Despite increasing budgets and greater-than-ever support from senior management, SecOps teams report persistent silos and meagre capabilities amid an escalating threat landscape
Despite increased commitments from senior management and access to larger budgets, the majority of UAE-based cybersecurity professionals are feeling overwhelmed by the rapid escalation of cyberthreats. This was one of the key findings of a global study commissioned by Trellix, a cybersecurity company on the cutting edge of extended detection and response (XDR).
The study polled 9,000 cybersecurity professionals in organizations with 500 or more employees in 15 countries, including the UAE. 70% of UAE respondents reported that their organization’s cybersecurity investments had increased in the previous year, and two-thirds (67%) reported regular cybersecurity and compliance meetings with senior executives. However, the majority (56%) admitted that threats evolve so quickly that it is difficult to keep up.
The need for change was widely acknowledged among UAE respondents. 57% of respondents stated that their current security model needed to be updated in order to successfully predict, detect, and respond to attacks as they occurred. 13% of those who expressed such concerns described the required updates as “major.”
Despite these gaps in capability, 53% of UAE cybersecurity experts say they are “fighting a losing battle against cybercriminals.” Beyond taxing cybersecurity professionals (54% cited being held back by the limitations of their cybersecurity infrastructure as one of their biggest work frustrations), this cybersecurity gap is affecting UAE organizations’ bottom lines, with 80% admitting that security breaches cost their organization up to 10% of revenue in the previous year.
According to the findings, 60% of UAE SecOps teams are hampered by patchworks of security solutions that have few, if any, integration options. Only one in nine (11%) have managed to eliminate silos and little more than a fifth (22%) are working towards this end. Some 59% are working with more than 10 separate security solutions and 60% decried the lack of efficiency this causes. To make matters worse, one third (67%) of organizations have no plans to rid themselves of silos.
“Siloed security systems hand easy victories to threat actors and make life harder for SecOps teams everywhere,” said Vibin Shaju, General Manager, UAE at Trellix. “And yet many businesses seem prepared to accept siloed security rather than updating their security architecture to connect the dots and enable adaptive security. Nothing changes if nothing changes. Organizations that do not move purposefully towards a more integrated security model are painting a target on their back as an open invitation to cybercriminals.”
In the UAE, 69% of cybersecurity professionals reported dealing with up to 50 cybersecurity incidents per day and 42% characterize their daily routine as being “inundated by a never-ending stream of cyberattacks”. Respondents are plagued by blind spots within their infrastructure, with 27% citing such visibility gaps. Moreover, just over a third (36%) say their security ecosystem does meet their current needs but expressed concerns about their future capabilities if they continue to use the same security suite.
Against this backdrop, one technology that has come to the fore is Extended Detection & Response (XDR). In particular, an open, cloud-native XDR architecture that constantly learns from and adapts to the ever-changing threat landscape, can help organizations eliminate silos and identify threats before they can do harm. More than a fifth (22%) of UAE respondents said they had already implemented XDR, with an additional 41% saying they were exploring the technology for likely implementation in the next 12 to 18 months.
The ability to automate processes and prioritize critical concerns was ranked as one of the most important benefits of XDR technology by 78% of XDR implementors in the UAE. This was not only the top priority for UAE organizations, but the proportion of respondents who mentioned it was significantly higher than the global average, implying that automation and alert triage are of particular interest to UAE enterprises — an understandable finding given the region’s existing cybersecurity skills gaps.
XDR’s ability to detect threats in real time (76%), as well as its ability to deliver operational efficiency by freeing human analysts to pursue higher-value cyber work (37%), compelled UAE companies to implement it. A quarter of UAE XDR implementors were attracted to the technology because of its ability to learn from incidents and adapt to threats, while 38% were impressed by the reduction in response times. 46% said they were likely to recommend that their organization allocate budgets this year to advanced programs that include XDR because of the benefits they had seen.
“This research reveals how unsustainable the situation is for cybersecurity professionals today,” said Aparna Rayasam, chief product officer, Trellix. “Instead of relying on traditional siloed solutions that add complexity, businesses can reshape SecOps with a flexible, intelligent security architecture that consolidates security tools, so teams can work smarter and quickly remediate threats.”