Businesses still lack strong identity protection despite cyberthreats looming large in the region

Mohamed Mikou, Chief Operating Officer & Chief Marketing Officer at Microsoft Middle East and Africa talks further in details about the latest findings highlighted in  Cyber Signals, a cyber threat intelligence brief complied by the latest Microsoft threat data and research.

What would you imagine your username and password are worth to a hacker? According to Microsoft’s latest threat and data research, the average price for 1,000 stolen username password pairs is around $0.97. What’s more, securing 400 million username and password combinations in bulk will earn a cybercriminal around $150.

There can be little doubt, cybercriminals have our passwords in their sights. This is particularly the case in the Middle East and Africa (MEA) where businesses are often more prone to cyberattacks than companies anywhere else in the world. In fact, 43 percent of Middle Eastern CEOs plan to increase their investment in cybersecurity by 10 percent or more over the next three years, well ahead of the global average of 31 percent. At the same time, 54 percent of African CEOs are very concerned about the fast-evolving nature of cyberthreats.

With weak passwords, password spraying, and phishing the entry point for most attacks, identity is the new battle ground of cyberthreats. And for organizations looking to protect themselves, preventing an identity from being misused or stolen, is now the highest priority. As part of the first edition of, Cyber Signals, Microsoft’s new quarterly cyberthreat intelligence brief, we take a closer look at the dangers of the rising mismatch in scale of identity-focused attacks in relation to levels of organizational preparedness.

The brief, which offers an expert perspective into the current threat landscape, aims to be a valuable resource to business decision makers in the Middle East and Africa, as organizations across all industries navigate the constantly changing threat landscape. Cyber Signals aggregates insights we see from our research and security teams on the frontlines, including analysis from our 24 trillion security signals combined with intelligence we track by monitoring more than 40 nation-state groups and 140 threat groups.

The newly released research shows that though threats have been rising fast over the past two years, there has been low adoption of strong identity authentication, such as multifactor authentication and passwordless solutions. In fact, just 22 percent of Microsoft’s Cloud Identity Solution, Azure Active Directory, users had implemented strong identity authentication protection as of December 2021.

However, the consequences of a data breach are now front of mind for 68 percent of companies in the UAE/ 50 percent of companies in South Africa/ 65 percent of companies in Turkey/ 55 percent of companies in Qatar/ 82 percent of companies in Israel, according to current Microsoft-IDC research. In fact risk experts across MEA rank cyber incidents as the second highest risk facing the region, largely because of the increase in both size and expense of data breaches.

This is helping push organizations across the region to pay closer attention to digital identities. As it stands, confirming user identities with an additional layer of security is a key priority over the next six to 18 months for 62 percent of businesses in the UAE/ 49 percent of businesses in South Africa/ 68 percent of businesses in Turkey/ 63 percent of businesses in Qatar.

Recognizing the danger that comes with remote work and increased digitization, another 66 percent of companies in the UAE/ 61 percent of companies in South Africa/ 81 percent of companies in Turkey/ 72 percent of companies in Qatar/ 96 percent of companies in Israel are actively investing in identity and access management.

The right multifactor authentication (MFA) and passwordless solutions can go a long way in preventing a variety of threats. In fact, according to Cyber Signals, basic security hygiene still protects against 98 percent of attacks.

Still, today’s organizations need a new security model that more effectively adapts to the complexity of the modern environment, embraces the hybrid workplace and protects people, devices, apps and data wherever they’re located. That’s why implementing Zero-Trust practices like MFA and passwordless upgrades should be prioritized as part of a security baseline to reduce risk.

To protect your organization, data, customers and employees in our increasingly complex and dynamic digital world, it’s vital for your security team to enforce a Zero Trust approach and verify each request as though it originates from an open network.  They can begin with privileged accounts to gain protection quickly, then expand from there.

Identity-driven security
One of the core pillars of a Zero Trust security approach is identity-driven security. Identities define the Zero Trust security boundary, and should be used as the primary factory in how access to corporate resources is approved.

Whether it represents people, services, or IoT devices, identity is the control plane to give you greater visibility and management over who has access to what, when they should have it, and under what conditions.

To enforce strong, unified identity protocols, particularly in a hybrid work environment, a centralized, modern, cloud-based directory solution like Microsoft Azure Active Directory is crucial to bridge cloud and on-premises identities.

With this in place, verified identity provides the foundation to the broader framework for Zero Trust, alongside the other pillars of verified devices, verified access, and verified services.

Additional recommendations for organizations looking to adopt a Zero Trust security approach include:

  • Auditing access privileges frequently: Privileged-access accounts, if hijacked, become a powerful weapon attackers can use to gain greater access to networks and resources. Your security teams should be auditing access privileges frequently, using the principle of least-privilege granted to enable employees to get jobs done.
  • Constantly verifying user activity: Another fundamental aspect of your security hygiene should be to thoroughly review all tenant administrator users or accounts tied to delegated administrative privileges. This will help your organization verify the authenticity of users and activities. Your security team should then disable or remove any unused delegated administrative privileges.
  • Reducing dependency on passwords: Enabling MFA is an important weapon in fighting back. By so doing, your organization mitigates the risk of passwords falling into the wrong hands. You can take this a step further by eliminating passwords altogether and, at the same time, eliminating administrative privileges through passwordless MFA.

Attackers are constantly raising the bar. But leading with identity-focused solutions, including enforcing MFA, adopting passwordless solutions, and creating conditional access policies for all users dramatically improves protection for your devices and data. If identity is the new battle ground, then Zero Trust is the must-have weapon for fighting back.