Standards and Technology (NIST) recommends widening the scope of where we look for the source of biases, including going “…beyond the machine learning processes and data used to train AI software to the broader societal factors that influence how technology is developed.”

Other interesting ethical questions can arise at the intersection of facial recognition and business strategy. Researchers ask, for example, “if you use facial recognition to identify people coming into a store, should you use that identity to pull purchasing history? How about a credit report?”

Clearly, a thoughtful approach to facial recognition is needed going forward.

Best Practices in Ethical Facial Recognition

While the industry at large works to address the ethics in AI, organizations can adapt a framework for the ethical use of facial recognition technology. The American Civil Liberties Union submitted An Ethical Framework for Facial Recognition to the U.S. Department of Commerce’s National Telecommunications and Information Administration outlining a number of key best practices that include principles around collection, use, sharing and access.

What does this mean for organizations who want to utilize facial recognition technology? It will be critical to outline and communicate:

• Informed consent — Those looking to implement a facial recognition solution need to consider “when and how to provide meaningful notice and to obtain their informed consent, especially if those individuals are then identified or profiled against other datasets,” according to the Future of Privacy Forum (FPF)

• Transparency tools — “Transparency has been suggested as one enabler to trust,” according to researchers at the Wilson Center, a non-partisan policy forum. They point to approaches that allow visibility into the inner workings of technical systems, such as explainable AI, open data and open algorithms. “Other strategies focus on exploring the outputs of an algorithm, including through testing that evaluates risks such as bias.”

• Privacy / ownership of data — It will be important, too,

to establish rulers of the road spelling out privacy protections for consumers, and to develop a framework for ownership of facial recognition data. “Basic privacy principles require individuals to be aware of commercial entities that collect data about them with facial recognition systems, that they have the ability to request to know what data has been maintained on them, and to request access to correct errors or delete information,” according to FPF.

• Governance — Organizations looking to implement facial recognition will need to establish clear governance. It will be important that they develop purposeful boundaries. They’ll need to determine and document the intended uses of facial recognition data and systems, and will need to have protocols in place that restrict the use of those solutions to only those predefined purposes.

The Future of Facial Recognition

Facial recognition technology has infinite potential to address real-world needs, including those of consumers and citizens. From retail settings to IT engagements to physical access control, facial recognition biometrics are in use today and will continue reshaping how we view identity.

However, addressing ethical AI and the concerns around facial recognition technology will be critical.

While the main problem of facial recognition technology stems from the lack of diversity in datasets, adopting ethical principles can help organizations mitigate risk and alleviate concerns when in use.

BUILDING ROBUST APPLICATION SECURITY

With the explosion in the number of cyberattacks and their increased sophistication over the last few years, application security is now a high priority for technologists in the region, and across the globe for that matter.

IT teams have been operating under relentless pressure to increase application velocity and deliver ever more intuitive and personalized digital experiences to customers and employees. And as a result, application security has largely failed to keep pace. The latest research from Cisco AppDynamics, The shift to a security approach for the full application stack, reveals that all technologists, that were surveyed from the UAE, feel that rapid innovation during the pandemic has come at the expense of robust application security.

With the availability of low-code and no-code platforms, IT teams have been able to develop apps at ever higher speeds and run them across a multitude of platforms. Application components increasingly run on a mix of platforms and on-premise databases, leading to a big expansion in attack surfaces and applications becoming increasingly vulnerable to gaps in security.

Fully aware of the risks this presents, technologists are urgently looking to evolve their approach to application security to manage risk across cloud native applications and architectures.

Based on the research, there are six steps organizations need to take to ensure robust application security within modern application stacks.

1. Securing the full application stack

A security approach that accounts for the full application stack delivers complete protection for applications, from development through to production, across code, containers and Kubernetes.

Not surprisingly, according to the research, 93% of technologists in the Emirates state that the implementation of a security approach for the full application stack is now a priority for their organization.

With runtime application self-protection (RASP), technologists can protect applications from the inside out, wherever they live and however they are deployed. They can see what is happening inside the code to prevent known exploits and simplify vulnerability fixes. Developers can generate targeted insights into their application environments that allow them to respond to threats at scale — whether that’s in containers, on-premises, or in the cloud — and integrate security throughout the entire application lifecycle.

2. Automation to continuously detect and prioritize threats

Robust automation strengthens security postures, identifying threats and resolving them independent of an admin. This reduces human error, increases efficiency, and drives greater agility in development — enabling teams to ship and deploy applications even faster.

