I have good news and bad news. The good news is that cyberattacks in the UAE decreased by around 39 per cent during the first seven months of 2018, compared to the same period the previous year. And the bad news? Well, the fact that – despite this notable decrease – cyberattacks did still occur.
Of the 274 cyberattacks reported during the period, according to the Telecommunications Regulatory Authority, 39 were critically harmful.
In today’s pervasive era of data – which determines how we live, work and play – data breaches are expensive affairs, not to forget the emotional toll they take on people who are impacted. With the Internet of Things and Docker containers being deployed at a growing rate across the Middle East, along with the use of cloud, concerns regarding data theft and security breaches assume even more significance.
With the enormous advantages associated with it such as cost savings, efficiency, flexibility and productivity, cloud computing is here to stay. It is the driver of transformational change for businesses, helping them to not only efficiently manage their computing resources, but to also gain a competitive advantage in the long-term.
Supporting the region’s digital transformation vision, there are several path-breaking moves that will further accelerate the shift of businesses to cloud computing, including the opening of Microsoft’s data centres in the UAE – in Dubai and Abu Dhabi.
It is in this context that getting a grip on the cloud and taking a rigorous, unwavering stand to protect tech assets is of utmost importance. Accomplishing this includes ensuring encryption services are fully integrated to protect sensitive data from internal and external threats. So, how can organisations take their data encryption services to the next level? What are the trends that are shaping the region when it comes to encryption?
nCipher Security set out to examine them and the findings are reflected in its 2019 Middle East Encryption Trends Study by the Ponemon Institute.
The overarching finding is that a vast majority of organizations in the Middle East (84 per cent) currently use cloud computing services or plan to do so in the next 12-24 months – highlighting the need for secure data protection solutions to protect against any potential internal or external threats.
Protecting sensitive information
It may come as a surprise that the biggest threat to sensitive data in the Middle East is not posed by traditional ‘hackers’, but by employees – at 67 per cent – ranking higher than the global average of 54 per cent. The second highest threat came from temporary or contract workers at 33 per cent.
Nevertheless, the study also reveals that organizations in the Middle East are embarking on the right course. In fact, in many areas, the region fares better than the global average. Nearly 36 per cent of respondents in the Middle East report that their organization has an overall encryption strategy applied consistently across the entire enterprise, a number that has risen during the past three years. The use of encryption here has also grown faster than any other region for two notable emerging use cases: Docker containers (37 per cent) and IoT devices (31 per cent).
Data discovery is the number one challenge in planning and executing a data encryption strategy in the Middle East – largely due to the explosion and proliferation of data that comes from digital initiatives, mobility, and cloud use. Interestingly, training users to deploy encryption appropriately is regarded as a challenge by regional businesses compared to their peers globally (27 per cent compared to 13 per cent).
Organisations in the region are driven by a need to protect intellectual property (74 per cent) and sensitive information such as customer information (66 per cent) from both internal and external threats as well as accidental disclosure.
Moreover, compared to 32 per cent globally, nearly 40 per cent of the businesses in the region surveyed are leveraging hardware security modules (HSMs) for public cloud encryption. The use of HSMs to protect and manage encryption keys has also increased from 28 per cent last year to 50 per cent – the largest jump anywhere in the world. The study also identified that 76 per cent rate support for both cloud and on-premises deployment as the most important feature associated with encryption solutions.
This stems from the realisation that sensitive information, which increasingly resides in encrypted cloud databases, is only as secure as the underlying encryption keys. HSMs enable organisations to benefit from the flexibility and economy of cloud services while strengthening the security of their key management practices and gaining greater control over their keys.
It is clear the region is making all the right moves towards a more secure cloud. However, it is also important to invest in encryption services as a priority, backed by the support of professionals, to further bring down the rate of cyberattacks and to minimise their brunt.