Connect with us

Tech Interviews

Protecting Each Device is Difficult

Published

on

Vulnerable urban futurism technologies are not only fair game for mischievous hackers but also crime groups and hostile nation states, warns Steve Hicks, Head of Global Sales, BullGuard in a discussion with VAR.

Q1. Smart homes are central to Internet of Things (IoT) which makes them susceptible to cyber-attacks. How can smart homes also be made safe homes?
A1. It’s difficult to protect each individual device. This places too much onus on the owner if they, for instance, have six or seven smart devices in the home. Even well-known brand devices have proved to be vulnerable to hacks while many mass-produced devices have really poor protection such as default passwords and admin details.

Protecting all devices in a home requires time and technical insights that most people don’t have. These include looking for firmware updates and keeping an eye on network traffic to see if something is leaving or entering the network that shouldn’t. What is required is an overarching protection that starts at the network router, monitors all devices on a network simultaneously and also monitors network traffic. Fused with artificial intelligence, machine learning and cloud-based security, this level of protection acts like a security blanket thrown over the home. It can identify and stop attacks in real time and assess the security status of new devices when they are attached to the smart home network.

Q2. Malware is one of the most common methods of stealing personally identifiable customer information. What can be done to protect unsuspecting customers from falling victim to such attacks?

A2. It’s a fundamental step but people need to use good antivirus software that uses both signature and behaviour-based detection. Signature-based detection takes care of the millions of known malware variants while behaviour-based detection identifies zero-day malware and stops it in its tracks as it tries to penetrate computers. Another important point is the need for awareness about email-based phishing attacks. This is a popular route for hackers and people need to be aware that emails requesting sensitive personal information such as payment card numbers, or providing links to web pages that also request personal information are scams designed to extract important financial information.

Q3. Data breaches are at an all-time high. What must businesses do to ensure protection of sensitive customer data?
A3. In addition to having fundamental security technologies in place businesses must adopt a zero-trust model across the entire enterprise, which in turn informs how they protect sensitive customer data. This is a ‘never trust, always verify’ approach. This then protects against a wide range of existing and evolving threats. For instance, under this model those responsible ask questions such as ‘is this third-party script on our website secure or can it be exploited by hackers?’ This detailed questioning approach requires investment but it makes all the difference as to whether sensitive data is stolen or kept safe.

Q4. With internet becoming ubiquitous, more and more kids are getting online. What precautions can parents take to ensure their kids’ safety online?
A4. Education and parental tools enable discreet monitoring of what children are doing online. Children receive cyber security training on stranger danger at school and it does no harm to reinforce this at home. One of the more disturbing perils is if children stumble across inappropriate content which can have an adverse impact on developing minds. Unhealthy peer pressure, social media bullying and posting risqué images are also important things to look out for. This is where parental controls are very helpful.

Q5. In the wake of urban futurism, what is the basic security hygiene that businesses and customers alike must maintain?
A5. Urban futurism is a short phrase for such big topic covering everything from
renewable energies, all kinds of web technology, blockchain, tactical urbanism, decentralised networks, autonomous cars and a lot more. People are getting excited at the potential of new technologies whether its town planners, civic designers, power companies and so on. However, to ensure basic security hygiene after asking the question ‘what can this technology do?’ a follow up question is required: ‘is it secure or is it vulnerable to hacking? And if so, how?’ This is less a requirement and more of an attitude. Without this questioning stance we are going to see an awful lot of new tech implementations that are ripe for hacking. And it’s not just singular devices we are talking about, it’s also about the networks they sit on and how these networks can be exploited.

Continue Reading

Tech Interviews

BUILDING TRUST IN THE AGE OF AUTONOMOUS AI

Published

on

Exclusive interview Bilal Baig, Vice President, Solutions Engineering, TrendAI™️

Your keynote focuses on the 2026 cybersecurity threat horizon. What are the biggest shifts enterprises should be preparing for over the next 12 to 18 months?

There are three shifts that enterprises need to prepare for urgently. The first is the governance of agentic AI. Agentic AI is moving into the mainstream, and every AI agent introduced into an enterprise environment effectively becomes a new identity. As organisations begin deploying hundreds or even thousands of agents, they will need clear controls around ownership, permissions, accountability, and response. In my view, this will very quickly move from a best practice to a compliance requirement.

