Skandha Media Services achieves ISO/IEC 27001-2022 certification
Skandha Media Services, a provider of scalable managed playout, broadcast and OTT services powered by cloud technology, automation, AI and machine learning, has announced its achievement of the ISO/IEC 27001-2022 certification.
This certification, awarded by the United Registrar of Systems (URS), recognises Skandha's compliance with internationally recognised information security management standards. It applies to the company's broadcasting services, IT infrastructure and software development operations, covering Skandha's cloud instances, customer data and business processes, including IT and media operations.
As broadcasters and OTT platforms face increasing threats such as data breaches, piracy, and unauthorised access, security certifications like ISO 27001 have become crucial for cloud service providers. Skandha's accreditation reinforces its commitment to maintaining the highest data security and regulatory compliance standards.
Speaking about the certification, Neelesh Dalvi, Co-founder and Head of Digital Operations at Skandha Media Services, said: 'Receipt of the ISO certification solidifies our commitment to provide quality-assured solutions and services to our clients and it demonstrates that we are meeting internationally recognised standards and protocols in every process, across every department, at every level within the organisation.
'It's important that our customers know just how much we value global security standards, data protection and regulatory compliance – and ultimately that we're a company they can trust with any project.'
The certification highlights Skandha's ongoing efforts as a security-first organisation, with a focus on strengthening cloud security, enhancing access controls, refining risk mitigation strategies, improving employee security training and advancing cybersecurity protocols.
'I'd like to credit Skandha's employees for their dedication to the ISO certification process, especially the heads of department who have shown unwavering determination to achieve this milestone. It's a directive that benefits all our stakeholders and firmly positions Skandha as a trusted technology leader in secure, scalable, and AI-driven media innovation with security-first solutions. We're delighted to obtain this accreditation,' Dalvi concluded.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
TECHx
14 hours ago
- TECHx
What Cybersecurity Vendors Must Do to Earn CISOs Trust
Home » Interview Of The Week » What Cybersecurity Vendors Must Do to Earn CISOs Trust What do CISOs really want from cybersecurity vendors? Denis Yakimov of Equiti Group offers a perspective in this exclusive interview published in CodeRED June–July Edition. From the importance of aligning cybersecurity initiatives with business strategy to the flaws in vulnerability management and the value of co-developing tools, Yakimov outlines what's working, what's broken, and how vendors can better support enterprise security goals in an evolving digital ecosystem. What are the top cybersecurity priorities for your organization this year? This year, our top priority is to support the business in achieving sustainable growth and stability as it works toward its strategic objectives. I often see CISOs setting goals in isolation focusing on internal KPIs or reacting to emerging threats without aligning with the broader business context. But it's critical to remember that security exists to enable the business, and everything we do should be guided by that principle. How do you align cybersecurity initiatives with overall business goals? Everything starts with the business setting its goals for the year, which are typically based on shareholder expectations. At Equiti, business goals are clearly defined and openly communicated, so every employee understands the direction in which the organization is heading. From a security standpoint, we use these goals as a foundation and, at the beginning of the year, during strategy planning, we brainstorm which cybersecurity actions will most effectively support the achievement of these goals. For instance, in 2024 we achieved ISO 27001 certification, which helped Equiti take a significant step toward building stronger trust with key clients and partners and becoming one of the leading brokers in the UAE. Similar security initiatives are aligned with goals related to operational resilience, among others. What are the key factors you consider when evaluating cybersecurity vendors? We take a comprehensive approach when selecting vendors, using comparison tables and well-defined evaluation criteria. These always include compatibility with our existing environment and compliance with local regulatory requirements. For example, in the UAE, financial institutions must store regulated customer data within the country, which immediately disqualifies many SaaS vendors without local data centers. Given that Equiti is a rapidly growing organization, scalability and ease of deployment are critical factors for us. Once all evaluation criteria are met, we proceed with a PoC, a data privacy assessment, and a third-party risk assessment. While the process may seem complex at first, we aim to complete evaluations at a startup pace – typically within 2–3 weeks. How do you prefer vendors to approach you, with education, product demos, proof of value? I believe that anything that helps evaluate a solution within the context of our own environment is highly valuable. I have a hard time understanding vendors who reject proof of concept and instead get caught up in internal approval cycles at this stage. For me, that's usually a yellow flag. If a vendor is willing to schedule as many meetings as necessary to ensure that the solution works effectively within our infrastructure, that is always an additional reason for me to prioritize them. It signals a high likelihood that they will continue to provide support after the purchase and that they have nothing to hide. What are the biggest gaps in current cybersecurity solutions that vendors should address? In my view, areas such as vulnerability management, despite their long history, are still underdeveloped. Even well-established and experienced vendors like Qualys and Rapid7 continue to generate a significant amount of noise in their vulnerability dashboards, and current prioritization methods do little to change that. I regularly speak with many CISOs across the industry, and I keep hearing about hundreds or even thousands of high and critical vulnerabilities reported by their VM solutions. Yet, in reality, 