Category: Guest Article

The internet of things has transformed the healthcare sector, allowing practitioners to easily share information and deliver personalised treatments. Yet many experts in the security industry believe that of all the industries facing serious cyber threats, healthcare is possibly the most at risk. That’s because relatively speaking, healthcare organisations are still behind when it comes to security defences.

It’s also well-documented that external attackers have set their sights on protected health information (PHI). The value of medical records on the black market is at least 10X higher than credit card data. Why? PHI contains more personal data points and cannot just be reissued in the event of a problem. Bank account details and passwords can be changed following a breach; but information about allergies, disabilities, mental health or hereditary conditions, can’t. So, securing this data and a healthcare institution from these calculated threats should be a top priority.

The nature of healthcare, requires that organisations within this sector keep highly sensitive patient data on file. Doctors need to have this information to make informed decisions about patients, and the ability to easily share this information within a healthcare network, has resulted in significant advancements in the way patients are treated. Personal and medical details are also used by staff who handle post care activities, from post-op follow-up to billing. This reduces the admin involved and makes it a far more efficient experience for patients.

However, housing this kind of personal information poses a severe risk. Without the right security in place, this data is left exposed to external threats, as malicious actors use targeted threats to infiltrate networks. But when you’re dealing with something as important as people’s lives, it’s not enough to only have security in place, the continuity of services is vital. Take the WannaCry ransomware outbreak earlier this year for example, where entire hospitals in the U.K. were shut down.

Healthcare institutions therefore need to have a cyber resilience strategy in place. This will help them defend against threats such as ransomware, allow continuous access to critical applications and information during an attack and provide the ability to recover data to the last known workable state, after a threat is neutralised.

But it even goes beyond external threats. Equally important is making sure the organisation is insulated from mistakes by both well-meaning employees and malicious insiders. Busy staff members are bound to make mistakes regarding PHI. With the ubiquity of email, it’s not uncommon to find a breach where employees accidentally (or carelessly) attached a spreadsheet or document containing PHI. A mistake like this could result in personal harm or defamation and will have severe implications for healthcare professionals in countries that have data protection laws in place.

To prevent brand damage, fines, and audits, healthcare organisations must actively seek to identify and prevent PHI from leaving the organisation without the proper safeguards in place. However, this can be a monumental task without the right technology. For email, Mimecast recently introduced data loss prevention (DLP) capabilities that can help address this challenge. Healthcare organisations can scan, identify and take action on emails containing PHI. These actions include holding the message for review, encrypting the content, applying secure messaging between parties, converting the files and more. As part of the service, Mimecast can notify the sender, recipient, and administrator of a message flagged as containing PHI.

Ensuring that PHI does not leave the organisation without the proper encryption and safeguards is just as essential as securing against external attackers. Healthcare is the only industry where employees are the predominant threat of a breach.

The healthcare sector is at major risk. The time is now for them to rethink cyber security and implement strategies that make them resilient and prepared for both internal and external threats.

Artificial intelligence is when a machine mimics functions that human do such as sensing and learning, reason and infer, deciding and acting. As a technology, artificial intelligence can support use case such as chatbots, detecting fraud, cognitive document automation and others.

As an example, Danske Bank, is using artificial intelligence to detect fraud incidents such as fake invoice and identity theft amongst others. Before the development of artificial intelligence, Danske Bank had many false positives. With artificial intelligence Danske Bank has been able to reduce false positive by 60% as well as increase accuracy in fraud detection. This is helping them save millions as well as increase efficiency of the fraud detection service.

Hard line

So where is the hard line between what is artificial intelligence and what it is not? Techniques which use brute-force or rule-checking and do not mimic human thinking are not artificial intelligence.

As an example, fraud detection applications can be built by configuring all possible frauds that have occurred in past and checking against this list. This is not artificial intelligence as you are not letting machines think, but instead just using check rules. Since fraudsters always find a new way of making fraud, you will not be able to detect emerging and new kind of fraud incidents.

Moving further along these lines, it is important to understand the current state of artificial intelligence, which is that it can mimic the human brain, but not completely. We are still far from the situation where artificial intelligence can think exactly as a human being. At present artificial intelligence is used to automate specific tasks done by human. Those industries where highly specific human tasks can be automated will soon be impacted by future developments in artificial intelligence.

