cyber sentinels - day two
DESCRIPTION
This issue covers the best of Day two Gisec-2015, Dubai, UAETRANSCRIPT
DAY TWOBY INSIGHT PARTNER
CYBER SENTINELSYOUR PREVIEW TO THE GULF INFORMATION SECURITY EXPO & CONFERENCE AND THE FIRST EVER GULF ENTERPRISE MOBILITY EXHIBITION & CONFERENCE
HIGHLIGHTS
PIC OF THE DAY
Lt. General Dahi Khalfan Tamim, Deputy Chairman of Police and General Security inaugurating GISEC 2015
QUOTE OF THE DAY
“Keeping abreast with advanced cyberthreats, revolutionary initiatives and strategies must be in place to secure this digitalised era,”
TRIXIE LOHMIRMANDSENIOR VICE PRESIDENT, DUBAI WORLD TRADE CENTRE.
TODAYS GUESTS
FARID FAROUQ, 10.10 AM
HANI NOFAL, 12.35 PM
DAN LOHRMANN, 4.00 PM
VISIT USSTAND NUMBER SR-28
SAMSUNG LAUNCHES ENTERPRISE READY GALAXY S6 EDGE At GEMEC 2015, Samsung has officially launched the Sam-sung Galaxy S6 Enterprise Offerings, which closes the gap between business and consumer technology. One of the smartest and sharpest personal smartphones available, it fea-tures enhanced manageability, a refined email experience and improved multi-tasking offering a new level of productivity to benefit both employers and end-users.
“The Samsung Galaxy S6 represents the next step in mobility and is one of the most advanced and secure smartphones on the market. More than just a smartphone, the S6 is a business tool that increases productivity and puts what’s next in people’s hands now,” said Mr. Khaled Kamel, Head of Department, Enterprise Business, Samsung Gulf Electronics. He added, “With the Samsung Galaxy S6 Enterprise Offerings, Samsung has developed the most up-to-date mobile technology with several first of its kind breakthroughs.”
POURNAMI NAIR, STRATEGIC ALLIANCE & QUALITY CONTROL MANAGER , SPECTRUM GROUP
What is the Focus of Comguard in this edition of GISEC ?We are showcasing a wide array of secu-rity solutions with 5 of our premium vendors; Bluecat (Network & Device Management), Kaspersky &Sophos (endpoint and network security) , Nexthink(end-user IT analytics), and Ping Identity(single sign-on).
What is your expectation from GISEC? We would like to showcase what Com-guard does as a group. We have added a lot of new vendors this year as well as
last year. We have a lot of niche technolo-gies within Comguard. We would like to evangelize the technologies and show-case what the five participating vendors bring to the table to both the partners as well as the industries.
What is the key differentiator that makes Comguard stand as a class apart from the competitors?We like to believe that Comguard is a VAD in the truest sense. We started off our operations in the Middle East as Training and Professional Services com-pany. It was the other way round for us and thus we understand the true essence
Any exciting offers for GISEC 2015?We have a tweet and win campaign. TWEET & WIN - #CGisec15One lucky couple will win a 3 night/4 day all paid trip to Maasai Mara, Kenya.
and value of distribution. Plus, we have a very robust and expert pre sales and technical support team that does make us stand a class apart.
This year we are also focused to roll out a very robust CRM, as an extended arm for the vendors and partners and its key aim would be to maximize our effi-ciency of the back end processes as well. We are also initiating 24* 7 support lines.
Do you offer bundled solutions as well?We like to call ourselves a complete solu-tion provider, because at the end of the day we do evangelize from the perspec-tive of the end user. However, commer-cially we do not interact with end users, but channel everything through our partners.
Are you planning to foray into MSS too?We have started a consultancy and MSS division in 2015 with the name Recconix.
COMPLETE SOLUTION PROVIDERS
Page 04
LAUNCHES NEW SECURITY PRODCT
DAY TWO02CYBER SENTINELS
ALAIN PENEL REGIONAL VICE PRESIDENT – MIDDLE EAST AT FORTINET
Advanced Protection for Evolving Networks Brief about your company
Fortinet is a global leader in high-performance cyber security solutions. Fortinet is the only network security vendor to have its own threat intelligence, managed by its in-house global FortiGuard Threat Research team. This allows us to provide industry-leading response times to new and emerging IT threats.
