Have a question? +971 56 404 0503
Uncategorized
SHADOW DATA: A HIDDEN RISK IN THE GULF
By Yazen Rahmeh, a Cybersecurity Expert at SearchInform
Digital transformation across the UAE and Saudi Arabia brings new opportunities and prospects for enhancing efficiency and growth. However, it also causes new challenges to data protection. As digital environments expand, data spreads across endpoints, cloud storage, and internal environments, escaping oversight by security and compliance teams.
This is shadow data, and it may be one of your organization’s most underestimated risk.
What Is Shadow Data?
Despite all efforts, some business data can be stored and processed outside official IT systems. As a result, a company won’t even know that such datasets exist.
There are a lot of reasons behind the creation of shadow data. Basic examples are:
- Files stored in personal accounts. An employee can send important files to personal email or cloud storage “just in case.”
- Access to corporate data from personal devices. A person can log in to corporate cloud services from a personal tablet or laptop. As a result, sensitive documents can be downloaded to a personal device. This usually happens when someone is working overtime or wants to keep important files readily available.
- Unaccounted copies of sensitive data. An employee can simply copy and paste records from a CRM system or a customer spreadsheet into a file on their workstation. As a result, sensitive data may bypass security controls, increasing the risk of data leakage.
- Some business units can adopt SaaS services without oversight. Employees usually do it to boost their productivity or if whitelisted tools are perceived as slow or bulky.
- Test datasets and temporary databases. Sometimes confidential data can duplicate during migration from one service to another or if developers use production data for test or development environments.
These examples may seem abstract, but the recent Cybersecurity and Infrastructure Security Agency (CISA) data leak shows that shadow data is a real-world threat.
The leak reportedly originated from a contractor’s GitHub repository, which was being used as a working scratchpad. The repository exposed various sensitive records, including AWS keys and plaintext passwords for internal CISA systems. An individual had simply copied sensitive data to make their work more convenient. To do so, the contractor disabled GitHub’s default security setting that prevents users from publishing secrets in public repositories.
Why Shadow Data Is a Business Risk
Increased Risk of Data Leaks
Consider a common scenario: an employee stores confidential data on a personal laptop or cloud service. As a result:
- Sensitive records could be stolen via phishing or malware, as the laptop isn’t protected by enterprise-grade security controls.
- An employee could share the laptop with other individuals. Shared devices increase the risk of data exposure.
- Unauthorized cloud backups. An employee may configure automatic file backups to a cloud service. As a result, sensitive data can leave the protected perimeter and be duplicated in cloud storage, increasing the risk of unauthorized access or data leakage.
That’s how a small and seemingly irrelevant piece of ungoverned data could lead to a major incident. In fact, in 2024, one in three data breaches involved shadow data, according to IBM’s Cost of a Data Breach 2024 report.
One of the most recent cases of data leaks, involving shadow data, is the Abu Dhabi Finance Week exposure. An independent researcher discovered unsecured cloud storage with ID details.
Event representatives stated that only the researcher accessed the data and that the incident affected a limited number of participants. According to them, the issue was caused by a misconfigured cloud storage system managed by a third-party provider.
The incident is the perfect example of shadow data, as the data was copied outside of secured corporate infrastructure and had been left unmanaged.
Regulatory Pressure
Shadow data also presents compliance risks. When using a cloud service, it is essential to verify the geographic location of the data center where the data is stored. Data could be stored at a data center in a different country if you didn’t specify a server location.
As a result, if shadow data includes confidential records such as customer details or transaction records, it will be transferred and stored abroad. From a legal perspective, such misconfiguration is a cross-border transfer and lead to regulatory fines for violations of data protection regulations.
Saudi Arabia’s Personal Data Protection Law dedicates a lot of attention to data residency and cross-border transfers. Organizations, especially in regulated sectors, such as financial institutions, may be required to store certain categories of data within the Kingdom. Companies may need regulatory approval before transferring data to foreign data centers to avoid penalties.