Changing roles

Key industries which will be impacted are in information technology, telecommunications, consumer services, financial services, manufacturing and production. Industries where there is a lot less human activity, such as education, media and entertainment, sports, construction and property will be less impacted in the short term, but impacted later on in the medium and long term.

While advancements in artificial intelligence will replace some specific tasks done by humans, it will also create new opportunities of redefining job roles. One such role is the Chief Artificial Intelligence Officer. This is a senior executive responsible for artificial intelligence strategy and implementation in an enterprise. But compared to the Chief Data Officer, this role will also include the human challenge of redefining job descriptions in conjunction with human resources, as advancements in artificial intelligence progress into the enterprise.

Another role is the Citizen Data-Scientist. Gartner defines a citizen data scientist as a person who creates or generates models that uses advanced diagnostic analytics but whose primary job function is outside the field of statistics and analytics. As there will be more demand for artificial intelligence, the demand-supply gap for data-scientists will increase. This will move traditional workloads of data-science work to the citizen data scientist, while the expert data scientist will increasingly be focused on artificial intelligence.

Enterprise adoption

Based on a recent survey made by Teradata, almost all respondents 91%, anticipate significant barriers to adoption. The majority predict roadblocks due to lack of IT infrastructure 40%, followed by a lack of in-house talent 34%. Just as many, 33%, claim that artificial intelligence technology available today is too unproven and nascent, while 30% yearn for more budget. However, skepticism is lower in other areas — only 19% are concerned that artificial intelligence has a weak business case, and only 20% worry about the impact of artificial intelligence and automation on jobs and employee morale.

Companies will overcome these barriers with more executive-level awareness and an enterprise-wide strategy for artificial intelligence implementation and use. This is ushering in a shift within the C-suite: Today, artificial intelligence strategy is typically under the scope of a CIO or CTO, but, in the near future, the majority of businesses surveyed plan to install a dedicated Chief Artificial Intelligence Officer to lead the effort.

Use cases

Various government have already started to work on artificial intelligence strategies for countries and cities. Artificial intelligence has many potential advantages for cities, like the implementation of 100% driver-less cars, no traffic congestions, smart building, and so on. But this will also mean a lot of changes to many of the conventional assets within a city. For example, do we need traffic lights when all the traffic is regulated by artificial intelligence. So, one possible future scenario is, completely new cities will be created which are designed based on an artificial intelligence framework and strategy

Artificial intelligence is fast-coming into the enterprise. Businesses, which do not have an artificial intelligence strategy will soon see themselves disappearing. We will also see artificial intelligence being integrated into hardware, such as robots and drones. This will enable various new applications such as robot salesperson or robot interviewers and intelligent logistics. The transformation is just beginning.

Security threats have never had more public awareness than they do currently. 2017 saw major events such as Wannacry galvanise the public’s attention and affect organisations all around the world. In 2018, security breaches will continue to hit the headlines and influence businesses into reviewing their data protection. And of course, GDPR will be a major factor in promoting sales of security solutions.

The reality is that security will continue to be a high growth area for the channel. In a market which is already overcrowded with solutions, 2018 will bring great opportunities for resellers to build on their position as trusted advisors and guide clients through what may seem like a worrying and confusing scenario.

1. Security blossoms in the boardroom

Sadly, security breaches will continue to be a regular occurrence in 2018 and organisations will struggle to deal with them. New security challenges will abound and these will grab attention in the boardroom. Senior management is increasingly focusing on security issues and recognising them as a core business risk, rather than the responsibility of the IT department alone. The coming year will see further commitment from the boardroom to ensure that organisations are protected.

2. Ransomware has not gone away

Too much money is being made from ransomware for it to disappear – it won’t.  Companies can help prevent ransomware by tracking everything coming in and out of the network and running AV solutions with anti- ransomware protection. And, of course, you should do regular backups to a structured plan, based around your own business requirements – and make sure you test the plans.

3. IoT – a security time-bomb

IoT is a major threat and possibly the biggest threat to businesses in the coming years. Unfortunately, it is not easy, and in some cases impossible, to bolt on security as an afterthought with IoT, and many organisations will find it challenging to deal with the consequences of such breaches.   As IoT cascades through organisations’ infrastructures, it is likely to become the ultimate Trojan horse.