What are the competitive advantages of your products?
Strong focus on research & development, certified protection, FortiGuard Labs: in house security research and services and of course unique technology platform
How many products do you have?From wired/wireless networks and messag-ing systems to web applications, databases and much more, Fortinet’s solutions portfo-lio helps secure the broad enterprise infor-
mation infrastructure. In parallel, Fortinet’s centralized management and reporting solutions allow customers to effectively manage and monitor any Fortinet deploy-ment, from a few devices to thousands of appliances and endpoint security agents. With Fortinet solutions, customers benefit from simplified management, added con-trol and get a global view of their security status in real time.The FortiGate Network Security Platform delivers the best levels of
BORDERLESS ENTERPRISES
WERNER HEEREN, RSD HIGH GROWTH MARKETS - FLUKE NETWORKS - REGION MEAT
How significant is GISEC 2015 for Fluke?This year edition is really important for us as we would be showcasing and promoting our Borderless Enterprise solu-tion. Its one of the latest enhancements to our portfolios wherein we seek to provide enterprises with utmost mobil-ity and workspace freedom.
Apart from the borderless enterprise, what other solutions are you planning to unveil ?Fluke is launching a new component to the Network and Application Performance space, which is the TruVIEW. Its unique VOIP module which passively monitors appli-cation transactions as they occur and reports response time for user, network and application tiers. Application transaction details are stored and can be leveraged for troubleshooting, baselining, error detection, performance and availability analysis, trend reporting, and many other functions.
What roadmap would GISEC set for Fluke?We wish to use this platform to get to know our end-users and target audience and make them realize that emerging challenges in WLAN security, SaaS, mobility, unified com-munications and data centers. ë
performance and protection while simpli-fying the network.
How are you present in various countries in this region?Fortinet is a 100% channel driven com-pany, and are well represented by our part-ners across the region. Exclusive Networks is our main distributor for the GCC, while Oxygen covers Saudi Arabia, and Online Distribution covers Pakistan.
Briefly tell about your part-ner ecosystem and engagement strategyOur partners’ ecosystem is growing to match our revenue growth and reach. We refined our partner program this year as well to make sure it will reach our part-ners expectations. The ME Channel team grew as well relatively and we are focus-ing on an early engagement model with our partners and our distributors. We are providing all needed tools and support to make sure we have happy and satisfied partners that they can deliver the best in class support to our customers .
Highlight the major deploy-ments done in the past one yearAmong our many major deployments last year, one of the noteworthy ones was with the Holy Spirit University of Kaslik, Lebanon . ë
DAY TWO 03CYBER SENTINELS
www.gecopen.com
GLOBALENTERPRISECONNECT
B R O U G H T B Y
O R G A N I S E D B Y
SEP-OCT 2015
3CONTINENT
7COUNTRIES
700TOP IT EXECUTIVES
UAE
FIDELIS CYBERSECURITY TO GO TO MARLIN EQUITY PARTNERS FROM GENERAL DYNAMICS
Marlin Equity Partners (“Marlin”) has signed a definitive agreement to acquire Fidelis Cybersecurity Solutions from General Dynamics. Fidelis Cybersecurity Solutions offers a comprehensive portfolio of prod-ucts, services, and expertise to help custom-ers combat today’s sophisticated advanced threats and to prevent data and intellectual property theft. The transaction is expected to close in Q2 2015. At that time, Peter George, who is currently president of General Dynamics Fidelis Cybersecurity Solutions, will become CEO of the new independent company, Fidelis Cybersecurity.
Fidelis’ flagship product, Fidelis XPS, is an advanced threat defense platform which is recognized by many of the large organiza-tions around the globe as highly effective in detecting and preventing not only initial malware infections, but also the subsequent spread of malware and the theft of informa-tion. Fidelis complements this solution with an elite incident response team which is on the frontline helping customers investigate breaches and stop zero days, and a threat research team conducting original research and incorporating real-time insights into Fidelis XPS.
