[go: up one dir, main page]

CXO DX April 2023

Page 1

THE CIO’S CENTRAL ROLE

The CIO’s role continues to become more central in the face of the greater significance that Technologies play in enabling Businesses. While the CIO is tasked with steering forward various digital transformation initiatives, yet the focus must be equally across several key aspects to ensure success. Overseeing that legacy systems are operational if Businesses require them is a responsibility, but they need to ensure that newer technologies such as AI and IoT for instance are brought in as early as possible to drive greater innovation and keep the Business aligned with its ambitions and objectives. Likewise, the CIO also needs to maintain a fine balance between what technologies are best to choose for the Business and budgetary constraints on the other hand.

Cybersecurity concerns are now right at the forefront of a CIO’s concerns. Keeping infrastructure and data secure from breaches requires a strategic approach to cybersecurity. Data management and ensuring compliance regulations are met always are also one of the responsibilities of the CIO. As highlighted in the cover story of this edition, they must also formulate a good backup and disaster recovery strategy for the organization. They must also build and have a good team around to delegate operational responsibilities while they focus more on strategies ahead for accelerating the technology transformation of the organization to enhance business growth. The CIO must ensure that the technologies put in place are helping employees be most effective including access to the best hybrid workplace technologies and that the company’s systems are well aligned with all regular partners, both vendors, and suppliers to ensure effective collaboration. In the final outcome, the CIO needs to ensure that customers are happy with the ease with which they can access their services digitally and have personalised experience.

In all these objectives, frequent interactions with the C-suite stakeholders and others in different Business functions will help the CIO gain insight into what the Business requires and how they can add value as the technology head. Improving Business processes, ensuring cost efficiencies and customer experience in short will ensure the success of the CIO.

+971-50-2489676

3 APRIL 2023 / CXO DX » EDITORIAL
PUBLISHED BY - Leap Media Solutions LLC REGISTERED OFFICE: Office 10, Sharjah Media City | www.cxodx.com RAMAN NARAYAN Co-Founder & Editor in Chief narayan@leapmediallc.com Mob: +971-55-7802403 Sunil Kumar Designer Nihal Shetty Webmaster MALLIKA REGO Co-Founder & Director Client Solutions mallika@leapmediallc.com Mob: SAUMYADEEP HALDER Co-Founder & MD saumyadeep@leapmediallc.com Mob: +971-54-4458401

21 » BUILDING CYBER RESILIENCE

Anton Shipulin at Nozomi Networks discusses the need to enhance visibility and continuous security monitoring

22 » ENHANCING CYBERSECURITY POSTURE

14

14 » DATA BACKUP: AN INSURANCE STRATEGY FOR ENTERPRISES

An effective data backup strategy goes a long way in ensuring enterprises can compete without disruption in operations in the face of any unexpected data loss

12 » NUTANIX STUDY SHOWS DATA MANAGEMENT BECOMING MORE COMPLEX

13 » SOPHOS DEMONSTRATES HOW TO MAKE CHATGPT A CYBERSECURITY CO-PILOT

19 » BOOSTING CYBERSECURITY READINESS

Ross Brewer, Chief Revenue Officer of SimSpace discusses the cybersecurity landscape

Jose Menacherry, MD, Bulwark Technologies discusses the continued demand for point solutions as well as the need for better cybersecurity awareness

23 » FOCUSING ON RISK MANAGEMENT

Darren Craig, CEO, RiskXchange speaks to CXO DX about how the company’s solution focuses on managing risks across attack surfaces.

COLUMN

24 » TOWARDS DATA MINIMALISM

Matt Watts, CTO, NetApp explains how reducing the data a company holds and moving it to the cloud will reduce emissions.

26 » WHY ASSET MANAGEMENT SHOULD BE THE CIO’S TOP PRIORITY

Ishpreet Singh, CIO, Qualys says a comprehensive, up-to-date and accurate asset management (AM) program is the lynchpin for any IT/security team’s success.

28 » HACKTIVISM AND THE NEW AGE OF CYBER WARFARE

Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software, looks at the rise of a new type of hacktivism

30 » NINE WAYS SMART DATA IMPROVES FACTORY OPERATIONS

Pranish Kushare, Infor’s Sr. Principal Solutions Consultant MEA discusses how enabling role based access to data for all workers can help them make valuable decision-making insights.

32 » THE CHIEF ZERO TRUST OFFICER: A NEW ROLE FOR A NEW ERA OF

CYBERSECURITY

John Engates, Field CTO at Cloudflare believes the emergence of the new role of the CZTO will help lead the Zero Trust initiative

34 » CHOOSING A CUSTOMER SERVICE SOLUTION FOR YOUR ENTERPRISE

Mark Ashton, VP EMEA Customer Workflow at ServiceNow discusses the need for a modern platforms based CSM

REGULARS

STATS

4 CXO DX / APRIL 2023
NEWS
» CONTENTS COVER
06 »
36 » TECHSHOW 38 » TRENDS &
STORY
INTERVIEW
NEWS INSIGHT

DELL TECHNOLOGIES INTEGRATES CEE AND META REGIONS

This will help support customer innovation and faster access to global markets

Dell Technologies has formed a new Central & Eastern Europe, Middle East, Turkey & Africa (CEEMETA) region. The move increases operational efficiencies and supports partner growth to help customers to achieve their digital transformation goals.

The new region will represent a more extensive customer, partner and talent base, thereby allowing Dell to further build its strong partner network and quickly adapt to market shifts. Building on Dell’s strong channel partner footprint, the CEEMETA region will help partners to access global markets, enhance business capabilities and support customers respond to new business opportunities.

The new CEEMETA region covers more than 70 markets and will be led by Mohammed Amin, who has led Dell’s operations across the META region for the last two decades.

Adrian McDonald, President EMEA, Dell Technologies, said: “The new structure will offer us immense opportunities to be more agile and better focused on our customers’ constantly expanding digital needs. Forming the CEEMETA region creates new avenues of growth for our employees, partners and customers.”

Mohammed Amin, Senior Vice President, CEEMETA, Dell Technologies, said: “As the new Dell CEEMETA team, we look forward to capitalizing on our combined strengths to generate new opportunities for all. Together, we are well-positioned to dive in and support our customers on their digital transformation journeys. Technology is a key enabler of growth, and I’m excited to create an impact by making today’s breakthrough innovation more accessible for our customers and partners.”

GULF BUSINESS MACHINES ANNOUNCES MIKE WESTON AS CEO

New CEO to build on GBM’s strategic vision for the region and lead on the organization’s growth trajectory

Gulf Business Machines (GBM) has announced the appointment of Mike Weston as Chief Executive Officer (CEO) for the company’s regional operations based out of Dubai.

Weston joins from IBM, where he was most recently the Chief Revenue Officer for IBM’s MEA operations.

“The board is delighted to announce Mike’s appointment as GBM’s CEO,” said Marwan Faraj Bin Hamoodah, GBM Chairman. “His decades of experience working in leadership roles for global IT players such as Cisco and IBM, with a proven track record in transforming businesses make him perfectly suited to lead GBM at this pivotal time in our growth journey. We believe Mike, alongside the executive management team, will continue to build on GBM's success over the

past overseeing employee development and creating value for stakeholders. The Board looks forward to Mike’s contribu-

tion to GBM and its customers across the region.”

Weston has over 30 years of experience, holding multi-leadership roles in technology companies across Europe Middle East and Asia Pacific.

“I am delighted to be joining GBM at such an exciting time and I’m looking forward to working with the team here to build on the successes of the past 33 years,” commented Weston. “GBM has made immense strides over the past three decades to establish and cement itself as a leading digital solutions provider in the region, and together with the team, I will continue to leverage and strengthen GBM’s strategic alliances and relationships with customers and vendors, while strengthening this growth trajectory focusing on the latest technology offerings.”

6 CXO DX / APRIL 2023
» NEWS
Mohammed Amin Senior Vice President, CEEMETA, Dell Technologies Mike Weston CEO, Gulf Business Machines

EVANSSION PARTNERS WITH EXTRAHOP

The partnership enhances and deepens Evanssion’s diverse cyber defense stack offering for partners and enterprises.

Evanssion, a leading cybersecurity and cloud-native value distributor, announced its partnership with ExtraHop, the leader in cloud-native network detection and response, across the Middle East region. Through this partnership, Evanssion’s customers and partners will be able to leverage cutting-edge network detection and response (NDR) solutions from ExtraHop.

In response to an increase in cyberattacks this past year, there has been a widespread deployment of NDR solutions to eliminate blind spots and inspect east-west traffic for threats and anomalies. When used in conjunction with EDR and SIEM solutions, NDR fills in the gaps that other tools may miss, detecting threats across the entire network from data centers to remote locations and in the cloud.

A recent report from MarketsandMarkets, published in January 2022, projected that

the global network detection and response market would grow from $1.1 billion in 2021 to $3.3 billion by 2026, at a CAGR of 24.7% during the forecast period.

Fouad Tawk, Area Vice President for the Middle East, Turkey and North Africa at ExtraHop, said: “ExtraHop can help enterprises stop breaches 84% faster with cloud-scale machine learning across cloud, hybrid, and distributed environments. With ExtraHop Reveal(x), Evanssion can deliver an enterprise-class NDR solution for the modern SOC, so security teams can unlock complete 360-degree visibility, real-time detection, and intelligent response to act with confidence and speed.”

“We are confident that this partnership with ExtraHop, the leader in NDR, will drive change and impact customer experience to easily adopt the best cyber defense practices," said Ahmed Al Qadri, CEO of

Evanssion. "This partnership is a great opportunity for ExtraHop to showcase their value proposition to our enterprise customers and partners."

AVEVA COMMITS TO SUBSCRIPTION TRANSITION TO FOSTER FLEXIBLE INDUSTRIAL INNOVATION

Customers can trade-in perpetual licenses for subscription access to AVEVA’s entire portfolio

AVEVA, a world leader in industrial software, has announced its portfolio-wide transition to a subscription business model. To accelerate access to modern solutions and meet dynamic business needs, customers can trade-in their existing perpetual licenses for subscriptions spanning any mix of cloud, hybrid, and on-premises solutions across the design-operate-optimize industrial lifecycle.

The AVEVA Flex subscription program revolutionizes the way industrial software is purchased and consumed. It can help reduce upfront costs as much as 65%, while enabling flexibility and scalability to respond to changing business needs, industry standards and regulatory requirements.

New licenses for major engineering and operations solutions in AVEVA’s soft-

ware portfolio are now subscription only, and the company has set a target to transition 80 percent of customer licenses from perpetual to subscription by 2025.

Saadi Kermani, Vice President of Cloud Platform and Digital Business at AVEVA, said, “Industrial organizations, taking a hybrid approach to their software architectures, are capitalizing on the increased data insights and functionality that cloud-based solutions provide - without giving up much-needed tools on-premises. A single subscription program that spans edge-to-cloud solutions and from engineering to operations can empower teams to connect and collaborate in new and agile ways.

He added: “As opposed to traditional perpetual software, where ownership creates incentives to use dated and potentially unsupported software over time, AVEVA Flex instead ensures you are always on your software’s latest, most capable version—and you always know what your software costs are.”

7 APRIL 2023 / CXO DX
» NEWS
Saadi Kermani Vice President of Cloud Platform and Digital Business at AVEVA Al Qadri CEO of Evanssion

FRESHWORKS EMBEDS GENERATIVE AI TO HELP CUSTOMER SUPPORT, SALES AND MARKETING TEAMS

Freshworks’ extends its Freddy AI strategy with the latest GPT large language models

Freshworks announced new GPT-based conversational enhancements to Freshworks’ natively-built AI powered assistant, Freddy. Using OpenAI’s ChatGPT and underlying large language models, the latest generative AI capabilities of Freddy help a wide range of customer-facing professionals work faster, smarter, and more effectively. Customer service agents respond quickly to customers and employees in the right tone, marketers compose more compelling copy in a fraction of the time, and salespeople craft powerful emails that hook in a prospect.

updates using the latest in GPT large language models bring even more value to these experiences,” said Prakash Ramamurthy, Chief Product Officer at Freshworks. “We are fundamentally transforming how Freshworks customers will interact with our products through more conversations and fewer clicks.”