4. More from the Shadow Brokers

The Shadow Brokers, a hacker group which stole hacking tools from the American National Security Agency (NSA), created havoc in 2017 with the Wannacry ransomware episode. The group has already stated that it will soon release newer NSA hacking tools, with targets that might include vulnerabilities in Windows 10.

There will certainly be further episodes from them in 2018, so patch management, security and regular backups will be more crucial than ever. A major target of these hackers is the data that organisations hold, including PII (Personally Identifiable Information) and corporate data, so protecting the data ‘crown jewels’ inside the network will become ever more crucial.

5. GDPR – have most businesses missed the point?

The arrival of GDPR in May 2018 will, of course, be a big story. However, many organisations are missing the main point about GDPR. It is about identifying, protecting and managing PII – any information that could potentially identify a specific individual. This will become more important in 2018 and there will be considerable focus on identifying, securing and, where required, deleting PII held on networks.

6. GDPR Blackmail – the new ransomware?

Unfortunately, GDPR will give a great opportunity to criminals, hackers, disgruntled staff and anyone who might want to do an organisation harm. They simply have to ask you to identify what data you hold on them, ask for it to be erased, and ask for proof that it has been done. If you can’t comply, they can threaten to go public – exposing you to the risk of huge fines – unless you pay them money. Watch out for that one!

7. DDoS on the rise

The dangers of DDoS for smaller companies are that it will leave them unable to do business. For larger organisations, DDoS attacks can overwhelm systems. Remember that DDoS is significantly under-reported, as no-one wants to admit they have been under attack!

8. Cloud insecurity – it’s up to you

Problems with cloud insecurity will continue to grow in 2018 as users put more and more data on the cloud, without, in many cases, properly working out how to secure it. It is not the cloud providers’ responsibility to secure the information – it is down to the user. With the introduction of GDPR in 2018, it will be even more important to ensure that PII stored in the cloud is properly protected. Failure to do so could bring serious financial consequences.

9. The insider threat

Historically, insider threats have been underestimated, yet they were still a primary cause of security incidents in 2017. The causes may be malicious actions by staff or simply poor staff cyber-hygiene – i.e. staff not using the appropriate behaviour required to ensure online “health.” In 2018, there will be growth in cyber education, coupled with more testing, measuring and monitoring of staff behaviour. This increasingly involves training and automated testing, such as simulated phishing and social engineering attacks.

10. Time to ditch those simple passwords

In 2018, simple passwords will be even more highlighted as an insecure ‘secure’ method of access. Once a password is compromised, then all other sites with that same user password are also vulnerable. As staff often use the same passwords for business as they use personally, businesses are left vulnerable. While complex passwords do have a superficial attraction, there are many challenges around that approach and multi-factor authentication is a vastly superior method of access.

We live in a world that is networked together, where companies rely on networked systems and their data is stored in the cloud. The year 2018 will bring more connectivity, digital transformation initiatives, and data to companies, along with a number of new cybersecurity threats and landscape changes making cybersecurity one of the most crucial issues that need to be addressed in the present scenario. Below are my cybersecurity predictions that I believe will continue to impact the technology industry in 2018.

1. Shift in focus from protection to prevention

An ounce of prevention is worth a pound of cure, so the saying goes. By focusing on more proactive and offensive approaches, rather than strictly defensive, that help detect and respond to possible threats rather than react, it is possible to stop threats before they expose the organization to risk. Your security setup will need to focus on detection, response, and remediation. That’s where the cybersecurity fight is today. In the future it will most likely move to prediction of what’s coming before anything happens.

2. More IoT attacks will be motivated by financial gain than chaos

Internet of Things (IoT) will move from being seen as a massive security risk in the enterprise, to a critical part of an Enterprise’s security posture. To meet the security challenges of the IoT—an attack surface that is both growing rapidly and becoming increasingly difficult to monitor and manage, a proactive and dynamic approach to security, and a layered defense strategy, are the keys to protecting IoT devices from infection and attack—or at least, mitigating the impact when some are inevitably compromised by adversaries.

