ANGLE OF ACTION

0

Updated : February 2, 2015 0:0  ,Dubai
By Editor

img1Information Security solutions vendor Paladion is betting big on the Middle East, with major investments in the region that has seen more than its fair share of online threats. CEO Rajat Mohanty and Firosh Ummer, Managing Director, MEA, discuss this regional strategy 

There’s a lot more awareness and concern today in the Middle East of online threats. What is driving this renewed vigilance?

RM: The security situation has changed considerably in the Middle East in recent years and the conversation around online security has shifted sharply. This is primarily driven by a few factors chief among them a rise in the number of attacks on targets in the Middle East coming courtesy of state actors as well as organized hacking groups. There have also been a lot of threats targeting financial transactions and institutions. Subsequently, there has also been a lot more awareness and education on the threat landscape and the vulnerabilities that exist. A lot of this awareness is driven by vendors like Paladion with the message targeted not just at CIOs, but at business owners as well.

FU: In the last few years, there have been several hacking incidents in the region, some politically motivated and targeting critical infrastructure like oil & gas. There have also been several attacks on ME financial institutions. The region is currently at the centre of global attention as a result of the awarding of Expo 2020 to Dubai as well as football World Cup in Qatar. That interest however also tends to attract unwanted attention from hackers. In addition, an increasing number of people are simply getting online whether to access public or private resources online. There are risks associated with that-now you have application issues, infrastructure protection concerns etc. These are the priorities for a lot of organizations here.

How does Paladion handle these threats that is different from the norm

RM: Our focus is to help companies build internal capabilities to defend themselves. We do not simply sell tools to be installed by organizations and then leave them to fend for themselves. That will not build the capability organizations need to effectively defend themselves. This type of capability comes when you know how to use those tools and the process around it, then having the requisite people skills for it and finally having in place a long term programme to continuously harness those resources. Thus, as a company, we provide the managed security solution which we either build for the customer or offer it remotely via the cloud. At the end of the day, wherever there’s a problem organizations want to solve, our objective is to put together a holistic way to solve the problem. We work with multiple parties to bring the right technology, but our focus remains to help the customer get the capability to defend against threats. Whether organizations have been attacked or not, they need to have the capability to prevent any kind of attack.

Discuss how you offer your managed security solution and how this is a better delivery model for Paladion solutions

FU: We want to be recognized as a one-stop-shop for Managed Security services. We make sure that our customers’ security preparedness is intact to protect them from known and emerging threats. Paladion Managed Security offering is delivered in co-source and in-source models. It is delivered with a mix of both the onsite and off-site teams that leverage existing investment in security technologies at the customer premises. For management of risks, Paladion brings in its repository of risk and controls, security tools and automated processes. Managed Security services are offered in a modular manner with the following components-Managed Governance, Risk and Compliance; Managed Security Operation Centre; Managed Testing and Assurance and; Managed Identity and Access.

RM: We are also in the process of launching a cloud product for our managed security for which we will be going primarily through our reseller partners. For large enterprises, we go with one-to-one deals.

Discuss Paladion’s market strategy for the MEA region and the importance of the region to company’s bottom-line

RM: The Middle East is one of the most potential markets in the world right now. We are thus making a lot of investments here. We seek to set-up a Security Operations Centre here in Dubai. Like aforementioned, we are setting up the cloud operations where we will be working with resellers and value added service providers in the region. We are also increasing our people here having doubled the workforce here in the Middle East in the last year. The industry is expected to grow at between 20-23% YoY while Paladion as a company has set up aggressive targets for us by increasing our investments. We want to see ourselves growing much more than the market average.

FU: Paladion’s strategy in the Middle East is to consolidate more of the existing markets like UAE, Saudi and Qatar by bringing more capabilities like the local monitoring centre we are in the process of setting up. The second front is to expand into the African market. We already have ongoing projects in Kenya, Nigeria and South Africa. So the strategy moving forward is to consolidate where we are stronger, bring more capabilities and take a market leadership position at the same time. We will work on the partnership model in new markets to learn about markets before we venture directly into these markets.

Discuss future offerings from Paladion and expected impact in the market

RM: Apart from the Cloud-managed security, we are implementing security intelligence solutions using machine learning to understand how security performs in real time. For a typical organization that has set up multiple security products in their environment that are producing a lot of data, it’s not feasible to have teams of people sitting and analysing the same. The solution is having machines that can do the analysing for them. So we are bringing a solution that is based on machine-learning to understand security and provide action-level intelligence.