99% of security incidents are either unrelated to vulnerability exploitation or are linked to vulnerabilities that were not flagged or covered by these VM tools at all. Are there specific challenges in integration, scalability, or support that you've faced? We've encountered situations where we acquire a tool that fits our needs very well, but face challenges finding the right expertise to implement it properly, considering all the specific requirements. And it's not even about internal resources – it's about the expertise available on the market. While evaluating a solution itself is relatively straightforward, assessing the contractor's expertise, especially ensuring they are both trustworthy and fairly priced, can be quite difficult. I've previously worked at various MSPs, and I clearly remember how service providers often focused on selling the service first, while trying to acquire the necessary expertise during the implementation phase. What role do vendors play in helping you maintain compliance? When it comes to vendors and compliance, I truly appreciate the direction the market is taking toward GRC Engineering. I believe this area has the potential to become highly developed and popular in the future – similar to how DevSecOps gained momentum in its time. Take Vanta, for example. Although it is essentially a tool for automating GRC processes, its interface is so simple and intuitive that it has successfully captured a market even among startups—a segment where selling anything from the security domain is typically challenging due to immaturity and limited budgets. On our side, we are also taking proactive steps toward compliance automation. However, we must consider a wide range of factors, including our presence in multiple countries and various privacy obligations. How is your cybersecurity budget evolving year-over-year? There is a lot of talk on social media about cybersecurity underbudgeting, but in reality, many organizations tend to overinvest. A common pattern is CISOs onboarding numerous dashboards that generate excessive noise and offer limited optimization. At Equiti, even though we're open to increasing the cybersecurity budget, our team has been focused on cost optimization for two consecutive years, mainly through smarter licensing decisions. This often means replacing vendors – always with a proper risk assessment – but given the vast range of available solutions on the market, finding quality alternatives at a lower cost is rarely a challenge today. What's your advice to vendors looking to position their solutions for budget approval? My advice is not to focus on addressing yet another threat, but rather to demonstrate how your tool brings real business value. Modern CISOs are increasingly expected to speak the language of the business and sit at the board table. As a result, the tools in a CISO's toolkit should support business enablement, not just threat mitigation or the addition of another dashboard. If you look at the most successful cybersecurity companies such as Wiz, Okta, or Zscaler they've become integral to their customers' operations and have a direct impact on business efficiency. Have you collaborated with vendors on co-developing or customizing solutions? Absolutely. Vendors willing to adapt their roadmap for our needs are always strong candidates. For example, we're working closely with a SAST vendor that is developing integration features for one of our specific CI/CD environments. Since this environment is relatively niche and not widely supported out of the box, the vendor's willingness to invest effort in saving us extensive engineering time on custom integration has been a major factor in our decision. I must admit, this kind of flexibility is more common among small to mid-sized vendors. What common mistakes do vendors make when engaging with CISOs? Pushing too hard and being overly persistent. In my view, if someone genuinely needs your product, they will be responsive and willing to do whatever it takes to close the deal quickly. If you spend your time chasing people who show limited interest, you might move the deal forward temporarily, but in the end, it will likely fall through and you will have simply wasted time. What's one innovation or improvement you hope to see from vendors in the next 12 months? Although I remain skeptical about the grand future predicted for AI,where it is expected to replace humans, I personally would like to see more practices focused not on solving isolated micro-tasks or problems by introducing yet another tool to the portfolio, but rather on enabling the correlation of all available security data into a unified pool of interconnected knowledge. Such an approach could help predict where threats are most likely to emerge or which changes would yield the most significant impact. I believe that an AI system capable of aggregating insights across the entire organization and its cybersecurity tools could deliver this kind of value. In today's world, many security leaders still make strategic decisions based on educated guesses and abstract, subjective risk assessments essentially, reading tea leaves rather than relying on data-driven foresight.
Zawya
a day ago
- Zawya
Yusuf Bin Ahmed Kanoo Group achieves ISO 27001:2022 Certification
Manama, Bahrain – Yusuf Bin Ahmed Kanoo Group (YBA Kanoo) has achieved a significant milestone by obtaining the ISO 27001:2022 certification, reflecting its ongoing commitment to strengthening information security, enhancing internal systems, and aligning with international standards. This certification underscores the Group's dedication to protecting its data assets and maintaining the trust of its clients, partners, and stakeholders. The implementation of ISO/IEC 27001:2022 not only reinforces YBA Kanoo's internal controls but also improves operational efficiency by reducing time, cost, and risks associated with human error. It also demonstrates the company's commitment towards maintaining robust and resilient security practices. In line with its core values and commitment to staying ahead of evolving global standards, YBA Kanoo is exploring additional initiatives to further strengthen its information security posture. This includes investing in advanced security technologies across the group. Looking ahead, YBA Kanoo remains committed to continuous improvement and the adoption of advanced security practices. The Group continues to align with global standards, investing in new technologies, and promoting a culture of accountability to protect stakeholder interests and support long-term operational excellence.
