Proactive, Reactive and
Collective Cyber Security
Building Qatar’s
cyber security resilience
Industry meeting by
13th - 14th September 2015Marriott Marquis City Center Doha Hotel, Doha, Qatar
naseba.com
Post event report
2 INTRODUCTION
Introduction
Dear reader,
This post-event report gives a detailed breakdown and reference guide to the 7th Edition Cyber Defence Summit
held on 13th and 14th September 2015 in Doha, Qatar.
In all, the summit hosted 153 participants mainly representing government agencies, defence and security authorities, financial institutions, oil and gas companies, utilities, telecom and ISPs, universities, large enterprises and other critical national infrastructure organisations.
Under the theme ‘Building Qatar’s cyber security resilience’, the agenda addressed pressing cyber security aspects such as high-level strategic planning; critical infrastructure protection; advanced persistent threat prevention; securing the cloud, mobile, big data and social platforms; addressing the human factor; risk management, business continuity and disaster recovery; collaboration and capacity building, to name a few.
To address the current and future cyber security challenges of Qatar, and to propose appropriate strategies, solutions, training and technologies, 10 leading IT and Security companies showcased their capabilities in the corporate networking area.
Special mention to:
Gold Sponsors: BAE Systems Applied Intelligence, Fortinet, Ooredoo and Spire Solutions. Silver Sponsors: Fidelis Cybersecurity, Global Security Network and Stormshield.
Bronze Sponsors: Cyberoam, Entrust and Solucom. Training Sponsor: MIH Training Academy.
Most importantly, I would like to acknowledge the summit’s Advisory Board, distinguished speakers, delegates and the members of the media who committed their time and support.
Respectfully yours,
Naveen Bharadwaj
Senior Project Manager Naseba
3 OVERVIEW
Day one, 13
th
September 2015
Naseba’s Managing Director Nicholas Watson welcomed the attendees and presented key statistics from a survey Naseba had conducted with over 200 CIOs and CISOs based in Qatar.
Eng. Samir Pawaskar, the Summit’s Chairperson, connected with the audience through his welcome address revolving around the immediate need for cyber security awareness and the various efforts being carried out by
the Ministry of Information and Communications Technology (ictQATAR).
The opening panel, chaired by Mustapha Huneyd, emphasized the need for smart planning and effective
strategies as critical national infrastructures and sensitive information are constantly falling under the radar of
cyber criminals. Panelists included Claudio Lo Cicero, Simon Goldsmith, Farrukh Ahmed and Eng. Samir Pawaskar.
During the 90 minute networking break, over 80 pre-scheduled and adhoc meetings were conducted between the delegates and the solution providers, all based on the current and future cyber security needs of the delegates. Immediately after the break, the participants witnessed four highly interesting presentations which included
a combination of case studies, lessons learned, best case examples, product specifications and more. The presenters were Kalle Bjorn, Sameh Sabrey, Gilles Loridon and Jim Jaegar.
Last session of the day was an interactive panel discussion revolving around cyber security challenges in the energy sector and practical solutions to overcome them. Moderated by Jim Jaegar, the session was joined by Aarn Wennekers, Abdul Sathar, Yasir Hamza and Claudio Lo Cicero.
Day two, 14
th
September 2015
Naveen Bharadwaj, Senior Project Manager at Naseba, welcomed the audience back and gave a recap of the
sessions held on day one.
The first session of day two was an interactive panel discussion on the subject of security implications with
disruptive technologies such as cloud, mobility, big data and social media. Mohammad Ballan, Aftab Afzal and
Satyanarayan Banjapally were the panelists while Sami Al Shammari was the moderator.
Over 40 pre-scheduled meetings were conducted during the 60 minutes break in addition to several introductions facilitated between the delegates and solution providers.
The closing panel discussion hosted Dr. Marc Dacier, Trevor Moore, Dr. Munir Tag and Gaurav Sharma. Chaired by Aarn Wennekers, the panelists elaborated the need for a collaborative approach and how capacity building can help overcome challenges.
As networking plays a key role in one’s professional career, the tipping point and final session of the Summit
was the Naseba Networking Hub. Over 60 participants met with at least 20 of their industry peers, for 2 minutes each, all within a short span of 40 minutes.