The second is visibility. AI has expanded the enterprise attack surface almost overnight. We used to talk about shadow IT; today, we are dealing with shadow AI. Many organisations do not have a clear visibility of who is using AI, which tools are being used, what data is being shared, or whether AI projects are being built with the right governance in place. Establishing visibility of that attack surface thus becomes essential.

The third is vulnerability prioritization and virtual patching. With AI accelerating vulnerability discovery, organisations will face a growing volume of exposures that cannot all be patched immediately. The challenge will be knowing what to prioritise and how to protect critical systems while remediation is underway. This is why virtual patching is becoming relevant again.

Finally, we will see agentic capabilities become more central to defense. If attackers are using agentic AI, defenders will also need AI-powered, agentic security operations across areas such as SIEM, SOAR, detection, and response.

Across our industry these are the shifts that become extremely important over the next 12 to 18 months

A big part of “what’s coming” is agentic AI moving into production. When an autonomous agent can take actions, call tools, and talk to other agents, what new attack surfaces open up that legacy defences were never built to see?

The biggest change is that the attack surface is no longer limited to data, applications, and infrastructure. Enterprises now also need to govern the agents themselves.

Cybercriminals are already using agentic AI to make attacks more scalable and targeted, with different agents handling reconnaissance, phishing, coordination, and data analysis. At the same time, enterprises are introducing autonomous agents that can call tools, access systems, and communicate with other agents. That creates a new layer of risk.

For example, if one agent does not have permission to complete a task, it may interact with another agent that does. Without the right governance, that can bypass traditional security boundaries. The risk is not always intentional or malicious. An agent may simply be trying to complete its assigned goal, but in doing so it can drift into behavior that creates security, compliance, or data exposure risks.

This is why we need stronger governance around agent-to-agent communication. Enterprises need to understand what each agent is allowed to do, what identity it uses, which systems it can access, and who is accountable if something goes wrong. We should think of every agent almost like a new employee: it needs onboarding, permissions, supervision, and accountability.

Agent-to-agent interaction and data integrity are emerging as core risks. Technically, how do you secure trust between autonomous agents, and stop a compromised one from cascading across a workflow?

The first principle is that AI security has to be layered. It cannot start and end at the agent level. Enterprises need controls across the full AI stack, from infrastructure and microservices to LLMs, agents, applications, and data flows. If any one layer is compromised, it can affect the integrity of the wider workflow. This is particularly important as AI-native applications increasingly depend on multiple models, services, APIs, and agent interactions.

The second priority is controlling how agents communicate with each other and with enterprise systems. That means applying guardrails to inspect prompts, responses, behavior, permissions, and outputs in real time. It also means monitoring agent-to-agent communication so that a compromised or misdirected agent cannot collapse across a workflow unchecked. In short, every layer of the AI ecosystem requires its own security controls.

There is no single magic solution that can secure the entire AI environment. Effective security requires layered capabilities across AI guardrails, governance, LLM security, and backend security. At TrendAI™, we combine these capabilities as we work with partners such as Anthropic and NVIDIA to help organizations secure AI from development through deployment.

Most enterprises are layering agentic AI onto existing infrastructure rather than building greenfield. From a solutions engineering standpoint, where do the security gaps typically appear in those hybrid deployments?

The most common gap is visibility. An organization may officially approve one AI tool, but employees and teams may still be using others across the business. That creates a fragmented AI environment where security teams may not know which models are being used, what data is being shared, or whether those tools are sanctioned. This is where the core issue lies.

Once visibility is established, the next challenge is control. Enterprises need to define what each AI system is meant to do, how it should interact with users and systems, what malicious input looks like, and what type of output should be blocked. . Most of the newer top-tier models have some form of AI security guard built in, but the mid-tier models that many organisations rely on do not have those controls.

The issue is not that organisations are moving fast. Innovation should continue. The risk is moving AI projects into production without the right security checks. The better approach is to establish an AI security blueprint and production gates, so that AI applications, LLMs, agents, data flows, and backend systems are assessed before they go live.

Visibility keeps coming up. What does observability actually look like for autonomous systems and how do you monitor and audit decisions an agent makes with no human in the loop?

