CXO DX May 2022 by LeapMediaSolutions

LOOK SHARP. SOUND AWESOME.

LISTEN TO THIS: 274%

Growth of video meetings from 2019 to 20201

71%

Information workers who use video at least once a day2

#2 AND

Rank of web and group VC solutions among enterprise digital investments3

ADVANTAGES OF RALLY BAR MINI Superior Performance in Small Rooms: With studio-quality audio and video and AI-driven performance, Rally Bar Mini sets new standards for video collaboration.

Flexible Deployment Options: Run meetings in appliance mode without a computer for Microsoft Teams, Zoom, GoTo, Pexip, or RingCentral. Or, connect to a computer or laptop and use with any software.

Simple Setup and Cable Management: Place on a table or credenza or add a wall or TV mount for a sleek space-saving set up. Integrated cable management keeps connections tight.

Small room solution with Logitech Tap for Zoom Rooms.

Easy to monitor, manage, and support: Stay informed and ahead with Logitech Sync. Monitor status, push firmware updates, and gain insights with metrics like people count.

MAKE EVERYONE LOOK AMAZING.

» EDITORIAL

A PERVASIVE IMPACT Steadily, we have seen Businesses return to work as usual with more employees working out of their offices. The hybrid model is popular because of the flexibility it gives in how and where they work and offer a better work-life balance but is not applicable to all job roles it seems. Businesses would need to evolve a balance in the employment options they give their recruits to sustain their tenures for the longer term. Employees may possibly look for alternatives if they feel their current roles do not give them the flexibility. The past two years of working on remote basis has possibly made the larger populace digitally savvier, comfortable with multiple new technologies and tools. The pandemic was an inflexion point in our history and has brought fundamental changes in which we work and connect with people. Even as we have returned to near normalcy in our lives that was disrupted by the pandemic, the learnings imbibed have altered some of our approaches to work and life. For instance, lockdowns and the resulting movement restrictions encouraged consumers to embrace cashless payment alternatives. That will only see further momentum. On the Business front, in retail, many retailers have embraced online commerce unreservedly, while the brick-and-mortar Business is going steady as well as can be seen by the crowds in hypermarkets. There seems to be room for both now as consumers seem to enjoy both options. Education has been a segment that faced an overwhelming challenge when the pandemic struck but how well the segment transitioned to remote learning, thanks to collaborative technologies that quickly ramped up to deliver the goods. The segment now uses more technology tools than ever before as both the teaching and student community became familiar and conversant with many new technologies during the pandemic. And while I picked on some examples, Technologies today have a far pervasive impact. Hopefully, we continue to leverage them for the far greater good.

R. Narayan

......................................................

Arya Devi Associate Editor

editor@leapmediallc.com

Co-Founder & MD

saumyadeep@leapmediallc.com Mob: +971-54-4458401 Sunil Kumar Designer

PUBLISHED BY - Leap Media Solutions LLC

...................................

narayan@leapmediallc.com Mob: +971-55-7802403

SAUMYADEEP HALDER

............................................................

Co-Founder & Editor in Chief

MALLIKA REGO Co-Founder & Director Client Solutions

mallika@leapmediallc.com Mob: +971-50-2489676

...............................................................

RAMAN NARAYAN

...................................

Editor in Chief, CXO DX

Nihal Shetty Webmaster

REGISTERED OFFICE: Office 10, Sharjah Media City | www.cxodx.com MAY 2022 / CXO DX

» CONTENTS CISO OUTLOOK

26 » INDISPENSABLE ROLE OF CYBER HYGIENE 27 » THE FOCUS ON ZERO TRUST INTERVIEW

18 COVER FEATURE

18 » CYBERSECURITY IN A MULTI-VECTOR THREAT LANDSCAPE ENABLING AND SECURING CONNECTIVITY Amanulla Khan, Regional Managing Director - India, Middle East, Turkey & Africa at Linksys elaborates how the networking vendor has been quite steadily making inroads in new opportunities

NEWS INSIGHT

17 » ENABLING HAPPINESS 20 » CHAMPIONING THE SUSTAINABILITY AGENDA COLUMN

28 » MEETING THE CYBERSECURITY JOBS CHALLENGE

11 » UAE WORKERS BELIEVE AI AND DATA SCIENCE WILL IMPACT THEIR ROLE

22 » A RETURN TO NORMAL 4

CXO DX / MAY 2022

30 » THREE PILLARS THE CHANNEL NEEDS TO FOCUS ON 32 » THREE PILLARS THE CHANNEL NEEDS TO FOCUS ON WHY ARE CYBERCRIMINALS INCREASING THEIR FOCUS ON MOBILE DEVICES? 34 » FSOS IN THE DIGITAL ECONOMY REGULARS

12 » RIVERBED UNVEILS STRATEGY TO DELIVER UNIFIED OBSERVABILITY TO CUSTOMERS CIO OUTLOOK

14 » EXTENDING CONNECTIVITY

06 » NEWS 36 » TECHSHOW

38 » TRENDS & STATS

» NEWS

MICROSOFT AZURE UAE REGIONS LAUNCHES FOUR NEW KEY SERVICES These include Azure Purview, Azure Arc enabled servers, Azure Communication Services, and Azure Machine Learning – which cover governance, multi-cloud, comms APIs, and AI soft Cloud customers now have access to almost all of Azure’s tools, allowing them to accelerate their digital transformations. “When we launched Microsoft Cloud Regions in 2019, we saw an immediate acceleration in digital transformation across the region,” said Necip Ozyucel, Director, Azure Business Group Lead, Microsoft UAE. “Now that journey continues with the launch of Azure Purview, Azure Arc enabled servers, Azure Communication Services, and Azure Machine Learning in our Azure UAE Regions.”

Necip Ozyucel

Director, Azure Business Group Lead, Microsoft UAE Microsoft announced the availability of new digitally transformative services on its Azure UAE Regions. Regional Micro-

Azure Purview is a unified data-governance solution that allows organisations to manage the use of their on-premises, multi-cloud, and software-as-a-service (SaaS) data. Azure Arc is a suite of technologies that

unites the security of Microsoft Azure with its cloud-native services to bring rich, secure functionality to hybrid and multi-cloud environments. Azure Communication Services is a set of rich communication APIs – including those for video and SMS – that allow the deployment of applications on any device or platform. Each API allows custom integration with Microsoft Teams. Azure Machine Learning allows enterprises to build business-critical machine-learning models at scale. Data scientists and developers can collaborate on the development, deployment, and management of responsible, high-quality models while accelerating time to value, by leveraging industry-leading MLOps (machine learning operations), open-source interoperability, and integrated tools.

UNIPHORE ACQUIRES COLABO TO DELIVER KNOWLEDGE AI AND AUTOMATION Enterprises will be able to leverage AI to extract knowledge entities and graphs from structured and unstructured data Uniphore, a leader in Conversational Automation has acquired Colabo, an AI-powered knowledge automation solution that specializes in extracting and utilizing information from structured and unstructured documents in real time. Today, Intelligent Virtual Assistants (IVAs) and human agents have access to legacy knowledge management systems not connected to enterprise applications, thus frequently losing value over time from data complexity and quality. With Colabo’s solution integrated into Uniphore’s industry-leading conversational automation platform, enterprises will be able to leverage AI to extract knowledge entities and graphs from structured and unstructured data. This ultimately helps ensure the most relevant content and nextbest action are delivered to IVAs and live agents, for significantly better customer

CXO DX / MAY 2022

interactions. “Simply put, consumers today expect access to up-to-date information to solve their problems and contact centers can provide better experiences with the latest technologies that do exactly that,” said Umesh Sachdev, co-founder and CEO of Uniphore. “This acquisition brings together unique capabilities to arm enterprises with new tools that provide a quick resolution to consumer queries and empower agents with real-time, actionable information.”

Umesh Sachdev

Co-Founder and CEO of Uniphore

Colabo’s innovative AI solution powers customer engagement solutions by unifying knowledge from any digital and physical content into a seamless, personalized omni-channel experience. Colabo’s knowledge AI solution was built with a customer-first mentality.

» NEWS

KHAZNA DATA CENTERS AWARDED TIER III CERTIFICATION OF CONSTRUCTED FACILITY There is a growing focus on Data Centres in the wake of increased digitalization Khazna Data Centers, the United Arab Emirates (UAE) largest data center provider was awarded Tier III certification of Constructed Facility for its IRIS 2 data center from Uptime Institute. This certification is based on the design, facility demonstration, and intended performance capacity, effectiveness, and reliability of the data center. The growing reliance on digital technology in the increasingly connected world, has steered the data center industry into sharp focus. Data centers are among the most important assets an organization can have. The need for effective infrastructure to support the ever-changing and growing needs of businesses is gaining traction. Hassan Alnaqbi, CEO of Khazna Data Centers, stated: “Developing and operating data centers is a continuous and longterm commitment for Khazna Data Centers. Our rigorous standards permit for

well-designed and optimized data center build with downstream processes and operations always in focus, no downtime, handling periodic upgrades, fully driven with heightened capacity and energy-efficiency to meet the rising market and regulatory demands. Khazna’s commitment to innovation and international standards of excellence in data center infrastructure, construction and service are reflected in the accreditations we achieved today from Uptime Institute.” Data centres are fundamentally highly operational, and maintenance focused. The facilities necessitate constant monitoring to ensure efficiency, systems advanced on an ongoing basis, and management of assets, equipment, and capacity. Uptime Institute certification is the industry’s standard to assesses data center reliability, availability, maintainability, and overall performance needed to provide continuous and efficient operations.

Hassan Alnaqbi

CEO of Khazna Data Centers

Khazna Data Center’s Tier III certification was granted after a diligent assessment and evaluation by expert teams from Uptime Institute.

FRESHWORKS CRM FOR E-COMMERCE TO HELP SHOPIFY BUSINESSES CREATE ENGAGING CX Merchants can now integrate Freshworks CRM with their Shopify storefront custom Shopify events like cart abandonment and first-time visitors; and by automating and personalizing messages across email, live-chat, WhatsApp, and SMS using pre-built Shopify Playbooks.

Freshworks Inc. announced that its Freshworks CRM for e-commerce is now available in the Shopify App Store. The solution integrates directly with Shopify to provide its millions of merchants with a unified CRM that enables live conversational support, marketing and sales where and when consumers want to buy online. "At the core of Shopify’s Ecosystem is our community of developers who give merchants access to critical commerce technology," said Fatima Yusuf, Director of Commercial at Shopify. "We're happy to welcome Freshworks to the Shopify App Store, bringing its insight and experience in customer engagement and conversational marketing to Shopify’s millions of merchants." Freshworks CRM for Shopify is a unified marketing, support, and sales solution purpose-built for Shopify storefront own-

Prakash Ramamurthy

Chief Product Officer, Freshworks ers. Merchants can create more engaging customer experiences by segmenting and marketing to their customers based on

“The Freshworks CRM platform can now enable millions of Shopify businesses to make their store as delightful and intelligent as the biggest online retailers,” said Prakash Ramamurthy, Chief Product Officer at Freshworks. “Built on a unified data model, the solution gives merchants a complete view of their customers. In a time of low tolerance for error, our platform helps merchants avoid alienating customers with things they hate—like repeating order information or wading through irrelevant products.” Freshworks CRM for Shopify is built on the Freshworks Neo platform. MAY 2022 / CXO DX

» NEWS

SOPHOS ACQUIRES SOC.OS The acquisition expands Sophos’ Adaptive Cybersecurity Ecosystem to include Telemetry from third-party security and IT solutions Sophos has acquired SOC.OS, an innovator of a cloud-based security alert investigation and triage automation solution. The solution consolidates and prioritizes high volumes of security alerts from multiple products and platforms across an organization’s estate, allowing security operations teams to quickly understand and respond to the most urgent cases flagged. SOC.OS launched in 2020 and is a spinout of BAE Systems Digital Intelligence. The company is privately held and based in Milton Keynes, U.K. With SOC.OS, Sophos plans to advance its Managed Threat Response (MTR) and Extended Detection and Response (XDR) solutions for organizations of all sizes. SOC.OS will also help Sophos expand its Adaptive Cybersecurity Ecosystem, which underpins all of Sophos’ security solutions. This will include providing

alerts and events from third-party endpoint, server, firewall, Identity and Access Management (IAM), cloud workload, email, and mobile security products. “Sophos MTR is one of the fastest-growing new offerings in the company’s history. We now stand as one of the largest Managed Detection and Response (MDR) operations in the world, delivering superior security outcomes through an MTR service with more than 8,000 customers. The top enhancement request from these customers is ‘better integrations with existing security environments,’ and with the innovative technology from SOC.OS, we will be able to do just that – seamlessly integrate Sophos’ MTR and XDR solutions within their current set of security and IT solutions,” said Joe Levy, chief technology and product officer, Sophos. “SOC. OS will also provide our Adaptive Cyber-

Joe Levy

Chief Technology and Product Officer, Sophos security Ecosystem with a broader set of third-party telemetry, so security analysts have better visibility into important events and alerts.”