4 OVERVIEW
The 4 key takeaways from the interactive discussions and presentations of the agenda were: 1. Developing a culture of cyber security
A lot of emphasis has been placed on upgrading infrastructures and huge amounts of money is being spent
on fancy cyber security products and solutions. However, these spending and efforts would be meaningless
without educating and creating awareness amongst all the stake holders of companies and people of the nation. Worldwide, actors at all levels, from individuals to nations, need to ensure that cyberspace and the systems dependent on it are resilient to evolving threats. Simple acts such as employees (from receptionist to CEO) locking their computers while not at their desks and not sharing their login credentials with colleagues to encouraging children to not divulge details online (social media) will go a long way in adding impetus to ensuring utmost cyber security.
2. Cyber security capacity building
This is one key area which will decide the future of effective cyber security. ictQATAR, Ooredoo, Qatar University,
Qatar Foundation and several other national entitles are investing a lot of money in developing local cyber security resilience and workforces. Children are being taught cyber security at school; college students are being encouraged to take up cyber security as main stream; young innovators and entrepreneurs are being backed by physical facilities and funds to pursue cyber security as a career; and the industry is collaborating to set up local cyber security facilities that can help protect systems, detect threats, mitigate risks, report incidents and restore normal operations. All of these with an inherent emphasis on building local national resilience.
3. Protection of disruptive technologies such as cloud, mobile and big data
Increasing number of enterprises are embracing cloud and mobile technologies to have the competitive edge and to better serve their customers. Volume of information being collected and processed has grown manifolds, and is contributing to business intelligence in the form of big data. While these are positive developments,
they automatically open the Pandora box of security concerns. Instead of shying away from these technologies because of the threats they entail or jumping onto the bandwagon because these technologies are cool to have,
organisations need to thoroughly review the pros and cons that would particularly impact their organisation and seek maximum security protection if a decision is made to implement them. Contractually pressing the solution providers to cover for security can be a great start.
4. Industry specific security focus along with dedicated risk management practices
One size does not fit all therefore sectors need to come together to set up committees and panels to collectively address topics such as identification of risks in that particular sector, sector critical infrastructures, sector crisis
management, standards & best practice, training and awareness, and areas for research and development.
Qatar is a great example for this given the ictQATAR’s efforts in setting up industry specific information security
risk committees such as Energy Sector Information Risk Expert Committee (EN-IREC) and Financial Sector Information Risk Expert Committee (FS-IREC).
After all, ensuring utmost cyber security is a choice, a choice that is becoming mandatory.
5 ATTENDEE BREAKDOWN
Understanding Qatar’s current cyber security
landscape
In the build up to the summit, we conducted a survey with over 200 heads of IT and security from Qatar.
Below are the results of some of the key questions asked.
How important is cyber security to their organisation? (Rank on the scale of 1 to 10 with 10 being the most important)
21% 35% 18% 10% 4% 4% 2% 3% 3% 1% 1 (3%) 2 (1%) 3 (3%) 4 (2%) 5 (4%) 6 (4%) 7 (10%) 8 (18%) 9 (21%) 10 (35%)
Does their company have existing cyber security systems and/or services?