Peter Chung, a principal at Marlin, said, “Marlin is very excited to partner with Fidelis’ world class management team to expand and grow the company’s industry-leading solutions. As global cybersecurity threats continue to become more prevalent, Fidelis’ technology is uniquely positioned to help customers defend themselves against advanced malware attacks and internal and external data theft.”
RETHINKING THE RISK: BT LAUNCHES NEXT GENERATION CYBER SERVICEBT has launched BT Assure Cyber, an advanced security platform designed to offer complete and comprehensive monitoring, detection and protection against cyber threats targeted at private sector and government organisations. The new solution builds on BT’s extensive knowledge in the security field and combines a blend of carefully selected tools developed by BT and its world class security partners to create and deliver a unique new service to the security market.
Mark Hughes, president of BT Security, said: “The traditional security perim-eter has dissolved. Cloud computing and mobile devices have the potential to make organisations more agile, efficient and competitive. They also introduce a multiplic-ity of new security risks. These developments take place in an environment where organic growth, mergers and acquisitions, changes in suppliers and adoption of new technologies make it increasingly difficult to assess an organisation’s exposure to the global cyber threat landscape. That changing business environment can hinder the understanding of security posture, including technical and non-technical procedures and controls that protect an organisation from internal and external threats. As innovation in technology accelerates, so must innovation and investment in the security controls that protect sensitive corporate assets from cyber-attack. Helping organisations master that changing cyber threat landscape is at the core of the BT Assure Cyber proposition. It is all about rethinking the risk.”
Mitigating Risks with End-to-end security “ The Next-Gen firewall technologies from Fortinet addresses all the sophisti-cated technology vulnerabilities that the organizations are facing today in the wake of security crisis. “ said Nader Baghdadi, Regional Director Enterprise Sales, Forti-net. He went on to add that at Fortinet, they are trying to educate their partners and customers to follow a framework that in turn ca n help them in detecting data breaches and taking acute measures for th e same . “We focus on the client device connections, how many end-users are bringing their own devices (the BYOD), then we move on to the other layers and perimeters by informing the client how we analyze the threat applications “ .
Next Generation Firewall technolo-gies from Fortinet offer integrated, high-performance protection against today’s wide range of advanced threats targeting your applications, data, and users. In addition, Fortinet now offers Advanced Threat Protection (ATP) in Fortigate Next Generation Firewalls providing
When asked about the demand for Firewalls in the region and its awareness , Nader said, “The term and idea of fire-wall dates back to 2004 or 2005 and its basic idea was to have numerous layered security for various applications. Security today is a must and UAE has gradually became a melting pot for education and awareness on security compared to its other gulf and European counterparts . At Fortinet, we believe we are the best in class. Because we go all the way from client connected device to BYOD with a multitude of technologies that provide security to the enterprises. Fortinet is venturing out of the security zone and extending arms towards the other mobil-ity technology and space as well S o we are becoming an end-to-end security solution providers “
Fortinet has just launched New For-tiGate 3000 series and an Enhanced FortiClient Endpoint Solutions at GISEC that delivers Advanced Protection from Cyber Threats, from the Inside Out .
enhanced security tools to combat and mitigate multi-vector persistent attacks. “The next gen firewall helps us to navigate and analyze the quantity of data is there to be protected and accordingly you can set the road and the right configuration “ added Nader .
NADER BAGHDADI, REGIONAL DIRECTOR ENTERPRISE SALES, FORTINET
MARK HUGHES, PRESIDENT OF BT SECURITY
DAY TWO04CYBER SENTINELS
CISCO LAUNCHES NEW SECURITY CAPABILITIES FOR PROTECTION ACROSS THE ATTACK CONTINUUM
RABIH DABBOUSSI, GENERAL MANAGER, CISCO UAE
RAVINDER JANOTRA, REGIONAL MANAGER MIDDLE EAST,CYBEROAM
SECURITY INTELLIGENCE WITH LAYER 8 TECHNOLOGYzations in the region embrace IT that is built on mobile devices, cloud, virtualiza-tion, big data and other disruptive tech forces, there’s a need to insulate businesses from potential risks that accompany these decisions. We are eager to contribute our part in driving greater security awareness at the event while showcasing our pat-ented network security innovations.”
