There’s no question that 2020 was a challenging year. The pandemic placed an enormous strain on the global economy, and cyber criminals took advantage of that and accelerated their nefarious activities. According to the 2021 Voice of the CISO report by Proofpoint, 72 per cent of CISOs in the UAE feel their organisation is unprepared to handle a cyber-attack,
Interestingly, the study also revealed that 70 per cent of survey respondents in the UAE consider human error to be their biggest cyber vulnerability, proving that the work-from-home model necessitated by the pandemic has tested CISOs like never before.
The CISOs listed using unauthorised devices, tools, and applications as well as falling victim to phishing emails as the most likely ways employees put their business at risk.
The Voice of the CISO report examines global third-party survey responses from more than 1,400 CISOs at mid to large-sized organisations across different industries. Throughout the course of Q1 2021, one hundred CISOs were interviewed in each market across 14 countries, including the US, Canada, the UK, France, Germany and UAE.
The survey explores three key areas: the threat risk and types of cyber-attacks CISOs combat daily, the levels of employee and organisational preparedness to face them, and the impact of supporting a hybrid workforce as businesses prepare to re-open their corporate offices. It also covers the challenges CISOs face in their roles, position amongst the C-suite, and business expectations of their teams.
Proofpoint’s Voice of the CISO 2021 also highlighted that security leaders are on high alert across a range of threats in the next 12 months.
— 68 per cent feeling at risk of suffering a material cyber-attack
— 29 per cent expect to face insider threats
— 28 per cent expect phishing threats
— 25 per cent expects Business Email Compromise
— 22 per cent expect supply chain attacks and ransomware
— 15 per cent expect Cloud Account Compromise (O365 or G suite accounts being compromised)
The report also found that while 69 per cent of survey respondents believe employees understand their role in protecting their organisation from cyber threats.
Long term hybrid work environments also present a new challenge for CISOs, according to the study as 66 per cent of CISOs in the UAE agree that remote working has made their organisation more vulnerable to targeted cyber-attacks.
Top three priorities across the board for UAE CISOs over the next two years are:
— Addressing supplier risk (29 per cent)
— Supporting remote working (28 per cent),
— Enabling business innovation (28 percent).