82 percent of IT decision makers working in banks and financial service institutions (FSIs) in the United Arab Emirates are under pressure to level up their security protocols, according to new research from Citrix. This comes as 72 percent see IT security risks in the industry increasing since the start of the COVID-19 pandemic. Employees are most likely to be pressurising their organisation to increase security, with 67 percent of IT pros reporting pressure from this group, followed by customers (48%), then government (45%), and shareholders (31%).
Perhaps in response to these demands, 66 percent of respondents report that security has become a top priority in their organisation over the past 18 months. They join the further 31 percent who report that it has been a top priority “for years”.
“It is no surprise that security has become an even greater priority since the pandemic began,” says Amir Sohrabi, Area Vice President for Emerging Markets at Citrix. “As remote work became ubiquitous overnight, and employees were more likely to be distracted by personal and professional stressors, cyberattacks have increased across the globe. This research highlights that both internal and external stakeholders have recognised the challenges, which are especially pertinent in a sector like finance.”
However, despite the increase in cyber-attacks and the changing demands and pressures upon them; 95 percent of IT decision makers claim they are comfortable with their IT security provisions, with 25 percent of those saying they are “very comfortable”. 86 percent also believe that the IT security teams in their organisations have “all the skills necessary” to handle today’s challenges.
This confidence may come, at least in part, from the fact that many organisations are replacing their traditional VPN solutions with Zero Trust, cloud-based services. 46 percent of respondents have already implemented this, with another 49 percent planning to do so in the next 12 months. A further six percent plan to follow suit in the longer term. The biggest drivers behind this decision are improving end user experience (42%), having an agile and secure remote work strategy (39%), consolidating multiple point products (36%) and more on-premises solution to the cloud (35%).
In addition, 90 percent of IT decision makers report that they are satisfied with the digital workspace solutions their organisation has used to support remote work, over the past 18 months. 54 percent of respondents implemented these digital workspace solutions in response to the mandate to work from home in March 2020, while a further 42 percent already had them in place prior to the pandemic. The remaining 4 percent plan to provide their teams with digital workspace solutions in the future.
Of the other technologies that organisations have in place to support remote working, the most popular are virtual desktops and apps (67%), video conferencing / streaming (62%), and emails (57%).
Whilst the majority of IT decision makers feel they have the right teams in place to support their organisations’ current security posture, there may be challenges on the horizon. 87 percent of respondents admit that they will need to hire externally to get the right skills in the future, and 87 percent feel that at some point, IT security teams in their organisation “will need to be entirely reskilled”.
Additionally, the research uncovers some gaps in wider security training for employees of banks and FSIs. 31 percent of respondents say that security training for all employees at their organisation is provided less than once a year, with 1% admitting it is provided every six years or less.
“The challenges caused by the pandemic and the pressures put on IT decision makers by key stakeholder groups, have led to security soaring up the priority list for many financial organisations,” comments Amir Sohrabi. “The last 18 months have clearly been a time of great change, with new technologies being implemented, so it’s highly encouraging to see most IT managers in this sector adapt and accelerate, to ensure they have the correct security posture in place.”
“However, this is no time to get complacent and there is clearly an opportunity for businesses to future-proof their security by upskilling their IT teams and providing regular training for the wider employee group,” he adds. “There has been an alarming increase in cyber-attacks since the start of the pandemic, and many of these come as a result of human error. The importance of dedicated annual training, therefore, cannot be underestimated.”