Supporting the Rapid Adoption of Digital Technologies through COVID-19

Interview with Matt Suiche, UAE

COVID-19’s new economic normal has compelled family businesses in the MENA to make the shift away from more traditional operating models almost overnight. In some cases, these models have gone relatively unchanged for three or more decades.

As the Founder of both Comae, a cybersecurity firm in the UAE, and Opcde, a cybersecurity conference, Matt Suiche has first-hand experience of the unique challenges regional family businesses face when digitising or transitioning to remote work environments. COVID-19 has forced even the most forward-facing organisations to adopt some technologies uncomfortably quickly, creating unexpected issues and wreaking havoc on business continuity plans. If regional family businesses cannot adopt effective cybersecurity protocols as quickly as they adopt these new technologies, they leave themselves open to attack.

We spoke with Matt Suiche to learn more:

Q: How do these technologies present a certain degree of risk to family businesses who suddenly find themselves reliant on them?

Every technology has its associated risks; knowing those risks, and therefore knowing how to use these technologies safely is the key.

Because past legal barriers to VoIP or cloud services have forced behavioural changes to occur almost overnight people are not used to using them. Not only is haste placing complex demands on organisations attempting to modernise their infrastructure through technology, but the risk of cybercrime that poorly enacted security protocols would leave them open to might endanger what I see as an opportunity.

Q: What steps can family businesses take to safeguard themselves as they move forward?

Focus on priority verticals.

The initial focus should be on securely and effectively establishing key aspects, such as communication channels and financial services. It’s particularly important that Middle Eastern businesses find digital solutions with minimal barriers to access so they can continue to communicate with the entirety of their customer base. Equally important is finding digital banking partners that provide proper two-factor authentication services.

Control access.

Typically, smaller operations face a significant challenge with employees using their personal computers to access work information.

Establishing clear protocols – who can access sensitive material, as well as when and how – will minimise the possibility of data breaches, and make dealing with vulnerabilities after the fact easier if a breach should occur.

Encourage user awareness.

The universal move to digital conferencing afforded by remote platforms has also triggered cybercrime that capitalises on new, unsophisticated users. With Zoom, for example, fake links intended to dupe users into installing phishing clients that mine passwords are now common. March saw a huge spike in COVID-19 related exploits – a “test-month” for attackers who will continue to use and improve on what has worked best, especially as more operations move online. Double-checking domain names is just one important step employees can take to avoid compromising their login credentials.

Once stolen, cybercriminals can use employee credentials to gain access to company banking information or client data. The sheer volume of conferencing clients, such as Jitsi, Microsoft team, and BlueJeans, to name a few popular ones, makes vigilance difficult when attempting to communicate with a variety of clients in a timely fashion. Therefore, family firms should make educating their team members on best practices and the associated risks of using web-based communication tools a priority.

Use strong passwords and authentication procedures.

It may seem straightforward, but all too often, organisations operate without strong authentication procedures in place. For the sake of speed, it may be tempting for family businesses to use very basic password protocols, but doing so will leave them open to attack. Passwords should never be reused and must be unique for every service. Password manager software can be used to generate strong passwords. Additionally, two-factor authentication should be in place for all platforms, especially email, which is a prime target for cybercriminals and even competitors.

Q: Once family businesses have mastered the initial learning curve to safe operation, how can they continue to ensure they are approaching these technologies in the best possible way?

As family businesses look to digitalise, their channels of communication included, good communication itself is an asset.

Regularly collecting feedback from employees as they adapt to new working norms helps quash problems as they arise and provides a sense of reassurance. Establishing an open environment where negative feedback is valued as a vehicle for positive change enables organisations to address technical hitches and limitations as soon as they arise.

Above all, family firms should recognise that a complete digital transformation is a process that can’t take place instantly; instead, it is continuous and iterative. Adoption in the short-term gives way to monitoring and refinement in the mid- and long-term. Making the leap to digital will keep the MENA’s family businesses in the race, but the method by which they make and support that leap will be how they win the race in the future.

Matt Suiche is the founder of cybersecurity start-up Comae Technologies and cybersecurity conference OPCDE (OPeration Community Development & Empowerment). Prior to founding Comae, he was the Co-Founder & Chief Scientist of the application virtualization start-up CloudVolumes which was acquired by VMware in 2014. His also previous employers include the Netherlands Forensics Institute and Airbus.