VAD TECHNOLOGIES ANNOUNCES AGREEMENT WITH COHESITY Cohesity is a leader in next-gen data management solutions VAD Technologies, a leading value added distributor in the Middle East & North Africa, announced a partnership with Cohesity, a leader in next-gen data management solutions. VAD Technologies will use their strong Partner Ecosystem across the Region to bring Cohesity’ s Next-Gen Data Management Solutions to customers across the Middle East. This will enable organizations to radically simplify how they manage their data, and will help them to develop cyber resilience so they can quickly defend and if needed, rapidly recover data in the event of a cyberattack.

Gregg Petersen

Regional Director MEA, Cohesity

CXO DX / MAY 2022

“Cohesity joins our technology portfolio at the right time, as we are constantly acquiring disruptive next generation technologies to ensure that our Partners can always offer the latest and in demand solutions to their clients,” said Mario M. Veljovic, General Manager at VAD Tech-

nologies. “Businesses across the region have learned that it’s crucial to protect their business from sophisticated ransomware attacks with a sophisticated Threat Defense architecture. We are excited to partner with Cohesity and promote the Industry’s First Comprehensive Next Gen Data Management Platform that goes beyond zero trust.” “In this partnership with VAD, we can address our customers’ number one concern today, developing cyber resilience against cyberattacks like ransomware”, said Gregg Petersen, Regional Director Middle East and Africa at Cohesity. “VAD Technologies has a proven track record of working with Disruptive Technologies and that is one of the key reasons why we feel so excited about this Partnership. With their significant footprint in the public and enterprise markets, the team at VAD serves an important and already established partner ecosystem”.

» NEWS

CLOUD BOX TECHNOLOGIES ACHIEVES DELL TECHNOLOGIES’ TITANIUM SOLUTION PROVIDER STATUS With deep focus on the Enterprise segment, CBT aims to be the leading SI for DELL Program. CBT is an upward evolving organization with extensive understanding of the technology landscape and best practices followed regionally and globally. To reach this top tier level, CBT demonstrated inherent high level of sales, pre-sales and implementation capabilities.

Ranjith Kaippada

Managing Director, Cloud Box Technologies Cloud Box Technologies (CBT), an IT services specialist in the UAE, has announced the achievement of becoming a prestigious Titanium Solution Provider within the Dell Technologies Partner

The CBT and DELL partnership stands witness to the company’s alignment and focus on Dell Technologies business objectives and the brand’s forward strategy. With deep focus on the Enterprise segment, CBT aims to be the leading SI for DELL. Ranjith Kaippada, Managing Director, Cloud Box Technologies said, “We truly believe that strengthening our partnerships is what drives us to continuously build on our strengths. Constant improvement is the order of the day, and

this enables us to be ahead of the curve across the board. We will continue to enhance our value addition to maximize client satisfaction and collaborate with them on technology initiatives. Parallelly, we are increasing our technical and consultative capabilities to cater to the varied and dynamic needs of the regional market. This achievement is also a testimony of the commitment by Dell Technologies towards building an exceptional partner experience.” CBT has internally allocated additional investments within core business areas with an objective of partnering with existing and new customers on their digital transformation journeys. The company has also broadened its alliances to widen its portfolio and remains focused on major verticals of Health, Education, Retail, Medium Enterprise and Power accounts.

SUGARCRM PARTNERS WITH REDINGTON GULF Cloud and on-premises solutions available from SugarCRM in the cloud, making them unviable for customers in the Middle East.

SugarCRM, provider of AI-driven CRM platform, announced a strategic distribution partnership with Redington Gulf, whereby Redington will distribute the full SugarCRM AI-driven solution portfolio for sales, marketing and customer service to businesses in the Middle East. As a world-class provider of top enterprise technology solutions globally, Redington will help Sugar extend its CRM platform to businesses across the region through its extensive network of 34,000 resellers and over 70 sales offices around the world, with over 15,000 customers in the Middle East alone. Redington gains access to Sugar’s market-leading portfolio of AI-driven solutions that make the hard things easier for sales, marketing, and customer service professionals. Sugar also offers choice for cloud and on-premises solutions so customers

“Redington is a respected player in the Middle East, and the partnership provides us with a substantial opportunity to reach prospects, customers and opportunities through an established channel. This is a significant step to fuel Sugar’s platform growth across the region,” explains James Frampton, Senior Vice President and General Manager, EMEA at SugarCRM.

Sayantan Dev

President, Redington Value can select the best option for their business. This is a key benefit as most other CRM providers offer their solutions exclusively

“We’re committed to helping our Middle Eastern customers drive digital transformation through advanced technologies, and SugarCRM is an integral part of this effort. There is a very clear opportunity to fill the gap for a purpose-built CRM offering in the Middle Eastern market. Sugar will help us meet this business demand with an intelligent AI-driven platform,” explained Sayantan Dev, President, Redington Value. MAY 2022 / CXO DX

» NEWS

RANSOMWARE PAYMENTS HIT NEW RECORDS IN 2021 Posts on name-and-shame Dark Web leak sites climbed 85% ening to release sensitive data, according to research released today from Unit 42 by Palo Alto Networks. The average ransom demand in cases worked by Unit 42 incident responders rose 144% in 2021 to $2.2 million, while the average payment climbed 78% to $541,010, according to The 2022 Unit 42 Ransomware Threat Report. The most affected industries were Professional and Legal Services, Construction, Wholesale and Retail, Healthcare, and Manufacturing.

Jen Miller-Osborn

deputy director, Unit 42 Threat Intelligence

Ransomware payments hit new records in 2021 as cybercriminals increasingly turned to Dark Web "leak sites" where they pressured victims to pay up by threat-

"In 2021, ransomware attacks interfered with everyday activities that people all over the world take for granted – everything from buying groceries, purchasing gasoline for our cars to calling 911 in the event of an emergency and obtaining medical care," said Jen Miller-Osborn, deputy director, Unit 42 Threat Intelligence. The Conti ransomware group was respon-

sible for the most activity, accounting for more than 1 in 5 of cases worked by Unit 42 consultants in 2021. REvil, also known as Sodinokibi, was No. 2 at 7.1%, followed by Hello Kitty and Phobos (4.8% each). Conti also posted the names of 511 organizations on its Dark Web leak site, the most of any group. The report describes how the cyber extortion ecosystem grew in 2021, with the emergence of 35 new ransomware gangs. It documents how criminal enterprises invested windfall profits into creating easyto-use tools in attacks that increasingly leverage zero-day vulnerabilities. The number of victims whose data was posted on leak sites rose 85% in 2021, to 2,566 organizations, according to Unit 42's analysis. 60% of leak site victims were in the Americas, followed by 31% for Europe, the Middle East and Africa, and then 9% in the Asia-Pacific region.

TENABLE TO ACQUIRE BIT DISCOVERY The acquisition will help Tenable provide customers with a differentiated 360-degree view of the modern attack surface Tenable Holdings has signed an agreement to acquire Bit Discovery, Inc. (“Bit Discovery”), a leader in external attack surface management (EASM). Combining Tenable’s market-leading Cyber Exposure solutions with Bit Discovery’s EASM capabilities will provide customers with a differentiated 360-degree view of the modern attack surface – both inside out and outside in – to identify and eliminate areas of known and unknown security risk. Discovering and gaining insight into every part of a business's digital footprint are essential steps of any effective cybersecurity program. Discovery has never been more critical, given the reliance on critical internet-facing services, applications and APIs. The problem for most organizations is that they are largely blind to the full and ever-changing scope of internet-facing assets and services.

CXO DX / MAY 2022

With its powerful EASM solution, Bit Discovery eliminates this problem by continuously monitoring the Internet, allowing customers to rapidly discover and identify all externally facing assets that could become exploitable targets by cyber criminals. After closing, Tenable will leverage Bit Discovery’s EASM solutions across its entire portfolio – from enterprise vulnerability management (VM) to Nessus, from cloud to operational technology (OT) to identity. “Whatever is visible on the internet is very likely to be the first target and the hardest thing for organizations to continuously see and assess. We believe attack surface management is vital to modern cybersecurity and an integral part of our vulnerability and Cyber Exposure solutions,” said Glen Pendley, chief technol-

Glen Pendley

Chief Technology Officer, Tenable

ogy officer, Tenable. “We are seamlessly combining previously disjointed insights and empowering security practitioners to eliminate blind spots and easily understand their cyber exposure in ways previously not possible.”

» NEWS INSIGHTS

UAE WORKERS BELIEVE AI AND DATA SCIENCE WILL IMPACT THEIR ROLE IN NEXT FIVE YEARS The YouGov study commissioned by Dataiku reveals the country to be pro-AI and ahead of its EMEA peers on awareness and action, but work still needs to be done to democratize the use of data and AI The United Arab Emirates (UAE) leads EMEA in the leverage of data, data science and artificial intelligence (AI) for the purposes of decision making and business growth, according to a report commissioned by Dataiku, the platform for Everyday AI. The survey was conducted by YouGov in early 2022 and involved 2,487 decision makers from across France, the United Kingdom, the Netherlands, Germany, and the UAE. It revealed UAE respondents to be the most convinced of data’s utility in the workplace, with 84% considering it essential compared with the EMEA average of 69%. The Dan UAESmoot has long been established as a Riverbed President CEO world leader in artificialand intelligence, having been the first nation to appoint a minister of state for AI. And in early March 2022, Dubai International Financial Centre (DIFC), in collaboration with the UAE’s Artificial Intelligence Office, announced the launch of a special license for companies that focus on AI. In support of the country’s Artificial Intelligence Strategy 2031, the license rewards firms for their efforts by granting Golden Visas for select employees. YouGov’s Dataiku-commissioned report reveals that some 71% of UAE respondents have been using more data over the past five years, a figure that is again significantly higher than the EMEA average of just over half (55%). Some 71% of UAE respondents believe they will use even more data in the next five years compared to a EMEA average of 52%. The survey also showed a marked awareness in UAE respondents of the role AI can play in the coming years on their own

jobs and within their organization and sector. 66% of UAE respondents believe AI and data science will impact their role in the next 5 years, an almost equal number (65%) expect AI and data science to impact their company and 67% expect AI and data science to have an impact on their industry in the next five years. “The findings in our report clearly establish the UAE as highly aware of the power of data and AI,” said Sid Bhatia, Regional Vice President & General Manager for Middle East & Turkey, Dataiku. “We believe this a direct consequence of the government’s forward-looking position on these technologies. We see this in its Artificial Intelligence Strategy 2031; we see it in the federal government becoming the first to appoint a minister of state for AI; and we see it in DIFC’s move to issue special AI licenses. Our findings also highlight the widespread acknowledgement that enterprise AI is an organizational asset that will define the business of the future and the industries of the future.” However, Bhatia also pointed out the gap in perception between managers and non-managers in the UAE when it comes to data utility and the role of AI. While 71% of UAE managers say their use of data in daily work has increased over past five years and 73% believe their use of data will increase over next five years, only 44% of non-managers say they have used more data over the past five years and a mere third expect to use more over the next five years. Two thirds (67%) of those in management positions believe AI and data science will impact their roles but less than half (44%) of non-managers believe the same. “There is clearly a need to democratize the use of AI if it is to gain widespread

Sid Bhatia

Regional VP & GM, ME & Turkey, Dataiku

acceptance as a tool of prosperity,” continued Bhatia. “It is only when all people within an organization see AI as a partner in change that they will come together and collaborate. Then stakeholders can deliver the culture needed to build a digital business. Through this culture change comes Everyday AI, where organizations can truly capitalize on data science to gain the kind of insights that lead to innovation.” An Everyday AI culture is one where the leverage of data becomes routine through a combination of upskilling, governance, and technology procurement. Under such conditions, execution becomes faster by including more people in the analytics process, resulting in quicker identification of opportunities, more rapid attainment of insights, and slicker action. MAY 2022 / CXO DX

» NEWS INSIGHTS

RIVERBED UNVEILS STRATEGY TO DELIVER UNIFIED OBSERVABILITY TO CUSTOMERS The company also launched new brand identity, including new Alluvio by Riverbed brand for Unified Observability, reflecting evolution of the Company, technology, and market “This marks an exciting new chapter for Riverbed,” said Dan Smoot, Riverbed president and CEO. “We’re capitalizing on our trusted brand, the dynamic growth, and market momentum for our visibility solutions to position Riverbed as a dominant leader in the rapidly growing observability market. Through our vision to deliver a highly innovative, differentiated SaaSbased Unified Observability portfolio, we will meet an urgent customer need and disrupt the market. We are focused on helping our customers transform massive amounts of data into actionable insights, so they can drive enterprise performance and deliver exceptional digital experiences.”

