Business and government leaders in the Middle East and North Africa are ahead of other parts of the world in setting cybersecurity as a priority, a new survey of information technology professionals indicates.
The survey, commissioned by Raytheon Company (NYSE: RTN) and titled “Global Megatrends in Cybersecurity 2015,” revealed that more than half of organizational leaders in the Middle East and North Africa (MENA) region identify cybersecurity as a strategic priority, compared to only 23 percent in the US and 36 percent in U.K./Europe. Boards of directors in 35 percent of MENA organizations have been briefed on strategic cybersecurity issues in the last 12 months, as compared to 22 percent globally, the survey found.
“You don’t have to wait until you’re attacked to take cybersecurity seriously,” said Jack Harrington, vice president of cybersecurity and special missions at Raytheon Intelligence, Information and Services. “From the board room to the President’s desk, rallying around the cybersecurity issue is critical to address the real threats we face as a global society.”
Sponsored by Raytheon and conducted by the U.S. Ponemon Institute, the survey was based on responses from more than 1,000 chief information security officers (CISOs) and IT security practitioners from the United States, Europe and the MENA region. Respondents, including 182 from the MENA region alone, answered a variety of probing questions on issues ranging from emerging technologies to predictions on major future threats and levels of readiness.
Among the survey’s findings:
• With cybercrime being the gravest threat to digital safety, security leaders in the MENA identify zero day attacks – events in which cyber criminals exploit an unknown hole in software – as the largest emerging threat over the next three years, followed by phishing and mobile malware.
• Security professionals foresee growing global demand for cyber intelligence, viewed as the most important factor in organizational security and the implementation of defensive measures.
• Most organizations are unprepared for growth of the Internet of Things – the digital connections between devices other than computers, including cars and home appliances, which is expected to create vulnerabilities within data networks.
• Organizations are also threatened by unintentional breaches through employees, although a greater emphasis on training will mitigate such insider threat risks in the near future. Nonetheless, 65 percent of MENA experts, 67 percent of U.S. experts, and 66 percent of U.K./Europe experts share the view that more skilled cybersecurity experts are needed to effectively manage risks from increasingly complex and sophisticated attacks.
The survey also reveals how IT experts in MENA have had significantly more success in characterizing cybersecurity as a business issue than their counterparts in Europe and the United States. MENA security officers more regularly brief their boards of directors on cybersecurity issues, and more CISOs in the MENA report directly to the CEO.
Within the MENA region, more CISOs in the energy industry are investing in big data analytics (24 percent) than in organizations at large (18 percent). Security officers in the region’s energy sector consider cybercrime as being a larger share of their overall security concerns than other MENA industries.
Despite increasing threats, global security experts for the most part believe their organizations’ cyber security posture will improve in the coming three years, a result of improved technology, awareness, intelligence and other factors.