Month: November 2019

Fortinet Predicts Advanced AI and Counter Threat Intelligence Will Evolve Shifting the Traditional Advantage of the Cybercriminal

Leave a comment

Organizations Need to Adopt Security Strategies that Maximize Integration, Advanced AI, and Actionable Threat Intelligence to Proactively Protect Against Modern Attacks

News Summary:

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today unveiled predictions from the FortiGuard Labsteam about the threat landscape for 2020 and beyond. These predictions reveal methods that Fortinet anticipates cybercriminals will employ in the near future, along with important strategies that will help organizations protect against these oncoming attacks. For a more detailed view of the predictions and key takeaways, visit the blog.

“Much of the success of cyber adversaries has been due to the ability to take advantage of the expanding attack surface and the resulting security gaps due to digital transformation” said Derek Manky, Chief, Security Insights & Global Threat Alliances, Fortinet. “Most recently, their attack methodologies have become more sophisticated by integrating the precursors of AI and swarm technology. Luckily, this trajectory is about to shift, if more organizations use the same sorts of strategies to defend their networks that criminals are using to target them. This requires a unified approach that is broad, integrated, and automated to enable protection and visibility across network segments as well as various edges, from IoT to dynamic-clouds.”

 Highlights of the predictions follow:

Changing the Trajectory of Cyberattacks

Cyberattack methodologies have become more sophisticated in recent years magnifying their effectiveness and speed. This trend looks likely to continue unless more organizations make a shift as to how they think about their security strategies. With the volume, velocity, and sophistication of today’s global threat landscape, organizations must be able to respond in real time at machine speed to effectively counter aggressive attacks. Advances in artificial intelligence and threat intelligence will be vital in this fight.

The Evolution of AI as a System

One of the objectives of developing security-focused artificial intelligence (AI) over time has been to create an adaptive immune system for the network similar to the one in the human body. The first generation of AI was designed to use machine learning models to learn, correlate and then determine a specific course of action. The second generation of AI leverages its increasingly sophisticated ability to detect patterns to significantly enhance things like access control by distributing learning nodes across an environment. The third generation of AI is where rather than relying on a central, monolithic processing center, AI will interconnect its regional learner nodes so that locally collected data can be shared, correlated, and analyzed in a more distributed manner. This will be a very important development as organizations look to secure their expanding edge environments.

Federated Machine Learning 

In addition to leveraging traditional forms of threat intelligence pulled from feeds or derived from internal traffic and data analysis, machine learning will eventually rely on a flood of relevant information coming from new edge devices to local learning nodes. By tracking and correlating this real-time information, an AI system will not only be able to generate a more complete view of the threat landscape, but also refine how local systems can respond to local events. AI systems will be able to see, correlate, track, and prepare for threats by sharing information across the network. Eventually, a federated learning system will allow data sets to be interconnected so that learning models can adapt to changing environments and event trends and so that an event at one point improves the intelligence of the entire system. 

Combining AI and Playbooks to Predict Attacks

Investing in AI not only allows organizations to automate tasks, but it can also enable an automated system that can look for and discover attacks, after the fact, and before they occur. Combining machine learning with statistical analysis will allow organizations to develop customized action planning tied to AI to enhance threat detection and response. These threat playbookscould uncover underlying patterns that enable the AI system to predict an attacker’s next move, forecast where the next attack is likely to occur, and even determine which threat actors are the most likely culprits. If this information is added into an AI learning system, remote learning nodes will be able to provide advanced and proactive protection, where they not only detect a threat, but also forecast movements, proactively intervene, and coordinate with other nodes to simultaneously shut down all avenues of attack. 

The Opportunity in Counterintelligence and Deception 

One of the most critical resources in the world of espionage is counterintelligence, and the same is true when attacking or defending an environment where moves are being carefully monitored. Defenders have a distinct advantage with access to the sorts of threat intelligence that cybercriminals generally do not, which can be augmented with machine learning and AI. The use of increased deception technologies could spark a counterintelligence retaliation by cyber adversaries. In this case, attackers will need to learn to differentiate between legitimate and deceptive traffic without getting caught simply for spying on traffic patterns. Organizations will be able to effectively counter this strategy by adding playbooks and more pervasive AI to their deception strategies. This strategy will not only detect criminals looking to identify legitimate traffic, but also improve the deceptive traffic so it becomes impossible to differentiate from legitimate transactions. Eventually, organizations could respond to any counterintelligence efforts before they happen, enabling them to maintain a position of superior control.