With a strong local network of channel partners and dedicated sales teams across UAE ,OMAN,BAHRA I N , K U WA I T, QATA R , JOR DA N , LEBANON,IRAQ,SAUDI ARABIA and other countries in the region, the company has been driving a lot of secu-rity awareness for the region’s CXOs. Cyberoam is at Stand Number: SR22
security as a catalytic force while shedding light on its evolution to combat cyber security risks and threats emerging from migration to 3rd platform technologies”, said Ravinder Janotra, Regional Manager Middle East,Cyberoam. “As more organi-
Cyberoam intends to leverage the event to educate regional businesses and CXOs on its patented Layer 8 technol-ogy and shall showcase how IT and security teams in the region can ben-efit from Cyberoam’s network security innovations. With Cyber security chal-lenges and targeted attacks emerging a ‘real’ threat, network administrators in the region are inclined to deploy secu-rity that helps prevent network-based advanced targeted attacks before they cause greater damage and paralyze business. Cyberoam shall discuss its patented Layer 8 technology and dem-onstrate actionable security intelligence capabilities for the attendees.
“GISEC 2015 discusses enterprise
Cisco has added AMP Threat Grid to the Cisco Advanced Malware Protection (AMP) portfolio, which integrates innovation acquired through last year’s acquisition of ThreatGRID. This integration provides the latest malware threat intelligence and dynamic malware analysis capabilities, both on-premise and in the cloud, that strengthens Cisco AMP’s continuous analysis and zero-day detection capabilities. In addition, Cisco is introducing Incident Response Services that equip UAE organizations with teams of information secu-rity experts that leverage threat intelligence and best practices for readiness and response from network to endpoint to cloud.
New threat intelligence, dynamic malware analysis and retrospective security capabilities for Cisco AMP enhance protection across the attack continuum. Unique to Cisco AMP, the solution continuously records and analyzes file activity at and after initial inspection.
Rabih Dabboussi, general manager, Cisco UAE said, “Every day, organizations are faced with advanced threats that infiltrate and persist in company environments for months before they are discovered. We believe that the most effective way to address these real-world chal-lenges is continuous threat protection against these attacks. Further enhancements like advanced correlation of indicators of compro-mise, vulnerability mapping and expanded ret-rospective security further differentiate Cisco AMP and strengthen security teams’ responses before, during and after an attack. Attacks are occurring at an alarming rate. Unfortunately, many enterprises do not have cybersecurity professionals with the necessary expertise and skills to prepare for and mitigate these attacks. The Cisco Incident Response Services team works with businesses to address these chal-lenges, taking an intelligence-driven approach to security, so that security blind spots can be reduced and network visibility improved. Armed with this insight, Cisco can significantly minimize the impact of a breach via proven readiness and response services.”
Prevention Oriented Approach to Advanced End point AttacksPalo Alto Networks has further strengthened the cyber threat prevention capabilities of its Traps Advanced Endpoint Protection offering. According to Saeed Agha, General Manager Middle East Traps takes a unique prevention-oriented approach to addressing advanced attacks on endpoints by identifying and blocking the techniques used by attackers as they attempt to exploit vulnerability, or deliver malware directly to an endpoint.
Unlike other endpoint security solutions, this approach enables Traps to stop even unknown malware and zero-day exploits from compromising an endpoint, and eliminates the need to rely solely on signatures and security patches for protection.
The latest release of Traps, version 3.2, is now available to customers on the Palo Alto Networks Support Portal and includes new exploit prevention modules, enhanced Prevention of Unknown Malware Prevention and enhanced Scalability.
IT RISK MANAGEMENT AS A MANAGED SERVICE
JOSE THOMAS, CEO OF BULWARK
Bulwark Distribution has partnered with RadarServices Middle East. RadarServices Middle East, headquar-tered in Dubai,is the Middle Eastern arm of RadarServices, Europe’s Number 1 for pro-active IT security monitoring and IT risk management as a man-aged service. Commenting on the tie up, Mr. Jose Thomas, CEO of Bulwark explained, “RadarServices provides key services in the field of IT risk manage-ment as a managed service. We see a strong demand for such services.”
