Yazeed AlMaso, Regional sales manager at META, NGINX at F5, elaborates on the adaptive application landscape.
What does the adaptive application landscape in UAE look like?
There are different sectors when it comes to technology adoption, usually, some sectors are faster than others. Mostly, the government sector would be the last one to adapt. This is mostly because, in any government offerings, there is no competition between organisations for us as end-user. People have to use it regardless. For industries like BFSI, e-commerce or service providers, there is a competitive edge that needs to be gained to get a position in the market. They need to adapt fast.
Surprisingly, in the UAE, the government is going head to head with the private sector. This is because of the wise leadership and the initiatives that started half a decade before the pandemic by HE Sheikh Mohammed Bin Rashid Al Maktoum. In 2013, the paperless initiative was released where everything had to be moved to digital. UAE was prepared for the pandemic, it seems like someone knew it was going to happen. It was the vision that this is the route the world is going to be. From our experience, the UAE is one of the countries where both the private and public sectors are adapting to the new methodology of the adaptive application landscape.
What are the security factors associated with adaptive applications?
Two factors need to be considered in security. First is, security acts as a roadblock to progress. But, on the other hand, security is also a key component that needs to be considered.
There is a mismatch in the speed between the business and the application development and operations. When the business wishes to move fast to hold a competitive position, the security is more conservative and ensures everything is secure. Security ensures safety as one breach can kill the company’s reputation. For example, people will shy away from going to a bank that was once breached and customers lost their money.
To this moment, there is a distinction between security and business. The solution to this situation that is in the light is Devops, with which business can run at speed and processes can be automated. Also, as a proactive approach, security should be considered while building an application itself as opposed to it being the last step.
What percentage of application development funds should be allotted for security?
Funding varies from industry to industry. In the case of a financial institution, the security needs to be 80-90%. But, in a website or a government entity, that offers only data that is not classified, the security can be less. Security factor mainly depends on the online service offering.
In some of the financial institutions, we have seen high importance being placed on security, while on the other hand, we have also witnessed certain companies outsourcing their entire cybersecurity needs to a third party.
How to keep safe from manual attack?
Education is key. User needs to be able to understand the risk they are putting themselves and their organisations in. It should be the norm to not accept and open files from unknown sources. Studies show that mostly the attack is initiated from within the organisation. This is mainly due to data leakage or phishing emails. Even we, a security company, has received emails that look internal but isn’t. To ensure awareness, in every single quarter, we have training sessions on the cyberattack trends and how to navigate them.
Another important factor is for organisations to consider security practices. UAE is one of the leaders in that but we’ve seen other countries in the region that this is still lagging, which will put organisations and users at risk. These practices need to be deployed to keep alert.
The last important factor is to utilise the technologies available. Today, the IT industry is full of solutions that can help organisations to help protect their data. F5 is one of those providers.