‘We are here on a mission to secure the nation’
Rabih Dabboussi on his new role at cybersecurity firm DarkMatter
One of the more recognisable faces in UAE’s IT sector embarks on a new, if immediate, role of helping to secure the UAE, as part of cyber security firm DarkMatter.
Ex-Cisco veteran Rabih Dabboussi was recently appointed senior VP of Sales, Marketing & Business Development at DarkMatter.
The cyber security firm has emerged as a key partner to the UAE government, tasked with multiple projects of critical importance to the nation. This includes laying the groundwork for a national Public Key Infrastructure (PKI) roll out, a first for the country.
To drive its ambitious agenda, a team of global experts in areas of Cyber Network Defence, cryptography, PKIs, and governance & compliance have joined DarkMatter’s growing ranks. Dabboussi himself has a long and distinguished career at Cisco, rising through the organisation to lead its operations in the UAE.
Further, DarkMatter is investing significantly in research and development, undertaken right here in the UAE, supported by a R&D centre in Toronto, Canada.
This rare combination of top talent, government trust, and investment in R&D is setting the company on a different path in the region. “If you put these three differentiators together, you get to an intersection point that is absolutely unique to DarkMatter,” says Dabboussi. “There’s no other organisation in the UAE or in this region that has top notch global expertise, government trust and local R&D within one organisation.”
Dabboussi says he’s excited to be joining an organisation that is essentially a start-up, but that is already mature, with established projects and contracts. Dabboussi’s own background in R&D raises his enthusiasm further, given it is where he started out at Cisco’s research and development labs in the US. “Having the research and development team in the same building as you lead the business and having the ability to contribute to the roadmap of our products, services and solutions, is hugely exciting for me,” he says.
DarkMatter is also an organisation with the vision to work on the future, as opposed to legacy, of cyber security, Dabboussi adds.
Governments like the UAE’s are leading in this transformation as technology permeates every sector of life. A visitor landing in the UAE will interact with smart solutions and smart government services, sensors and technologies until the moment they leave. That is not IT, Dabboussi asserts. “This is operational technology of a city and a nation. We are building the model of how to secure and defend a nation,” says Dabboussi.
DarkMatter hardly fits the mould of a typical systems integrator of security products, Dabboussi notes. As evidence, the people that the company has hired are not from a SI background, but rather are thought leaders in their own right. The reason for this, Dabboussi says, is that the security standards in existence today have been developed for IT. This is clearly inadequate in safeguarding the era of digitisation we have entered.
“The standards of ISO 27000, ITU, IEEE and others are designed to address the cyber security needs of an IT environment,” says Dabboussi. “We are here on a mission to secure the nation and because there's no standard way of doing it, we require thought leaders to define what that model is. That is what DarkMatter is all about,” Dabboussi asserts.
This mission, Dabboussi explains, is based on laying the framework of how to defend nations, cities, organisations, homes and individuals. As part of this objective is the actual deployment of security infrastructure and addressing the needs of the data centre environment. This is however the adjunct businesses of DarkMatter’s core differentiation, Dabboussi says.
The market is awash with differing security solutions, some better than others, making it foolhardy to try to repackage what is already available. This is why DarkMatter is developing new governance models around risk assessment as well as security and defence mechanisms that simply don’t exist, Dabboussi says.
Fellow DarkMatter senior VP Harshul Joshi, in a keynote speech at the recent GISEC, admitted that ISO 27000 standards, which he helped edit, do not meet the needs of smart city solutions or controls for oil & gas and utilities, for example. This is because support for the integration of legacy systems with advanced IT sensors barely exists, so there are really no standards to address the risk of compromise to this infrastructure, Dabboussi says.
The methodologies DarkMatter has put together focus on a four-stage process of planning, detecting, protecting and recovery. “This is a continuous cycle that will have to take place throughout the nations, cities and organisations in the private sector as we deploy technologies that enable us to have smarter cities,” he explains.
Dabboussi has emerged as a key champion of the digital transformation process now underway in the region.
This advocacy is set to continue as part of his new remit is work on IoT implications, adoption and deployment within not just the UAE but also the region, as well as the digitisation strategies of the cities and the nation. “My excitement about the work that I have done over the last few years is going to increase because it extends to what the nation has already done with respect to smart city developments, but it also comes with a new flavour of how to secure a smart city infrastructure and how to make a city resilient,” he says.
Dabboussi and DarkMatter are pragmatic, recognising that cyber-attacks will take place at some point. The key is how to contain an attack and avoid a ripple effect especially in critical infrastructure. A recent cyber-attack in Ukraine on a power grid illustrates the dangers that exist. This particular attack took out several hundred thousand buildings from the grid, including potentially medical facilities and emergency services, which is a clear risk to life.
Therefore, building a resilient cyber security model is crucial, encompassing detection, followed by containment and then cleaning up after the fact with requisite forensics so as to avoid a similar disaster in the future, Dabboussi says.
Increasingly, security is not just about governments and organisations but also individuals. From individuals having one or two devices connected to the internet a few years ago, to four or five today, to the next few years where individuals will be in possession of tens of connected devices. While this is generally positive as technology makes our lives more productive, the attack surface increases exponentially. “If you do not put together preparations today for securing the nation in the future, we could potentially face very grave security risks,” Dabboussi says.
Indeed, according to recent research, the UAE is now the target of 5% of cyber-attacks globally, Dabboussi observes. There’s clear motivation for this alarming development, in that as a nation establishes itself on the global competiveness platform, it raises attention. The region is also rich in natural resources with huge infrastructure installations. “We are going to see more attacks from a cyber security perspective. That makes our mission to make sure we put the right cyber security foundation both challenging and critical, not just for the nation, but for the region as a whole,” Dabboussi concludes.