Mr. Aji Joseph, GM at RadarServices Middle East adds, “Our Risk Detection & Intelligence Service allows pro-active, continuous risk identification. No data leaves the client’s premises. There is no additional investment in personnel or
in hard- or software necessary. Results are delivered in an easy to understand Risk Cockpit, through which near-time management of potential risk becomes possible. This is how we understand IT security monitoring - strongly oriented onclient needs.”
He further explained that the high-est possible accuracy and quality of risk identification is achieved through a unique two-step process. “Automatic risk detection via correlation of events from vulnerability assessment, intrusion detection and SIEM is combined with risk assessment by our Risk Intelligence Team.”
Amongst the features of the service are risk management as a managed service, automated risk detection, risk analysis and assessment by experts (risk intelligence), active guidance for risk remediation, a risk cockpit for IT managers as well as executives, security/scalability, interoperability/automated updating.
DAY TWO 05CYBER SENTINELS
Clash of the Cyber Espionages
COSTIN RAIU, DIRECTOR OF GLOBAL RESEARCH AND ANALYST TEAM AT KASPERSKY LAB
SECUTABLET - THE SECURE TABLET FOR PUBLIC SECTOR AND ENTERPRISES
The SecuTABLET is a new, secure tablet that supplements the SecuSUITE for BlackBerry 10 portfolio and can be seam-lessly integrated into existing SecuSUITE infrastructures.
“Security is ingrained in every part of BlackBerry’s portfolio, which includes voice and data encryption solutions,” said Dr. Hans-Christoph Quelle, CEO of Secusmart GmbH, a BlackBerry com-
pany. “National and international gov-ernment customers have entrusted their voice and data communications with the Secusmart Security Card for years. This same technology is what secures the new SecuTABLET. Working alongside IBM and Samsung, we have added the last link in the chain of the Federal Security Network. Subject to certification of the SecuTABLET, German government agencies will have a new way to access BlackBerry’s most secure and complete communications network in the world.”
“The SecuTABLET closes a supply gap and opens up for government and admin-istrations an opportunity to derive greater benefit from digitization and the mobile Internet, with system integration as a fun-damental success factor,” said Stefan Hefter, Senior Management Consultant with IBM.
Kaspersky Lab has recorded a rare and unusual example of one cybercriminal attacking another. In 2014, Hellsing, was subjected to a spear-phishing attack by another threat actor and decided to strike back. The discovery was made by Kasper-sky Lab experts during research into the activity of Naikon. The experts noticed that one of Naikon’s targets had spotted the attempt to infect its systems with a malicious e-mail attachment.
“The targeting of the Naikon group by Hellsing, in some sort of a vengeful vampire-hunting-“Empire Strikes Back” style, is fascinating. However, considering
the targeting and origin of the attack, it seems more likely that this is an example of a deliberate APT-on-APT attack,” said Costin Raiu, Director of Global Research and Analyst Team at Kaspersky Lab.
Kaspersky Lab gives out three major warning to escape cyberattacks. Stay away from suspicious attachments, beware of password protected archives; update all third party apps regularly. Comguard is the authorised distributor for Kaspersky in the ME.
‘Rise of Intelligence, Demise of Analytics’ - Paladion“Business sensitivity is paramount in building an effective security framework. Our showcase at GISEC this year will focus on this aspect and reveal how security data science can provide deeper insights and enable smarter decisions for enterprises” said Firosh Ummer, Managing Director of EMEA, who believes that traditional techniques of analysis are grossly insufficient in the face of more sophisticated attacks and security related incidents.
His presentation titled ‘Rise of Intelligence, Demise of Analytics emphasizes on how organizations fail to detect security incidents due to the sheer volume of secu-rity events, false-positives, short response times and difficulty in prioritizing alerts from various security technologies.
In this session (April 28th at 13.10pm) we will discuss new techniques emerging in the area of security intelligence to help you develop a holistic security frame-work,” stated Ummer.
