< Previousfeature 30 edge_ june 2024 use of cryptocurrencies worldwide. It is generally a multifaceted technological discipline embraced by crypto wallets, liquidity providers, and cryptocurrency exchanges. Fuze’s solutions can handle the complexities of the blockchain and other regulatory overheads for enterprises, enabling them to offer digital assets like cryptocurrencies, stablecoins, tokenised assets, and central bank digital coins. Reports suggest the MENA region is already the sixth largest, with over $400 billion in blockchain transactions between July 2022 and June 2023. It accounted for over 7.2 per cent of all global transactions. In 2023, the startup announced a seed funding of $14 million, one of the largest for a digital assets’ How Fuze is changing financial infrastructure in the UAE The power of regulated digital assets infrastructure STARTUP By Sindhu V Kashyap M o Ali Yusuf, Arpit Mehta, and Srijan Shetty, each with a strong background in finance and technology, shared a belief in the power of regulated digital assets infrastructure. This belief led them to establish Fuze in December 2023, a fintech startup now a regulated digital assets infrastructure platform in the Middle East and North Africa (MENA) region. The startup helps financial service providers strategise, organise, and implement digital asset infrastructure securely and quickly. It offers digital assets as a service platform that helps banks and other fintechs integrate and embed regulated digital asset products in a B2B2C fashion. It also offers an over-the-counter (OTC) service, supporting institutions and funds in interacting with and conducting larger trades of digital assets. Digital asset infrastructure helps increase the Fuze helps financial service providers implement digital assets feature edge_ june 2024 31 infrastructure startup in the region. Led by Further Ventures, the round saw participation from New York’s Liberty City Ventures. Based out of Abu Dhabi’s Hub71, Fuze, as Yusuf explained, provides clarity for banks and fintechs, enabling accessible infrastructure to unleash digital assets. “We offer a digital-assets-as-a-service platform that enables banks and fintechs to integrate and embed regulated digital assets products in a B2B2C fashion, as well as an Over-The-Counter (OTC) service that supports institutions, funds, and HNIs (high net- worth individuals) to interface and conduct larger trades of digital assets,” said Yusuf. He added that it is a first-of-its-kind, regulated digital assets infrastructure platform in MENA that helps financial services providers strategise, organise, and implement digital assets infrastructure and quickly and securely launch regulated blockchain products. Given the nature of the product, its development stage, and the kind of customers Fuze serves, A/B testing wasn’t a luxury the team had. What works is keeping an eye on the ball and evolving and improving as they grow. “One of our key lessons has been around what truly matters to enterprise customers and the fact that each enterprise operates in completely different ways, so you have to be adaptable to their operational, technology and compliance needs,” explained Yusuf. He added technology in the financial space is only as good as what it enables. Usually, that would mean making things faster, cheaper and/or more secure. “Collaboration is essential to achieving successful implementation. One important facet of finance is that there are deep contextual reasons why some things are done the way they are, even if they seem completely inefficient at first glance. Hence, deeply collaborating and understanding the underlying dynamics is crucial before technology can be judiciously applied in each context,” said Yusuf. It was important for Fuze to ensure they had the right talent and skilled experts to craft the technological infrastructure needed for digital asset adoption. Regulation, too, is important for the evolution of the digital assets industry. Yusuf explained that regulations in such a dynamic sector need the input of the businesses operating in the space to ensure the industry and its operations are safe, secure, legally robust, and economically beneficial. “That’s why we work closely with regulators to help build trust in the ecosystem. Fuze’s growth will come as institutions, banks, and fintechs continue to expand their requirements for digital asset infrastructure better to serve their institutional, professional, and retail customers,” said Yusuf. Technology has played a huge part in transforming finance and banking in the last 10 to 15 years. Many technological changes have been consumer-facing, but now there are seismic shifts in how institutions, banks, and financial services providers integrate technology to enhance their processes. “Thanks to blockchains and associated technologies, we see many more changes coming to the underlying banking and financial plumbing,” Yusuf explained. Fuze is building on its digital assets as a service API product. They are learning from their existing products and building new standalone products for unique products. “For example, we’ve discovered a specific use-case that explains why a section of customers use OTC trading. And, if we can build specifically for that need, it opens up new opportunities for us,” explained Yusuf. The team is also exploring different and new use cases and products, which are only possible thanks to the unique mix of progressive regulations (particularly in the UAE) and a visionary