Automation can also help to contextualize security, correlating risk in relation to other key areas such as the application, user and business. Business transaction insights enable technologists to measure the importance of threats based on severity scoring, factoring in the context of the threat. This means that they can prioritize threats that could damage a business critical area of the environment or application. Technologists can cut through the data noise caused by high volumes of security alerts and focus on the things that really matter.

3. Lead with a DevSecOps approach

82% of technologists in the UAE believe that DevSecOps — which integrates application security throughout the development

cycle — is critical to effectively protecting against multi-stage security attacks.

With DevSecOps, security becomes a consideration at every stage of the application lifecycle and a shared responsibility. Rather than security being an afterthought, DevOps works with SecOps to identify and prioritize security issues at every step, resulting in better, more secure products and improved security management before, during, and after release.

4. Invest in upskilling developers and engineers

Currently, only 63% of UAE technologists are fully confident that they have the skills required to manage current application security threats. This skills gap is something that organizations need to address as a matter of priority, through upskilling and cross-skilling.

In particular, the shift to a DevSecOps approach will require all technologists, whether they come from the development, performance or security side, to broaden their skill sets to be able to work effectively as part of an integrated application team. So security professionals will have to develop new skills and greater understanding in application development, and developers will need to become more knowledgeable about security.

88% of technologists in the Emirates believe that successful modern technologists are those who can be both specialists in their particular field, but generalists across other areas of the technology stack.

5. Embed Artificial Intelligence into application security processes

Given the volume and sophistication of threats organizations in the region are facing, it is imperative that they lean into Artificial Intelligence (AI) and Machine Learning (ML) to identify gaps, predict vulnerabilities and automate processes to remediate any security holes. As bad actors ramp up their use of AI and ML, it’s vital that enterprise security teams don’t fall behind. AIOps extend human capabilities in multiple cybersecurity tasks, including monitoring, assessing, and resolving security issues — freeing up security teams to focus on higher-value issues and enabling them to collaborate more effectively and strategically throughout the development lifecycle.

The need for AI will only increase in the future — 88% of UAE technologists believe that AI will play an increasingly important role in addressing the challenges around speed, scale and skills that their organization faces in application security.

6. Look to integrate SREs into the organization

Site Reliability Engineer (SRE) is now one of the most sought after roles in the IT industry.

Many development and operations teams have traditionally operated with a ‘silo mentality’, with essentially conflicting goals.

Development teams have prioritized release velocity and product features above all else, while ops teams have been focused solely on production stability, ensuring that applications don’t suffer from performance issues or outages.

The SRE role is crucial to overcome this long-standing conflict of interests, bringing together these two functions for the overall benefit of the project, end users and business.

And at the risk of belaboring the point, application security can no longer be an afterthought within the application lifecycle, instead, it must be embedded in the process from the very outset. A holistic and integrated strategy for application security is now essential for organizations to reap the benefits of cloud native technologies, while managing an increasingly complex risk landscape.

WHY YOU SHOULD TREAT EVERY DAY LIKE WORLD BACKUP DAY

Organisations need a two-pronged strategy: advanced, immutable copies of their data and an ability to not just backup fast but to restore rapidly and at scale. Immutable copies are protected because they can’t be deleted, modified or encrypted - even if an attacker gains access to sensitive data. They are also relatively easy to restore, but depending upon the situation might not be a viable option. Traditional tape or disk-based backup can restore roughly one to two terabytes an hour. That’s not going to cut it for most organisations, as this could lead to hours or days of downtime which could cause immeasurable financial and reputational loss to the world’s biggest organisations. Thankfully, some flash based solutions can offer speeds of up to 270TB an hour and are needed to get an organisation up and running with minimal negative impact.

The final thing organisations should be doing is gaining a real understanding of their data, what internal and external policies govern its retention and, drawing up policies that avoid a "store everything forever" end-state and ensuring that the policies are adhered to. They should also ensure that the backup and restore performance capabilities can grow in sync with the amount of data protected. Only by doing this can organisations sustain backups for recovery, regulatory & compliance and ransomware mitigation purposes with the growing dataset sizes that we will see in the next 5-10 years, especially with unstructured data.

As World Backup Day approaches on 31st March, companies are reflecting on their own data protection strategies. However, given the valuable and sensitive nature of data, whether it resides in the public sector, healthcare, financial services or any other industry, businesses can’t afford to think about backup just one day per year.