Emirati businesses have less strict conditions for cross-border data transfers. However, there are limitations for banking, payments, healthcare, and telecom organizations and governmental entities. Companies from these industries must store confidential data, such as health records, payment transactions, and customer data, within the country.
Lack of visibility equals lack of control, and regulators do not accept invisibility as an argument.
How to Bring Shadow Data Under Control
Eliminating shadow data entirely is unrealistic. The goal is to make it visible and manageable without slowing down the business.
A Practical Starting Checklist
- Discover regulated data, especially data subject to local PDPLs requirements, cybersecurity frameworks issued by National Cybersecurity Authority in the KSA, and Information Assurance Regulation by TDRA in the UAE. It is essential to identify all information that qualifies as confidential and valuable, incl. unaccounted copies of such data.
- Map where this data is actually stored and shared, not just where it should be. Sensitive data can be stored on-prem or in cloud environments. Look for data discovery solutions. Ideally, choose a solution that combines data discovery and data classification, like DCAP software.
- Classify files & distribute access rights. Use specialized tools to analyze file content and classify it in accordance with a local classification scheme. The next step is to assign user access rights to sensitive data based on employees’ roles and responsibilities.
- Control data transfer channels, including cloud storage, SaaS tools, and USB-devices. Use DLP systems to prevent unauthorized spread of sensitive data. Advanced DLP solutions monitor cloud services, as well as traditional channels, such as email or web browsers.
Conclusion
Data protection is not a one-time initiative. It is an ongoing discipline. Security achieved today must still hold tomorrow — and next year.
Organizations that treat data security as a strategic investment, rather than a compliance obligation, build resilience, regulatory confidence, and long-term business stability.
Shadow data may be invisible. But its consequences are not.
By Kalpesh Khakhria, Group Chairman at Klay Group
Everyone in the wealth management industry claims to offer “personalisation.” Yet, for most traditional institutions, it remains a hollow buzzword, a superficial exercise of sorting investors into predefined “conservative” or “aggressive” risk boxes. This transaction-led and product-pushing model is fundamentally broken for today’s ultra-high-net-worth families, whose lives, businesses, and assets span multiple global jurisdictions. Real personalisation is a structural necessity that requires a radical overhaul of how advice is delivered.
We are operating in an era where wealthy families are building complex, cross-border portfolios. A business might be headquartered in the GCC, hold properties in Europe, and have beneficiaries residing across continents. The most critical point is “What does this capital need to achieve across generations?” Traditional banking silos, driven by high client-to-advisor ratios and transactional commissions, simply lack the agility and independence to answer this effectively.
While personalisation is a growing trend across the broader service industry, in wealth management, it has become the new currency. It is the primary driver of growth and retention, shifting the industry standard from generic products to trust-based, tailored advice. The future of wealth management will be exclusively influenced by trust and deep customisation. True personalisation relies on two specific, uncompromising differentiators: structural independence and relationship-plus-data intelligence.
First, it is impossible to fully understand a family’s cross-border tax realities, liquidity needs, or succession plans if an advisor manages multiple different accounts. Personalisation requires time and undivided attention. That is why boutique advisory models that deliberately cap an advisor’s roster, such as limiting it to just 20 families, are so critical. By removing the pressure of aggressive sales targets and replacing transaction-led commissions with a transparent advisory fee structure, advisors gain the freedom to ask the “why” behind a client’s wealth. This structural independence aligns the advisor’s interests directly with the client’s long-term outcomes, enabling the advisor to act as a true partner.
Second, modern personalisation demands the seamless integration of advanced financial technology. We have entered the era of “Wealth 3.0,” where artificial intelligence and data analytics are fundamentally changing how the industry forecasts risk and segments clients. AI must be utilised to codify a family’s complex constraints, such as multi-currency exposures, jurisdictional rules, and legacy holdings, into actionable, real-time portfolio adjustments and proactive stress testing.
