How is generative AI being utilized to enhance cybersecurity measures today?
Generative AI has changed the way cybersecurity operates today. It has not only automated tasks but streamlined workflows, improved threat detection, and is also used to stimulate attacks to see how well an organization is proactive to cyber threats. Unlike traditional static thresholds that require constant human vigilance, Generative AI adapts dynamically, learning from vast data volumes to stay ahead of evolving attacks.

This makes it highly effective in identifying zero-day vulnerabilities and sophisticated threats. Moreover, Generative AI streamlines incident response by generating detailed reports, suggesting mitigation steps, and even creating code patches to address security gaps. Its ability to analyse patterns, predict risks, and automate defensive actions has made Generative AI an important tool in modern cybersecurity threats.

What potential risks does generative AI introduce in the cybersecurity landscape, such as AI-driven cyberattacks?
Generative AI was evolved to make things easier, but it has also become a powerful ally to the bad actors. Cyber attackers use Gen AI to create highly convincing phishing emails, fake websites, and deep fakes to deceive users and steal information from. It also leads to the development of sophisticated malware that bypasses traditional security defences, keeping non-digitized enterprises at a higher risk.

Gen AI can also generate synthetic malware samples, which, while useful for security testing, can also be exploited to bypass detection. Large scale attacks can also be deployed at ease as attackers can automate malware creation. Datasets containing sensitive information can expose AI models to risks like manipulation and data theft. Additionally, biassed models may result in inaccurate threat detection, further complicating cybersecurity efforts.

How can organizations leverage generative AI for proactive threat detection and response?
Generative AI offers a significant advantage in analysing large volumes of data that helps to identify anomalies in real time and save the risk of being vulnerable. Its advanced pattern recognition capabilities help organizations proactively identify threats, provide prescriptive insights, and help to safeguard your organization by being adaptive to the newer thresholds. By simulating realistic cyberattacks, generative AI can also test the effectiveness of defence systems, ensuring they are prepared for real-world scenarios.

As organizations increasingly migrate to cloud environments, new security risks emerge, making Gen AI-driven solutions essential. Gen AI can strengthen Identity and Access Management (IAM) by identifying weaknesses in authentication systems which is a common target for cybercriminals and recommend preventive measures. By combining proactive threat detection, adaptive defence mechanisms, and improved IAM strategies, organizations can build a more resilient security framework against evolving cyber threats.

What ethical concerns arise when using generative AI in cybersecurity, and how can they be addressed?
Using generative AI in cybersecurity comes with important ethical considerations that organizations must address. One key concern is bias, where AI models may unfairly target certain behaviors or user profiles due to biased training data. To prevent this, businesses should use diverse datasets and regularly audit their models. Privacy is another major challenge, as AI systems often analyze large volumes of sensitive information. Strong data encryption, anonymization, and strict access controls can help keep this data secure.

There’s also the issue of accountability, especially when AI is making critical security decisions. Incorporating Human-in-the-Loop (HITL) practices ensures human oversight, adding a layer of responsibility and judgment where needed. Finally, transparency is crucial where AI systems should explain their decisions clearly, allowing security teams to trust and understand the reasoning behind each action.

What challenges do cybersecurity teams face when integrating generative AI tools into their workflows?
Integrating Gen AI into cybersecurity workflows presents several challenges. When there is bias lingering in the models, it can lead to flawed threat detection causing false positives and can disrupt operations. Adversarial attacks pose another risk, where attackers manipulate the data to trick AI models into overlooking malicious activity. Data manipulation is a major concern, as corrupted training data can compromise model accuracy and create security gaps.

Integration challenges may arise when adapting AI tools to legacy systems, requiring significant resources and adjustments. Hence, being a digitally mature organization can smoothen the process of including Gen AI to it. Furthermore, adhering to compliance with data privacy regulations while using AI models adds another layer of complexity. Finally, cybersecurity professionals must continuously update and train AI models to stay effective against evolving threats. Overcoming these challenges requires careful implementation, ongoing monitoring, and collaboration between AI experts and security teams to maximize the benefits of Gen AI tools.

