Cybersecurity trends rising in GCC in 2023

According to IBM’s latest Cost of a Data Breach Report, the global cost of a data breach averaged AED15.98m; a 2.6 percent increase from last year, AED27.4m for the GCC and, AED34.67m for the costliest country in the world, the United States.

Among the 17 industries observed in report, the healthcare industry experienced the highest average data breach cost of any industry. This comes as no surprise as healthcare is a lucrative industry with critical top-level infrastructure and data-rich records.

Unlike other industries, data records in the healthcare industry are more static. The next most targeted industries are financial, followed by pharmaceutical, technology and energy, while for the GCC, the prime sector is financial, followed by healthcare, then energy.

Cyberattacks have especially swept the Middle East, leaving private and public entities vulnerable. According to the “Digital Lifestyle in the UAE 2022” report published by the UAE’s Telecommunications and Digital Government Regulatory Authority (TDRA), the UAE is among the world’s leading countries in various digital life indexes, thanks to a strong information and communication technology (ICT) sector. With the rapid adoption of digital technologies, the UAE becomes very attractive to cyber threats.

Recent data and trends show just how severe the cyber threat is in the GCC and one example of that is the longer mean time to contain cybersecurity attacks (globally, it takes 324 days to contain a cybersecurity attack against 349 days in the GCC).

Security leaders must consider how to navigate this constantly changing and increasingly costly cybersecurity landscape. To decode this uptick in cyberattacks and costs, security leaders need to pay attention to the following top cybersecurity considerations for 2023:

1. Adopt a zero-trust security model to help prevent unauthorised access to sensitive data: Today, according to IBM’s recent Cost of a Data Breach Report, only 20 percent of GCC’s organisations have deployed the zero-trust framework compared to 41 percent globally. Adopting a zero-trust architecture will help protect data and resources by preventing unauthorised access.
2. Launch a security-awareness programme: Educate staff on the potential cybersecurity threats and how to mitigate risks. Launching a cybersecurity awareness programme can help train your staff to be a valuable security asset – the last “intelligence” line of defense. For example, awareness programmes can include e-learning, phishing simulations, and gamification. To make it even more impactful, tailor the content to specific job roles.
3. Automate by investing in SOAR and XDR: SOAR (security orchestration, automation, and response) and XDR (Extended, Detection, and Response) are crucial elements of cybersecurity automation that help improve detection and response times. Organisations with these technologies can contain cybersecurity threats 74 days faster than other organisations that don’t utilise these technologies. (Source: IBM’s Cost of a Data Breach Report in 2022).
4. Continuously train and practice: Prevention is important but preparing for a cybersecurity incident is equally important. Cybersecurity Building, and testing incident response playbooks will help build an organisation’s security resilience, while also helping to pressure test the workforce.
5. Protect against insider threats: Insider threat is considered one of the top threat vectors in the Middle East. That said, several techniques can be used to prevent this including, but not limited to, EDR (Endpoint detection and response), UEM (Unified Endpoint Management), IAM (Identity and Access Management), or DLP (data loss prevention) solutions.
6. Security for operational technology (OT) environments is a growing concern, particularly in the GCC. Nearly half of all cyberattacks in this region target the oil and gas industry, which is becoming more connected as it undergoes digital transformation. OT systems must be viewed as a component of a comprehensive security framework; therefore, an OT security strategy is no longer a nice to have.