Despite increasing budgets and greater-than-ever support from senior management, SecOps teams report persistent silos and meagre capabilities amid an escalating threat landscape
Most UAE-based cybersecurity professionals feel overwhelmed by the rapid escalation of cyber threats despite increased commitments from senior management and access to bigger budgets. This was one of the key findings in a global study commissioned by Trellix, the cybersecurity company at the forefront of extended detection and response (XDR).
The study polled 9,000 cybersecurity professionals across 15 countries, including the UAE, in organisations with 500 or more employees. Some 70 per cent of UAE respondents said their organisation’s cybersecurity investments had increased in the past 12 months and two-thirds (67 per cent) reported regular meetings on cybersecurity and compliance with senior executives. But most (56 per cent) also admitted that threats evolve so rapidly they still struggle to keep up.
The need for change
There was widespread acknowledgement among UAE respondents of the need for change. Some 57 per cent said their current security model needed to be updated to successfully predict, detect, and respond to attacks as they happened. Among those expressing such concerns, 13 per cent described the necessary updates as major.
Amid these capability gaps, 53 per cent of UAE cybersecurity specialists say they are fighting a losing battle against cybercriminals. Beyond taking a toll on the cybersecurity professionals — 54 per cent of respondents cited being held back by the limitations of their cybersecurity infrastructure as one of their biggest work frustrations — this gap in cybersecurity is impacting UAE organisations’ bottom lines, with 80 per cent of respondents acknowledging that their organisation lost up to ten per cent of revenue in the previous year because of security breaches.
According to the findings, 60 per cent of UAE SecOps teams are hampered by the patchwork of security solutions with integration options. Only one in nine (11 per cent) have managed to eliminate silos and little more than a fifth (22 per cent) are working towards this end. Some 59 per cent are working with more than ten separate security solutions and 60 per cent decried the lack of efficiency this causes. To make matters worse, one-third (67 per cent) of organisations have no plans to rid themselves of silos.
“Siloed security systems hand easy victories to threat actors and make life harder for SecOps teams everywhere,” said Vibin Shaju, General Manager, UAE at Trellix. “And yet many businesses seem prepared to accept siloed security rather than updating their security architecture to connect the dots and enable adaptive security. Nothing changes if nothing changes. Organisations that do not move purposefully towards a more integrated security model are painting a target on their back as an open invitation to cybercriminals.”
In the UAE, 69 per cent of cybersecurity professionals reported dealing with up to 50 cybersecurity incidents per day and 42 per cent characterise their daily routine as being inundated by a never-ending stream of cyberattacks. Respondents are plagued by blind spots within their infrastructure, with 27 per cent citing such visibility gaps. Moreover, just over a third (36 per cent) say their security ecosystem does meet their current needs but expressed concerns about their future capabilities if they continue to use the same security suite.
Extended detection and response (XDR)
Against this backdrop, one technology that has come to the fore is Extended Detection & Response (XDR). In particular, an open, cloud-native XDR architecture that constantly learns from and adapts to the ever-changing threat landscape can help organisations eliminate silos and identify threats before they can harm. More than a fifth (22 per cent) of UAE respondents said they had already implemented XDR, with an additional 41 per cent saying they were exploring the technology for likely implementation in the next 12 to 18 months.
Among XDR implementors in the UAE, 78 per cent ranked the ability to automate processes and prioritise critical concerns among the most important benefits of the technology. Not only was this the top priority for UAE organisations, but the proportion of respondents that cited it was significantly higher than the global average, suggesting that automation and alert triage are of specific interest to UAE enterprises — an understandable finding given the region’s extant cybersecurity skills gaps.
Among other important factors that compelled UAE companies to implement XDR was its capability to detect threats in real-time (76 per cent) and the ability to deliver operational efficiency by freeing human analysts to pursue higher-value cyber work (37 per cent). A quarter of UAE XDR implementors were drawn to the technology’s capability to learn from incidents and adapt to threats; 38 per cent were impressed by the reduced response times. Some 46 per cent said that because of the benefits they had witnessed, they were likely to recommend that their organisation allocate budgets this year to advanced programs that include XDR.
“This research reveals how unsustainable the situation is for cybersecurity professionals today,” said Aparna Rayasam, chief product officer, Trellix. “Instead of relying on traditional siloed solutions that add complexity, businesses can reshape SecOps with a flexible, intelligent security architecture that consolidates security tools, so teams can work smarter and quickly remediate threats.”