3. Continued growth in the use of ransomware and cyber-extortion tools

Unfortunately, ransomware attacks will almost certainly become more pervasive and varied during 2018. Some attacks will adhere to the brute-force model of infect, lock and extort, while others will be more sophisticated. Evolutions in ransomware, such as the growth of Ransomware-as-a-Service, will make it easier for criminals, regardless of skill set, to carry out these attacks. It turns out that ransomware generated a lot of cash for criminals, an estimated $1 billion in 2016.  In the future, ransomware will not merely target individual users, but also target entire networks. Given that ransomware can penetrate organizations in multiple ways, reducing the risk of ransomware infections requires a portfolio-based approach, rather than a single product. Often, victims of ransomware choose to pay the ransom, because they have no other means by which to restore their systems and data. Don’t pay the ransom. Create strong plans for system and data recovery as soon as possible, including backing up all systems daily.

4. Many enterprises will give priority to cloud security

More applications and servers are moving to the cloud to take advantage of cost savings, scalability, and accessibility. As a result of this, cloud environments will be a potential target of security breaches. Cloud is a journey and cloud security must be a driver, not an afterthought. According to the Cisco 2017 Midyear Cybersecurity Report hackers recognise that they can infiltrate connected systems faster by breaching cloud systems and we expect more problems related to cloud security arise in 2018. Cloud computing security is best executed in a phased approach matching the value of the cloud workload to the bad guys’ motivation.  When it comes to cloud, security experts will need to decide who they can trust and who they can’t and enterprises will need to develop security guidelines for private and public cloud use and utilize a cloud decision model to apply limitations to cloud risks.

5. Increased automation in cybersecurity response

Humans are incapable of keeping up with the sheer volume of incoming threats, but their ability to make quick and highly-impactful decisions to manually address such an attack is equally inefficient. As our industry faces a talent crisis, automation, machine learning and AI will be critical in ensuring protection, becoming a powerful and effective component of cyber security incident response. Attaining full visibility into networks is key to stopping hackers, or machines, in their tracks and machine learning can help here by understanding the behaviour of devices, including IoT devices, on the network and identifying ‘soft spots’ on the network that are just waiting to be breached. In 2018 machine learning and artificial intelligence will undoubtedly be integral to the future the cybersecurity landscape.

The bottom line is that there is no silver bullet. We are facing a new frontier of innovation and can only seize the opportunity if security capabilities are built to support new ventures. We need more trained professionals, as well as smarter tools that make cybersecurity more effective – for both businesses and their consumers. Cybersecurity is our shared responsibility. Because we all have a say in our business and technology, we must also view security as an inherently essential part of our organization’s purpose and strategy.

Ransomware is today the number one cyber threat to businesses. Since cyberextortion first appeared in 1989 as “PC Cyborg,” it has grown, evolved, and come into widespread use among hackers—and in 2017 it has fully come of age. Hundreds of new variations have sprung up this year. Ransomware is a relatively brazen attack where a malware infection is used to seize data by encrypting it, and then payment is demanded for the decryption key. There has been a seismic shift in the ransomware threat, expanding from a few actors pulling off limited, small-dollar heists targeting consumers to industrial-scale, big-money attacks on all sizes and manner of organizations, including major enterprises.

It’s not always about the money though. Some ransomware is not designed primarily to make you pay up, but instead to disrupt operations or wipe data from computer systems.

The Role of DNS in Ransomware Attacks

DNS is the address book of the Internet, translating domain names such as www.google.com into machine-readable Internet Protocol (IP) addresses such as 74.125.20.106. Because DNS is required for almost all Internet connections, cybercriminals are constantly creating new domains and subdomains to unleash a variety of threats including exploit kits, phishing, and distributed denial of service (DDoS) attacks.

Most modern malware used in a ransomware attack, uses DNS at one or more stages of the cyber kill chain. DNS may be used during the reconnaissance phase when it is a targeted attack. It is used in the delivery phase as potential victims unknowingly make DNS queries for IP address involved in the attack. It will also be used in the email delivery process when the ransomware propagates via spam campaigns. Likewise, the exploitation phase may involve DNS queries when the victim’s system is compromised and infected. DNS is frequently used when an infected system checks in with the command and control (C&C) infrastructure. Given that DNS plays such an important role in the ransomware kill chain, it becomes a crucial control plane to prevent, identify, and detect such attacks and resolve them faster.