Yes (54%)
No (46%)
46%
6 ATTENDEE BREAKDOWN
What is their budget allocation for cyber security? (In US$ million)
0.5 - 1 (63%) 1 - 2 (17%) 2 - 5 (11%) 5 - 10 (4%) 10 - 50 (4%) 50+ (1%) 63% 17% 11% 4% 4% 1%
When are they looking to procure? (In months)
22% 10% 32% 37% 0- 3 (10%) 3 - 6 (22%) 6 - 12 (37%) 5 - 10 (32%)
7 ATTENDEE BREAKDOWN
Enterprise Security, Big Date and Security Analytics (90)
Cloud, Mobile and Web Security (82)
Fraud Prevention and Banking/Transaction Security (28) Network Security and Monitoring, End Point Security (115)
Antivirus, Antimalware and Firewall (105)
APT, Zero Day, DDoS and Targeted Attack Prevention (59)
GRC, ERM, Back up, Business Continuity and Disaster Recovery (43)
Incident Response, Digital Forensics, Network and Host Forensics (50)
Penetration Testing and Intrusion Detection/Prevention
(65)
Identity, Access and API Management (47)
Security Consultation and Training (55)
Other (4)
0
20
40
60
80
100
95% 92% 90% 82% 28% 59% 43% 50% 65% 47% 55% 4%8 SPEAKERS
Speakers
Aarnout (Aarn) Wennekers
Advisor, Audit and Corporate Governance
Ministry of Energy & Industry and Qatar Petroleum
Abdul Sathar
Head of ICT, IT Department
Qatar Fuel Additives Company (QAFAC)
Aftab Afzal
Director Security BU – SER and EMEA East
Akamai Technologies Claudio Lo Cicero Chief Information Security Officer Maersk Oil Farrukh Ahmad
Chief Information and Technology
Security Officer
(CIO and CTSO)
Vodafone Qatar
Gaurav Sharma
Security Architect
Ooredoo Qatar
Eng. Gilles Loridon Chief Executive Officer
Global Security Network
Jim Jaeger
Chief Cyber Services Strategist
Fidelis Cybersecurity
Kalle Bjorn
Director, Systems Engineering – Middle East
Fortinet
Dr. Marc Dacier
Principal Scientist and Acting
Director, Cybersecurity Research Group
Qatar Computing Research Institute
9 SPEAKERS
Mohamad Ballan
Chief Information Security
Officer
Doha Bank
Dr. Munir Tag
Program Manager, ICT, Qatar
National Research Fund (QNRF)
Qatar Foundation Mustapha Huneyd Head of Corporate Information Security Ooredoo Qatar Sameh Sabry Associate Vice President
Spire Solutions
Satyanarayan Banjapally Head of SAP and IT
Qatar National Cement Company
Eng. Samir Pawaskar Head of Cyber Security Policy
and Standards
Ministry of Information & Communications Technology (ictQATAR) Sami Al Shammari IT and Telecommunications Manager Oryx GTL Trevor Moore Chief Information Officer
Qatar University
Simon Goldsmith
Director Cyber Security (Commercial), Middle East
BAE Systems Applied Intelligence
10 OFFICIAL SPONSORS
GOLD SPONSORS
SILVER SPONSORS
11 OFFICIAL SPONSORS
BRONZE SPONSORS
12 PHOTO GALLERY
Photo gallery
Energy sector cyber security being elaborated ‘by’ Aarn, Claudio, Sathar, Yasir and Jim
13 PHOTO GALLERY
Kalle, Sameh, Gilles and Jim briefing the audience on APT, next generation threats, security
automation and SCADA-IT Security.
14 PHOTO GALLERY
Tailored peer-to-peer networking
15 PHOTO GALLERY
Protection of disruptive technologies (cloud, mobile, big data and social media) being discussed
‘by’ Sami, Satya, Aftab and Mohamad.
16 PHOTO GALLERY
Capacity building and collaboration discussion featuring (L to R) Aarn, Dr. Tag, Gaurav, Trevor
and Dr. Dacier
Speed dating with a business card - corporate networking with a twist
17 ATTENDEE LIST
Attendee list
COMPANY NAME
JOB TITLE (ATTENDEE NAME)
AECOM
IT Manager
Al Jazeera Media Networks
Head of Technology Architecture
Al Muftah Group
I T Manager
Aspire Zone Foundation (Qatar)
Information Security Officer
Aspire Zone Foundation (Qatar)
Head of IT Strategy & Governance
Audit Bureau
Head of IT
Bein Media Group
IT Manager
Bein Media Group
Executive Director of Technology
College of the North Atlantic - Qatar
Dean of I T
ConocoPhilips
IT Manager & BP, Russia,Caspian,Africa &
Middle East
Customs and Ports General Authority
Network & Security Manager
Customs and Ports General Authority
Network Manager
Dar Al Sharq (Media)
IT Manager
Dar Al Sharq (Media)
ITI Section Head
Doha Bank
Information Security Officer
Doha Cables
IT Manager
Doha Cables
Assistant IT Manager
Doha Film Institute
Head of Information Technology
Energy City Qatar
CTO
Energy City Qatar
Sr. Electrical Manager
Exxon Mobil
Middle East IT Manager
Ezdan Holding
IT Manager
General Retirement and Social Insurance
Authority
System and Network Unit Supervisor
Gulf Drilling International Ltd. (Q.S.C.)