Zawya
21-07-2025
- Zawya
CI Capital secures global ISO 27001 certification
Cairo: CI Capital ( the leading diversified financial services group, has obtained the prestigious ISO/IEC 27001:2022 certification- the international standard for Information Security Management Systems (ISMS), by international accreditation body INTERCERT. This significant milestone underscores the firm's ongoing commitment to embedding a robust culture of strengthening cybersecurity resilience and upholding world-class standards of digital security and data protection. The certification reflects CI Capital's proactive approach to managing information security risks, reinforcing its ability to safeguard client and investor data, enhancing operational efficiency, and mitigating potential cyber threats. The implementation of ISO/IEC 27001 not only strengthens internal controls but also optimizes performance by reducing time, cost, and risks associated with human error—ultimately ensuring a secure and trusted investment environment for all stakeholders. 'CI Capital prides itself for obtaining the ISO/IEC 27001 certification—an internationally recognized benchmark that affirms our deep-rooted commitment to protecting our clients', partners', stakeholders' data and digital assets. In today's rapidly evolving digital landscape, information security is no longer a luxury but a core pillar of sustainability and organizational growth. Moreover, this recognition is a testament to the tireless efforts of our technology teams and reinforces the trust our clients and partners place in us,' commented CI Capital's Group CEO, Hesham Gohar. 'CI Capital works tirelessly to adopt international best practices across all functions, particularly in digital transformation and information security. Embedding world-class information security practices into our business model as well as constantly upgrading our infrastructure both remain central to CI Capital's strategic roadmap for a resilient and future-ready operation,' added Gohar. In today's data-driven financial landscape, trust and reliability are critical. This certification validates CI Capital's efforts to establish a culture of security and governance across all its operations — from investment banking and brokerage services to asset management, mortgage finance, and microfinance. The certification scope covers all key components of the company's Information Security Management System, including main and DR data centres, cybersecurity and infrastructure, databases, network and security, application support, Security Operations Centre (SOC), human resources, and physical security. 'This international accreditation marks a pivotal step in CI Capital's digital transformation journey and further cements its leadership in both the Egyptian and regional financial markets. It also ensures alignment with the highest global standards in risk management, data governance, and operational excellence,' commented Ahmed Abdel Latif, Group Chief Operations Officer at CI Capital. 'Beyond risk reduction, ISO 27001 enhances the company's ability to serve institutional and international clients who require strict compliance and security guarantees. It positions CI Capital as a forward-thinking, secure partner in the financial services industry, strengthens our brand reputation, and enables us to scale sustainably while meeting both local and global regulatory expectations," added Abdel Latif. "From a technology perspective, ISO 27001 has driven us to enhance our cybersecurity architecture across all platforms — covering infrastructure, applications, data, and user access. We've established a robust risk management framework that enables continuous monitoring, incident response readiness, and proactive threat mitigation,' commented Mostafa Ebaid, Chief Information Officer (CIO) of CI Capital. 'It has also unified our IT policies, strengthened identity and access controls, and ensured encryption and secure communication protocols are enforced enterprise wide. Most importantly, this certification positions CI Capital to embrace future technologies and digital innovations securely and responsibly — giving both clients and internal stakeholders confidence in the integrity and resilience of our system," added Ebaid. About CI Capital Holding for Financial Investments CI Capital Holding for Financial Investments (Ticker: CICH EY, is a diversified financial services group and Egypt's leading provider of leasing, microfinance, mortgage finance, consumer finance, and investment banking products and services. Through its headquarters in Cairo, and presence in New York and Dubai, CI Capital Holding for Financial Investments offers a wide range of financial solutions, to a diversified client base that includes global and regional institutions and family offices, large corporates, SMEs, and high-net-worth and individual investors. CI Capital Holding for Financial Investments leverages its full-fledged investment banking platform to provide market-leading capital raising and M&A advisory, asset management, securities brokerage, custody, and research. Through its subsidiary, Corplease, CI Capital offers comprehensive leasing solutions, including finance and operating leases, and sale and leaseback, serving a wide range of corporate clients and SMEs. Additionally, CI Capital Holding for Financial Investments offers microfinance lending through Egypt's first licensed MFI, Reefy. The Group has over 4,000 employees, led by a team of professionals who are among the most experienced in the industry, with complementary backgrounds and skill sets, and a deep understanding of local market dynamics. Banque Misr, one of Egypt and Africa's most renowned financial banks, is the majority shareholder of CI Capital Holding. For more information, please contact CI's Investor Relations Department Email: For more media-related information, please contact us via: media@ Or please visit our socials via:
