SUPPLEMENTBY INSIGHT PARTNER

CYBER SENTINELS

SECURITYSPECIAL

YOUR PREVIEW TO THE GULF INFORMATION SECURITY EXPO & CONFERENCE AND THE FIRST EVER GULF ENTERPRISE MOBILITY EXHIBITION & CONFERENCE

ABOUT THE SHOW | PAGE 03NEWS | PAGE 04-06EXPERT VIEWS -CYBERSECURITY -DAN LOHRMANN | PAGE 07ADAPTIVE TRUST DEFENSE FOR ENTERPRISE MOBILITY | PAGE 08PROTECT YOUR ENTERPRISE’S DATA ASSETS | PAGE 09DENY THE HELLSING APT | PAGE 10FUTURE CITIES OF SMARTWORLD | PAGE 12COHESIVE APPROACH TO ADVANCED TARGETED ATTACKS | PAGE 18TOP 10 THINGS TO KNOW ABOUT THE INTERNET OF EVERYTHING | PAGE 22ALL YOU NEED TO KNOW ABOUT THE FREAK VULNERABILITY | PAGE 26SECURITY VENDORS | PAGE 14, 16, 19, 20, 28 - 32, 35MOBILITY VENDORS | PAGE 33-34SECURITY VADS | PAGE 32-36

INSIDE...

With an estimated annual cost of US$100 billion from cybercrime, the global cyber security industry is projected to be worth US$120.1 billion by 2017, growing at an 11.3% CAGR. The MENA region is far from immune to these global threats, with government, com-mercial and security services all investing heavily to detect, protect and react to the ever-changing cyber landscape. GISEC is the region’s only large-scale information security platform, assembling industry, government and thought leaders to tackle threats, issues and coun-termeasures. GISEC 2015 is highly focused on addressing security concerns for I.T., Oil & Gas, Banking & Finance, Government, Legal, Healthcare and Telecoms industries. Key industry decision makers have the chance to meet companies providing world-leading solu-tions across dedicated industry verticals.

GEMEC is a three day confex for senior executives from across a range of industries, to identify, evaluate and source technology and mobility solutions to meet their current and future mobile requirements.

GEMEC’s world-leading conference programme caters to the region’s enterprise and government decision makers who are envisioning new and creative ways to extend their competitive advantage.

It comprises a range of targeted breakout sessions led by expert technology solution providers. These interactive sessions are aimed at giving attendees an opportunity to interact with some of the world’s leading enterprise mobility experts to discuss specific operational challenges and share unparalleled industry knowledge.

SECURITY INNOVATION FOR A CONNECTED FUTURE

MOBILITY INNOVATION FOR A CONNECTED FUTURE

PUBLISHER: SANJIB MOHAPATRA

COO: TUSHAR SAH00

EDITOR: SANJAY MOHAPATRA sanjay@accentinfomedia.com M: +971 555 119 432

ASSOCIATE EDITOR: KARMA NEGI karma@enterprisechannels.com

SUB EDITOR: SOUMYA SMITA PRAJNA soumya@accentinfomedia.com

REPORTER: ANUSHREE DIXIT anushree@accentinfomedia.com

VISUALIZER: MANAS RANJAN

LEAD VISUALIZER: DPR CHOUDHARY

DESIGNER: AJAY ARYA

SUBSCRIPTIONSINFO@ACCENTINFOMEDIA.COM

SALES AND ADVERTISINGRONAK SAMANTARAY

ronak@accentinfomedia.com M: + 971 555 120 490

SOCIAL MARKETING & DIGITAL COMMUNICATIONYASOBANT MISHRA

yasobant@accentinfomedia.com

PRODUCTION & CIRCULATIONRICHA SAMANTARAY

+ 971 529 943 982

BY INSIGHT PARTNER

Enterprise Channels MEA is the only magazine, which can be trusted and looked upon by the partners as the true influencer. We are the only magazine which talks about the futuristic business dynamics. The magazine focusses on enhancing skillsets of the channel partners to offer solutions and services to the customers rather than dumping products with them. The magazine brings vertical-specific market opportunities and trends from ICT perspective and prepares the partners and the vendors to address the market.

ABOUT

MEA03APRIL 2015

GISEC - GEMEC 2015 SPECIAL | ABOUT THE SHOW

Is it indeed possible to make IoT security a reality?IoT is one of the many topics that will be dis-sected and debated at the 3rd Gulf Information Security Expo & Conference (GISEC). With the consumer, automotive and industrial sectors having been identified as those that will drive the immense growth of IoT, Cisco has warned that while IoT presents conveniences to individuals and organisations, greater challenges await companies and those responsible for defending the network from cybercrimes.

“As organisations continue to seek ways to capitalise on the vast opportunities that IoT brings, the number and type of attack vectors will only continue to expand,” said Philippe Roggeband, Business Development Manager of Cisco Security Architecture and one of the keynote speakers at GISEC.

Roggeband will be delivering his keynote

presentation on day two of GISEC conference, 28 April 2015. He will be zeroing in on the topic of ‘What do we need to make IoT security a reality?’, where he will reveal valuable insights on achieving the immense business benefits of IoT through a highly robust and secure network infrastructure, the big impact of small devices: how do you ensure the security of smart things, and the need for a new security model.

On day one of GISEC conference, 27 April 2015, Les Anderson, Vice President Cyber, BT, will discuss threat scenarios from ‘IoT’ and ‘Software Defined Networks’ including next steps to protect against next generation of attacks. Also, Hani Nofal, Executive Director, Intelligent Network Solutions, GBM, will share his thoughts on connected chaos within the internet using anonymity and sharing devices.

Gulf Enterprise Mobility Exhibition & Confer-ence (GEMEC) 2015 is all set to take place from April 26-28, 2015 at the Dubai World Trade Centre (DWTC) and brings together the world’s leading experts who will address the challenges and explore solutions, as well as opportunities, associated with enterprise mobility. Strategi-cally co-located with the 3rd Gulf Information Security Expo & Conference (GISEC), C-level executives will get an opportunity to identify key I.T. security concerns and challenges together with employing cutting-edge business tools on how to secure enterprise mobility.

At GEMEC, over 2,000 senior executives from 51 countries will be identifying, evaluating and sourcing technology and mobility solutions aimed at highlighting the business benefits through new and creative ways that will extend their competitive advantage.

Among those who will share key insights at the conference are Annosh Thakkar, Vice President, Business & I.T. Transformation, Philips Netherlands; Sameer S Poonja, Head of Digital Technologies, Emirates Group I.T.; Jean-Pierre Mondalek, General Manager UAE, UBER; Arun Tewary, Vice President (IT) & CIO, Emirates Flight Catering and Bill Douglas, Head of Mobil-ity, Royal Bank of Scotland, UK.

“GEMEC is the perfect platform to offer

MOBILITY – THE PRESENT AND FUTURE OF IT

PHILIPPE ROGGEBAND, BUSINESS DEVELOPMENT MANAGER OF CISCO SECURITY ARCHITECTURE

participants the opportunity to identify, analyse and discuss optimal solutions to develop and implement a successful mobile strategy.” John Banks, Vice President, Software Group, GBM.

Johnny Karam, Regional Vice President, MEA, Citrix believes GEMEC, a leading enterprise mobility conference programme of its kind in the Middle East, forms the right platform for the region’s enterprise and government decision makers to tackle mobile security issues which are foreseeing new and creative ways to face potential cybersecurity threats.

Trixie LohMirmand, Senior Vice President, Dubai World Trade Centre, said “DWTC will host the inaugural Gulf Enterprise Mobility Exhibi-tion & Conference (GEMEC) to help identify solutions and innovations that meet users’ current and future mobile requirements.

GEMEC will also highlight key themes including BYOD to mobile first strategy, mobile device management (MDM) vs mobile applica-tion management (MAM), security and corporate compliance, rise of machine to machine (M2) connectivity, and Enterprise Apps Development.

04 APRIL 2015

MEA

GISEC-GEMEC 2015 SPECIAL | NEWS

Protection against Advanced Threat- Fortinet tells you howFortinet brings together two complementary technologies: Next Generation Firewall and Sandboxing into a comprehensive and cost effec-tive solution. Kalle Bjorn, Director Systems Engi-neering Middle East and Ahmad Arafat, Senior Systems Engineering at Fortinet will explain how, to combat advanced threat in the GISEC session – “Advanced Threat Protection: a strategic approach against an increasingly sophisticated threats” - on Monday, April 27, 2015 at 11.30 pm and Tuesday, April 28 at 3.00 pm.

Fortinet will be present at the Gulf Informa-tion Security Expo & Conference (GISEC), taking place from April 26 to 28, 2015 at the DWTC. Apart from advanced threat protection, they will highlight on the need and effectiveness of a comprehensive, multi-technology three point strategy to eliminate the threat - Prevention, Detection, and Mitigation.

Panel discussion titled ‘Before the breach - actions to protect data from attacks’ on April 27th at 2:30 pm will see Nader Baghdadi, Regional Enterprise Director, South Gulf & Pakistan at Fortinet take part in a discussion to explain how protect the corporate network and also the data against any future attacks.

“In 2015, we expect to see cybercriminals, fueled by the success of high profile hacks, continue to innovate with an even greater focus on deceiving and evading existing security solutions,” says Alain Penel, Regional Vice President - Middle East, Fortinet. “Thanks to

SPECIALIST VAD EMT TO SHOWCASE MOST ADVANCED SECU-RITY SOLUTIONS

emt Distribution has confirmed its participation in GISEC 2015.Speaking about emt’s participation, Mohammad Mobasseri, CEO atemt Distribution said, “For past few years, cyber threats altering the security landscape and posing a real danger to not to just the security corpo-rates, businesses, governments but also to individuals. GISEC provides an excellent platform to network industry experts, security specialists and with like-minded professionals from all across the region.”

emt Distribution will be displaying along with its vendors Avira, Secunia, DenyAll, Kaspersky,and WhatsUp Gold at Booth No.SR-A30, Sheikh Rashid Hall,Dubai International Convention & Exhibition Center, Dubai World Trade Centre, Dubai, UAE.

ALAIN PENEL, REGIONAL VICE PRESIDENT - MIDDLE EAST, FORTINET

STEPHAN BERNER, MD AT HELP AG

MOHAMMAD MOBASSERI, CEO AT EMT DISTRIBUTION

Help AG is participating in GISEC 2015, Dubai, where it will be present together with six of its vendor partners. In addition to demonstrating each of these vendors’ technologies, the company will focus on showcasing its own extensive portfolio of specialized security services which are delivered by its Strategic Security Consulting, Technical Consulting, Security Analysis, Co-ordinate Threat Mitigation, Managed Security Services and Security Assistance divisions.

“GISEC is one of the main events for the Middle East IT security industry and is a must attend for any business that is looking to gain insight into the latest trends and technologies in the market,” said Stephan Berner, MD at Help AG. “We have the region’s most comprehensive

set of best-in-class security solutions and services, many of which we will highlighted at the show. Our top executives, consultants and security specialists will all be present at our stand and will be capable of engaging with visitors, understand-ing their security requirements and proposing the best plan of action to address their unique IT needs.”

Help AG has dedicated a large portion of its stand to a presentation section which will feature 15 short presentations per day on the latest security threats and the company’s services which address them. While the company will showcase the full scope of its service offerings, its focus will be on promoting its Managed Security Services (MSS) division which was established in March

Fortinet’s ATP framework, the combination of our Prevent, Detect and Mitigate approach to advanced threats enables organizations to stop known threats before they infect the infrastruc-ture, discover new threats and then learns to continually evolve and deliver enhanced threat prevention.”

HELP AG TO SHOWCASE MSS ALONGWITH SUPPORTING VENDOR PARTNERS

2015. Help AG’s stand will also feature six ‘demo pods’ wherein security technologies from its sup-porting vendor partners- Cisco, Symantec, Blue Coat Systems, Palo Alto Networks, OPSWAT, and F5 Networks- will be highlighted.

06 APRIL 2015

MEA

GISEC-GEMEC 2015 SPECIAL | NEWS

What are the top 5 security trends that are likely to impact the Middle East?Security issues with the cloud, mobile, big data, internet of things (IoT) and critical infrastructure protection.

You have been recognized time and again for your skills as CSO; what’s your best tip for CSOs worldwide?Build trusted relationships with the business.

Many enterprises still don’t have a CIO-CISO system; many still manage with either- do you think that can be a trouble?To some extent yes. You need someone who is accountable and has the resources to get the job done right.

The data we host on clouds- who is responsible for their security ? Are there strict norms regarding the same?The data owner will always answer to their cus-tomers. Again, you can outsource the function, but not the responsibility.

You are a seasoned CSO; how have you seen the trends changing before you in enterprise security?Absolutely. The CISO has moved up the org chart,

and the role is getting more attention. Also, more threats and risks.

Smartphones are not safe, but can’t be done away with too .So, is there a plausible solution indeed?Enterprises need to have mobile device man-agement (MDM) and security processes and procedures that are enforced. This (MDM) is certainly not perfect, but it can lower mobile risk tremendously.

Is there still no way to stop the cyber crime before it actually hits the enterprises?No single way. It takes great people, processes and technology. It is also a 7x24 challenge...