Riverbed President and CEO

Riverbed unveiled a broad strategy to bring industry-leading unified observability to customers worldwide and accelerate growth. Front and center in the company’s strategy is the development of an expanded unified observability portfolio, which will unify data, insights and actions to solve one of the industry’s most daunting problems: how to provide seamless digital experiences that are high performing and secure in a hybrid world of highly distributed users and applications, exploding data and soaring IT complexity. Riverbed also launched a new brand identity, including the introduction of Alluvio by Riverbed (for Unified Observability), reflecting the evolution of the Company and technology, and strong market momentum as evidenced by over 30% year-over-year bookings growth for its visibility and observability solutions in the last three quarters.

CXO DX / MAY 2022

Alluvio by Riverbed

Leading industry and financial analysts estimate the observability market will reach approximately $19 billion in 2024. Drivers of this growth include the tectonic shifts to hybrid work and networks, multicloud environments, and modern application architectures. These shifts make it extremely difficult for IT to extract actionable insights from data and proactively manage performance using existing tools.

To address this industry challenge, Riverbed has invested and focused the company’s R&D efforts in the last year to develop technology and a unique approach to unified observability that is comprehensive, unified and easy-to-operate. Alluvio by Riverbed, the Company’s Unified Observability software portfolio, is being designed to provide IT with a unified view to see through massive complexity, and transform data into actionable insights across the entire digital ecosystem and enable automated self-healing. This will enable organizations to provide seamless digital experiences that drive enterprise performance for both the employee experience (EX) and customer experience (CX).

According to Riverbed’s Hybrid Work Global Survey, 75% of business decision-makers say their organizations struggle to glean actionable insights from data that is generated by their technology infrastructure. Furthermore, IT still relies on siloed tools to manage performance and user experience, and are overwhelmed by massive amounts of disparate data and alerts that provide little context or actionable insights.

The Alluvio by Riverbed portfolio includes Riverbed’s industry-leading visibility tools for network performance management (NPM), IT Infrastructure Monitoring (ITIM) and Digital Experience Management (DEM), which encompasses application performance management (APM) and end user experience monitoring (EUEM), that are available today and used by thousands of organizations across the world.

Observability is meant to solve these problems, but current solutions fall short, according to Riverbed. Observability tools that limit or sample data rather

Riverbed will begin a Beta for a SaaSbased Alluvio unified observability solution in May 2022, with a general release expected later this year.

Market Opportunity Data Challenge Dan Smoot

than capture everything leave IT blind to potential issues or opportunities for proactive improvement. Even so-called “full-stack” observability solutions fail to capture all relevant user, network, and application telemetry to effectively troubleshoot problems at scale for today’s complex, hybrid, and distributed infrastructures.

and

» NEWS INSIGHTS

SURVEY SHOWS SHIFTING PRIORITIES FOR IT TEAMS IN THE ERA OF HYBRID WORK IT Asset Management cited as biggest remote IT support challenge, followed by communication and collaboration ManageEngine, the enterprise IT management division of Zoho Corporation, announced the results of its survey, The State of ITSM Two Years Into the COVID-19 Pandemic, following up on a similar survey conducted in 2020 to understand the challenges the pandemic has caused for IT service teams. The latest findings indicate that organizations are grappling with a new set of problems that were not previously deemed the top priorities. • With three-fifths of the workforce now working in a hybrid mode, managing IT assets (46%) and communication and collaboration (41%) have emerged as the biggest challenges. • Both jumped to the top spots, registering a positive difference of 11% and 7%, respectively, when compared to the 2020 figures. • The most significant shift in reported challenges was a drop from 36% to 22% for securing company and client data in a distributed network. This change is likely the result of the proactive efforts of IT teams to ensure remote working risks were minimized.

Smoot “TheDan survey clearly reveals that traditional IT needs to transform President and world CEO to cater to the new realities in itselfRiverbed in the post-pandemic the workplace,” said Kumaravel Ramakrishnan, evangelist at ManageEngine. “Self-organizing teams, high-velocity workflows and a digital-first approach to customer experience are the hallmarks of new age, democratized IT. At ManageEngine, our focus is on helping customers embrace these changes and better support their users and businesses in hybrid workplaces."

Studying the 2-Year Pandemic Impact on ITSM Teams

To understand how well organizations have coped over the now two-year-long pandemic, the impact on operations and which factors have influenced success, ManageEngine surveyed 437 IT professionals globally across a range of topics in late 2021. The survey focused on seven areas as they relate to ITSM: work locations, the impact of employees working remotely, financial and asset management implications, the business view of IT, security and governance issues, third-party services and technology assistance and business continuity success levels. The survey yielded key insights that can help organizations and teams continue working efficiently and securely despite a distributed workforce. “Organizations worldwide learned invaluable lessons from the pandemic, including what’s most important to them and their end users, the importance of IT to business operations and the changes needed to meet the needs of a hybrid workforce,” said Ramakrish-

Kumaravel Ramakrishnan Evangelist, ManageEngine

nan. “ITSM teams played a critical role in ensuring that business operations continued during the pandemic, from overseeing BYOD policies and the provision of mobile assets to implementing self-service features and chatbots, investing more in business continuity planning and offering IT service delivery and support.”

Other Key Findings From the Report

• Employees are better equipped: Compared to the beginning of the pandemic, an additional 47% of organizations are now providing mobile assets to employees. • IT teams see their value rise: Fifty-two percent of respondents think IT is now viewed and treated better because of the pandemic, and another 14% think IT has always been highly regarded. • BYOD policies are still absent: Two years after workplaces were totally disrupted, 40% of organizations still do not have a BYOD policy. • User experience falls short: Thirty-four percent of organizations still do not offer users self-help capabilities, and 52% do not have chatbots. MAY 2022 / CXO DX

» INTERVIEW

EXTENDING CONNECTIVITY R

oy Verboeket, VP Systems Engineering International Markets and Maan Al-Shakarchi, Regional Director, META at Extreme Networks discuss how Extreme Networks is focused on offering scalable cloud infrastructure to extend the connectivity required to power consumer-centric experiences anywhere and everywhere.

Discuss how the concept of networking has been impacted by the advent of the hybrid and multi-cloud environments as well as edge computing? As networking professionals, we have witnessed a profound evolution of network infrastructure moving into virtualized and cloud-native architectures such that new technologies are needed to operate and monitor those systems. In a fully containerized environment, applications are spun on and off at rapid speed and they run on a highly virtualized server infrastructure. For better customer satisfaction and retention, service providers must get better visibility of their network traffic. To correlate data from anywhere in a cloud-native world is a challenge with today’s

CXO DX / MAY 2022

networks. Service providers need to monitor and analyze traffic on a per-subscriber basis to identify new value-added services and billing models while assuring high levels of service and security. Visibility of network traffic, essentially identifying data per subscriber is mission-critical. Rising volumes in network traffic are overwhelming critical monitoring tools. Elaborate on your vision of cloud-managed networking solutions? The way people work, connect, and interact has become more fluid and highly distributed, further extending the edge of the network and in turn creating what Extreme’s call the Infinite Enterprise. This has put significant strain on CIOs, network managers and IT professionals when it comes to managing these highly distributed organizations. Further, consumer demand for high speed, reliable connectivity continues to increase with the growth in digital applications. Extreme is focused on helping these organizations solve these challenges by offering scalable cloud infrastructure to extend the connectivity required to power consumer-centric experiences anywhere and everywhere. The Infinite Enterprise is built on three tenets: · Infinitely distributed connectivity enables companies to connect anybody, anywhere to any other person or application with high-quality enterprise-grade connectivity that is always present, always available and is secure and manageable. · Scalable cloud delivers the ability to orchestrate, observe, trou-

» INTERVIEW

Roy Verboeket

VP Systems Engineering International Markets, Extreme Networks

bleshoot and find data and insights in the network. The cloud brings cost-effective scale, growing as the organization grows. · Consumer-centric experience means delivering a best-in-class experience to people that consume network services. This can include knowledge workers but also teachers, students, patients, factory workers and others. Is the hybrid work environment challenging current networking and provisioning of resources to legitimate users accessing corporate networks from anywhere? There are a lot of conversations about Zero Trust Networks where authentication is performed by the application provider in the cloud. Network solutions providers like Extreme have recognized this problem and have worked to create “zero-trust” environments which prevent connected devices from functioning beyond their basic purposes. For instance, public networks may prevent Wi-Fi guests from accessing certain sites that are known to have viruses or malware. These networks may also use authorizations when onboarding new guests, so that administrators are always aware of who is logged on. Zero-trust is certainly a critical feature for large scale networks but maintaining control over every port and entryway is difficult to accomplish with manual processes. In addition, software-defined architecture such as the Extreme Campus Fabric extends to remote users providing automation and security ensuring access to legitimate applications and providing an identical sign-on experience irrespective of location.