Observability for autonomous systems has to work across multiple layers. At the first layer, you need visibility into the agent itself – where it is running, what it is doing, and which systems it is interacting with. At the second layer, you need visibility at the gateway level, where communication moves between users, agents, applications, and LLMs. At the third layer, you need visibility into local or enterprise-hosted LLMs, including how they connect to internal systems, data sources, and services. Together this gives you visibility of how an AI whether a chatbot agent or an autonomous agent communicates with the various backend services it draws data from, including on-prem LLMs and how MCP servers are integrated across the ecosystem.

This also extends to internal LLM projects and public AI services such as OpenAI, where guardrails are needed to monitor usage and reduce risk. With TrendAI™, organisations can identify which AI tools are sanctioned or unsanctioned, user interactions, agent behavior, prompt activity, data movement, and potentially malicious commands. Without this level of observability, organisations cannot properly govern autonomous systems.

For auditing, the starting point is a clear blueprint. Every agent should have a defined role, expected behavior, access permissions, and decision framework. In an AI development lifecycle, for example, agents may generate code, test it, scan for vulnerabilities, and prepare it for commit. But the process still needs checkpoints, audit trails, policy enforcement, and human review at critical stages.

The goal is not to slow AI down but to make autonomous activity measurable, auditable, and accountable. Without those checks, agents can create operational, security, and even cost risks, including excessive token consumption or actions that were never intended by the business.

For an organisation just starting to deploy agentic AI, what’s the advice you would give them to first set-up on the security side and to be aware of the most common early mistake that organisations make?

My advice is to start with an AI security blueprint before moving anything into production. Organisations should first define the use case, expected outcome, the systems the AI will interact with, the data it can access, and the controls required across the lifecycle. Security cannot be treated as an afterthought. It has to be built into the design, development, deployment, and monitoring of every AI-native application.

At TrendAI™, we help organisations secure the full AI lifecycle, from defining the use case and building the AI system to deploying it safely into production and governing it once it is live. This is where TrendAI Vision One™ plays an important role, providing an AI security blueprint that gives organisations visibility into which AI tools are running, which are unsanctioned, where AI is being used, and what risks or attacks may be emerging. It also helps monitor user activity, agent behavior, security posture, rate limits, and token consumption, enabling organisations to put the right guardrails in place before deployment and maintain control as AI scales across the enterprise.

The most common mistake is rushing to production without visibility or governance. Many organisations move quickly because the business pressure around AI is high, but they only revisit security after something goes wrong. The better model is to put production gates in place from day one, so AI can scale safely without creating unmanaged risk.

Continue Reading

Tech Interviews

NETWORKS MUST EVOLVE BEFORE AI CAN SCALE

Published

on

Rohit Chowdhary, Head of Advanced Consulting Services at Nokia, sat down with The Integrator to share insights into the company’s vision for enabling the AI Supercycle. He outlined how Nokia’s end-to-end portfolio spans everything from AI-ready connectivity and energy-efficient 800G data centre networking to intelligent, self-optimising home Wi-Fi experiences powered by AI.

A key focus of the discussion was Nokia’s shift from strategic advisory to real-world execution through its dedicated Automation Excellence Practice, helping operators translate ambitious transformation roadmaps into measurable outcomes. The conversation also highlighted the growing importance of integrated, intelligent and secure networks that can support rising AI workloads, eliminate infrastructure bottlenecks and unlock tangible business value, while maintaining the highest standards of security, privacy and resilience

Could you begin by telling us about your role at Nokia and the journey that brought you here?

I lead Nokia’s Advanced Consulting Services business across Europe, the Middle East and Africa. My journey with Nokia spans nearly seventeen years, beginning at a time when consulting was largely focused on network transformation initiatives. Over the years, I have worked closely with operators around the world on transformation programmes, analytics adoption, customer experience management and digital modernization.

As the industry evolved, so did our consulting focus. Following the Nokia and Alcatel Lucent merger, we established what is today known as Advanced Consulting Services. The organization now spans several domains, including Security, Business monetization, Cloud and Technology transformation, Autonomous Networks, and Data & AI.

More recently, we launched an Automation Excellence Practice. The idea was simple. Customers often appreciated our strategic blueprints but needed practical expertise to implement them. Today, we have specialized engineers who combine telecom expertise, AI capabilities and software development skills to turn strategic visions into real automation pipelines, AI-driven workflows and production-ready use cases. Our role is to help customers move from concept to measurable business outcomes.