Is it really okay to trust an enterprise’s security to a third party service provider?A good lawyer answer: “It depends...” You need to know who you are dealing with. Background checks. Trust but verify. Also remember that you can outsource the functions, but never outsource the risk and your company or government reputation

Is cyber threat landscape of MEA anyway different from other regions?Every region has its own unique challenges, but overall it is very similar around the globe. The Internet has few borders.

Should cyber insurance be made compulsory? What’s your take?Not today, but mandatory cyber insurance may be coming. The industry must evolve first and agree to better standards.

What’s the best tip for enterprise security now?A good risk assessment of your enterprise

What is the biggest worry you see CISO’s grappling with globally?Moving forward - the explosion of mobile devices flowing into the Internet of Things (IoT)

Antivirus, Firewalls - nothing is losing its value. Is security always going to grow more complicated only? Is there no simpler way out?Great point! It seems likely right now. And yet, the new products just keep coming don’t they? Right now the bad guys are ahead of the good guys. I think the good guys will eventually catch-up, but it will take time.ë

Risk Assessment- Pressing Need of the hour

CSO CORNER

DAN LOHRMANNCHIEF STRATEGIST & CHIEF SECURITY OFFICER AT SECURITY MENTOR ; EX-CSO, STATE OF MICHIGAN

“Right now the bad guys are ahead of the good guys. I think the good guys will eventually catch-up, but it will take time.”

One of the leading speakers at GISEC, Dan Lohrmann is known for his refreshingly practical commentary on computer security. Dan engaged in a twitter conversation over information security challenges prior to GISEC 2015. Excerpts.

MEA07APRIL 2015

GISEC 2015 SPECIAL | EXPERT VIEWS

Remember the good old days – when users all carried the same corporate-issued device, apps were carefully vetted and distributed via well-defined procedures, and remote access meant using a VPN client with two-factor authentication and a physical RSA token generator? Merriam-Webster’s online dictionary defines nostalgia as “sadness that is caused by remembering something from the past and wishing that you could experience it again.” IT professionals responsible for securing today’s mobile enterprise networks and data must feel a tinge of this every time Apple or Samsung announce a new product or operating system update.

Why nostalgia? Because IT has lost control. The transformation from a static, wired environment to a dynamic mobile environment is to blame. Employees emboldened by the ability to always stay connected have forced the hand of corporate IT departments to boldly go where networks have never gone before – everywhere and anywhere. What’s worse, IT typically becomes aware of new products or services on their network only after they’re widely in use, forcing them to openly welcome unwanted technology without properly vetting it or fully understanding the risks.

As a result, IT ends up performing a delicate balancing act; on the one hand there is a need to enable employees but on the other the daunting challenge of mitigating risks. Thus IT must ensure sufficient security measures are in place without overly affecting employee productivity. This presents some rather unique challenges due to security and management inconsistencies:l Devices and operating systems differ

across platforms and manufacturersl User preferences and habits differl Security components may or may not

work the same when it comes to performing basic functions like user authentication

Mobile security by and large hasn’t been able to keep pace. IT spend remains largely focused on perimeter defenses to weather the storm of external denial-of-service (DoS) attacks and zero-day exploits that generate headlines but pay little attention to mobile devices and users gaining access to network resources and data. And while solutions like mobile device management (MDM) or enterprise mobility management (EMM) make their way into the enterprise to address mobile access, implementations lag due to end user rejection of big-brother controls or cumbersome / non-intuitive workflows.

In keeping with the times, IT must evolve security to address the risks introduced by enter-prise mobility – specifically as it pertains to trust. In the past, physical security measures satisfied most trust requirements; if an employee provided proper credentials at the front door or perimeter, then trust would be established and access grated. But what about users who don’t go through the front door and aren’t asked to produce identifica-tion to validate their need to be there? If that same user comes through a back door, do we let them connect and give them the same level of trust?

Conventional wisdom would suggest that we don’t. In fact, everyone and everything should be interrogated and an informed policy decision made. The ideal model would be to make a decision based on relevant context. Useful context

can include;l User identity and rolel Type of device and ownershipl Locationl Has this device been seen beforel Does the device meet security

standardsBy gathering and using context, IT is in a better

position to handle the unknowns that pop up on their network. Instead of treating everyone and everything as an un-trusted entity, IT can create adaptive policies based on business needs and associated risks. What’s more, IT can also mitigate many of the risks associated with anywhere, anytime and any device access without impacting productivity.

Adaptive Trust provides IT visibility and control while drastically reducing risk. And more importantly, it can strengthen existing systems without introducing unnecessary or complicated procedures. A trust model that adapts to how people work delivers a better user experience while drastically improving security. ë

MANISH BHARDWAJ,SR. MARKETING MANAGER | MIDDLE EAST & TURKEY, ARUBA NETWORKS

“In keeping with the times, IT must evolve security to address the risks introduced by enterprise mobility – specifically as it pertains to trust.”

Employees emboldened by the ability to always stay connected have forced the hand of corporate IT departments to boldly go where networks have never gone before – everywhere and anywhere.

Adaptive Trust Defense for Enterprise Mobility

ARUBA NETWORKS

08 APRIL 2015

MEA

GEMEC 2015 SPECIAL | GUEST TALK

Over the course of the past 12 months we have had public breaches stealing the headlines on a weekly basis. The woes of U.S. retailer Target come to mind, so does Sony- and Sony again- for that matter. A lot of people believe that this is because there is an increase in cyber-attacks; others say disclosure laws are revealing breaches that would previously have been swept under the carpet. It doesn’t really matter; the reality is breaches are happening.

None of this is helped by the fact that more and more assets are moving to the digital realm. You don’t need to break into a bank vault to empty it, all you need to do is find a chink in the bank’s digital armor. What makes the attacks more brazen is the fact that the perpetrator could be sit-ting in a different country, governed by different laws, knowing that if they are sufficiently skilled, there would be no forensic trace that would stand up in court. Furthermore, the motivation is irrelevant – the attackers could be driven by politics, money or because the voices told them to do it.That tired employee we mentioned earlier doesn’t need to forget a large folder full of documents:A lost MicroSD card the size of your fingernail could contain everything needed to drive a profitable business firmly into the red.

The fact is, your organization’s data (read “wealth”) will be out there for all to see. A focus on prevention is very important, but so is recogniz-ing that you can’t prevent all breaches. You also need to be prepared to deal with a breach when it does happen. How well you’ve prepared will

determine the following three criticalfactors:1) How fast you can identify that

you’ve been breached;2) How much data you’re going to

lose and how much damage results;3) How fast you can recover and get

back to business.If you are looking for silver bullets, look

elsewhere.What you will find here is a lot of good sense driven by experience. And good sense says that more preparation can save you from catastrophic repercussions following a breach. It’s not in my nature to make biblical references, but it is worth noting that Noah built the Ark BEFORE the rain.

Step 1: The AuditWe have difficulty justifying security spend because of the gap between IT and the business; the business can value data because they derive revenue from this data, while IT manages its stor-age and retrieval, so data audit is meant to bridge that gap and then define which bank you want to store which assets.

Step 2: Divide and DiversifyDivide: The idea here is to make each data

store on its own worth very little, hence makinge-ach an insignificant target.

Diversify: When you are stacking solutions, make it interesting, so that one vulnerability does not expose your entire network. Layers should present different types of defenses and challenges

to an attacker, ideally from different vendors.

Step 3: Breach BootcampThis is when you prep and start tackling the human factor. Twice a year you should schedule a mock breach session, this will help you develop your “Breach SOP Book,” the A to Z of what to do and who to call in response to different breach situations. Preparation extends beyond technology.

All in all, having proper controls will help mitigate a lot of the risk that stems from lost or stolen data, but preparation helps dissipate risk altogether and ensures that, if and when the worst happens, you and your company are ready and capable to rise to the challenge. ë

NADER HENEIN,REGIONAL DIRECTOR, ADVANCED SECURITY DIVISION, BLACKBERRY

“When you are stacking solutions, make it interesting, so that one vulnerability does not expose your entire network. Layers should present different types of defenses and challenges to an attacker, ideally from different vendors.”

“As much as I dislike when people overdramatize serious situations, I do believe that it’s not a question of whether someone will try to attack your digital assets, it’s a matter of how ready you and your business are when it happens”

Before the Breach: 3 Steps to Protect Your Enterprise’s Data Assets

BLACKBERRY

MEA09APRIL 2015

GISEC 2015 SPECIAL | GUEST TALK

Recently Kaspersky Lab experts have announceda new APT campaign that targetsgovernment institutions, mainly in the APAC region.It was named “Hellsing” after the string containing the project directory name found within the attack components’ code.

To penetrate the target infrastructure, cyber-criminals used a spear-phishing attack (targeted e-mails with spoofed sender e-mail address)containing malicious documents. It’s important to pay particular attention to protecting IT infra-structures against this type of attack, preferably by deploying additional proactive defenses.

A well thought-out deployment of Default Deny scenario is vital for a truly comprehensive counter-APT strategy. According to Kasper-sky Lab’s vision, such strategy includes both network-based and endpoint-based elements, with whitelisting technologies playing key roles. Over-cautious as this may seem, the reality is that there are still attack scenarios where typical Anti-APTs are powerless. Therefore extra endpoint-based multiple security layers are to be considered which would be efficient against previously unknown malware components.

Art of Default Denying an APTAt the stage of “infection” attackers use various techniques for delivering malicious code to the victim’s operating system. The ultimate goal of these attacks: to deliver the backdoor to the vic-tim’s operating system and run it. “Payload” is an executable (.exe) file or library (.dll), containing malicious code. In Hellsing’s case,the attacker uses social engineering to dupe the user into launching an exe-file from RAR-archive. The exe-file exten-sion was replaced with an innocuous one and the

victim did not notice the suspicious file.A“Default Deny” scenario provides highly

effective, proactive protection, even in instances where the cybercriminal somehow (e.g. using social engineering and evenduping the user into disabling anti-virus) managed to deliver the malicious payload to their victim’s system.

The concept of “default deny” is not new, but it’s still effectiveagainst advanced threatswith custom-made components - often the case with APTs. For example, if malicious exe-files or dll-librariesare successfully deliveredto the victim, Default Deny would not allow their execution in the operating system environment because such files are not contained in a white list of autho-rized, safe applications. Default Deny excludes all options to start executable code.

The next phase of the attack involves collecting information from the operating system, which may result in an escalation of privileges, the installation of backdoor or additional modules. As a rule in such instances, executable files and dynamic libraries are being used.But if they are not a part of the trusted environment, Default Deny will not allow them to run.

Powerful yet cost-effectiveBesides additional benefits including greater IT network stability, and lower maintenance time,it should be considered that deployment of a Whitelisting solution is one of the TOP4 strate-gies that can mitigate 85% of existing APT-related risks. The Default Deny scenario is the safest known variant of such an approach.

Compared with many standalone solutions for Default Deny implementation, even greater cost and operative efficiency can be achieved through

the deployment of a truly integrated endpoint protection system that includes Default Deny capability.

It’s worth the effortWhile the implementation of a Default Deny scenario is often considered too complicatedfor the average business, for institutions dealing with extremely sensitive data, the effort is likely to reap rewards. Kaspersky Lab’s convenient implemen-tation tools mean the process doesn’t have to be too taxing.Currently all components of “Hellsing” APT are blocked by all Kaspersky Lab solutions. ë

DENIS MAKRUSHIN,TECHNOLOGY EXPERT, KASPERSKY LAB

“Compared with many standalone solutions for Default Deny implementation, even greater cost and operative efficiency can be achieved through the deployment of a truly integrated endpoint protection system that includes Default Deny capability.”

According to2014 Global IT Corporate Security Risks Surveyconducted by Kaspersky Lab and B2B International, 13% of organizationsin Middle Eastfrom different industries said they experienced targeted attacks aimed specifically at our organization in the last 12 months.

Deny the Hellsing APT by default

KASPERSKY

10 APRIL 2015

MEA

GISEC 2015 SPECIAL | GUEST TALK

Potential should not be tied down. With Dell Mobility, your people are more satisfied, more productive, and you’re confident that your data is secure

See how we can help enhance your business’ performance at Dell.com/mobility

The rapid urbanization and unprecedented growth of cities globally has never failed to attract people and businesses creating more opportuni-ties and economic value to nations. It is estimated that more than 3.5 billion people are currently living in cities globally and 80% of global GDP is generated in these cities, these numbers are expected to change further with increase in expected population of 7 billion people living in cities in next three decades as per UN population report.

The future cities globally are poised to becomesmarter and intelligent to deal with cur-rent challenges around performance, efficiency, safety and security towards better sustain-ability, economic growth and development. It is estimated that smart cities industry will be worth more than US$ 400 billion by 2020 as the current capacity building approach alone seems to be insufficient and unsustainable model.

