How would you rate the maturity of the cybersecurity sector in the UAE and the wider region?
Cybersecurity is a nascent sector in the Middle East, and the discourse around it is still in the making. I would dissect the question of its maturity along three layers: framing the discussion, formulating sound strategies, and executing them effectively. In the UAE, the consideration of cybersecurity is starting to take root in policy and strategy development, with the first federal strategy emerging in 2010. Anchoring the discussion on cybersecurity within the most senior circles of government and business is crucial. In terms of strategy readiness, I would qualify it as a work in progress. This is not specific only to the UAE, but something we see around the world. The reason is two-fold. Cybersecurity is a developing field, but on top of that, it is a field whose technologies, practices, and implications move at a speed unseen in other sectors. Discussions about strategy need to be well-crafted, and we need to know we have a handle on the cybersecurity agenda, both in the public and private sectors; only then can sound policies be made. After that, we come to the third layer, which is the need to make sure policy is executed clearly, with the right checks and balances in place. What we are observing around the world is that in countries with a higher cybersecurity threat level, there is an incentive to take on a more advanced stance. The UAE is in this group. The country has been a formidable and progressive socioeconomic platform in a region where geopolitical tensions are prevalent. Therefore, the UAE needs to have a robust stance from a cybersecurity standpoint, to defend both the nation and its private institutions. With the right policy and execution, we can have the peace of mind that there will be business continuity. What is rewarding is to see that the issue is taking center-stage on the agenda of policy-makers, and I would say that the UAE is more advanced than other nations.
Societies are increasingly centralizing their data. Why is that important?
The discipline of applied analytics tells us that the bigger the dataset, the more useful it is going to be. If, for example, I want to determine the best way to develop and drive investment to a city, or to maximize livability, I need to be able to access data related to different sectors to see where transformation is required. In the end, the most efficient way to do this is to federate the data. Whether you are a CEO or a president, your number-one responsibility is to make informed decisions. By design, or by accident, data will increasingly have to be federated and made available on platforms accessible to both the public and private sectors. The key is to ensure proper checks and balances, because the last thing you want is to make the data totally transparent and exposed to manipulation. DarkMatter was created with the view that although there is a lot the government can do from a digitalization and cybersecurity standpoint, there has to be a contribution from the private sector as well.
What is the most important thing to keep in mind for companies looking to enter the UAE market and stay resilient?
Companies coming to the UAE are entering an economy that is highly digitalized. They need to come in prepared to enter such an ecosystem. The bar is already high, so they cannot come in with the traditional ways of doing things. They have to have the cybersecurity checks and balances in place, and they need to connect with the relevant agencies. You need to develop an understanding of the different players in the ecosystem and know that no one entity has the silver bullet.