Leading Saudi IT decision-makers agree that cybersecurity threats are growing in intensity and scale across the Kingdom. The situation is putting businesses at risk of hits to both reputation and bottom line.
A new survey commissioned by F5 Networks found that nearly seven in ten of surveyed businesses (68%) regarded cybercrime as a “severe” threat. 75% of respondents said that their business’ sales and marketing efforts would suffer most from an attack. Worryingly, only 15% are confident their organisation has consistent IT security measures across its entire IT network.
84% claimed that it has become harder in the past three years to maintain a consistent security posture. This is partly due to the rise of cloud, off-premise IT and trends such as Bring Your Own Device (BYOD).
58% of respondents described the degree to which fear of cybersecurity threats had increased in the past two years as “tremendous” or “very strong”, whereas 66% reported that it is more difficult than ever to protect their organisation against cybersecurity threats.
Common cybersecurity threats include distributed denial of service (DDoS) attacks, phishing/spear-phishing emails, data theft, “zero-day” software assaults, web application exploits, and website defacement.
“Traditional security methods such as next generation firewalls and other reactive measures are losing the fight against a new breed of attacks,” said Mamduh Allam, Saudi Arabia Country Manager, F5 Networks.
“Security is now very much about the protection of the application, enforcement of encryption the protection of user identity, and less about the supporting network infrastructure. Organisations need a security strategy that is flexible and comprehensive, with the ability to combine Domain Name System (DNS) security, DDoS protection, network firewalls, access management, and application security with intelligent traffic management.”
The Kingdom’s burgeoning cyber security market size is indicative of the new cybersecurity threat landscape. According to MicroMarket Monitor, the market is expected to grow from US$1.51 billion in 2013 to US$3.48 billion in 2019 at a CAGR of 14.50% for the period 2013 to 2019.
For the wider region, MarketsandMarkets suggests that the Middle East cybersecurity market is on course to grow from US$5.17 billion in 2014 to US$9.56 billion in 2019 at a CAGR of 13.07%.
In its 2014 Global Economic Crime Survey, PrincewaterhouseCooper identified cybercrime as the second most common form of economic crime reported in the Middle East.
The top cybersecurity challenges listed in F5 Networks’s survey include the complexity of managing a variety of security tools (50%), the shift from data-centre focused infrastructure to the cloud (48%), desktop and server virtualisation (42%), BYOD (40%), the growing desirability and flexibility of web-based applications (33%) and the increasing complexity of threats (32%).As a result, 61% called for greater consolidation of security tool management. 61% also wanted to see a stronger focus on security from management.
When asked about desired coping solutions, the decision-makers’ wish-lists included improved tracking and tougher actions on cybercriminals by authorities (54%), better understanding of the wide variety of live security threats (43%) and more context-awareness for devices accessing networks (28%).
“With multi-dimensional or 'cocktail' style attacks - DDoS attacks combined with application layer attacks and Structured Query Language (SQL) vulnerabilities –organisations really need to look at a multi-stack security approach, combined with a process to handle internal control,” said Allam.