Tighter Integration with Law Enforcement

Cybersecurity has unique requirements related to things like privacy and access, while cybercrime has no borders. As a result, law enforcement organizations are not only establishing global command centers but have also begun connecting them to the private sector, so they are one step closer to seeing and responding to cybercriminals in real-time. A fabric of law enforcement as well as public and private sector relationships can help in terms of identifying and responding to cybercriminals. Initiatives that foster a more unified approach to bridge the gaps between different international and local law enforcement agencies, governments, businesses, and security experts will help expedite the timely and secure exchange of information to protect critical infrastructure and against cybercrime.

Cyber Adversary Sophistication is Not Slowing Down

Changes in strategy will not go without a response from cyber adversaries. For networks and organizations using sophisticated methods to detect and respond to attacks, the response might be for criminals to attempt to reply with something even stronger. Combined with more sophisticated attack methods, the expanding potential attack surface, and more intelligent, AI-enabled systems, cybercriminal sophistication is not decreasing. 

Advanced Evasion Techniques 

A recent Fortinet Threat Landscape reportdemonstrates a rise in the use of advanced evasion techniques designed to prevent detection, disable security functions and devices, and operate under the radar using living off the land (LOTL) strategies by exploiting existing installed software and disguising malicious traffic as legitimate. Many modern malware tools already incorporate features for evading antivirus or other threat detection measures, but cyber adversaries are becoming more sophisticated in their obfuscation and anti-analysis practices to avoid detection. Such strategies maximize weaknesses in security resources and staffing.

Swarm Technology

Over the past few years, the rise of swarm technology, which can leverage things like machine learning and AI to attack networks and devices has shown new potential. Advances in swarm technology, have powerful implications in the fields of medicine, transportation, engineering, and automated problem solving. However, if used maliciously, it may also be a game changer for adversaries if organizations do not update their security strategies. When used by cybercriminals, bot swarms could be used to infiltrate a network, overwhelm internal defenses, and efficiently find and extract data. Eventually, specialized bots, armed with specific functions, will be able to share and correlate intelligence gathered in real-time to accelerate a swarm’s ability to select and modify attacks to compromise a target, or even multiple targets simultaneously.

Weaponizing 5G and Edge Computing

The advent of 5G may end up being the initial catalyst for the development of functional swarm-based attacks. This could be enabled by the ability to create local, ad hoc networks that can quickly share and process information and applications. By weaponizing 5G and edge computing, individually exploited devices could become a conduit for malicious code, and groups of compromised devices could work in concert to target victims at 5G speeds. Given the speed, intelligence, and localized nature of such an attack, legacy security technologies could be challenged to effectively fight off such a persistent strategy. 

A Change in How Cybercriminals Use Zero-day Attacks

Traditionally, finding and developing an exploit for a zero-day vulnerability was expensive, so criminals typically hoard them until their existing portfolio of attacks is neutralized. With the expanding attack surface, an increase in the ease of discovery, and as a result, in the volume of potentially exploitable zero-day vulnerabilities is on the horizon. Artificial Intelligence fuzzing and zero-day mininghave the ability to exponentially increase the volume of zero-day attacks as well. Security measures will need to be in place to counter this trend.

Plug In and Play Out with Lulu Hypermarket at Khalidiyah Mall

Leave a comment

SHA01346-4

Khalidiyah Mall is home to Season 6 of the ‘Let’s Play’ activation by Lulu Hypermarket until the 2nd of December 2019 at main atrium, Khalidiyah Mall where grand prizes will be presented to the tournament winners.

It’s ‘Game On’ time for customers of Lulu Hypermarket as they can save up to 25% on selected gaming products during the ‘Let’s Play’ campaign.

Mayank M Pal, Mall Manager at Khalidiyah Mall said, “Gaming is popular in the UAE and we are delighted to welcome enthusiasts to visit at Khalidiyah Mall for mega deals on gaming products and the tournament.”

Khalidiyah Mall is located at the nerve centre offering patrons three levels of elegantly laid out outlets ranging from fashion to furnishing and cosmetics to consumer electronics. The mall’s multicultural food court offers an intriguing array of international cuisine, alongside a number of cafes, restaurants plus an amusement centre with arcade games, a cinema and a bowling alley.

