Middle East organisations make cybersecurity decisions without the proper cyber threat insights, according to a recent report by Mandiant.
The report called “Global Perspectives on Threat Intelligence” revealed that despite recognising the importance of understanding cyber threat actors (94 percent), 83 percent of Middle East respondents revealed their organisations make cybersecurity decisions without such insights.
While 91 percent were satisfied with their organisation’s threat intelligence quality, applying it effectively throughout the security team was a major challenge (49 percent). The survey also found that only 47 percent of organisations had a comprehensive understanding of different threat groups and their TTPs, and 98 percent believe they need to implement changes faster based on available threat intelligence.
“In today’s interconnected world, cyber security threats in the Middle East are a growing concern. As attackers become more sophisticated and innovative in their methods, it is crucial for businesses to take proactive measures to protect their valuable assets and customer data,” said Jamil Abu Aqel, Mandiant Head of Systems Engineering, Middle East at Google Cloud.
“This new research reveals that security teams are worried that top management lacks a complete understanding of the threat, resulting in crucial cybersecurity decisions being made without sufficient adversary insight. To mitigate these risks, organisations in the region must take a proactive approach to cyber security by seeking concrete threat intelligence on potential attackers and their methods relevant to their specific industry, leverage that intelligence to protect against potential threats, and effectively communicate on the cyber threat to key stakeholders.”
According to the report, almost 68 percent of security decision makers think their senior leadership teams are underestimating the cyber threat faced by their organisations. Respondents from the Middle East were the most doubtful about their senior leadership’s knowledge of the cyber threat.
Despite these concerns, security decision makers are optimistic about the effectiveness of their cyber defenses. They feel most confident about dealing with financially motivated threats, such as ransomware, followed by hacktivist and nation-state actor threats. Additionally, 57 percent of respondents believe they can prove to their senior leadership team that their organisation has a highly effective cyber security program.