Elaborate on your different solutions for network management. ExtremeCloud IQ and ExtremeCloud IQ - Site Engine are our two solutions for network Management. The major difference is that one is hosted from the Public Cloud with Extreme attaining security credentials such ISO 27001, 27701 and 27017. The Single Pilot license provides Essential applications such as location, IOT security, Air Defence and Guest Management. The second is the On-premise Extreme Cloud IQ SE which provides a single pane of glass for Management, Analytics and Network Access Control and is vendor agnostic and feeds information for AI\ML into the Extreme Public cloud platforms. They both share the same License mode and customers can migrate from one to the other without any Licensing implications. Discuss your solutions for securing wireless environments as well IoT infrastructure? Mobility and connectivity are important factors when we talk about wireless environments. Business users expect high-performance connectivity anywhere, anytime, on any device. Additionally, wireless IoT devices are becoming more ubiquitous in many business sectors (manufacturing, healthcare, logistics, etc.). This wave of IoT applications dramatically changes wireless networking requirements in terms of scale, traffic patterns and volumes, and security. Our ExtremeCloud IQ solution can be hosted from the Public MAY 2022 / CXO DX

» INTERVIEW Cloud with Extreme attaining security credentials such ISO 27001, 27701 and 27017. The Single Pilot license provides Essential applications such as location, IoT security, Air Defence and Guest Management. This provides granular secure connectivity and visibility of IoT devices. Wireless Traffic is further segmented and secured by the Extreme Campus Fabric and terminates all guest Wireless traffic on an external firewall. Likewise, PCI Compliant traffic can be isolated and also terminated on a Firewall, avoiding additional hardware for segmentation which is proven not to have been compromised and provide Multi-tenancy. What are the Location services that you offer all about? ExtremeLocation is a resilient and scalable cloud-based location and analytics solution offered by Extreme Networks as a subscription service, to align with enterprises' new business imperatives. ExtremeLocation provides enterprises with powerful multi-tier location services that can scale to thousands of branch sites. Our services offer a range of granular location accuracy resolution from geo-fencing to microlocationing, to address various application scenarios with extensive real-time and historical location analytics, such as new and repeat visitors, engagement times, location of associates or assets, and specifics of site or zone performance. Whether combined with Extreme's enterprise-grade wireless networking, or as an overlay with your existing network, ExtremeLocation is an easy to use cloud-based platform that can help enterprises transform their business. Backed by Extreme Network’s industry-leading global support and services, ExtremeLocation simplifies the difficult task of supporting enterprise business transformation goals by supporting the following location scenarios: · Presence/Proximity – detects visitors/associates when they arrive · Zone Tracking – Know in which zone guest/ associated assets are located · Position Tracking – Provides exact location of the customers/ associates/ assets · Engagement Engine – Proximitely based engagement Do you offer SD-WAN solutions both as appliance-based and as a service? The ExtremeCloud solution is a single subscription that includes the appliance, our Extreme Networks SD-WAN variant can be offered as just a subscription or with an appliance. We have augmented our ExtremeCloud portfolio with new SDWAN capabilities, adding more flexibility, capability, and security when connecting locations, applications, and devices. This extends Extreme’s leadership position in cloud and accelerates the company’s goal of bringing distributed connectivity, security, and cloud capabilities to customers. Elaborate on your focus in the Middle East market and the growth outlook Over the past 2 years, Extreme Networks has identified the META region as growth market. An investment plan was put in place that included the growth in both the local team as well as the distributors and channel partners to amplify our market coverage. We have

CXO DX / MAY 2022

Maan Al-Shakarchi

Regional Director, META, Extreme Networks

grown our team by 48% to pay special local attention to channel, marketing, distribution, and engineering. Last year, we announced the establishment of our regional data center in Bahrain as the first and only network provider to offer a native cloud management platform located and running within the region. With this announcement, we take another momentous step in demonstrating commitment to our customers and partners in the Middle East. According to IDC Outlook in META, the past 12 months has seen a rapid growth of cloud implementation and IT spending in the Middle East, Turkey and Africa (META) and is forecasted to grow 2.0% in 2022 to reach $92B (source: IDC). We believe this is a great opportunity now for Extreme to strengthen relationships with its META regional distributors and engaging new channel partners by clearly outlining Extreme’s unique value proposition for regional businesses. What new product/technology-related announcements can be expected in near future from Extreme Networks? Rather than launching isolated products, Extreme is working towards bringing innovative solutions to the market. For us, innovation means consistently challenging complexity because we believe no organization should be unnecessarily shackled or constrained by how their people, applications or devices connect. Simple, intuitive, and consistent is our mantra and as we boldly go forward at cloud speed, and bring new solutions and technologies to our markets, our promise is to make tomorrow’s connections better, more effortless, than today’s.

» INTERVIEW

ENABLING HAPPINESS Walaa Nader, Senior Channel & Alliance Manager META discusses how the vendor plays a key role in ensuring customer and employee satisfaction What is the channel strategy and channel focus at Nexthink? We want to build a strong partner ecosystem across the region and enhance market awareness. Our immediate focus is to revamp the channel partner ecosystem across the region and pick quality over quantity. We are looking to work with the large names in the markets, in our focus areas and countries; to deliver the message of the need to be together on the journey of digital transformation experience across all the sectors. We will focus more on the UAE, Saudi Arabia, Egypt and other countries. In Saudi Arabia, we see a significant potential in the market due to the leadership’s vision. We want to support the implementations of digital workplace in Saudi. We see that there are many enterprises and new government areas where they are very keen to enhance satisfaction in the end user experience. They care about increased satisfaction both in the work environment leading to better work productivity as well as with end users, which ultimately reflects on customer happiness. So, you will find in the airport or at premises of all the government entities, surveys via tablets at counters, asking people how happy they are with their experiences. So, Nexthink is playing a vital role with our channel partners to deliver the same message and enhance the digital end user experience in the market. The importance of the end user experience has never been highlighted as it is now. In the end, after all, it is all about the people, whether it is as end-users or as employees. Do you compete with ITSM vendors or cooperate with them? We complement with all the IT Service Management technology vendors in the region. We work with the all the big vendors to complement and automate the end user experience and so we do no compete with them. Nexthink is one-of-a-kind solution that integrates with a lot of other technology vendors to enhance the overall level of end user satisfaction. Discus your association with Solutions By STC? We work with Solutions By STC on different aspects. We are working with them as one of our core and critical managed service providers in Saudi Arabia. Nexthink is the leader in the digital employee experience and has the most market share in the region and globally. Solutions By

Walaa Nader

Senior Channel & Alliance Manager META

STC is also one of the biggest ISP players and support arm to most of the large enterprise sectors, mainly government entities in the Kingdom. They have been successful with these sectors there for many years - making it the best choice for both of us to work together. We will work with Solutions By STC on the cloud solution offering, their managed service offering, as well to all their customers - because our solution should actually be at the core of any digital transformation journey across all the enterprises. We will work with them on all segments with all sectors and across different value propositions. How does your solution focus on enhancing the digital experience of remote employees and hybrid workforce? Nexthink has played a vital role with all the changes to the new normal and remote workplace in a safe environment, ensuring productivity and accessibility from anywhere anytime. We have consolidated all the activities, including all the information, making sure all the employees can have the right access. This will ensure that they are productive remotely as much as they are from their offices. MAY 2022 / CXO DX

» COVER STORY

ENABLING AND SECURING CONNECTIVITY

Amanulla Khan, Regional Managing Director - India, Middle East, Turkey & Africa at Linksys elaborates how the networking vendor has been quite steadily making inroads into the growing opportunities in enabling networking infrastructure for remote working and Education segments

inksys has been one of the consistent top vendors in the SMB and consumer networking segment for long. The Brand that has seen its ownership change in the past, being owned by Cisco for some years and then being sold to Foxconn in 2018, has also received a strategic investment by Network security powerhouse Fortinet in the past year. That investment is to enable solutions that bring the best of networking and security functionalities to securely enable remote workforces across segments and will possibly bring forth more innovations. Linksys has been steady in delivering enterprise grade networking solutions for the mid-market and that has helped it forge close ties with partners and its customers.

Amanulla Khan Regional Managing Director - India, META, Linksys

CXO DX / MAY 2022

“We’ve always been focused on delivering premium quality solutions that are extremely easy to use to our partners. We’ve

» COVER STORY been expanding our Cloud Access Points into education, hospitality, and logistics. Retail has always been a big part of our business so we will continue to grow in that as well. An important segment that we’re focusing much of our time on is cybersecurity – making sure that employees have enterprise-grade security at home is a priority for us. The dedicated access to corporate and home networks, increased security, and workplace application optimization, the employee will not only be able to operate more efficiently, but they will be that much more effective. “ Linksys has focused on enhancing its cloud managed Access Points to enable seamless network management and connectivity for its customers, both consumers and Businesses. The vendor is exploring the option to offer networking as a subscription service for SMEs as well. Amanulla adds, “A reliable architecture is crucial to leveraging the full benefits of cloud networking. We are looking at a shift for SMEs towards a networking subscription model as they become less reliant on large infrastructures. Our Linksys Cloud Manager solution is already enabling this, so we expect more businesses to move to this model.  We’re also looking to expand into hospitals, schools and other environments that would benefit from this seamless system.” With return to near normal office working routines, a return in demand growth for networking investments in the region that may have been held back in past 2 years is very much a strong prospect. There may be upgrade opportunities for companies that may be investing in secure networking infrastructure. Amanulla adds, “While office working has returned to normal in the region, the need for enterprise grade security will always be a necessity. With the evolution of WiFi, networking and other accessible technologies, the importance of having reliable and secure connections is more crucial than ever.”

place technology as working and learning from home is now more common globally than it ever was. This leads to an increasing need for reliable infrastructures to mitigate cybersecurity risks and maintain efficiency. Businesses want to replicate corporate networks by giving their employees access to the same resources as in the office.” Fortinet and Linksys delivered its first jointly developed Enterprise Solution to support Remote and Hybrid Work in 2021 and has seen good traction in the market. Linksys HomeWRK for Business | Secured by Fortinet is built with the latest Wi-Fi 6 tri-band technology and Linksys’ Velop Intelligent Mesh software, enables high-performance, secure corporate and personal networks for users at home via a single device. Enterprise IT teams can easily distribute the provision-free hardware to employees to replace their existing home router to establish both corporate and personal networks. With a blanket of mesh WiFi coverage, employees can enjoy fast and consistent whole-home Wi-Fi connection, without worrying about a weak signal or dead spots. The focus has been on Education segment as well as Business. Amanulla adds, “Our HomeWRK For Business and Education solutions with Fortinet are being stegnthened in the global market. Given that hardware is a large part networking, it’s how we access the internet, certain routers and systems can only offer a limited number of capabilities and are not very well suited for the needs of a hybrid worker. With this solution, we can bring enterprise-grade security and superior connectivity to the home and schools. For the business segment, delivering hardware is a main component of making hybrid work models thrive, which means providing employees with the most up to date and reliable connectivity, with simple plug-and-connect devices that don’t require physical assistance from corporate IT teams to install.”

He elaborates that remote working infrastructure will be in continued demand as well because a hybrid work model is also very much in demand.

Partners have been the forte of Linksys and the vendor continues to forge stronger ties with those channel partners who have strong reach into the SME segment accounts. Linksys has been able to strengthen its focus on the SME segment through its partners and intends to target larger enterprises.

“The focus on hybrid work solutions is here to stay. Enterprise-at-home is becoming a significant step in the evolution of work-

“We have always had great relationships with SMEs which we will continue to grow through offering the cloud managed access

points (Linksys Cloud Manager), switches, and routers. This segment has grown for us at a steady pace so we will continue to add solutions to meet these demands. We plan to recruit more SMEs whilst sharing our knowledge of our solutions and technology through training programmes. With our newly solidified partnership with Fortinet, we are now able to offer secure networks and expect our Linksys HomeWRK for Business solution to be well-received by large enterprises as the need to replicate corporate networks at home increases,” says Aman. WiFi 6 solutions are a key focus for Linksys now as the demand starts growing. “Now that WiFi 6 is becoming the norm across the world, our aim is to provide premium solutions to our partners so that they in turn, can offer seamless and reliable connectivity to their audiences. The WiFi 6 standard is faster and more flexible in terms of what can be done.” Amanulla adds that going ahead, he expects more traction in adoption of 6E and Mesh technologies and accordingly the vendor will roll out more products catering to this demand. He also expects demand Gerstenberger growth Volker to pick up in the retail segment as Director they expand theirGlobal reachMarketing and would need roUtimaco bust WiFi networks. “Improving accessibility to WiFi in the region has been one of our top priorities. In terms of technology, we expect 6E and Mesh to be more commonly adopted amongst consumers and our product roadmap will reflect that demand. We expect the same for 5G as it becomes more accessible to the mass market through ISP infrastructures being setup across the country. In relation to our business initiatives, we expect retail to expand their online presence in the region, which will demand more reliable networks. ISPs are on their way to offering higher-end solutions and Mesh WiFi products as the demand for higher speeds and efficient networking grows” With a hybrid work model continuing to be a strong growth segment, Linksys is well positioned to target the expected growth from companies that will look to upgrade their WiFi infrastructure as well as continue to roll out solutions in partnership with Fortinet that secure and offer seamless connectivity to the growing remote workforce. MAY 2022 / CXO DX

» INTERVIEW

CHAMPIONING THE SUSTAINABILITY AGENDA Stephen Keys, Regional President of APJ and MEA at IFS is a passionate champion for corporate social responsibility (CSR), personally overseeing a number of global programs aimed at helping the local community in which IFS operates, including the IFS Foundation, which was launched in 2019 with goal of breaking the poverty cycle and improve living conditions in remote and rural parts of Sri Lanka. He shares the company’s focus on these programs and in its solutions

