ATHENS, 30 November 2004 — An information security conference in Athens might not sound like an event that would be of importance to the Middle East, but don’t make up your mind too soon. The truth is that until recently, similar to Saudi companies, Greek companies didn’t pay enough attention to network security.
According to Eleni Tsirigoti, a representative of the Hellenic American Union, one of the organizers of the Information Security Matrix Forum in Athens, the 2004 Summer Olympic Games made a huge impact in ratcheting up all types of security awareness in Greece. Information and network security received intense scrutiny in preparation for the Olympics. Now, private Greek IT security firms are interfacing with nearby countries to share their enhanced knowledge. With the GCC only about four hours away by air, expect to see many more professional exchanges here in the future.
At the Information Security Matrix Forum, Mirza Asrar Baig, CEO of Riyadh-based IT Matrix, a Saudi network security company, was invited to speak on, “E-Mail Security: Increasing the Effectiveness of Solutions.” This year IT Matrix released its locally developed e-mail firewall, Secure MailMatrix. In his opening remarks at the conference, Baig told the audience of over 200 attendees about Saudi Arabia being a modern country, emphasizing its infrastructure and adoption of electronic processes. He then went on to discuss the importance of local investment in R&D. For several years, Baig has been concerned with the quandaries faced by companies in handling e-mail security and his firm has been actively involved in creating viable solutions to tackle this problem.
“SPAM, e-mail spoofing, mail relay abuse and multiple other e-mail security threats have become major issues and it is very difficult for organizations to find an affordable solution to meet all their requirements,” Baig said. “A normal trend is to buy products from many vendors, then install them on the network and generally still keep on having the problems due to inadequate implementations.”
He continued, “Understanding the e-mail threats and then defining an appropriate solution with equal emphasis on people, process and technology is the key to success. I am not discounting the efforts of international security firms but for example when we developed our SPAM filtering technology we were very focused on minimizing any chance of false positives. In that there is a very important role of people and process. Furthermore we used our own proprietary technology, which was developed with input from our clients. These included Saudi financial institutions, which tend to have some of the most demanding network security requirements. All the components of Secure MailMatrix are part of one corporate e-mail firewall so everything works together seamlessly to control any company’s e-mail system.”
IT Matrix is already implementing its Secure MailMatrix on networks in Saudi Arabia and the firm has been approached by Encode, a Greece-based network security firm, to begin marketing this corporate e-mail firewall in Europe.
“Companies are starting to realize that they must move from simply trying to protect themselves from network attacks to now detecting problems and responding accordingly,” said Harris Eliopoulos, managing director, Encode. “Organizations are moving to investing more in internal network security while managing the network perimeter effectively. Secure MailMatrix is responsive to the requirement for both internal security and perimeter control.”
Eliopoulos explained that in the Middle East, companies have been behind in the area of network security and only now are they putting security in place. This has enabled Middle East firms to implement network security in a more successful, cost-effective manner and that is why there was an immediate demand for a solution such as Secure MailMatrix.
“There is a little bit of difference between the Middle East market and the Greek market in regards to security. The Middle East market has approached network security in a more structured way,” Eliopoulos said. “Organizations in the Middle East tend to build the security framework as well as the technology infrastructure so they need a product such as Secure MailMatrix that is applicable to both. In Greece managers have bought products and created the network infrastructure first and only then have they developed the security framework or security organization for the company. So the Middle Eastern market is clearly doing things in a correct way.”
There was a lot of interest in IT Matrix’s corporate e-mail firewall in part because it was developed in a Saudi Arabia, taking in the concerns of firms outside the US borders. Eliopoulos made it clear that in the post-Sept. 11 world, network security issues definitely benefit from a wide range of international input.
“It has been important for us to have speakers from many countries at this conference because we see that network security issues are the same everywhere in the world, but the approach to manage them is often different,” Eliopoulos remarked. “We would be very interested in being a part of IT security conferences in the Arab world so we can share experiences. It is important that experts from many different geographies have the opportunity to speak at conferences, not just experts from the US or other large countries.”
Baig picked up the thread of this discussion.
“We know that small countries can’t impact the bottom lines of international IT security firms in the same way larger nations can,” he concluded. “This does not mean that their network security concerns are any less important or valid. If network security professionals from smaller geographies work together, the possibility is much higher that they will develop solutions and solve issues in ways suitable to their situations. Most of the large internationals have just one-man marketing offices in smaller geographies. It is difficult to see that a salesman will add value or provide inspiration in solving our real network security concerns.”
