Cybersecurity continues to rise up the board agenda

A year after organizations were rocked by a series of large-scale cybersecurity breaches and ongoing recriminations over state-sponsored interventions, this year’s EY Global Information Security Survey 2018-19 (GISS) shows cybersecurity continuing to rise up the board agenda.

Clinton Firth, MENA Cybersecurity Leader at EY, said “Cybersecurity continues to be one of the top three risks across all industries and government entities in the MENA region. Digital transformation is resulting in more opportunities to exploit while advanced exploitation tools and capabilities are becoming more readily accessible. In general, organizations in MENA are not at a commiserate level of cybersecurity readiness and unfortunately this creates the perfect environment for cyber-attacks in the region.”

The survey of more than 1,400 C-level cybersecurity and risk leaders, examines some of the most urgent concerns about cybersecurity and their efforts to manage them. Some of the key findings from the survey are as follows:

  • 87% of organizations operate with a limited budget to provide for the level of cybersecurity and resilience they require
  • 55% of organizations don’t make the protection of the organization an integral part of their overall business strategy and execution plans
  • A majority of organizations (77%) are now seeking to use advanced technologies like artificial intelligence, robotic process automation and analytics
  • Cloud computing (52%), cybersecurity analytics (38%) and mobile computing (33%) are the highest priorities for cybersecurity investment
  • The riskiest vulnerabilities are careless/unaware employees (34%), outdated security controls (26%), unauthorized access (13%) and related to cloud-computing use (10%)
  • Many organizations (82%) are unclear about whether they are successfully identifying breaches and incidents

As organizations in MENA become increasingly reliant on technology, they are more vulnerable to cyber-attacks and digital risk. Businesses need to shift towards a 24/7 monitoring to protect their digital presence from attack regardless of industry.