The Outsourcing Outlook Forum organized by Dubai Outsource Zone a member of TECOM focused on how regional businesses can harness new outsourcing technologies and strategies to improve business value whilst understanding the information and cyber security implications. Uniting the entire outsourcing ecosystem, including regional businesses, BPO companies and solution providers, the forum discussed how innovative technologies, centralised business processes and transparent business partnerships can work together to achieve operational efficiencies and cost effective business practices. The forum focused primarily on customer centric industries – banking, insurance, telecommunications, travel and consumer brands. The ultimate purpose of the event was to facilitate the creation of new business partnerships that will benefit the sector and transform the Middle East into a global outsourcing hub.
Shah Sheikh, Co-Founder and Sr. Security Consultant at DTS Solution and Co-Founding Member of Cloud Security Alliance UAE Chapter was invited to speak at the Outsourcing Outlook Forum with the specific objective to address the growing concerns of information and data security, privacy and industry regulations in relation to the outsourcing business stream.
The presentation gave an insight into how IT managed services business vertical has developed and matured over the last five years with new offerings that include cloud based services within the UAE. As more and more organizations turned to managed IT service providers looking to offset OPEX costs it has enabled this market segment to grow significantly over the last few years. With both incumbent service providers in UAE - Etisalat and Du now offering cloud services such as Email and Hosted Website include Platform and Infrastructure as a Service, the attention turned to new cloud service providers (CSP) offering VDI as a Service, Backup and Storage as a Service, ERP as a Service in the form of Software as a Service Cloud Service Model.
Shah Sheikh mentioned "Enterprises in the UAE tend to outsource back-office operations such as HR, Payroll and Accounting, Desktop and Server support. Such outsourcing strategic decisions are easy to make at the boardroom but outsourcing information security is completely a different talking point. We often find the organizations that tend to outsource information security services lack the legal and contractual controls and framework to ensure their businesses continue without being impacted by a cyber attack or breach. We have seen in the industry over the last few years that majority of organizations that do experience a major security breach results in direct consequences at the boardroom level however the 3rd party information security provider delivering security services get away scot-free. The point here is you can outsource information security but you cannot outsource your enterprise risk. There just isn't enough provision around insurance and risk transference in legal terms and this needs to be looked at for the outsourcing business model to be successful".