Are there any notable examples of generative AI successfully preventing or mitigating cyberattacks?
Generative AI has proven highly effective in preventing and mitigating cyberattacks through innovative applications. By autonomously analysing large datasets, it can identify threats in real-time, flagging phishing attempts and isolating malicious emails before they reach employees, ultimately preventing potential financial losses. In one notable case in 2023, AI-driven threat intelligence successfully detected a major phishing campaign, saving businesses millions by stopping breaches before they occurred.

Generative AI’s predictive capabilities also allow organizations to simulate potential attacks and refine their defences. For instance, a financial institution used AI to anticipate a zero-day attack, enabling them to prevent a breach that could have exposed sensitive customer data. By combining real-time detection, automated responses, and predictive modelling, gen AI significantly enhances cybersecurity efforts, helping organizations stay one step ahead of evolving threats

How do you see generative AI evolving in the cybersecurity domain over the next few years?
Generative AI will significantly reshape cybersecurity in the coming years. As cyber threats grow more sophisticated, Gen AI will enhance proactive defence strategies by improving anomaly detection, threat prediction, and automated response systems. By being more context aware, Gen AI can distinguish between normal behaviour and subtle attack patterns with increased accuracy. Gen AI coupled with AI Agents can analyse vast data patterns, identify suspicious behaviour, and act swiftly to avoid potential attacks.

AI-driven deception techniques, such as creating realistic decoy assets or fake data, will become more advanced to mislead attackers. However, as AI strengthens security defences, cybercriminals are also expected to use Gen AI to create convincing phishing scams, deep fakes, and adaptive malware.

What role does human oversight (HITL) play in ensuring generative AI systems are effectively managing cybersecurity threats?
Generative AI systems are powerful at processing vast amounts of data, detecting anomalies, and automating responses, but they can’t do it alone. Human expertise plays a crucial role in interpreting results, validating decisions, and tackling complex, out-of-the-box scenarios. While Gen AI acts as a protective shield, humans step in to handle the tougher security challenges. For a seamless and secure workplace, both must work together.

Humans guide AI to make fair and ethical decisions, reducing bias and discrimination. When Gen AI explains its reasoning, it not only builds trust but also helps security teams learn from its decision-making process. By refining AI models, adjusting detection thresholds, and ensuring systems stay adaptive, humans keep Gen AI effective. In cases of adversarial attacks, where attackers manipulate AI models, human judgment is key to spotting suspicious patterns and strengthening defences. Together, Gen AI and human insight create a stronger, smarter cybersecurity strategy.

How can smaller organizations with limited budgets incorporate generative AI for cybersecurity?
Smaller organizations don’t require massive budgets to take advantage of generative AI for cybersecurity. Several cloud-based security tools now come with built-in AI features such as threat detection in real time and automated response, making them an affordable option. Open-source AI models also can also help businesses improve security without hefty licensing fees.

These organizations can partner with Managed Security Service Providers (MSSPs) for cybersecurity eliminating the need of in house experts. Moreover, AI agents can handle monotonous tasks such as analysing logs, flagging unusual activity, and prioritising alerts. A combination of budget-friendly Gen AI tools with human oversight and staff training, smaller businesses can strengthen their cybersecurity without going overboard on expenses.

What best practices would you recommend for implementing generative AI tools while minimising risks?
Generative AI tools can be effectively implemented with a more cautious approach to zero down any risks. Ensuring quality data and efficient security practices have to be implemented so the model can be trained without biased data while sensitive information is protected to prevent leaks or manipulation. It is essential to incorporate Human-in-the-Loop (HITL) practices, allowing human oversight to validate AI decisions, reduce errors, and uphold ethical standards.

While handling critical data, there should be strict access control protocols to restrict any unauthorized use. Adversarial testing is a method for systematically evaluating an ML model, which can be carried out regularly to spot vulnerabilities such as data poisoning or manipulation attempts before they are exploited by attackers. Continuous monitoring is essential for identifying performance issues, adapting to evolving threats, and maintaining the model’s accuracy over time. By combining these approaches, organizations can safely and effectively utilize Gen AI in their cybersecurity frameworks.

Can you share your journey into the security world? What inspired you to pursue a career in this field?
I started my journey as an intern and later transitioned into an AI engineering role. What drew me to the field of security was its unique challenge—defense must be 100% accurate, while an attacker only needs one successful attempt out of 100. That single successful attack can render the 99 successful defenses ineffective. This complexity and high-stakes environment captivated me and inspired me to pursue a career in security.

