Navigating Emerging Cyber Risks in the MENA Region with a Tech-enabled Approach
As more organizations move to the cloud, security concerns are also intensifying.
Topics
News
- Data Analysts in UAE and Saudi Arabia Embrace AI-Driven Transformation
- CEOs Recognize AI’s Potential but Fear Knowledge Gaps, Study Finds
- Core42 and Qualcomm Unveil AI Playground to Accelerate Adoption in UAE
- Customer Centricity Summit & Awards Explores Brand-Customer Relationships in KSA
- GITEX Global 2024 to Showcase Global Innovation, Investment, and Cybersecurity Trends
- The Perfectly Imperfect Start of Disruptive Innovations
With advancements in AI, quantum computing, and cloud deployment, cybersecurity is at the forefront of challenges in the Middle East and North Africa (MENA) region. According to experts, understanding and evaluating regional vulnerabilities is imperative to grasp the multiplicity of cyber threats better. At the same time, it will require a unified, collaborative approach to ensure a secure digital future.
AI is quickly becoming mainstream as its uses and applications continue to evolve. Despite its many advantages, we all need to approach this new technology with a degree of caution. That, in particular, applies to issues of cybersecurity and AI.
AI is a double-edged sword in cybersecurity. It can offer strong defenses against cyber threats while introducing new vulnerabilities to a company’s infrastructure when in the wrong hands.
AI will Revolutionize Cybersecurity
H.E. Amer Sharaf, CEO of the Cybersecurity Systems and Services Sector at the Dubai Electronic Security Center (DESC), predicts AI will revolutionize cybersecurity in the coming years, improving anomaly detection and integral to automating processes within security operations centers. “Once we get comfortable with how AI benefits us, it will be ingested into our processes, helping to speed up threat detection and response times,” he adds.
While AI holds promise, Sharaf points out that cyber threats will continue to evolve. “Distributed denial-of-service (DDoS) attacks are still going to be a major challenge,” he warns. “These attacks will continue to target infrastructure, but with the right technologies and AI in place, we hope they will become almost invisible within the next few years.” Despite technological advances, DDoS will remain a key threat, requiring ongoing vigilance and innovation from security vendors.
Attacks Growing in Volume and Complexity
Helmut Reisinger, CEO of EMEA & LATAM at Palo Alto Networks, highlights that organizations in the MENA region are experiencing heightened levels of cyber threats, with attacks growing in volume and complexity. “This is partly driven by the rise of AI, which has given cybercriminals a tool of unprecedented power,” he says.
Citing a recent study by IBM Institute for Business Value and Palo Alto Networks, which found that 52% of executives identified complexity as the biggest impediment to their security operations, Reisinger says, “Security fragmentation and complexity are getting in the way of results,” Reisinger adds.
Ransomware and sophisticated malware attacks will continue to be significant threats. Ray Kafity, VP of META at Halcyon, points out that these threats are compounded by the rise of double and triple extortion ransomware campaigns. “These attacks encrypt data and exfiltrate it, using sensitive information for further extortion.”
Kafity adds that sectors like finance, energy, healthcare, and government are prime targets due to their critical nature and potential impact.
The rapid pace at which ransomware attacks mutate is a growing concern for governments and businesses. Sharaf highlights the risks associated with phishing attacks, which serve as entry points for ransomware.
“Phishing attacks continue to be a gateway for cybercriminals to enter systems, leading to data breaches and ransomware attacks,” he says. “Even if organizations pay the ransom, there’s no guarantee they will regain access to their data, and the exposed information could end up on the dark web.”
This reality underscores the importance of robust risk management strategies to forecast evolving threats. Sharaf says organizations must remain agile and track the days since their last attack as a benchmark for cybersecurity vigilance. “Gartner suggests that organizations should have a metric for how many days it’s been since their last attack—whether it’s a DDoS or a data breach,” Sharaf says. “This keeps organizations constantly aware and ready, ensuring they don’t become complacent if there’s been a long period without an attack.”
Cloud Deployments and Security
As more organizations move to the cloud, security concerns are also intensifying. “Multilayered cloud infrastructures present unique vulnerabilities to emerging attacks, including API exploitation, misconfigurations, and supply chain risks,” Reisinger says. “Since up to 80% of security exposures occur in the cloud, organizations must work closely with their security provider to ensure their cloud operations are fully secured.”
João Ricardo Vasconcelos, senior governance specialist in the GovTech Global team at the World Bank, stresses that the World Bank’s work in cloud computing seeks to address three overarching challenges: cybersecurity, data sovereignty, and transparency.
“Cloud computing offers tremendous potential to leapfrog digital divides, but issues such as cybersecurity and data sovereignty must be tackled head-on to ensure sustainable and equitable growth,” Vasconcelos says.
Quantum computing will also pose new challenges in the cybersecurity domain—quantum-resistant cryptography is an emerging concept and threat in the cybersecurity space. “We need to work fast to ensure that cybersecurity systems are prepared when quantum computing becomes a reality,” says Dr. Bushra Al Blooshi, Director of Cybersecurity Governance Risk Management at DESC.
Importance of Platformization
With the rapid rise of AI-driven cybercrime and the complex web of cloud infrastructures, a key part of the solution lies in consolidating security systems. Reisinger emphasizes the importance of platformization—a unified approach that integrates various security functions into a streamlined, data-driven architecture. “Platformization helps tackle the increasing risks from AI-powered cyber threats while overcoming challenges posed by using too many cybersecurity products,” he explains.
Platformization,Reisinger adds, helps integrate AI capabilities with cybersecurity functions, ensuring end-to-end protection for multi-cloud environments and critical infrastructure systems.
According to Kafity, regional organizations must prioritize enhancing cloud security strategies, especially as the sector grows rapidly. “As organizations expand their cloud environments, the complexity and scale of potential vulnerabilities also increase, particularly in multi-cloud setups.”
Kafity adds that organizations must proactively safeguard sensitive data stored in the cloud by ensuring robust security measures.
Collaboration between governments, private sector organizations, and international stakeholders is key to addressing these multi-faceted threats.
As cybersecurity threats grow more sophisticated, it is apparent that both technology and a mindset of constant vigilance will be key to protecting critical systems and data. Sharaf says, “AI will certainly speed up our ability to detect threats and automate processes, but organizations must remain proactive in managing risks and protecting against emerging cyber threats.”
MIT Sloan Management Review Middle East is hosting the GovTech Conclave—a high-level gathering of government leaders, ministry officials, policymakers, and industry experts. This event will explore the latest technological advancements shaping the future of governance. Join the conversation. Register here to be part of the conclave.