Conversational AI will be embedded via Freddy across Freshworks’ entire customer and employee suite of products. Customer support agents will deliver faster issue resolution and have higher quality conversations with customers. Marketers will receive smart customer segmentation and optimized email content to maximize campaign efficacy. Sellers will close more deals through recommendations on opportunities with highest potential.

F5’S MCN SOLUTIONS SIMPLIFY OPERATIONS FOR DISTRIBUTED APPLICATION DEPLOYMENTS

F5 Distributed Cloud Services securely connect apps and APIs across cloud, hybrid, and edge environments

F5 announced multi-cloud networking (MCN) capabilities to easily extend application and security services across one or more public clouds, hybrid deployments, native Kubernetes environments, and edge sites.

According to F5’s 2023 State of Application Strategy (SOAS) report1, 85% of organizations operate distributed application deployments, spanning traditional and modern architectures and multiple hosting environments. However, these distributed deployments add operational complexity and cost, obscure visibility, and increase the surface area for potential cyberattacks.

F5 delivers a platform-based approach that is cloud-agnostic and purpose-built to meet the needs of traditional and modern apps—all without increasing complexity or losing granular control and necessary

“We’ve made significant investments in our AI strategy over the last five years to enhance agent productivity and their customers’ experience. The newest Freddy visibility.

Per the 2023 SOAS report, the top-rated multi-cloud challenges are managing the complexity of associated tools and APIs, applying consistent security across apps, and optimizing app performance. To properly address these challenges, a more comprehensive approach to secure MCN is required.

“Secure app-to-app connectivity is obviously a goal for every digital organization, but how this is achieved has become increasingly important,” said Michael Rau, SVP and General Manager, F5 Distributed Cloud Platform and Security Services.

“The proliferation of cloud and hybrid architectures has coincided with the rise of microservices and API-heavy distributed applications—all of which contribute complexity and diminish visibility. Dis-

tributed Cloud Services greatly expand our ability to serve customers’ hybrid and multi-cloud use cases, providing unparalleled agility and security for global infrastructure and app environments.”

8 CXO DX / APRIL 2023 » NEWS
Prakash Ramamurthy Chief Product Officer, Freshworks Michael Rau SVP and General Manager, F5

TENABLE BOLSTERS TENABLE OT SECURITY

Updates to core functionality make it easier than ever for IT security teams to gain visibility, security and compliance for their OT environments

Tenable, the Exposure Management company, announced new capabilities within Tenable OT Security, providing broader protection for operational technology (OT), critical infrastructure and industrial control systems, regardless of size of deployment or configuration of environment. The new functionality keeps the CISO’s organization front and center — making it even easier to secure and maintain governance of the entire attack surface, using the same tools and processes across their infrastructure, be it OT, IT, IoT, cloud or other platforms.

Tenable is uniquely positioned to help its clients meet their security requirements, offering a comprehensive solution for securing mixed environments. This latest update extends Tenable OT Security’s vulnerability detection capabilities even further with the upgrade to the OT active scanner and an even tighter integration with Nessus, Tenable’s industry-leading

vulnerability scanning technology. Tenable OT Security now offers customers unprecedented scanning capabilities using the technology trusted by more than 40,000 security teams worldwide.

Key new capabilities include Increased Asset Discovery and Visibility, Advanced Vulnerability and Threat Detection and Advanced Vulnerability and Threat Detection

“We consistently hear from CISOs that they have been tasked with security for mixed environments that include both OT and IT technologies, but they don’t have the requisite visibility to secure either well. The new capabilities added to Tenable OT Security provide our customers with full visibility, security and control of all their environments and assets, in one consolidated view,” explains Amir Hirsh, General Manager, OT Security, Tenable. “Now, our customers can leverage the full strength of Tenable OT active scanning,

tightly integrated with embedded Nessus scans for IT assets, to create a clear view of all assets, their vulnerabilities, risk score, attack path analysis and more.”

INFOPERCEPT OPENS ITS FIRST MIDDLE EAST OFFICE IN KUWAIT

The company is set to expand operations across the region

Infopercept, a global cybersecurity solutions and services company, announced the opening of its office in Kuwait.

Infopercept has a strong base of partners and customers in key regions in the Middle East, such as Saudi Arabia, Kuwait and Bahrain. The opening of office is the first step towards its expansion strategy for the region.

Speaking about the development, Jaydeep Ruparelia, CEO Infopercept Consulting Pvt Ltd, said,“ Infopercept has been present in the Middle East for more than five years now. Our offensive first approach and coverage of all three pillars of cybersecurity: offensive, defensive and compliance, have resonated well with the regional customers and partners. We have seen good growth in the Middle East and hence want to serve our customers and partners more closely with a direct presence in the region.”

For choosing Kuwait as the location, Ruparelia added, “Kuwait is a mature and cybersecurity - aware market. We have many customers here which are on our

Invinsense platform of XDR, deception, offensive and compliance. Kuwait was the best choice for us to support our existing customers closely and to protect more and more prospect organizations with our comprehensive cybersecurity solutions and services. We plan to adopt an aggressive channel approach in the region.”

Mohammed Ali Haider, Managing Partner Kuwait, Infopercept, said, “Kuwait is witnessing a huge digital transformation wave, and organizations of all sizes and verticals need to start implementing security as their DNA to make their digital transformation a success story Infopercept can assist organizations in all aspects of cybersecurity, from strategy to operations, including compliance, offensive security, and defensive security. We have aggressive expansion plans for the region and a direct presence is a part of that.”

10 CXO DX / APRIL 2023 » NEWS
Jaydeep Ruparelia CEO, Infopercept Consulting Amir Hirsh General Manager, OT Security, Tenable

CRAYON DATA AND

VISA PARTNER TO POWER AI-LED PERSONAL DIGITAL STOREFRONTS

By partnering with Visa, Crayon Data will provide Personalised Lifestyle Marketplace Crayon Data, a leading global artificial intelligence and big data company, announced its partnership with Visa aimed at powering AI-led personal digital storefronts for issuers. Together, Crayon Data and Visa will empower issuers to create superlative digital experiences for their customers, with AI-led relevance and personalization solutions.

Issuers desire to create new revenue streams by crafting highly differentiated solutions, financial and non-financial, for both cardholders and merchants. This partnership creates a strategic opportunity for Crayon Data to help Visa’s global issuers achieve their desired goals by unlocking the value of their data.

Suresh Shankar, CEO & Founder of Crayon Data, says, “About 71 percent of consumers expect companies to deliver personalized experiences. Although banks have long sought this, they still

struggle with the difficulties in data and technology. With digital natives such as Gen-Z demanding a seamless CX as table stakes, and with the rapid escalation of competition from neo banks and fintech organizations, the next few years will see a complete reshaping of the customer experience in the payments space.”

Crayon Data’s flagship platform, maya.ai, powered by patented algorithms and Machine Learning (ML), generates simple, easy-to-understand, and relevant insights based on non-PII consumer data. These AI-led insights help enterprises transform customer engagement via hyper-personalization. maya.ai is the force behind: digital personal storefronts for leading card issuer in India (~15M customers, ~30B$ portfolio); successful digital wallet in ASEAN (~10M customers, 25B$ portfolio); and personalized lifestyle marketplace for a leading Islamic bank in UAE (~1M customers, 15B$ portfolio). With

this partnership, Visa's ecosystem can leverage maya.ai, to deliver lasting loyalty built on relevance.

NETSKOPE AND ZOOM TEAM UP TO DELIVER ENHANCED COLLABORATION EXPERIENCES

Integrated solutions optimize connectivity and security of Zoom voice and video communications using Netskope Borderless SD-WAN and Netskope SSPM

Netskope, a leader in SASE, announced new integrations with Zoom that connect Netskope’s Borderless SD-WAN and SaaS Security Posture Management (SSPM) with Zoom UCaaS to deliver one of the most reliable, optimized connectivity and enhanced security solutions for effective user collaboration. Through these Netskope integrations, organizations using Zoom can now significantly enhance the user experience while staying compliant with privacy and security regulations.

Unified-communications-as-a-service (UCaaS) users often struggle with low reliability, high latency, and network disruption, all of which limit worker productivity. Netskope Borderless SD-WAN enables highly reliable, optimized access to Zoom by automatically identifying and prioritizing Zoom connections, and improv-

ing network performance with on-demand remediation. Netskope also simplifies remote maintenance of Zoom Phone behind

Netskope SASE Gateway with built-in secure inbound access service. In addition, Netskope SaaS Security Posture Management (SSPM) continuously monitors Zoom environments to discover and remediate any misconfigurations that could weaken security, helping maintain compliance with industry standards and regulations.

“Together, Netskope and Zoom provide organizations with the ability to deliver the collaboration experience users are expecting, while doing it in a secure way that does not interrupt business and helps them stay compliant with industry standards and regulations,” said Parag Thakore, Senior Vice President, Borderless SDWAN, Netskope. “We are proud to work with Zoom and together look forward to a continued expansion of how our solutions integrate.”

11 APRIL 2023 / CXO DX
» NEWS
Parag Thakore Senior Vice President, Borderless SD-WAN, Netskope Suresh Shankar CEO & Founder, Crayon Data

Data Management becoming more complex as cloud deployments diversify

Organizations want a single hybrid multicloud platform to run applications and manage data across diverse IT environments

Nutanix, a leader in hybrid multicloud computing, announced the findings of its fifth global Enterprise Cloud Index (ECI) survey and research report, which measures enterprise progress with cloud adoption. This year’s ECI showed that IT infrastructure is increasingly diverse with organizations challenged with integrating data management and control.

In the past five years of conducting the ECI, respondents' attitudes have drastically shifted toward the use of multiple IT environments. In 2018, well over half of respondents said they envisioned running all workloads exclusively in either a private cloud or the public cloud one day. Rather than working to consolidate on a particular infrastructure or IT operating model, as seemed desirable in 2018, most enterprises now see the inevitability, and even benefits, of running workloads across public cloud, on-premises and at the edge.

The goal for organizations now is to make this hybrid operating model more efficient, especially when managing IT environments across the edge to the core. The growing level of diversity in cloud deployments creates enormous complexity in managing application’s data across cloud environments. Comprehensive tools that allow organizations to provision, move, manage, monitor, and secure applications and data from a single console in a uniform manner is a growing priority for IT. Nearly all respondents say they’d benefit from having a single, unified control plane to manage applications and data across diverse environments.

Key findings from this year’s report include:

• Most organizations use more than one type of IT infrastructure, and nearly all agree that having a single platform to manage them all consistently would be ideal. The majority (60%) of IT teams leverage

more than one IT infrastructure, whether it is a mix of private and public clouds, multiple public clouds, or an on-premises datacenter along with a hosted datacenter. That number is expected to grow to nearly three quarters (74%) in the near future. However, this leads to challenges and 94% say they’d benefit from having a single place to manage applications and data across diverse environments.

• Data security and management considerations drive IT infrastructure choices. Data is driving infrastructure decisions for enterprises, with data security, protection and recovery, and sovereignty topping the list of key drivers. However, visibility is a growing challenge. While 94% of respondents agree that having full visibility is important, only 40% of ECI respondents report having complete visibility into where their data resides.

• Cloud cost control ranks as a top IT management challenge. Among respondents, 85% consider cloud cost a challenging IT management issue, and more

than a third (34%) rank it a “significant” challenge. Specifically, application migration across clouds is currently a pain point for organizations with 86% of respondents agreeing that moving applications among environments can be complex and costly. Additionally, nearly half of respondents (46%) plan to repatriate some applications to on-premises datacenters to mitigate cloud costs in the year ahead.

• Nearly all respondents (96%) have begun using open-source Kubernetes orchestration. But they cite designing and configuring the underlying infrastructure, storage, and database services as among the top challenges they continue to face with their Kubernetes deployments.

Nearly all (92%) respondents agree that sustainability is more important to their organization than it was a year ago. This shift in priorities is primarily driven by corporate Environment, Social and Governance (ESG) initiatives (63%), supply chain disruptions (59%), and customers’ purchasing decisions (48%).