Thefuture cities will require right investment-sthat will largely focus on smart management of resources, mobility and assisted living, with focus on collaborative and inclusive government services that will require private and public part-nership and citizen’s involvement. The key driving factors for the smart cities will be various digital services and presence of the internet connected devices in various forms such as wearable’s, sen-sors and control devices allowing faster services and generation of massive amounts of data. We are thinking about it in terms big volume, high velocity, variety and variability which is known as Big Data. This Big Data is hitting the enterprises from a plethora of sources or devices that produce a deluge of unstructured data that defies easy analysis. However, by addressing the technology limitation this Big Data would not only provide us with more information, it would give us better knowledge and different perspective to be more predictive, efficient and effective.

The digital data (Big Data) generated from sen-

sors, controller and user (Activities or behaviors) allows further analysis of historic or real-time data. This will enable organizations to make decisions based on analysis of entire data rather than smaller samples – for example, organizations targeting customer based on segmentation or behavior can further analyze individual customer data for better offerings, this model is widely used in insurance industry in some countries to offer insurance premium for drivers based on predictive analysis using driving data (using telematics devices) rather than just age criteria. Some of these opportunities will generate new sources of value; others will cause major shifts in value within industries.

Big data initiatives will also allow us to create services around shared interests, communities or even needed information such as traffic, weather and environment.All of this is possible by using people, sensors or monitoring devices to provide the desirable information that can used to analyze and generate actionable intelligence. For example, people in the city of Santander in Spain have created something they call Participatory Citizen. It encourages citizens to use their mobile phones to report to city hall problems such as accidents. Officials notify the citizens when issues are resolved.

The proliferation of these internet connected smart devices and its explosion into the consumer market will change the way technology is used leading to a major cultural shiftin businessesin-novations and behavior of residents. It is expected than more than 50 billion intelligence devices will be connected to the Internet by 2020. This fast adoption of the Internet of things (IoT) is however, threatened by various security issues. Critics have spun nightmare scenarios of hackers seizing control of these smart devices and causing a havoc, which could lead to property damage, life threats or simply denial of access to property.

The recent connected devices used in health-

care such as pacemakers and other monitors are also prone to security flaws that can lead to exploitation as demonstrated by prominent security researcher and hacker Barnaby Jack.

Several issues will have to be addressed while dealing with big data as it is collected, transmitted and stored across various systems located within different geographies and regulatory landscape leading to privacy, security, Intellectual property Rights and liability. It would further require clarity on ownership, fair usage and failure of accuracy of information.

Eventually, every aspect of our lives will be affected by big data. However, the intent, benefits and risks related to this has to be carefully analyzed for everyone’s benefit. ë

AHMED QURRAMBAIG,SR. DIRECTOR – STRATEGY, RISK & EXCELLENCE

“Explosion of internet connected smart devices into the consumer market will change the way technology is used leading to a major cultural shift in businesses innovations and behavior of residents”

According to the Department for Business, Innovation and Skills – UK, smart cities industry is estimate to be more than US$ 400 Billion by 2020 globally.

The Future Cities of Smart World

SMARTWORLD

12 APRIL 2015

MEA

GISEC GEMEC 2015 SPECIAL | GUEST TALK

GEC AWARDSG L O B A L E N T E R P R I S E C O N N E C T

2015

BLOCK YOUR CALENDERfor 15th October, 2015 for the biggest industry awards

GLOBALENTERPRISECONNECT

B R O U G H T B Y O R G A N I S E D B Y

W W W . G E C O P E N . C O M

Brief about your company?ESET is an IT security company that delivers leading-edge security solutions against cyber threats. We are dedicated to developing high-performing security solutions for home users and corporate customers, detecting and disabling all known and emerging forms of malware. Unlike other security vendors, ESET does not resort to scare tactics and advocating security by spreading fear. As a part of this mission, we launched two online portals. Through http://www.welivesecu-rity.com/, we inform our users about the latest threats and provide helpful advice to help them protect themselves. This keeps them up to date with all the latest trends in the IT security market. And through our newly launched http://www.goexplore.net/ platform, we present the best content of the web to user.

What are the competitive advantages of your products? ESET technologies are renowned for deliver-ing high performance and award winning security with extremely low computing resource utilization.

How many products you have? On the consumer side we have ESET Smart Security, ESET NOD32 Antivirus (for Windows and Linux), ESET Mobile Security for Android & ESET Cyber Security Pro (for Mac). For our business customers, we offer an even more comprehensive suite of solutions that address endpoint security, endpoint antivirus, remote administration, authentication, mobile

security, mail security, file security, gateway security and collaboration.One of the key USPs of our solutions for businesses is that they eliminate a lot of the challenges that organizations face with administration. Our advanced remote administration tool, ESET Remote Administrator provides centralized oversight and control of all ESET security solutions deployed in the network.

Who are your major customers in the region?Our major customers are mainly from the Government and educational sectors.

How are you present in various countries in this region?We have very strong presence in the Middle East and have been active in this region for a consider-ably long time. Just last year, we moved to a larger office in Dubai which also has special training room facilities. This has enabled us to train more partners at our weekly training sessions.From this regional hub, we manage an extensive partner network in 11 countries: UAE, KSA, Kuwait, Qatar, Oman, Bahrain, Yemen, Lebanon, Jordan Egypt and Libya.

Name your distributors and VADsFDC International, ASBIS ME, Bulwark Tech-nologies, Zedan Information Engineering & iPoint

Briefly tell about your partner ecosystem and engagement strategyFrom the channel perspective, we adopt a 100%

channel driven approach. This allows us to ensure that are partners are expertly enabled and have ready access to the best support. ESET Partner Program is strategically designed to offer our valued partners a wide range of benefits, certifica-tions, trainings, and rewards thus ensuring our mutual profitability and success. Our resellers are exclusively entitled to attractive incentives, rebates, co-marketing tools and other value addi-tions. This year, we launched a rebate program for our retail partners as well called the ESET Retail Partner Program. Our partner-driven approach to business gives our channel the confidence that we always have their best interests in mind.

Please highlight the major deployments done in the past one year.Last year, the British University in Dubai (BUiD) significantly strengthened its IT security posture with a campus-wide deployment of ESET Endpoint Security. In the 6 months since its deployment, BUiD has not registered a single support call with ESET- something that was a fairly regular exercise with the institution’s previ-ous security solution. ë

Smart security at low computing costs

ESET

PRADEESH VS GENERAL MANAGER, ESET MIDDLE EAST

We pride ourselves on our ability to deliver solutions that enable both business and home users to ‘enjoy safer technology’.”

Its commitment to reliable and non-obstructive IT security has ensured ESET managing to become the first company to receive 80 VB100 awards from Virus Bulletin having not missed a single threat in Virus Bulletin’s tests since 1998.

GISEC 2015 SPECIAL | END POINT PROTECTION

14 APRIL 2015

MEA

Brief about your company?Bit9 + Carbon Black is a computer security firm dedicated to protecting endpoints and servers from a new generation of online threats through its advanced solutions. We offer a complete solution against complex threats that target enterprise endpoints and servers, making it easier to see—and immediately stop—those threats

What are the competitive advantages of your products? Through our products organizations can effectively prepare for a breach by continuously recording endpoint activities, and rapidly respond to an incident by instantly isolating endpoint threats, terminating attacks, and remediating endpoints, through a remote con-nection to any endpoint in the enterprise. These new capabilities significantly reduce the time to detect, terminate and remediate cyber attacks.We cater to more than 20 top IR firms and MSSPs, which includes distinguished brands such as Dell SecureWorks, Kroll, Stroz Friedberg, and General Dynamics Fidelis among others, all of whom have come to rely on and trust our system.

How many do products you have? For now, we offer four main products, Bit9 + Carbon Black, The Bit9 Security Platform, Carbon Black, and the Threat Intelligence Cloud. The Bit9 + Carbon Black Security Solution is the industry’s first and only integrated Endpoint Threat Prevention, Detection and Response solution. The Bit9 Security Platform, on the other hand, is the most comprehensive endpoint threat

protection solution and provides organizations with the real time visibility, detection, response and industry leading prevention.

Carbon Black is the industry’s only endpoint threat detection and incident response solution for SOC and IR teams that combines continuous recording and live response capabilities to prepare organizations for a data breach, instantly isolate endpoint threats, terminate ongoing attacks, and remediate threats at the moment of discovery. Finally, the Threat Intelligence Cloud offers a comprehensive, aggregated advanced threat intelligence solution that combines Bit9 + Carbon Black’s leading software reputation and threat indicator services with third-party intelligence sources to provide some of the industry’s most powerful, correlated and accurate threat insights.

How do these products address various technology requirements of the market?We provide IT personnel with the power to stop advanced attacks while maintaining the proper balance between endpoint protection and end-user application accessibility. We make it possible for security analytics to detect and interrupt attacks in progress using custom and third-party threat intelligence capabilities that provide valuable actor, agent, asset and target information important to security operations teams. We help prepare incident responders for the inevitable compromise of perimeter defenses by continu-ously recording all application and file activity on every endpoint.

We also deliver enhanced, actionable endpoint intelligence to SOC analysts via the industry’s

first and only Open API architecture to support integration with leading network firewalls, threat detonation devices, threat intelligence providers, and Security Event and Incident Management (SEIM) platforms that greatly improve threat visibility across multiple vectors for faster, more accurate identification of suspicious activity, threat diagnosis, and operational response.

How are you present in various countries in this region?We actively participate in various events, exhibi-tions and conferences such as GISEC as part of our aim to solidify our presence in the UAE. We conduct studies and surveys to better understand the needs and requirements of enterprises in the GCC in protecting their cyber space in order to develop more sophisticated and modern products that can address their concerns.

Name your distributors and VADs.Starlink is our Distributor in the Middle East. ë

Actionable end point intelligence

BIT9 + CARBON BLACK

DAVID FLOWER,MANAGING DIRECTOR OF BIT9 + CARBON BLACK, EMEA

“We offer the industry’s first and only endpoint threat detection and response solution that combine continuous endpoint recording and live incident response capabilities.”

“The Bit9 + Carbon Black Security Solution is the industry’s first and only integrated Endpoint Threat Prevention, Detection and Response solution”

GISEC 2015 SPECIAL | ENDPOINT SECURITY

16 APRIL 2015

MEA

2014 saw many major brands and large compa-nies making headlines, not for some remarkable post-recession economic recovery or innovative product, but for massive data breaches and it doesn’t look to be slowing down in 2015. These attacks grab the attention of consumers, lawmak-ers, and the media when they manage to breach very large organizations with dedicated security teams and extensive infrastructure designed to keep hackers at bay. However, nobody is immune – smaller organizations are targets as well, either as part of a larger coordinated attack or through a variety of distributed malware.

Advanced targeted attacks are being launched to steal sensitive corporate data, intellectual property and insider information. And tradi-tional network defenses often cannot detect and mitigate them.

Prevention to Act on Known Threats and InformationKnown threats should be blocked immediately whenever possible through the use of next-gen-eration firewalls, secure email gateways, endpoint security, and similar solutions that leverage highly accurate security technologies. Examples include anti-malware, web filtering, intrusion prevention, and more. This is the most efficient means of screening out a variety of threats with minimal impact on network performance.

Anti-malware technology, for example, can detect and block viruses, botnets, and even predicted variants of malware withthe use of technology such as Fortinet’s patented Com-pactPattern Recognition Language (CPRL) with minimumprocessing time.Attacks can also be thwarted by reducing the attack surface.

Detection to Identify Previously

Unknown ThreatsUnknown “zero-day” threats and sophisticated attacks designed to hide themselves from traditional measures are being used every day to penetrate high-stakes targets. This element of the framework uses advanced threat detection technologies to examine the behavior of network traffic, users, and content more closely in order to identify novel attacks. Sandboxing, in particular, allows potentially malicious software to be handed off to a sheltered environment so that its full behavior can be directly observed without affecting production networks. Additionally, botnet detection flags patterns of communication that suggest botnet activity while client reputa-tion capabilities flag potentially compromised endpoints based on contextual profile. Though incredibly powerful, this type of threat detection is resource intensive and thus reserved for threats that could not be identified by more efficient traditional methods. Detection, of course, is only anotherelement of the ATP framework.

Mitigation to Respond to Potential IncidentsOnce potential incidents and new threats are identified, organizations immediately need to validate the threat and mitigate any damage. Users, devices, and/or content should be quarantined, with automated and manual systems in place to ensure the safety of network resources and organizational data until this occurs. At this stage, eliminating redundancy and creating synergy between different security technologies is the key to deploying a high-performing security solution, where the unknown becomes known. Of course, the cycle is not completed until this actionable threat intelligence is available at the different enforcement points and shared globally.

This keeps cybercriminals at bay not just for one organization but for all organizations worldwide.

Advanced threat protection relies on multiple types of security technologies, products, and research, each with different roles. However, each will be less effective if they don’t communicate with each other on a continuous basis, handing off data from one to the next.

Fortinet integrates the intelligence ofFor-tiGuard Labs into FortiGate next-generation firewalls,FortiMail secure email gateways, Fort-Client endpoint security,FortiSandbox advanced threat detection, and other securityproducts in its ecosystem to continually optimize and improve each organization’s level of security. ë

NADER BAGHDADI,REGIONAL ENTERPRISE DIRECTOR, FORTINET

“Perhaps the most critical feature of the threat protection framework – one that is missing in many organizations’ security implementations – is the notion of the handoff rather than any particular technology or element.”

