The Middle East technology landscape is rapidly evolving, as the region transforms into a hub of technology innovation. According to IDC, digital transformation spending in the META region will accelerate at CAGR of 16 percent, topping $74 billion in 2026. With this, the threat landscape is also expected to expand, with cybercriminals taking advantage of new disruptive technologies to upgrade their techniques. The days of basic DDOS and malware attacks are behind us as attackers have moved to multi-staged, orchestrated attacks that are run with a mixture of humans and bots behind them.
Cybercriminals have been quick to see the potential that AI contains when it comes to automating and increasing the impact of their attacks. Repetitive tasks in cybercrime are being offloaded onto bots, as well as more high-profile attacks like ransomware and DDOS. Similarly, the new generation of chatting software like ChatGPT can be operationalised for phishing attacks, removing their impersonal nature, and making them seem authentic. Attackers can also leverage the power of machine learning to understand patterns and thus create legitimate-looking emails that are indistinguishable from the real ones.
Additionally, by leveraging the power of Deepfake technology, attackers can impersonate a person and initiate an identity takeover attack to gain access to sensitive information. This is especially pertinent to the region, where strides have been made in making facial identification as easy and frictionless as possible with a movement towards using smartphones instead of physical visits to branches.
To top all this, organisations are struggling with hiring the right security talent. Nearly two-thirds (64 percent) of the respondents from the GBM Security Report faced challenges in tackling skill gaps. Unless the skill gap in security is addressed, companies will find themselves adopting technologies that their IT teams are not ready to secure. This is even more relevant with cloud continuing to be a disruptor in the region, and the need for cloud security is on the rise.
In the GBM Security Report, we highlighted the importance of security automation and how over 34 percent of organisations considered it a key focus area for the next 12 months. Zero Trust is often rightfully touted as the solution for such environments as controls follow the data wherever it resides. Users must be authenticated regardless of whether they reside within or outside the perimeter in a Zero Trust-compliant architecture. However, this may not be enough. Organisations need to revisit their approach to cybersecurity to keep up with the changing cyberthreat landscape.
GBM will be located at Hall 6, Stand B70 at GISEC.
Implementing a Managed Detection and Response (MDR) Model enables CISOs to take advantage of the dedicated expertise of the provider instead of spending time and effort on implementing automation using in-house resources. In an MDR model, CISOs will outsource their security operations to a specialised security provider and leverage their expertise to combat these attacks. Given the volume of sophistication of these emerging attacks, MDRs can provide an efficient and cost-effective way of minimising this risk. This can also help CISOs to better direct the available security resources elsewhere.
Next-generation threats require next-generation solutions, and it is becoming critical for CISOs to start investing in MDR solutions that are powered by machine learning and orchestration to empower their teams. By investing in a cybersecurity strategy that encompasses these risks and incorporates the new generation of cybersecurity technology, CISOs in the Middle East can put themselves in a comfortable position to protect their environments in the coming years.