12 CXO DX / APRIL 2023 » NEWS INSIGHT

SOPHOS DEMONSTRATES HOW TO MAKE CHATGPT A CYBERSECURITY CO-PILOT

The AI Model can more easily filter malicious activity in XDR Telemetry, improve Spam Filters, and simplify the analysis of living off the Land Binaries

Sophos, a global leader in innovating and delivering cybersecurity as a service, released new research on how the cybersecurity industry can leverage GPT-3, the language model behind the now well-known ChatGPT framework, as a co-pilot to help defeat attackers. The latest report, “Applying AI Language Processing to Cyber Defenses,” details projects developed by Sophos X-Ops using GPT-3's large language models to simplify the search for malicious activity in datasets from security software, more accurately filter spam, and speed up analysis of “living off the land” binary (LOLBin) attacks.

“Since OpenAI unveiled ChatGPT back in November, the security community has largely focused on the potential risks this new technology could bring. Can the AI help wannabee attackers write malware or help cybercriminals write much more convincing phishing emails? Perhaps, but, at Sophos, we’ve long seen AI as an ally rather than an enemy for defenders, making it a cornerstone technology for Sophos, and GPT-3 is no different. The security community should be paying attention not just to the potential risks, but the potential opportunities GPT-3 brings,” said Sean Gallagher, principal threat researcher, Sophos.

Sophos X-Ops researchers, including SophosAI Principal Data Scientist Younghoo Lee, have been working on three prototype projects that demonstrate the potential of GPT-3 as an assistant to cybersecurity defenders. All three use a technique called “fewshot learning” to train the AI model with just a few data samples, reducing the need to collect a large volume of pre-classified data.

The first application Sophos tested with the few-shot learning method was a natural language query interface for sifting through malicious activity in security software telemetry; specifically, Sophos tested the model against its endpoint detection and response product. With this interface, defenders can filter through the telemetry with basic English commands, removing the need for defenders to understand SQL or a database’s underlying structure.

Next, Sophos tested a new spam filter using ChatGPT and found that, when compared to other machine learning models for spam filtering, the filter using GPT-3 was significantly more accurate. Finally, Sophos researchers were able to create a program to sim-

plify the process for reverse-engineering the command lines of LOLBins. Such reverse-engineering is notoriously difficult, but also critical for understanding LOLBins’ behavior—and putting a stop to those types of attacks in the future.

“One of the growing concerns within security operation centers is the sheer amount of ‘noise’ coming in. There are just too many notifications and detections to sort through, and many companies are dealing with limited resources. We’ve proved that, with something like GPT-3, we can simplify certain labor-intensive processes and give back valuable time to defenders. We are already working on incorporating some of the prototypes above into our products, and we’ve made the results of our efforts available on our GitHub for those interested in testing GPT-3 in their own analysis environments. In the future, we believe that GPT-3 may very well become a standard co-pilot for security experts,” said Gallagher.

13 APRIL 2023 / CXO DX » NEWS INSIGHT
Sean Gallagher principal threat researcher, Sophos

DATA BACKUP : An Insurance Strategy for Enterprises

An effective data backup strategy goes a long way in ensuring enterprises can compete without disruption of operations in the face of any unexpected data loss

14 CXO DX / APRIL 2023 » COVER STORY

The importance of data as a digital asset cannot be underscored enough. Data is the new oil it is said and is obvious why it is so. It helps Businesses make informed decisions that impact their business growth and future. Data becomes a company’s competitive advantage, and any pilferage of it can be damaging and any data loss can turn out to be a huge disaster. This is why, data management, backup, and security need to be among the top priorities for businesses. The velocity with which data is produced has seen explosive growth with the proliferation of endpoint devices and technology like IoT sensors. Against this context, enterprises need to have a strong strategy for data backup.

According to the 3-2-1 backup rule, you should have 3 copies of your data, with 2 across different backup formats, and 1 backup stored offsite. However, this rule has further evolved and there are variations of it. such as The 3-2-1-1-0 rule recommends an additional “Air Gapped” or offline backup and adding a check process to ensure all backups have zero errors. On the other hand, the 4-3-2 rule recommends keeping 4 copies of data including the original, three copies stored across three different locations, and at least two copies stored on different storage media. These scenarios effectively minimise the threat of data loss.

Vinay Sharma, Group Director, IT, Gulftainer says, “Data backup strategy is critical for enterprises as part of a business continuity plan. This is because enterprise digital ecosystems deal with large volumes of data that are critical to their operations and any loss of data due to system failure, human error, or cyberattacks can result in significant financial losses, regulatory fines, reputational damage, and even legal liabilities. The main objective of a data backup strategy is to protect against the loss of critical data due to any reasons which involve creating duplicate copies of critical data and storing them in secure and accessible locations. Also, other objectives of a data backup strategy are to ensure the availability of mission-critical systems, integrity, and confidentiality of an enterprise's critical data to operate the business seamlessly.”

Data loss can be accidental or intentional but whatever the reason, the effects can

be felt in multiple aspects of the business, from revenue to decision-making to brand reputation. A reliable and tested data backup system is therefore critical for enterprises.

Mustanshir Aziz, Head of IT at Automech Group says, “Any organization big or small must have a strategy in place for data backup to safe guard against the loss of important data which can be due to a variety of risks, including hardware failure, cyberattacks, natural disasters, and human error. Losing important and critical data can have catastrophic effects on the organization, with consequences ranging from diminished productivity, loss of revenue, reputational damage and also leading to legal issues. In the event of an unanticipated data loss, a well-designed data backup strategy makes sure that crucial data is securely preserved and can be recovered easily. Investment in it is necessary for the long-term success and survival of the company since it is a crucial component of any enterprise's overall risk management and disaster recovery plan. A data backup strategy for an organization should aim to ensure business continuity, protection against data loss, and enabling fast data recovery.”

A backup strategy essentially translates into backing up data at multiple secure locations so that recovery in the face of data loss can be seamlessly done with a disaster recovery plan.

George Akhras, CIO at AMSI says, “A data backup strategy is critically important for enterprises, as it can help prevent catastrophic data loss that could cause significant financial and reputational damage. Enterprises rely on their data to make informed business decisions, execute critical operations, and maintain customer trust. Losing that data could result in a loss of revenue, legal issues, and even the failure of the entire enterprise. A comprehensive data backup strategy involves regularly backing up all critical data and storing it in multiple locations, including off-site backups. This ensures that if one location experiences a disaster or data loss event, the enterprise can quickly recover its data from another location. In addition to providing protection against data loss, a robust backup strategy can also help with disaster recovery efforts. By having backups readily available, enterprises can recover from disasters more quickly and

efficiently, minimizing the impact on their operations and customers. A well-designed and well-executed data backup strategy is essential for enterprises of all sizes to ensure business continuity, protect against data loss, enhance the brand image, and maintain customer trust. “

In today’s scenario, there is no way enterprises can afford data loss but should a disaster occur, it can result in panic unless the Business has a backup and DR plan to get systems back online and operations running again as quickly as possible. Else, their misfortune can be of advantage to their competitors who can win over some of the new business that could have headed their way. Moreover a data backup strategy also helps meet compliance regulations for certain types of data.

Damir Jaksic, CIO at KEO International Consultants says, “Data backup is crucial for enterprises because it helps protect valuable information from potential threats such as hardware failures, cyber attacks, corruption, and disasters. By having a reliable backup system in place, businesses can avoid unexpected data loss and be prepared for any unforeseen circumstances. With a proper data backup platform, enterprise can easily retrieve their data from the last known good point in time before the problem occurred. This means that in case of an issue, enterprise can recover their mission-critical data quickly, minimizing any potential downtime and loss of

15 APRIL 2023 / CXO DX » COVER STORY
Vinay Sharma Group Director, IT, Gulftainer

productivity. Therefore, it is important for businesses to prioritize data backup as a part of their overall strategy to protect their valuable data and ensure the continuity of their operations.”

Challenges of data backup in hybrid and multi-cloud environments

Data backup in hybrid and multi-cloud environments can be complex and challenging, but with proper planning and implementation, enterprises can mitigate these challenges and ensure that their critical data is backed up and secure.

Mustanshir says,” Teams working in hybrid and multi-cloud environments encounter numerous challenges with data backup. Data security is a significant issue since it may be vulnerable to security flaws and unauthorized access in such systems. Data may occasionally be kept in several locations known as cloud environments. This is referred to as data fragmentation. Data fragmentation makes it more difficult to ensure that all data is backed up because it is spread out over multiple locations. For a number of reasons, backing up data in hybrid and multi-cloud setups can be challenging. First, a weak or unstable internet connection might affect how quickly and successfully backups are completed. Secondly, it could be more difficult to recover the data if something goes wrong because the data may be dispersed across several clouds and data centers. Also, it can be

challenging to keep track of costs without a centralized backup plan because different cloud providers have varying prices and backup requirements. To meet these obstacles, it's crucial to have a solid backup plan in place.”

The complexity of the multi-cloud adds to spiraling costs in managing the data aggregation from different sources and managing the data.

Damir says, “Managing a multi-cloud environment is a significant challenge due to its complexity. This complexity results in increased overhead costs, including the cost of provisioning and maintaining the infrastructure, as well as the cost of aggregating data from different sources. Moreover, this challenge is not unique to multicloud environments, as it is also difficult to find or train staff with the necessary level of expertise to manage any cloud environment, given the depth and breadth of knowledge required.

George elaborates on the challenges and what enterprises need to do to address them. “Data backup in hybrid and multicloud environments can present several challenges for enterprises. Enterprises must ensure that their backup strategy covers all the cloud platforms and on-premises systems in use, which can increase complexity. Enterprises must ensure that their network infrastructure can support the bandwidth requirements needed to move large amounts of data between on-premises systems and cloud platforms. To ensure data security, the enterprise must implement proper access controls and encryption to protect data during backup and transit. Enterprises must ensure that their backup solutions are compatible with all the platforms and systems in use to ensure successful backup and recovery. Finally, enterprises must carefully manage their backup costs by optimizing data storage, using data deduplication and compression, and regularly reviewing backup policies to ensure they align with the enterprise's data backup needs.

Managing data backup in multi-cloud environment includes multiple aspects but there are solutions from leading backup solutions vendors that help navigate this complexity.

Vinay says,” Data backup in hybrid and

multi-cloud environments has many benefits but brings several challenges due to the complex nature of these environments like integration, fragmentation, network bandwidth, data security, managing multiple technologies, skill sets and higher cost.”

Best practices for data backup

As the velocity with which data is being produced continues to accelerate, it is important to ensure that only relevant data is captured and stored. Enterprises therefore need to follow a set of best practices.

Mustanshir says, “When creating a data backup plan, it's important to follow best practices. This includes deciding what needs to be backed up and how often, as well as using multiple backup locations to protect against data loss in case of a disaster. Regular backups should be taken without skipping, and tested to ensure they can be restored and have integrity. The backup procedure should be automated and scheduled to prevent overlap, and employees should be fully trained on the backup processes and response plan in case of data loss. By following these steps, data can be kept safe and secure.”

Enterprises should identify their critical data, such as customer data, financial data, and intellectual property that need to be included in the data backup strategy with a critical focus.

16 CXO DX / APRIL 2023
» COVER STORY
Mustanshir Aziz Head of IT at Automech Group George Akhras CIO at AMSI

George says, “This data must be backed up regularly. Define backup policies for each type of data and ensure that the frequency of backups aligns with the criticality of the data. Regularly review these policies to ensure that they align with the enterprise's needs and business goals. It's also essential to consider changes in regulations and compliance requirements. Have Backup data in multiple locations to ensure redundancy. This ensures that if one backup location fails, the enterprise can recover the data from another location. Regularly test backups to ensure that they are complete and accurate. Finally, data backups should be secured with encryption and access controls to prevent any unauthorized access. Further, automated backup tools can help ensure that backups are performed regularly and as per the backup policy.”

One of the critical aspects of a DR strategy is to be ready for various scenarios as far as data recovery is concerned. Unexpected events such as hardware failure, cyber-attacks, and natural disasters can put your DR plan to test, and coming out on top against such challenges will entail a sound DR plan that is well-tested and validated.

According to Damir, “There are several best practices recommended for performing backups, and the market is full of vendors and solutions to handle them effectively. However, one aspect that is often overlooked is being prepared for various recovery scenarios that may occur. While following the best practices for backups is important, it is equally important to thoroughly test and prepare for different recovery scenarios at the frequency required by your business operations. When a recovery scenario becomes a reality, it can bring with it various problems, so it is essential to be well-prepared. I urge everyone to pay attention to this crucial aspect of data management and testing, as we have all experienced the consequences of inadequate preparation.

