Help AG report report dives deep into the top threats over the past 12 months
Improper configuration and device settings emerged as one of the top risks to organisations in 2022 — KT file
A record high of more than 26,000 vulnerabilities were reported in 2022 identified as per the NIST National Vulnerability Database (NVD).
Improper configuration and device settings emerged as one of the top risks to organisations in 2022, while consistent usage of weak and insecure protocols, especially on externally facing assets such as weak SSL/TLS protocols on web servers, are usually the first target for an attacker to gain a foothold in the network.
These were part of finding revealed in the State of the Market Report 2023 by Help AG, the cybersecurity arm of e& enterprise (formerly Etisalat Digital).
Help AG’s annual State of the Market Report’s third edition, themed around the adage of “Innovate. Automate. Elevate.”, is focused on how organisations across the region can innovate their technology and processes and automate playbooks and operations to ultimately elevate their cybersecurity posture. The report dives deep into the top threats over the past 12 months, the kinds of attacks and attack vectors which are a cause of concern, anatomy of high profile breaches, best practice recommendations, security investment patterns of organisations in the region, uptake rates of new emerging technologies, and, of course, directions on where the market is moving towards in terms of technologies and evolution.
Key areas of investment
With the substantial increase in prices of cybersecurity solutions globally, including some OEMs increasing their prices north of 30 per cent compared to 2021, combined with the fact that the average large organization runs 50-100 different cybersecurity solutions in their estate, Help AG has observed organizations investing and focusing heavily on cybersecurity estate consolidation, utilizing longer term contracts such as Enterprise License Agreements (ELAs)) to ensure better predictability of budgets and reduced complexity.
There has been a marked increase in investment in locally hosted solutions and services. Investments into Security Service Edge (SSE) and OT/IoT security have seen twice the increase in the year, and over 50% growth in DDoS protection investments. Additionally, Managed Cyber Defense has become essential for cyber resilience and compliance, with investment growing 50% YoY and over 100% in Digital Risk Protection and Threat Intelligence.
Service centric business evolution
The services-led cybersecurity approach offers several advantages over a traditional in-house cybersecurity model, including 24x7 access to the best people, processes, and technologies, under a predictable OPEX payment model. Emerging Trends in Cybersecurity as a Service (CaaS) include leveraging Artificial Intelligence (AI) and Machine Learning (ML), greater adoption of Security Service Edge (SSE), Cybersecurity Compliance as a Service, and Incident Response as a Service (IRaaS).
The report spotlights the evolution of the service centric market and how UNIFY, Help AG as a Service 3.0 addresses the top concerns of organizations when it comes to the need for a unified approach to cyber defense.
Top cyber threats
Cybersecurity has become a critical concern for organizations of all sizes in the region. In 2022, the cyber threat landscape was characterized by a growing number of advanced persistent threats (APTs), malware attacks, and cybercrime.
Major risks that organisations faced were often related to human factors, misconfiguration of default credentials, and missing patches.
Ransomware and phishing attacks are both becoming more sophisticated, with attackers using tactics like double extortion to increase pressure on organizations to pay the ransom, and social engineering tactics to trick victims into divulging sensitive information.
DDoS attacks are also becoming more sophisticated and diversified in their forms. The total number of DDoS attacks detected in 2022 exceeded 150,000. DDoS attacks targeting UAE businesses with a volume of over 40Gbps have become the norm, while the max attack volume observed was 238.6 Gbps. Over 61% of DDoS attacks observed were multi-vector attacks, with the top attack types being UDP and DNS Amplification.
Tech trends 2023 & beyond
Integrated Cyber Defence: As threats become increasingly numerous, persistent, and sophisticated, manual alert triage is no longer sufficient. Instead, contextualizing all data points into a single action thread is vital to a comprehensive defense against threats. In response to this, Help AG launched UNIFY, an integrated cyber defense platform serving as the foundation of their cyber defense services, unifying pivotal capabilities like visibility, collaboration, orchestration, and intelligent automation to deliver a seamless customer experience.
Secure Cloud Enablement: As cloud adoption reaches an all-time high and organizations increasingly adopt a microservice architecture, one of the most significant risks they face is cloud insecurity. To ensure a secure cloud posture, organizations must take action to address these risks. This involves identifying and remediating security issues, managing and securing access to cloud resources, and complying with regulations and industry standards.
Security Services Edge (SSE): One of the key considerations while adopting security services at the edge in the Middle East is the growing importance of data privacy and the need for local content inspection.
Stephan Berner (left) and Nicolai Solling. — supplied photos
Organisations look for SSE providers that provide true unification of security consoles, endpoint agents and converged policies; a single point of inspection for all security services; local data residency and compliance with regulations; and a large local partner ecosystem to deliver services ensuring the highest level of support and quick implementation.
Data and Identity Protection: Companies face the challenge of trying to streamline their data protection by safeguarding their sensitive data whilst enabling their employees to work productively and more importantly, maintain company success. On a regional level, UAE, Qatar, Bahrain, Kuwait and KSA have all introduced laws that govern the lawful use of data within their respective countries.
Identity has become the new security perimeter. Adversaries are also reciprocating by targeting identities and gaps in governance. A very strong Identity Governance and Administration (IGA) practice will become a core requirement of security operations, and we can expect to see more focus and more investment in this area in 2023.
Internet of Things Security: IHS forecasted that the IoT market will grow from an installed base of 15.4 billion devices in 2015 to 75.4 billion in 2025. The IoT is the future, and hence, organisations aim to achieve comprehensive visibility and perform asset discovery, creating solid baseline measures for security in IoT devices, including security from the start of IoT project planning, adopting a strong zero-trust strategy, and enabling SecOps to detect, prevent and mitigate security incidents.
Stephan Berner, chief executive officer at Help AG, said: “Cybersecurity is the crucial component of successful digital transformation and needs to be built in from day zero and beyond. Through the State of the Market Report 2023, we enable readers to understand how they can innovate to bring in the best of people, processes, and technologies, automate to enhance agility and improve time to value, and elevate the resilience of their enterprise to thrive in the hyper connected era where experience is of paramount importance and availability needs to be constantly on.”
Nicolai Solling, chief technology officer at Help AG, added: “In a hyperconnected world where threats are becoming more sophisticated and frequent, it is increasingly essential for the public and private sector to work together, sharing knowledge and creating a united front against malicious actors in the digital sphere. Making our State of the Market Report readily available to organizations across the region provides essential intelligence into the state of cybersecurity in the Middle East, arming key players in the industry with the knowledge to protect themselves against cybersecurity threats.”
Somshankar Bandyopadhyay is a News Editor with close to three decades of experience. Currently, he manages the business section, ensuring that the top economic and business news of the day reaches its readers.