appetite for change in the region. “This is why we believe digital assets have such a powerful role. It is a great privilege to be at the epicentre of financial transformation and to be building the future of finance today,” said Yusuf. “We offer a digital-assets-as-a- service platform that enables banks and fintechs to integrate and embed regulated digital assets products in a B2B2C fashion, as well as an Over-The- Counter (OTC) service” Fuze solutions can handle the complexities of the blockchainfeature 32 edge_ june 2024 Combatting the social engineering seige What can organisations do to protect their employees? CYBERSECURITY By Sindhu V Kashyap edge_ june 2024 33 feature I magine a sophisticated scam so seamless that it tricks a reputable company into losing nearly $60 million in a few days. This is precisely what happened to Chinese plane parts manufacturer FACC in a “CEO fraud scam.” Scammers impersonated high-level executives and manipulated employees into transferring funds. In the aftermath, FACC grappled with the financial loss and became embroiled in legal battles, attempting to hold its CEO and finance chief accountable for their alleged inadequate internal security controls. This dramatic incident underscores a critical truth: cybersecurity is no longer just an IT issue but a business imperative that demands attention at all levels of an organisation. Gartner forecasts that by 2024, CEOs could be personally liable for breaches, highlighting the escalating importance of robust cybersecurity measures. Social engineering, manipulating individuals into divulging confidential information, presents a substantial risk in today’s data-driven world. During the pandemic, many found themselves more vulnerable to such attacks. Madeline Howard from cybersecurity firm Cygenta has highlighted the growing prominence of social engineering risks, underscoring the need for enhanced vigilance. There is a global rise in social engineering scams. Here is what cybersecurity experts believe companies in the Middle East need to do: Implement advanced cybersecurity tools Meriam El Ouazzani, Regional Director, Middle East, Turkey, and Africa, at SentinelOne, highlights the importance of leveraging advanced technologies. “Due to its growing digital infrastructure and economic significance, social engineering attacks increasingly target the Middle East. For example, the UAE experienced 3.4 million phishing attacks in Q2 of 2022, marking a 230 per cent increase from the previous year.” To combat this trend, companies can invest in advanced cybersecurity tools that use artificial intelligence (AI) and machine learning to detect and prevent social engineering attacks in real-time. These tools help identify suspicious patterns and anomalies in communication and user behaviour, enhancing security. El Ouazzani emphasised, “By adopting these technologies, we can stay one step ahead of cybercriminals who continuously evolve their tactics.”34 edge_ june 2024 Build a culture of cybersecurity awareness Ned Baltagi, Managing Director – META at SANS Institute, underscores the importance of cultivating a strong culture of cybersecurity awareness. “Many Middle Eastern companies have begun implementing comprehensive training programmes to educate employees about social engineering tactics such as phishing and pretexting. These programmes are crucial as they empower employees with the knowledge and tools to proactively recognise and respond to cyber threats.” Baltagi further explains, “It’s not just about technology; it’s about creating a mindset where every employee understands their role in cybersecurity. This involves regular training, simulated phishing exercises, and fostering an environment where employees feel comfortable feature The evolution of technology has added new dimensions to social engineering reporting suspicious activities.” By training staff to recognise and respond effectively to social engineering tactics, companies can create a robust human firewall against attacks. This proactive approach is essential in mitigating the risks associated with social engineering. Adopt a multi-layered approach Ram Vaidyanathan, Chief IT Security Evangelist at ManageEngine, outlines a multi-layered approach companies in the MENA region are adopting to tackle social engineering attacks. “First, companies are using next-gen SIEM solutions to monitor their networks. An effective SIEM solution alerts security personnel whenever an anomaly takes place. Each anomaly, taken in context, could indicate a social engineering attack.”edge_ june 2024 35 feature Vaidyanathan also stresses the importance of regular employee training sessions. “Many companies conduct regular training sessions to educate employees about different forms of social engineering attacks, such as phishing. These sessions should include examples of real-world scenarios and best practices for identifying and responding to suspicious requests.” Additionally, Vaidyanathan pointed out the necessity of multi-factor authentication (MFA) and strong identity and access management (IAM) policies. “MFA and IAM policies ensure that only authenticated and authorised users have access to sensitive information, significantly reducing the risk of successful social engineering attacks.” The role of AI in social engineering attacks The evolution of technology, particularly AI, has added new dimensions to social engineering. A notable example is the OKTA hack, where attackers gained access through social engineering, compromising