Tarkan Maner Joins Nutanix as Chief Commercial Officer

Leave a comment

Executive Brings Over 25 Years of Industry Experience and a Deep Commitment to the Saying “Partners Are Customers”

Nutanix (NASDAQ: NTNX), a leader in enterprise cloud computing, today announced that it has appointed Tarkan Maner as Chief Commercial Officer, where he will lead Nutanix’s global business development and corporate development efforts, with a focus on strategic partnerships, alliances, system integrators, and service providers.

“Nutanix’s DNA is rooted in disruptive innovation on behalf of its customers. I am delighted to partner with Dheeraj and the executive team to accelerate Nutanix’s position as a leader in enterprise cloud computing,” said Maner. “Nutanix has accomplished so much over the past ten years, but there’s so much potential to go even further. I am excited to charge ahead and play a critical role in helping realise Nutanix’s vision of making computing invisible, anywhere.”

Maner’s responsibilities will include leading critical hybrid cloud-focused strategy and product teams including Nutanix’s core virtualisation platform (AHV), software-defined networking, and some of the key hybrid cloud services: End User Computing (Xi Frame), Database-as-a-Service (Era), DR-as-a-Service (Xi Leap), Xi Partner Network (XPN), and Solutions Engineering.

Maner brings more than 25 years of experience as an executive at disruptive technology companies in the IT infrastructure space. Most recently, he served as Chairman and CEO at Nexenta Systems, Inc., leading the organisation from its open-source focus through its acquisition by DataDirect Networks (DDN) in May 2019. Prior to Nexenta, he was the President and CEO at Wyse Technology, one of the virtual desktop computing pioneers acquired by Dell in 2012. He also held executive roles at Dell, CA Technologies, IBM, and Sterling Software. Maner served on the boards of several organisations including Teradici, CloudCheckr, Wheels, and leading non-profit organisations in Silicon Valley.

“Tarkan brings an entrepreneurial mindset and an acute awareness of the computing landscape to lead Nutanix in its second decade,” said Dheeraj Pandey, Chairman, Founder and CEO at Nutanix. “His authentic leadership style, a clear bias for action, and a broad industry network have helped him create high-energy companies, as I’ve observed him from afar. Given his deep sense of commitment to company-building, I look forward to this new partnership to build Nutanix into a hybrid cloud powerhouse.”

Family activities and events in malls during UAE National Day weekend

Leave a comment

Malls in the Line Investments & Property LLC portfolio in Abu Dhabi and Al Ain will be hosting a wide range of family activities and events during the UAE National Day celebrations.

 

Mr. Wajeb Al Khoury, Director of Line Investments and Property LLC said, “It will be an action-packed weekend for the eight malls over the weekend and shoppers can expect fun filled entertainment and exclusive surprises for the UAE National Day celebrations.”

 

Al Wahda Mall will host a musical evening with Lebanese Music sensation “Joe Koueik” on the 2nd and 3rd of December with a wide range of entertainment and activities for kids during the long weekend.

 

Khalidiya Mall National day celebration will be over three days from 2nd Dec to 4th Dec with dance and roaming performances.  There will be Arabic drummers, Arabic Theatre, Stick show, Khaleeji dancers, theme parade and mascots.

 

Mushrif Mall will host different Arabic performances and games as well as a “buy to spin and spin to win” promotion on 2ndand 3rdDecember from 6pm to 9pm.

 

Al Raha Mall will have cultural dance activities and kids arts & crafts activities with games on 2nd and 3rd December from 6pm to 10pm. There will be Khaleeji, peacock, Tanoura, wings and other cultural dances.

 

In Al Ain, Barari Outlet Mall will have Ayala dance, face painting, mascot, balloon bender, kids games shows on December 2nd. The next day there will be balloon benders, Mascots, a Dabka dance and magic show.
Mazyad Mall will host stage events and shoppers can participate in games for the family to win mall vouchers from 6.30pm on December 2nd and 3rd.

 

Al Foah Mall in Al Ain will be decorated in UAE colours and there will be kids workshops, games, mascots and various types of dances that include Ayala, Harabiya, Tanoura and Debka from 6.30pm on December 2nd and 3rd.

 

Madinat Zayed Shopping Centre will be hosting over two days kids activities, various dance shows, Balloon twisters, henna designs, mascots, clowns and face painting. Am emcee will be hosting the games challenge and will offer gifts to 200 kids. There will be live music as well from 6 to 10pm.