What were some of the biggest challenges you faced as a woman, and how did you overcome them?
The biggest barrier I faced in my career was overcoming self-doubt. Early on, I often questioned whether my approach to solving problems was the right one, sometimes over analysing every step. In AI, there’s rarely one clear path to follow; multiple models and techniques can be used to address the same problem. There were times when I felt a certain approach was the right engineering solution but still grappled with the fear that I might be wrong. What if the path I chose didn’t work? What if I wasted time and looked incapable? Those doubts were always there.

Over time, I realised that it’s not about always being right but about embracing the process of exploration. It’s okay to take a path that doesn’t lead to immediate success, as long as you can explain why you chose it. Even if an approach doesn’t work out, the learnings from those failures are invaluable—they often help inform the next steps. For example, out of 10 approaches, I may end up choosing the ninth, but the lessons learned from the previous eight will contribute in some way to the success of that approach.

I also feel obliged to the company culture, which has played a big part in helping me overcome these challenges. In our company, the focus is on how you approach a problem and what you learn along the way, rather than simply delivering a result. The management truly understands that not every path will yield success right away, but the knowledge gained is never wasted. The technical freedom I have here to explore new ideas is invaluable, and I don’t think I would have this kind of support anywhere else. This culture has been key in helping me grow and build the confidence to push through self-doubt.

How do you describe your leadership style, and how has it evolved over time?
My leadership has evolved to become more centered around the people I work with. Initially, the focus was more on the technical aspects, but over time, I’ve realised that success isn’t just about accomplishing tasks, it’s about fostering an environment where learning is enjoyable, growth is supported, and everyone feels valued. I believe each person brings unique strengths to the table, and as I’ve gained experience, I’ve shifted to a more people-centric approach. Now, I prioritise tailoring work and processes to suit individuals rather than forcing people to adapt to rigid processes.

What strategies do you use to motivate and empower your team?
To motivate and empower my team, I focus on fostering a culture of learning and resilience. Coming from a research background, I understand that not every approach will yield immediate results, and setbacks are part of the process. When an idea doesn’t work out, I remind my team that no effort is ever wasted—there’s always valuable learning that can be applied elsewhere. By framing challenges as opportunities for growth and emphasising the importance of experimentation, I ensure my team members stay motivated and confident in their ability to innovate and succeed.

Have you had any mentors or role models who have significantly influenced your career? How did they impact your journey?
Sheryl Sandberg has been a huge inspiration to me. Her leadership in the tech industry, her advocacy for women through Lean In, and her tireless efforts for workplace inclusion and equality are qualities I deeply admire. Personally, I connect with her message on a profound level. In my own experience, particularly with the women I mentor—including those in the MARUPADI program, a career-relaunch boot camp offered by Zoho Schools of Learning—I’ve noticed a pattern.

Many of the women I work with, who report to me, tend to hesitate even when they know the answer. This hesitation often stems from an underlying fear of judgment or making mistakes, leading to self-doubt. I don’t observe this level of hesitation as often in men. Sheryl’s insights, especially in her book Lean In, have inspired me to help women overcome these barriers and empower them to embrace their potential with confidence.

What advice would you give to young women aspiring to enter the security world?
My advice to young women looking to start a career in tech is to stay inquisitive and continuously update yourself, as this is a field that evolves rapidly. It’s crucial not to buy into the idea that tech is only for men—there is space for everyone, and your voice matters. Reaching out to colleagues and seeking mentorship can make a huge difference in your journey.

I remember when I was an intern and I had an insightful conversation with a manager in the pantry—one of those casual, water-cooler moments. I was working on a feature and wanted to understand how it impacted the customer, so I asked them for their perspective. They shared some valuable advice: what sets an engineer apart is the willingness to go beyond just writing code and pushing it out. They recommended that I always strive to understand the customer’s experience, not just the technical side of things. That advice has been a game-changer for me, and I’ve followed it ever since. It has truly made a difference in my career, and I’m grateful for it.

