Posted on June 10, 2014

Robert Bigman, former Chief Information Security Officer (CISO) at Central Intelligence Agency (CIA), revealed that the size of a company’s information security arm does not necessarily guarantee a secure I.T. environment. He stressed that its influence and centralised management with strong program and data governance controls is what works and matters most.

“There is a good mix of small and big companies who do it well when it comes to securing their organisations’ I.T. systems,” Bigman said during his keynote presentation on the second day of the Gulf Information Security Expo and Conference (GISEC) organised by Dubai World Trade Centre. ‘’What is essential is the effective participation of I.T. security in all strategic planning and tactical decision taking, I.T. configuration change requests and monitoring of network interfaces and all use of privileged account accesses.

“Having witnessed also how big companies do it wrong, I also strongly urge that Chief Information Security Officers should not work with Chief Information Officers,” he added. In his presentation, Bigman further revealed that majority of I.T. vendors place product compatibility ahead of product security and are patching product holes instead of writing secure code. He recommended that the best solution to thwart sophisticated hackers and cyberthreats include system encryption, white-listing of approved applications, cyber intelligence and sharing big data analytics.

Role of IT security in companies 1 [].jpg

A Frost & Sullivan Position Paper authored for GISEC reported that the global physical security services market generated revenues of USD62.3 billion in 2013, and is expected to reach USD86.32 Billion in 2018. Frost & Sullivan - a GISEC Conference Knowledge Partner - also forecasts that the Middle East and Africa (MEA) region’s I.T.and Physical Security Services market will likely grow at a Compound Annual Growth Rate (CAGR) of 18.4% from 2013 to 2018.

On the other hand, a PricewaterhouseCoopers (PwC) 2014 Global Economic Crime Survey reveals that cybercrime is currently the second most reported economic crime in the Middle East with high-profile breaches being reported every day. Thus, in its efforts at combatting such crime, the Middle East accounts for nearly 1.4% of global software spending, with long-term prospects of growth as per a recent report by Gartner, Inc. “The challenge facing us is that today’s cyberthreats have grown exponentially in scale and sophistication. GISEC 2014 will equip the information security industry with the latest tools and strategies to deal with this ever-more complex threat,” said Trixie LohMirmand, Senior Vice President, Dubai World Trade Centre.

During the first day of GISEC 2014, key industry speakers also discussed countermeasures and solutions to combat cybersthreats.Hosting delegates from over 18 countries, among the speakers at the exhibition were Konstantinos Karagiannis, Director of Ethical Hacking, BT Global Services; Hani Nofal, Executive Director of INS, GBM; Ashraf Ali Ismael, National Information Assurance Manager, Cybersecurity Division, (QCERT) ICTQatar; and Stephane Konan, Special Advisor to the Minister of Homeland Security of Cote d’Ivoire.

Other speakers who shed light on cybersecurity threats include John Taylor of Protection Group International; Sameer Shaikh, I.T. Security Policies and Risk Manager, Emirates Group I.T.; Nader Henein, Advanced Security Solutions, Advisory Division, BlackBerry; Omar Ali Marosh, I.T. Specialist, Ajman Land & Property Department; and Ayman Al-Issa, Digital Oil Fields Cyber Security Advisor, ADMA. Tareque Choudhury, Head of Security for Middle East and Africa, BT Global Services: "Cybersecurity is a truly global phenomenon and we're witnessing its growing importance in the Middle East. GISEC provides an invaluable platform for collaboration and knowledge sharing and I'm proud that BT play a key role in this major security event."

A panel session on the CISO Challenge was also held that focused on how to manage the crucial links between information security, operational performance, brand protection and shareholder value. The speakers who headlined the session were Mustapha Huneyd, Corporate Information Security Office, Ooredoo Qatar; Neil Thacker, Information Security & Strategy Officer, EMEA, Websense UK Ltd; Ahmed Baig, Head of Information Security & Compliance, DWTC; Kamran Ahsan, Head of Information, Security and Risk; Gurpreet Kochar, President, ISACA, UAE; and Brian Tokuyoshi, Senior Solutions Analyst, Palo Alto Networks.

Meanwhile, free-to-attend (ISC)2® CISSP® Clinic sessions were conducted on the first day of GISEC. The sessions focused on Information Security Governance and Risk Management; and Access Control. All participants received CISSP certificates at the end of the sessions.

Furthermore, free educational GISEC Security Sessions were organised for the three days of the exhibition focused on workshops, product demonstrations, informative speeches and case studies. Among the topics discussed included Detection and qualification of malicious activities; Hardware encryption with benefits of solid state of disk as well as critical patch against security incidents; Enhancing productivity through Centralized Access Management; Endpoint security solution against APT; Using Analytics for Risk Insight and Risk Decisions and many more crucial subjects and issues.

Role of IT security in companies 2 [].jpg

Among the key sponsors of the exhibition are BT as Strategic Sponsor; GBM as Diamond Sponsor; Spire Solutions and Protection Group International as Platinum Sponsors; Access Data, Websense International, FireEye and F5 Networks as Gold Sponsors; Research in Motion (Blackberry), CSC Computer Sciences, Guidance Software and Palo Alto Networks as Silver Sponsors. Meanwhile, Paladion is the sponsor for the IT Security Awards. Powered by GITEX TECHNOLOGY WEEK, the region’s leading Information and Communications Technology (ICT) event, GISEC is strictly a trade-only event and is open to business and trade visitors from within the industry only. GISEC is open 10am-6pm from 9-11 June. Visitor attendance is free of charge. For more information, please visit

All delegates can download the GISEC mobile app allowing them to network with other delegates by exchanging messages and arranging meetings along with the conference agenda. The app is available to download for iPhone, Android,BlackBerry and Windows, and there’s a mobile webversion for other phones. An exclusive whitepaper from Frost & Sullivan is also available for download from the GISEC app.