Chief information security officers (Cisos) are encouraged to incorporate more strategic assumptions into their corporate plans in the next few years to keep up with an evolving IT security landscape, a new study from Gartner has found.
While there is "no question" that Cisos and their IT teams should be "laser focused" on the present, the constant threat of cyberattacks and their complexities require foresight to counter them and prevent any disruption in their operations, the US-based research company said on Tuesday.
“They need to make time to look up from their daily challenges and scan the horizon to see what’s coming down the track that might impact their security programmes in the next couple of years," said Richard Addiscott, senior director analyst at Gartner.
Cybersecurity attacks can cause reputational and financial damages to companies. The global average for a data breach in 2022 was $4.35 million, up from $4.24 million the previous year, according to the latest edition of IBM's Cost of a Data Breach report.
Gartner has listed eight cybersecurity trends to look out for in the coming years, noting how this can be achieved and their implications on enterprises and individuals.
Almost half of cybersecurity leaders will change jobs
The demands of keeping up with a changing cybersecurity landscape will take its toll on leaders, with half of them projected to switch jobs and a quarter jumping to entirely different roles by 2025, Gartner said.
This is because the "work stressors" of cybersecurity professionals will rise and become unsustainable, it said. However, this can be countered by organisations providing a work culture that supports their roles.
While Gartner acknowledges that eliminating stress is unrealistic, "people can manage challenging and stressful jobs in cultures where they are supported. Changing the rules of engagement to foster cultural shifts will help".
Expertise at the board level
By 2026, about 70 per cent of company boards are expected to include one member who has cybersecurity expertise, according to Gartner.
This would help an organisation's top brass to have a better understanding of their cybersecurity strategy, which, in turn, would establish a closer relationship to improve trust and support within a company, it said.
"This means not only showing how the cybersecurity programme prevents unfavourable things from happening, but how it improves the enterprise’s ability to take risks effectively," Gartner said.
Human factor to minimise friction and maximise adoption
Through 2027, half of Cisos are expected to formally integrate human-centric design practices into their cybersecurity programmes to reduce operational friction and maximise control adoption.
The aim of this is to minimise the chances of employees taking unsecure actions during work activities, knowing that these actions would increase risk, but did so anyway — with more than 90 per cent admitting to doing so, the study said.
"Human-centric security design is modelled with the individual — not technology, threat or location — as the focus of control design and implementation," it said.
Adherence to privacy standards to be an advantage
Modern regulations on privacy will dominate the majority of consumer data by 2024, Gartner said.
However, less than 10 per cent of companies will have successfully utilised privacy as a competitive advantage, it noted.
Adhering to privacy standards, such as the EU's General Data Protection Regulation, will allow enterprises to use data more broadly, which will differentiate them from competitors and build trust with their customers, partners, investors and regulators, the study said.
Zero-trust model implementations to grow
About 10 per cent of large enterprises are expected to have a comprehensive zero-trust programme in place, up from just 1 per cent at present, to boost their cybersecurity infrastructure, Gartner said.
A zero-trust model, by default, means that a user should trust no one trying to access data and information unless the identity is verified.
"Starting small, an ever-evolving zero-trust mindset makes it easier to better grasp the benefits of a program and manage some of the complexity one step at a time," the research showed.
Will cyberrisk quantification drive decision-making?
By 2025, half of cybersecurity leaders will have tried, unsuccessfully, to use cyberrisk quantification — the measuring of IT and cyberrisk exposure in monetary terms — to drive decision-making within organisations, the study said.
About 62 per cent of quantification adopters cite soft gains in credibility and risk awareness, but only 36 per cent have achieved action-based results, according to Gartner.
"Security leaders should focus firepower on quantification that decision-makers ask for, instead of producing self-directed analyses they have to persuade the business to care about," it said.
More visibility to boost engagement
By 2027, about three quarters of employees will acquire, modify or create technology outside IT’s visibility, up from 41 per cent in 2022, the study said.