Organizations in the Middle East can stop Ransomware with the following 10 essentials:

1. Watch your Back – Always backup your essential data.
2. Stay Current – Prioritize and apply the latest security updates and patches.
3. Segment for Safety – Limit spread of ransomware with network segmentation.
4. Get the Word Out – Train employees in safe email and Microsoft macros best practices.
5. Implement DNS Response Policy Zone (RPZ) – enforcement to prevent data exfiltration and block DNS communications with malicious sites and command and control servers.
6. Monitor DNS Requests – to identify suspicious DNS activity and to detect “kill switch” domains that can be used to disable some types of ransomware attacks (e.g., by redirecting requests to internal “sinkholes”).
7. Improve Visibility and Discovery – with tools that can detect unauthorized or compromised devices and virtual machines anywhere on your network so you can automatically block their access and ensure compliance.
8. Use Data from DNS, DHCP and IP Address Management – to gain valuable insights that help you see ransomware attacks in context so you can better understand risk and prioritize remediation.
9. Harness Threat Intelligence – consolidated, curated, and updated—to detect, prioritize, and anticipate evolving threats.
10. Integrate Security Response – to accelerate remediation by sharing threat data, malicious events, and context across entire security ecosystem including endpoint security, NAC, SIEM and other technologies.

The security threats and breaches of 2017 have set astounding new records for personal data invasion. From WannaCry to Petya, the list of sophisticated and far-reaching breaches grows almost daily. In 2017, breaches impacted hundreds of millions of people globally.

The security mission to protect, detect, and respond, has remained the same for everything from IT networks and data storage to payment systems and IoT devices. In the past ten years, a tremendous wave of technology innovation has been developed to help us protect and detect. Yet, the most neglected area of security is the part we can control – our response. Without question, the velocity and complexity of the attacks will continue in 2018. The question is, will security operations be able to fine-tune their responses to meet the ever-increasing volume and sophistication of these challenges?

Prediction 1: Security “Haves” and “Have-nots” emerge

Security teams struggle to quickly determine whether incidents are worth a response. Many organizations use dozens of security tools that create and funnel massive volumes of signal onto the desk of the security professional. Analysts use spreadsheets and email to manage reacting to this signal, and the sheer volume of alerts results in analysts spending too much time researching incidents.

In 2018, we will see security Haves and Have-nots emerge between those that begin to automate this research portion of security response and those that don’t. Companies with the tools and culture to embrace automation, and put technology to work for real business enablement, will perform better than those that don’t.

The Haves will be expected to report on security operations as a key part of their day-to-day business. They will have scalable processes in place and will be in a position to measure progress. Automation will help them better determine which systems to patch and when. They will respond to phishing attacks in minutes rather than days. For the Haves, this will be a point of pride.

The beauty for the Haves is that their security people will be freed from mundane and time-consuming manual research. They will have more time to focus on strategic projects that fortify the organization. This new approach extends beyond security. Automation is so effective it becomes a rising tide that lifts all ships, operating in virtually all areas of business.

Prediction 2: Security gains a seat in the boardroom

In the coming year, we will see CISOs do more to present their security concepts and programs in business terms. Talking about securing data is one thing, but demonstrating the value that security offers the business is something else. This will eventually apply to every aspect of the business, but most immediately applies to regulatory compliance, potential lost revenue, customer relationships, legal liability, competition, intellectual property, stockholder loyalty and brand protection.

The boardroom needs to take a step toward security, and security operations needs to take two steps toward the boardroom. Bridging the knowledge gap between security leadership and the board provides the framework to ensure effective security by helping all parties assess the risks and decide how to mitigate them.

Prediction 3: A breach enters our physical lives

There is a difference between information and physical security. The breaches that plague organizations today are primarily information security violations. While painful, having credit card information, a social security number, or personal digital information stolen does not result in physical harm to the victim. In 2018, we will see a breach impact our physical, personal lives. It might be a medical device or wearable that is hacked and remotely controlled. Perhaps it will be an industrial IoT device or self-driving car that gets compromised. Or something closer to home – literally.  Devices from the garage door to the refrigerator are becoming smarter and more connected. The impact of such an attack will force government, business and individuals to take a closer look at the security of our infrastructure.

Prediction 4: The EU penalizes a company for a GDPR violation

On May 25, 2018, the General Data Protection Regulation (GDPR) will be put into effect. GDPR will provide a legal framework to strengthen and unify data protection and distribution for individuals within the European Union (EU). While the regulation will protect EU citizens, it will impact organizations worldwide – every company that serves a customer or employee in the EU – and businesses can be held responsible for the way they process, store, and protect personal data. The maximum penalty is a fine of 20 million Euros, or 4% of global annual revenue, whichever is greater. The EU may choose to make an example out of one of the first companies it penalizes, sending a message that GDPR is to be taken seriously.