Ransomware continues to plague organisations in 2023, and there is no place for a ‘it won’t happen to me’ mindset. Leaders need to be thinking of the worst case scenario and be proactive, not reactive in their plans. Unfortunately, while backup systems have provided an insurance policy against an attack in the past, hackers are now trying to breach these too. Once an attacker is inside an organisation’s systems, they will attempt to find credentials to immobilise backups. This will make it more difficult, time consuming and potentially expensive to restore.

With a cybersecurity strategy underpinned by immutable copies and a scalable rapid restore solution, recovery from a ransomware attack can be reduced from several weeks to just a few hours. This will minimise the impact on users, customers and potential reputational damage suffered from being offline for a prolonged period of time.

A real-world example of a company that did this to great effect is Admiral. To address the threat of ransomware and possible business disruption, Admiral selected Pure Storage FlashBlade with SafeMode™ and Veeam. It used to take around 30 hours to back up the Oracle databases that underpinned Admiral’s vital policy and billing functions. Now, that same process takes less than 40 minutes. This meets the recovery point objective standard set by Admiral to ensure adherence to regulatory controls, so the company can rest easy 365 days of the year.

Third-Party Risk Management “Misses” Are Hurting Organizations

Enterprise Risk Management Teams Need a Better Approach to Third Parties

Enterprise risk management (ERM) teams are struggling to effectively mitigate third-party risk in an increasingly interconnected business environment, according to Gartner, Inc.

In a Gartner survey of 100 executive risk committee members in September 2022, 84% of respondents said that third-party risk “misses” resulted in operations disruptions (see Figure). Gartner defines a third-party risk “miss” as a third-party risk incident resulting in at least one of the outcomes in Figure once or more in the 12 months leading up to the survey.

“Most organizations have seen an increase in the number of third parties under contract in recent years,” said Chris Matlock, vice president, research in the Gartner Legal Risk & Compliance Practice. “Moreover, a majority of organizations are also using third parties for new-in-kind-services and have become more reliant on them to conduct their operations. While increased use of third parties can improve business operations in many ways, it also introduces risks that are causing notable impacts on organizations.”

“ERM involvement in third-party risk management activities has increased across the board since 2016,” said Matlock. “However, just doing more isn’t enough because the characteristics of third-party risk undermine the effectiveness of a typical ERM setup.”

ERM is struggling to elevate the right issues because it is generally failing to limit its focus to a manageable set of issues. ERM leaders are not clearly defining which issues must be acted on first, and they are not typically preparing their audiences well to take tangible steps on the issues they surface.

Enterprise Third-Party Risk Management

There are three aspects that ERM must

do differently to improve effectiveness in managing third-party risk in a large organization, an approach Gartner calls enterprise third-party risk management. Essentially, this is an approach to help ERM teams manage the information overload that is being created by the exponential increase in risk volume and variability brought about by the rapid growth of third parties use.

Third-party risks tend to be high volume, heterogeneous in nature, and vary greatly in importance across the business. It is hard, therefore, to identify and prioritize what matters most. ERM must first isolate and combine only those inputs that matter most at the enterprise level, enabling them to focus on aggregating the most important inputs and addressing the most critical enterprise third-party risks.

ERM must work to enable alignment across a diverse set of risk owners to obtain a holistic view and create opportunities for them to work towards consensus. In practice, this means facilitating direct thought-partnership between risk co-owners with ERM adding expertise and aligning actions, as opposed to ERM acting as a

central co-ordinator of all risk information and mitigation.

ERM’s role as a trend spotter is also undermined by the expanding third-party landscape because the potential issues are too numerous and available data is often point-in-time and lagged. Again, the solution is to narrow down the scope of what is being monitored, limiting focus to the most critical emerging issues and proactively tracking them with a set of easily monitored forward-looking indicators that enables ERM to reliably spot critical enterprise risk trends.

“With third-party risk exposure elevated and a multitude of incoming threats on the horizon, risk committees are expecting ERM to play a greater role in managing third-party risk,” said Matlock. “Yet traditional ERM posture is struggling to provide a concise, actionable view of third-party risk at the enterprise level. That’s why ERM must focus on enterprise third-party risk management, which involves defining enterprise-level priorities, enabling cross-functional alignment, and monitoring forward-looking indicators.