Tell us about the roles you oversee and the CSR focus? I wear two hats at IFS. I'm responsible for our commercial operations across Asia, Pacific, Japan, Middle East and Africa. And the other hat I wear is of an executive sponsor for our corporate social responsibility program. We have a three-year plan in terms of our vision, and initiatives that really focuses across three main areas. The first area is our own business, about what are we doing internally? The second is how do we help our customers businesses become more sustainable? And the third thing is really, how do we get a share of voice across the industry at large? So, first things first, in our own business, several programs are underway. We have scholarship programs. We have an education program, encouraging people to develop STEM skills, that they'll need to go on and create opportunity, and hopefully contribute more meaningfully to society over their careers. We have a goal to achieve carbon neutrality as an organization, by focusing on reducing car fleet, moving to better office infrastructure, moving applications to the cloud and so on. We have established the IFS Foundation to help break the poverty cycle in remote parts of Sri Lanka, where about a third of our global workforce is based. We

CXO DX / MAY 2022

think it's a great way of giving something back to that community that serves us so well. Elaborate on your focus on Sri Lanka as a hub? We have most of our research and development, global support, offshore delivery capability, all based in Colombo where nearly a third of staff is there. That was the reason we chose to create and truly focus the IFS foundation on Sri Lanka as a way of saying thank you to the staff there. This is also a way to give back to that community that serves us well. There is endemic poverty in remote rural areas over there, and we felt we could have a real impact if we concentrated our global fundraising activity in one area. Discuss your focus on sustainability through programs and your solutions focus? We have several other programs, and these include volunteer days, diversity, inclusion, maximum physical well-being programs that round out our own internal business commitment to our customers business. Our enterprise software, whether that's ERP, Enterprise Asset Management or Field Services Management, that capability is often at the heart of the pro-

cesses and systems that will be involved in the industries that we serve. If we can continue to develop and deliver software that helps customers produce productivity gains, efficiency, dividends, that is also going to translate into attainment of sustainability goals. We have made a very conscious choice of building up products to be more easily accessible and consumable in the cloud. And we've done some research that shows adopting IFS Cloud in the cloud, is about 71 to 79 percent more energy efficient than putting it into a data center. So, we are encouraging more of our customers to adopt the Cloud and share in that efficiency dividend from an energy consumption perspective. There are other ways that we support our customers, businesses, such as our own Change For Good awards program. When customers are doing cool things themselves around the sustainability agenda, we promote them, and we let people know about that. Yes, there's an IFS brand association, but the larger goal is about celebrating sustainability. And then finally, we've released a freemium application called the IFS Cloud sustainability hub, which helps our customers to monitor, track and report on their sustainability initiatives. We have a patron for our sus-

» INTERVIEW see many organizations responding to the sustainability challenge, because of consumer sentiment. You think about the supply chain all the way right through to the consumer, it is often the consumer that is making conscious buying choices, based on organization sustainability. Even beyond that, there are other imperatives as well. There is the moral imperative, of course and there's a recognition that there are more than just shareholders or stakeholders in an organization. We've had banks offering us lines of credit, where the terms of those lines of credit are better if we can write our sustainability agenda, and if we can't, but there's a problem.

Stephen Keys

Regional President, APJ and MEA at IFS

tainability initiatives; Lewis Pugh, the United Nations Patron of the Oceans. We have him as our Sustainability Ambassador, and we have him involved in a number of public events and programs. How does moving to the cloud help sustainability objectives since all data still need to reside in datacentres? It's not necessarily about some huge technological breakthrough, it is just a simple efficiency, dividend. There is a recognition though, that sometimes you must put the work in to extend the window of opportunity for us to find other sources of innovation. And according to research, if shifting to the cloud shows 71 to 79% reduction in the energy footprint, that creates an extended window to be able to then look for other sources of technology breakthrough that might then drive that next level of innovation. If you are smart about where you put those data centers, you can use natural thermal sources for cooling for instance. There are several things that you can do to reduce energy footprint. For organizations, obviously, one of the dilemmas is taking this sustainability goals together with profitability goals in mind. Can you elaborate on how this

works out for organizations? I firmly believe that profitability and sustainability can go hand in hand. Sometimes it's just about extending the window to allow innovations to occur that helps meet both objectives. For instance, we have a partnership between Rolls Royce wherein IFS provides data connectivity from airlines to Rolls Royce in terms of the way in which planes are performing up in the air. And we can use that to help Rolls Royce in their design and support maintenance of the engines. That helps them stay up in the air for longer and so they can run more efficiently. They require less time in maintenance, repair, and overhaul. That is a window extension and for Rolls Royce it is a business opportunity they market as a point of differentiation. And there is a sustainability improvement, as those engines, by default are more sustainable than they previously were. So, a tick on both sides of the ledger. How do you take this message through your ecosystem of partners to customers? How much leverage does sustainability focus offer to companies? When you think about the supply chain, one of the interesting observations is, we

Sustainability is great to speak about. The problem is that there are so many different standards out there. So how do we report and govern those standards? For me, that's one of the reasons why we realized that IFS Cloud Sustainability Hub was that recognition that we think we can play a significant role as an enterprise software vendor in helping companies achieve efficiency, dividends, and sustainability targets, through our core software that we bring to market. But we also want to help organizations report on that ESG and kind of cut through the complexity. You think about capturing financial and non-financial ESG data. And it's not just within your own organization, you think about something about the footprint here of different reporting tools that you've got, you've got your own footprint, office infrastructure, car fleets, which are probably the more obvious ones. You've got energy consumption. But then what about your supply chains? What about the sustainability challenges in the energy company consumption outside of your own organization? It's hard. For us, the IFS Cloud Sustainability Hub, was an application we have built outside of our core enterprise applications that we have made available through Microsoft Teams. It's a download freemium app to make it easy for people to report on that. The idea being that it is how we can contribute to a broader industry taking sustainability more seriously and beginning to demonstrate what they are doing and to capture that. We are trying to make governance and reporting of a complex task a little easier. MAY 2022 / CXO DX

» CIO OUTLOOK

A RETURN TO NORMAL While offices are now working to near full strength, Businesses have the advantage of leveraging all new technologies invested in for enabling better collaboration as required and the flexibility to cater to the requirement of their business and staff for a hybrid work model

With the worst of the pandemic days behind us, offices are now back to near normal functioning across sectors. Mario Foster, Group Chief Information Officer at Al Naboodah Group Enterprises agrees with the point of view that Remote work pressures are seemingly easing off now with most staff returning to work as before. He adds, “As a matter of fact, other than our permanently placed remote IT staff, we have returned to office long time back, around June 2021. In healthcare, one of the frontline segments, there were always constraints to remote working for many roles. But still there were a percentage of staff working remotely. Jaleel Rahiman, Director ‑ IT & PRIME Digital at PRIME HEALTHCARE GROUP LLC says, “Remote work pressure has eased off because most staff have returned to work and because organisations and employees have realised and accepted that work from home doesn't mean 24x7 available. Moreover, in healthcare organisation majority of the employees being frontline workers, didn't have the option of working from home, except for doctors doing telehealth.” Working on remote basis has helped the workforce adopt digital tools and that increased digital savviness should perhaps enhance their productivity at their workplaces. Sumith Poolappan, Head – IT Operations, Strategy & Governance at Fly Dubai says, “Most staff have returned back to work and the work style has seemingly returned back to normal with little to no work from home. The only difference now is that the staff use digital collaboration tools much more than they used to in the past.”

Mario Foster

Group CIO, Al Naboodah Group Enterprises

CXO DX / MAY 2022

However, the learning curve during the lockdown periods will help companies to be prepared for unforeseen eventualities. And companies have embraced the possibility of flexible work models, at least for several roles. Gigi Mathew Thomas, Group Head – IT & Digital Transformation, Ittihad International Investment LLC says, “I would agree remote work pressures are seemingly easing off, however I must

» CIO OUTLOOK

also ascertain that, it is in the comfort of the knowledge that companies are now better prepared than ever to operate in a remote environment, if the need arises. There has been a change of mindset with more company managements now being more open to the fact of remote working and acknowledging that high levels of productivity can be attained despite this model.” Mario Foster says that the Al Naboodah Group was always almost ready in terms of enabling workers to work on remote basis as was required during the lockdown although now most are working from the office itself. “For Al Naboodah Group, other than increasing the bandwidth of our internet Leased Line on a temporary basis, we did not need to do any investment in our IT infrastructure technology to enable our employees to work remotely.” Jaleel says that work from home is never advisable on a permanent basis and a hybrid model fosters better camaraderie and sense of belonging towards organizations. “It is better to have a hybrid model, as work from home is not a permanent solution, it takes away the benefits of water cooler talk. Moreover, face to face interaction is essential for better team performance.” Several of the arrangements and investments done in terms of technologies and infrastructure for enabling remote work will stay on. They make the organizations geared up to enabled hybrid work models at any point in time as the Business requires. “The arrangements and investments that were done for enabling remote work are all very much in place. Those tools and technologies now allow Business units the flexibility to cater to the requirement of their business and staff. For example working from remote sites is possible by just having an internet connection and Wi-Fi connectivity, whereas in the past, the entire office had to be cabled along with security and networking devices installed, tested and operational before teams could work. This also cut down on costs have and streamlined the way staff work from global remote sites,” says Sumith. Gigi says, “Investments done on technologies to provision remote work will go a long way. To top it off, companies are in a better position of readiness, if at all a situation arises where there is a need to facilitate remote working. Above this and along with the adoption of cloud and hybrid architectures facilitate better collaboration between staggered offices and project locations. This has also enabled companies to look at diversifying their operations across boundaries. For eg, IT heldesk, application support, financial and back-office services are now all able to operate in a hybrid or even a semi offshore mode bringing significant savings to companies which were not identified earlier.”

Jaleel Rahiman

Director ‑ IT & PRIME Digital, Prime Healthcare Group

Jesper Andersen CEO of Infoblox

Technology has been a saviour during the dark days of the lockdown and those core technologies that enable secure infrastructure for remote workforce continue to be a key advantage. Many companies invested in several new technologies that were key to a much-needed transformation. Mario says, “Absolutely, technologies supported all type of businesses; in our case, Cisco VPN and Citrix Xen App were the two key technologies we have had before Covid, and fully depended on them during Covid-19 peak time, and they were up to the expectations. Our strategy has always been a Hybrid Infrastructure Model, and it will stay like that, where we have a combination of a public cloud from multiple vendors, and a private cloud from Nutanix.” Indeed, several leading organizations were partially or almost ready to face the challenges thrown up by the lockdowns. That is also because the need for digital transformation was already being seen. Sumith says, “From a strategic perspective we had already done some good work before the pandemic in the remote and hybrid work area. This came about as we had some mission critical business units whose entire Business Continuity planning involved MAY 2022 / CXO DX

» CIO OUTLOOK

Gigi Mathew Thomas

Group Head – IT & Digital Transformation, Ittihad International Investment

moving all their entire staff to other sites in case of a disaster. So we worked with that requirement with a vision to enable business units to work safely and securely from anywhere, at any time as long as they had a company provided laptop and internet access. Some of the key technologies that helped with this are SD Wan, secure remote VPN gateways and end point connection tools, SASE tools like Cisco Umbrella and ZScaler, EDR tools as well as end point remote patching and compliance tools.

Sumith Poolappan

Head – IT Operations, Strategy & Governance, Fly Dubai

tion. All the hyperscalers have been preparing since years for the clould adoption, and the same trend could be mentioned about leading application houses.” Whatever resistance was there to digital transformation was perhaps swept away by the pandemic and Businesses and Business models are now on a constant churn towards embracing newer directions, with technologies giving a helping hand.