For multi-cloud environments, there is a need to look at solutions that can negotiate the diversity of requirements of different platforms in cloud and on-premise and automate the backup process.

Vinay says, “The best practices centric to how critical data is protected, available, and recoverable in the event of a disaster

or data loss. Develop a comprehensive backup strategy that takes into account the unique requirements of hybrid and multicloud environments. This may involve using backup solutions that are designed specifically for multi-cloud environments, using automation to streamline backup processes, and regularly testing and validating backup data to ensure its reliability and accessibility.

Compliance and regulations

Compliance regulations have a significant influence on data management strategies for enterprises. They are put in place to ensure that businesses adhere to legal requirements regarding the collection, storage, use, and sharing of data.

George says, “Compliance regulations require businesses to implement proper data security measures to protect sensitive data. This includes data encryption, access controls, and data backup and recovery. To comply with these regulations, enterprises must implement robust data management strategies that include regular data backups and disaster recovery planning. Data management strategies must consider the retention time and ensure that data is properly stored and backed up during that period. Data management strategies must consider guidelines such as GDPR to ensure that personal data is secure and not shared incorrectly. Data management strategies must consider how compliance reporting will be conducted and ensure that the necessary data is available for reporting. n. Data management strategies must consider data governance policies and ensure that they align with the compliance regulations in place.”

Damir elaborates on the role of the CIO in taking the lead for establishing effective data management strategies.

He says, “As the CIO of our organization, it is imperative to drive progress and dictate strategies for effective data management, while also managing the inherent risks involved. We heavily rely on our multicloud service providers to ensure regulatory compliance, and therefore, selecting the right vendor is paramount. Based on our past experiences and the necessity of a multicloud environment, we strongly recommend avoiding vendor lock-in, to have the freedom to choose applications

and services across multiple cloud infrastructures. Moreover, as we generate vast amounts of data, it is crucial to establish data lifecycles to ensure the removal of useless and redundant data. This strategy is not only essential for efficiency and cost advantages, but also for compliance regulations that govern our industry. Therefore, we prioritize setting policies that ensure the proper management of our data in terms of complexity and cost, while meeting regulatory requirements

Data management strategies today must comply with international and local regulations and also address concerns such as privacy and security.

According to Mustanshir, “Data protection laws are making it harder for businesses to manage their information effectively today than ever before. Organizations need strategies that take into account all the latest compliance standards relating to the collection of sensitive customer information so they can truly safeguard that valuable asset from misuse or unauthorized access by third parties. This means enforcing stringent protocols on what personal details are collected/stored/accessed alongside algorithms/encryption programs etc., ensuring everything is highly secure thus avoiding sizable fines due to any mishap. Compliance standards have forced enterprises to change their approach toward data management strategies. Businesses

17 APRIL 2023 / CXO DX » COVER STORY
Damir Jaksic CIO at KEO International Consultants

must now make privacy and security their top priorities while adhering to legal requirements. The need for stringent measures is essential in protecting valuable information while complying with industry-specific regulations.

Compliance should be a priority for enterprises when developing data management strategies.

Vinay says, “Compliance regulations are shaping data management strategies and need to incorporate data management strategies to comply with relevant regulations to avoid legal and financial consequences. Follow regulatory compliance requirements: Enterprises should follow regulatory compliance requirements for data backup, retention, and protection. This may involve implementing backup policies and procedures that comply with relevant laws and regulations, such as GDPR, HIPAA, or PCI-DSS.”:

Avoiding data clutter

Enterprises are today faced with an increasing velocity and volume of data to manage. For enterprises, managing this means the need to eliminate data clutter and only back up relevant data. This will entail defining various data types that appear critical for business workflow and in line with compliance requirements. In addition storage space is valuable and so well defined policies towards data management will ensure this is optimized.

Mustanshir says, “The importance of having a clean and reliable data backup system can't be stressed enough, especially when important business or personal information is at stake. The solution lies in implementing processes that minimize clutter and guarantee quality maintenance of stored content. A few recommendations include creating a data retention policy that specifies what gets backed up; automating the process to abolish mistakes; frequently validating backups for accuracy; lastly utilizing version control tools. Safeguarding critical business information from loss or theft requires proactive efforts such as developing an effective backup plan. By regularly inspecting backup logs and investigating any problems identified, companies can take corrective action before serious issues arise. Furthermore, using advanced technologies such as data deduplication

tools enables identification of duplicate files which occupy otherwise useful storage space. Finally, periodically reviewing backups helps avoid accumulating unnecessary clutter by deleting outdated files.”

A proactive approach to data management ensures that there is no data clutter in backups and that the data is clean. There are some steps that enterprises can take to ensure that their backup data is of clean high quality and free from clutter.

George says, “Define Data Quality Standards which includes data accuracy, completeness, consistency, and relevancy, and ensure that data backup policies align with these standards. Clean the data before backing it up which involves removing duplicate data, identifying, and correcting errors and inconsistencies, and removing unnecessary data. This ensures that only high-quality data is backed up, reducing the clutter in the backup data. Ensure that the backup aligns with data quality standards. Identify and remove any unnecessary or redundant data to reduce clutter and improve the quality of backup data. Use Data Deduplication as this reduces the amount of backup data, making it easier to manage and improving the quality of the backup data. Implement Backup Validation that confirms that backup data is complete and accurate. Implement Data Archiving that moves old and rarely accessed data from backups to a separate archive storage. This may significantly reduce the size of the backups, making them easier to manage.”

Clean backup data ensures that organizations are ready to get back online in no time in case of any untoward incidents that lead to data loss.

Vinay says, : Ensuring that data backup is clean and of high quality is critical to ensure backup is effective and can be relied upon in the event of data loss or corruption. This can be achieved by implementing data deduplication and compression techniques, performing regular data audits, using backup software with data validation features, implementing data retention policies, performing regular backups, and ensuring data integrity.”

Use start-of-the-art data deduplication technologies and perform regular inspections to ensure that the data you back up is in line with the regular schedule and is reliable.

Damir says, “A few recommendations include creating a data retention policy which specifies what gets backed up; automating the process to abolish mistakes; frequently validating backups for accuracy; lastly utilizing version control tools. Safeguarding critical business information from loss or theft requires proactive efforts such as developing an effective backup plan. By regularly inspecting backup logs and investigating any problems identified, companies can take corrective action before serious issues arise. Furthermore, using advanced technologies such as data deduplication tools enables the identification of duplicate files which occupy otherwise useful storage space. Finally, periodically reviewing backups helps avoid accumulating unnecessary clutter by deleting outdated files.”

Following these strategies, enterprises can ensure that their data is well taken care of and focus on moving ahead in terms of business goals and objectives.

18 CXO DX / APRIL 2023
» COVER STORY

BOOSTING CYBERSECURITY READINESS

Ross Brewer, Chief Revenue Officer of SimSpace discusses the cybersecurity landscape

What are the key threats on the cybersecurity landscape as far as Businesses are concerned?

The worldwide increase in nation-state attacks in the last year has disabled and disrupted governmental websites, critical infrastructure and operational systems. With the commercial sector now facing the same tactics and techniques from ransomware, phishing and malware attacks, commercial organisations should be preparing for a cyberwar now transcending geographical boundaries.

Hackers are targeting businesses with complexity and frequency, with the intention of disrupting day-to-day operations, stealing sensitive or personal data and inflicting reputational damage. IBM’s cost of a data breach report found the global average breach cost AED15.98m, with the GCC average now at almost double that (AED27.4m).

Businesses should now be transitioning to a cybersecurity strategy that aims to test their defence capabilities in realistic simulated environments, mitigating risk.

Hackers also seek to inflict internal damage on systems which can leave businesses offline for weeks or even months. Both scenarios can result in top-line losses and dents in share price. By implementing government grade cybersecurity, key stakeholders such as customers, investors and board members can be confident in their business cyber-readiness.

What are some of the best practices to build cyber resilience in the era of hybrid workforces and increased cloud deployments?

Train, train, train. Businesses need to be constantly testing their people, processes, and technology within a safe, simulated environment like a cyber-range. Mil-spec cyber ranges provide high fidelity replicas of a business’s production network allowing them to test their ability to detect, identify, and respond to a cyber-breach.

When it comes to Zero Trust Implementation, CISOs and executives are losing sleep over whether implementing a new framework will slow down operations. By deploying a business’s Zero Trust model within a cyber range, continuous user validation can be achieved without disrupting critical business workflows.

Organisations can then begin the process of continual improvements, identifying weaknesses in their defence procedures, establishing new success benchmarks and quantifiably tracking their safeguarding practices. Businesses can financially optimise their

security stack, offloading unnecessary and inefficient tools.

Johannes Ullrich Dean of Research, SANS Technology Institute

Testing these capabilities off the production network also allows businesses to maintain their uptime whilst implementing a trainto-fail mind set. Using a cyber-range allows businesses to push their cybersecurity defence systems to their limits, placing businesses in a better position to defend and recover when a real cyberattack occurs.

How much of AI and automation is now key to successful detection and remediation in different cybersecurity solutions? Automated cybersecurity processes in cyber range environments can allow the enhanced customisation of reusable range elements. This allows for the adaptability of ranges to suit a myriad of business needs – if an organisation wants to test a defined part of the network or against specific techniques, they can.

The importance of automation in these cybersecurity elements lies in the agile nature of attackers. Businesses need solutions that can adapt to new tactics and techniques, utilising automated knowledge bases such as MITRE ATT&CK, reducing the time to test and validate their performance against the latest attacks and vulnerabilities.

19 APRIL 2023 / CXO DX » INTERVIEW
Ross Brewer Chief Revenue Officer, SimSpace

BEST PRACTICES FOR BACKUP

Dr. Johannes Ullrich, Dean of Research at SANS Technology Institute discusses the importance of a strategic approach to creating data backup

vulnerabilities evolved with the acceleration of cloud migration/other evolutions of the cyber threat landscape?

Attackers are exploiting backup system vulnerabilities to access confidential information or to disrupt recovery after a ransomware incident. Cloud backups are often more vulnerable. Controls used to monitor access to on-premise backups do not always translate one-to-one to cloud-based systems. Designing a cloud-based solution, organizations need to consider how access is controlled, how requests to retrieve or store data are authenticated and how the backup live cycle from creation over retrieval to eventual deletion is managed.

What actionable best practices should organizations keep in mind to ensure their backup systems are stored safely and securely?

Backup systems need to be redundant and diverse. It does not help to have three copies of your data using the same cloud provider (even if the data is located in different zones). Use different technologies like on-promise, off-site/offline, and cloud.

How should organizations approach balancing both cloudbased and on-premise backup options relative to their unique risk profile? What steps should be taken in order to effectively fuse both options together?

Data should be considered "at risk" if it can't be found in at least three locations. Organizations should aim to maintain an on-premise copy, a cloud or online-remote copy, and an offline remote copy of critical data. In particular, sophisticated ransomware will attempt to disrupt recovery from backups, and any online backup, remote or local, is at risk.

What are the primary vulnerabilities of large enterprise backup systems that threat actors target? How have those

How can organizations mitigate the drawbacks of data backups, such as elongated restoration processes and narrow recovery windows?

One of the main reasons to invest in on-premise backups is to speed up recovery. Cloud and offsite backups will almost always be slower. In some cases, cloud backup providers may have mechanisms to accelerate the recovery of large amounts of data by shipping hard drives instead of using slower internet connections. Make sure you test recovery speed in order to better estimate how long it will take to recover large amounts of data.

What additional data security tools should organizations leverage in conjunction with backup systems?

Any data leaving your direct control, for example, physical backup media being shipped offsite, or cloud-based online backups, need to be encrypted before they leave the network you control.

Backups need to be encrypted while in transit but also while at rest at the backup location. This may, in some cases, cause additional complexity, but rarely used backup data should always be encrypted.

20 CXO DX / APRIL 2023 » INTERVIEW

BUILDING CYBER RESILIENCE

Anton Shipulin, Industrial Cybersecurity Evangelist, at Nozomi Networks discusses the threat landscape and the need for more investment to enhancing visibility and continuous security monitoring

What are the key threats on the cybersecurity landscape as far as businesses are concerned?

