According to Okta’s research, 40% of global organisations are working on zero trust projects that centre around the principle of never trust, always verify. Rather than taking for granted the fact that a site, application, or platform is safe to work on, employees maintain a healthy level of cynicism about the IT resources that they are using.
North America leads the pack with 60% of respondents embarking on zero trust initiatives, both Europe and the Middle East are lagging, with just under 18% onboard.
With nearly 80% of companies in some parts of the world expecting to keep their remote work arrangements in place for up to one year after Covid-19 substantially subsides, Middle East organisations need zero trust policies and robust tools to help them operate more safely, securely, and confidently.
Professional services firm KPMG in Saudi Arabia has warned of an increase in malicious cyber activity, as online criminals seek to exploit the global coronavirus pandemic. With a worldwide pandemic underway and companies round the globe are predicted to face a loss of $3.5 billion a year to cybercrime. More Middle East companies need to strengthen their cybersecurity solutions for their remote workforces.
Working remotely was the obvious choice for many companies, but while in-office workers offered organisations easier cyber protection with traditional technology such as firewalls, remote working has forced these same companies to loosen protocols to allow for remote access.
Workers need the right level of access, to the right resources, in the right context, but the 2020 Verizon Data Breach Report demonstrates that cybercriminals are moving away from the traditional technology attack and moving their focus towards the people and their identities. In short, workers are the number one cause of cybersecurity breaches, a risk that increases exponentially for remote workforces.
Before the onset of Covid-19, organisations across the Middle East kicked off their journeys to zero trust security by starting with identity, adopting tools and best practices like single sign-on and multi-factor authentication for internal and external users, as well as for API access.
“As companies look to securely enable a long-term remote workforce, they need a security framework that can support them both today and into the future,” said Justin Doo, Regional Manager Middle East & Africa, Okta, “keeping their people, data, and infrastructure safe. That’s where zero trust comes in.”
Emile Abou Saleh, Regional Director, Middle East & Africa at Proofpoint said, “A people-centric strategy is a must for organisations in the UAE, as cybercriminals increasingly target people rather than infrastructure, with the aim of stealing credentials, siphoning sensitive data, and fraudulently transferring funds. In fact, our recent research revealed that 39% of UAE CSOs and CISOs believe their employees make their business vulnerable to cyberattacks and 55% cite human error and lack of security awareness as one of the biggest IT security risks.”
Sayantan Dev, President at Redington Value said, “Every region presents its own unique problems. In the Middle East organisations have experienced a high number of insider-related incidents and are very likely to experience a spike in credential theft. Luckily, there are real technology solutions we should be looking at. Organisation should look at deploying Multi-Factor Authentication technologies as a base practice.”