Jaleel mentions that the accelerated adoption of cloud-based services was significant during the transition as they offered a distinctive advantage to getting new tools in place swiftly. “Cloud based collaboration tools have the most effective for these transitions. The tools and ways of working don't really change whether one is on premise or remote. PRIME Health was one of the early adopters of MS Teams even before the pandemic, which enabled us to switch easily remote working while maintaining collaborative working.” Gigi says that Technologies have been very support and effective in enabling businesses to transition from the legacy mode to the new mode of operations. “Whilst we can all agree that COVID 19 did accelerate the adoption of cloud and hybrid architectures, it must be well noted that many of the businesses had already been on path of cloud adop-

CXO DX / MAY 2022

“The arrangements and investments that were done for enabling remote work are all very much in place. Those tools and technologies now allow Business units the flexibility to cater to the requirement of their business and staff."

» CISO OUTLOOK

INDISPENSABLE ROLE OF CYBER HYGIENE Jeevan Badigari, Head of cybersecurity and governance at DAMAC, talks to CXO DX on securing the digital transformation journey. customers from scams while ensuring brand integrity and maximizing customer engagement.

Jeevan Badigari

Head of cybersecurity and governance at DAMAC

Digital transformation is said to impact industries differently. How did it affect DAMAC in terms of cybersecurity and governance? Enabling digital transformation comes with risks, especially when more and more customer-facing services are becoming digital and multi-channel with increased data. DAMAC is a reputed brand, and the public attack surface is significant, whether it is domains, email accounts, social media, mobile apps, or the deep and dark web. In all of these, we see several impersonation attacks constantly. Since real estate agents are attracting customers and capturing leads through online channels and promotions – this adds greater risk with the rise of fake websites and phishing domains and fake mobile apps targeting customers. What was your go-to strategy for managing cyber risk during the digital transformation journey? Given this need, DAMAC Infosec team has adopted a robust cloud-based digital risk protection platform with active cyber threat intelligence that monitors DAMAC and associated brands on the surface web, deep and dark web. It has already taken down several impersonating websites, fake mobile apps, and many social media pages. Some of these fraudulent websites were well run with SEO, attracting significant web traffic, as much as 150k visitors monthly. By gaining visibility into channels that were previously blind spots for us, the intelligence obtained from monitoring brand-associated risks and remediating them helps us prevent loss of revenue to bad actors online. As a result, it ultimately protects our

CXO DX / MAY 2022

Apart from this, internally engaging in cybersecurity discussions at the requirements stage in every transformation program, ensuring critical controls are implemented, monitoring and validating the effectiveness throughout the digital transformation, and maintaining an internal trust factor go a long way in addressing the risks. What is the importance of ‘cyber hygiene during the digital transformation journey? Cyber Hygiene plays an indispensable role for any organization, especially during the digital transformation journey. Many systems, applications, and technology landscapes are changing, and ensuring the essential controls are intact and effective is the need of the hour. Cyber hygiene refers to must-have, no brainer controls, lack of which are the root cause of most cyber-attacks. Drawing parallels to the real-world scenario, cyber hygiene controls such as patching, hardening, and managing privileges are like washing hands, maintaining social distancing, and getting vaccinated. Although they don’t provide a complete cure, they do reduce a significant amount of risk What are the steps to follow to adopt cyber hygiene in the workplace? Lack of Cyber hygiene affects organizations of any size. Trivial problems such as open S3 bucket in AWS, unpatched servers, use of legacy protocols, misconfigurations, dormant accounts, etc., are some of the examples. Last year about the same time, a hack that caused the largest fuel pipeline in the United States to go offline led to a shortage across the country, which eventually led to the president declaring a national emergency resulting from a single compromised breach. One should start adopting a cyber hygiene improvement journey with a broader mindset and holistic approach. Thankfully, there are already vendor-neutral industry best practices available such as CIS controls which comprise 153 safeguards; by only implementing 56, which are part of IG1 (Implementation Group 1), it is possible to reduce as much as 85% of risks.

» CISO OUTLOOK

THE FOCUS ON ZERO TRUST Abdelmajed Ahmed Saeed Fadol, Cybersecurity Manager, MEDGULF gives a glimpse into the cybersecurity landscape of Saudi Arabia to CXO DX How has the cybersecurity landscape changed in the last 2 years? COVID-19 changed the mindset of the world. The game has changed and people are experimenting new ways to deliver services virtually. This has accelerated several digital trends that have underline the need for a Zero Trust model. There is an increased use of mobile apps for delivery services like Amazon, Noon etc. There is more usage of government apps for communication and reporting like Twakalna, Sahety, Taboud etc. Corporates are enabling remote working in turn updating devices and enhancing security with solutions like SIEM monitoring for instance. Remote working has also been a major reason for adopting zero trust security in many enterprises. Zero Trust model is most preferred as it reduces network risk to minimum and isolate/prevent attacker from extensive damage to the network. An increase in cloud solutions has also been seen as administrations transitioned to remote working. All of these have made a major impact on the technology landscape in the past 2 years. With the deployment of the remote/ hybrid workforce, cybersecurity challenges are said to be on a rise. What were the challenges you faced and how did you tackle them? Many organizations exposed their infrastructure to cope with new changes such as remote /hybrid working. There were challenges that arose because of it and there is a need to tackle those challenges with several approaches. Monitoring the infrastructure has been a key challenge and it is therefore important to raise the red flag in SOC monitoring and strengthen incident responses to minimize the risk. There is a need to use zero trust solutions to secure network segments. Vulnerability monitoring is necessary for the network especially remote devices as is penetration testing. There is the urgent need to enhance the cybersecurity cover with increased use of cloud solutions. Elaborate on the requirement of enhancing security with cloud adoption. The best way is to follow framework i.e CCC cloud computing controls from NCA or using audit. A cloud audit is a periodic examination an organization does to assess and document its cloud vendor's performance. The goal of such an audit is to see how well a cloud vendor is doing in meeting a set of established con-

Abdelmajed Ahmed Saeed Fadol Cybersecurity Manager, MEDGULF

trols and best practices. Using Certificate Cloud Audit Knowledge credential for cloud auditing is most popular that you review your cloud security, in addition to other i.e PC-DSS if payments are used or ISO 27001 controls. What is your focus for this year? This year, our IT security agenda focuses on securing remote working, zero trust and cloud computing. We are also planning on increasing the cybersecurity measures in areas by following a few steps like: • Proactive way: investing in Monitoring solutions SOC and zero trust solutions, and cloud security • Reactive way: Implementing incident response In addition, it is also in the agenda to implement local and international frameworks. MAY 2022 / CXO DX

» COLUMN

MEETING THE CYBERSECURITY JOBS CHALLENGE

The cybersecurity industry needs to act now and address skill shortages by leveraging technology to help manage work, increase productivity, and reduce burnout write Allen McNaughton, Systems Engineering Director for Infoblox Public Sector

t’s no secret that the cybersecurity industry is in something of a talent crisis. The need for cybersecurity experts greatly outpaces the supply.

These professionals underpin the security and integrity of networks and data, manage a company’s security stack, and have the skills to identify, react to and remediate security risks. Over the past year, this talent pool has faced unprecedented demands as the pandemic forced understaffed cybersecurity teams to extend security to cover the blending of corporate and home technologies as millions of employees worked remotely—all while adjusting to the challenges of remote work themselves. To compound these difficulties, malicious actors have pounced, preying on these new work arrangements, hastily set-up network architectures, and fears of the pandemic to launch a growing number of cyber-attacks.

CXO DX / MAY 2022

» COLUMN All of this has culminated in a cybersecurity workforce that is stretched out, overburdened, and burnt out. The novelty of this situation has forced organizations to rethink how they attract talent, train employees, and educate those inside and outside the organization to better understand the different threats they face. Organizations are raising pay, recruiting from underserved communities, and making cybersecurity careers more accessible to students without a traditional degree. These solutions are helping but not filling the entire gap. This challenge did not arise overnight and will require long-term strategic thinking to overcome. And unfortunately, time is a luxury. Malicious actors are not good sports, waiting for the cybersecurity community to transform itself before launching an attack. The cybersecurity industry needs to act now and follow the lead of the fast food industry and small businesses that have addressed skill shortages by leveraging technology to help manage work, increase productivity, and reduce burnout. Here’s how: First, look for technology solutions that prioritize automation. Technology that automates lower-order tasks is relatively easy to deploy, frees up workers’ valuable time and also removes the potential for any human error combing through different risks.

Allen McNaughton

Systems Engineering Director for Infoblox Public Sector

Second, recognize the power of context. In cybersecurity, context can help workers better understand the threats they face and enable them to make better, more accurate, and faster decisions. Not all threats are the same, so it’s important that context follows automation so that security teams do not waste hours chasing down the most basic of threats that can easily be remediated via technology. Third, look for technology solutions that leverage the expertise you already have. While context is key for understanding a single threat, it’s also valuable for cybersecurity teams who need to make decisions about which threats to prioritize. Workflow prioritization can help identify and remediate the most dangerous, time-consuming threats instead of randomly remediating threats based on when they’re discovered. Many solutions already exist that can provide this kind of automation, orchestration and context. For example, if you are monitoring the DNS traffic of your network and your DNS Firewall blocks a request to a malicious site, solutions that can automatically trigger a response to the Network Access Control system to quarantine that user into a sandbox until it can be further researched by an analyst can dramatically reduce the time and effort needed to track down and isolate infected devices. At the same

time, systems that automatically send additional context about that user and the request (Who is the user? What kind of machine are they using? Where was the request sent?) to the analyst can give them a head start into researching and ultimately mitigating the threat. Vulnerability scanners are also a point of note. Oftentimes, they only scan networks at a given interval (once a day, week, or even month. Yes, monthly scans are a thing). Organizations can quickly, easily, and automatically improve their security posture by scanning a device as soon as it connects to the network by leveraging an orchestration flow where the DHCP server automatically identifies the new machine and triggers the scan. These and other technology solutions that leverage automation, context, and the skills your team already has are not merely a bridge between now and a fully-staffed cybersecurity industry of the future. They are a critical part of a robust cybersecurity platform today, one that both improves network security and extends the capabilities of the team you already have. MAY 2022 / CXO DX

» COLUMN

THREE PILLARS THE CHANNEL NEEDS TO FOCUS ON Cloud, security, and containers should be key focus for the channel writes Kinda Baydoun, Manager of Channels & Distribution - Middle East, Veeam Software There is a clear wave of optimism as I interact with our Veeam partners, as most agree that this year is shaping up to be a year of not just recovery but of acceleration and innovation. During our recent Middle East ProPartner Summit in Dubai, we saw signs of healthy IT budgets and more focus on investing and adding more skills to their workforce to adapt quickly to key IT trends. There are three key trends that I believe will shape the Enterprise IT landscape this year and beyond. They consist of three distinct pillars: Cloud, Security and Containers. Businesses need to have a good understanding of what cloud brings to an organization and why it is important. Secondly, before the pandemic, we had a centralized office where employees were all in one place. With

CXO DX / MAY 2022

decentralization now, the boundaries of the organization have become invisible. Data is all over, necessitating a need for a comprehensive security strategy to safeguard all entry points. Modern Data Protection and management technologies will be a number one priority for CIOs and IT managers to combat the increasing incidence of cyberattacks, including ransomware that has huge negative ramifications for organizations. And finally, we see an increased interest in Kubernetes as a critical piece of an enterprise’s cloud infrastructure. This has created a new area around container-native data protection that needs addressing. The adoption of remote work and e-commerce had been already growing at a fast pace in the last few years. The Covid pandem-