Veeam 2020 Technology Predictions

Leave a comment

By Dave Russell, Vice President of Enterprise Strategy at Veeam

Throughout 2019, technology has continued to have a transformative impact on businesses and communities. From the first deployments of 5G to businesses getting to grips with how they use artificial intelligence (AI), it’s been another year of rapid progress.

From an IT perspective, we have seen two major trends that will continue in 2020. The first is that on-premises and public cloud will increasingly become equal citizens. Cloud is becoming the new normal model of deployment, with 85% of businessesself-identifying as being predominantly hybrid-cloud or multi-cloud today. Related to this are the issues of cybersecurity and data privacy, which remain the top cloud concerns of IT decision makers. In 2020, cyber threats will increase rather than diminish, so businesses must ensure that 100% of their business-critical data can be recovered.

Here are some of the key technology trends that businesses will look to take advantage of and prepare for in the year ahead.

  1. Container adoption will become more mainstream.

In 2020, container adoption will lead to faster software production through more robust DevOps capabilities and Kubernetes will consolidate its status as the de facto container orchestration platform. The popularity of container adoption or ‘containerization’ is driven by two things: speed and ease. Containers are abstract data types that isolate an application from an operating system. With containers, microservices are packaged with their dependencies and configurations. This makes it faster and easier to develop, ship and deploy services. The trend towards multi cloud means businesses need data to be portable across various clouds — especially the major providers — AWS, Microsoft Azure and Google Cloud. 451 Research projects the market size of application container technologies to reach $4.3 billion by 2022and in 2020 more businesses will view containers as a fundamental part of their IT strategy. 

  • Cloud Data Management will increase data mobility and portability.

Businesses will look to Cloud Data Management to guarantee the availability of data across all storage environments in 2020. Data needs to be fluid in the hybrid and multi cloud landscape, and Cloud Data Management’s capacity to increase data mobility and portability is the reason it has become an industry in and of itself. The 2019 Veeam Cloud Data Management report revealed that organizations pledged to spend an average of $41 millionon deploying Cloud Data Management technologies this year. To meet changing customer expectations, businesses are constantly looking for new methods of making data more portable within their organization. The vision of ‘your data, when you need it, where you need it’ can only be achieved through a robust CDM strategy, so its importance will only grow over the course of next year.

  • Backup success and speed gives way to restore success and speed.

Data availability Service Level Agreements (SLAs) and expectations will rise in the next 12 months. Whereas the threshold for downtime, or any discontinuity of service, will continue to decrease. Consequently, the emphasis of the backup and recovery process has shifted towards the recovery stage. Backup used to be challenging, labor and cost-intensive. Faster networks, backup target devices, as well as improved data capture and automation capabilities have accelerated backup. According to our 2019 Cloud Data Management report, almost one-third (29%)of businesses now continuously back up and replicate high-priority applications. The main concern for businesses now is that 100% of their data is recoverable and that a full recovery is possible within minutes. As well as providing peace of mind when it comes to maintaining data availability, a full complement of backed up data can be used for research, development and testing purposes. This leveraged data helps the business make the most informed decisions on digital transformation and business acceleration strategies.

  • Everything is becoming software-defined.

Businesses will continue to pick and choose the storage technologies and hardware that work best for their organization, but data centre management will become even more about software. Manual provisioning of IT infrastructure is fast-becoming a thing of the past. Infrastructure as Code (IaC) will continue its proliferation into mainstream consciousness. Allowing business to create a blueprint of what infrastructure should do, then deploy it across all storage environments and locations, IaC reduces the time and cost of provisioning infrastructure across multiple sites. Software-defined approaches such as IaC and Cloud-Native — a strategy which natively utilizes services and infrastructure from cloud computing providers — are not all about cost though. Automating replication procedures and leveraging the public cloud offers precision, agility and scalability — enabling organizations to deploy applications with speed and ease. With over three-quarters (77%)of organizations using software-as-a-service (SaaS), a software-defined approach to data management is now relevant to the vast majority of businesses.

  • Organizations will replace, not refresh, when it comes to backup solutions. 

