Cybersecurity breach on Gulf-based companies increased at a significant rate over the past two years. As many as 41 percent of Gulf-based enterprises admitted to being breached at least once in the last 12 months, in comparison to 28 percent in 2016, according to annual Gulf Business Machines (GBM) Security Survey.
Interestingly, only 31 percent of regional organizations were concerned about detection and response to attacks. This finding underscores the necessity of a change in mindset, especially among management when it comes to budgeting for the right technologies needed to deal with a breach once discovered. Meanwhile, 62 percent of respondents stated that they were likely to utilize Artificial Intelligence (AI) for securing their organizations, which showed willingness in deploying new technologies.
“We have seen a large number of high-profile cyber-attacks this past year and this is a trend that isn’t looking to slow down. Despite the constant stream of security updates and patches, attacks are growing increasingly common. In today’s context, it is crucial for organizations to understand that preparation against a security breach should not be purely focused on preventative tactics, but rather it is important to invest in resources that aid in detection and response. This will test the resilience of an organization’s security against breaches”, commented Hani Nofal, Vice President of Intelligent Network Solutions, Security and Mobility at GBM.
The security survey also revealed that up to 79 percent of respondents believed their company currently has an effective security strategy program in place. The majority of respondents also reported their company had not experienced a security incident in the last 12 months. However, the survey indicated that 32 percent of Gulf organizations do not have a Security Operations Center1 (SOC) and that there could be an intrusion within their system that they are unaware of, considering how long intrusions are able to remain undetected, particularly when there is no proper detection and response program in place. Moreover, 81 percent of respondents preferred having their security operations on premise.
A significant issue the survey highlighted was the risk around the Operating Technology (OT) with 31 percent of Gulf organizations experiencing attacks to their OT environments. However, Gulf organizations have started taking action by deploying security controls for OT and developing a security strategy for prevention, detection and response. A few organizations are also leading the way in setting up a SOC dedicated to computer-based supervisory control and data acquisition (SCADA) systems isolated from the IT environment.
The latest GBM security survey, polled 600-plus executives and IT professionals from a range of industries including IT, healthcare, education, oil and gas, hospitality, and many others. The GBM security survey is the only one of its kind sharing insights and recommendations about the cybersecurity landscape in the GCC.