This year’s survey focused on cybersecurity in the business environment, and revealed how regional companies are implementing their cybersecurity strategy. The survey indicated that as many as 41% of Gulf-based enterprises admitted to being breached at least once in the last 12 months, in comparison to 28% in 2016. Interestingly, only 31% of regional organizations were concerned about detection and response to attacks. This finding underscores the necessity of a change in mindset, especially among management when it comes to budgeting for the right technologies needed to deal with a breach once discovered. Meanwhile, 62% of respondents stated that they were likely to utilize Artificial Intelligence (AI) for securing their organizations, which showed willingness in deploying new technologies.
“We have seen a large number of high-profile cyber-attacks this past year and this is a trend that isn’t looking to slow down. Despite the constant stream of security updates and patches, attacks are growing increasingly common. In today’s context, it is crucial for organizations to understand that preparation against a security breach should not be purely focused on preventative tactics, but rather it is important to invest in resources that aid in detection and response. This will test the resilience of an organization’s security against breaches”, commented Hani Nofal, Vice President of Intelligent Network Solutions, Security and Mobility at GBM.
The security survey also revealed that up to 79% of respondents believed their company currently has an effective security strategy program in place. The majority of respondents also reported their company had not experienced a security incident in the last 12 months. However, the survey indicated that 32% of Gulf organizations do not have a Security Operations Center1 (SOC) and that there could be an intrusion within their system that they are unaware of, considering how long intrusions are able to remain undetected, particularly when there is no proper detection and response program in place. Moreover, 81% of respondents preferred having their security operations on premise.
A significant issue the survey highlighted was the risk around the Operating Technology (OT) with 31% of Gulf organizations experiencing attacks to their OT environments. However, Gulf organizations have started taking action by deploying security controls for OT and developing a security strategy for prevention, detection and response. A few organizations are also leading the way in setting up a SOC dedicated to computer-based supervisory control and data acquisition (SCADA) systems isolated from the IT environment.
“Security is a shared responsibility, not just within companies but across the region and worldwide. There is a pressing need for organizations to share their experiences, good and bad, in order to help others prepare better in this constant race. Together, the battle against adversaries would be considerably easier”, added Nofal.
The latest GBM security survey, polled 600-plus executives and IT professionals from a range of industries including IT, healthcare, education, oil and gas, hospitality, and many others in the United Arab Emirates, Oman, Bahrain, and Kuwait. The GBM security survey is the only one of its kind sharing insights and recommendations about the cybersecurity landscape in the GCC.
GBM will be present at GISEC 2018 from May 1-3, 2018 at the Dubai World Trade Centre. For more information on the findings in the GBM Security Whitepaper, visit http://gbmme.com/gbm/gisec2018/
1 A SOC is a facility housing an information security team who monitor and analyze an organization’s security on an ongoing basis. By analyzing and monitoring an organization’s network, server, data and endpoints 24/7, the SOC team can ensure the timely detection and response of any security incidents.