Information technologies these days are a key business component in any sector, therefore cyber risks are business risks, as they impact business operations. The prime cyber threats nowadays are sabotage and financially motivated attacks, using such techniques as ransomware, malware, social engineering, data theft, denial of service and supply-chain attacks, from threat actors like state-sponsored actors, cybercriminals, hacker-for-hire actors, and hacktivists.

What are some of the best practices to build cyber resilience in the era of hybrid workforces and increased cloud deployments?

To build cyber resilience, the ability to continuously deliver the intended outcome, despite cyberattacks, public and private organizations should follow the defense-in-depth approach, mitigating cyber risks for processes, people, and technologies across all IT architecture levels. There are international and national frameworks that can be helpful for choosing best practices, e.g. the Cyber Resilience Review by the United States Department of Homeland Security (DHS). Organizations should continue to carry out asset identification and network security monitoring, both essential processes for cyber resilience.

From your solutions point of view, how do you see the awareness of the region's customers and the need to invest in the enterprise segment?

We see that cybersecurity awareness has changed for the better in recent years across the Middle East region and globally. Most executives understand that there are cyber risks for their organizations and business processes, but at the same time, we see that many organizations, especially industrial and critical infrastructure don’t have proper visibility into their systems and network processes in the IT, IoT, and OT environments. Further investment is needed surrounding visibility and continuous security monitoring.

How much of AI and automation are now key to successful detection and remediation in different cybersecurity solutions?

Cyber threats are growing in scale, number, and sophistication, but people’s physical capabilities of both users and security professionals are limited, proving why security automation is a must. It might handle the majority of security operations, detection,

analysis, correlation and even response, while security professionals supervise and tune the automation. Applying AI for security is a new level of security automation, that helps detect cyber threats faster and more accurately.

Are SOCs in the enterprise or delivered via managed services a necessity?

Yes, a security operation center is a central part of security operations that is meant to automate and integrate different security processes with each other, namely: cyber threat intelligence, continuous monitoring of suspicious and anomalous activities, event correlation, attack detection, and incident response.

21 APRIL 2023 / CXO DX » INTERVIEW
Anton Shipulin Industrial Cybersecurity Evangelist, Nozomi Networks

ENHANCING CYBERSECURITY POSTURE

Jose Menacherry, Managing Director, Bulwark Technologies discusses different aspects of the fast-evolving cybersecurity landscape from threats to scarcity of resources and continued demand for point solutions as well as the need for better cybersecurity awareness in this conversation with CXO DX

Do you see Businesses appreciating the need to invest in cybersecurity more these days or does this understanding needs to be better?

There is still a lack of adequate understanding of the cybersecurity challenges and how to address them, and this calls for educating them more on the cybersecurity awareness front. Additionally, there is a scarcity of skilled resources in cybersecurity, due to which some organizations are taking the services of managed security providers. Several companies seem to be considering managed security services as an option to enable continuous monitoring of their cybersecurity landscape and strengthen their overall cybersecurity posture.

How do you think customers need to balance the need for point security solutions vis-a-vis a consolidated approach? There is always demand for point solutions. For instance, email is still a major threat vector and is the easiest point of entry into the network. Email security continues to see good demand from customers. The challenge is that with new types of threats evolving, they can’t wait for a consolidated solution to come along, and therefore at times, they need to invest in a point solution that could address their immediate concerns. However, at some point, they need to consider consolidation by integrating such point solutions with their existing security fabric for better security management.

How do you ensure customers are aware of all solutions you carry?

How do you see the threat landscape evolving?

The cybersecurity landscape continues to see changes every year in terms of new threats, breaches, and solutions. Advanced technologies are used on both sides by cybersecurity providers and by cybercriminals. Even Cybercrime as a Service is also available, enhancing the threat potential manyfold to organizations.

How challenging does it become for solutions to address the enhanced threats?

Vendors have historically addressed these evolving threats with solutions that effectively address customers’ concerns or pain points. This is why it becomes important for customers to choose solutions wisely that address various aspects of cybersecurity.

Events like GISEC is a good platform for us to interact with end customers, partners, and even new vendors. We regularly communicate with end customers and our channel partners to understand their security needs and update them about our latest solution. We also participate in other security-focused events in the region, conduct regular webinars / email campaigns, and are active on social media platforms. We offer a combination of solutions in different areas. For instance, our data security solution suite address the security of data from the time it is generated or enters the network, data in motion / at rest / in backup storage and even after it exits the network. We have DLP, data classification, DRM solutions, Managed File Transfer, Storage security and encryption solution which are very well integrated to take care of the security of data anywhere. Likewise, there are other solutions by combining multiple security products after understanding the customer needs through a consultative approach.

22 CXO DX / APRIL 2023 » INTERVIEW
John Cotterell Jose Menacherry Managing Director Bulwark Technologies

FOCUSING ON RISK MANAGEMENT

Darren Craig, CEO, RiskXchange speaks to CXO DX about how the company’s solution focuses on managing risks across attack surfaces.

Discuss the solution you offer.

We provide a Risk Management platform that covers security vulnerabilities, security configuration challenges as well as compliance issues. Our solution helps monitor all cybersecurity vulnerabilities continuously. We also enable them to deploy a compliance assessment program for the organization. We also enable them to carry out the same compliance and security checks across their supply chain.

It is a SaaS-based solution and can be run from a browser. They will have all the analytics on the dashboard and the customer will get all alerts if they have security issues in their systems or if there are any vulnerabilities at their supplier end.

Elaborate about the use case scenarios for your solutions

The supply chain is one of our large focus areas and use-case scenarios. That of because 42% of security breaches come in through the supply chain. One of the other use cases is digital risk protection. So that includes the discovery of cybersquatting threats, leakage of digital corporate credentials across attack surfaces, and dark web monitoring. RiskXchange Account Takeover Prevention system can detect and alert these corporate credential exposures to enable infiltration into the company’s accounts and systems using the stolen credentials.

If a company wants to monitor the dark web for instance, related to intellectual property infringements, we can do that for them automatically. The threat could like someone wanting to copy their website, which commonly happens a lot in the case of e-commerce websites. The RiskXchange Impersonation Protection system continuously monitors your domains and issues alerts in case of brand impersonation, thus enabling you to take immediate action and prevent any reputational damage or financial loss. RiskXchange Dark Web Monitoring system delivers accurate, actionable, configurable alerts to identify and prevent threats before they impact your business.

Our platform also offers digital asset discovery. We enable attack surface management across all digital assets of the customer with complete visibility into everything owned, including IP addresses, domains, certificates, and cloud assets. We constantly monitor these assets, bring their attention to vulnerabilities and also tell them how to fix them.

How is the demand for these solutions in the region?

We are seeing demand with enterprises that are concerned about their external cybersecurity posture. We are also seeing a growing demand for 3rd party and 4th-party risk management. Traditionally organizations didn’t have a way to manage these risks. They may have had a spreadsheet for instance to do that, which didn’t serve the purpose as it was not often validated and was done once at the end of a year typically. That can now be replaced with our automated platform that 24 by 7 monitors and discovers all vulnerabilities, checks for compliance for all well known compliance standards in the region as well as globally.

Elaborate on your operations in the region and focus?

We set up operations here just over a year ago and around the same time, partnered with Bulwark. We are looking to strengthen brand awareness with more customers here. We have a good number of large customers worldwide and likewise want to replicate the growth here.

23 APRIL 2023 / CXO DX » INTERVIEW
Darren Craig CEO, RiskXchange

TOWARDS DATA MINIMALISM

Matt Watts, CTO, NetApp explains how reducing the data a company holds and moving it to the cloud will reduce emissions

By 2025 the global “datasphere” is estimated to reach a staggering 180 zettabytes (Statista). If the datasphere continues to grow at the current rate, by 2030 we are likely to exceed a yottabyte (a million trillion megabytes) of data created in a single year.

The shocking revelation however is that over 68% of the data we are storing in data centers across the UK is never used again after it has been created.

For businesses to maximise their chances of success in the new economy, they must develop and embrace a digital presence and cultivate assets with sustainability at the heart of their approach.

It is more important than ever to reduce the

data businesses hold in order for organisations to ultimately reduce their carbon emissions meaningfully.

Data minimalism

One way of minimising the data businesses hold in a systematic and effective way is by creating and following a data strategy with data minimalism at the heart of it. By reducing the data a company holds, leaders will be able to cut costs as well as being one step closers to meeting Environmental, Social Governance targets.

3 steps to reduce your data

As data becomes essential to optimise businesses processes, companies need to find ways to create conducive environments for them to unlock their data’s potential. Businesses can focus on the following three areas

of your data strategy to minimalize their data storage and overall power usage across all your technology stacks.

First, businesses need to know how much data they have and where it is located to remove it. Visibility across your data stack is essential on both premises, hybrid cloud and cloud environments. Businesses must utilise effective data management software that works across all their data siloes to understand how much data they can reduce. From this action, businesses often manually remove data that is clearly corrupted, inactive or duplicated.

Secondly, and once the visibility is attained, businesses can then begin categorising data that is needed for legal processes and what must be removed. A thorough understanding

24 CXO DX / APRIL 2023
» COLUMN

of what is needed and what is not necessary is fundamental in meeting legal governance and sustainability requirements. Banks for example utilise strict categorisation procedures to prioritise which data stacks need extra cyber security protection and uncover fraud.

Finally, bringing on board a trusted advisor at this stage might be useful to help provide extra support here. For example, are there ways to become more efficient in where data is being saved? Can some storage locations be consolidated to save costs? Could an organisation move more of their data into the public cloud, and work with one of the hyperscaler providers to improve the environmental impact storing and managing their data is having?

Through this strategy you can ensure that you only store the data you need, cutting surplus costs and reducing your carbon emissions to meet your sustainability targets.

The upside to downsizing

The sheer amount of data organisations are producing, collecting, and accessing today means that informal and ad hoc approaches to collecting and managing data is no longer enough. And that’s not even before you start to think of the environmental and sustainability impacts – something that is higher on the boardroom agenda, in a world where stakeholders are much more focused on a business’ Environment, Social and Governance credentials. Data strategies are tailor-made and specifically designed to improve data management across a whole organisation, giving departments the support they need to work in alignment with each other, rather than against each other.

Data minimalism may sound counter-intuitive, especially at a time where the value of data is skyrocketing. However, implementing data minimalism can reduce your workload for your business, while ensuring data is clean, of a higher quality, and well governed, in order to reduce security and privacy risks,

as well as unnecessary power usage that leads to increased CO2 emissions.

Some sectors have additional mandates to follow when it comes to data. Financial services organisations for example must collect and retain a great deal of historical data as part of reporting requirements. They must put in place the right mix of storage technologies together to support these needs, in a way that is as cost-effective and sustainable as possible.

Shrinking our data footprint for a greener future

Overall, data minimalism is one of the most cost-effective ways we can reduce our emissions and carbon footprint.

With ongoing economic uncertainty and an energy crisis that is gripping the country, now is the ideal time to examine our businesses and remove unnecessary data for us to work harder, smarter, and greener for the future.

25 APRIL 2023 / CXO DX
Matt Watts CTO, NetApp
» COLUMN

WHY ASSET MANAGEMENT SHOULD BE THE CIO’S TOP PRIORITY

Ishpreet Singh, Chief Information Officer, Qualys says a comprehensive, up-to-date and accurate asset management (AM) program is the lynchpin for any IT/security team’s success

derstanding of where the organization and its tech stack sits today, those future goals will forever be out of reach. Whether you are a brand new CIO taking on IT responsibility for the first time or a seasoned CIO with years of experience, being able to cross between the big picture and the nuanced details is a necessary skill.

For example, asset management is the foundation of any organization’s information security policy. It sounds simple — to have a complete, accurate and timely list of all the IT assets that the company has in its environment. But why is it difficult in practice? And why should a CIO care about this level of detail?

The answer to this question is that without this detail, you — and your department — will always be a step behind. A comprehensive, up-to-date and accurate asset management (AM) program is the lynchpin for any IT/security team’s success. Without it, your department will struggle to drive the business impact for which they are targeted, and you are measured. Try as they might, the IT team will struggle to function effectively without AM.

In a recessionary and tumultuous geopolitical environment, digital transformation is increasingly relied upon by organizations to accelerate and maintain productivity. Companies are looking to leverage IT technologies to increase innovation and improve the efficiency of processes across their business. In doing so, business leaders — specifically CIOs — are feeling mounting pressure to gain full visibility of their organization’s infrastructure. This pressure stems from the need to meet business demand and harness the ability to mitigate the risk of any disruption that could directly impact customers, shareholders and employee data.

The ultimate goal for any CIO is to drive value for the business by enabling the secure, efficient and sustainable flow of information across the organization. But there is no free hand design when it comes to achieving this and CIOs must always be thinking ahead. Co-creating technology strategy alongside C-Suite colleagues to ensure that the organization has the business capabilities and processes it needs to meet its future goals is critical, which then transcends into working with the actual security and IT teams to ensure that each element runs and is executed smoothly.

This is easier said than done though, and for a CIO to succeed in their role, they must first focus on the present. Without a clear un-

An accurate understanding of the organization’s entire IT estate, allows security and IT teams to take necessary steps to mitigate security threats. It allows for quicker identification of misconfigurations, vulnerabilities and end-of-life hardware. It also allows for prioritization which ultimately frees up the time of security and IT staff to focus on the most pressing issues that might affect the company.

This insight brings the ability to scale much faster, and easier, alongside the business. With the CIOs intervention, IT can instead focus on enabling other business teams to deliver on their goals, which puts the CIO in the driving seat to help unlock the organization’s potential.

Look inward…

Establishing a comprehensive asset inventory seems like an obvious baseline that every organization would have by now, but research shows that 69% of organizations have experienced an attack targeting an “unknown, unmanaged or poorly managed internet-facing asset.” If you don’t know what assets you have on your corporate network, you can’t protect them. If your team can’t report on this to you, then you can’t effectively know how well those security risks are being handled. Creating a comprehensive view of your organization's assets will no doubt uncover some hidden secrets — like shadow IT implementations — that may have taken place over the years.

26 CXO DX / APRIL 2023
» COLUMN

The key goal is for the inventory not to be treated as an afterthought, but rather as the first building block. But it is all too easy for this job to be downgraded or ignored, with competition for attention against the next big malware threat or headline-making vulnerability. CIOs must emphasize that getting asset management under control and getting the basics right first allows for better concentration on other important projects and pressing issues that pop up.

Once your catalog of assets has been established, you must then work out how to keep the program up to date. For example, categorizing these assets based on how critical they are to the business ensures that they get the right level of attention, and should make it easier to decide how to manage and protect them moving forward.

Vulnerabilities exploited by bad actors most always start with endpoints / assets within an organization’s environment. It is often a “low hanging fruit” for attackers to target as numerous applications are running on different environments, assets and endpoints. Without full visibility at a CIO’s fingertips, it's almost impossible to keep up with growing threats — organizations can only mitigate once there is a clear picture of constantly changing infrastructure.

Re-gain control on end-of-service components

As software and hardware ages over time, old versions fall to the wayside. Once you have an accurate picture of your IT estate, it’s then important to map this alongside each item’s life cycle to ensure that hardware and software continue to be supported by the original manufacturer and are proactively managed in terms of vulnerabilities and patching. End-of-service components can introduce significant security risks, and proactive management should be sought to update or replace them to reduce the attack surface.

Unfortunately however, there is no industry standard for product or service life cycles, or how manufacturers may report these. But there are tools that can map known life cycle information about popular assets from within your inventory to centralize information.

As a CIO, replacing out of date software is necessary over time, but it also has to be balanced against cost and what new services can be delivered. For some projects, it may be possible to mitigate and use software for longer, but for others, there will come a time when a replacement will need to be carried out. The alternative is to leave that software running, which can lead to future exploitation.

Normalize, categorize and prioritize

Within any enterprise organization, there are likely to be tens of thousands of assets to identify and manage. This is where security tooling can help your team manage at scale, and automate processes to save manual intervention for repetitive tasks. Combining your asset inventory with end-of-life and end-of-service information allows you to view all relevant information within a single management pane rather than the team manually searching for the information. The earlier categorization of assets is useful here as you build agreed sets of rules around particular low risk assets to ease your team’s workload and allow them to focus on higher value tasks.

Get the holistic view

Asset management can be complex and focused on detail. As you scale up infrastructure and use more platforms to meet your business needs, it is difficult to keep up with potential risks.

Asking the question “what does my organization look like from a hacker’s point of view?” gives a holistic view of an entire IT asset estate. This practice of scanning for any internet-facing devices helps to understand what an attacker would see, and most importantly, how they might exploit what they see. Attack Surface Management is contingent upon a strong asset management approach and takes this practice one step further by assessing the security levels of all of those identified assets. Like asset management, this should be a continuous process to discover, classify and assess.

For the CIO, approaches like Attack Surface Management can help to build up that picture of risk to the business. This can then be translated into terms that the leadership team can understand. Speaking about risk is much more helpful — and more likely to be listened to — and so can be used to justify the work that your team is putting in.

Getting a firm understanding of every IT asset under your control might seem like a level of detail too far. However, this should be a top priority for every CIO because without this, there is uneven ground to build on for the future. Investing in solutions that allow your organization to better understand, track and secure assets is critical to your success.

27 APRIL 2023 / CXO DX
Ishpreet Singh Chief Information Officer Qualys
» COLUMN

HACKTIVISM AND THE NEW AGE OF CYBER WARFARE

In this article, Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software, looks at the rise of a new type of hacktivism and the impact of geopolitical relations on the current threat landscape.

Hacktivism has traditionally been associated with loosely managed entities such as Anonymous. These decentralized and unstructured groups are typically made up of individuals cooperating in support of a variety of agendas and many groups have an open-door policy for recruitment. However, over the last year, and following developments in the Russian-Ukrainian conflict, the hacktivist ecosystem has matured, in both origins of source and motivations.

Hacktivist groups have tightened up their level of organization and control, and today you will see them conduct military-like operations including recruitment and training, sharing tools, intelligence and allocation of targets. For example, following Russian attacks on Ukrainian IT infrastructure at the beginning of the war, Ukraine set up an unprecedented movement called “IT Army of Ukraine.” Through a dedicated Telegram channel, its operators manage more than 350,000 international volunteers in their campaign against Russian targets. On the other side of the battlefield, Killnet, a Russian-affiliated group, was established with a military-like organizational structure and a clear top-down hierarchy. Killnet consists of multiple specialized squads that perform attacks and answer to the main commanders.

Most new hacktivist groups have a clear and consistent political ideology that is affiliated with governmental narratives. Others are less politically driven, but have nonetheless made their operations more professional and organized through specifically targeted campaigns motivated by social rather than economic objectives.

Who’s responsible and do we know for sure?

This type of cyber warfare is not only about inflicting damage. All

active groups are aware of the importance of media coverage, and they use their communication channels to announce successful attacks and re-publish them to maximize the effect and elevate the fear of such hacktivist attacks. For example, Killnet has more than 91,000 subscribers on their Telegram channel, where they publish attacks, recruit team members and share attack tools. There is also extensive coverage of the group’s activity on major Russian media outlets to promote their achievements in cyber space and validate the impact of their successful attacks on their ‘enemies’ or anti-Russia entities.

Increasingly, there is a rising trend in groups claiming responsibility for cyberattacks when in reality, they had little or no involvement in them. Germany’s flagship airline, Lufthansa, experienced a severe IT issue in early 2023 which left thousands of passengers stranded at several airports across the country. It was thought to be the result of construction work causing damage to external cabling.

Pro-Russian hacktivist group, Killnet, claimed responsibility for the attack and said it was retaliation for Germany’s support of Ukraine. The group published a statement via its social media channels saying: ‘We killed the Lufthansa employee corps network with three million requests per second of fat data packets. These were experiments on rats that were successful. Now we know how to stop any navigation and technical equipment of any airport in the world. Who else wants to supply weapons to Ukraine?’

Despite this assertive message, there is little evidence to suggest that Killnet had any involvement in the attack and were in actual

28 CXO DX / APRIL 2023
» COLUMN

fact attempting to enhance their notoriety and increase levels of fear. It is not always easy to establish who or what organisation is responsible for an attack and it is even more difficult when the incident is potentially state-sponsored.

Who is the person (or government) behind the mask

There is a big difference between claiming responsibility and being responsible. Operating under the cloak of anonymity may be seen as a way of legitimising state-sponsored attacks, but when does it become terror, not disruption?

Research conducted by the University of Notre Dame argues state-sponsored hacktivism is ‘weapons and attacks in the cyber domain intended to produce political effects similar to those usually sought as the goal or objective of a conventional use of force by states against one another’.

Such an approach means nation states can act anonymously within the cyber world, and perhaps most importantly, without fear of retaliation and without taking responsibility for the attacks. By targeting components of critical infrastructure such as financial or healthcare institutions, government buildings, energy suppliers or emergency services, attacks aim to cause maximum disruption. Though with such significant backing, the aftereffects of an attack such as this could be on a par with those where force had been used.

Prior to Russia’s invasion of the Ukraine, hacktivism was a scarcely used term in a serious context and was arguably on the

decline. However, the war prompted a surge in activity from known and unknown groups. Those unknown parties are the ones that create the most intrigue, as they are potentially being aided by government organisations to carry out attacks on targets for political gain.

For example, within 48-hours of Russia’s invasion of Ukraine there was an 800% increase in suspected Russian sourced cyberattacks. Activity hasn’t slowed either. According to Check Point Research in the second half of 2022, Killnet, the biggest Russia affiliated hacktivist groups targeted more than 650 organisations or individuals, interestingly only 5% of which were Ukrainian. It is not just Russia who are believed to be using government resources to aid cyberattacks, but groups allegedly in Iran, Israel and China also may have links to state-sponsored activity.

What will hacktivism look like in 2023?

The frequency and sophistication of attacks in this new era of hacktivism will raise questions about their origins. Who or what organisation is behind the mask and are their actions motivated by political gain or terror? In the year ahead, it will become increasingly more difficult to identify what is a government, hacktivist or cyberattack.

It may be too soon to refer to hacktivism as state-sponsored terrorism, but there is no doubt that it is becoming harder to disconnect one from the other. As geopolitical tensions continue to dominate the world agenda this new age of cyberwarfare will only get worse, before it gets better.

29 APRIL 2023 / CXO DX » COLUMN
Sergey Shykevich Threat Intelligence Group Manager, Check Point Software

THE CHIEF ZERO TRUST OFFICER: A NEW ROLE FOR A NEW ERA OF CYBERSECURITY

John Engates, Field CTO at Cloudflare believes the emergence of the new role of the CZTO will help lead the Zero Trust initiative, align teams and break down barriers to achieve a smooth rollout

Over the last few years the topic of cyber security has moved from the IT department to the board room. The current climate of geopolitical and economic uncertainty has made the threat of cyber attacks all the more pressing, with businesses of all sizes and across all industries feeling the impact. From the potential for a crippling ransomware attack to a data breach that could compromise sensitive consumer information, the risks are real and potentially catastrophic. Organizations are recognizing the need for better resilience and preparation regarding cybersecurity. It is not enough to simply react to attacks as they happen; companies must proactively prepare for the inevitable in their approach to cybersecurity.

The security approach that has gained the most traction in recent years is the concept of Zero Trust. The basic principle behind Zero Trust is simple: don't trust anything; verify everything. The impetus for a modern Zero Trust architecture is that traditional perimeter-based (castle-and-moat) security models are no longer sufficient in today's digitally distributed landscape. Organizations must adopt a holistic approach to security based on verifying the identity and trustworthiness of all users, devices, and systems that access their networks and data.

Zero Trust has been on the radar of business leaders and board members for some time now. However, Zero Trust is no longer just a concept being discussed; it's now a mandate. With remote

or hybrid work now the norm and cyber-attacks continuing to escalate, businesses realize they must take a fundamentally different approach to security. But as with any significant shift in strategy, implementation can be challenging, and efforts can sometimes stall. Although many firms have begun implementing Zero Trust methods and technologies, only some have fully implemented them throughout the organization. For many large companies, this is the current status of their Zero Trust initiatives - stuck in the implementation phase.

A new leadership role emerges

But what if there was a missing piece in the cybersecurity puzzle that could change everything? Enter the role of "Chief Zero Trust Officer" (CZTO) – a new position that we believe will become increasingly common in large organizations over the next year.