Advanced targeted attacks are being launched to steal sensitive corporate data, intellectual property and insider information. And traditional network defenses often cannot detect and mitigate them.

A Cohesive Approach to Advanced Targeted Attacks

FORTINET

18 APRIL 2015

MEA

GISEC 2015 SPECIAL | GUEST TALK

How are you positioned to tackle the ever evolving cyber threat landscape?The security landscape in the Middle East is also showing signs of maturing as most of the organi-zations have started to accept that cyber security is a real threat; and managing it is a strategic business decision rather than just an IT decision. With Palo Alto Networks, you can better manage and protect the complex and ever-evolving ecosystem of modern technologies upon which your industry relies.

Tell us about the products you have. To protect organizations from cyber threats and malware the Palo Alto Networks Enterprise Security Platform offers a unique preventative approach with three essential components – NGFW, advanced endpoint protection and threat intelligence cloud – to secure computing environ-ments, prevent known and unknown threats, and safely enable an increasingly complex and rapidly growing number of applications.

What are the distinctive advantages that your solutions provide?Middle East customers are always trying to adopt latest trends leaving legacy solutions behind.

Our security architecture becomes the founda-tion that makes all trends possible by spanning the full customer infrastructure from user devices

such as smart phones, tablets or laptops to the data center through all customer office locations locally, regionally or globally and by creating a granular visibility of user and application behavior, creating controls and corporate policies regardless of location and/or device and a fully automated and integrated solution addressing known and unknown threats.

What are the main pain points you are observing in the area of security?

The biggest challenge we see regionally is achieving a continuous balance between executive support and budget spent while imple-menting integrated and automated solutions addressing all types of risk and while utilizing the customer skill set base of their engineers and staff.

Tell us about your market model. Our Route to Market model is completely driven by the valued network of Channel distributors and partners. Our presence in ME region is driven by the commitment to thought leadership, innovation and support for our partners and customers and a model that isn’t just channel-friendly, but channel-centric, with ongoing investment in partner enablement.

Our presence is steadily growing in the region with triple-digit year-over-year growth in Dubai and a similar trend in Riyadh & Doha.

What kind of special partner engagement initiatives have you been

promoting?Our direction has been to secure & support our customers and partners and enabling them to take the full advantage of our leading & innovative technology. People, Education/Training & Proof of Concepts resources are the biggest components of our investments as we are acquiring & then nurturing talent and expertise, in local region.

We are also at the threshold of launching our Academy Program in select countries in ME to identify talent and also create a talent pool & bridge security skill sets gap seen n some markets. We also focus on education & skill upgrades for our partners & customer’s teams and run regular Expert Forums.

We also actively support the Palo Alto Networks Fuel User Group, a global community, with a branch in Dubai, established to drive knowledge sharing and best practices among security professionals across multiple industries. Palo Alto Networks is also a co-founder of Cyber Threat Alliance, which is fostering collaboration and knowledge sharing among global security companies and the security industry. ë

Safeguarding Businesses with Smart Solutions

PALO ALTO NETWORKS

SAEED AGHA,GENERAL MANAGER MIDDLE EAST, PALO ALTO NETWORKS

“Palo Alto Networks solutions are a complete paradigm shift from a detection and remediation stance to one of prevention.”

Fundamental shifts in how technology is used – including the wider embrace of cloud computing infrastructure are raising concerns about new attack vectors.

MEA19APRIL 2015

GISEC 2015 SPECIAL | NETWORK SECURITY

Brief about your company?Cyberoam Technologies, a Sophos Company, is a global Network Security appliances provider, offering future-ready security solutions for physical and virtual networks with its NGFWs and UTM appliances. Cyberoam offers compre-hensive network, web & content, application and email security while providing secure remote access and data leakage prevention. Cyberoam is accredited with prestigious global standards and certifications like EAL4+, CheckMark UTM Level 5 Certification, ICSA Labs and IPv6 Gold logo.

What are the competitive advantages of your products? Cyberoam security is designed to deliver an optimal mix of Performance, Scalability, Price and Future-ready Security. Unlike many network security vendors, Cyberoam thrives with its own in-house team of R&D and threat research labs. Recently, with CyberoamOS 10.6.2, the company has achieved major improvements in network security performance. Moreover, all Cyberoam security solutions are underpinned by Extensible Security Architecture (ESA) and thus deliver future-ready security in enterprises with multiple deployment scenarios – allowing configuration as high performance Firewall /VPN /IPS /WAF, NGFW, UTM or Proxy.

How many products you have? Cyberoam brings a comprehensive portfolio of NGFWs and UTM network security appliances that fulfill security needs for businesses of varied size including SMBs, mid-sized organizations and large and distributed enterprises. In addition,

Cyberoam has CCC and i-View appliances to support Centralized Security Management and Centralized Network Monitoring respectively. Cyberoam NGFWs and UTMs are available as both hardware as well as virtual appliances. Towards the end of 2013, Cyberoam added holistic security for ICS / SCADA networks on its security appliances and unveiled a unique cloud-based security management service (CCMS) for its partners and resellers.

Who are your major customers in the region?Cyberoam enjoys significantly entrenched pres-ence in the region in a range of verticals including Education, Retail, Construction, Government, Oil and Gas and more.

Which are the various countries in this region you have your presence in?The list includes UAE,OMAN,BAHRAIN,KUWAIT,QATAR,JORDAN, LEBANON,IRAQ and KSA

Name your distributors and VADs?BULWARK DISTRIBUTION, FDC INTERNA-TIONAL and SNB

Briefly tell about your partner ecosystem and engagement strategy?Being a 100% channel-driven network security organization, Cyberoam thrives on the strengths of its partners. To this end, Cyberoam empowers and equips its partners and resellers with latest products, technology know-how, free training &

certifications and other marketing handholding. Partner ecosystem is organized across 3 catego-ries viz.Platinum, Gold and Authorized.With a view to delivering highest partner enablement, Cyberoam’s local team of enterprise account managers works closely with these partners, helping them at every stage of sales cycle while ensuring committed presales and post-sales assistance with state-of-the-art Global Support Management Centre, which is industry’s first ISO 20000:2011 customer support infrastructure.

Please highlight the major deployments done in the past one year? A recent deployment with JumaAl Majid group remains a compelling case study. The customer has deployed 50+ network security appliances from Cyberoam to secure distributed business networks, users and IT led infrastructure.The project was led by our partner organization Jurrasic technologies; with committed support of Cyberoam. ë

Holistic Benefit for Security Needs

CYBEROAM

RAVINDER JANOTRA,REGIONAL SALES MANAGER, MIDDLE EAST AT CYBEROAM

“Unlike many network security vendors, Cyberoam thrives with its own in-house team of R&D and threat research labs.”

Cyberoam has recently added next-generation management (NM) series of Cyberoam Central Console (CCC NM) appliances and next-generation reporting (NR) series of iView appliances, to its range of product offerings.

GISEC 2015 SPECIAL | NETWORK SECURITY

20 APRIL 2015

MEA

Networks that knowhow to

Visit Juniper on Mindware stand SR-E55at Gisec 2015 and attend the Security Sessionon April 28th @12:30 pm

Your ideas.

www.juniper.net

®

The Internet of Everything (IoE) is accelerating, creating significant opportunities for organiza-tions, individuals, communities, and countries as more things come online – along with the people, processes, and data that interact with them. IoE presents new challenges, particularly when it comes to cybersecurity. To help cybersecurity professionals cut through the hype and gain a better understanding of what to expect as the IoE continues to evolve, these top 10 observations might help:

1. Worlds will collide. We need to begin to implement cybersecurity solutions to protect all networks equally from attack while recogniz-ing their specific requirements and priorities.

2. The attack surface will expand. With billions of new devices now connected to the IoT and more devices connecting all the time, the ability to gain visibility into these attack vectors, let alone close them to malicious actors, is increasingly difficult.

3. Threat diversity will increase. Due to the variety of objects adversaries can target, many of which are in insecure locations, attackers are able to devise new methods the cybersecurity industry has yet to face and blend sophisticated techniques to accomplish their mission.

4. Threat sophistication will continue. Threats have already become stealthier, evading initial point-in-time detections and using nearly imperceptible indicators of compromise to reach their target. Cybersecurity systems that rely exclu-sively on point-in-time defenses and techniques can’t keep up with unfolding attacks.

5. Remediation will become more urgent and more complex. When an attack does happen

organizations can’t necessarily isolate a system because the cost and implications of shutting it down may be greater than the cost of an infection, presenting serious tradeoffs between protection and continuity of operations. Remediation methods will need to support a focused approach to quickly detecting, scoping, and containing a threat, cleaning up systems, and bringing opera-tions back to normal.

6. Risk and impact will escalate. Sensitive data and personal information is flowing between process and business domains . The vast majority of these devices and domains rest outside the secure embrace of the IT and OT networks. The ability to protect this data wherever it goes and however it is used must be addressed.

7. Compliance and regulations will mount. If unable to effectively and efficiently meet these requirements, an organization’s ability to gain value as an active participant in the IoE will be limited dramatically. In addition, as more devices are connected, lines of ownership and responsibility will become increasingly blurred. This introduces new challenges for managing and maintaining compliance with regulatory requirements.

8. Visibility will be paramount. Cyber-security professionals need to see a real-time, accurate picture of devices, data, and the relation-ships between them, in order to make sense of bil-lions of devices, applications, and their associated information. This requires more automation and faster analytics

9. Threat awareness will become the focus. In this amorphous perimeter, cybersecurity professionals need to presume compromise and

hone the ability to identify threats based on understanding normal and abnormal behavior, identify indicators of compromise, make deci-sions, and respond rapidly.

10. Action will need to be swift. This requires the right technologies, processes, and people working together and swiftly to be effective.

What’s needed is a new, threat-centric security model that is as pervasive as the IoT and the threats themselves. This model must span a range of attack vectors and address the full attack con-tinuum – before, during, and after an attack. With this model we can protect computer systems, networks, and data. And for many enterprises involved in industrial control and automation activities, we need to extend this same model to better protect operational systems that are the lifeblood of the enterprise and in many instances, our daily lives. ë

PHILIPPE ROGGEBAND,BUSINESS DEVELOPMENT MANAGER OF CISCO SECURITY ARCHITECTURE

“Since every aspect of the network is now working together, our cybersecurity and physical security solutions must also work together with a coordinated focus on threats.”

The IoE doesn’t just require networked connections but secure networked connections in order to capitalize on the estimated trillions of dollars of value to be gained globally over the next decade.

Top 10 Things Cyber-security Profession-als Need to Know about the IoE

CISCO

22 APRIL 2015

MEA

GISEC 2015 SPECIAL | GUEST TALK

Cybersecurity Services

Extend your team with Symantec to minimize detection and response times, reduce operational costs, and enable compliance. Now you can be more proactive about emerging threats and respond quickly and effectively when incidents occur. Visit symantec.com

Copyright © 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

#GoKnow

Visit Symantec onMindware Stand SR-E55

During GISEC 2015

Brief about your company?Cisco is the worldwide leader in IT that delivers intelligent cybersecurity for the real world, providing one of the industry’s most compre-hensive advanced threat protection portfolios of solutions that is pervasive, integrated, continuous, and open.

What are the competitive advantages of your products? Cisco’s threat–centric and operationalized approach to security reduces complexity while providing unmatched visibility, consistent control, and advanced threat protection across the extended network and the entire attack continuum.

Cisco has been securing organizations of all sizes for decades, and we understand the rapidly changing security landscape.

Cisco’s continued investment in software, data analytics and threat intelligence along with our assessment, monitoring, response and operational capabilities offer end-to-end cybersecurity across the entire IoE continuum. Cisco is uniquely able to provide a threat-centric and operationalized security model that provides continuous advanced threat protection, cloud-based security intelligence, and retrospec-tive security, combined with security advisors and solutions that help companies address the shortage of talent in the security industry. Our framework for security covers the entire attack continuum - Before, During and After.

How many products you have? Cisco has an extensive security portfolio which includes solutions for Access Control and Policy, Advanced Malware Protection, Email Security, Firewalls, Network Security, Next Generation Intrusion Prevention System (NGIPS), Security Management, VPN and Endpoint Security Clients and Web Security. Cisco’s security innova-tions provide highly secure firewall, web, and email services while helping to enable mobility and teleworking. To compliment our products we also have services to help our customers deliver, integrate and optimize. This is available through our extensive channel and in some cases directly.

Who are your major customers in the region?We have customers across all verticals in the region including government organizations, oil & gas companies, hospitality, healthcare and educational organizations.

How are you present in various countries in this region?Today the company has Middle East offices in UAE, Saudi, Qatar, Oman, Kuwait, Bahrain, Afghanistan, Pakistan, Lebanon and Jordan.We have more than 870 Networking Academies in the ME with over 168,000 students since incep-tion.We also have a strong channel network of reputed and established value-added distributors, distributors, resellers and systems integrators. Our global and local sales and support teams work closely with our channel partners to deliver

the best solutions and services to our customers.