Can you highlight some of your proudest achievements in your career so far?
My proudest achievement to date has been successfully deploying AI models into production and managing the massive scale of requests for it each month. This required not only technical expertise but also a deep understanding of the business context to ensure the models provided real value to customers. A standout project for me was collaborating with Site24x7, ManageEngine’s full-stack monitoring solution, where we implemented anomaly detection and forecasting in its monitoring systems. This was during a period when AI wasn’t as widely discussed as it is today. The scale was immense, reaching billions of requests per month.

Hence, we had to innovate and build infrastructure from the ground up, ensuring we met customer expectations, such as 99% uptime guarantees. One of the most rewarding part of this journey was seeing the final product in action, especially when it made a tangible impact on our customers. For example, customers were able to use AI to identify causes of issues, and hearing their positive feedback made the entire effort worth it. It’s one thing to develop a model, but to see it actually being used in real time, solving problems, and benefiting users was the true reward. That sense of gratification is what I hold most dear.

How do you manage work-life balance, and what tips do you have for other women striving to achieve this balance?
For me, work-life balance comes naturally when you enjoy what you do. Work doesn’t feel like a burden, and it’s easier to manage everything without feeling overwhelmed. My advice to other women is to find work you’re passionate about and take time for yourself. Find out what works for you and what makes you happy in both work and life.

Can you provide an overview of the current cybersecurity landscape for critical infrastructure in the MEA region?
The cybersecurity landscape for critical infrastructure in the MEA region is increasingly challenged by advanced persistent threats (APTs), ransomware, and state-sponsored attacks targeting vital sectors like energy, healthcare, and finance. In response, governments are prioritising cybersecurity, and establishing national strategies and agencies to safeguard these sectors. AI-powered predictive analytics and zero-trust principles in cloud security are being adopted to enhance threat detection and protect digital assets. Additionally, the region is seeing a rise in the talent pool of skilled cybersecurity professionals, driven by targeted educational initiatives, ensuring the workforce is prepared to address the growing and pressing cybersecurity challenges.

What are the most notable trends in cyber attacks targeting these systems?
The most notable trends in cyber attacks targeting critical infrastructure systems are the rise of ransomware and social engineering attacks. These attacks exploit both human behaviour and technological vulnerabilities, often manipulating individuals to gain unauthorised access to systems. Ransomware, in particular, has become increasingly sophisticated, demanding large ransoms in exchange for restoring access to vital systems. Another concerning trend is the shift in tactics, particularly supply chain attacks. Cybercriminals are targeting third-party vendors and service providers, using them as entry points to infiltrate larger, more secure organisations.

Which sectors in the MEA region are most vulnerable to cyber-attacks?
In the MEA region, sectors such as healthcare, finance, and energy are particularly vulnerable to cyber attacks due to the sensitive and highly confidential nature of the data they handle. Healthcare institutions store valuable personal health information, making them prime targets for ransomware and data breaches. Financial organisations on the other hand are highly attractive to cybercriminals as they can access sensitive financial information and use it for personal gain. Similarly, the energy sector affecting critical national assets like oil fields, power plants and other national infrastructure are prime targets for state-sponsored attacks as well as ransomware. These sectors face increasing pressure to strengthen cybersecurity due to the potential impact of a successful breach.

What are the primary motivations behind cyber attacks on critical infrastructure in the MEA region?
The primary motivations behind cyber attacks on critical infrastructure in the MEA region are both geopolitical and financial. The rise of hacker groups, driven by political agendas or the desire for financial gain, has intensified in recent years. Amidst rising conflicts in the region, cybercriminals exploit these tensions to create political pressure or influence events. Additionally, the region’s wealth, particularly in oil-based economies, makes it an attractive target for financially motivated attackers. These criminal groups aim to disrupt key sectors, steal valuable data, or demand ransoms, capitalising on the region’s economic significance and political instability.

