webvic-b

UAE CISOs feels unprepared to cope with a cyberattack, says CISO report 20201

Security

As hybrid workforce have presented new challenges for cybersecurity teams, 70% of survey respondents in the UAE consider human error their organisations biggest cyber vulnerability

• CISOs are on high alert across a range of threats: faced with a relentless attack landscape, 68% of surveyed CISOs in the UAE feel at risk of suffering a material cyberattack in the next 12 months. When asked about the types of attacks they expect to face, insider threats (29%), phishing (28%) and Business Email Compromise (25%) topped the list.

• Organisational cyber preparedness is still a major concern: 72% of CISOs in the UAE feel their organisation is unprepared to cope with a targeted cyberattack in 2021.

• User awareness doesn’t always lead to behavioural change: while 69% of survey respondents believe employees understand their role in protecting their organisation from cyber threats, 70% of CISOs in the UAE still consider human error to be their organisation's biggest cyber vulnerability.

• Long term hybrid work environments present a new challenge for CISOs as 66% of CISOs in the UAE agree that remote working has made their organisation more vulnerable to targeted cyberattacks, with 76% revealing they had seen an increase in targeted attacks in the last 12 months, the highest among the surveyed countries.

• High risk, high reward likely to be a common cyber theme over the next two years.70% of CISOs in the UAE believe that cybercrime will become even more profitable for attackers, while 64% believe that it will become riskier for cybercriminals.

Lucia Milica, global resident CISO at Proofpoint, said, “Last year, cybersecurity teams around the world were challenged to enhance their security posture in this new and changing landscape, literally overnight. This required a balancing act between supporting remote work and avoiding business interruption, while securing those environments. With the future of work becoming increasingly flexible, this challenge now extends into next year and beyond. In addition to securing many more points of attack and educating users on long-term remote and hybrid work, CISOs must instill confidence among customers, internal stakeholders, and the market that such setups are workable indefinitely.”

Ryan Kalember, executive vice-president of cybersecurity strategy for Proofpoint , said: “The ‘good enough’ approach of the past 12 months will simply not work in the long term, with businesses unlikely to ever return to pre-pandemic working practices, the mandate to strengthen cyber security defenses has never been more pressing. CISOs hold a business-critical function, now more than ever. The findings from our report emphasise that CISOs need the tools to mitigate risk and develop a strategy that takes a people-centric approach to cybersecurity protection and emphasises awareness training to address ever-changing conditions, like those experienced by organisations throughout the pandemic.”