Last week I was in the glorious city of Dubai, but I didn’t rest, no, but I worked. In the sweat of your face in the truest sense of the word. He was among the participants of one of the largest information security events in the Middle East – the GISEC exhibition. 300 participants from different countries of the world – both large world giants such as Cisco, Microsoft, Cloudflare, Huawei, etc., as well as many local companies and startups.

It was even 5 “Russian” playerswho, however, concealed their origin. For 2 of them, Singapore was listed as the “port of registry”, and for three – Dubai. I don’t know who could be misled by such a disguise, but the fact is the fact.

Visiting GISEC reminded me of the RSA Conference, but in its mini version. Absolutely identical organization of the event and only the presence of a large number of people in kanduras and abayas suggested that I was not on the west coast of North America. Well, the size, of course. RSAC usually occupies two large pavilions, in which one and a half thousand IB players from all over the world are exhibited. A closer association, in terms of the number of players represented, is London’s InfoSecurity, which presents both world giants and European players, often unfamiliar to Russians, and, of course, regional stands. At GISEC this year there were separate stands of Turkish companies in the field of information security, Indian, French and German.

By the way, I had no idea that the Turks there are so many players in the cybersecurity sector (more than 200). In addition to COMODO, he did not know anyone. If Russia and Turkey become friends more and more actively, then this country may also have to be looked at in terms of information security decisions. Well, or consider them as a threat 🙂

Once upon a time, Russia also came to London with its stand, and it seems to me that this is a good practice for companies that look to the West / East, but are not able to pull such a trip alone, pay for the stand, hire stand attendants, etc. The state, especially if it actively talks not only about import substitution, but also about export high technology to friendly countries could help in this matter. Just like India does. Hindu dominance in the UAE, I was directly struck – they not only occupy many positions in IT and information security on the side of customers, but also represent their companies, which, due to very low prices for their services, are actively dumping and surviving more serious players from the market. At least in conversations with colleagues and friends living or working in the Arabian Peninsula, Hindus are a big threat.

There was no Israeli stand this year, which is understandable – the friendship of Arabs and Jews is situational and constantly faces ups and downs. A year ago, when they found out that you are from an Israeli company, they run away from you like fire, and today they are friends passionately. And such changeable weather in their relationship is constant. I was surprised that there was no Chinese or South Korean booth – they were at the RSAC in San Francisco. And if, well, Buddha, South Koreans, then the absence of companies from the Middle Kingdom (except, of course, the huge stand of Huawei) surprised me. After, in fact, the ban on work on the tasty American market, they had to look for new outlets and the UAE is the best fit for this, but no.

TO Russian information security companies are treated favorably, even to those who are under sanctions. In general, there were a lot of Russians at the exhibition – both vendors looking at the market (it was funny to watch the Russian names of companies, under which “United Arab Emirates” was written on the badges), and customers who were taken out by Russian distributors.

By the way, from the interesting. I came across the booth of a domestic company. I look at her materials and profile in a mobile application – not a word about Russian origin. I start looking on the Internet – a similar situation. The company blacked out all references to its Russian roots. Now she has written that she has a headquarters in Dubai and two more offices – in Singapore and Vilnius. A couple of years ago, her head office was listed in Singapore, and 10 years ago she was sitting in an ordinary office in St. Petersburg. But these sources are hidden in the darkness of centuries. And only a search on LinkedIn helps to determine who is who. But here, as the American organized crime accountant of the beginning of the last century, Otto “Abbadabba” Berman, said: “Nothing personal, it’s just business(The phrase is incorrectly attributed to Al Capone).

Another distinctive feature of the Arabic GISEC from the American RSAC or the London Infosec was the presence of a large number of distributors of information security tools. There were about two dozen such stands, and each presented several dozen small, niche information security companies. In general, there are somehow few developers of information security solutions in the Middle East – local companies offer either various information security services, or resell someone else’s, or even this is a disguise for some foreign company that needs “localization” to work with certain categories of local customers.