In 2020, the trend towards replacement of backup technologies over augmentation will gather pace. Businesses will prioritize simplicity, flexibility and reliability of their business continuity solutions as the need to accelerate technology deployments becomes even more critical. In 2019, organizations said they had experienced an average of fiveunplanned outages in the last 12 months. Concerns over the ability of legacy vendors to guarantee data Availability are driving businesses towards total replacement of backup and recovery solutions rather than augmentation of additional backup solutions that will be used in conjunction with the legacy tool(s). The drivers away from patching and updating solutions to replacing them completely include maintenance costs, lack of virtualization and cloud capabilities, and shortcomings related to speed of data access and ease of management. Starting afresh gives businesses peace of mind that they have the right solution to meet user demands at all times.

  • All applications will become mission-critical.

The number of applications that businesses classify as mission-critical will rise during 2020 — paving the way to a landscape in which every app is considered a high-priority. Previously, organizations have been prepared to distinguish between mission-critical apps and non-mission-critical apps. As businesses become completely reliant on their digital infrastructure, the ability to make this distinction becomes very difficult. On average, the 2019 Veeam Cloud Data Management report revealed that IT decision makers say their business can tolerate a maximum of two hours’ downtimeof mission-critical apps. But what apps can any enterprise realistically afford to have unavailable for this amount of time? Application downtime costs organizations a total of $20.1 million globally in lost revenue and productivity each year, with lost data from mission-critical apps costing an average of $102,450 per hour. The truth is that every app is critical. 

Driving the Omnichannel Strategy with AI

Leave a comment

By Vikram Bhat, Chief Product Officer, Capillary Technologies

The Ecommerce momentum is becoming unstoppable as brands are cashing in on a number of factors such as spike in mobile applications, a new generation of high-spending shoppers, and the availability of faster internet speeds to enable them to offer their customers a shopping experience whenever and wherever they choose. In addition, an omnichannel approach has clearly shaped the retail industry in 2019, a sector largely driving ecommerce sales in the region.

Going omnichannel is tempting for many retailers who have not yet embarked on their digital transformation journey. However, implementing an omnichannel strategy isn’t only about being present on all channels and platforms available. It is about providing a seamless and unified brand experience to customers across channels to enable them to connect with a brand and simplify their shopping experience.

A Google report further proves this is the right approach after the study found that 85 percent of shoppers start their shopping journey on one device, like a laptop for example, and end it on another, say a smartphone, or even a physical store.  

While technology is the key enabler for brands wanting to enhance their omnichannel strategy, Artificial Intelligence is another crucial component that is driving its success. But AI is only a tool and not a standalone solution, so organizations need to understand that while it can be immensely beneficial in providing customer insights, it cannot compensate for a modest or nonexistent omnichannel strategy. In short, AI needs to be a supporting element of a wider omnichannel strategy and not being implemented for the sake of being a hot technology. 

When organizations take this approach, the power of AI can truly be unleashed to boost sales and customer engagement. Let’s take a look at how AI can be applied online as well in brick-and-mortar stores.

  • Unlocking data potential: Imagine the amount of data brands have access to via multiple platforms. AI can help brands to processthis datato identify consumer spending patterns, buying preferences, customer demographics, personal preferences, and so on. 
  • Personalization:The best way AI can help brands is with the power of personalization. It allows brands to communicate with their target audience at the right time, with the right product, the right offer and message, through the right channel. Brands are able to achieve higher response rates, increased customer loyalty, and lower marketing costs
  • Image Search: AI allows consumers to search for products based on images they’ve come across. Shoppers simply take a picture and get matched to similar items on ecommerce websites. A good example is Pinterest who are leveraging this technology by allowing its users to select any item from any photograph online and then throws up similar items through an image recognition software.
  • Enhancing customer service: Chatbots are a popular and invaluable way for brands to offer24/7 customer service support on their ecommerce websites. They simulate human-like conversations with customers and can execute tasks, automate order processing, and can also provide accurate answers to customers about product details, quantities and shipping terms.
  • Generating customer insights Instore: AI deployed in physical store helpscapture, andcorrelatein store customer behaviour data and shopping preferences with digital channels like social, email, and mobile app. These insights can be passed onto the sales associates for cross-selling, up-selling and strengthening the customer engagement directly on the sales floor. 

The use of AI becomes even more powerful when combined across all channels. Organizations that realize its potential will not only drive sales and improve efficiency across platforms, but will also build a strong and loyal clientele in the long-run.

