A Sense of Security

DarkMatter’s Dr. Najwa Aaraj on cybercrimes, cryptography, and the region’s burgeoning IT sphere.


It’s still rare to see accomplished women in the IT sphere. Why do you think that is?

I think it is becoming less rare as the notion that some jobs are better suited to men while others to women fades away. This changing view is especially clear in the IT and technology space given its dynamism and openness to change, where a person’s capabilities are what allows them to progress rather than their gender. There’s a growing list of accomplished women in technology including Facebook COO Sheryl Sandberg, YouTube CEO Susan Wojcicki, HP CEO Meg Whitman, and Yahoo! CEO Marissa Mayer to name only a few.


Do you feel there is enough awareness about cybercrimes and security in the region? What are some of the most common problems you are witnessing with clients?

I do believe awareness levels are rising as we see more brazen attacks and breaches being reported by mainstream media. Raising awareness is important, but it is essential that it is seen as a means to an end and not an end in itself. The hope is that awareness leads to attitudes being altered, and due emphasis and actions being directed to protecting information technology and operations technology infrastructure.


This is where a company like DarkMatter can assist in helping government and corporates establish a cyber security programme incorporating policies, procedures, personnel, and the latest technological advancements. It also supports institutions in developing a cyber security strategy that will give them visibility into their environment and deploy defensive technologies and methodologies.


I wouldn’t identify the circumstances we come across at clients as ‘problems’ per se. Many of the security weaknesses we encounter are related to the absence of an end-to-end outlook on cyber security. Hyper-connectivity in our modern world means there are many more points of risk and potential breach in corporate and personal networks, which need to be guarded against.


What’s the process and importance of cryptography?

In simple terms, cryptography involves the encoding and decoding of information using a secret key, in order to protect the confidentiality, integrity, and non-repudiation properties of information and the underlying system and/or network.


It is important that a cryptographic algorithm has a sound security model and is resilient against theoretical cryptanalysis. However, it is equally important that cryptographic implementations are sound, are hardened with the correct countermeasures and are resilient to side channel attacks and prevent leakage of secret data.


What are your thoughts about the IT sector here?

The region’s IT sector is a vibrant one, and I wouldn’t change anything about it. It is evolving at its own pace, as it should do, and has given birth to a company like DarkMatter, which is developing its own intellectual property, attracting international talent to be based in the UAE, and offering an end-to-end portfolio of cyber security products and services. I believe the sector will continue to grow and mature and cyber security will be a major part of that.


Do you think it’s become important enough for governments to launch local departments or cyber defence that are similar to the more tangible defence departments?

It is, and they have. DarkMatter for example, is a strategic cyber security partner of the UAE government, and possesses the highest calibre cyber security experts who are not only trusted and security-vetted by the UAE government, but have also been similarly vetted by other governments and large corporations in their previous engagements with different companies in varying parts of the world. These experts are offering high-level advisory services and going even further as they assist with project implementations showcasing how seriously governments are taking cyber security.


Is the line between white hat and black hat hacking blurring more and more?

No I don’t believe so. The tools and approaches may have started to look increasingly similar, but the motivations and outcomes of the separate activities remain quite different.


About Dr. Najwa Aaraj:

With a Ph.D. in Computer Engineering from Princeton University and over 10 years of experience working with global firms such as Booz & Co, NEC Labs, IBM Security Research Labs, and Intel, Najwa brings extensive practical knowledge of cyber security implementations in the United States, Australia, the Middle East, Africa and Asia. Her particular expertise includes cryptography, trusted platforms, security architecture for em-bedded systems, software exploit detection and prevention systems, and biometrics. Before joining DarkMatter, Najwa was a Senior Associate with Booz & Company, where she led consulting engagements in the communication and technology industry for clients across four continents. Prior to that, she held several research positions, including Research Fellow with IBM T. J. Watson Security Research in New York, and with the Intel Security Research Group in Portland, Oregon. She also was a Research Staff Member at NEC Laboratories in Princeton, New Jersey. Reflecting the scope of her research and professional accomplishments, she has a number of publications and patents to her name. These include a patent for “Optimizing Performance of Integrity Monitoring” and more than half a dozen papers.




Your email address will not be published. Required fields are marked *