How important is employee training and awareness in preventing cyber attacks on critical infrastructure?
Human error is one of the most common entry points for cyber threats, and well-trained employees can significantly reduce risks. Educating, empowering, and encouraging the right security behaviour is essential. The aim should be to build a security-conscious culture within the organization and inculcate the concept that security belongs to everyone in the organisation. Training employees makes them more proactive in identifying suspicious activities and enhancing the detection and response process. Regular, engaging, and contextual scenario-based cybersecurity training is one of the most effective ways to strengthen an organization’s security posture

What role does proactive threat intelligence play in securing critical infrastructure systems?
Many cyberattacks on critical infrastructure originate from nation-state actors or sophisticated APT groups. Tracking such threat actors with the help of threat intelligence proactively helps in predicting potential targets and the possibility of organization impact. The cyber security team can use the intelligence data to actively search for hidden threats in their network before they can cause damage. Also by understanding adversary tactics (TTPs -Tactics, Techniques, and Procedures), proactive preventive measures can be implemented by the security team. Threat intelligence integration with SIEM and SOAR provides real-time data to automate threat detection and response which helps in reducing the time required to detect and respond to cyber incidents.

Are there any technologies being deployed to safeguard critical infrastructure in the region?
Zero-trust principles—”never trust, always verify”—are being widely implemented in the MEA region with critical infrastructure and regulated industries such as finance and oil and gas leading the way. While progress is being made, organizations do face implementation challenges, including complexities in identity management, lack of expertise, and budget constraints. Despite these barriers, Zero Trust is seen as an imperative cybersecurity strategy for safeguarding digital infrastructure and ML is being leveraged widely to detect anomalies, automate threat detection, and enhance security operations centres (SOCs) . The rapid adoption of generative AI has also increased the concerns about security risks in AI-driven environments

What role do MEA governments play in regulating and enforcing cybersecurity standards for critical infrastructure?
Governments across the MEA region have developed national cybersecurity strategies to protect critical sectors. Examples include the National Cybersecurity Strategy and Critical Information Infrastructure Protection (CIIP) Framework for UAE, Essential Cybersecurity Controls (ECC) and Critical National Infrastructure (CNI) Protection Strategy in Saudi. Several MEA countries have adopted sector-specific cybersecurity standards to mitigate threats unique to these industries. Governments are also pushing for public-private collaboration in cybersecurity, promoting threat intelligence sharing.

How can companies ensure business continuity while recovering from a cyber attack on their critical systems?
Handling a cyber attack on critical systems requires a structured approach that involves immediate response, system restoration, and long-term resilience measures. The immediate response involves containment and reducing the blast radius by isolating the affected systems. Communication with key stakeholders should be initiated – the internal leadership team, IT team and legal team. Regulatory reporting should be initiated if applicable. Business continuity should be ensured by triggering the pre-defined BCP plans. It can be activating Disaster Recovery systems, deploying workaround solutions, or operating with minimum essential offline services till the restoration is completed. Restoration should involve restoring from secure backup, rebuilding and patching systems and resetting credentials and access control.

Bug Bounty Programs
A bug bounty program offers a monetary incentive to ethical hackers, who are IT security experts who test computer networks and systems with the permission of their owners. Ethical hackers are tasked with successfully identifying and reporting vulnerabilities and bugs. These programs enable organisations to leverage the hacker community to enhance the organisation’s security posture.

A Romanian ethical hacker, Cosmin Lordache, also known as @inhibitor181, has earned over $2 million through HackerOne, the global cybersecurity organisation that pioneered the first bug bounty program through its ethical hacker community. Top hackers who are part of bug bounty programs can even earn a full-time salary. But these hackers aren’t in it just for the money. They often receive industry commendations, which solidifies their reputation as skilled, reliable, and trustworthy for organisations to work with.

One major advantage that sets bug bounty programs apart from other forms of testing is that it’s a continuous process. From an organisation’s perspective, bug bounty programs, alongside penetration testing, form strong security assessments to fortify the organisation.

Who’s Running These Programs?
Let’s review bug bounty programs sponsored by three leading high-tech organisations. Each organisation receives valuable information for defending its IT infrastructures against cyberattacks in exchange for rewards they provide to white hat hackers.

Google
Google runs one of the most popular bug bounty programs. The Google Vulnerability Reward Program compensates white hat hackers for reporting vulnerabilities on Google-owned or Alphabet subsidiary web services that handle sensitive user data. Rewards are based on the impact of the reported issue. Vulnerabilities that qualify are cross-site scripting, cross-site request forgery, mixed-content scripts, authentication or authorisation flaws, and server-side code execution bugs. Prize money ranges from $100 to $31,337 based on the reported vulnerability.

