8 of 10 UAE firms vulnerable to cybercrime, hacking

Carbanak also remotely seized control of ATMs and ordered them to dispense cash at a predetermined time. (AFP)

Leading UAE IT decision-makers agree that cybersecurity threats are growing in intensity and scale across the region.

According to a new survey commissioned by global Application Delivery Networking leader F5 Networks a majority of surveyed IT decision-makers believed their organisation was more vulnerable than ever to cybersecurity threats. The findings come ahead of this month’s IDC CIO Summit in Dubai.

Eight out of 10 respondents (82 per cent) ranked their organisation’s vulnerability to cybercrime, hacking and “hacktivism” as “very” or “extremely” vulnerable, and 79 per cent agreed that it is more difficult than ever to protect their organisations from associated security threats.

Worryingly, only 8 per cent are completely confident their organisation has consistent IT security measures across its entire IT network.

One-third (34 per cent) said their marketing and sales efforts were most vulnerable to attacks, 28 per cent cited email, 27 per cent employee data and 24 per cent customer information.

Common cybersecurity threats include distributed denial of service (DDoS) attacks, phishing/spear-phishing emails, data theft, “zero-day” software assaults, web application exploits, and website defacement.

“Traditional security methods such as next generation firewalls and other reactive measures are losing the fight against a new breed of attacks,” said Garth Braithwaite, Middle East Sales Director, F5 Networks.

“Security is now very much about the protection of the application, the enforcement of encryption, and the protection of user identity. Increasingly, it is less about the supporting network infrastructure.

Organisations need a security strategy that is flexible and comprehensive, with the ability to combine Domain Name System (DNS) security, DDoS protection, network firewalls, access management, and application security with intelligent traffic management.”

MarketsandMarkets suggests that the Middle East cybersecurity market is on course to grow from $5.17 billion in 2014 to $9.56 billion in 2019 at a CAGR of 13.07 per cent.

In its 2014 Global Economic Crime Survey, PrincewaterhouseCooper identified cybercrime as the second most common form of economic crime reported in the Middle East.

The top cybersecurity challenges listed in F5 Networks’s survey include changing motivations for hacking (33 per cent of respondents), the virtualization of server desktops and networks (31 per cent), difficulty in managing a variety of security tools (29 per cent), the increasing complexity of threats (29 per cent), the shift from datacentre-focused infrastructure to the cloud (25 per cent) and the move from traditional client-server applications to web-based applications (24 per cent).

In order to adapt and cope, 57 per cent of decision-makers wanted a better understanding of the different types of security threats, 24 per cent called for consolidated management of their different security tools, and 20 per cent wanted a stronger focus on security issues from management.

“With multi-dimensional or 'cocktail' style attacks - DDoS attacks combined with application layer attacks and Structured Query Language (SQL) vulnerabilities –organisations really need to look at a multi-stack security approach, combined with a process to handle internal control,” added Braithwaite.

The IDC CIO Summit 2015 is being held from 25-26 February in Dubai.

Print Email