Simplifying 8 Key Authentication Terms

Leave a comment

By: Axel Hauer Director EMEA Enterprise Sales, IAMS at HID Global

Industry jargon around authentication is practically inescapable. In today’s threat landscape, there’s certainly justification for keeping these topics front-of-mind and sparking conversation. But when authentication concepts start to get a little tangled, it can be hard to know if you’re speaking the same language as everyone else. Simplifying key terms is important to understand what they really mean, so you’ll see just how complex the world of authentication can be.

1. Strong Authentication

Strong authentication is one of those industry terms that’s been overused in so many contexts, that its significance has been blurred. 

Many people consider strong authentication to be the same as multi-factor authentication (MFA) or two-factor authentication (2FA), but if you examine the European Central Bank’s standards for strong customer authentication, there are a few more hoops to jump through than just having more than one factor:

  • There have to be at least two methods used to authenticate. These two methods should come from these three categories: something only the user knows, something only the user has, or something only the user is.
  • The methods used have to be independent of one another, meaning if one is breached, the others aren’t automatically compromised. One also has to be non-replicable (unable to be duplicated), unable to be stolen through online means, and not reusable.

Here’s a caveat, though: this term, like any term based (however loosely) on codified standards, can be a double-edged sword. Just because you’ve complied with standards doesn’t mean you’ve chosen the most secure or appropriate mix of authentication factors for your organization. Compliance matters, but strategy and thoughtful implementation matter too.

2. Authorization Creep

To understand the problem posed by authorization creep you first need to understand the difference between authentication and authorization. Authentication is when a system determines that you are who you say you are. Authorization is when the system determines what you have the right to do within the given network or application, given your authenticated identity. That’s where things can get tricky.

The problem with authorization creep, also called privilege creep, is that the threat it poses to your organization will typically have nothing to do with the strength of your authentication, but instead is all about your policies, oversight, and the ease of managing your system. The fanciest, most high-tech authentication protocols won’t mean a thing if legitimate users are over-authorized. Pretty creepy, right?

3. Biometrics
In the authentication framework, biometrics are a factor linked to something you are, and they can be incredibly difficult to steal, spoof, or lose. That’s what’s so strong about them. Typically, people think of biometrics as things linked to physical characteristics—like eyes and fingers. They’re something you’re born with, right? Not necessarily. Yes, physical characteristics that you’re born with still account for the largest portion of biometric use cases. But there’s another category: behavioral biometrics. Your voice, gait, your way of typing, and a whole host of other unique characteristics are all a part of this group. These “life measurements” are acquired over a lifetime and may change subtly, all while remaining as unique as a fingerprint.

4. Federation and Single Sign-On

To nail down the differences between these two terms, let’s start by explaining the comparatively simple structure of an SSO authentication environment. Single sign-on allows you to sign on once with a service provider for a range of services, allowing that one authentication event to give you access to a suite of services. There are plenty of services that enable SSO, and the beauty of SSO is how frictionless it is for users. 

Federation works slightly differently, as it isn’t just requesting access from a single service provider. There’s still one sign-on involved on the user’s end, but not on the back end. Instead, federation relies on a trust relationship between multiple service providers, with a single source for that trust. So, the user signs on to the source of the trust relationship (a centralized identity provider, or IDP) with all of the necessary credentials once. Attempts to access federated services will involve re-authentication through that IDP. You won’t be using credentials to access those diverse services—the IDP will be sending them out. Same time savings as SSO, and similar risks if the IDP is breached.

6. Zero Trust

A Zero Trust model says that anything coming onto your network (person, or device) has to have a positive identity that’s verified by the system. Put simply, “Trust never, always verify.” That way, access is restricted to licit users and devices: trusted entities. When hundreds or even thousands of internet-enabled devices are able to come on the network of a large organization, it’s crucial to give them access rights commensurate with what they need from the network—which shouldn’t be much.

So how does a Zero Trust security posture contribute to a safer organization? Basically, it makes sure that what’s on your network belongs there and heads off breaches by unauthorized devices that may not be properly configured. It also addresses vulnerabilities arising from use of your network’s resources by devices that may be communicating remotely over an insecure internet connection. Finally, it keeps users from bringing in their own less-secure devices and inadvertently causing a breach. No one wants to be that guy. With a Zero Trust security model, they wouldn’t get the opportunity.