However, the industry must draw an uncompromising line between automation and autonomy. While AI powerfully accelerates scenario analysis, it cannot replace the human connection. The nuanced human judgment, discretion, and contextual understanding required to navigate complex, multi-generational wealth remains absolutely irreplaceable. Technology provides the speed and the insight, but seasoned human strategists must retain ultimate autonomy to ensure that personalisation scales without compromising suitability or compliance.
Wealth management today must transcend simple market timing. It is about actively building multi-generational partnerships. The families that succeed over time are those who partner with independent advisors who are unconditionally in their corner. By combining bespoke human expertise with cutting-edge data intelligence, true personalisation transforms wealth from a static collection of assets into a powerful, coherent legacy that thrives across generations.
As summer routines shift across the UAE, Zahra’s Kitchen, the UAE homegrown premium food brand, is encouraging consumers to rethink convenience food with simple, flexible meal ideas designed to make everyday eating easier, more flavourful and less time consuming. The seasonal guide comes as the brand expands its ready meal range with three new additions and prepares to launch a limited edition single-portion collection exclusively on Noon Minutes this summer.
Created for busy everyday routines, Zahra’s Kitchen offers handcrafted ready meals, snacks and nibbles inspired by comforting recipes and familiar flavours. Made using responsibly sourced ingredients, with no artificial additives or preservatives, products are frozen at peak freshness to help preserve flavour, texture and nutritional value, while offering greater ease, flexibility and variety throughout the week.
This summer, the brand is spotlighting one of the simplest ways to approach mealtimes at home. One ready meal does not need to mean one meal. Instead, Zahra’s Kitchen is sharing how its dishes can become the starting point for multiple meal ideas, helping consumers create more variety with less effort.
Simple ways to rethink summer meals include:
- Beef Bolognese: Serve with pasta for an easy dinner, or turn it into lasagne, pasta bakes, stuffed vegetables or eggplant fattah.
- Chilli Con Carne: Use as a base for tacos, enchiladas, nachos, rice bowls or loaded baked potatoes.
- Butter Chicken: Pair with rice and naan, or fold into wraps, flatbreads, sandwiches and pizzas for a quick lunch or casual dinner.
- Plant-Based Sweet Potato and Chickpea Red Curry: Enjoy on its own, or serve alongside grilled fish, chicken or vegetables for an easy summer meal.
The expanded ready meal range now includes Lentil Soup, Chicken Freekah and Plant-Based Sweet Potato and Chickpea Red Curry, joining customer favourites including Beef Bolognese, Butter Chicken, Beef Meatballs, Chilli Con Carne and Basmati Rice.
Currently available in two-serving portions, the ready meal range has been designed to offer flexibility, value and multiple meal occasions. The upcoming limited edition single-portion range, launching exclusively on Noon Minutes this summer, has been developed for consumers looking for greater flexibility during busier days.
Alongside its ready meal collection, Zahra’s Kitchen also offers a range of snacks and nibbles rooted in Middle Eastern flavours and entertaining traditions, including Musakhan Rolls, Beef Kibbeh, Falafel and Spinach Puff Bites. Ideal for sharing platters, lunchboxes, family gatherings, casual hosting or everyday snacking, the range reflects the same commitment to quality ingredients and ease.
Zahra’s Kitchen is available through Talabat Mart, Noon Minutes, Kibsons and selected retail partners across the UAE.
Lucky Voice Goes Full Michael Jackson This Summer
Lucky Voice, the iconic karaoke and entertainment venue at Grand Millennium Hotel Dubai, is dedicating the first half of June to the one and only King of Pop. Kicking off with a midweek open mic night on the 10th, building through a glittering Friday night party on the 12th, and closing out with a legendary themed brunch on the 13th, three days of non-stop Michael Jackson magic await.
Whether you’re stepping into the spotlight at the mic or raising a glass over a three-hour brunch, Lucky Voice has crafted three distinct experiences that celebrate the greatest entertainer of all time.
