Organizations across the Middle East have realized that investing in multiple security tools without any integration leads to an ineffective siloed defense framework with continuously escalating operational costs. They are therefore prioritizing automation and consolidation of their cybersecurity estates, a leveraging platform/mesh value propositions from leading cybersecurity vendors, according to the State of the Market Report 2023 by Help AG, the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and the region’s trusted security advisor.
The only one of its kind to focus exclusively on digital security in the Middle East region, Help AG’s annual State of the Market Report delivers unparalleled intelligence into the state of cybersecurity in the region. The third edition of the report themed around the adage of “Innovate. Automate. Elevate.”, is focused on how organizations across the region can innovate their technology and processes and automate playbooks and operations to ultimately elevate their cybersecurity posture. The report dives deep into the top threats over the past 12 months, the kinds of attacks and attack vectors which are a cause of concern, anatomy of high profile breaches, best practice recommendations, security investment patterns of organizations in the region, uptake rates of new emerging technologies, and, of course, directions on where the market is moving towards in terms of technologies and evolution.
Key areas of investment
With the substantial increase in prices of cybersecurity solutions globally, including some OEMs increasing their prices north of 30% compared to 2021, combined with the fact that the average large organization runs 50-100 different cybersecurity solutions in their estate, Help AG has observed organizations investing and focusing heavily on cybersecurity estate consolidation, utilizing longer term contracts such as Enterprise License Agreements (ELAs)) to ensure better predictability of budgets and reduced complexity.
There has been a marked increase in investment in locally hosted solutions and services. Investments into Security Service Edge (SSE) and OT/IoT security have seen twice the increase in the year, and over 50% growth in DDoS protection investments. Additionally, Managed Cyber Defense has become essential for cyber resilience and compliance, with investment growing 50% YoY and over 100% in Digital Risk Protection and Threat Intelligence.
Service centric business evolution
The services-led cybersecurity approach offers several advantages over a traditional in-house cybersecurity model, including 24×7 access to the best people, processes, and technologies, under a predictable OPEX payment model. Emerging Trends in Cybersecurity as a Service (CaaS) include leveraging Artificial Intelligence (AI) and Machine Learning (ML), greater adoption of Security Service Edge (SSE), Cybersecurity Compliance as a Service, and Incident Response as a Service (IRaaS).
The report spotlights the evolution of the service centric market and how UNIFY, Help AG as a Service 3.0 addresses the top concerns of organizations when it comes to the need for a unified approach to cyber defense.
Top cyber threats
Cybersecurity has become a critical concern for organizations of all sizes in the region. In 2022, the cyber threat landscape was characterized by a growing number of advanced persistent threats (APTs), malware attacks, and cybercrime.
Major risks that organizations faced were often related to human factors, misconfiguration of default credentials, and missing patches.
Ransomware and phishing attacks are both becoming more sophisticated, with attackers using tactics like double extortion to increase pressure on organizations to pay the ransom, and social engineering tactics to trick victims into divulging sensitive information.
DDoS attacks are also becoming more sophisticated and diversified in their forms. The total number of DDoS attacks detected in 2022 exceeded 150,000. DDoS attacks targeting UAE businesses with a volume of over 40Gbps have become the norm, while the max attack volume observed was 238.6 Gbps. Over 61% of DDoS attacks observed were multi-vector attacks, with the top attack types being UDP and DNS Amplification.
A record high of 26,000+ vulnerabilities were reported in 2022 identified as per the NIST National Vulnerability Database (NVD).
Improper configuration and device settings emerged as one of the top risks to organizations in 2022, while consistent usage of weak and insecure protocols, especially on externally facing assets such as weak SSL/TLS protocols on web servers, are usually the first target for an attacker to gain a foothold in the network.
In order to help regional businesses stay abreast of discovered vulnerabilities, Help AG highlights key recommendations against the top vulnerabilities’ organizations should look for in 2023.
Tech trends 2023 & beyond
Integrated Cyber Defense
As threats become increasingly numerous, persistent, and sophisticated, manual alert triage is no longer sufficient. Instead, contextualizing all data points into a single action thread is vital to a comprehensive defense against threats. In response to this, Help AG launched UNIFY, an integrated cyber defense platform serving as the foundation of their cyber defense services, unifying pivotal capabilities like visibility, collaboration, orchestration, and intelligent automation to deliver a seamless customer experience.
Secure Cloud Enablement
As cloud adoption reaches an all-time high and organizations increasingly adopt a microservice architecture, one of the most significant risks they face is cloud insecurity. To ensure a secure cloud posture, organizations must take action to address these risks. This involves identifying and remediating security issues, managing and securing access to cloud resources, and complying with regulations and industry standards.
Security Services Edge (SSE)
One of the key considerations while adopting security services at the edge in the Middle East is the growing importance of data privacy and the need for local content inspection.
Organizations look for SSE providers that provide true unification of security consoles, endpoint agents and converged policies; a single point of inspection for all security services; local data residency and compliance with regulations; and a large local partner ecosystem to deliver services ensuring the highest level of support and quick implementation.
Data and Identity Protection
Companies face the challenge of trying to streamline their data protection by safeguarding their sensitive data whilst enabling their employees to work productively and more importantly, maintain company success. On a regional level, UAE, Qatar, Bahrain, Kuwait, and KSA have all introduced laws that govern the lawful use of data within their respective countries.
Organizations look at powerful platforms to discover, protect, govern, identify risks, and manage their data estate while adhering to regional regulations.
Identity has become the new security perimeter. Adversaries are also reciprocating by targeting identities and gaps in governance. A very strong Identity Governance and Administration (IGA) practice will become a core requirement of security operations, and we can expect to see more focus and more investment in this area in 2023.
Internet of Things Security
IHS forecasted that the IoT market will grow from an installed base of 15.4 billion devices in 2015 to 75.4 billion in 2025. The IoT is the future, and hence, organizations aim to achieve comprehensive visibility and perform asset discovery, creating solid baseline measures for security in IoT devices, including security from the start of IoT project planning, adopting a strong zero-trust strategy, and enabling SecOps to detect, prevent and mitigate security incidents.
Stephan Berner, Chief Executive Officer at Help AG, said: “Cybersecurity is the crucial component of successful digital transformation and needs to be built in from day zero and beyond. Through the State of the Market Report 2023, we enable readers to understand how they can innovate to bring in the best of people, processes, and technologies, automate to enhance agility and improve time to value, and elevate the resilience of their enterprise to thrive in the hyper connected era where experience is of paramount importance and availability needs to be constantly on.”
Nicolai Solling, Chief Technology Officer at Help AG, added: “In a hyperconnected world where threats are becoming more sophisticated and frequent, it is increasingly essential for the public and private sector to work together, sharing knowledge and creating a united front against malicious actors in the digital sphere. Making our State of the Market Report readily available to organizations across the region provides essential intelligence into the state of cybersecurity in the Middle East, arming key players in the industry with the knowledge to protect themselves against cybersecurity threats.”