GCC nations spend 66 per cent more than the global average each time there is a data breach, according to a new study, and analysts are issuing a stark warning.
The average cost worldwide of identifying and stopping a data breach is $2.1 million (Dh7.7m), compared to $3.5m typically spent in the GCC, according to researcher Gartner based in the United States.
More than 300 cyber attacks were reported over the last year in the region, at least half a dozen resulting in data breaches.
Cyber attacks can include system slowdowns and operational issues, while a data breach results in stolen information.
“We don’t have the right people here,” said Sam Olyaei, principal research analyst at Gartner.
“Usually three to four security analysts are required to detect such attacks in time but in this region there is an average of zero to one”
Organisations in the Middle East take more time on average to identify and contain a data breach – 260 days compared with Europe's average of 138 days.
[ Exclusive: Alibaba Cloud seeks more Middle East deals with eye on Expo 2020 ]
[ UAE firms must illuminate dark data or miss out on massive opportunity, experts say ]
Industry experts consider the Middle East a vulnerable territory for cyber breaches.
“The Middle East is prime territory for cyber attacks. The geopolitical situation in some parts of the region is quite volatile … exposing those areas to cyber criminals,” said Ray Kafity, vice president of Middle East, Turkey and Africa at Attivo Networks, an American cyber-security defence company.
“This region is rich in minerals and natural resources, making it more prone to industrial espionage attempts. Also, the presence of large number of high net-worth individuals also bring Middle East on the radar of cyber criminals,” said Mr Kafity.
In the face of these risks, the region is increasingly putting cyber-security investment at the forefront, Gartner found, forecasting that Middle East and North Africa's spending on enterprise information security technology and services will reach $1.9 billion next year, an increase of 9.8 per cent over 2018. Enterprise information security constitutes a company's entire security processes and systems.
“Security and risk leaders will see new spending in areas related to cloud security and data security, driven by regulations and an increased awareness among organisations as their needs evolve to address more complex threats,” said Mr Olyaei. “Cloud and data segments are set to achieve the highest growth rates in 2019, at 108 and 18 per cent, respectively.”
As large cloud service providers such as Amazon, Microsoft and Alibaba establish data centres and service clients in the region, the market will continue to see double-digit growth in the future.
Gartner analysts and industry experts provided the latest outlook for the information security industry during the Gartner Security and Risk Management Summit in Dubai yesterday.
The researcher has observed organisations and governments in the Mena adopting digital initiatives in the past few years.
“Digital initiatives are changing how organisations identify, evaluate and confront risk,” said Mr Olyaei.
“CIOs [chief information officers] have had to evolve their traditional cyber-security systems to address the new cybersecurity risks that digital business initiatives introduce.”