The Experiences
Open Mic: MJ Week — Wednesday, 10th June
The MJ takeover begins on Wednesday evening with Lucky Voice’s Open Mic night, reimagined in full King of Pop fashion. This is your chance to take the stage, choose your favourite Michael Jackson track, and own it. With an electric crowd and a venue dressed for the occasion, even the shyest singer will find their inner MJ. As part of the celebration, guests can compete for the title of best Michael Jackson impersonator or performer, with the winner receiving a brunch for two voucher.
Details at a glance: Date: Wednesday, 10th June, 8 PM – 1 AM | Venue: Lucky Voice, Grand Millennium Hotel Dubai
Summer Bash Party — Michael Jackson Edition, Friday 12th June
Two days later, Lucky Voice turns up the energy for its Summer Bash Party, Michael Jackson Edition. From 8 PM onwards, the venue transforms into a full-on MJ celebration, with a DJ spinning all of Michael Jackson’s greatest hits and keeping the dance floor alive all night.
With ladies’ packages starting at AED 99 and gentlemen’s at AED 250, this is one of the most accessible nights out on the Dubai social calendar and easily one of the most unforgettable.
Details at a glance: Date: Friday, 12th June | Timings: Starting from 8 PM | Venue: Lucky Voice, Grand Millennium Hotel Dubai | Price: AED 99 per lady | AED 250 per gentleman | Includes: 3 hours unlimited food & drinks, Live DJ
Retro Rewind: Don’t Stop ‘Til You Brunch Enough — Saturday 13th June
The weekend closes with a brunch that dares you to sit still. Retro Rewind: Don’t Stop ‘Til You Brunch Enough is a Michael Jackson-themed afternoon experience running from 1 PM to 4 PM, where unlimited food and drinks are paired with open mic karaoke, a live MC, and a DJ spinning nothing but classic MJ hits. It’s equal parts feast and performance, and entirely impossible to leave without singing at least one song.
Guests can choose from three beverage packages: starting at AED 195 for unlimited soft drinks, AED 275 for unlimited house beverages, or AED 350 for unlimited sparkling, making it easy to tailor the experience to the occasion, whether it’s a birthday, a girls’ day, or simply a Saturday well spent.
Details at a glance: Date: Saturday, 13th June | Timings: 1 PM – 4 PM | Venue: Lucky Voice, Grand Millennium Hotel Dubai | Packages: AED 195 (soft) | AED 275 (house) | AED 350 (sparkling) — all inclusive of unlimited food | Highlights: Michael Jackson theme, open mic karaoke, Live MC & DJ
Grand Millennium Hotel Dubai Hosts Michael Jackson Tribute. Grand Millennium Hotel Dubai presents Lucky Voice Michael Jackson nights, brunch, karaoke, and summer entertainment.
WHY PERSONALISATION IS THE NEW CURRENCY IN WEALTH MANAGEMENT
ZAHRA’S KITCHEN SHARES ITS GUIDE TO EASIER SUMMER EATING IN THE UAE
MOONWALK INTO JUNE
-
News11 years ago
SENDQUICK (TALARIAX) INTRODUCES SQOOPE – THE BREAKTHROUGH IN MOBILE MESSAGING
-
Trending8 months agoOPPO A6 Pro 5G Review: Reliable Daily Driver
-
Tech News2 years agoDenodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
VAR1 year agoMicrosoft Launches New Surface Copilot+ PCs for Business
-
Automotive2 years agoAGMC Launches the RIDDARA RD6 High Performance Fully Electric 4×4 Pickup
-
Tech Interviews2 years ago
Navigating the Cybersecurity Landscape in Hybrid Work Environments
-
Tech News11 months agoNothing Launches flagship Nothing Phone (3) and Headphone (1) in theme with the Iconic Museum of the Future in Dubai
-
VAR2 years agoSamsung Galaxy Z Fold6 vs Google Pixel 9 Pro Fold: Clash Of The Folding Phenoms