an employee’s laptop. This breach escalated, affecting multiple companies. As the incident illustrates, AI and deep fake technologies are increasingly used to mask identities, making it easier for attackers to deceive victims. Mayuresh Dani, Security Research Manager for the Qualys Threat Research Unit (TRU), elaborates, “With AI and deepfake technology, it has become easier for people to mask their identity and launch these attacks on a much larger scale.” Dani also highlighted the increasing sophistication of social engineering attacks, stating, “There are cases where attackers have used deepfake videos to impersonate executives and trick employees into transferring millions of dollars. The use of AI in these scams makes it harder for individuals to discern authenticity.” This development underscores the urgency for organisations to stay vigilant and adopt advanced security measures to counteract these sophisticated threats. Emphasise proactive cyber practices Bernard Montel, EMEA Technical Director and Security Strategist, emphasised the need for proactive cyber practices. “Regarding cyberattacks, including social engineering hacks, we know that threat actors’ attack methodology is neither advanced nor unique. Attackers see many ways in and multiple paths through environments to do damage and monetise their nefarious efforts.” Montel explains that social engineering attacks often trick someone into divulging information or performing an action that benefits the attacker. “With social engineering, threat actors will focus on ‘tricking’ someone to divulge information or do something that gives the attacker an advantage. That could be disclosing user credentials, downloading a malicious programme, or granting access that provides a toe-hold into the network.” He adds, “Security teams need to be able to map every cloud asset, identity, and risk to identify toxic combinations and attack paths that pose the greatest threat to the business. Protecting everything is soul-destroying, given that it’s practically impossible. By focusing resources on what poses the greatest risk and understanding how attackers chain multiple flaws, security teams can design more complete strategies that expose where they’re most at risk and close the priority gaps to protect against attacks.” Respond swiftly to incidents Roman Flepp, Marketing Director and Member of the Board at Threema, discusses the impact of social engineering on organisations and the necessary responses. “Humans are the weakest link in the security chain of organisations, and social engineering exploits human error to gain private information or access to IT systems.” Flepp advised organisations to react swiftly to such incidents by isolating affected systems to prevent further damage. “Organisations should feature 36 edge_ june 2024 Enhance employee training and vigilance Flepp also emphasised the importance of ongoing and comprehensive employee training. “Regular training sessions are far more effective than one-time events and allow for the inclusion of the latest social engineering techniques and trends. Up-to-date, real-world examples help employees recognise and respond to potential threats.” In addition to training, companies are implementing robust authentication protocols, including multi-factor authentication (MFA), to add an extra layer of security. Access controls and privilege management ensure that employees have only the minimum necessary access to systems and data required for their roles, reducing the risk of successful social engineering attacks. Collaborative efforts and information sharing Companies in the Middle East are also prioritising collaboration and information sharing among themselves, government agencies, and cybersecurity experts. By sharing threat intelligence and best practices, stakeholders can collectively strengthen the region’s cybersecurity defences and minimise the impact of social engineering attacks. El Ouazzani noted, “The collaboration within the cybersecurity community in the region has been noteworthy. Events like the GISEC Global 2024 in Dubai have facilitated vital knowledge-sharing and collaboration platforms. Here, cybersecurity leaders from various sectors convene to discuss best practices and innovative strategies to bolster cyber resilience across the region.” The Middle East is making significant strides in combating social engineering attacks through advanced technological solutions, employee training, and proactive cybersecurity practices. By fostering a culture of cybersecurity awareness and collaborating within the cybersecurity community, companies in the region are better equipped to protect their digital assets and maintain robust defences against evolving cyber threats. Commitment to continuous improvement and adaptation will be essential as cybersecurity threats evolve. The lessons learned, and strategies implemented in the Middle East serve as a valuable blueprint for organisations worldwide, emphasising that a comprehensive and collaborative approach is crucial in the fight against social engineering threats. be able to rely on established protocols that ensure employees report incidents immediately to a designated security team. Once an incident is identified, it must be investigated and accurately assessed.” Flepp added, “Notification is a crucial step. Apart from regulatory bodies, stakeholders, employees, customers, and partners must be informed with details about the damage and the steps that are being taken to