Evidence of Third-Party Risk “Misses”

Source: Gartner (February 2023)

SOPHOS XGS 7500 AND 8500

Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced the expansion of its next-generation firewall portfolio with two new high-end, enterprise-grade XGS Series appliances. The new XGS 7500 and 8500 models provide unrivaled performance and protection for large enterprise and campus deployments, broadening market opportunities for the channel partners that serve them.

Sophos Firewall is a key pillar of Sophos’ SASE strategy. It provides a more simplified, scalable and secure solution over traditional remote access VPN, and integrates with Sophos ZTNA (zero trust network access) under one unified management plane.

The new XGS 7500 and 8500 models deliver industry-best modular connectivity; highly scalable software-defined wide area network (SD-WAN) features; trusted traffic and application acceleration; high performance Transport Layer Security (TLS) inspection; threat protection; and enterprise-grade, high-availability and redundancy capabilities. Featuring high-performance Xstream flow processors and central processing units (CPUs) with enterprise-grade acceleration, the models offer roughly 50% faster throughput than industry averages in their class.

Highlights:

• Up to 190 gigabits per second (Gbps) firewall throughput

• Up to 141 Gbps Internet Protocol Security (IPsec) virtual private network (VPN) throughput

• Up to 93 Gbps intrusion prevention system (IPS) throughput

• Up to 76 Gbps next-generation firewall (NGFW) throughput

• Support for up to 58 million concurrent connections

• Support for up to 1.7 million new connections per second

• Up to two times better energy efficiency than the industry average when using IPsec VPN

• High speed connectivity with two QSFP28 ports supporting speeds of up to 100 Gbps

• High capacity, high-speed random access memory (RAM) and non-volatile memory express (NVMe) solid-state drives for improved compatibility and storage

• Unique programmable Xstream architecture delivers unmatched levels of protection, performance and visibility

D-LINK DWM-3010 5G NR M2M GATEWAY

With the DWM-3010 5G NR M2M Gateway, users can connect large numbers of devices with fast 5G network connectivity in harsh working environments, and with the industrial-grade feature set needed for efficient and robust communication between them in virtually any setting.

The all new 5G NR M2M Gateway from D-Link throws open the doors for industries to utilize IoT technologies, accelerate their digital transformation and embrace Industry X.0. DWM-3010 5G NR

M2M Gateway delivers exceptional 5G broadband connectivity, facilitating IoT device-dense environments to operate with ultra-low latency, as well as Gigabit-plus speeds and high reliability to support Industry X.0 future initiatives.

It features field communication protocols such as Virtual COM, Modbus and MQTT to help IoT devices communicate more efficiently. The DWM-3010 can withstand wide temperature ranges from a chilly -30°C up to a sweltering 60°C. The robust and rugged design is perfect for smart industrial applications.

Application areas include transportation, manufacturing, agriculture and energy industries. Remote, centralised management of the DWM-3010 5G NR M2M Gateway is particularly easy when combining it with the D-Link Edge Cloud Solution, or D-ECS. D-ECS is a managed multi-tenant system for managing 4G-LTE and 5G NR M2M network devices such as the DWM-3010 5G NR M2M Gateway via a web portal.

PURE STORAGE FLASHBLADE//E

Pure Storage announced FlashBlade//E, a scaleout unstructured data repository built to handle exponential data growth with industry-leading energy efficiency. At an acquisition cost competitive with disk and much lower operational costs, the introduction of FlashBlade//E means that customers no longer need to settle for disk.

FlashBlade//E is designed for reliability and sustainability with a compelling acquisition price and the lowest long-term cost.

FlashBlade//E provides a better way to manage unstructured data growth efficiently, reliably, and sustainably with a best-in-class user experience and economics that enable customers to eliminate the last remnants of disk in their data center.

FlashBlade//E eliminates data challenges with a scale-out unstructured data repository optimized for multi-petabyte workloads.

FlashBlade//E will be generally available by the end of April 2023. In addition to traditional purchase, customers will have the option to deploy FlashBlade//E through a new service tier of Pure’s Evergreen//One Storage as-a-Service (STaaS) subscription, providing pay-as-you-go economics and a cloud experience with the control of on-premises deployment.

Highlights:

• Economical at scale: FlashBlade//E is offered at under $0.20 per GB including three years of service. The platform starts at 4PB and scales from there with reliable performance.