IT Security & Governance Specialist
Gulf Drilling International Ltd. (Q.S.C.)
Senior Internal Auditor
Gulf Warehousing
Senior Manager IT
Gulf Warehousing
IT Audit Manager
Hamad International Airport
IT Security Manager
Hamad Medical Corporation
HICT Manager
HSBC Bank Middle East Ltd
Country Head-Security and Fraud Risk
International Medical Company
IT Manager
Investment House
Internal Audit Manager
Jaidah Group
IT Director
JX Nippon Oil & Gas Exploration (Qatar)
Limited, Doha Office
IT Manager
18
KG Group
IT Manager
Khalid Cement
IT Manager
Mada (Qatar Assistive Tecnology)
IT Manager
Mall of Qatar
Director of IT
Masraf Al Rayan
Information Security Manager
Ministry of Administrative Development
Head of System Administration
Ministry of Economy and Finance
IT Director
Ministry of Economy and Finance
Senior IT Advisor
Ministry of Interior
IT Security Head
Ministry of Interior
IT Security Officer
Ministry of Interior
IT Security Officer
Ministry of Interior
IT Security Manager
Ministry of Labour and Social Affairs
Information Security Manager
Ministry of Youth and Sports
IT Director
Mowasalat
IT Applications Manager
Nasser Bin Khaled
Director of BIT
New Port Project
Finance & IT Manager
Occidental Petroleum - OXY
Team Lead - IT Infrastructure & Operations
Ooredoo
Head- IT Security
Petroserv
Head of IT
Primary Health Care Corporation (PHCC)
Head of IT Projects
Q Post
Chief of Systems Development
Q Post
IT Director
Qatalum
Head of IS/IT infrastructure & security
Qatar Aeronautical College
IT Consultant & Acting Head of IT
Qatar Central Bank
Head of Information Security Unit
Qatar Computing Research Institute - Qatar
Foundation
Manager of Research Computing
Qatar Development Bank
IT Security Administrator
Qatar Foundation for Elderly People Care
IT Manager
Qatar Fuel - WOQOD
Applications Development Manager
Qatar Fuel - WOQOD
Application Security Manager
Qatar Fuel Additives Company
Head of ICT
Qatar Gas Transport Company
Head of Infrastructure, Information
Technology
Qatar International Islamic Bank
Head of Information Security
Qatar International Islamic Bank
Head of IT Infrastructure, Support and
Delivery
Qatar Investment Authority
Enterprise IT Security
Qatar Investment Authority
IT Service Manager
Qatar Lubricants Co. Ltd
Systems Manager
ATTENDEE LIST19
Qatar Meteorology Department CAA
Network Manager
Qatar Meteorology Department CAA
Head of Networks
Qatar National Cement Company
head of IT and SAP
Qatar National Library
Associate Director for Library Information
Technology
Qatar National Research Fund
Program Officer
Qatar National Research Fund
IT Advisor
Qatar News Agency
CIO
Qatar Olympic Committee
IT Security Consultant
Qatar Petrochemical Company (QAPCO)
Head of Automation & Head of E & A
Qatar Petrochemical Company (QAPCO)
Head of Automation
Qatar Petrochemical Company (QAPCO)
Assistant Head of Engineering
Qatar Petrochemical Company (QAPCO)
E & A Lead Specialist
Qatar Petrochemical Company (QAPCO)
IT Security Lead
Qatar Petrochemical Company (QAPCO)
Assistant Head of IT Security
Qatar Ports Management Company
IT Manager
Qatar Power
IT Manager
Qatar Red Crescent Society
Director of Information Technology
Qatar Steel Company
IT Manager
Qatar Steel Company
Information Security Lead
Qatar University
Information Security Manager
Qatar Vinyl Company LTD
Senior Information Security Officer
Qatari Investors Group
IT Manager
Qatari Public Prosecution
Consultant Network Manager
Qatari Public Prosecution
Senior Security Consultant
Ras Laffan Power Company (RLPC) - Qatar
Petroleum
Administration Manager
Salam International Investment
Unix and Security Manager
Sidra Medical and Research Center
Head of Systems Security
The Commercial Bank of Qatar
Acting Head of Information Security
The Commercial Bank of Qatar
Head of Information Security
The Commercial Bank of Qatar
Information Security Specialist
The Commercial Bank of Qatar
Senior IT Auditor
The Group Securities
IT Perfomance Manager
Total Global
Lead IT Security (RSSI-L), Compliance (IMCM)
and Projects
Transind Holding
Head of IT
United Bank Limited
Head Of I T
Weill Cornell Medical College
Director, ITS Operations
Weill Cornell Medical College
Senior Manager Network/
Telecommunications/Audio Visual
ATTENDEE LIST20
Testimonials
Majority of the attendees were decision makers and key
influencers. We are confident of doing business with them soon.