The first company most likely won’t be a household name, but it will be known to be out of compliance in areas other than GDPR. As these penalties receive global publicity, other companies will be compelled to move forward with GDPR compliance plans.

Growing use of artificial intelligence, machine learning with data analytics, and business intelligence. Business applications continue to churn out large volumes of data, and users are trying to mine that data to determine patterns and predict user behavior. In ecommerce, users want to know customers’ buying patterns, which will help market products better. Website designers want to understand how visitors move through their sites in order to improve conversion rates. And companies want to analyze their sales data to correlate marketing dollars spent with sales dollars generated. Business intelligence and data analytics activities are becoming easier to perform, and that’s driving their adoption in mainstream businesses that are seeking to make better, faster decisions.

Rise of AI-powered chatbots in customer service and support. Over the past few years, chatbots — the automated, human-like chat responders — have been more an experiment, with limited adoption. Now, chatbots are becoming more mainstream as people see the benefits of those experiments, especially in customer service and support. Unlike human customer service and support reps, chatbots don’t have the physical and mental inconsistencies that can degrade service levels. More, AI-powered chatbots are learning how to respond to customers and predict what they want. Based on customer history or questions customers ask during a chat session, AI-powered chatbots can ask users what they need and even ask leading questions, all to improve the support experience.

Use of natural language processing as a new form of human-computer interface. Star Trek fans aren’t the only ones who’ve been waiting for this prediction to manifest. Business users, too, are eager to have computers understand natural language. Take a sales manager who wants to generate a quarterly report. If the manager has to ask for it from an analytics specialist, the manager has to explain what she’s looking for and hope the specialist accurately translates her request into something the computer can process in order to generate the information she wants. Natural language processing bypasses the analytics specialist and lets the manager work with a computer directly via speech. In response, the computer may generate a visual or auditory response, depending on the manager’s preference.

Tightening of data protection laws. Everything is heading towards digitization. Every business process, every technology, everything done with information — from storing, transmitting, and processing it —-it’s all in digital form. Now, a lot of countries are recognizing that their citizens’ personal data needs to be protected. More, they’re recognizing that users have to opt-in to these digital relationships; and they have to know the reason their personal data is being provided to a data process or data consumer and know what the consumer will do with their data. Tighter data protection laws are designed to secure their citizens’ privacy as well as prevent data abuse and outright criminal activity such as fraud or theft. Most recent example of this is Europe’s General Data Protection Regulation (GDPR). While some countries like India are also coming up with data protection frameworks, others will enhance their current data protection framework.

Continuation of cloud adoption in mid-sized & larger enterprises. Cloud is a mindset. And governments and larger enterprises have been slower to adopt that mindset, preferring to a private cloud/private data center strategy as a starting point. Now, the biggest barriers to their cloud adoption — security and data privacy risks — are well understood and processes and mechanisms have been put in place to mitigate them. Enterprises now also recognize that most cloud companies invest heavily in the security of their cloud infrastructure, platforms and cloud applications. And they recognize that, in most cases, the security teams of the cloud companies are much larger and much more experienced than their own. Overall, the larger enterprises are finally becoming comfortable and confident with cloud security and the cloud itself. Governments are also taking the steps to putting out citizen-facing non-sensitive data and applications on the cloud.

Use of blockchain in enterprise security for identity management. Blockchain provides a distributed, secure, and unique system of records, so you can have a strongly encrypted authentication mechanism that prevents malicious users from breaking in. This makes it a great choice in terms of enterprise security, especially for identity access management system, which manages user logins and authentication. In 2018, we’ll like start seeing blockchain adoption in areas such as banking, financial services, and health care.

 

 

Tell us about the year 2017.  What changes/evolution did it bring to your thinking or mindset as a CIO/IT head?

2017 was the year of improvements. We made sure that we are up-to-date with all current technologies used and ensured the use of new innovative ideas to enhance current users experience. Being in the hotel industry, it is important to take into consideration all aspects and analyze them in order to enhance our guest’s experiences and exceed their expectations. 2017 also showed us how technology plays a role in the booking decision making process.