» COLUMN ic lockdown restrictions worldwide ended up highly accelerating their adoption. These trends created expectations that “a new normal” will include hybrid work environments and continued e-commerce growth. The IT Channel industry will continue to play a major role in supporting customers from different segments manage this “new normal” by providing the technology and all related consultancy and professional services. Cloud adoption continues to be one of the key trends, as partners are racing to having their operations “cloud-ready” to capture the high potential of this market. The adoption of cloud is accelerating in the Middle East, fuelled by the pandemic, government spending on smart cities and public sector projects, and the availability of an expanding range of data centre and managed services options to support enterprise adoption of emerging technologies. With the acceleration of cloud adoption which is supporting Artificial Intelligence (AI) and Internet of Things (IoT)-managed environments, ransomware becomes one of the major threats to any organization’s data security. The Veeam Data Protection Trends Report 2022 shows that 86% of UAE organizations and 84% of Saudi organizations suffered ransomware attacks, making cyber-attacks one of the single biggest causes of downtime for the second consecutive year. Channel partners across the Middle East need to take cognizance of this trend and its critical impact on their customer’s digital transformation agenda. This is a big opportunity for partners to align with best-of-breed vendors in the Modern Data Protection space as well as build skills around a wide range of security solutions in order to help customers tackle security challenges in the new era of a hybrid workplace. Besides Cloud, Security and Containers, I also believe that the channel should keep a close eye on AI technologies. AI is already transforming numerous industries for the better. Fields as varied as healthcare, education and public safety are leveraging artificial intelligence to automate some processes and optimize others, allowing humans to spend more time on their most meaningful work and less time managing rote tasks. In the near future we will see AI and automation capable of filling positions in other hard-hit sectors like the finance, healthcare, legal and software industries. AI is also poised to transform data management. In this space, true innovation isn’t just about capturing more data—it’s about having it always available, responding to it and separating the signal from the noise in order to improve processes and drive better business decisions. In order to grab a piece of the ‘AI pie’, channel partners need to align with vendors that have a strong value proposition and technologies with established use cases that meet the specific needs of regional enterprises. A challenge that continues to plague the channel is the incidence of limited skills in the market which can be attributed to the actual lack of manpower. Most resellers have one or two technical resources that are certified on 3 or 4 different technologies. This puts a strain on resources and compromises the level of service that the resellers can offer as they may not have sufficient band-

Kinda Baydoun

Manager of Channels & Distribution Middle East, Veeam Software

width. Channel partners can develop talent within their teams by investing in their vendor partner’s training and certification programmes. For example, we encourage our resellers to invest in the Veeam Certified Engineer Training which is accessible through Veeam’s Authorised Training Centres (ATCs) in the Middle East region. It’s very important for vendors/ distributors and resellers to be in constant dialogue so that vendors/ distributors can understand the skills gap and run regular training programmes to plug that gap. It is important to create a training/ certification calendar and give resellers advance notice so that they can plan their work schedules accordingly so as to be able to attend these programmes. Finally, it is important for channel partners to streamline their go-to-market strategies ensuring they are simple yet effective, evaluate their client base and properly account plan/map their clients to understand their existing wallet share and then plan to grow this. It is also important to ensure that their business plan is adaptable to the current market trends which are changing quarter by quarter. There are channel partners that maintain a business model which served them well five years ago, but they have not adapted to the current challenges/ opportunities. MAY 2022 / CXO DX

» COLUMN

WHY ARE CYBERCRIMINALS INCREASING THEIR FOCUS ON MOBILE DEVICES? Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East discusses concerning developments in the mobile threat landscape A survey carried out in the last year revealed that almost half (49%) of organizations worldwide are unable to detect an attack or breach on employee-owned devices. At a time when workforces around the world are becoming increasingly distributed, there’s a genuine risk that the mobile arena could soon become the new corporate cybersecurity battleground. From mobile spyware that can assume complete control of iOS and Android devices via zero-click exploits, to trojans deployed via malicious apps that can harvest users’ credentials, organizations have never been more at risk from mobile threats. What’s more, any notion that hybrid working and a BYOD (bring your own device) culture were simply part of a temporary response to the COVID-19 pandemic can now also be laid to rest. In data published as recently as February 2022, Statista reported that 30% of the world’s workforce now work exclusively from home. The same survey indicated that around 60% of companies are now actively facilitating hybrid working, giving their employees the freedom to choose where they log on. But how many of these organizations are fully prepared for the security demands of a truly mobile workforce? As outlined in our 2022 Security Report, the number of weekly cyberattacks on corporate networks peaked at an average of 900 attacks per organization in Q4 2021. Across the entire year, we recorded a staggering 50% increase in weekly attacks from 2020. Far from being a coincidence, it’s more likely that cybercriminals are simply taking advantage of the expanding mobile ecosystem that organizations worldwide now occupy.

The emerging mobile threat

We’ve seen some concerning developments in the mobile threat landscape throughout the past year. Our report referenced NSO’s Pegasus, notorious for its ability to gain full control of iOS and Android devices via an elaborate zero-click exploit. NSO, the group responsible for the spyware, is currently one of the

CXO DX / MAY 2022

highest-profile vendors of “access-as-a-service” malware, selling packaged hacking solutions that enable affiliate threat actor groups to target mobile devices without the need for homegrown resources. In 2019, Pegasus was used to leverage WhatsApp and infect more than 1,400 user devices, from senior government officials to journalists and even human rights activists. More recently, in 2021, it was widely reported that Pegasus had been used to target the mobile devices of more than 50,000 devices around the world, including those of high-level business executives. Pegasus is noted for its sophisticated infection and data exfiltration capabilities, and as such we think it’s likely to inspire similar malware threats. As mentioned in our report, a Macedonian-based group has already created the Predator spyware in Pegasus’ wake, designed to infect target devices via single-click links sent over WhatsApp. Both Pegasus and Predator are representative of a general shift toward social media and messaging apps as a way to steal credentials and infiltrate corporate networks. In August 2021, an Android trojan known as FlyTrap was found to have compromised more than 10,000 Facebook accounts across more than a hundred countries. Not long after, a fraudulent version of WhatsApp designed to deliver the Triada banking trojan made its way onto the Android store, putting thousands of devices at risk. Toward the end of the year, in November, a new malware known as MasterFred gained traction by using fake login overlays to steal credit card information from Twitter and Instagram users. These emerging mobile malware threats aren’t just designed to impact individuals; they’re designed to extort and steal data from corporate networks at a time when the lines between personal and business-owned devices are becoming increasingly blurred. WhatsApp Business launched in 2018 and already has more than 100 million users, all of them using the messaging app to exchange potentially sensitive business information. This emerging mobile threat is real, and this is most likely only the beginning.

» COLUMN SMS phishing

Another worrying trend we’ve witnessed is a rise in SMS phishing, or “Smishing” attempts. Using SMS messages as an attack vector may seem rudimentary, but as with email phishing it’s still disconcertingly effective. In our report, we noted that the FluBot botnet had made a return in 2021 despite being dismantled by authorities earlier in the year. It spread convincing security update warnings, parcel delivery alerts and voicemail notifications to users that, if they clicked on the link, would infect their device. UltimaSMS also launched in 2021, a widespread SMS scam that leveraged more than 150 apps on the Google Play Store to sign victims up to a “premium” SMS subscription service without their knowledge, stealing money and additional access privileges as a result. With an increasing number of users bringing their smartphones to work or using their smartphones at home to access work-based information, the risk caused by Smishing - or any phishing campaign for that matter - cannot be ignored.

Banking and mobile malware

The banking malware landscape has been a hive of activity for years now, dominated by adaptive, difficult-to-detect malware families that extort business and harvest financial information. Trickbot rose from second place to become the most prevalent banking trojan in 2021, responsible for nearly a third (30%) of all global incidents according to our own research. Trickbot is incredibly versatile and uses sophisticated techniques such as anti-analysis to get around the defenses of financial and technology companies, including those that deal in cryptocurrency. Qbot and Dridex are two other prominent banking trojans that exhibit botnet-like features, used by ransomware campaigns to drop malware onto infected devices. Dridex was even among the first malware to be distributed via the Log4j vulnerability that put countless businesses at risk toward the end of 2021. In September 2021, we uncovered a wave of malicious Android applications that targeted the PIX payment system and its mobile banking apps. These applications abused Android’s Accessibility Services (AAS) in order to siphon money from PIX transactions while remaining largely undetected. This was yet another incident that we expect to inspire further similar moves from other threat actors within the mobile banking space - not good news for a generation of accountants, c-suite executives and business owners that are now more likely than ever to rely on mobile or remote-access banking.

How organizations can keep their guard up

From malicious apps and mobile ransomware to SMS phishing and OS exploits, the mobile threat landscape is a complex one for organizations to navigate, particularly with employee-owned devices in the equation. How can a company strike a balance between protection and privacy? What can businesses do about devices that are inherently vulnerable? Aren’t MDM (mobile device management) solutions enough to keep company data safe?

Ram Narayanan

Country Manager at Check Point Software Technologies, ME.

The difficulty with mobile devices is that they’re vulnerable to several attack vectors, including the application, network and OS layers. If an organization wants to proactively guard against mobile malware instead of simply reacting to infections as they occur, it needs more than the basic level of monitoring afforded by most MDM solutions. Check Point’s Harmony Mobile, for instance, uses real-time threat intelligence to actively guard against zero-day phishing campaigns, and URL filtering to block access to known malicious websites from any browser. It also enforces conditional access, ensuring that if any device does become infected it will be unable to access corporate applications and data. Harmony Mobile achieves all of this - and more - without disrupting employees or hampering their productivity. As our mobile ecosystem continues to expand, the attack surface area available to threat actors will expand right along with it. It’s never been clearer that mobile security is no longer an option for businesses. Instead, they should be looking to broaden their capabilities while taking a more holistic approach to guarding their increasingly distributed endpoints. MAY 2022 / CXO DX

» COLUMN

FSOs IN THE DIGITAL ECONOMY Ricardo Ferreira, EMEA Field CISO at Fortinet discusses the balancing act of financial organizations to compete in a technology-driven world

igital acceleration is impacting how we work, live, and consume services. In addition, the digital evolution of Financial Services Organizations (FSOs) raises essential questions about the future of banking. One looming concern is how FSOs will compete against fintechs, including addressing the need for innovation to improve customer experience.

Adapt to changing times

The top three strategic areas outlined in the IDC Infobrief, sponsored by Fortinet, Accelerating Transformation Through Cybersecurity in Financial Services,* highlight the core priorities for financial institutions: Trust, Security, and Resilience. So, the question is, how can FSOs lead and win through innovation while ensuring that risks do not overwhelm a traditionally risk-averse industry? Many FSOs have begun adopting new digital business models to help them thrive in a digital-first economy. These include prioritizing investments in key areas such as data-driven security, legacy modernization, and personalized and contextual customer experiences. But for these business models to work, they will need to rely on data, analytics, and cloud platforms. So, when we ask, “what does success look like for the future-ready bank?” we see three major themes: • Automation and cost reduction: Au-

CXO DX / MAY 2022

tomation, managed services, and cloud platforms will enable FSOs to innovate faster. Automation allows business units to integrate with the rest of the organization, build self-service, and reduce manual labor costs, such as adopting Robotic Process Automation and artificial intelligence-powered chatbots to deal with insurance claims. In investment banking, robot advisors use machine learning-powered algorithms to help retail investors make better decisions. Thanks to cloud platforms and managed services, these new products and services are economically feasible because they shift traditional CapEx to activities that create more value. • Customer intelligence and centricity: New platforms provide data and analytics for anticipating customer needs and hyper-personalizing the customer journey. Customer data, such as investment patterns, can guide a robot advisor to recommend portfolio choices aligned to customer preference. Similarly, natural language processing can help an AI system quickly assess a customer's issue to redirect them to the nearest branch or get the appropriate representative involved. • New value propositions: Open banking was a massive change for banks, helping them realize the power of APIs. Building Banking as a Service (BaaS) has allowed them to develop new services and create stronger partnerships.

But what about the customer experience? Who is not irked when reminded of their first troubled mobile banking experience, with terrible UX and lack of integration? It’s why, when some fintechs launched their online mobile banking, it was a beacon of light in a dark room. A real-world security example that everyone might remember was the usage of biometrics for accessing online mobile banking. Big brands took a long time to adopt it, and while it might seem trivial from a UX perspective, it’s leaps and bounds towards progress. Today, traditional brands regularly launch products that emulate offerings from nimbler fintech organizations. The lesson is clear: to gain a competitive advantage, banks must focus on creating a fast, intuitive, and seamless customer experience. Are clouds grey in banking? These business models require the accelerated consumption of new platforms, such as cloud computing. Financial organizations must understand they can create differentiated value and increase competitiveness by using the cloud to increase their speed of innovation and accelerate the go-to-market of new services and products. Cloud platforms also serve as a bridge to modernize financial organization work-

» COLUMN loads. CIOs want to migrate workloads cohesively while ensuring the capabilities from their on-prem solutions are still available. Major Cloud Service Providers (CSPs) have jumped at the opportunity to integrate their environments into the same control plane.

