Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label UAE CISO. Show all posts

UAE CISOs Highlights their Rampant Gaps in Cybersecurity


A majority of security leader based in the United Arab Emirates (UAE) are convinced that their firms require improvements – in terms of how their teams, processes and technology operates – to mitigate any potential cyberattack.

To provide insight into the challenges faced by CISOs following a breach, cybersecurity firm Trellix surveyed over 500 security executives globally, revealing strategic analysis, eye-opening data, and practical viewpoints. 

In their analysis, the Trellix researchers revealed that 96% of CISOs (who have suffered at least one security incident) believe in the need for improvements. However, 52% of the respondents claim that their organizations have meagre to no technical knowledge on how to tackle challenging security incidents. 

Reliance on Manual Processes

According to the aforementioned survey, 48% of security leaders believe that their organizations are majorly based on manual processes, which eventually makes it more difficult to identify and fix cyberattacks quickly.

Moreover, 44% of respondents attribute the inability to tackle cybercrime to inadequately documented and executed procedures, while 44% caution that disjointed security controls result in a deficiency of context.

According to Jake Moore, global cybersecurity adviser at ESET, better investment in security is significantly crucial for companies, taking into account the increased sophistication in cyber activities.

"Furthermore, now with the introduction of AI threats we are seeing cyberattacks become even more relentless and powerful[…]Companies need to bear in mind that the cost of recovery from an attack usually outweighs the cost of preventive security measures,” he says.

Mind the Gaps

Organizations find it challenging to identify and address cybersecurity problems due to a lack of technological resources, but it can also be challenging when security professionals are overworked or underequipped. More than half of those surveyed (52%) said that their organization's security problems were caused by vulnerabilities in their security capabilities.

However, nearly half of the respondents that they had not properly enabled their detection policies or configured their IT stacks. Forty percent more claimed that their security and IT systems do not provide "adequate visibility" of occurrences.

Moore further warns, "Neglecting cybersecurity in terms of the people and process can leave a business dangerously exposed to preventable or mitigable attacks with potentially severe consequences."