Briefly tell about your partner ecosystem and engagement strategyCisco ensures that we train, enable and certify our partners and offer them the latest security solutions such as Cisco ASA with FirePOWER and Cisco ISE. Through our Channel Partner Program, which is designed to strengthen our partners’ ability to capture market opportunities, we train, enable and support our partners and help them gain a competitive edge. We conduct regular training programs, road shows and certification workshops and also incentivize and reward our performing partners. As the next phase in our Channel program, we have begun to offer our partners new Advanced Security Architecture Specialization, which has been created to provide partners with new skills to sell Cisco’s security products. ë

Cybersecurity across the entire IoE continuum

CISCO

ANTHONY PERRIDGE,SECURITY SALES DIRECTOR, CISCO

“We also offer Master Security Specialization, which gives partners a powerful competitive advantage and qualifies them as part of an exclusive group”

To secure the networked connections among people, processes, data, and things, an end to end security approach needs to be as pervasive as the Internet of Everything itself this is where Cisco’s solutions play a key role.

GISEC 2015 SPECIAL | ENTERPRISE SECURITY

24 APRIL 2015

MEA

Secure Yourself!

partners@oppmusdistribupon.com | www.oppmusdistribupon.com

This past year we have seen an overwhelming interest in FREAK or “Factoring RSA EXPORT Keys.”FREAK is a vulnerability in Secure Socket Layer (SSL) that allows an attacker that has a Man-in-the-Middle (MITM) position to downgrade your computer’s SSL communication to an export grade cipher, which can easily be broken and accessed in less than 24 hours. Once the attacker has the key they can eavesdrop or modify your communication, and redirect you to impostor sites.While the full impact of this vulnerability is yet to be known, we do know that browsers, web clients and hosts can negotiate the strongest encryption “allowed,” falling back to weaker, “export” protocols as required.

How It WorksResearchers have identified that a MITM attack can potentially force HTTPS connections to use weaker and easier to crack encryption. This vul-nerability affects clients that communicate with servers that offer RSA_EXPORT cipher suites and are using a implementation of SSL that is vulnerable to FREAK, which includes Microsoft Windows’s Secure Channel (SChannel), Apple’s and Android’s OpenSSL based libraries. The server part itself is not vulnerable, but a server can avoid its client from being attacked by not offering the RSA_EXPORT ciphers.

An attacker connects to the web server with an export cipher and gets a message signed with the weak RSA key. Key gets cracked. For any future connections from innocent browsers, the attacker can act as a man in the middle (MiTM) connect-ing to clients, who will accept it. The attacker will then have access to all communication between the client and server.If hackers are successful, they could spy on communications as well as infect PCs with malicious software.

As processing power increases and reduces the

time and cost of breaking encryption, there is a direct impact to the security of weaker, shorter keys. While an RSA 512-bit key a few decades ago might have been considered a good option, it is not so today. The first 512-bit key was broken in 1999 and currently can be done through the use of on-demand computing power cloud provider in around seven hours at a low cost.

What You Can DoSince the detection of the vulnerability was announced in March of this year, Apple, Google and Microsoft have released security patches to fix this problem. However these types of vulnerabilities are a reminder of the importance of good security hygiene within our networks and communication infrastructure. There has never been so much scrutiny of the security of the Secure Socket Layer (SSL) and Transport Security Layer (TLS) protocols like today. But, although most attention is on the protocol vulnerabilities, most organizations don’t realize that it’s their own actions that are proving to be bigger problems in practice.It is therefore important for businesses in the Middle East to ensure that systems and soft-ware are updated to avoid any potential threats.

As cyberattacks continue to become more advanced, organizations are being forced to adapt to address new threats. In this complex security landscape, it is critical to be proactive and vigilant to protect against cyber threats in order to be as secure as possible. Practicing good cyber hygiene is the cornerstone to achieving this and in the enterprise, this includes:l Ensuring that only authorized devices

are connected to company networks that limits the applications or software running on a company’s assets to only those necessary to meet business needs.l Securely configuring corporate assets,

removing default usernames and passwords and restricting the use of administrative privileges.l Continuously scanning for vulner-

abilities and misconfigurations in company assets, and deploying a combination of network and endpoint malware defences using a mix of technologies, including blacklisting, whitelisting, heuristics, and virtualization.

Qualys’ SSL Labs offers a free SSL Server Test that will tell users if their website’s server supports “export-grade” cipher suites, which are at the root of the vulnerability. Enter a domain name of any website into the SSL Server Test’s field, then examine the resulting report. ë

HADI JAAFARAWI,MANAGING DIRECTOR, QUALYS ME

“Most organizations don’t realize that it’s their own actions that are proving to be bigger problems in practice.It is therefore important for businesses in the Middle East to ensure that systems and software are updated to avoid any potential threats.”

Researchers have identified that a MITM attack can potentially force HTTPS connections to use weaker and easier to crack encryption.

All you need to know about the FREAK vulnerability

QUALYS

26 APRIL 2015

MEA

GISEC 2015 SPECIAL | GUEST TALK

COMMUNICATE INSTANTLY

76 Playfair Road #08-01 LHK 2 Building Lobby 1 Singapore 367996

Tel: +65 6280 2881 | Fax: +65 6280 6882 | Email: info@talariax.com | Support: support@talariax.com

www.talariax.com

SAVE TIME • SAVE COST • MANAGE EFFICIENTLY

Appliance based Gateways for Enterprise Mobility

APPLICATION AREAS• Alert Notifications (Datacenters/IT)

• Third Party Application Integration (ERP, CRM, etc.)• Enterprise Messaging (SMS On-The-Move)

• 2-Factor Authentication• Email-SMS Integration• Network Monitoring• IM-SMS Integration

The sendQuick portfolio consists of appliance based Gateways for Enterprise Mobility. sendQuick devices such as Alert Plus and Entera helps in alerting on failure across IP address infrastructure - by either working on its own or with NMS solutions already in place. sendQuick Entera is a device that integrates with third party applications such as ERP, BI, DMS, SCM, MMS to facilitate messaging on set criteria. sendQuick ConeXa facili-tates enhanced remote access security by integrating with RADIUS based SSL VPN and Active Directory to generate and deliver 2-factor authentication via SMS OTP, while sendQuick Alert Plus with HTTP Plug-in works with RSA to SMS-enable soft token delivery to mobile phones.

In addition, sendQuick portfolio has sendQuick Communications for email-SMS integration on Microsoft Outlook, sendQuick Avera for Network Monitoring and sqoope, an in-premise appliance based Instant Messenger.

TalariaX is an undisputed market leader in the purpose built appliance based Enterprise Mobility segment with clientele in 30 countries across 50 distinct verticals and a recipient of several awards worldwide.

Brief about your company?Arbor Networks secures the world’s most demanding and complex networks from DDoS and advanced threats. Arbor has leveraged its unique customer footprint and experience work-ing with the world’s most demanding network operators to develop a more enduring solution for the threats of today and tomorrow. Arbor does this not by focusing on specific threats or points in the network but on networks themselves.

What are the competitive advantages of your products? What differentiates Arbor from other security companies is how Arbor leverages its pervasive service provider footprint to benefit all of our customers. Arbor’s Active Threat Level Analysis System (ATLAS) is a collaborative project with more than 300+ ISP customers who have agreed to share anonymous traffic data totaling an amaz-ing 120Tbps. From this unique vantage point, Arbor is ideally positioned to deliver intelligence about DDoS, malware and botnets that threaten Internet infrastructure and network availability. Arbor customers enjoy a considerable competi-tive advantage by giving them both a micro view of their own network, through our suite of products, combined with a macro view of global Internet traffic, through ATLAS. .

How many products you have? Arbor Networks has three product families: Arbor Cloud, Pravail and Peakflow. Arbor Cloud (Tightly integrated, multi-layer

DDoS protection)Pravail Availability Protection Solution (On-Premise)

Peakflow Threat Management System (High Capacity On-Premise Solution for Large Organizations)

Who are your major customers in the region?Our customers include 90% of Tier One ISPs, and the leading brand names across Cloud Hosting, Finance, Retail, Manufacturing, Gaming and Social Media sectors.

How are you present in various countries in this region?Arbor has sales and engineering teams present across the region to support customers; we also work with a number of partners. Additionally, we have an OEM relationship with Cisco to col-laborate on DDoS protection for service provider and large enterprise network operators.

Name your distributors and VADs?.Our distributors for the ME are Westcon and Starlink, and some of the key resellers are Elite-VAD, Fireware and STS Specialized Technical Services.

Briefly tell about your partner ecosystem and engagement strategyAll of Arbor products are sold through the channel, depending on the geographic coverage

requirements. The Arbor Advantage Program offers a flexible structure designed to accom-modate our partners’ business models while maintaining a level of simplicity that our partners appreciate. Comprised of four partnership levels, the program is designed to make it easy for you to move up to higher partnership status – and greater rewards.

Please highlight the major deployments done in the past one yearOoredoo, Qatar’s leading communication company has deployed Arbor Networks’ Peakflow platform in the cloud and Pravail platform on-premise to deliver an integrated managed security service offering to enterprises that utilizes best practices ë

Simplifying Network Security

ARBOR NETWORKS

MAHMOUD SAMY,REGIONAL DIRECTOR - HIGH GROWTH MARKETS (RUSSIA/CIS & MIDDLE EAST)

“Arbor’s goal is to provide a richer picture into networks and more security context, so customers can solve problems faster and help reduce the risk to their business.”

No matter how much the threats and attackers have changed, security still comes down to understanding networks. Arbor’s goal is to provide a richer picture into networks and more security context, so customers can solve problems faster and help reduce the risk to their business.

GISEC 2015 SPECIAL | DDOS PROTECTION

28 APRIL 2015

MEA

R

COMGUARD

Brief about your companyLogRhythm is the leader in security intelligence and analytics, and empowers organisations around the globe to rapidly detect, respond to and neutralise damaging cyber threats. With threat sophistication ever-evolving, the world’s leading businesses are finally realising that it’s now a matter of when, not if, they will fall victimto an attack. LogRhythm’s patented and award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint forensics, and advanced security analytics.

What are the competitive advantages of your products? The cornerstone of LogRhythm’s Security Intelligence Platform is an award-winning, next-generation SIEM and log management solution. LogRhythm collects and analyses data from more sources and provides greater out-of-the-box analytics and embedded expertise, delivering broader protection, deeper visibility and more actionable insight than any other solution on the market.

LogRhythm’s patented machine analytics are powered by the AI Engine, delivering highly automated and easily customised advanced behavioral and statistical analysis. An easy-to-use interface allows organisations to rapidly cus-tomise and tune rules to fit their environment to minimise false positives and improve the Mean Time to Respond (MTTR) and Mean Time to Detect (MTTD) breaches.

How many products doyou have? Unlike some other security vendors, SIEM is all we do. Therefore we are specialists in this arena and we uniquely combine enterprise-class SIEM, Log Management, File Integrity Monitoring and Machine Analytics, with Host and Network Forensics, in a unified Security Intelligence Platform.

This platform is continuously updated to meet the changing needs of our customers. Major product upgrades are typically released every 18 months, with two significant minor releases in between each major release.

How do these products address various technology requirements of the market?LogRhythm’s Security Intelligence Platform empowers global organisations to detect breaches and the most sophisticated cyber threats of today, faster and with greater accuracy than ever before. It meets a critical market need for visibility into threats as an unprecedented number of organisa-tions experience damaging data breaches.

Behavioural analytics is also a development that the market will begin to see more of. The changing nature of threats has seen many of them become internalised, and there is now a greater need for suspicious activity – activity outside of what is considered normal – to be flagged immediately. Whether it’s malicious behaviour, accidental accessing or sharing of data, or indus-trial espionage, breaches are now just as likely to originate from within an organisation.

As the threat landscape continuously evolves, basic tools, or tools working in isolation, are no longer sufficient to provide the necessary protection. Alongside its technology partners, LogRhythm is able to provide a truly holistic defence package, empowering organisations to detect and mitigate threats before any damage has been done.

How are you present in various countries in this region?We have recently established our regional presence through our sales and support office in Dubai. We have implemented a 2 tier GTM model by appointing major Information Security focused SIs in the Middle East region.

Name your distributors and VADs?Spectrami & Exclusive Networks

Briefly tell about your partner ecosystem and engagement strategy?LogRhythm works with a number of partners across 19 geographies to help deliver next-generation security intelligence to its mutual customers, enabling them to increase the value of their technology investments. ë

Mitigating threats before they can damage

LOGRHYTHM

MAZENDOHAJI,REGIONAL DIRECTOR – MIDDLE EAST, LOGRHYTHM

“Unlike some other security vendors, SIEM is all we do. Therefore we are specialists in this arena.”

LogRhythm uniquely combines enterprise-class SIEM, log management, file integrity monitoring and machine analytics with host and network forensics in a unified security analytics platform

GISEC 2015 SPECIAL | SIEM

30 APRIL 2015

MEA

What products and solutions are you exhibiting at the show?General Dynamics Fidelis Cybersecurity Solu-tions offers a comprehensive solution to advanced threats with a powerful combination of products, services, and expertise. With the expertise of our people and services delivered through our Fidelis XPS Advanced Threat Defense Products and Network Defense & Forensic Services, commer-cial enterprises and governments have the specific skills and solutions needed to fight cybercrime.