Nokia is often associated with connectivity, but the company is increasingly talking about AI readiness. How does Nokia’s infrastructure portfolio support this transition?

AI is creating what we describe as an AI Supercycle. It is transforming everything from data centres and cloud infrastructure to network architectures and edge computing. Supporting this shift requires a complete ecosystem rather than isolated technologies.

Nokia’s portfolio addresses this across multiple layers. On the network side, we continue to innovate in radio technologies, including AI-RAN capabilities developed alongside strategic partners such as Nvidia. We also have a strong optical networking and IP portfolio that enables the high-capacity connectivity required between data centres, edge locations and cloud environments.

One area that excites me is our innovation in data centre networking. We are introducing highly efficient coherent optical technologies and advanced switching platforms that significantly reduce infrastructure footprints while improving performance and energy efficiency. These innovations are becoming increasingly important as organizations invest in AI factories, AI grids and large-scale inference environments.

Beyond connectivity, we also provide intelligent automation layers through our Autonomous Networks platforms, enabling operators to manage complex, multi-vendor environments more efficiently and intelligently.

What are some of the biggest infrastructure bottlenecks you see operators and enterprises facing as AI adoption accelerates?

One of the biggest challenges is understanding that AI infrastructure is not just about compute power. Organizations often focus heavily on GPUs and processing capabilities, but connectivity can quickly become the limiting factor.

You can deploy the most powerful AI infrastructure available, but if the network cannot support the required data movement between racks, data centres and edge locations, performance suffers. This is where intelligent networking becomes critical.

At Nokia, we are helping customers design what we call AI-ready connectivity. This includes high-capacity optical networking, intelligent routing and the seamless interconnection of compute environments. As AI workloads become increasingly distributed, the ability to move data efficiently becomes just as important as the ability to process it.

On the consumer side, Nokia has been showcasing AI-driven Wi-Fi management capabilities. How does this improve the end-user experience?

The home network has become far more complex than it was a few years ago. Consumers expect flawless connectivity across multiple devices, applications and services.

Our AI-enabled Wi-Fi solutions continuously monitor network performance and user experience. They can identify coverage gaps, detect congestion, analyze interference patterns and even recommend or automatically implement corrective actions.

The goal is to create a self-optimizing network environment where many issues can be resolved autonomously before they impact the user. This reduces support requirements for service providers while delivering a more consistent and reliable experience for customers.

The Middle East is witnessing an unprecedented surge in data centre investments. How do you see this shaping Nokia’s opportunities in the region?

The Middle East has emerged as one of the most dynamic markets globally for AI infrastructure investments. Governments and enterprises are actively investing in sovereign AI capabilities, advanced data centres and digital ecosystems.

This creates significant opportunities, not only for Nokia but for the broader technology industry. The success of these initiatives depends on having secure, scalable and efficient connectivity between compute resources, cloud environments and end users.

Our role is to help customers build these foundations. Whether it is data centre interconnectivity, optical networking, intelligent routing or autonomous operations, Nokia’s technologies are designed to support the scale and performance requirements of AI-driven economies.

As data volumes continue to grow, security and data sovereignty are becoming increasingly important. How is Nokia addressing these concerns?

Security is deeply embedded into Nokia’s strategy and innovation roadmap. As a European technology company, trust, resilience and security have always been fundamental principles in how we design and operate our solutions.

While we continue to invest heavily in AI innovation, we are equally focused on strengthening security capabilities across our portfolio. This includes advanced network security architectures, AI-driven threat detection and preparations for future technologies such as quantum-safe networking.

We are actively engaged with industry bodies, standards organizations and ecosystem partners to help define the next generation of secure digital infrastructure. As AI becomes increasingly pervasive, security must evolve alongside it, and that is an area where Nokia continues to invest significantly.

Looking ahead, what excites you most about the future of AI-driven networks?

What excites me most is the convergence of AI, automation and connectivity. Networks are evolving from passive transport layers into intelligent platforms that can learn, adapt and optimize themselves.

The future will be defined by autonomous operations, AI-native networks and real-time decision-making at scale. Organizations that successfully combine these capabilities will unlock entirely new business models and levels of operational efficiency.