Citrix To Help Drive Cloud Interoperability StandardsCitrix has become a Corporate Sponsor of the OpenStack Foun-dation. NetScaler and XenServer solutions from Citrix are used as core infrastructure for some of the largest cloud infrastructure pro-viders in the world, and now the power of these products will reach customers choosing to build their clouds on OpenStack.
Commenting on this, Klaus Oestermann, Senior VP and GM, Delivery Networks, Citrix said, “We’re pleased to formally spon-sor the OpenStack Foundation to help drive cloud interoperability standards. Citrix products like NetScaler, through the recently announced NetScaler Control Center, and XenServer, are already integrated with OpenStack. Our move to support the OpenStack community reflects the great cus-tomer and partner demand for Citrix to bring the value of our cloud and networking infrastruc-ture products to customers run-ning OpenStack.”
Lew Tucker, Vice President and CTO, Cisco and Board Member, OpenStack welcomed Citrix to the OpenStack Foundation as a Corporate Sponsor, and applauded their commitment to open industry standards. “Citrix’s membership is a testament to the growth and matu-rity of the OpenStack community. We plan to build upon our existing relationship with Citrix to sup-port customers looking to deploy Mirantis OpenStack with NetScaler and XenServer”, commented Boris Renski,CMO, Mirantis.
Jonathan Bryce, Executive Director, OpenStack Foundation said, “Diversity and choice are two powerful drivers behind both the success of OpenStack and the growing list of companies who have chosen OpenStack as their infrastructure platform. We’re glad to see Citrix become a Corporate Sponsor, and we look forward to the contributions they can bring to the community as it continues driving cloud infrastructure inno-vation and software maturity.”
DR. HANS-CHRISTOPH QUELLE, CEO OF SECUSMART GMBH
DAY TWO06CYBER SENTINELS
Today’s Conference AgendaDAY TWO, MONDAY 27 APRIL 2015
10.00 Chairman’s welcome address
CYBER SECURITY MEGATRENDS CISOs CAN’T IGNORE
10.10 - 10.20 WELCOME ADDRESSFarid Farouq, Vice President IT, Dubai World Trade Centre
10.20 - 10.40 TRAILBLAZER
CISO 2020: Are you ready to be the guardian of your state?
Dan Lohrmann, ex CSO, State of Michigan, US, Chief Strategist & CSO -Security Mentor
10.50 - 11.20 TRAILBLAZER
No place to hide: Unmasking the risks and threats lurking in our cyber streets
Steve Williamson, Director IT Risk Management, GlaxoSmithhKline, UK
11.20 - 11.50 MORNING COFFEE
NEXT GEN THREATS AND VULNERABILITIES
11.50 - 12.35 KEYNOTE ADDRESS
The threat landscape and future of hacking
Les Anderson, Vice Presidnet of Cyber BT, UAE
12.35 - 13.20 KEYNOTE ADDRESS
Privacy Dilemma
Hani Nofal, Executive Director INS, GBM, UAE
13.20 - 14.30 Networking Lunch
ART AND SCIENCE OF ENTERPRISE SECURITY
14.30 - 15.00 IDEA SWAP
Before the Breach – actions to protect your data from attacks!
Manal Masoud, Principal Consultant, Paramount Computer System, UAEAmit Bhatia, Head of Information Security Governance, Oman Insurance CompanyJonas Zelba, Senior Research Analyst, Information and Communication Technologies Practice, MENA, Frost & SullivanHadi Jaafarawi, Managing Director Middle East, Qualys Inc, UAENader Baghdadi, Regional Enterprise Director South Gulf & Pakistan, Fortinet
15.00 - 15.30 IDEA SWAP
Protection from within - learnings from the Snowden affair
Ahmed Baig, Senior Director – Corporate Strategy, Risk & Excellence, Smartworld - A Dubai Government Entity, UAENick Pollard, Senior Director Professional Services, EMEA & APAC, Guidnace Software Inc, UAE
15.30 - 16.00 AFTERNOON TEA
16.00 - 17.00 TRAINING SESSION
Hands-on-Session: How do you build a vigilint security culture in your organisation?
Dan Lohrmann, ex CSO State of Michigan, US
17.00 CLOSING REMARKS from the chair and close of conference day
17.30 I.T. Security AWARDS Ceremony