[Cisos] need to make time to look up from their daily challenges and scan the horizon to see what’s coming down the track that might impact their security programmes in the next couple of years
Richard Addiscott,
senior director analyst at Gartner
In technology, visibility is the awareness of a network's components and data. Reorganising cybersecurity models to cater to this coming change will be needed, Gartner said.
Enterprises must "think beyond technology and automation to deeply engage with employees to influence decision-making", it said.
Improvements in threat detection
With the increased use of connectivity, software-as-a-service and the cloud, organisations will require systems that have more visibility and constantly monitor security threats.
As such, more than 60 per cent of threat detection, investigation and response capabilities will use exposure management data to validate and prioritise detected threats through 2026, up from less than 5 per cent at present, Gartner said.
"These predictions are a signal flare for some of those things we see emerging and should be considered by any Ciso looking to build an effective and sustainable cybersecurity programme," Mr Addiscott said.
MATCH INFO
Scotland 59 (Tries: Hastings (2), G Horne (3), Turner, Seymour, Barclay, Kinghorn, McInally; Cons: Hastings 8)
Russia 0
THE SPECS
Engine: 4.4-litre V8
Transmission: Automatic
Power: 530bhp
Torque: 750Nm
Price: Dh535,000
On sale: Now
The%20specs
%3Cp%3E%3Cstrong%3EEngine%3A%3C%2Fstrong%3E%204.0-litre%20twin-turbo%20V8%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E680hp%20at%206%2C000rpm%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E800Nm%20at%202%2C750-6%2C000rpm%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3ERear-mounted%20eight-speed%20auto%3Cbr%3E%3Cstrong%3EFuel%20consumption%3A%20%3C%2Fstrong%3E13.6L%2F100km%3Cbr%3E%3Cstrong%3EOn%20sale%3A%3C%2Fstrong%3E%20Orderbook%20open%3B%20deliveries%20start%20end%20of%20year%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh970%2C000%3C%2Fp%3E%0A
Mercer, the investment consulting arm of US services company Marsh & McLennan, expects its wealth division to at least double its assets under management (AUM) in the Middle East as wealth in the region continues to grow despite economic headwinds, a company official said.
Mercer Wealth, which globally has $160 billion in AUM, plans to boost its AUM in the region to $2-$3bn in the next 2-3 years from the present $1bn, said Yasir AbuShaban, a Dubai-based principal with Mercer Wealth.
“Within the next two to three years, we are looking at reaching $2 to $3 billion as a conservative estimate and we do see an opportunity to do so,” said Mr AbuShaban.
Mercer does not directly make investments, but allocates clients’ money they have discretion to, to professional asset managers. They also provide advice to clients.
“We have buying power. We can negotiate on their (client’s) behalf with asset managers to provide them lower fees than they otherwise would have to get on their own,” he added.
Mercer Wealth’s clients include sovereign wealth funds, family offices, and insurance companies among others.
From its office in Dubai, Mercer also looks after Africa, India and Turkey, where they also see opportunity for growth.
Wealth creation in Middle East and Africa (MEA) grew 8.5 per cent to $8.1 trillion last year from $7.5tn in 2015, higher than last year’s global average of 6 per cent and the second-highest growth in a region after Asia-Pacific which grew 9.9 per cent, according to consultancy Boston Consulting Group (BCG). In the region, where wealth grew just 1.9 per cent in 2015 compared with 2014, a pickup in oil prices has helped in wealth generation.
BCG is forecasting MEA wealth will rise to $12tn by 2021, growing at an annual average of 8 per cent.
Drivers of wealth generation in the region will be split evenly between new wealth creation and growth of performance of existing assets, according to BCG.
Another general trend in the region is clients’ looking for a comprehensive approach to investing, according to Mr AbuShaban.
“Institutional investors or some of the families are seeing a slowdown in the available capital they have to invest and in that sense they are looking at optimizing the way they manage their portfolios and making sure they are not investing haphazardly and different parts of their investment are working together,” said Mr AbuShaban.
Some clients also have a higher appetite for risk, given the low interest-rate environment that does not provide enough yield for some institutional investors. These clients are keen to invest in illiquid assets, such as private equity and infrastructure.