For us, the opportunity is not just about deploying technology. It is about helping customers transform the way they operate, innovate and create value in an increasingly AI-driven world.

Continue Reading

Tech Interviews

Securing the Future of Enterprise AI: WSO2’s Middle East Strategy

Published

on

Exclusive interview with Uday Shankar Kizhepat – Vice President and General Manager for ME

How is WSO2 sailing through in the region amidst the uncertainty?

The Middle East continues to be one of the most dynamic technology markets globally. While there is uncertainty in the broader geopolitical and economic environment, we see that organizations across the region remain committed to their digital transformation programs and continue to invest in the areas of API modernization, application integration, Identity and access management, data connectivity, cloud transformation and AI enablement. This is because digitization is now a business necessity rather than a discretionary investment.

For WSO2, this has translated into continued demand for solutions that help enterprises modernize systems, securely manage digital identities, integrate increasingly complex technology landscapes, and adopt AI responsibly. We are seeing particularly strong interest from government, financial services, telecommunications, and energy sectors, where organizations are focused on improving operational agility while maintaining security, compliance, and resilience.

Any new products / solutions that have been introduced for the region?

One of the most significant developments for us is our vision for the Agentic Enterprise and the introduction of WSO2’s Agentic Enterprise Fabric. Rather than treating AI as a standalone capability or bolt-on feature, we have embedded AI capabilities into the very fabric of our platform.

The Agentic Enterprise Fabric enables organizations to securely connect data, APIs, applications, identities, and AI agents across the enterprise. This creates a foundation where intelligent agents can operate with the right context, governance, and security controls while delivering measurable business outcomes.

The WSO2 Agent Manager is an open platform for the full life-cycle of enterprise grade AI agents. The WSO2 AI gateway helps in governance by monitoring the usage, applying guardrails, optimizing costs & exposing APIs as MCP tools so that AI agents can safely interact. The WSO2 agent ID helps to register, authenticate, authorize and audit AI agents as first class identities.

This approach is resonating strongly in the Middle East, where organizations are moving beyond AI experimentation and looking for scalable, enterprise-grade AI implementations that can be governed and integrated into existing business processes.

What are the key solutions that have kept WSO2 ahead of its other competitors in the region?

Our differentiation comes from helping customers address  key critical challenges simultaneously: APIs, integration, identity, and AI adoption.

Our API management platform helps companies ship, govern and monetize APIs, AI and MCP across any gateway or any cloud. Our integration capabilities enable organizations to connect legacy and modern systems quickly, helping accelerate digital initiatives.  Our identity and access management solutions provide the security and trust layer needed for large-scale digital services. Last but not the least, our Agentic Enterprise Fabric brings AI into the core of the enterprise architecture rather than layering it on top as an afterthought.

All of this combined with our open-source heritage, flexible deployment options, and ability to support sovereign cloud and hybrid environments, gives  customers the freedom to innovate with zero lock-in. This flexibility is critical in the Middle East region, where organizations increasingly prioritize digital sovereignty, data control, and long-term technology independence.

What are your plans for the coming few months in the region?

Our commitment to the growth and development of the Middle East region remains. We have just completed registering our office in KSA which reiterates our focus on deepening our engagement with customers and partners across the GCC and wider Middle East. We are investing in helping organizations move from AI pilots to production-ready deployments, while continuing to support large-scale modernization and digital transformation initiatives.

We also plan to strengthen our partner ecosystem, expand our presence in key markets, and work more closely with organizations pursuing digital sovereignty initiatives. As governments and enterprises accelerate their AI and digital agendas, we see significant opportunities to help them build secure, connected, and intelligent digital platforms for the future.

What’s your anticipated growth for the digital / tech sector in the coming few years?

The outlook remains very positive and we are optimistic. Over the next three to five years, I believe the region will move from digital transformation to intelligent transformation, where AI becomes embedded in core business operations rather than existing as isolated applications. Organizations that successfully combine AI with strong integration, identity, governance, and data foundations will be best positioned to create sustainable competitive advantages.

This shift will create significant opportunities for technology providers, system integrators, and enterprises alike.

Continue Reading

Trending

Copyright © 2023 | The Integrator