Spire Solutions
Associate Vice President
This truly is better than regular exhibitions and conferences. We will definitely consider participating again.
Fidelis Cyber Security
Chief Cyber Security Strategist
Very professional and well organised platform.
Global Security Network
Chief Executive Officer
Lots of high level attendees. One to one meetings are a great idea. Very satisfied.
Ooredoo
Head of Corporate Information Security
Naseba staff were very well organised and helped us to the maximum extent.
The event is successful for us.
BAE Systems
Director Cyber Security (Commercial) – Middle East
21
Upcoming events
Hotel Technology Summit
November 22
nd- 23
rd2015 | Dubai, United Arab Emirates
Municipality Expansion & Excellence Summit (Smart Cities)
November 25
th- 26
th2015 | Riyadh, Saudi Arabia
8
thEdition Cyber Defence Summit
February 23
rd- 24
th2016 | Riyadh, Saudi Arabia
7
thAnnual Kingdom Smart Government Summit
May 8
th- 9
th2016 | Riyadh, Saudi Arabia
COBIT 5 Foundation Certification Training
November 29
th– December 1
st2015 | Doha, Qatar
Certified Information Systems Risk and Compliance Professional Training
February 14
th– 18
th2016 | Dubai, UAE
Lean IT Management – Foundation Course
February 7
th– 9
th2016 | Doha, Qatar
9
thEdition Cyber Defence Summit
September 6
th- 7
th2016 | Doha, Qatar
UPCOMING EVENTS
22
Contact information
NASEBA
Boutique Villa No 5, Dubai Media City
Dubai - United Arab Emirates
P
+971 4 367 1376
F
+971 4 367 2764
[email protected]
www.naseba.com
NAVEEN BHARADWAJ
Senior Project Manager
[email protected]
SUMEDHA JOSHI
Marketing Manager
[email protected]
ROMELL GUMMBS
Sponsorship Manager
[email protected]
PATRICK WILLIAMS
Delegates Manager
[email protected]
WE ARE ON
Contacts
CONTACT INFORMATION23 ABOUT NASEBA
About naseba
Naseba offers business facilitation expertise in growth
markets.
We create deal flow, foster networking and enhance
knowledge exchange.
Naseba supports you with educating your workforce, entering new markets, raising capital, securing partners and closing sales.
Our services include investor introductions, industry meetings, leadership forums, and professional trainings.
Investor introductions provide pre-qualified business cases with direct meetings with pre-screened
investors .
Industry meetings connect pre-screened purchasing decision makers with solution providers to shorten their sales cycle.
Leadership forums bring together business executives through an interactive agenda of keynotes,
panels and workshops produced to drive change.
Professional trainings offer a wide range of executive courses, crafted to advance careers and execute
business strategy.
Naseba partners with governments, key figures in media, industry and academia to add real value to
our network worldwide.
Since inception in 2002, Naseba has connected over 80,000 executives globally through more than 700 proprietary business platforms.
Naseba operates from 4 main offices in India, Saudi Arabia, United Arab Emirates and the United States, and local representatives in Algeria, China, Malaysia, Portugal and Spain.
Naseba. Creating opportunity.
... ...
24