• Industry-leading energy efficiency: FlashBlade//E consumes up to 5x less power than the disk-based systems it will replace. The larger the system the greater the efficiency, helping organizations achieve their increasingly critical sustainability goals.

• Simplicity, reliability, and a non-disruptive future: FlashBlade//E is built to flex and grow on demand with 10-20x more reliability than hard disk based systems and evolving without disruption or forklift upgrades. With cloud-like simplicity, flexibility and predictable performance, FlashBlade//E remains simple to manage at any scale.

Highlights:

• 1 x 10/100/1000 Ethernet WAN/LAN Ports

• 2 x 10/100/1000 Ethernet LAN port

• Roll out a high-speed dual-band Wi-Fi network capable of Gigabit-plus speeds

• Reap the full benefits of 5G NR, experiencing lightning-fast downloads, ultra-low latency and reduced congestion

• Dual SIM slots allow multiple providers, eliminating dead zones and offering cellular failover

• Supports WPA2 — Wi-Fi security for more protection

• Supports a range of professional VPN options, incl.: IPSec/OpenVPN/ L2TP/PPTP/GRE

• Effortless remote management with the D-Link Edge Cloud Solution

• Connect up to 50 devices simultaneously to your Wi-Fi network

• Ruggedized design for wide-temperature operation

CYBERSECURITY AS A SERVICE

Reduce your organization's Cyber Threats with CyberSecurity as a Service from Finesse, writes Ateeb Wani - Business Development Manager - Cyber Security

ly with businesses to provide personalized recommendations and incident response services.

Finesse's VAPT services help businesses identify vulnerabilities in their IT systems and applications. The VAPT services are delivered by a team of expert security professionals who use a combination of automated and manual testing techniques to identify vulnerabilities and provide recommendations for remediation. Finesse's VAPT services include regular vulnerability scans, web application testing, and mobile application testing, among others.

In the age of digital transformation, cybersecurity has become a critical aspect of any business. Cyber threats are becoming increasingly sophisticated, and businesses of all sizes need to be prepared to prevent, detect, and respond to these threats. Finesse is a leading provider of cybersecurity as a service (CaaS), offering comprehensive solutions to help protect their digital assets.

Finesse's CaaS offerings are tailored to meet the unique needs of businesses across different industries. The company's approach is to provide a complete view of a business's security posture, enabling them to detect and respond to security incidents in real-time. The solutions are delivered and managed by Finesse's team of expert security professionals who use advanced technologies to detect, monitor, and respond to potential threats.

Finesse's CaaS offerings include three key services: Security Operations Center (SOC), Vulnerability Assessment and Penetration Testing (VAPT), and Managed Detection and Response (MDR).

Finesse's SOC services offer businesses 24/7 monitoring and incident response capabilities. The SOC is staffed with highly skilled analysts who use advanced technologies such as Security Information and Event Management (SIEM), User and Entity Behavior Analytics (UEBA), and Threat Intelligence to detect and respond to security incidents. The SOC analysts work close-

Finesse's MDR services provide businesses with continuous monitoring and threat detection for their IT environment. The MDR services are delivered by a team of expert security professionals who use advanced technologies like Endpoint Detection and Response (EDR), Network Traffic Analysis (NTA), and Deception Technology to detect and respond to security incidents. Finesse's MDR analysts work closely with businesses to provide personalized recommendations and incident response services.

Finesse's CaaS solutions provide businesses with several benefits, including:

Comprehensive Security: Finesse's CaaS solutions cover all aspects of cybersecurity, including SOC, VAPT, and MDR, ensuring that businesses have a comprehensive security solution.

Cost-effective: Finesse's CaaS solutions can be more cost-effective than building and maintaining an in-house cybersecurity program. This means that businesses can get the benefits of cybersecurity services without the added cost of hiring in-house security professionals.

Expertise: Finesse's team of security professionals are highly skilled and experienced in handling security incidents, providing businesses with access to the latest technologies and expert advice.

Scalability: Finesse's CaaS solutions can be scaled up or down based on a business's needs, providing the flexibility to meet changing requirements.

In conclusion, cybersecurity threats are constantly evolving, and businesses need to take proactive measures to protect their digital assets. Finesse's CaaS solutions offer a comprehensive suite of cybersecurity services that can help businesses mitigate risk and protect their digital assets. With Finesse's CaaS solutions, businesses can have peace of mind knowing that their cybersecurity needs are being handled by a team of experts.