DarkMatter has positioned itself in the vendor industry as a global leader in developing smarter, safer and cyber resilient ways of doing business and using technology. The Abu Dhabi-based organization recently launched its latest innovation: the KATIM R01, a smartphone that is as tough on the outside as it is on the inside.
This product was then re-launched at MWC in Barcelona where Telecom Review interviewed Rabih Dabboussi, SVP Sales, Business Development and Marketing at DarkMatter to gain a deeper insight into the business, the services they offer, and the state-of-the-art smartphone that they developed and to discuss industry-wide issues.
DarkMatter has quickly established itself as a global leader in providing enterprises and governments with the ability to become smart, safe and cyber resilient. What do you think it is that ultimately differentiates DarkMatter from other cybersecurity vendors?
There’s no doubt that the cybersecurity aspect of our business’ mission is the root and the DNA of the company. We are currently 4 years old and as we engaged with our clients, we discovered the notion of tech tension which was essentially driven by the digital adoption, the digital expansion.
We live through tech tension ourselves as fathers and mothers and individuals. We like technology, gadgets and tools and we want to use them but at the same time, we think to ourselves “OK, if I do this, what’s going to happen?”
Let’s say I removed my door lock and replaced it with a smart one that features biometrics or even face recognition, and it opens as I walk into the house with my bag. But what if I travel and somebody hacks into it?
The same type of tech tension is happening with our large clients as well. Our job and mission in the past has been to ease that tension by working with them on a cybersecurity framework and transformation that helps ease that tension and make them feel more resilient.
We then realized that there’s a huge digital transformation taking place so we are currently doing both now. I would say that what differentiates us is the fact that we can sit with a client, help them architect a digital transformation piece and weave into it the cyber transformations.
On the cyber service side, what specifically differentiates us is our philosophy that for the past 25 to 30 years we keep doing the same exact thing and keep getting the same exact result. Einstein defined this as madness! We didn’t get different results. Yes, virus scans, firewalls and all the tools that we have been using for the past 25 years were great and they get the job done but they haven’t done enough good to protect us from what we keep seeing happening around us.
So our philosophy as an organization is a complete and holistic cyber transformation program that is not cyclical, it doesn’t just happen every 3 months or 6 months, it is on and ongoing all the time. The monitoring of those controls is always functioning and it tells you when you are not at an acceptable level of security. So that’s just a little insight into our approach. Add to that the fact that we are a technology vendor as well.
One of the proof points of that is our latest technological innovation, the KATIM R01, which is the only ultra-secure rugged mobile available on the market right now. We are very proud to have launched that in Abu Dhabi at IDEX. The UAE is the nation we are from and it is the country that we operate from. It couldn’t be better placed than to be launched at IDEX in Abu Dhabi. We are re-launching again at MWC or re-iterating our introduction of that product because there’s a global demand for security communications in general but mobile security communications.
This is the second generation of a portfolio of ultra-secure devices that allow the key decision makers, the critical individuals in a government and the critical teams in an enterprise to get better resilience in their mobile communication. If you do find yourself operating in harsh and extreme conditions, then the KATIM R01 is the answer for you.
What would be your target market for the KATIM R01?
This is not a consumer device; this is not going to be available in Virgin Megastore. Our target audience would be head of state, ministers, heads of government, CEOs, executive teams or potentially an M&A team that is on due diligence to execute on a massive acquisition where it could take the whole company down or impact the stock market if there’s a leakage of information. For these situations, you could engage the KATIM solution as a service for 6 months from the beginning of that due diligence, that way you safeguard the communication and the data that’s being exchanged.
There are multiple applications for it, so take the profile of that person who was making decisions on the go from their mobile device carrying very secretive and very classified information, if that person finds himself in a very difficult and harsh environment operating underwater or on difficult terrain- dust, shock, or low ambient light- then that is the product for him because when lives and businesses are dependent on mobile communication, you are dependent on that device and that device better serve you with an extended battery life, to jumping and dropping, to operating with gloves, operating with wet hands and dropping it again and again and not having to worry about what’s going to happen.
Or picking it up and the moment you put your finger on it. It unlocks itself because the finger scanner is on the back. A physical button for push to talk is also available because sometimes there may be fog, sand, or low ambient light so I want to make sure I’m making a push to talk myself. There’s a dedicated harbor button for SOS, in case you need an emergency lift.
It also features a patented technology of great innovation which we call ‘Shield Mode’ which physically disconnects camera, microphone, and speakers. So think of the board as an electronic layout that connects all of these devices. We took the wires into a relay, we put physical buttons on it so that when you go in a highly sensitive meeting you want to be 100 per cent sure that those listening devices are off.
These are some of the proof points around the fact that when it comes to innovation, there’s no monopoly in innovation. Innovation can happen anywhere. 25 years ago, Emirates Airlines could not afford an airplane, their goals was to be the best and the biggest airline in the world and they did it. The UAE is not known for producing high tech innovations but they have led in aviation, transportation, tourism and real-estate, so there’s no reason why we cannot lead in this space if we have the right mindset, the dedication, resources and people; and that’s how Emirates Airlines did it, and that’s how we will do it.
It is an incredible innovation! You talked about how you launched it in IDEX and you are sort of reinforcing the launch here at MWC, how does it resonate with you and some of the clients you have been talking about?
It’s been extremely positive and I’m really surprised because I expected some question marks, naysayers and some skepticism, but so far the feedback has been good and we have a very strong team. We positioned the value of our products and services very well. During MWC I was approached by a prospective client. He asked me, “What was unique about this product?” I said, what makes it unique is the fact that for every other compute device, mobile or non-mobile, the root of trust for those devices is in the hands of the vendor or the manufacturer.
