Newly released research from Mimecast, a cybersecurity company, has found that IT decision-makers in the UAE and Saudi Arabia face ongoing challenges regarding the security of their digital transformation efforts in the face of attack by cybercriminals and other bad actors.
Organisations around the world are facing severe challenges due to the COVID-19 pandemic, a shifting geo-political landscape and the uncertainties of climate change, according to Mimecast. As a result of these challenges, digital transformation has become a top priority for many companies.
Mimecast’s report, Bridging the Divide: Digital Transformation & Cybersecurity in Saudi Arabia and the UAE, is based on a survey of 400 IT decision makers across a range of organisations in the two countries. The aim of the survey was to better understand how digital transformation is impacting the threat environment, how decision makers are responding, and how they are working with third parties to combat the threat.
“The speed at which organisations are transforming to adapt to hybrid work and achieve greater efficiency and competitiveness, means cybersecurity is often not a top priority among IT and business decision-makers”, says Werno Gevers, Regional Manager for the Middle East at Mimecast. “The downside to increased digital transformation is that attack surfaces are wider and there are more opportunities for bad actors to penetrate organisational defences, with many organisations stuck in a reactive mode regarding their security, leaving them unable to get on the front foot against attackers”.
The research found that more than two-thirds (68 per cent) of regional organisations have had to postpone a digital transformation initiative due to cybersecurity concerns, with 65 per cent reporting they have cancelled such an initiative outright.
To protect against these and other threats, regional IT teams are taking a wait-and-see stance to security, with 76 per cent saying their approach to security is reactive rather than proactive.
Securing digital transformation
According to the research, 54 per cent of IT decision-makers are utilising cybersecurity awareness training to empower employees and reduce human error in order to strengthen organisational defences. However, many are falling short in their broader efforts at deploying adequate security solutions, with fewer than one in five (18 per cent) reporting that they use best-of-breed vendors to enable superior protection.
“Worryingly, a third of organisations are reliant on a single vendor, which can create a monoculture that is detrimental to both cybersecurity and digital transformation,” said Gevers. “However, it’s not all bad news: 29 per cent of respondents agree that a staple of best-of-breed providers integrated through APIs offers superior protection against new and emerging threats.”
To further aid security teams’ efforts and overcome resource and budget constraints, IT decision-makers across the region are investing in the automation of key security functions, Mimecast’s data reveals.
According to the report, 18 per cent of organisations have a completely automated incident response capability, while 22 per cent have automated backup and protection. “This automation drive is expected to free up 40.9 hours per month of entry-level security specialists and up to 38.9 hours at CISO level, creating valuable capacity for IT teams to work on more high-value activities across the business,” added Gevers.