What is your expectation from this region? The Middle East region is a growing market with huge potential for IT security. There are many countries withemerging economies that will keep the growth moving forward for some time. Also, more mature economies like UAE and KSA have huge demand for new technologies and services. Overall, we see a great potential in thisregion; however, at the same time the market is highly competitive.

Why is it important for you to be at GISEC 2015?

The Middle East is a key market for Fidelis as it provides opportunities with significant potential investments for companies to protect from Advanced Persistent Threat (APT) and ZERO-day attacks. Fidelis XPS provides customers in the Middle East with technology to detect malware, viruses, and zero-day attacks though emulation and sandboxing. Fidelis XPS enables our custom-

ers to decode DNS abuse for data breach over DNS, VPN over DNS, and to decode any protocol over any port including unknown proprietary-protocols and SSL/TLS encrypted sessions.

Tell us about your channel specific initiatives.We have partnered with Value Added Resellers (VARs), and Certified Value Added Distribu-tors (CVADs), so they are able to serve major geographies in the region. We are 100% channel-oriented in this region and our channel partners are our greatestasset. Our business strategy is concentrated around strengthening our channel partner network and expanding our product portfolio so it can deliver better margins to our partners. We intend to invest heavily in resources that can create a healthy channel network in this region; for example, a few months ago, we launched our new partner portal that includes incentives for our channel partners, whichwill provide many benefits to them.

What’s going to be your prime focus this year?Our main focus remains on strengthening the channel, expanding, and enhancing our product portfolio that will deliver better margins for our partners. We plan to invest in awareness and visibility for our brand through marketing cam-paigns, participating in major events like GISEC. In addition, our business plan aims to help our vendor partners expand their reach across the region. Geographic expansion is also part of our

business strategy this year.

What is your target for 2015?Fidelis plans to grow our branding, solutions, and awareness globally. We will continue to offer comprehensive solutions to enterprises that are facing advanced persistent threats. Our award-winning Fidelis XPS Advanced Threat Defense products enable organizations to discover and eradicate threats in real-time through broad visibility over all network threats (both malware and non-malware based). Services available from our Network Defense and Forensic Services team enable enterprises to defend themselves against advanced adversaries and sophisticated attacks at any stage of the threat life. ë

Evolving faster than Cyber Threats

FIDELIS

PETER G. GEORGE,PRESIDENT, GENERAL DYNAMICS-FIDELIS CYBERSECURITY SOLUTIONS

“Our award-winning Fidelis XPS Advanced Threat Defense products enable organizations to discover and eradicate threats in real-time through broad visibility over all network threats”

The Middle East is a key market for Fidelis as it provides opportunities with significant potential investments for companies to protect from APT and ZERO-day attacks

MEA31APRIL 2015

GISEC 2015 SPECIAL | CYBER SECURITY

What products and solutions are you exhibiting at the show?ManageEngine is the enterprise IT management division of ZohoCorporation. The company delivers real-time IT management tools that empower an IT team to help an organization enhance its business productivity. About 3 out 5 Fortune 500 companies rely on ManageEngine’s products to ensure optimal performance of their critical IT infrastructure.

What are the competitive advantages of your products? ManageEngine products are simple to use, highly scalable, and offer seamless integration with third-party management tools.

How many products you have? ManageEngine believes in innovation and invests heavily on R&D. Today, ManageEngine has over 25 products that cover many key areas for effec-tive IT management and security.

The ManageEngine suite offers enterprise IT management solutions, including network per-formance management, IT help desk, application performance management, storage management, website monitoring, desktop and mobile devices management, log analysis & security, privileged password management and active directory management & reporting.

In addition, ManageEngine’s Free Tools portfo-lio touches almost every IT domain from physical network devices to virtual servers in the cloud.

How do these products address various technology requirements of the market?

All ManageEngine products can be downloaded from the website, and the products will be fully functional in a matter of hours. A 30-day free trial is available for all ManageEngine products after which the user can opt to purchase the license from our partners in the region.

Since ManageEngine has been in the industry for more than 13 years, we know the market trends better and the transformations and thus we address the upcoming requirements in all our products even before the requirement arises.

Who are your major customers in the region?Some of ManageEngine’s regional customers are KhimjiRamdas, Averda, MedNet, Zulekha Hospital, Qatar Gas, and the Emirates Group to name a few.

How are you present in various countries in this region?In the Middle East, we predominantly work through partners who have core expertise in the IT management space.

Name your distributors and VADsOur gold partners are Elitser Technologies LLC (UAE), Burhan Technology Co. W.L.L (Kuwait), and Alnafitha International for Information Tech-nology (KSA) and our silver partners are Hilal Computers - Al Hilal Group (Bahrain), TjDeeD Technology LLC (Jordan), Qatar Computer Service (Qatar), Future Technology Systems. (Kuwait), Naizak Global Engineering Systems (KSA), IT Pillars (KSA), Trust Information Technology (KSA), Digital Waves IT Solutions (Oman), and Zawawi Business Machines(Oman).

Briefly tell about your partner ecosystem and engagement strategyManageEngine usually follows a single-tier partnership structure. We have SIs and resellers as our partners, who directly interface with custom-ers. Our partner program supports resellers, who drive the sales process in their territory. This helps reachManageEngine products to a larger audience. Apart from ManageEngine’s User Con-ference every year, we conduct periodic partner’s training programs, workshops, and seminars to educate our partners on the new technologies and on our new features. The training programs include certification, interoperability, equity participation, and sales and channel strategy among other possibilities. ë

Keeping IT simple and affordable

MANAGEENGINE

NIRMAL KUMAR MANOHARAN,REGIONAL DIRECTOR (SALES-MIDDLE EAST) AT MANAGEENGINE

“The Middle East being one of the fastest growing markets for us, we see a lot of potential in this region because the market is matured and the adoption level of IT is at par with the western countries.”

With more than 100,000 customers worldwide, ManageEngine is the fastest growing alternative to traditional network management frameworks.

GISEC 2015 SPECIAL | IT MANAGEMENT

32 APRIL 2015

MEA

Brief about your company?Focus Softnet aims to be the best IT solutions provider for enterprises in terms of growth, quality, and innovation. The company develops solutions that move businesses and helps them grow in a highly competitive environment. With vertical specific speciality, we intend to roll out highly niche solutions for the real estate sectors, manufacturing, retail, hospitality, sales, inventory and warehousing domains.

This being the first edition of GEMEC; what prompted your participation in it? Focus has been a mainstay Enterprise Solutions organization with its own suite of ERP solutions which were mobile enabled right at the dawn of mobility technology. Being a company immersed in innovation, R&D, and being committed to staying ahead of the technology curve, it was only logical for us to showcase our strengths at the new GEMEC platform.

What are the competitive advantages of your mobility solutions? Focus Softnet has been developing Enterprise solutions for 24 years now. We not only have generic enterprise solutions but have also developed customized and bespoke solutions for many of our customers. In keeping with the cur-rent mobility trends, we have developed several mobile apps for our solutions in addition to the PC and Web apps.

How do these products/solutions address various technology requirements of the market?Focus’ enterprise systems, augmented by mobility solutions address a plethora of technology requirements of the market. Focus has a suite of platform-inclusive solutions which seam-lessly integrate into each other and bring about user-experience uniformity throughout the Focus ecosystem. Additionally, Focus mobility solutions embody the “easy-to-use” mantra across all skill levels within target industries.

Who are your major customers in the region?Focus Softnet’s client list in the region is constantly growing & includes prestigious names such as Air Arabia, Boeing, National Bonds, ICCAT, Taleem, Chapal World, Ajman Bank, SNASCO, Alinco, Total Lubricants, to name a few..

How are you present in various countries in this region?Focus Softnet began its ME operations in 1995 and then moved its regional headquarters to DIC in 2001. Since then, the company has experienced a resounding growth across ME with over 200 employees In 2008, Focus Softnet established its fully-owned subsidiary in the KSA and in 2009, the company moved its international HQ to Grosvenor Business Towers in TECOM.Focus has sales offices in the UAE, KSA, Bahrain, Qatar, Kuwait, Oman, Yemen and works through chan-nel and franchisee partners in the Levant.

Briefly tell about your partner ecosystem and engagement strategy.Focus has embarked upon an aggressive partner-ship model which provides strong business models for partner organizations. Moreover, with such a successful implementation track record, the business model is all the more lucrative and rewarding for partner organizations. Addition-ally, all applications have been designed keeping in mind the implementation oriented approach thereby making application deployment a breeze compared to competing products.

Please highlight the major deployments done in the past one year.Our solution, for a major real estate player in Abu Dhabi and Dubai, starts with a fully automated and integrated in-bound and out-bound call center for servicing tenants/occupants of resi-dences and offices owned by the client. Moreover, the service contractors themselves have an app installed on their mobile device with barcode scanning capabilities. ë

Customized Innovation with Easy Implementation

FOCUS SOFTNET

NISITH NAIK,REGIONAL CEO – UAE, ASIA PACIFIC AND AUSTRALIA, FOCUS SOFTNET

“Focus has always prided itself in being an organization immersed in R&D with a commitment to staying ahead of the technology curve.”

The Focus Suite of advanced business applications has enhanced business efficiency at more than 45,000 corporations across the globe.

MEA33APRIL 2015

GEMEC 2015 SPECIAL | ENTERPRISE APPLICATIONS

Brief about your companyTalariaX is based in Singapore with clients across 30 countries . The company has been a market leader in the niche of Appliance based Enterprise Mobility solutions . TalariaX has been consis-tently innovating and has introduced several products for various requirements consistent with demand. TalariaX has won top honors at every award since its inception.

What are the competitive advantages of your products? SendQuick appliances are plug-and-play devices that are self-sufficient. Once the solution is deployed, there is no need to purchase additional licenses if you scale up on users.SendQuick appliances are sector agnostic just as they support a host of connecting protocols.

SendQuick has a tremendous market across Medium to Large Industries in every conceivable vertical.

How many products you have? We have two streams – the first - appliance based gateways which go by the brand name ‘sendQuick’ The other is an appliance based instant messenger called “sQoope”. An in-premise appliance, sQoope is highly secure and intended for Enterprise IM.

How do these products address various technology requirements of the market?Communication has to be established instantly, in a cost effective manner in a secure environment. The solution has to ensure interoperability across

a heterogeneous environment with fail over redundancy and cater to the present requirements while being scalable for the future. sendQuick does all of that.

Who are your major customers in the region?Large Petrochemical companies, Govern-ment Organizations, Defense Establishments, Academic Institutions, Banks, Audit Houses, Manufacturing Organizations, Telecom compa-nies etc., are already our clients.

How are you present in various countries in this region?Through our Distributors and their downstream (Systems Integrators and Resellers)

Name your distributors and VADs.In the ME region, Bulwark Technologies based in the UAE for UAE, Qatar, Kuwait and Oman and Unisis is based in KSA for KSA and Bahrain are our exclusive Distributors. .

Briefly tell about your partner ecosystem and engagement strategyWe have a multi-tier eco-system where our Distributor sells onward to their downstream channel of Resellers and SIs In markets where we do not have Distributors, we sell directly to SI and Resellers. In the event we receive an inquiry from a direct client in a market where we do not have a channel partner, we try to route it to the nearest available partner (possibly in another country) failing which we address the requirement directly – duly explaining the aspects involved

in such an arrangement. We identify partners with significant experience in selling solutions to Medium-Large Enterprises and then provide them with requisite training, marketing support and follow ups to ensure that they are successful in their mission.

Please highlight the major deployments done in the past one year alongwith the partner involved in those.Ministry of Defense, Egypt was implemented by our partner GNSE. Rwanda Online was imple-mented by our partner SHI. Gulf Petrochemicals, Saudi Ericsson and Bahrain Bourse was handled by our partner Unisis, SOS International and Ministry of Agriculture was handled by our part-ner Orsenna, Hachette UK and Netstream was handled by our partner NU. Abu Dhabi transport was handled by our partner, Bulwark. All of the partners were responsible for complete client side interaction that included marketing, pre-sales, sales, implementation and post implementation support. ë

Enterprise Mobility Made Easier

TALARIAX

ASHOK KUMAR,CHIEF OF BUSINESS DEVELOPMENT [EMEA & SAARC], TALARIAX

“We are a sector agnostic offering meaning we can cater to any industry vertical in the Medium to Large Enterprise segment.”

80% of Fortune 500 companies use sendQuick-the self-sufficient Appliance based solution for Enterprise Mobility; and TalariaX is all set to continue the success story with sQoope- a highly secure instant Messenger

34 APRIL 2015

MEA

GEMEC 2015 SPECIAL | ENTERPRISE MOBILITY

Brief about your company?Established 30 years ago in 1985, Sophos is a global IT security company. Our mission is to be the best in the world at delivering complete IT security – software, hardware appliances and cloud based services – to protect small and mid-market enterprises, leaving them focus on their businesses instead of dealing with IT security-related threats.Moreover we are the only “Channel First” security company, with 100% channel sales. This means we only sell through distribution, direct marketing resellers, and value-added resellers in all our regions, and we engineer our products with the Channel firmly in mind.

