The majority of UAE-based cybersecurity professionals are feeling overwhelmed by the rapid escalation of cyberthreats despite increased commitments from senior management and access to bigger budgets. This was one of the key findings in a global study commissioned by Trellix, the cybersecurity company at the forefront of extended detection and response (XDR).
The study polled 9,000 cybersecurity professionals across 15 countries, including the UAE, in organizations with 500 or more employees. Some 70% of UAE respondents said their organization’s cybersecurity investments had increased in the past 12 months and two thirds (67%) reported regular meetings on cybersecurity and compliance with senior executives. But most (56%) also admitted that threats evolve so rapidly they still struggle to keep up.
The need for change
There was widespread acknowledgement among UAE respondents of the need for change. Some 57% said their current security model needed to be updated to successfully predict, detect, and respond to attacks as they happened. Among those expressing such concerns, 13% described the necessary updates as “major”.
Amid these capability gaps, 53% of UAE cybersecurity specialists say they are “fighting a losing battle against cybercriminals”. Beyond taking a toll on the cybersecurity professionals — 54% of respondents cited being held back by the limitations of their cybersecurity infrastructure as one of their biggest work frustrations — this gap in cybersecurity is impacting UAE organizations’ bottom lines, with 80% of respondents acknowledging that their organization lost up to 10% of revenue in the previous year because of security breaches.
Siloed security
According to the findings, 60% of UAE SecOps teams are hampered by patchworks of security solutions that have few, if any, integration options. Only one in nine (11%) have managed to eliminate silos and little more than a fifth (22%) are working towards this end. Some 59% are working with more than 10 separate security solutions and 60% decried the lack of efficiency this causes. To make matters worse, one third (67%) of organizations have no plans to rid themselves of silos.
“Siloed security systems hand easy victories to threat actors and make life harder for SecOps teams everywhere,” said Vibin Shaju, General Manager, UAE at Trellix. “And yet many businesses seem prepared to accept siloed security rather than updating their security architecture to connect the dots and enable adaptive security. Nothing changes if nothing changes. Organizations that do not move purposefully towards a more integrated security model are painting a target on their back as an open invitation to cybercriminals.”
In the UAE, 69% of cybersecurity professionals reported dealing with up to 50 cybersecurity incidents per day and 42% characterize their daily routine as being “inundated by a never-ending stream of cyberattacks”. Respondents are plagued by blind spots within their infrastructure, with 27% citing such visibility gaps. Moreover, just over a third (36%) say their security ecosystem does meet their current needs but expressed concerns about their future capabilities if they continue to use the same security suite.
Extended detection and response (XDR)
Against this backdrop, one technology that has come to the fore is Extended Detection & Response (XDR). In particular, an open, cloud-native XDR architecture that constantly learns from and adapts to the ever-changing threat landscape, can help organizations eliminate silos and identify threats before they can do harm. More than a fifth (22%) of UAE respondents said they had already implemented XDR, with an additional 41% saying they were exploring the technology for likely implementation in the next 12 to 18 months.
Among XDR implementors in the UAE, 78% ranked the ability to automate processes and prioritize critical concerns among the most important benefits of the technology. Not only was this the top priority for UAE organizations, but the proportion of respondents that cited it was significantly higher than the global average, suggesting that automation and alert triage are of specific interest to UAE enterprises an understandable finding given the region’s extant cybersecurity skills gaps.
Among other important factors that compelled UAE companies to implement XDR were its capability to detect threats in real time (76%), and the ability to deliver operational efficiency by freeing human analysts to pursue higher-value cyber work (37%). A quarter of UAE XDR implementors were drawn to the technology by its capability to learn from incidents and adapt to threats; and 38% were impressed by the reduction in response times. Some 46% said that because of the benefits they had witnessed, they were likely to recommend that their organization allocate budgets this year to advanced programs that include XDR.
“This research reveals how unsustainable the situation is for cybersecurity professionals today,” said Aparna Rayasam, chief product officer, Trellix. “Instead of relying on traditional siloed solutions that add complexity, businesses can reshape SecOps with a flexible, intelligent security architecture that consolidates security tools, so teams can work smarter and quickly remediate threats.”