The idea of companies potentially creating the role of Chief Zero Trust Officer evolved from conversations last year between Cloudflare's Field CTO team members and US federal government agencies. A similar job function was first noted in the White House memorandum directing federal agencies to “move toward Zero Trust cybersecurity principles” and requiring agencies “designate and identify a Zero Trust strategy implementation lead for their organization” within 30 days. In government, a role like this is often called a "czar," but the title "chief" is more appropriate within a business.

30 CXO DX / APRIL 2023
» COLUMN

Large organizations need strong leaders to efficiently get things done. Businesses assign the ultimate leadership responsibility to people with titles that begin with the word chief, such as Chief Executive Officer (CEO) or Chief Financial Officer (CFO). These positions exist to provide direction, set strategy, make critical decisions, and manage day-to-day operations and they are often accountable to the board for overall performance and success.

Why a C-level for Zero Trust, and why now?

An old saying goes, “when everyone is responsible, no one is responsible.” As we consider the challenges in implementing Zero Trust within an enterprise, it appears that a lack of clear leadership and accountability is a significant issue. The question remains, who *exactly* is responsible for driving the adoption and execution of Zero Trust within the organization?

Large enterprises need a single person responsible for driving the Zero Trust journey. This leader should be empowered with a clear mandate and have a singular focus: getting the enterprise to Zero Trust. This is where the idea of the Chief Zero Trust Officer was born. "Chief Zero Trust Officer" may seem like just a title, but it holds a lot of weight. It commands attention and can overcome many obstacles to Zero Trust.

Barriers to adoption

Implementing Zero Trust can be hindered by various technological challenges. Understanding and implementing the complex architecture of some vendors can take time, demand extensive training, or require a professional services engagement to acquire the necessary expertise. Identifying and verifying users and devices in a Zero Trust environment can also be a challenge. It requires an accurate inventory of the organization's user base, groups they’re a part of, and their applications and devices.

On the organizational side, coordination between different teams is crucial for effectively implementing Zero Trust. Breaking down the silos between IT, cybersecurity, and networking groups, establishing clear communication channels, and regular meetings between team members can help achieve a cohesive security strategy. General resistance to change can also be a significant obstacle. Leaders should use techniques such as leading by example, transparent communication, and involving employees in the change process to mitigate it. Proactively addressing concerns, providing support, and creating employee training opportunities can also help ease the transition.

Responsibility and accountability - no matter what you call it

But why does an organization need a CZTO? Is another C-level role essential? Why not assign someone already managing security within the CISO organization? Of course, these are all valid questions. Think about it this way - companies should assign the title based on the level of strategic importance to the company. So, whether it's Chief Zero Trust Officer, Head of Zero Trust, VP of Zero Trust, or something else, the title must command

attention and come with the power to break down silos and cut through bureaucracy.

New C-level titles aren’t without precedent. In recent years, we've seen the emergence of titles such as Chief Digital Transformation Officer, Chief eXperience Officer, Chief Customer Officer, and Chief Data Scientist. The Chief Zero Trust Officer title is likely not even a permanent role. What's crucial is that the person holding the role has the authority and vision to drive the Zero Trust initiative forward, with the support of company leadership and the board of directors.

Getting to Zero Trust in 2023

Getting to Zero Trust security is now a mandate for many companies, as the traditional perimeter-based security model is no longer enough to protect against today's sophisticated threats. To navigate the technical and organizational challenges that come with Zero Trust implementation, the leadership of a CZTO is crucial. The CZTO will lead the Zero Trust initiative, align teams and break down barriers to achieve a smooth rollout. The role of CZTO in the C-suite emphasizes the importance of Zero Trust in the company. It ensures that the Zero Trust initiative is given the necessary attention and resources to succeed. Organizations that appoint a CZTO now will be the ones that come out on top in the future.

31 APRIL 2023 / CXO DX
» COLUMN
John Engates Field CTO, Cloudflare

NINE WAYS SMART DATA IMPROVES FACTORY OPERATIONS

Pranish Kushare, Infor’s Sr. Principal Solutions Consultant - MEA discusses how enabling role based access to data for all workers can help them make valuable decision-making insights.

Manufacturers are increasingly turning to smart manufacturing principles, hoping to turn the shop floor into highly efficient, data-driven operations humming with synchronized precision. Unfortunately, line-of-business managers, crew leaders, and shift supervisors—the shop floor heroes— often lack easy access to the ERP system and the relevant data needed to keep production on track.

Deskless workers play a vital role in operational efficiency. Democratizing data—making data consumable for a wider population—will give these frontline users valuable decision-making insights. With role-based dashboards and reporting tools, they can drive better performance up and down the production line, from smart use of resources to reduction in rework and scrap.

Countless critical decisions are made on the shop floor every shift. The setting—notoriously noisy and fast moving—isn’t conducive to careful, prolonged pondering of influences. Fast-moving production lines require fast decisions and expedient action. At the same time, errors can be costly, eating away at profitability, wasting resources, and jeopardizing as-promised delivery times. Decisions based on guesses, one random exception, or anecdotal stories can send a team into spirals of wasted time, frustrating workers and managers alike.

Empowering front-line users

The answer is to put data in the hands of every decision-maker in the organization, even those who aren’t advanced data analysts with skills in report writing and applying artificial intelligence (AI) algorithms. Modern digital platforms provide interface tools to help users apply advanced functionality to everyday situations. Featuring low-code and no-code capabilities, the digital platform provides front-line users with role-based dashboards to track relevant key performance indicators (KPIs) and custom reporting to investigate emerging trends. Quickly, dynamic insights are within

reach of machine operators, maintenance technicians, and material handling engineers, scheduling clerks, and shift leaders.

Data drives speed and accuracy

Operational-level access to data is especially helpful in preventing gaps in workflows and avoidable delays. Frontline workers can get immediate answers to design questions or specifications on a custom work order. Access to information keeps production lines moving as planned, with minimal interruptions because of questions, disconnects between departments, or stockouts.

Advanced analytics can go even further to keep the shop floor operating smoothly and profitably. Managers can delve into exceptions and tracking influencing variables. They can find opportunities for improvement, such as eliminating quality roadblocks or controlling down time.

Practical applications

As artificial intelligence (AI) and machine learning (ML) have moved into the mainstream, manufacturers are increasingly seeking practical applications for data insights. Proof of concept projects are being replaced by ones which promise a timely, measurable return on investment. The shop floor offers many practical applications for AI-driven insights. Routine processes can be automated, streamlining the need for human interaction. Only anomalies or exceptions need to be routed to supervisors for individual attention. Streamlining the data flow will also help keep various teams apprised of real-time updates and needs. No one is out of the information loop, falling behind on evolving expectations. One data-driven digital thread will connect every stage in shop floor operations.

Here are nine examples of how democratized data helps boost productivity:

1. Custom quotes and bill of materials. Efficiently managing

32 CXO DX / APRIL 2023
» COLUMN

make-to-order, engineer-to-order, and configured products requires an automated system for generating rules-based quotes and matching bills of materials. Once the customer has approved the order, the specifications must flow from sales to operations to ensure the right dimensions, features, and finishes are applied. Access to the customer order helps manager verify details, eliminating reworks or customer returns.

2. Projecting raw resources needed. Synchronizing production planning and availability of raw resources requires access to data and AI-driven predictive capabilities to prevent stock-outs. Data helps procurement managers make sure the warehouse is stocked with necessary components. Too much inventory can be just and dangerous, tying up capital and risking obsolescence.

3. Accurate scheduling. Synchronizing production runs to fulfill customer orders depends on accurate account data as well as sales, delivery promises, inventory of raw materials, and machine capacity. Working with co-manufacturers or subcontractors also requires access to information. Collaboration portals can help share information while protecting security.

4. Strategic scheduling of the workforce. With data insights, managers can track and understand performance of shifts and crews, identifying essential staffing requirements and tracking expenses. With the acute labor shortage manufacturers face today, careful scheduling of right-skilled workers is especially important.

5. Workflows. Keeping operations running smoothly with no gaps, delays, or roadblocks requires coordination among teams and sharing data on job status, equipment performance, and scheduling. Reporting can help identify trends and analyze variables, allowing managers to delve deeper into influencing factors that can be improved. Decisions can be made, changes executed, results monitored, and further refinements made. Continuous improvement can be part of the system and standardized workflows.

6. Compliance and quality control. Managers need to track, monitor, and evaluate quality standards, with a continuous feedback loop in place. As new products are introduced, specifications need to be easily updated and accessible to relevant teams. Regulation compliance, too, is critical in many industries and demands accurate reporting. Democratized access to data helps keep the details in view when and where they are needed most.

7. Waste reduction. As manufacturers strive to be more sustainable, they place a high priority on reducing waste, including energy, water, and raw resources. Reducing scrap is essential. By improving consistency and quality control, fewer units will need to be scrapped or reworked. Access to data will help crews verify proper machine settings, consult knowledge banks for typical resolutions of issues, and verify proper specifications and variables.

8. The call center. The aftermarket service operation needs real-time access to account and product details to answer customer questions about deliveries, service agreements, warranty status, and scheduled preventive maintenance. Service dispatch needs to

access the location and availability of technicians to dispatch the right person to the right job based on geography, service level agreements, and urgency.

9. First-call resolution. Field technicians at the job site need remote access to details on the unit, as-serviced history, inventory status of parts, and availability of replacement or upgrade units. A technician with the right data is seen as a trusted advisor and can often make sales in the field.

Next steps

Manufacturers considering deploying their first ERP solution or upgrading a legacy solution, often compare various vendors and the functionality of their solutions. A factor that can be overlooked is the usability of the system and how accessible the data is to workers throughout the organizations. Some vendors offer ERP solutions that are cumbersome and difficult to use, meaning many of the features will simply not be used.

In contrast, some solutions offer built-in industry-specific functionality and make usability a top priority. Easy access to data is essential and a characteristic to look for in a smart ERP selection.

33 APRIL 2023 / CXO DX
» COLUMN
Pranish Kushare Infor’s Sr. Principal Solutions Consultant – MEA

Choosing a customer service solution for your enterprise

Mark Ashton, VP EMEA Customer Workflow at ServiceNow discusses the need for a modern platforms based CSM

In recent years, our concept of customer experience has evolved as the expectation of smooth and seamless interactions becomes increasingly apparent. The term ‘experience economy’ is more applicable than ever.

In this economy, exchanges between vendors and consumers must emphasise the effect they can have on people's lives.

Now, vendor choice is heavily reliant on the level of service. It’s more than just a factor, it’s a differentiator.

Organisations must implement customer service solutions to discern how they can better serve the customer at a lower cost. But achieving this aim relies on choosing the right solution, and navigating this decision can be challenging.

Choosing the right solution

Business leaders need to consider how a solution integrates with their enterprise, how future proof it is, and how efficiently it addresses specific pain points. Those who fail to consider all elements run the risk of investing in an ineffective system and poorly automated processes — both of which ultimately do more harm than good.

The process of identifying your own specific pain points can vary from organisation to organisation. A lot of business investment in the past has concentrated on the front-end customer experience, such as web interfaces and a variety of touchpoints through social media, live chat, email or telephone.

This level of accessibility is meant to be a benefit, but in many cases there are disconnects between these contact points that fail to collectively track issues. This results in customers having to navigate through a series of multiple interactions to solve a

problem that should be resolved in just one.

Additionally, we often see a ‘messy middle’. Disconnected systems and labour-intensive processes mean requests get stuck in bottlenecks, and manual tasks leave room for error. Together, these multiply inefficiencies and time wasted at the expense of customer frustration.

Resolving the issues facing organisations with CSM

Solving these problems lies with how we orchestrate tasks between customers, customer service and other teams across the enterprise, to quickly resolve issues and requests.

Customer service management (CSM) as part of a digital platform has the power to do exactly that. However, this needs to be implemented effectively. It’s about identifying the right use cases and programs that will enable people, processes and technology to work in tandem.

It comes down to clarity and collaboration: how can you offer great customer service when you don’t know who’s responded to a request in the first place? You need to identify where CSM fits into an enterprise from the front office through to the back, in order to control the process and enable task level agreement between departments so they take ownership of a case from end to end — all the way to its resolution.