Were you able to stick to your New year resolutions? Did you achieve/over achieve/ under achieve?

In 2017, we over achieved our targets by completing all our planned projects and we also made sure to add some more. At the start of the year, we introduced upgraded complimentary Wi-Fi throughout the hotel and installed SMART TVs in all our rooms. Furthermore, our new network infrastructure is now eco-friendly and consume less power.

In brief, which technology of 2017 attracted you the most? Have you planned to implement the same in your organization?

I am amazed with the automation in general and the In-Room technologies for hotels, where it offers guests new experiences during their stay and satisfies their needs. As a hotel, we are aiming towards that direction and started working on the first phase. Business intelligence and robotics had a lot of improvements in different sectors; however, it is beneficial and still at the initial stages for our industry where customers are still not familiar with it.

In contrast, which technology of 2017 did you find futile/ non-relevant for the present and why?

Most of the 2017 technologies were developed based on a requirement or need, however, they still lacked in some areas. I believe we did not have a complete software that can answer those requirements. As an example, Internet Protocol television (IPTV) providers are innovative when it comes to using the same functionality in an easier way through an iPad or mobile App. We need to think bigger and wider bringing a technology that offers significant changes in the industry. We need to step out of the basic, traditional functions of using a TV for entertainment, bills or On-Demand video.

How active are you as a CIO/IT head on social media platforms? Do you find them a good platform to share knowledge or has it become too monotonous?

I always try to stay up-to-date with the latest platforms and find myself using LinkedIn and Twitter from time to time. I catch up on the latest news and topics dealing with major technologies and inventions and keep myself up-to date with any major breakouts in the industry. Often, I find information first through social networks than any other form of media.

What is your 2018 resolution? (if at all you are a ‘Resolution-making’ person) What goals do you have for your organization?

I always try to have at least one or two set goals each year. In 2018, we need to continue working on refreshing and upgrading our infrastructure that has a direct impact on guest experiences. Almost everything is digital now and one of my main goals for 2018 is turning all our stands digital and displaying all our news and promotions on all screens found in the hotel.

2017 will be over before you know it and now is the time to think about what 2018 will look like. At Veeam, we have made significant changes to our products to adapt to current technology changes and trends; and any IT decision maker, end user or anyone else in between has surely made changes as well. Here are what Veeam sees that will make 2018 different:

• Ransomware preparations galore. There are so many non-IT issues that organizations are dealing with today. The threat of ransomware of ransomware is real. Next year we’ll see that risk grow, not only because the number of attacks will increase, but also because we may start seeing insiders making ransomware as a service kits as well. There will be no shortage of resiliency options for organizations to protect against ransomware from the inside and the outside.
• Disaster recovery 2.0. 2017 was unfortunately an incredibly bad year for both the number and intensity of natural disasters. This will encourage organizations to challenge many of the fundamentals of disaster recovery and business continuity. One specific bit of “best practice” I’ll challenge is the idea that 10 miles is enough distance for accepted separation. This year’s fires, hurricanes, earthquakes and floods clearly demonstrated that 10 miles is nowhere near enough distance. This realization paves the way for cloud and service provider technologies to provide the solution to the distance problem, as well as additional missing capabilities and robust tools that orchestrate the process to give organizations the Availability they need in a disaster.
• Portability is king. Organizations will be more comfortable to move workloads around as they see fit. Whether that is on-premises, in the hyper public cloud, in a service provider or a complete transition to a Software as a Service model, the right platform to run a service will prevail, and organizations will do what is needed to move these workloads and keep them Available. The important takeaway to remember is that responsibilities don’t necessarily change when applications, data and services move to a new platform.
• Managing data vs. managing storage. I predict organizations will take a marked approach to looking at their data and managing it better. The explosive amount of data coming in really isn’t sustainable. Organizations will take a serious look at archiving selected data, which will require policies to be re-written, conversations with the business and even new platforms leveraged. These new platforms will include offline object storage technologies like Amazon Glacier or Azure Cool Blob storage. This will be a great way to comply with business rules for long-term retention of that isn’t accessed often. Additionally, this is a great middle ground when organizations can’t agree on when to delete data.

It’s hard to put down specific predictions for a year, but the reality is the technology landscape today provides endless possibilities for organizations to provide great services for the data center and the information it provides. At Veeam we focus on keeping that data and those systems Available, which enables organizations to run their business.