That’s why there was an issue with the other phones because they, the vendor, own the keychain, which means that have access to every keychain and every device everywhere around the world. They have the power to unlock every single device. That applies to all vendors. They all have these secret keys that are imbedded in the device that we call the root of trust. Your encryption is based on them and your own package is based on them and so on. We don’t ascribe to that philosophy, the root of trust and secret keys are in the control and in the hands of the client. They control them, we don’t see them, we don’t know what they are and we make sure they manage and operate the whole solution.
Our most unique feature is ‘self-destruct’. If anybody tries to tamper with the device, cut it open or drill it open to take out the memory chip out, the sensors on the board and in the device will self-destruct the whole device; it will wipe it clean and deactivate it.
We wanted to break away from the market place and come up with something new, innovative and unique so we put our best talents between Canada, Finland and the UAE to come up with these innovations. Generation 1 is still quite ahead of the game.
You touched on the digital transformation and how you created a niche for yourselves by rebranding as a smart and safe digital transformation provider. In relation to operators, what are the biggest security challenges facing operators today, and their efforts to embrace the digital transformation, how are you specifically helping them address those challenges?
I’m not talking about the UAE specifically but we should give you the UAE specific cybersecurity report. The details and findings are very interesting. They’re no different from the global findings. We scanned the whole digital footprint of the UAE, globally, 800 thousand plus nodes that are visible from the internet and we summarized our findings in this report. You would be surprised at how much cyber maturity you can improve by implementing simple methods and practices like matching, upgrading, removing unsupported software, carrying out regular scans and the regular assessments, enforcing the controls that ensure your resilience, and partnering with the folks that understand cybersecurity and understand it well.
The market is saturated with cyber security technologies and cybersecurity services firms but only a few currently help and build an environment that is fully resilient -and the reason I keep saying resilient is because I’m not saying we are going to prevent and protect you from all attacks 100 percent - nobody can say that- but the notion of resilience is the fact that you are prepared to deal with an attack, recover and come out of it stronger than before.
It’s like a boxer; when you are a resilient boxer, it doesn’t mean that you’re not going to get punched. Somebody might knock you down but when you’re resilient, you get back up and start throwing punches back or you start protecting yourself even better. So that is the cybersecurity transformation framework that we put in place which allows us to raise the levels of maturity and awareness, and to consistently monitor what is happening and when something does happen, to detect it, respond immediately, protect proactively and predict certain things of happening before they happen.
The average malware sits in an environment for weeks before it is detected. Imagine if you could detect it at the time it is happening through monitoring certain anomalies, behaviors or analytics that you have in place- this is where we need to take cybersecurity to. We are never going to have an environment where there are no attacks. Cybercrime will never end, just like regular crime which never ended from the dawn of time until now. The frequency is increasing and the complexity is increasing. The younger generation of hackers’ are very mobile savvy because they grew up developing mobile applications so when they become hackers, they are going to develop malware and zero-days and advanced persistent threats against mobile devices.
We are currently seeing an increase in mobile attacks due to the increase in mobile devices. So when you turn that to business and government, decisions are made, data is shared, communication is made from that mobile device, do you really want a consumer device that is sexy, has got a great camera and thousands of other applications on it that you don’t know or don’t trust to be used to review classified data, to make very sensitive life dependent decisions? The answer is no, you don’t. You need something completely separate and completely different.
I was speaking to a couple of global CTOs from operators and I don’t know if you share the consensus, but a lot of them were saying there’s not enough focus being emphasized on the security of 5G networks like they’re talking about 5G and its development but he’s really concerned about the security aspect of 5G, I’m just interested to know what your opinion is on that, do you share that consensus?
I share that consensus but I guess I would return it with a question, is there enough security focus on 4G and 3G? Everybody keeps talking about security for a technology and we don’t aspire to that philosophy. We talk about cyber transformation and cyber resilience independent of technology.
It’s critical and IoT security is not there. Media security and telecom security is not there either. There have been lots of instances where Wi-Fi, 3G, and 4G have been compromised. We believe security to be an end-to-end security which needs to be staggered in a stack of layers defenses, just like you would around your home. For instance, we live in Dubai, we don’t have a fence, we don’t have cameras or barbed wires around our houses, but if you live in Johannesburg, you would need to have that. So it’s all about your risk appetite, the environment you’re operating in, and what you’re trying to protect.
If my livelihood and family depend on it, I would want to make sure that my family is safe and protected. If my responsibly is to safeguard my government’s data or my company’s data, I would have to protect it. I would use the media. I would use 3g, 4g, 5g but I would stagger and stack on top of that layers of end-to-end security that ensure that in case there’s a compromise to the medium and communication, there’s no comprise to my data. We are not going to have a piece of technology providing the answer and security to all our problems so regardless of how much security you embed in 5G, there’s still going to be the layer of stacks of different defenses around it. So 5G is responsible to provide radio communication.
In terms of devices, let’s say this device is bulletproof and hack proof; nobody is able to compromise the medium. What if somebody compromises the data or un-tags the traffic, it’s not 5G’s problem once it gets out into the internet. So you need to understand the continuum and the end-to-end communication like where the data is sitting, how it is transforming and is it data at rest or data at flight. What are the communication tools that are being used? Is it voice over cellular, voice over id, or voice over video communication?
All these have unique nuances that you need to pay attention to in order to secure them differently.
Are you making any other announcements here at MWC?
We are done at MWC in terms of announcements, we wanted to focus on KATIM R01, keep your eyes and ears open for additional innovations coming from the company, whether it be from the services side, digital transformation side, or the technological innovations side which will be introduced throughout 2019.