7. Phishing

Phishing, as you probably know, continues to be one of the most common security scams. Through email (the usual source), text, phone, or even messaging, social media, and productivity apps, crooks attempt to steal user data. Usually, they’ll pose as a legitimate organization and steal a bit of formatting from licit communications from those organizations. The goal is to get people to click a malicious URL, log in to a fake site, or download a virus-ridden attachment.

Because it can be devastatingly successful, cybercriminals have continued to innovate. They all want to build the better phish-trap, which is why there are some new terms associated with this old-school brand of attack, such as: Spear Phishing, Whaling, Clone Phishing.

8. Internet of Things

If you think of a certain talking home speaker system or your smart oven when you think of the Internet of Things (IoT), you’re not alone. Consumer “smart” devices overwhelm the public imagination when it comes to IoT. The surface area of this ecosystem and its vulnerability to breach is enormous. A “headless” device, which has no clear user interface and may even communicate through archaic or unsecured protocols, is an attractive target for crooks. What’s crucial is to have an identity and access management solution that encompasses all of these headless devices (Zero Trust), ensuring that their access to the network is licit, and that no bad actors are hijacking the device to access your network.

The consequences of an IoT breach can be dire, but avoiding breach isn’t necessarily simple or straightforward. A great illustration of this concept is the recent discovery that one popular smart light bulb sold on Amazon was essentially cracking network security wide open for many consumers without their knowledge. This bulb stored wi-fi credentials in plaintext in its firmware and had no security settings whatsoever. Because these devices tend to utilize low-energy chipsets and low-complexity code (code that is sometimes downright archaic), they can be a welcome mat for hackers. Today’s IoT ecosystem is full of mismatched headless or limited UI devices that may be ticking time bombs.

Overwhelming response to ‘The HEAT’ Fashion Show

Leave a comment

Fashion event thrills shoppers at Mushrif Mall

Mushrif Mall’s annual ‘The HEAT’ fashion show for the kids and adult category brought out the latest fashion elements to the central area of the mall the last two weekends with entertainment in between the shows.

According to Aravind Ravi Palode, Mall Manager of Mushrif Mall, “The HEAT Fashion show attracted shoppers to the mall and was the perfect platform for tenants to showcase their latest designs and brands to the local community. Mushrif Mall always strives to bring engaging experiences to customers and the show highlighted products offered at the retail outlets.”

Over 60 kids and adults participating shops paraded their fashion collections, accessories and related products to shoppers with games in between the fashion shows where customers won exciting prizes from the mall.

Mushrif Mall, located on Airport Road, Abu Dhabi hosts renowned brands and a wide range of dining outlets, hypermarket and services spread over three levels. It has over 200 luxury fashion retailers across all categories including fashion, jewellery, electronics, home appliances, cosmetics, gift items, clothes, perfumes, toiletries and much more.

Premium environment friendly Express Auto Wash introduces attractive discounts to customers

Leave a comment

Revolutionary car wash facility behind Mushrif Mall promises efficient 5-minute car wash service for customers

Express Auto Wash (EAW), a premium environment automatic car wash facility located behind Mushrif Mall in Abu Dhabi introduces attractive discounts to customers during this month leading up to the festive season.

Customers can enjoy 20% on platinum wash, 20% on AC treatment (bacteria and adour removal) as well as AED10/- for Express Gold Wash on the UAE National Day, 2ndDecember.

The environment friendly facility allows multiple cars to be washed simultaneously saving your valuable time and ensures 95% of the water is recycled. Companies in Abu Dhabi that support sustainability can come on board and register all the company cars as well as the employees cars to get a 20% discount throughout the year.

Express Auto Wash has the most reliable and safest high-tech car wash systems with high-pressure undercarriage water nozzles that add to the efficiency of the wash while the MN Tech 21 Turbo Drying System completes the drying process.

The fast and yet thorough clean saves corporate and private customers valuable time that can be spent more productively at home and in the office. Auto Wash also offers touch free car wash for the more delicate and premium cars.

Express Auto Wash has a loyalty program that offers one free car wash after every nine washes. There is also a customer referral program where three new plate numbers of friends and family introduced to EAW gets the customer 15 free washes for one month.

The mission of Express Auto Wash is to lead the vehicle care industry by always putting customer service, innovation and performance first and their vision is to be passionate champions of world-class car wash solutions.

An Exterior Sedan wash costs AED 30/- and Exterior SUV costs AED 35/-. The platinum service for sedan is AED 50/- and for SUV AED 60/- and diamond complete for sedan is AED90/- and SUV is AED 100/- where vehicles get additional services.