mitigate it. Finally, the identified security gaps should, of course, be closed as quickly as possible. The recovery phase also includes resetting passwords, enhancing security protocols, and providing additional employee training.” Organisations should be able to rely on established protocols edge_ june 2024 37 AI and Cloud take centre stage at Salesforce World Tour Essentials Dubai The event highlighted the company’s commitment to driving digital transformation AI By Sindhu V Kashyap A t the Salesforce World Tour Essential in Dubai, Salesforce showcased the transformative power of its latest AI and cloud-based solutions to over 2,000 attendees. The event highlighted Salesforce’s commitment to the Middle East, focusing on technology’s role in creating tech talent pipelines and driving AI and digital transformation in the region. According to IDC, Salesforce and its partner ecosystem, powered by AI-driven cloud solutions, are expected to generate $5.1 billion in new business from 2022 to 2028 and create 21,800 jobs in the UAE through AI-powered cloud solutions by 2028. Notably, Salesforce’s Middle Eastern partner ecosystem grew by 29 per cent in FY24, with a significant 35 per cent increase in certifications and 29 per cent more consultants. These partners play a crucial role in enhancing employee productivity and transforming customer experiences with real- time insights. “Every CEO I speak to knows they need to invest in AI to fuel growth and strengthen customer relationships. At Salesforce, we’re excited about the strides our customers and partners in the Middle East are taking to succeed in AI. World Tour Essentials Dubai is the perfect showcase of the region’s potential as a centre of innovation,” said Lori Steele, President and CRO of Salesforce EMEA. Thierry Nicault, Salesforce’s Area Vice President for the Middle East, emphasised the need for businesses to leverage technology and data to meet growing customer and stakeholder expectations. He highlighted Salesforce World Tour Essentials Dubai’s role in demonstrating how AI and digital tools can raise productivity, improve visibility, and transform operations. By embracing AI, public and private sector organisations can seize growth opportunities and contribute to economic diversification. During the event, several businesses from diverse sectors, including government, retail, real estate, energy, and banking, shared their success stories. These businesses, such as Saudi retail giant Cenomi and Abu Dhabi National Exhibition Centre, discussed their digital transformation journeys, showcasing the real- world impact of Salesforce solutions like Data Cloud and the Einstein 1 Platform. Salesforce’s Data Cloud unifies all company data on the Einstein 1 Platform, providing a 360-degree view of every customer to drive automation, analytics, and personalised engagement. The Einstein 1 Platform integrates Salesforce’s suite of applications across sales, service, marketing, e-commerce, and more, enabling businesses to boost productivity, build deeper customer relationships, and increase margins by seamlessly combining generative AI, data management, and CRM capabilities. Delivered through a partnership with Amazon Web Services (AWS), Hyperforce represents a significant advancement for Salesforce, enabling new data storage and security options crucial for regulated industries. feature 38 edge_ june 2024 smartbuys The ultimate IT upgrade How NetApp’s new AFF A-Series is changing the game CLOUD By Sindhu V Kashyap edge_ june 2024 39 smartbuys I n the ever-evolving world of information technology, enterprises face the formidable challenge of managing hybrid cloud environments and distributed applications while striving to accelerate modern workloads. The pressure to stay ahead in this competitive landscape has never been greater. Enter NetApp’s AFF A-Series systems, designed to be the backbone of the most demanding IT workloads, from genAI to VMware and enterprise databases. These systems promise to meet and exceed the needs of today’s data-driven enterprises. Walid Issa, Senior Manager for Pre-Sales and Solutions Engineering for MENA and East Europe at NetApp, offers an exclusive glimpse into the cutting-edge innovations that define these systems. “Our AFF A-Series systems are built to transform how businesses handle their most critical data operations,” said Issa. “We’ve harnessed the power of advanced technology and integrated feedback from our customers to deliver a solution ready for the future.” NetApp’s unified data storage technology is a critical innovation in addressing these needs. This technology is central to the functionality of the new AFF A-Series systems. It allows customers to run data and app workloads seamlessly across on-premises and cloud environments. This operation is achieved through a single OS, NetApp ONTAP, which is the foundation for the entire system. The unified, AIOps-driven NetApp BlueXP control plane further simplifies management, ensuring that organisations can maintain smooth operations across diverse IT environments with minimal effort. “The ability to manage all data types and workloads from a single platform is a game-changer,” said Issa. “It streamlines operations and reduces the complexity of hybrid environments. This is exactly what our customers have been asking for.” The latest additions to the NetApp AFF NetApp AFF A-Series include AFF A70, A90, and A1K Walid Issa, Senior Manager, Pre-Sales and Solutions Engineering MENA and East Europe, NetAppNext >