Yes, but isn't that risky?

Regulators have flagged the concentration risk. For example, the Bank of England has highlighted it in their stability reports. The latest Financial Conduct Authority (FCA) PS21/3 rules address third-party risk and operational resilience. And the European Union has gone a big step beyond with their Digital Operational Resilience Act (DORA). All these activities and proposals are designed to address these concerns. The European Systemic Risk Board has flagged cyber as a systemic risk to the European financial system due to the increase in cyberattacks—especially in the financial industry, which is 300 times more likely to be the target of cyberattacks. The International Monetary Fund (IMF) emphasizes that cyber events propagate risk through the entire financial system via three broad transmission channels: risk concentration, risk contagion, and erosion of confidence. That is why cybersecurity is a priority as part of the EU’s "Europe fit for the digital decade" policy program. Programs such as EU-HYBNET, ACCORDION, and DORA for financial services ensure Europe works as a single entity by harmonizing requirements to increase resilience and protect citizens. What can financial organizations do about it? To start, security needs to be woven into transformation efforts to ensure that innovation and transformation are conducted securely. For this to work, security must be included from a project's inception, not as a bolt-on after a project and its services are launched. What about protecting financial assets? 55% of European financial organizations already use some form of zero-trust strategy for their authorization and authen-

Ricardo Ferreira EMEA Field CISO, Fortinet

tication. Zero-trust shifts the traditional paradigm from implicit trust for users and resources inside a static, network-based perimeter to an authentication model that focuses on users, assets, and resources. Zero-trust requires authentication and authorization to be performed every time access is granted to a specific resource. How do we address the ‘weakest link’ problem? While people are an organization’s most critical asset, they are also the primary source for data breaches and network compromise. Organizations must be prepared for a loss of control if their workforce is not educated on cyber awareness. Some large financial organizations have created partnerships with e-learning portals and vendors to provide tailored courses using nudges and financial instruments to reskill the workforce into new technologies. Similarly, financial organizations must plan to mitigate the rampant cyber-

security skills shortage, which will impact 90% of organizations by 2025, resulting in delays to the transformational journey. What can we do? Digital acceleration is essential for competing in today’s financial marketplace. However, it doesn’t come without risk. First, ensure employees are trained and reskilled in the organization's technologies. Second, share data with industry peers to learn best practices and identify potential issues. Transaction Monitoring Netherlands (TMNL) is an excellent example of transaction data sharing to mitigate Anti-Money Laundering (AML). Finally, work with vendors and partners committed to cross-vendor openness and integration. When vendors work together across the threat landscape, the sum of their products is greater than the individual parts, deepening your level of cyber protection. MAY 2022 / CXO DX

» TECHSHOW

OPTIPLEX 3000 THIN CLIENT Dell Technologies has unleashed the OptiPlex 3000 Thin Client, built with the same reliable, sustainable designs and rich ecosystem for business desktops. Available with multiple Operating System options including Dell ThinOS, Ubuntu Linux and Windows 10 IoT Enterprise, the device builds on Dell’s legacy as a pioneer in cloud client solutions and ushers in a new era of Dell thin client offerings, with the world’s most secure thin client, powered by Dell ThinOS. As customers explore new ways of working, Dell Technologies’ VDI (Virtual Desktop Infrastructure) solutions remain a critical part of Dell’s strategy, and the OptiPlex 3000 Thin Client combined with the innovative software line-up is the latest example of the evolving portfolio. Dell also continues to invest in Dell ThinOS - the most secure thin client operating system purpose-built for VDI - to enable a rich collaboration experience and easy deployment across VDI environments. Dell ThinOS combined with Wyse Management Suite helps organizations simplify and streamline IT operations

Highlights: •

•

Designed for front and back-office teams of all sizes, the OptiPlex 3000 Thin Client is compact, fan-less, highly configurable and compatible with a broad range of stands and mounts. Built with the latest N-series Intel processors, it supports up to 16GB memory and it comes with 32GB eMMC flash storage as standard, with the optional configuration of an additional 256GB of SSD storage.

•

Featuring a variety of ports, the thin client can power up to three 4K displays.

•

Like the rest of Dell’s OptiPlex portfolio, this new generation thin client supports Wi-Fi 6E technology that brings faster speeds and better performance providing instant access to digital and virtual workspaces.

KODAK ALARIS LAUNCHES S3000 MAX SERIES SCANNERS Kodak Alaris has expanded its award-winning S3000 Scanner Series with the launch of two new models, the Kodak S3120 Max and Kodak S3140 Max. Both scanners are designed to help organizations make the most of their information - faster. The scanners combine high-volume capacity with the simplicity and compact size of a desktop unit. They are ideal for document-heavy processes and make it easy to quickly and accurately convert paper-based information into business-critical data. The devices deliver exceptional image quality, superior paper protection, versatile media handling capabilities, and faster capture speeds, plus three months of onsite, next-day service and support and extended service options to ensure maximum productivity.

CXO DX / MAY 2022

» TECHSHOW

NUCLIAS CLOUD SD-WAN SECURITY GATEWAY DBG-2000

Powerful and enduring multi-aspect protection for SMB cloud networks that keeps the network and users securer on all fronts. The DBG-2000 is adept at keeping business networks more secure. The powerful network firewall filters traffic, blocking anything that shouldn’t be there. Meanwhile, the Intrusion Prevention System (IPS) actively shields the network from modern day threats such as DDoS attacks, brute force attacks or vulnerability exploits, as well as raising the alarm alerting administrators to irregularities. Nuclias empowers you with the tools you need, such as Content Filters, Firewalls or Application Control. Define your policies as necessary, and then roll them out across the entire network for greater network-wide consistency.

Highlights: • • • • • • •

Highlights: •

•

Centralized cloud-based management, with intuitive web and app-based interface Formidable privacy with easy-to-establish point-to-point VPN options Get the best network utilization thanks to Smart Bandwidth Management Equipped with IPS, the network is actively on guard to protect itself Dynamic Content Filtering facilitates categorization and control of accessible sites Network firewall provides a formidable first line of defence Bulk up security further with Application Control, controlling which application can utilize the network

Can capture up to 140 pages per minute (ppm), while on-board image processing enables independent operation and reduces PC resources

•

RESTful Web API support delivers efficient document capture via the browser, with no software or drivers required. This makes it easy to integrate them into lineof-business applications, web-based scanning applications, and mobile devices

Users can quickly digitize data trapped on paper and get it into enterprise applications such as ERP or CRM systems with a high degree of accuracy, and easily scan documents into on-site or off-site applications and file repositories, including cloud services

•

Versatile media handling capability means the S3000 Max Series can handle a wide array of paper sizes, shapes and weights, including mixed batches. The scanners feature a large 500-sheet automatic document feeder (ADF), enabling operators to scan multiple batches at once, while controlled output stacking speeds up post-scan processing.

Easy to set-up and use; knowledge workers can configure the scanners themselves, without IT support, and the intuitive interface and 3.5” color touchscreen deliver simple operation. Operators can personalize workflows with Smart Touch software, capable of configuring up to twenty different scan jobs to suit specific scanning

needs – all with one-touch simplicity.

MAY 2022 / CXO DX

» TRENDS & STATS

PUBLIC CLOUD END-USER SPENDING TO REACH NEARLY $500 BILLION IN 2022 IaaS, DaaS and PaaS to witness highest spending growth this year or network-as-a-service,” said Nag. “As a result, they are generally more expensive which is fueling spending growth.” SaaS remains the largest public cloud services market segment, forecasted to reach $176.6 billion in end-user spending in 2022. Gartner expects steady velocity within this segment as enterprises take multiple routes to market with SaaS, for example via cloud marketplaces, and continue to break up larger, monolithic applications into composable parts for more efficient DevOps processes.

Worldwide end-user spending on public cloud services is forecast to grow 20.4% in 2022 to total $494.7 billion, up from $410.9 billion in 2021, according to the latest forecast from Gartner, Inc. In 2023, end-user spending is expected to reach nearly $600 billion. “Cloud is the powerhouse that drives today’s digital organizations,” said Sid Nag, research vice president at Gartner. “CIOs are beyond the era of irrational exuberance of procuring cloud services and are being thoughtful in their choice of public cloud providers to drive specific, desired business and technology outcomes in their digital transformation journey.” Infrastructure-as-a-service (IaaS) is forecast to experience the highest end-user spending growth in 2022 at 30.6%, followed by desktop-as-a-service (DaaS) at 26.6% and platform-as-a-service (PaaS) at 26.1% (see Table 1). The new reality of hybrid work is prompting organizations to move away from powering their workforce with traditional client computing solutions, such as desktops and other physical in-office tools, and toward DaaS, which is driv-

CXO DX / MAY 2022

ing spending to reach $2.6 billion in 2022. Demand for cloud-native capabilities by end-users accounts for PaaS growing to $109.6 billion in spending. “Cloud native capabilities such as containerization, database platform-as-a-service (dbPaaS) and artificial intelligence/ machine learning contain richer features than commoditized compute such as IaaS

Emerging technologies in cloud computing such as hyperscale edge computing and secure access service edge (SASE) are disrupting adjacent markets and forming new product categories, creating additional revenue streams for public cloud providers. “Driven by maturation of core cloud services, the focus of differentiation is gradually shifting to capabilities that can disrupt digital businesses and operations in enterprises directly,” said Nag. “Public cloud services have become so integral that providers are now forced to address social and political challenges, such as sustainability and data sovereignty.

WORLDWIDE PUBLIC CLOUD SERVICES END-USER SPENDING FORECAST (MILLIONS OF U.S. DOLLARS) 2021

2022

2023

Cloud Business Process Services (BPaaS)

51,410

55,598

60,619

Cloud Application Infrastructure Services (PaaS)

86,943

109,623

136,404

152,184

176,622

208,080

Cloud Management and Security Services

26,665

30,471

35,218

Cloud System Infrastructure Services (IaaS)

91,642

119,717

156,276

2,072

2,623

3,244

410,915

494,654

599,840

Cloud Application Services (SaaS)

Desktop as a Service (DaaS) Total Market

Source: Gartner (April 2022)

Works with all modems and ISPs.

Multi-gigabit WiFi 6 speeds

A better WiFi has arrived. Linksys Atlas Pro 6 with Velop Intelligent Mesh is a dual‑band WiFi 6 system that simultaneously delivers next‑level streaming, gaming and uninterrupted video calls to more than 30 devices per node. Access to 160 MHz unleashes the true power of WiFi 6 technology—these are the least congested channels available on the 5GHz band and offer incredibly fast connectivity.

30+ devices Capacity per node

AX5400

up to 5.4 Gbps

Covers homes with up to

4-5 bedrooms

1/2/3-Pack: Model# MX5500 MX5501 / MX5502 / MX5503

WiFi 6 Offers 4x More Capacity*. Mesh WiFi 6 delivers true gigabit speeds—up to 5.4 Gbps with 6-stream connectivity—throughout your entire home inside & out. 160 MHz Capable. Access to the least congested channels on the 5 GHz band unleashes the true power of WiFi 6, allowing working from home, e-learning and streaming & gaming on more devices than ever.

Linksys.com

New launch

Atlas Pro 6 Mesh WiFi 6 dual-band system

No interference from the neighbours. Dynamic Frequency Selection (DFS) reduces interference from neighboring networks. Industry-Leading Technology. The Qualcomm™ Immersive Home 216 Platform transforms home & business WiFi to wired-like stability and speed. Easy Setup and Control. It’s simple to set up and lets you manage your network or prioritise devices from anywhere, all with the free Linksys app.