The importance of platform providers

What’s equally important is using modern, platform-based solutions for CSM. These grant the ability to build a centre of excellence within your organisation which you can also expand across the enterprise through low-code and no-code configurations — without needing additional plug-ins. This way, you’re

34 CXO DX / APRIL 2023
» COLUMN

laying a strong foundation that can scale with your business and customer service requirements. As a case in point, Swarovski, a global retailer specialising in crystal jewellery and watches, has leveraged ServiceNow Customer Service Management to be more efficient in the way it manages customer requests, streamlining response times and transforming agent productivity. This has resulted in a 55% reduction in service caseloads compared to the previous solution.

It’s not just about choosing the right solution, but also the right partner to support your CSM both now and into the future. For example, impact programmes — like those offered by ServiceNow — provide enterprises with the tools to gain full insight into how they’re using the solution, and impact teams will work with you to ensure implementation is successful.

From here, a shared vision is vital to continued success. A partner should keep the organisation’s roadmap up to date in terms of technology innovation by constantly reviewing the market. This also helps to address whether the enterprise needs to code a customer service solution, or simply anticipate later platform releases that can be planned into the roadmap.

Another key part of this journey is applying partner learnings from the success that other businesses have achieved with platform-based CSM solutions in your relevant industry. Ultimately, the aim is to reflect the ethos of clarity and collaboration for futureproof customer service.

The foundations of futureproof customer service

When implemented in this manner, CSM makes it possible to permanently fix — and even prevent — issues by connecting the contact point and customer service to other departments through workflows. Customer service can identify and assign issues directly to field service, engineering, operations, finance, legal, and more.

The next step would then be to look at automation tools for enhancing efficiency further. Once workflows have been established, an enterprise has the visibility to identify other bottlenecks in its customer service processes and understand how these can be changed. More specifically, how AI or machine learning may be implemented to automate and/or optimise lengthy, repetitive processes across teams for faster resolution.

By making these changes, an enterprise can gain the added benefit of increasing employee capacity. Automated processes enable teams to move away from those repetitive tasks and shift their focus to high value work that requires a human touch — ultimately enhancing the customer experience even further.

Thriving in an experience economy

Every organisation needs the right customer service solution in place to meet the growing demands of an experience economy. But we also have to acknowledge that macroeconomics have driven us to a certain point in time where we must do more with less.

To address both elements, enterprises require CSM technology that enables teams to collectively solve problems and optimise processes for more efficient resolutions.

This comes down to choosing and implementing the right customer service solution, as well as collaborating with the right partner to keep you on the path to a more proactive approach.

35 APRIL 2023 / CXO DX » COLUMN
VP EMEA Customer Workflow, ServiceNow
"Organisations must implement customer service solutions to discern how they can better serve the customer at a lower cost. But achieving this aim relies on choosing the right solution, and navigating this decision can be challenging."

DSR-250V2 GIGABIT PORT VPN ROUTER

The D-Link DSR-250v2 Series Unified Services Routers provide highly secure, multifunctional networking solutions to small and medium businesses users. Advanced features such as WAN failover, load balancing, and an integrated firewall make this a reliable, secure, and flexible way to manage your network. With a fully-featured VPN as well as IPSec hub-and-spoke technology, secure communications between mobile employees and offices can be configured easily. Captive Portal allows employees and guest users to be easily authenticated and authorized by accessing customized landing pages. Automatic failover to another link from available Internet service provider when landline is lost.

This affordable, high-performance router also enables businesses to secure their network whether in the office, at home or out on the road. You and your colleagues can stay connected to the office anywhere, anytime. Complete VPN features, as well as IPSec Hub and Spoke technology, ensures secure communication between mobile employees and offices.

The DSR series web content filtering feature to help administrators monitor, manage and control employees’ Internet usage. Static web content filtering helps to remove malicious objects such as Java applets, ActiveX, and cookies, or to block URLs by keyword. Dynamic web content filtering, which requires a license subscription, allows administrators to filter content from

a list of categories. Multiple global index servers, with millions of URLs and real-time website data, enhance performance and maximize service availability.

Highlights:

• Automatic failover to another link from available ISP when primary line is lost.

• Support 1 x GE WAN, 3 x GE LAN, 1 GE Configurable LAN/WAN and 1 x USB 3.0 port.

• 900/200 Mbps firewall/VPN throughput, 50,000 Concurrent Sessions, and 50/20 IPsec/SSL VPN Tunnels.

• Advanced routing, VLAN and IPsec/PPTP/L2TP/OpenVPN VPN Server/Client

• Value-added office utilities to reduce OpEx/CAPEX

• Traffic load balancing and Avoid complicated maintenance issues

HID AND IPASSPORT IDENTITY VERIFICATION SOLUTION

HID, a worldwide leader in trusted identity and physical security solutions, and iPassport, a provider of solutions that enable organizations to implement digital identity technologies, recently signed a memorandum of understanding to collaborate on a new identity verification solution for the transportation industry.

Navigating through the airport requires a sequence of touchpoints and processes—from check-in to baggage drop, security checkpoint, all the way to retail/ duty-free shopping, lounge access and boarding. And with millions of travelers experiencing delays, cancellations, baggage mix-ups and the continued strain on airport staff, the passenger journey has become more complex than ever.

Airlines need reliable and swift identity verification

to provide passengers with a secure, seamless journey that’s long overdue.

With HID’s modular approach, airlines and airport operators are now able to add identity verification capabilities quickly and easily to existing systems without having to “rip-and-replace" or perform expensive migrations to a new platform altogether. This modular solution includes the following components:

• Facial Recognition Camera Hardware

• Fingerprint, ID Document & Ticket Readers

• Software Development Kits (SDKs)

• ID Proofing & Biometric Server

• Device Management

• Biometric Professional Services

36 CXO DX / APRIL 2023
» TECHSHOW

ASUS EVO LAPTOPS

ASUS has introduced its new Evo Platform Lineup of laptops to deliver the best possible performance across the board.

Zenbook 17 Fold OLED features an incredible 17.3” Foldable OLED touchscreen that folds down instantly to a compact 12.5” size for easy portability. Its folding nature allows it to be used in six distinct modes, which makes it the most versatile and transformative laptop you’ve ever used. Use it in standard laptop mode with either a virtual or Bluetooth keyboard, or unfold it entirely in Desktop or Tablet mode.

The powerful and compact Zenbook 14 OLED is just 16.9 mm slim and 1.39 kg light, with a breathtaking new design that’s timelessly elegant yet totally modern. It feature an expansive 16:10 2.8K OLED HDR NanoEdge display, a color-accurate up to 550-nit screen that’s PANTONE Validated and has a cinema-grade 100% DCI-P3 gamut. The 12th Gen Intel Core i7 Processor, Intel Iris Xe graphics, 16 GB RAM and 1 TB PCIe 4.0 SSD deliver superb performance, and there’s a long-lasting 75 Wh battery.

The ultra-lightweight Zenbook S 13 Flip OLED is an elegant and powerful companion for those

with busy lifestyles, featuring a versatile 360-degree ErgoLift hinge, a long-lasting battery and superb connectivity. The ErgoLift hinge makes it more comfortable for users to type on, as well as providing improved heat dissipation. It also allows you to instantly convert the laptop into a number of different ways, including using it with a stylus as a design tablet.

Highlights:

• ASUS’ Evo Platform Lineup ensures that no matter which model you choose, you’ll be getting the very best that ASUS has to offer.

• A powerful Intel 12th Gen Core processor and Intel Iris X Graphics make every task easier, whether it’s streaming, browsing, editing, or just taking care of business at home.

• Super-fast Intel Wi-Fi 6 offers file transfer speeds up to three times faster than standard Wi-Fi. ASUS’ Evo Platform Lineup of laptops also awake in less than a second from being opened, which are much more responsive than ever.

With HID-patented multispectral imaging (MSI) technology and ethically trained artificial intelligence (AI) built within the HID U.ARE.U Camera Identification System, significant performance and matching accuracy are achieved.

Use of facial recognition technology throughout the airport will depend on the passeger’s prior consent during booking or check-in. Additionally, the biometric information is only stored and used during the time the passenger is in transit within the airport to help address compliance with applicable with data privacy laws.

Beyond airlines and airports, other segments of the travel industry, such as cruise ships and hospitality, can also benefit.

Highlights:

• Ethically trained and built AI to eliminate matching bias

• Industry-leading presentation attack detection (PAD) to thwart spoof attempts

• Superior performance amid challenging lighting

• Automatic face detection, capture and image quality checks—even when wearing masks

• On-device biometric processing with endpoint security for maximum protection

37 APRIL 2023 / CXO DX
» TECHSHOW

Zero Trust, human centric design and privacy programs among top cybersecurity trends

Effective and sustainable cybersecurity programs need to address key concerns

Fifty percent of CISOs will adopt human centric design to reduce cybersecurity operational friction; large enterprises will focus on implementing zero-trust programs; and half of cybersecurity leaders will have unsuccessfully tried to use cyber risk quantification to drive decision making, according to the top cybersecurity predictions revealed by Gartner.

Through 2027, 50% of CISOs will formally adopt human-centric design practices into their cybersecurity program. Gartner research shows that over 90% of employees who admitted undertaking a range of unsecure actions during work activities knew that their actions would increase risk to the organization but did so anyway. Human-centric security design is modeled with the individual — not technology, threat or location – as the focus of control design and implementation to minimize friction.

By 2024, modern privacy regulation will blanket the majority of consumer data, but less than 10% of organizations will have weaponized privacy as a competitive advantage. Organizations are beginning to recognize that a privacy program can enable them to use data more broadly, differentiate from competitors, and build trust with customers, partners, investors and regulators. Gartner recommends security leaders enforce a comprehensive privacy standard in line with GDPR.

By 2026, 10% of large enterprises will have a comprehensive, mature and measurable zero-trust program in place

A mature, widely deployed zero-trust implementation demands integration and configuration of multiple different components, which can become quite technical and complex. Starting small, an ever evolving zero-trust mindset makes it easier to better grasp the benefits of a program and manage some of the complexity one step at a time.

By 2027, 75% of employees will acquire, modify or create technology outside IT’s visibility – up from 41% in 2022. The CISO role and purview of responsibility is shifting from being control owners to risk decision facilitators. Gartner recommends thinking beyond technology and automation to deeply

engage with employees to influence decision making and ensure they have appropriate knowledge to do in an informed way.

By 2025, 50% of cybersecurity leaders will have tried, unsuccessfully, to use cyber risk quantification to drive enterprise decision making.

Gartner research indicates that 62% of cyber risk quantification adopters cite soft gains in credibility and cyber risk awareness, but only 36% have achieved action-based results, including reducing risk, saving money or actual decision influence. Security leaders should focus firepower on quantification that decision makers ask for, instead of producing self-directed analyses.

By 2025, nearly half of cybersecurity leaders will change jobs Gartner suggests that while eliminating stress is unrealistic, people can manage challenging and stressful jobs in cultures where they are supported. Changing the rules of engagement to foster cultural shifts will help.

By 2026, 70% of boards will include one member with cybersecurity expertise.

For cybersecurity leaders to be recognized as business partners, they need to acknowledge board and enterprise risk appetite. This means not only showing how the cybersecurity program prevGartner recommends CISOs get ahead of the change to promote and support cybersecurity to the board and establish a closer relationship to improve trust and support.

Through 2026, more than 60% of threat detection, investigation and response (TDIR) capabilities will leverage exposure management data to validate and prioritize detected threats, up from less than 5% today.

As organizational attack surfaces expand due to increased connectivity, use of SaaS and cloud applications, companies require a broader range of visibility and a central place to constantly monitor for threats and exposure. TDIR capabilities provide a unified platform or ecosystem of platforms where detection, investigation and response can be managed, giving security operations teams a complete picture of risk and potential impact.

38 CXO DX / APRIL 2023 » TRENDS

Why train with ETC?

We operate a large number of courses in line with the latest vendor-accredited requirements.

- A wide choice of vendor-accredited training courses; inclusive of training modules

- Courses combine world-class instructor-led training, knowledge transfer sessions and hands-on labs

- State-of-the-art training suites and demo areas

- Extensive remote and virtual training options

- Bespoke training available at customer/third-party locations

Scan this QR code for more information.

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.