The service-centric transformation of the cybersecurity industry is proceeding at full speed, with 90 per cent of security requirements expected to be fulfilled through a service model three years from now, according to Help AG.
The first of its kind to focus exclusively on digital security in the Middle East region, Help AG’s annual State of the Market report delivers cybersecurity intelligence across a range of parameters.
These include the top threats over the course of the year, the region’s biggest vulnerabilities, the kinds of attacks and attack vectors that are a cause for concern, the anatomy of high profile breaches, security investment patterns of organisations in the region and where the market is headed in terms of technologies and evolution.
Top threats faced in 2021
- DDoS attacks
DDoS attacks continued their upward trajectory in 2021, with 149,753 attacks detected in the UAE last year, amounting to a 37 per cent YoY increase. This indicates that attackers are strategically targeting UAE organisations, particularly in the government (target of 37 per cent of DDoS attacks), private (34 per cent), healthcare (eight per cent), financial (six per cent), education (five per cent), oil and gas (four per cent), and hospitality (four per cent) sectors.
The attacks continue to increase in scale, with the largest one observed in the UAE last year and measured at 145.9 Gbps. In fact, DDoS attacks with a volume of over 40 Gbps have become the norm in the UAE ever since the pandemic began.
DDoS attacks are also increasing in duration. The longest recorded attack in 2021 lasted for a duration of 44 days and 19 hours, and over 14 per cent of observed DDoS attacks lasted more than 60 minutes.
Additionally, 58 per cent of DDoS attacks observed in the UAE in 2021 were multi-vector in nature, and UDP Flood, IP Fragmentation, and DNS Amplification were found to be the top attack types.
- Ransomware
Ransomware attacks also continued to increase in frequency last year, largely thanks to their high rates of success, which can be attributed to their relative simplicity and their significant, immediate impact on an affected business, as well as the fact that many organisations still end up paying the ransom, thus encouraging threat actors to continue utilising this attack method.
Apart from increasing in number, ransomware attacks are also becoming highly sophisticated as attackers become more professional than ever.
The danger posed by ransomware is being exacerbated by the proliferation of ransomware-as-a-service, which has turned ransomware into a profitable business model wherein ready-made malicious code is sold to cyber attackers.
Top vulnerabilities
The year 2021 saw a 9.3 per cent increase in the total number of detected vulnerabilities, with a total of 18,378 identified as per the NIST national vulnerability database (NVD). The number of vulnerabilities found in core applications also increased, and worryingly, core security controls were found to be missing in most cases.
Medium and low-risk vulnerabilities rose in number, whereas fewer high severity vulnerabilities were detected compared to 2020. In order to help regional businesses stay abreast of discovered vulnerabilities, Help AG released 130 threat advisories throughout 2021, which included recommendations for organisations on how to stay protected.
Cybersecurity trends
- Key areas of investment
There has been a marked increase in investment in locally hosted solutions and services, including security service edge (SSE), private access, DDoS protection and security platforms.
Additionally, Help AG identified hypergrowth in investments into managed cyber defence and OT and IoT security, while there was a significant increase in investments into the IAM/PAM space.
Accelerating digital transformation, service-centric business evolution and adoption of cloud in combination with local regulations and requirements around data residency have created a need for investments into locally hosted cybersecurity solutions and services.
- From cybersecurity to cyber resilience
Normal recovery and business continuity processes are no longer enough. Systems are more interconnected and dependent than ever.
What organisations need in order to stay safe in this environment is to adopt a comprehensive approach to boost business resilience, by embedding cybersecurity from day zero and beyond, and combining preventive, detective, and responsive methods, across the three pillars of people, processes, and technology.
The resilience of governments and economies depends on the collective resilience of the businesses and individuals, and this can be achieved by creating a strong business continuity plan incorporating cybersecurity controls at every step, and having a well-structured incident response and recovery plan in place.
- Service-centric transformation
The past year saw a rapid acceleration toward the service-based cybersecurity model. In fact, Help AG estimates that three years from now, 90 per cent of all cybersecurity requirements will be fulfilled through a service model.
‘Help AG as a Service’ is the culmination of the company’s transition from technology delivery to a service-centric model, which has placed it in the best position to offer the entire lifecycle, from ‘assess’ to ‘defend’ to ‘respond,’ as a service to customers.
Technology trends in 2022
Looking ahead into the coming months, the technologies that will reign supreme come as a direct consequence of attack trends. Secure cloud enablement, application security, identity security, and security service edge will continue to be top priorities in an increasingly digitised and perimeter-less world.
The report also incorporates in-depth insights shared by some of the key representatives from large enterprises and government organisations in the region, who shed light on their cybersecurity strategies and challenges as a microcosm of the larger environment.
Highlights include Nawah Energy Company, which shines a spotlight on the unique security challenges associated with OT environments; Higher Colleges of Technology, which touches on the shift educational institutions are making toward managed services; National Bank of Fujairah, which emphasises the importance of investing in artificial intelligence and machine learning as part of incident detection; the Department of Health in Abu Dhabi, which underline the importance of building security into life-saving medical devices; and Invest Bank, which highlights the main security challenges facing the banking sector, including unencrypted data and insider threats.
Stephan Berner, CEO at Help AG, said: “As the region’s cybersecurity landscape becomes increasingly complex and challenging, our State of the Market report offers an invaluable resource for organisations that are striving to secure their digital roadmap and keep pace with the ever-evolving cyber risks in the distributed age.
“The resilience of governments and economies depends on the collective resilience of businesses and individuals, and through our annual report, Help AG seeks to empower organisations and people with vital insights from our experience and expertise, thus elevating cybersecurity for the entire region.”
