The results of a recent IT security survey of Middle East organisations conducted by International Data Corporation (IDC) show that the top three threats to enterprise security are infected USB drives, data theft by employees, and advanced persistent threats. These threats all have one aspect in common – insider risk. The fact that users do not realise that they are bringing in infected devices is another major concern.
Such issues featured heavily on the agenda at IDC’s recent IT Security Roadshow in Bahrain, where more than 100 senior security professionals from the government, oil and gas, manufacturing, construction, and BFSI verticals – to name just a few – gathered to undertake an in-depth examination of the increasingly volatile forces shaping the prevailing threat landscape in Bahrain as new economic realities begin to bite.
“Advanced persistent threats can go undetected for long periods of time, which adds to the complexity of the challenge,” says Megha Kumar, Senior Research Manager for Software at IDC Middle East, Africa, and Turkey. “Increasing the levels of awareness and proactivity around security is critical for organisations across the GCC. Financial motivation continues to drive cybercrime activity in the region, although so-called ‘hacktivist’ incidents are compounding the situation with websites now also being defaced simply to drive a particular political agenda. The implications of such incidents are far reaching, not just from a financial perspective but also from a regulatory and reputational point of view.”
Security is critical not just for securing enterprise data but also as a major facilitator of the digital transformation process. With this in mind, speakers at IDC’s IT Security Roadshow in Bahrain explained that organisations must remain resilient in the face of increasingly challenging economic conditions and employ a proactive approach to security as they undertake their digital transformation initiatives.
“Budget constraints are likely to remain a challenge for the foreseeable future in Bahrain,” says Kumar. “The security conundrum becomes even more challenging when organisations start downsizing their headcounts in a bid to free up much-needed resources. In such a scenario, the threat of insider risk is exacerbated as disgruntled employees leave the company, potentially taking sensitive corporate information with them. As such, data loss prevention, data access management, and governance are all major security factors that must be addressed in order to avert any unwanted drama.”
With all this in mind, IDC expects organisations in Bahrain to seek out IT solutions that help improve their cost and operational efficiencies. As they increasingly look to exploit innovative new business models and services, they will inevitably move into far more open, digitally-enabled ecosystems. IDC believes that cybersecurity and privacy solutions will become one of the major technological drivers of successful digital transformation strategies, but businesses must first undertake a proper risk assessment to discover precisely where they can be compromised.