Apple 
Apple’s bug bounty program offers rewards for reporting issues on Apple devices, software, or services. Its compensation is based on reported vulnerabilities and can range from $5,000 to $1 million.

Issues unique to newly added features or code in developer and public beta releases, including regressions, are rewarded with an additional 50% bonus, up to $1.5 million, and vulnerabilities reported during Lockdown Mode are given a 100% additional bonus, up to $2 million.

ManageEngine
ManageEngine runs a Vulnerability Reward Program (VRP) to continuously improve the security of its products. To join ManageEngine’s VRP, you must be 14 years or older and cannot be a resident of US-sanctioned countries. You cannot be an employee of Zoho Corporation or have been employed by Zoho Corporation within six months of your participation in the bug bounty program, and you cannot be related to a Zoho Corporation employee. ManageEngine’s bug bounty rewards are based on the severity of the issues reported and compensation ranges from $50 to $3,000.

How Do You Run a Successful Bug Bounty Program?
You can run an effective bug bounty program if you follow these steps:

• Start with determining the scope and budget of the program.
• Decide on competitive payouts that demonstrate to the hacker community (and to your customers) that you value your organisation’s security.
• Categorise vulnerabilities based on their impact and assign a base reward value accordingly.
• Ensure that this testing doesn’t hinder your organisation’s day-to-day business operations by keeping certain domains off-limits. Implement this step at your sole discretion.
• Develop detailed terms and conditions regarding what the hacker can test.
• Create a webpage with details on how the test will be conducted as well as the terms and conditions regarding the rewards program.

Key Takeaways
Many organisations regularly test their security systems to identify vulnerabilities. Placing this task in the hands of external teams of white hat hackers is one way to ensure your organisation stays informed and can successfully defend against the ever-evolving strategies of today’s cyberattacks. In the current tech landscape, these imperative security measures might save your organisation thousands if not millions of dollars in financial losses, and they may end up protecting your organisation’s business reputation.

Taking notes from Big Tech companies such as Google, Apple, and Meta, it’s time for you to run a bug bounty program and safeguard your company against critical vulnerabilities.

More than three-quarters of organizations worldwide don’t have an IT incident response plan in place because most believe they have little risk of becoming a cyberattack statistic. Unfortunately, that’s still likely to happen.

According to africanews, in the past year, Kenya has experienced a concerning rise in cyberattacks, with a remarkable 860 million incidents documented in 2022.

As wisely expressed by Benjamin Franklin, “By failing to prepare, you’re preparing to fail.” Let’s explore a strategic incident response plan for your organization.

Create a Backup
Business networks are complex and large, and oftentimes, a network outage results in financial and reputational repercussions, including disgruntled clients. It’s imperative to create a backup of critical data and systems that you can’t run your business without, and store it in a safe location. When the inevitable breach occurs, your business will be able to recover as quickly as possible.

Never Say Never
While a workforce continuity plan might seem unimportant and nonurgent, the pandemic prompted IT departments worldwide to quickly realize the importance of being able to rapidly change the way their organizations conducted business.

Here are a few steps to help you draft a business continuity plan to address the next disruption:

• Form a team with representatives from each department and understand their workflow.
• Identify critical business functions and find a way to prioritize them.
• Assess the risks for every process in your organization and record them.
• Develop a risk mitigation strategy to protect your critical business functions from those risks.
• Document the entire procedure and keep it up to date.

Train Your Employees
A common hurdle with an incident response plan is ensuring that employees take the plan seriously. To deter the mindset that the plan is “less urgent,” educate employees about its importance and the repercussions that can result from cyber threats and cyber incidents. It’s vital to conduct regular training sessions to address hardware failures, software glitches, network outages, and security breaches so that you efficiently mitigate a cybersecurity incident.

What Doesn’t Kill You Makes You Stronger
Understand the points of failure in your previous incidents and find a way to rectify them. Single points of failure should be addressed by establishing a backup, not just in terms of network and systems but also in terms of staff allocation. Relying on a single person, especially when it comes to a critical network, is not a great idea. Delegate a second person to reach out and provide assistance in case of an incident.