What are the competitive advantages of your products?

Frankly, we don’t see other companies doing what we’re doing. Instead the big guys are trying to be all things to all people – attempting to deliver solutions to everyone from the consumer to Citigroup – and they’re taking a point-product approach. We’re unique in our mission to supply complete security (as opposed to a piece by piece point product approach) in a simple, easy to deploy platform. Everything we do across the company is dedicated to delivering on that mis-sion. If we do that well, and we continue with that passion and focus to make the cyber-world safe, with an eye on delivering world-class solutions that make security simple, that’s a very unique approach in the industry.

How many products you have? Our solutions are divided into the three main

sections Network Protection, Enduser Protec-tion and Server Protection. The networks group consists of UTM & Next-Gen Firewall, the ultimate network security package, Secure Web Gateway (Complete web protection everywhere), Secure Wi-Fi (Remote Ethernet Devices and Access Points) and Secure Email Gateway (Simple protection for a complex problem). Enduser means Enduser Protection Bundles (Comprehen-sive security for users and data), Sophos Cloud (Sophos Security. Cloud Simplicity), SafeGuard Encryption (Protecting your data, wherever it goes), Endpoint Protection (On-premise or cloud-based threat protection for Windows, Mac and Linux) and Mobile Control (Countless devices, one solution for MDM). Last but not least Server Protection includes Virtualization Security (Performs like it isn’t there. Protects because it is), SharePoint Security (Collaborate in confidence), PureMessage (Good news for you. Bad news for spam), Server Security (Pro-server. Anti-virus) and Network Storage Antivirus (High-tech security for high-tech storage)

How do these products address various technology requirements of the market?The vision for Sophos is to be the company that understands the current security landscape, sees the future of where threats are going, and delivers the technology, process, and programs to protect users (corporate and consumer) so that they can focus their efforts on innovating and growing their business.

Briefly tell about your partner ecosystem and engagement strategyThe Sophos Partner Program features tiered benefits to partners that reflect Sophos’s strong commitment to strengthening security and control throughout the network. Sophos Channel Sales Teams provide a deep level of support and are highly responsive to partners. The Program offers distribution of high quality leads to qualified partners, on-line deal registration and dedicated pre-sale and post-sale support. Extensive marketing support and comprehensive training programs are available to enable partners to grow their businesses through new customer acquisitions and incremental sales. ë

Security Made Simple

SOPHOS

THOMAS THOELKE,SALES DIRECTOR NEEMEA, SOPHOS

“We’re unique in our mission to supply complete security (as opposed to a piece by piece point product approach) in a simple, easy to deploy platform. Everything we do across the company is dedicated to delivering on that mission.”

In a crowded, noisy market, Sophos strives for simplicity, making it simple for customers and channel partners to purchase, implement and maintain our security solutions; solutions that work together and scale as customer requirements expand.

MEA35APRIL 2015

GISEC 2015 SPECIAL | ENDPOINT & NETWORK SECURITY

Brief about your company?ComGuard, established in 2002, is a prominent VAD in the IT & Security space. The company is headquartered in Dubai, UAE and is the flagship division of the Spectrum Group, which is engaged in IT networking and security training, managed services, niche hospitality solutions, network consultancy and Broad line distribution, amongst others. ComGuard has invested in its inherent strength in infrastructure, technical skills and customer support to create a niche for itself in the value added distribution space. The biggest strength for ComGuard is the skill sets, which has made it one of the fastest growing VADs in the region. Industry recognition and awards have come ComGuard’s way for its discerning ability to provide value addition to product offerings while effectively helping customers to make most out of them.

Backed by a strong vision and sustained growth, ComGuard’s distribution reach covers 14 countries across the Middle East and APAC with a roster of more than 1,000 partners. As a VAD ComGuard represents a diverse range of world-class security vendors.

What is the present turnover of the company and what is your YoY growth? The current turnover as it stands is app. 195 M AED, which boasts a 60% Year-on Year

How many brands you have and what is the USP of those brands?Ping Identity – provides hybrid SSO, secured authentication and identity servicesKaspersky – advanced end point security solution, security intelligence service, anti DDos & fraud preventionSophos – end point & perimeter security solutionsBluecat – complete IP address management, including DNS & DHCP securityNexthink – end user behavioral analytics, proactive ITSM,

How do these products address various technology requirements of the market?Various requirements are catered to like handling overburden on multiple passwords, identifying individual access to an asset, provides protection against advanced end point attacks, provides secured online banking transactions, threat intelligence services to financial entities, complete security solution for SME segment in a single appliance, helps in managing the IP address space including IPv6, network automation and secured internet access, helps in visualizing end user experience with different applications. Allows help desk to proactively assist users

What services do you provide as a security distributor?As a best-of-the-breed Information Security Distributor, ComGuard provides a web of services including Solutions designing, Pre-sales consultancy, Professional and customized Train-ing services, committed post sales and technical support, onsite implementation & configuration services, POCs &Demos.

What kind of support did you receive from the vendor in projects?As a VAD we attempt to address all foremost requirements of a project. Vendors are requested to intervene only when support levels are escalated to 3 and above.

How are you present in various countries in this region?Head quartered in JLT, Dubai. Offices in Knowl-edge Village & JAFZA, UAE, registered office in AUH, offices in Riyadh & Jeddah, Egypt, Tunisia, Mumbai, Delhi, Bangalore, Singapore

Tell about your road map?In 2015 we are primarily focused on Big Data, Iot, Analytics& Visualization, Cloud, webscale IT, Storage, Power, etc. ë

COMGUARD

AJAY SINGH CHAUHAN,CEO, COMGUARD

STRENGTHSl Pricing power

l Financial leverage

l Brand recognition

l Customer loyalty

l Technical strength

l Marketing muscle

WEAKNESSl Backend process robustness

OPPORTUNITIESl Emerging markets and niche

technologies

l New geographical reach

THREATSl Intense competition

l Mature markets

l Unstable market conditions

CORPORATE HEAD QUARTERS

29th Floor, BB2,

Mazaya Business Avenue,

Jumeirah Lakes Towers,

Dubai, United Arab Emirates

Email:info@comguard.net

Web - http://www.comguard.net/

Tel No.:+971 4 4576500

CONTACT

GISEC 2015 SPECIAL | VADS CORNER

36 APRIL 2015

MEA

Brief about your company?Optimus is a pioneering market enablement company that helps leading technology and telecom vendors develop and create business revenue streams in the Middle East, Africa and South Asian Regions. Founded in 2008, Optimus has leveraged its partnership with key vendors to become a regional player in technology growth and proliferation. In the 7 years since its inception, Optimus has disrupted the traditional technology sales and marketing business models to addeffective quality into the technology channel globally.

What is the present turnover of the company and what is your YoY growth? Optimus is privately held organization we are not allowed to disclose our revenues but we have been witnessing close to 15-18% YoY growth over the last few years

How many brands do you have and what is the USP of those brands?Optimus has built strategic partnerships with some of the best technology brands across the technology and telecom industry, including Huawei, McAfee, Bitdefender, Avayo, Opti-UPS, NetIQ, Novell, Maelys, Jabra&Interquartz in its portfolio. All these brands are market leaders in their own right and complement each other,

enabling Optimus to provide complete turnkey, integrated solutions to its partners.

How do these products address various technology requirements of the market?Optimus believes in addressing the technology requirements of the market by virtue of its market enablement model that combines best of breed products and solutions into an integrated service offering for its vendor and channel base.

What services do you provide as a security distributor?Optimus being a security solutions provider, we provide many services to our channel partners under our OptiSecure Security Consulting Practice. Our service portfolio has been designed to deliver strategic, financial & technical benefits to customers, helping them achieve the desired state of Information Security robustness. Our Security consulting practice offers a full range of security consulting services that can help identify, evaluate, and improve enterprise security across industry verticals in the region. Additionally, we support our partners with Sales, Presales & Professional Services to enable them to position & implement our products with their customers. Through the Optimus Academy, we also provide enablement services to ensure our partners and vendors are better equipped with necessary skills to address customer needs & requirements effectively.

What kind of support did you receive from the vendor in projects?We work as an extension of our vendor’s channel & delivery team and close coordination is critical to the success of our partnership. We receive a lot of support from our vendors, right from customer interaction to technical assistance as well as ongoing trainings programs.

How are you present in various countries in this region?Optimus as a regional solutions provider, we have direct presence in UAE, Qatar, KSA, Pakistan & Egypt. Through these touchpoints, we cover the entire MEA& South Asia markets.

Tell about your road map?We shall continue to add brands & services in information security space to ensure our part-ners are able to provide cutting edge technologies with the desired services to their customers. One of the areas that we’re currently exploring is the MSSP space wherein we would be able to provide Security as a Service to customers. ë

OPTIMUS

NAHULGORADIA,VP - CHANNEL & ALLIANCES, OPTIMUS

STRENGTHSl We are a Market Enablement

company

l Comprehensive suite of Com-

plimentary Products and Services

lOwn Cloud offering platform

lIn-houseChannel Loyalty

Program

l 360° approach to business

allows us greater market penetra-

tion and a keen ability to identify

and deliver on opportunities.

l Optimus is synonymous with

pioneering initiatives to introduce

the market with best-of-breed so-

lutions, technology services and

business practices, much ahead

of its peers. And this has helped

the company subvert challenges

of competition, regulatory compli-

ances or customer demands.

1603, Millennium Plaza Hotel Tower,

near Emirates Towers metro station,

Sheikh Zayed Road, Dubai

E - partners@optimusdistribution.com

T - +971 42379001

F - +971 4 3252558

website: www.optimusdistribution.com

CONTACT

GISEC 2015 SPECIAL | VADS CORNER

MEA37APRIL 2015

Brief about your company?StarLink is acclaimed as the largest and fastest growing “True” Value-Added IT Security Distributor across the META regions with on-the-ground offices in 10 countries. With its innovative Security Framework, StarLink is also recognized as a “Trusted Security Advisor” to over 1000 enterprises and government customers that use one or more of StarLink’s best-of-breed and market-leading technologies, sold through its Channel network of over 250 Partners. The StarLink Solution Lifecycle helps Channel Part-ners differentiate offerings, and assists customers to identify key risks and define priorities for addressing IT Security gaps relating to compli-ance and next-generation threat protection.

What is the present turnover of the company and what is your YoY growth? StarLink turnover was $75 million in revenue in 2014 and we are anticipating a growth to approximately $100 million in 2015.

Tell us about your product portfolio StarLink’s True Value Added IT Security Distri-bution portfolio comprises of 24 leading vendors split into 4 dynamic solution areas, which provide cutting-edge predictive security to business-critical data: Access Control, Advanced Threat

Protection, Risk Management, Secure Mobility& Operational Intelligence.

How do these products address various technology requirements of the market?

The StarLink Security Framework provides a strategic approach that cuts through the clutter and is designed to simplify risk management and ensure that all critical controls for effective enterprise IT Security are in place.

What services do you provide as a security distributor?To our valued customers we are expert con-sultants, bringing best-of-breed IT Security solutions to tackle their IT security concerns; to our vendors, we are a true extension of their sales, marketing and technical teams, The launch of the StarLink Choice program in 2014 helps our partners to optimize revenue and increase their profitability potential. .

What kind of support did you receive from the vendor in projects?StarLink gets excellent sales and technical support from the vendors in its portfolio initially during the on-boarding process, but they typically stay involved only for the first couple of projects. After this point StarLink makes it a point to become an extension of the vendor team in the region. In many cases, StarLink becomes the Authorized Support Center for vendors, as well as, the Authorized Training Center.

How are you present in various countries in this region?StarLink’s business operations have spread across UAE, KSA, Qatar, Bahrain, Oman, Kuwait and over the last couple of years, StarLink has suc-cessfully expanded and exponentially increased its presence in Sub-Saharan Africa, Egypt and Turkey. This year further expansion plans are being executed into Southern Europe and North Africa, as well as North America. Other African countries are also in the pipeline. !

Tell about your road map?From a portfolio perspective, we may also add a couple of key technologies, which are identified from Customer and Partner feedback. We expect to touch, if not cross, the $100 million turnover mark by the end of 2015The general trend seen, for business expansion is from the West towards the Eastern countries! StarLink aims to be a trailblazer in reversing that trend! We are carrying our values, offering and success towards the West! ë

STARLINK

NIDAL OTHMANMD, STARLINK MIDDLE EAST

STRENGTHSl Channel Focus: This year

our theme is ‘Partnering into the

Future’

l Our Exclusive rebate and

incentive program

l Experienced Management

team l Proven technology Solu-

tions l Leading vendors

l Marketing prowess

l True Value-Added-Distribution.

WEAKNESSSMB: StarLink’s focus has been

on enterprise and Government

customers and therefore has con-

sciously overlooked the SMB

OPPORTUNITIESl New Partners

l Emerging markets in the

region:

Address:

Office 4301, Mazaya Business Avenue - BB2

JLT, Dubai, United Arab Emirates.

P.O. Box 99580.

