Help AG presented findings from the company’s research and its experience working with more than 500 of the region’s largest enterprises and government organizations to detect and respond to threats throughout 2023. The CEO Stephan Berner, CTO Nicolai Solling, and CBO Dr. Aleksandar Valjarevic revealed the top threats the region faced during the past 12 months, and that included
- Of nearly 30,000 critical risk alerts identified by Help AG in 2023, the dominant threat categories were found to be Credential Theft (49%) and Brand Abuse (39%), while Data Leakage and Phishing represented 10% and 1.5% of use cases, respectively.
- Digital risks majorly impacted the Education (36%), Aviation (29%), and Healthcare sectors (15%), which together represented 80% of targeted organizations in the GCC.
- Organizations in the Government (8%), Investment (7%), and Banking and Finance (4%) sectors followed, as transactions in these sectors became increasingly digitized.
- There was a 42% jump in Distributed Denial-of-Service (DDoS) attacks in 2023, with Help AG recording 213,434 attacks of this nature.
- The longest DDoS attack lasted for over 5 days, while the largest attack by bandwidth logged in at a record-breaking rate of 461.5 Gigabits per second (Gbps).
- 40% of DDoS attacks targeted the Government sector in 2023, followed by 29% for the Telecoms sector, 9% for Aviation, and 5% for Oil & Gas.
- The Financial and Telecoms sector experienced the largest DDoS attacks by volume, logging in at 461.5 Gbps and 302.2 Gbps, respectively.
Help AG also highlighted that cyber defense investments in 2023 doubled amid the continuing digital transformation surge. GCC enterprises and governments exhibited growth in Cybersecurity estate consolidation, Managed cyber defense, Cybersecurity advisory, and DDoS protection. Investments spanned preventative, detective, responsive, and predictive controls, which included:
- Multi-factor authentication implementations rose by 16%, while patch management processes saw a 13% increase, highlighting critical efforts to thwart threat actors and maintain system integrity.
- Implementation of web application firewalls increased by 9%, and identity access management also grew by 9%, indicating a strengthening of web and identity security frameworks.
- Privileged access management saw a 10% increase, enhancing security for critical server access, and dedicated data activity monitoring rose by 15%, reflecting growing concerns over data privacy and protection.