While incident response might seem insignificant in the larger scheme of things, when a disaster hits, it could potentially devastate your business. Take some time to prioritize incident management and make it part of your organization’s culture by creating a backup, training your employees, drafting a workplace continuity plan, and learning from your past incidents. Learn more about IT incident management for your business.

“Privacy continues to be an uphill battle in the world of internet browsers because the model is broken — browsers are offered by vendors with ad-based business models so the incentive to gather, sell or buy user data is significant. This is meant to leave little room for users to guard their privacy becoming accustomed to sacrificing it in the name of access or convenience,” said Hyther Nizam, President of Middle East and Africa at Zoho. “With Ulaa, users don’t have to compromise their privacy to browse the web, which unfortunately has become a surveillance minefield. Zoho’s commitment to privacy and a privacy-centric business model allows us to offer a conflict-free, privacy-centric browser that values their own privacy and their kid’s privacy.”

The web browser comes equipped with features that allow for privacy customisation, built-in user profile modes, and integrated productivity tools while keeping user data safe and private. Users can also sync browsing sessions between devices — either an entire browser window or a singular tab — allowing them to use multiple devices for the same browsing session seamlessly.

Ulaa, a word derived from the Tamil language, means journey or voyage and was developed to protect against tracking and surveillance. Ulaa is rooted in ensuring a maximum privacy web browsing experience by blocking unauthorised push notifications, pop-ups, and time tracking, preventing DNS prefetching, adding an extra layer of security through a multi-ID model in addition to privacy customisations, anonymised user data and stats, disabled APIs, geographical data isolation, end-to-end encryption, and privacy reports.

Ulaa users can toggle between five unique modes based on their desired browsing experience, with each mode completely isolated from others. The modes include Personal and Work Modes, Work Mode, Developer Mode, Kids Mode, and Open Season Mode. Each mode offers a protected browsing experience unique to the type of users or members of the family.

Ulaa comes equipped with tabs management options to view all open tabs in one place to be grouped and organised. It also comes with integrated apps that boost productivity, including Zia Search for existing Zoho users, Text2Speech, and Zoho Notebook, a dedicated note-taking space that works across all tabs, so a user can easily jot down ideas, reminders, or important information without leaving their browsing session. Ulaa includes Annotator, a new, built-in feature that can add annotations directly to web pages and images.

The new browser is available in all countries in the Middle East. Compatible with most browser extensions, Ulaa is free to all and its desktop version is fully available and can be downloaded here. The iOS and Android versions are currently in beta and available for download.

How has the Zero Trust Network Architecture evolved since it was first coined in 2010?
In the cybersecurity domain, Zero Trust is no more a buzzword, it is a decade-old concept that has been evolving for a while. It started as a concept introduced in 2010 in a Forrester research, by 2014 we had Google’s Beyondcorp initiative which reimagined the security architecture and was one of the earliest enterprise deployments of the Zero trust. In 2019 we saw the expansion of Zero Trust to SASE and ZTNA.

The pandemic period was when Zero Trust gained major traction fueled by the aspects of fast-paced digital transformation, and shift to cloud, and remote work. We also saw the evolution of standards and regulations related to Zero Trust – NIST published SP 800-207 as a unified framework for establishing Zero Trust architecture and last year we have the US government executive order mandating the adoption of Zero Trust principles for federal agencies.

Do you believe that technologies that support zero trust are moving into the mainstream?
The basic building blocks for implementing Zero Trust revolve around user identity management and device trust and identity. The technology solutions in these domains like SSO, MFA, Cloud-based directory services, PAM, Unified endpoint management, MDM, EDR, and XDR are already well mature and are an existing part of the security stack of many organizations.

The other crucial component of the Zero Trust Network Access (ZTNA) is the policy decision engine and policy enforcement engine. We have many existing security vendors extending their existing stack to provide agent-based or gateway-based ZTNA architecture solutions. The technologies supporting Zero Trust are very much in mainstream adoption.

Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did?
Today’s digital-first enterprises are no longer operating within the confines of a traditional network perimeter. Apps are
everywhere and users are everywhere. With more than 80% of organisations adopting a cloud strategy, the business apps are hosted outside the organization network boundary.

The hybrid model of work is here to stay, and employees want seamless access to the business apps without any difference in experience based on the location from which they connect. BYOD is becoming a norm, with business data being accessed from personal devices that have lower security postures.