Email: info@starlinkme.net

P: +971 4 2794000 F: +971 4 4306716

Web: http://www.starlinkme.net/

CONTACT

GISEC 2015 SPECIAL | VADS CORNER

38 APRIL 2015

MEA

Brief about your company?Spectrami started with a vision of Vendor Exten-sion model for the vendors that do not have a direct presence in Middle East. The purpose is to act as their extension arm of the principal in the ME in terms of delivering the same service level as they would, in case they had a presence here. We represent niche and specialized solutions that need a proactive engagement with the customer and partner ecosystem. The key to delivery of such solution is not just in presenting the solution to the market, but really in terms of creating a value for it, making customers understand and appreciate the value the solution gives to their business,. The success lies in empowering partners to sell it, carry out POCs, implementing and supporting them in customer’s infrastructure. This requires a comprehensive connected body of ecosystem consisting of sales, pre sales, post sales and marketing which works as a single entity to deliver a seamless experience to the customer and deliver the same experience as a large vendor would give.

So essentially taking certain products that did not have a presence in the region and delivering the same high level SLA as a Tier 1 vendor is the overall contribution to business development that Spectrami creates.

What is the present turnover of the company and what is your YoY

growth? Turnover in 2014 is 10 Million USD; 35% YOY

How many brands do you have and what is the USP of those brands?We have 7 brands. lLogRhythm – SIEM security intelligencelGeneral dynamics Fidelis Cyber Security-

Advanced threat defense solution lTenable –– vulnerability managementlXceedium – Privileged Identity ManagementlGood technology – Enterprise mobility

management lActifio – Radically simple Copy Data

VirtualizationlViolin – All Flash storage array for the cost

of disk

How do these products address various technology requirements of the market?Spectrami solutions portfolio consists of leading and bleeding edge technologies in the Security, Mobility and Storage space. This includes Advanced Threat Protection, SIEM, Network Security Analytics, Incidence Response Platform, Vulnerability Management, DLP, Advanced Forensics, OpenSource Intelligence in security, Enterprise Mobility Management in Mobility and Copy Data Management and All Flash Array in Storage solutions

What services do you provide as a security distributor?We have two teams of technical complement, one the Business Technologist team which works as with customers in terms of helping them identify and adopt technology, the second is the service delivery team consisting of service delivery pro-fessionals and PMO who are responsible for post salesservice delivery. We also provide specialized services including delivering intelligence as a service, incidence response, SOC augmentation and threat identification and mitigation.

How are you present in various countries in this region?We have local presence in all the regions with (KSA,UAE,OMAN,QATAR, KUWAIT ETC) sales and technical representatives.

Tell about your road map?This year will see a substantial growth in business as the customers continue to invest in security and storage solutions. Spectrami has expanded and increased its presence in Kuwait, KSA, Qatar, Oman and South Africa. ë

SPECTRAMI

ANAND CHOUDHA,MANAGING DIRECTOR AT SPECTRAMI

STRENGTHSl Unique Vendor Extension

Business model

l Strong Management team

and experienced local team

presence

l Skilled and highly trained

professional pool

l Infrastructure for providing

training backed by well equipped

Customer Experience Center

WEAKNESSl Logistics, credit and Ware-

housing facilities

OPPORTUNITIESl Add more products to pro-

vide full range of solutions in the

Security and Storage space

l Security is growing market

THREATSl Oil prices going down

Office 2402, Mazaya BB1 Tower, JLT ,P.O. BOX 487840, Dubai, UAE T: +971 4 4357209M: +971 55 4706726Web: www.spectrami.com

CONTACT

GISEC 2015 SPECIAL | VADS CORNER

MEA39APRIL 2015

Conference AgendaSUNDAY 26 APRIL 2015 - GEMEC 2015

9.00 Registration and welcome coffee

9.30 Chairman’s Welcome address

DISRUPTIVE INNOVATION IN ENTERPRISE MOBILITY

10.00 - 10.30 TRAILBLAZER - Why ideation is critical to your enterprise mobility strategy? - Annosh Thakkar, VP, Business, & IT Transformation, Philips Netherlands

10.30 - 11.00 TRAILBLAZER - Opportunity, efficiency and engagement: developing a futuristic enterprise mobility strategy - Bill Douglas, Head of Mobility, Royal Bank of Scotland, UK

11.00 - 11.10 EXHIBITION OPENING CEREMONY

11.10 - 11.40 MORNING TEA AND COFFEE

11.40 - 12.10 KEYNOTE ADDRESS - Enterprise mobility at the forefront of the modern mobile economy - John Banks, Director of Software, GBM

TRANSFORMING YOUR MOBILITY STRATEGY

12.10 - 12.40 KEYNOTE ADDRESS - Taking control with a holistic security strategy - Senior Executive, Citrix

SECURITY

12.40 - 13.10 INTERVIEW - Application economy and the impact of IoT on your mobility strategy - Sameer S Poonja, Head of Digital Technologies, Emirates Group IT

13.10 - 13.40 KEYNOTE ADDRESS - Stay Focused! The device is one thing, but managing information is everything - Eng. Muhammad Said, Managing Director, Asyad Capital for Technology Services

13.40 - 14.50 Networking Lunch

14.50 - 15.30

IDEA SWAP - Core tenets of successful enterprise mobility Jean-Pierre Mondalek, General Manager UAE, UBERSamir Khan, Regional Information Technology Head, African + EasternAdrian Davis, Managing Director EMEA, ISC2Jonas Zelba, Senior Research Analyst, ICT, Middle East and North Africa, Frost & Sullivan

RISK VS. RETURN

15.30 - 16.00How eliminating mobility silos will reduce risk and optimize service deliveryWalter Wehner, Director of IT Network and Infrastructure, Atlantis, The Palm

16.00 - 16.30 AFTERNOON TEA

16.30 - 17.00Why building an enterprise application suite is worth the workArun Tewary, Vice President (IT) & CIO, Emirates Flight Catering

17.00 CLOSING REMARKS from the chair

SUNDAY 26 APRIL 2015- BRIEFING DAY - GISEC 2015

10.00 - 10.10 Chairman’s Welcome address

INTEGRATING SAFE CITY INTO SMART CITY STRATEGY

10.10 - 10.40 TRAILBLAZER - The journey from a smart city to safe city: strategic plan, projects, and technologies - Bassam AlMaharmeh, MSEE, CISO Ministry of Defence, Jordan

10.40 - 11.10 TRAILBLAZER - Staying ahead of emerging information security threats - Dr. Amirudin Abdul Wahab, Chief Executive Officer, Cybersecurity Malaysia, Ministry of Science, Technology and Innovation

11.10 - 11.40 MORNING TEA AND COFFEE

CYBER SECURITY AND RESILIENCE

11.40 - 12.10Providing a safe and secure environment for future cities through smart technologies - Colonel Khalid Nasser Alrazooqi, General Director of Smart Services Department, Dubai Police GHQ

GEMEC 2015 SPECIAL | AGENDA

40 APRIL 2015

MEA

Conference Agenda12.10 - 12.40

KEYNOTE ADDRESS - Colonel Khalid Nasser Alrazooqi, General Director of Smart Services Department, Dubai Police GHQ -

Addressing cyber security and network challenges in creating a safe city

SECURE INFRASTRUCTURE

12.40 - 13.10Developing a framework for improving critical infrastructure cybersecurity ;Donna Dodson, Chief Cybersecurity Advisor, National Institute of Standards and Training, US Department of Commerce

13.10 - 14.10 Networking Lunch

14.10 - 14.40 Addressing cyber security and network challenges in creating a safe city - Joan Manel Gómez, Head of IT Security, Barcelona City Council

NEXT GEN SECURITY

14.40 - 15.10IDEA SWAP- What new technologies and innovative tools can be embraced for ensuring city security?Shadi Khoja, Director of Strategy, Dubai Smart City.Dr. Amirudin Abdul Wahab, CEO, Cybersecurity Malaysia, Ministry of Science, Technology and Innovation

15.10 CLOSING REMARKS from the chair and close of briefing day

GISEC 2015 - DAY ONE, MONDAY 27 APRIL

10.00 Chairman’s welcome address

CYBER SECURITY MEGATRENDS CISOs CAN’T IGNORE

10.10 - 10.20 WELCOME ADDRESSFarid Farouq, Vice President IT, Dubai World Trade Centre

10.20 - 10.40 TRAILBLAZER - CISO 2020: Are you ready to be the guardian of your state? Dan Lohrmann, ex CSO, State of Michigan, US, Chief Strategist & CSO -Security Mentor

10.50 - 11.20 TRAILBLAZER - No place to hide: Unmasking the risks and threats lurking in our cyber streetsSteve Williamson, Director IT Risk Management, GlaxoSmithhKline, UK

11.20 - 11.50 MORNING COFFEE

NEXT GEN THREATS AND VULNERABILITIES

11.50 - 12.35 KEYNOTE ADDRESS - The threat landscape and future of hacking - Les Anderson, Vice Presidnet of Cyber BT, UAE

12.35 - 13.20 KEYNOTE ADDRESS - Privacy Dilemma - Hani Nofal, Executive Director INS, GBM, UAE

13.20 - 14.30 Networking Lunch

ART AND SCIENCE OF ENTERPRISE SECURITY

14.30 - 15.00

IDEA SWAP - Before the Breach – actions to protect your data from attacks!Manal Masoud, Principal Consultant, Paramount Computer System, UAEAmit Bhatia, Head of Information Security Governance, Oman Insurance CompanyJonas Zelba, Senior Research Analyst, Information and Communication Technologies Practice, MENA, Frost & SullivanHadi Jaafarawi, Managing Director Middle East, Qualys Inc, UAENader Baghdadi, Regional Enterprise Director South Gulf & Pakistan, Fortinet

15.00 - 15.30IDEA SWAP - Protection from within - learnings from the Snowden affairAhmed Baig, Senior Director – Corporate Strategy, Risk & Excellence, Smartworld - A Dubai Government Entity, UAENick Pollard, Senior Director Professional Services, EMEA & APAC, Guidnace Software Inc, UAE

15.30 - 16.00 AFTERNOON TEA

16.00 - 17.00 TRAINING SESSION - Hands-on-Session: How do you build a vigilint security culture in your organisation?Dan Lohrmann, ex CSO State of Michigan, US

17.00 CLOSING REMARKS from the chair and close of conference day

17.30 I.T. Security AWARDS Ceremony

MEA41APRIL 2015

GEMEC 2015 SPECIAL | AGENDA

GISEC 2015 - DAY TWO, TUESDAY 28 APRIL

10.00 Chairman’s welcome address

SCHNEIER ON SECURITY

10.10 - 10.40 TRAILBLAZER - Reactions and learnings from the Sony Hack - Bruce Schneier, Fellow, Berkman Center for Internet and Society, Harvard Law School, US

INTELLIGENCE DRIVEN SECURITY AND RISK MANAGEMENT

10.40 - 11.10 KEYNOTE ADDRESS - What do we need to make IoT security a reality? - Phillipe Roggeband, Business Development Manager, Cisco Security Architecture

11.10 - 11.40 KEYNOTE ADDRESS - The Defenders Advantage - Peter Clay, CISO, Invotas

11.40 - 12.10 KEYNOTE ADDRESS - Revealing the quiet intruder – understanding techniques used in modern cyber attacks - Brian Tokuyoshi, Senior Solutions Analyst, Palo Alto Networks

12.10 - 12.40 MORNING COFFEE

NEXT GEN THREATS AND VULNERABILITIES

12.40 - 13.05 KEYNOTE ADDRESS - The enterprise impact of cyber risk through the shareholder lens - Kamran Ahsan, Senior Director of Security Services, Digital Services Business, Etisalat, UAE

13.10 - 13.40 KEYNOTE ADDRESS - Intelligent Security Operations Centre (I-SOC) - Framework - Firosh Ummer, MD EMEA, Paladion

13.40 - 14.30 Networking Lunch

INCIDENT RESPONSE

14.30 - 15.00

IDEA SWAP - The future of authentication amongst web services Brett McDowell, Executive Director, FIDO AllianceMayank Upadhyay, Director of Engineering, GoogleDhruv Soi, Chair, OWASP India

15.00 - 15.30

IDEA SWAP - Protect, detect, respond: anatomy of an effective incident response planMohammed Darwish Azad, Head of Group Information Security, Group IT - Emirates NBDRoshdi A. Osman, Deputy CISO, Banque Saudi FransiMayank Upadhyay, Director of Engineering, Google

15.30 - 16.00IDEA SWAP - Active defence: how can data-centric protection increase security in cloud computing and virtualisation?Dr. Jassim Haji, Director Information Technology, Gulf AirGeorge Yacoub, Acting Group CIO, SEHA

16.00 CLOSING REMARKS from the chair and close of the conference

Conference Agenda

GEMEC 2015 SPECIAL | AGENDA

42 APRIL 2015

MEA

Copyright © Unify GmbH & Co. KG, 2014

Formerly Siemens Enterprise Communications

We unify.You thrive.In this hyper-connected, always-on world, today’s anywhere workers are demanding more from the devices and enterprise apps they use to connect and collaborate.

We say, give in to their demands.

unify.com/thrive

UNI-3746 ME Thrive Print Ad.indd 1 2/11/2014 2:49 PM