Some of the new services introduced includes:

1.Nano ceramic…AED 2000

2.GardX paint protection AED 1800

3.Window Tinting Sedan AED 300

4.Window tinting SUV AED 350

5.Headlight wrapping AED 150

6.Headlight polishing AED 100.

  1. Clay bar treatment and waxing AED 150/-.for sedan
  2. Clay bar treatment and waxing AED 200/- for SUV.

Extra Services include Mat-wash, Dashboard Polishing, interior and exterior car detailing, AC treatment as well as Bacteria and Odour removal in vehicles, for which a price list is posted on the EAW website.

 

Ooredoo Kuwait Chooses Fortinet to Deliver the Region’s First Secure SD-WAN Managed Service to Enterprise Customers

Leave a comment

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that it has been chosen by Ooredoo Kuwait, a part of Ooredoo Group – a leading international communications company operating across the Middle East, North Africa and Southeast Asia – to deliver the region’s first secure SD-WAN managed service. Fortinet Secure SD-WANwill allow Ooredoo’s existing and new enterprise customers to achieve accelerated connectivity, transport mode independence, and increased application performance while benefiting from tightly knit SD-WAN and advanced security features. Ooredoo Kuwait itself is deploying Fortinet’s Secure SD-WAN across its retail branches and will serve as a reference for customers wishing to follow suit. 

“Ooredoo Kuwait’s broad managed security services rely on several Fortinet solutions, including the Fortinet Secure SD-WAN solution, which significantly reduces onboarding efforts and speeds time to market for the service,” said Abdulaziz AlBabtain, Chief Business Officer at Ooredoo Kuwait. “Our secure SD-WAN managed service is much more than just a new connectivity service for the enterprise WAN edge. It is paving the way for significant benefits for our customers and significant new revenue streams for Ooredoo Kuwait by leveraging our security operations center, clean pipe, secure WiFi, email security, end-point security and advance threat protection.”

As organizations increase the use of business-critical cloud-based applications and infrastructures, they are becoming more attuned to the benefits of extending these tools to remote locations through software-defined wide-area network (SD-WAN)architectures, a network segment now referred to as the WAN Edge. In fact, because the need to provide the services and applications being generated by digital transformation to the WAN Edge is accelerating so rapidly, the global SD-WAN market is projected to reach $4.5 billion and grow at over 40% CAGR by 2022.

“SD-WAN offers accelerated connectivity, cost savings, and increased performance for Software-as-a-Service (SaaS) applications. However, the benefits of SD-WAN cannot be truly realized without security as an integral part of the solution,” said Joe Sarno, International Emerging Vice President at Fortinet.“Without an integrated security solution, organizations are forced to overlay security, creating significant overhead and leaving gaps in protection as security and management systems remain isolated. We’re pleased to work with Ooredoo Kuwait to deliver the region’s first secure SD-WAN managed service and continue our focus of delivering integrated SD-WAN and advanced security to enterprise customers around the world.”

The following Fortinet products underpin Ooredoo Kuwait’s Secure SD-WAN managed service:

  • FortiPortalprovides turnkey, easy-to-deploy customer portals for self-service without having to worry about complex development or maintenance costs
  • FortiSandboxdelivers real-time actionable intelligence through the automation of zero-day, advanced malware detection and response
  • FortiMailis a top-rated secure email gateway that stops volume-based and targeted cyber threats to help secure the dynamic enterprise attack surface, prevent the loss of sensitive data and help maintain compliance with regulations
  • A range of FortiGate Next-Generation Firewallsdeliver both advanced security and SD-WAN services
  • FortiManagerdelivers single-pane-of-glass management for both SD-WAN and security, end-to-end visibility, and multi-tenancy to support many enterprise customers at scale 
  • FortiAnalyzerdelivers centralized reporting, advance analytics and open-programmable interface to integrate with customers’ existing investments and solutions 
  • FortiClientensures that all fabric components – FortiGate, FortiAnalyzer, EMS, Managed AP, Managed Switches, Sandbox – have a unified view of endpoints in order to provide tracking & awareness, compliance enforcement and reporting

Fortinet’s Secure SD-WAN solutioninteroperates as part of a comprehensive security architecture through the Fortinet Security Fabric, producing an integrated end-to-end security solution across the entire attack surface that leverages Security-Driven Networking.