Ep. 105: Roland Abi Najem - Cybersecurity Practices
Contact Roland Abi Najem: https://www.linkedin.com/in/rolandabinajem/
Roland Abi Najem's Website: https://www.rolandabinajem.com/
FULL EPISODE TRANSCRIPT:
Mitch: (00:00)
Welcome back for episode 105 of Count Me In, IMA’s podcast about all things affecting the accounting and finance world. I'm your host Mitch Roshong, and today's episode features cybersecurity and digital transformation expert Roland Abi Najem. Roland is founder and CEO of Revotips, Expert Tech Consultants, and Solutions. In this episode, my co-host Rouba dives into better understand the evolution of cybersecurity, including the risk areas and how finance and accounting professionals can better enhance digital safety measures across their organizations. Keep listening as we head over to the conversation now.
Rouba: (00:46)
You’re a cyber security expert in the region, you have been one for many years. What does the work that you do entail?
Roland: (00:57)
Well, basically it's the most important thing to me on a personal level I should work on is, being up to date on daily basis. And I really mean it on daily basis because sometimes if you, for me, on a personal level, I have at least for example, a minimum three to four hours readings per day. And, I have to stay up to date with all technology related issues about, all type of, technology, the less the news and cyber attack happened, worldwide and so on. So because we always learn from case study happened worldwide. Moreover, I have to say after this was all a governance issue about new laws, new regulations, because also those, rules and regulation of, being up to date, also kind of on daily basis. And, we have, let's say GDPR in Europe, perhaps a hundred rules and regulation here in the region. So we must follow those guidance as there'll be, for example, in GDPR, if you don't follow the guidance and regulation, you'll have fin, 10 million euros and so on. Moreover when it comes to cybersecurity, it's not only about the technical know-how of each person, what, what any company will look for when they are working with a certain cybersecurity company or consult them, they will look first for personal know-how. They will look first for, as a company reputation and a brand name and the look for the person or the petition of each individual who's going to work in cybersecurity because, you know, when you are working on cybersecurity, sometimes when I'm doing, let's say a penetration testing and so on. So, you might have access to very confidential data and so on. So for other companies, they will need to make sure that they have full trust in the company and each individual working on the project. Plus we all know that, working in the GCC region, is really challenging because you are working like, with, a different type of culture and society. Within in one company was in one country is so working with a different culture, different society, different mentality, you are working in different industries like, government, all I'm guys, banking, staffed up everything. So, you need to be, aligned with all types of cultures and societies in order to understand the needs and the requirements and how they think and how they perceive things. So actually it's kind of hectic to be combined and I'll combine all those together and to stay up to date with them. But actually this is what makes, let's say the thing different, and, this is what gives me added value, in this industry.
Rouba: (03:43)
No, that's quite a task that you have on hand. When we look at the, the Middle East and Africa cybersecurity market, I mean, it's witnessed some tremendous growth over the last, few years, more than a decade even, and it's projected to grow even further from an estimated 15.6 billion in 2020 to 29.9 billion in 2025. And the compound annual growth rate is 13.8, which is exponential. And this is based on the post COVID scenario forecast. Now, the lion's share really goes to Saudi Arabia and the UAE, and some parts of Africa when you look at these figures, but what are some of the most notable initiatives that are taking place in the region?
Roland: (04:24)
Well, this is a very important question based on what you said on the growth of, everything regarding to, cyber security in terms of spending, nowadays, lots of, government issues and rules and regulations. They are forcing by law each company, especially when I talk about big companies that have billions of dollars, to have at least three cyber security providers, because we all know that when it comes to security, is that is no, let's say a one plus one equals two. It's not that simple. So you need to have the different providers see different companies that are working in cybersecurity for you, because we all know there is nothing called 100% security and no company can be 100% secure of the time. If you are currently secured, you are secured, let's say up to 70, 80% maximum and so on. So there are still gaps. That's why I asked to have multiple companies under 10 providers. And this is what makes the industry, let's say, growing up so fast because for each company needs at least three companies for cybersecurity. This is number one. Number two, a few days back in the UAE is a consult ministers form, a concept for cybersecurity, which is, which shows clearly important nowadays for everything we got in cybersecurity, because let's say sometimes now we're on, we're talking about what, what we're talking about, the Cyber War, not the normal wars, is that like a World War One and World War Two. So I'll talk about the Cyber War and we all know that everything is happening between, uh, let's say, North Korea and Iran and Saudi Arabia and USA and so on, and we're not talking about a cyber war. It doesn't come with only with what you call it say about, only a just hacking and cyber attacks and so on. It's all sometimes about data. And we all know, for example, what's happened between Donald Trump and the big fight. And most of the big parts of it was political and part of it was economic, but the biggest part is about the data. Where am I going to store the data and how we are going to, to store it somewhere. So I'm not sure the initiative is, in Saudi Arabia, they have what we call the National Security Authorities, where you can, for example, if you are under attack or do you have, now you can claim directly online and they will support you, and in many ways. Here in Kuwait, since I'm based in Kuwait, we have, two laws, you have the Image alone, and we have a Cyber law, every since cyber crime law, and so on. So, the biggest challenge, and, here, I think is, how we can join all those laws with international laws in order to, to be aware of all the laws and regulations worldwide in order to try to make for everyone. Because let me give you an example, let's say in the UAE or the Kuwait or whatever, they have lots of Eu...