What role does Hemaya play in Oman's digital transformation, and what are your priorities for 2020?
Hemaya started as a non-profit with the goal of educating the public and private sectors, as well as schools, on information security. Eventually, we registered as a private company in 2015, offering beginner classes for students and employees and courses for IT professionals, as well as CEOs. We mostly focused on explaining how hackers could take advantage of users in a way that the public can understand. In 2017, we moved from being a non-profit to a for-profit business, stepping up to fill the gap in the market by providing cybersecurity consultancy. Word of mouth helped us get noticed, and, in 2018, Ooredoo signed an agreement with us to provide business-to-business information security services to their clients. Today, even the most important customers are not aware of the requirements for cybersecurity. Players are overspending because they are unable to evaluate their actual requirements and because they are misusing the protection measures that they purchased. As for our priorities, on the back of 55% YoY growth in 2019, we expect even faster growth in 2020. We are much closer to our target customers, including ministries and private companies. We also see a lack of awareness in the industry sector, where issues are rising. There is a link between operational solutions and business solutions, and this link needs to be protected to avoid interference with operations.
What is the best strategy to increase organizations' security systems in Oman and strike a balance between reducing vulnerabilities and minimizing the consequences of cybercrime?
There needs to be an equal focus on both areas. This is where we provide our business risk assessment service, which includes everything from preventing attacks to mitigation. This is difficult because board members want to see numbers to understand. We have had to change the discourse from technical to financial. However, globally, awareness around the need of cyber solutions is increasing in company leaders. They are hearing about attacks elsewhere on similar businesses, and the concern is there. Leaders are now asking for meetings and risk assessments.