In general, Dubai is now quite good.home port» for Russian companies wishing to enter the international market. By registering on the shores of the Persian Gulf, you hide your now toxic 🙁 origin, but at the same time you have the opportunity to easily get to almost anywhere in the world; Yes, and direct flights to Moscow, without transfers. The dominance of “Russians” at GISEC this year will probably lead to the fact that next year there will be more Russian startups at the exhibition. By the way, about them. Small companies were allotted a separate room – Cyber ​​Stars, where novice players tried to attract attention at stands “half a meter by half a meter”. Someone else did this at a separate pitch session that took place during all three days of the exhibition.

And here I must say that participation in such exhibitions for startups, in my opinion, does not give a big effect. Perhaps even for larger players too.

If you are a large company, then you are already known and you are unlikely to get new customers at the exhibition. And if you are a noname player, then there are not very many chances to get orders either. The stars must align for this to happen. Or you need something to stand out against the background of other stands and companies. This is difficult for startups. And other companies, too, whose hardened marketing lives in captivity to their outdated views on how to participate in events. Well, yes, you can, of course, show that you are still alive. But is it necessary to spend considerable budgets on this? Handing out a stupid paper handout that will be thrown away at the exit from the conference? It’s the same solution.

At Russian IS events, by the way, the story is exactly the same. Stands, like a carbon copy (white pedestal with the name of the company). Bored stand attendantssitting in phones. Advertising leaflets on coated paper. Pens and mugs as handouts. And even the arrival of a potential customer is usually greeted with a look from the series “what’s stuck, don’t you see, we’re busy here” …

The “reporting” part of the exhibition was also not so hot. The idea of ​​​​RSAC or Infosec was also copied – zones were allocated on the territory of the exhibition in which it was possible to tell something boring, advertising, from the “shovel” series for about twenty minutes. Really interesting reports were counted on the fingers of two hands (half of them were from instructors SANSwho was also present at the exhibition).

But what distinguished GISEC from European or American exhibitions on information security is the presence of a “general” history. The passage of high ranks through the stands of expensive sponsors is so familiar to the Russian audience that it does not raise questions, “as it should be”. There is no such thing in the decaying West 🙂 If the stand is the NSA or the FBI, then like everyone else, without a particularly dedicated area. And GISEC had a separate area for local regulators next to the $1 million hacking competition. Ineradicable is the desire to single out someone special and show him all sorts of honors. And if this is normal for the Arab monarchical tradition, then in Russia, where the last tsar without trial or investigation shot more than a hundred years ago, this, of course, looks strange (but also familiar at the same time).

By the way, with the status of sponsors, it was also cool. It used to be the coolest gold, but now it’s at the level of “homeless from the gateway.” For “respectable gentlemen” there were statuses – “platinum”, “diamond”, “strategic” and “main strategic” 🙂

There were also VIP boxes, even two – one for CISO, the other for VIP participants. True, they were empty. Just during the days of GISEC, but outside its official program, I spoke at an event for CISO, and there were many more information security managers there than in the CISO Lounge at the exhibition, which once again suggests that it is better to hold focus events after all than jostling with other participants in a limited area, trying to draw attention to themselves and their decisions.

Here is a brief overview of GISEC 2023 in Dubai, in which I happened to participate. An interesting experience anyway. Still, no matter how current events develop, the Russian information security market is now cut off from the American and European markets for a long time. Our destiny is only friendly countries, which we did not really look at before. But today, priorities are changing – both in terms of what you can use to ensure your cybersecurity, and in terms of where you can go with your solutions. Therefore, the study of the Middle East (UAE, Saudi Arabia and Israel), Turkish, Indian, Chinese, African and South American information security clusters will become task number 2 for us in the coming years (after studying our own market). So there is no need to grieve – there is room for positivity!

The note Impressions from GISEC 2023 in Dubai was first published on Business without danger .