Eighty six percent of UAE companies experienced at least one successful attack. Over 72% of companies faced data loss after insider attacks. Data breaches are increasing annually. Why so?
All corporate data is going or has already gone digital. It is more difficult to protect and often more expensive than tangible assets, so it attracts intruders. Moreover, companies focus on protection against external threats and disregard protection against unscrupulous employees and data leaks from within. Employees have access to the most critical information, know the IT infrastructure, and know where particular data is stored.
I have built a business from scratch and understand that, when a company has over 30 employees, it is not family-like work environment there any more. Excessive trust can play a cruel joke on the owner.
Our clients detect serious data security incidents in 100% of cases. These are data leaks, fraud, idleness, when employees waste 60% of paid time on social networks. All of these are losses to the business. Lack of protection is like an unlocked safe with money.
In October, you opened an office in Dubai and launched MSS in the UAE, which you call unique. What is its uniqueness?
We offer companies turnkey protection against insider threats. This includes protection against data leakage, internal fraud, misuse of time and resources, etc.
The customer just says ‘I want to protect my business’, and then we do the rest. We install and customise the security software, provide monitoring. Our analyst prepares reports and notifies the customer immediately about emergencies.
Using the service, the customer does not depend on a staff member who may fall ill or quit. We have a few in-house analysts, so in case of contingencies, another expert takes over the work.
InfoSec investment pays off greatly. In most companies, the MSS costs will not just be recouped but turn a profit due to the fraud detection and elimination, business processes optimisation, elimination of side companies, industrial espionage by outside employment, staff idleness.
First month, the service is free. It is not altruism, but confidence in the service usefulness, which we can show. An average of 70% of customers continue co-operating with us after the trial month.
Tell us about the top 3 incidents that the clients face.
Intentional or accidental data leaks, which 100% of customers experience. Example: a manager uploaded working documents, including those with trade secret label, to cloud. Investigation revealed that the manager was communicating with competitors about products that were not yet in production and copying data for them.
Job search. Employees have the right to do so, but the company should think it over whether it’s ready to part with this employee. The employer might try to retain the employee, and in some cases, it might be decided to let the employee go restricting access to confidential data to avoid possible data leaks.
Corporate fraud. Example: the executive received forged documents “from a counterparty”; the partner did not confirm their authenticity. The company requested MS service and set an investigation task to find out who forged the document and on whose computer it was stored. With the help of security solution, this document and some others, indicating employee’s outside activities were found. The same employee was providing legal services under the table.
Internal information security is a sensitive area. Do companies trust third-party providers?
Large companies can afford security experts, expensive security software and hardware.
But it is unrealistic to create an IS service in companies with 30-200 computers. It is expensive, and a good expert is unlikely to take such job, being afraid to lose the qualification. Therefore, our clients are primarily SMEs that are protected insufficiently or not protected at all.
Nevertheless, large companies often become our clients too. The reasons can be shortage of professionals, sharp growth, or lack of time to expand the security staff. There are cases when employees specialise in external attacks or economic security and take our analyst as a reinforcement.
We are a trusted international company. We have been working for many years in the markets of Southeast Asia, LATAM and Turkey. Our work quality is confirmed by our clients worldwide. We have been studying the UAE market for several years now and have opened an office here. The prospect is to operate across the entire MENA region.
How affordable is the service cost for SMEs?
Information security outsourcing is definitely cheaper than creating an InfoSec department from scratch. Servers, software and experts are more expensive than the service.
We keep a competitive price because an IS analyst can supervise 4-5 companies, being more professional and working faster, knowing the software thoroughly and understanding where and what to look for.
What market share do you plan to take?
According to the UAE Minister of Economy, the country totalled 557,000 SMEs in 2022. The minister also announced plans to increase this number to 1 million by 2030.
In this range, we are targeting the segment of companies with 30-500 employees and 500-10,000 employees. That’s about 15,000 companies. According to our sales experience, at our service cost of AED 140,000 per year to a company with 100 PCs, we can expect a market of AED 700 million per year.
We are confident in demand because there are two interested parties: business and government. Talking to the customers, we can see that there is a great demand for qualified information security experts. Demand for our solutions licences shows that their functionality is highly valued, but we realise a great shortage of qualified IS experts to work with the solutions.
On the government side, the demand for security solutions is driven by regulatory requirements. Regulatory documents stipulate requirements to ensure secure data storage and processing. Moreover, many requirements explicitly or implicitly stipulate the use of security features.
In particular, the UAE Information Assurance Regulation issued by the United Arab Emirates Telecommunications and Digital Regulatory Authority prescribes the use of DLP as a data loss prevention means. MSS based on DLP, DCAP systems gives access to these technologies to SMEs.
What result do you expect in the UAE?
By the year end, we plan to conduct 10 to 20 trials and get feedback from customers. We also plan to expand to the entire MENA region in the near future.
Long-term plans include reaching a turnover of AED 200 million and a net profit of AED 100 million within 4-5 years.
Follow us on
Brand View allows our business partners to share content with Arabian Business readers.
The content is supplied by Arabian Business Brand View Partners.