“What we have seen is a desire for higher returns in what has been a low-return environment specifically in various fixed income or bonds,” he said.
“In this environment, we have seen a de facto increase in the risk that clients are taking in things like illiquid investments, private equity investments, infrastructure and private debt, those kind of investments were higher illiquidity results in incrementally higher returns.”
The Abu Dhabi Investment Authority, one of the largest sovereign wealth funds, said in its 2016 report that has gradually increased its exposure in direct private equity and private credit transactions, mainly in Asian markets and especially in China and India. The authority’s private equity department focused on structured equities owing to “their defensive characteristics.”
'Munich: The Edge of War'
Director: Christian Schwochow
Starring: George MacKay, Jannis Niewohner, Jeremy Irons
Rating: 3/5
SHAITTAN
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3EVikas%20Bahl%3Cbr%3E%3Cstrong%3EStarring%3A%20%3C%2Fstrong%3EAjay%20Devgn%2C%20R.%20Madhavan%2C%20Jyothika%2C%20Janaki%20Bodiwala%3Cbr%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E3%2F5%3C%2Fp%3E%0A
Timeline
2012-2015
The company offers payments/bribes to win key contracts in the Middle East
May 2017
The UK SFO officially opens investigation into Petrofac’s use of agents, corruption, and potential bribery to secure contracts
September 2021
Petrofac pleads guilty to seven counts of failing to prevent bribery under the UK Bribery Act
October 2021
Court fines Petrofac £77 million for bribery. Former executive receives a two-year suspended sentence
December 2024
Petrofac enters into comprehensive restructuring to strengthen the financial position of the group
May 2025
The High Court of England and Wales approves the company’s restructuring plan
July 2025
The Court of Appeal issues a judgment challenging parts of the restructuring plan
August 2025
Petrofac issues a business update to execute the restructuring and confirms it will appeal the Court of Appeal decision
October 2025
Petrofac loses a major TenneT offshore wind contract worth €13 billion. Holding company files for administration in the UK. Petrofac delisted from the London Stock Exchange
November 2025
180 Petrofac employees laid off in the UAE
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3EName%3A%20%3C%2Fstrong%3ESmartCrowd%0D%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3E2018%0D%3Cbr%3E%3Cstrong%3EFounder%3A%20%3C%2Fstrong%3ESiddiq%20Farid%20and%20Musfique%20Ahmed%0D%3Cbr%3E%3Cstrong%3EBased%3A%20%3C%2Fstrong%3EDubai%0D%3Cbr%3E%3Cstrong%3ESector%3A%20%3C%2Fstrong%3EFinTech%20%2F%20PropTech%0D%3Cbr%3E%3Cstrong%3EInitial%20investment%3A%20%3C%2Fstrong%3E%24650%2C000%0D%3Cbr%3E%3Cstrong%3ECurrent%20number%20of%20staff%3A%3C%2Fstrong%3E%2035%0D%3Cbr%3E%3Cstrong%3EInvestment%20stage%3A%20%3C%2Fstrong%3ESeries%20A%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EVarious%20institutional%20investors%20and%20notable%20angel%20investors%20(500%20MENA%2C%20Shurooq%2C%20Mada%2C%20Seedstar%2C%20Tricap)%3C%2Fp%3E%0A
Libya's Gold
UN Panel of Experts found regime secretly sold a fifth of the country's gold reserves.
The panel’s 2017 report followed a trail to West Africa where large sums of cash and gold were hidden by Abdullah Al Senussi, Qaddafi’s former intelligence chief, in 2011.
Cases filled with cash that was said to amount to $560m in 100 dollar notes, that was kept by a group of Libyans in Ouagadougou, Burkina Faso.
A second stash was said to have been held in Accra, Ghana, inside boxes at the local offices of an international human rights organisation based in France.
The biog
Hobbies: Writing and running
Favourite sport: beach volleyball
Favourite holiday destinations: Turkey and Puerto Rico