The traditional method of using network location, ownership, and control of physical assets as parameters for implicit trust is a flawed security paradigm. “Never Trust, Always Verify” should be the philosophy the IT department should internalise, implement and practice. Traditional tools like VPN are not designed to support remote access of this scale and do not offer flexible options for adaptive access control. It is imperative that the IT and Security departments work together to reinvent the security architecture in line with the current evolving business models.

How can companies get started with zero trust?
Moving from theory to practice has been challenging with Zero trust. To many organizations, zero-trust implementation is seen as a huge, expensive, and complex project. As it touches everything from user to device to network it involves various stakeholders within the organization. What works out practically is to start small, start from where you are, and start with what you have as the current technology stack.

To initiate zero-trust implementation, organizations can start by defining a strategy and baseline prior to embarking on a wider zero-trust technology implementation. There should be an overall phased approach – Assess, focus on the top critical use cases, break into smaller achievable milestones, implement, and optimize over time.

We followed what we call the “Crawl, Walk, and Run” approach in our organization. The initial crawl phase involved strengthening the identity and device pillar focusing on the below activities

a.Implement SSO
b.Enforce MFA
c.Enrol corporate devices in UEM and MDM
d.Conditional access based on device certificates

This served as a good starting point and helped us to show the value early on to the users and the various stakeholders.

Industry experts have warned that cyber-attacks will be focused on techniques that zero trust controls can’t mitigate. What according to you can be done to address this?
Zero trust is not a single silver bullet solution to all your security risks. There are other areas outside the scope of Zero trust like API security, hardware and software vulnerabilities, insider threats, and supply chain attacks. Multi-layered approach and defence in-depth controls are very much needed besides implementing Zero Trust. Security awareness training, incident response planning, regular monitoring and patching of systems and applications, comprehensive SOC capabilities, and threat intelligence are required to tackle the current cybersecurity challenges faced by organizations.

What according to you are the limitations of zero trust?
Zero Trust as a cybersecurity paradigm is a great evolution, but where we see limitations are in the practical implementation and deployment. With any new security model we experience challenges as the scope is expanded we try to increase the granularity of controls. Zero trust is not immune to this.

Zero trust is not a one-time project, it is a continuous journey toward better security. It is also not a one size fits all approach. Not every organization can follow the exact Beyondcorp approach, the strategy, and roadmap need to be evolved according to the business need. Organizations should build a solid strategy and plan and invest in resources and people to succeed with Zero Trust.

Zoho will award the top five applications that solve a real-world challenge with gift vouchers worth up to SAR 10,000. In addition, the best submission will receive an iPad Pro and a chance to monetize their application by listing it on Zoho’s Marketplace. The applications can address needs in areas such as healthcare, government services, education, environmental issues, smart cities, business operations, and so on.

“We are excited to bring the first low-code hackathon to the kingdom. We believe that technology can help tackle everyday problems, and encourage young minds in Saudi to immerse themselves in this fun and engaging experience to build solutions that have the potential to make an impact,” said Izzedine Al Mozayen, Regional Manager for Saudi Arabia at Zoho. “Zoho Creator is a powerful and easy-to-use platform that is accessible to both professional developers and non-coders who can use it to create custom solutions and prototypes in a fast and efficient manner.”

“Leveraging low-code’s intuitive visual builders, readymade code blocks and numerous API integrations, participants can bring ideas to life to deliver sustainable solutions, as long as they have a clearly mapped idea and problem-solving skills,” Al Mozayen added. Zoho aims to contribute to accelerating the kingdom’s digital transformation goals, in line with the Saudi 2030 vision, by democratizing application development through low-code. According to Gartner, by 2024, low-code application development will be responsible for more than 65% of application development activity.

The hackathon is open for seasoned developers as well as citizen developers (non-coders) in Saudi Arabia; students who are 18 years and above and have a passion to build high-quality applications are also welcome to participate. The hackathon will be run virtually. The registration and ideation process will take place from February 1-15, 2022. Successful registrants will receive a virtual product walk-through to learn more about Creator, after which, they will be given two weeks to develop their applications.

The winners will be shortlisted and announced in March.